I am using a Nextcloud docker container for several years on my own NAS to synchronize my files and stay away from dropbox, google drive, etc…
I share this nextcloud installation with some family members and I want to make sure the file upload is going through an antivirus.
Nextcloud comes with an antivirus application. You can install it from the nextcloud interface.
The nextcloud antivirus app checks the files during the upload using clamav. This works perfectly when Nextclous is running on a server or VM, but adding it to the my nextcloud container is not a good solution.
I looked for a docker version of clamav and found this: https://mko-x.github.io/docker-clamav/
The installation is really straightforward:
docker run -d -p 3310:3310 --name clamav mk0x/docker-clamav
Clamav container will be accessible on port 3310.
Next step is to link your nextcloud container to the clamav container, use the –link flag with your nextcloud container.
--link clamav:av
On my synology NAS I can do it via the GUI:
My clamav container is now known as “av” by the nextcloud container.
Then configure Nextcloud antivirus app to connect to your clamav container: Under Settings > Security.
The host name is the alias “av” declared above
To test your installation, download some EICAR test files. These files are anti malware testfile and will not harm your installation they just contains some virus-like signature.
Upload them to your nextcould system and you should see on your interface something like:
You can have a look a your clamav container log:
docker logs -f clamav
and would see something like this:
Sat Feb 8 07:28:53 2020 -> instream(172.17.0.8@55906): Clamav.Test.File-7(44d88612fea8a8f36de82e1278abb02f:68) FOUND Sat Feb 8 07:28:53 2020 -> instream(172.17.0.8@55910): Clamav.Test.File-7(44d88612fea8a8f36de82e1278abb02f:68) FOUND Sat Feb 8 07:28:53 2020 -> instream(172.17.0.8@55912): Clamav.Test.File-7(44d88612fea8a8f36de82e1278abb02f:68) FOUND Sat Feb 8 07:28:54 2020 -> instream(172.17.0.8@55936): Clamav.Test.File-7(44d88612fea8a8f36de82e1278abb02f:68) FOUND
The clamav antivirus detects the malware signature of the test files and prevent them to be uploaded.
Very informative post! However, I have two questions:
1. Why is placing the clamav config inside the same docker-compose.yml as nextcloud not a good idea?
2. Clamav needs to link to two containers, the nextcloud ‘app’ and the nextcloud ‘database’, how did you achieve this?
Kind regards,
Khurrum
Hi!
1. yes it would be a good idea.
2. it is possible to do it from the synology docker interface. but ideally you do not link them just just have to make sure all containers are in the same docker network.
Regards
Cédric