Link

Docker Image

Table of Contents

  1. Prerequisites
  2. Installation
    1. Login to the nextAuth Docker Registry
    2. Set up Docker Compose
    3. Install the Database
    4. Launch Your NAS
    5. Upgrading Your NAS
    6. Troubleshooting
      1. Accessing the Logs
      2. License issues

Prerequisites

A Linux server with docker and docker-compose installed. Please consult the Docker installation guide and Docker Compose installation guide for futher details.

Preferably, the server should be reachable over the internet. We strongly recommend setting up wildcard DNS records (e.g., configure nextauth.mydomain.com and *.nextauth.mydomain.com to point to the IP address of your NAS server).

Note that when running local tests, the mobile device you use for authentication needs to be able to reach this local server.

Installation

Login to the nextAuth Docker Registry

Run the following command as root on the shell of your server to login to the nextAuth Docker Registry. This registry contains the images of the NAS for local installation.

docker login dist.nextauth.com

You will need to enter the credentials you received from nextAuth. Contact support to request new credentials.

Set up Docker Compose

Create a file docker-compose.yml with the following content:

version: '3.4'

services:
    nextauth-redis:
       image: redis
       restart: always

    nextauth-db:
        image: 'mysql:8.0'
        command: '--default-authentication-plugin=mysql_native_password'
        restart: unless-stopped
        environment:
            MYSQL_ROOT_PASSWORD: soRJl7uNksbxTTAb1KWd
            MYSQL_USER: nextauth
            MYSQL_PASSWORD: rKmnY9KyUFdsCi8BcFF7
            MYSQL_DATABASE: nextauth
        volumes:
            - nextauth_db:/var/lib/mysql

    nextauth-portmap:
        image: dist.nextauth.com/nextauth/portmap:latest
        restart: unless-stopped
        depends_on:
            - nextauth
            - nextauth-mgmt
        external_links:
            - nextauth:nextauth
            - nextauth-mgmt:nextauth-mgmt
        ports:
            - 80:80
            - 443:443
        environment:
            NEXTAUTH_WS_URL: https://mysite.com/ws/
            NEXTAUTH_WS_MAP: nextauth:8009
            NEXTAUTH_PROTO_URL: http://mysite.com/n/
            NEXTAUTH_PROTO_MAP: nextauth:8889
            NEXTAUTH_DASHBOARD_URL: https://dashboard.mysite.com/
            NEXTAUTH_DASHBOARD_MAP: nextauth-mgmt:80
            NEXTAUTH_ACCOUNT_URL: https://*.account.mysite.com/
            NEXTAUTH_ACCOUNT_MAP: nextauth-mgmt:81
            NEXTAUTH_IDP_URL: https://*.idp.mysite.com/
            NEXTAUTH_IDP_MAP: nextauth-mgmt:82
            NEXTAUTH_TLS_EMAIL: info@nextauth.com
            ACME_AGREE: 'true'
        volumes:
            - nextauth_portmap:/root/.caddy

    nextauth-mgmt:
        image: dist.nextauth.com/nextauth/mgmt:latest
        restart: always
        depends_on:
            - nextauth-db
            - nextauth
        external_links:
            - nextauth-db:db
            - nextauth:nextauth
        environment:
            NEXTAUTH_ROOT_APIKEY: LXbtnPK7dotjyhyOjqlw

    nextauth:
        image: dist.nextauth.com/nextauth/server:latest
        depends_on:
             - nextauth-db
             - nextauth-redis
        external_links:
            - nextauth-db:db
            - nextauth-redis:redis
        restart: always
        environment:
            NEXTAUTH_DB_GO_DRIVER: mysql
            NEXTAUTH_DB_JAVA_URL: jdbc:mysql://db/nextauth
            NEXTAUTH_DB_JAVA_DRIVER: com.mysql.jdbc.Driver
            NEXTAUTH_DB_USER: nextauth
            NEXTAUTH_DB_PASSWORD: rKmnY9KyUFdsCi8BcFF7
            NEXTAUTH_DB_GO_URL: 'nextauth:rKmnY9KyUFdsCi8BcFF7@tcp(db:3306)/nextauth'
            NEXTAUTH_DB_TEST: 'db:3306'
            NEXTAUTH_REDIS_HOST: redis
            NEXTAUTH_ROOT_APIKEY: LXbtnPK7dotjyhyOjqlw
            NEXTAUTH_LICENSE: <License here>
            NEXTAUTH_DEFAULT_PROTO_URL: http://mysite.com/n/
            NEXTAUTH_DEFAULT_WS_URL: wss://mysite.com/ws/
            NEXTAUTH_DEFAULT_SITE_URL: https://www.mysite.com
            NEXTAUTH_DEFAULT_APP_NAME: nextAuth
            NEXTAUTH_DEFAULT_APP_DISTRIBUTION_ANDROID: https://play.google.com/store/apps/details?id=com.nauth.client
            NEXTAUTH_DEFAULT_APP_DISTRIBUTION_IOS: https://itunes.apple.com/us/app/n-auth/id1176128845

volumes:
    nextauth_db: PATH_TO_NEXTAUTH_DB_VOLUME
    nextauth_portmap: PATH_TO_NEXTAUTH_PORTMAP_VOLUME

Replace all instances of mysite.com in the configuration file by the domain that you configured for nextAuth usage. Replace the database credentials and the root API key with your own values. We recommend generating random values.

Install the Database

Before launching the NAS you need to install the database schema (or upgrade it to the latest version). Run the following command as root in the same folder as your docker-compose.yml:

docker-compose run --rm nextauth upgrade

Launch Your NAS

Now, launch your server:

docker-compose up -d --force-recreate

Point your browser to the URL you configured as NEXTAUTH_DASHBOARD_URL in your docker-compose.yml. You can register a root account for managing your NAS using the nextAuth app.

Upgrading Your NAS

You can upgrade your NAS to the latest version by running the following commands:

docker-compose pull
docker-compose run --rm nextauth upgrade
docker-compose up -d --force-recreate

Troubleshooting

Accessing the Logs

In order to access the logs of the nextauth container, execute the following command in the folder container your docker-compose.yml:

docker-compose logs -f nextauth

License issues

Ensure the value of NEXTAUTH_LICENSE is enclosed in double quotes (") and not in single quotes (').