I am using a Nextcloud docker container for several years on my own NAS to synchronize my files and stay away from dropbox, google drive, etc...

I share this nextcloud installation with some family members and I want to make sure the file upload is going through an antivirus.

Nextcloud comes with an antivirus application. You can install it from the nextcloud interface.

Nextcloud app menu

The nextcloud antivirus app checks the files during the upload using clamav. This works perfectly when Nextclous is running on a server or VM, but adding it to the my nextcloud container is not a good solution.

I looked for a docker version of clamav and found this: https://mko-x.github.io/docker-clamav/

The installation is really straightforward:

docker run -d -p 3310:3310 --name clamav mk0x/docker-clamav

Clamav container will be accessible on port 3310.

Next step is to link your nextcloud container to the clamav container, use the --link flag with your nextcloud container.

--link clamav:av

On my synology NAS I can do it via the GUI:

Nas nextcloud links settings

My clamav container is now known as "av" by the nextcloud container.

Then configure Nextcloud antivirus app to connect to your clamav container: Under Settings > Security.

The host name is the alias "av" declared above

Nextcloud antivirus app configuration

To test your installation, download some EICAR test files. These files are anti malware testfile and will not harm your installation they just contains some virus-like signature.

Upload them to your nextcould system and you should see on your interface something like:

messages when uploading antimalware test files

You can have a look a your clamav container log:

docker logs -f clamav

and would see something like this:

Sat Feb 8 07:28:53 2020 -> instream(172.17.0.8@55906): Clamav.Test.File-7(44d88612fea8a8f36de82e1278abb02f:68) FOUND Sat Feb 8 07:28:53 2020 -> instream(172.17.0.8@55910): Clamav.Test.File-7(44d88612fea8a8f36de82e1278abb02f:68) FOUND Sat Feb 8 07:28:53 2020 -> instream(172.17.0.8@55912): Clamav.Test.File-7(44d88612fea8a8f36de82e1278abb02f:68) FOUND Sat Feb 8 07:28:54 2020 -> instream(172.17.0.8@55936): Clamav.Test.File-7(44d88612fea8a8f36de82e1278abb02f:68) FOUND

The clamav antivirus detects the malware signature of the test files and prevent them to be uploaded.