HaRP is a specialized reverse proxy system designed to sit between your main web server (like Nginx or Apache) and individual External Apps. While traditional Nextcloud apps are written in PHP and run within the core server process, are standalone microservices—often written in Python, Rust, or Go—that run in their own Docker containers. HaRP serves two primary functions:
Understanding HaRP: The High-Performance Proxy for Nextcloud ExApps
A single HaRP instance can manage multiple Docker engines, making it ideal for complex or distributed infrastructures.
For new Nextcloud deployments, starting with HaRP from day one is the clear recommended path. Whether you're a home user wanting to experiment with local AI models or an enterprise building custom microservices, HaRP provides the foundation you need. harp nextcloud
The combination of HARPs and Nextcloud can enable a range of exciting use cases:
version: '3.8' services: nextcloud: image: nextcloud:stable-apache container_name: nextcloud-core networks: - nextcloud_network volumes: - nextcloud_data:/var/www/html restart: always appapi-harp: image: ghcr.io/nextcloud/nextcloud-appapi-harp:latest container_name: appapi-harp environment: - HP_SHARED_KEY=YourSuperSecureRandomSecretKeyHere # Must match Nextcloud configuration - HP_TRUSTED_PROXY_IPS=172.18.0.0/16 # Enter your local Docker CIDR range volumes: - /var/run/docker.sock:/var/run/docker.sock # Allows managing child containers - harp_certs:/certs # Vital for persistent TLS configurations ports: - "8780:8780" # HaRP Control / HTTP Frontend - "8782:8782" # FRP Tunnel connection port networks: - nextcloud_network restart: always networks: nextcloud_network: driver: bridge volumes: nextcloud_data: harp_certs: Use code with caution. Critical Environment Variables Explained HaRP ? · nextcloud all-in-one · Discussion #7061 - GitHub
We implemented Harp as a Nextcloud app (PHP 8.2) with a companion daemon (Rust) for DAG operations and sync. The Rust component communicates via Unix sockets to avoid blocking PHP-FPM. HaRP is a specialized reverse proxy system designed
By incorporating an embedded FRP server, ExApp containers no longer need to expose ports to the host OS or be directly reachable by the Nextcloud server. The ExApp dials out to HaRP's port 8782 to establish a reverse tunnel. Traffic flows securely through this tunnel, completely eliminating common split-DNS and localized routing errors. Step-by-Step Deployment Guide
HaRP's language-agnostic architecture means you can build ExApps in:
HaRP can route requests from the web interface directly to an ExApp, bypassing the heavy PHP stack and saving system resources How HaRP Works For new Nextcloud deployments, starting with HaRP from
By enabling P2P data transfer, you preserve the governance of Nextcloud while unlocking the raw speed of decentralized networks. Your users won’t notice the difference in the UI—but they will notice that their 50GB file now downloads in minutes instead of hours.
Once your HaRP container is running, you need to register it within Nextcloud. Here's how:
Because Harp compiles preprocessed assets on the fly when a page is requested, it can introduce minor latency under heavy traffic. To maximize performance, place Nginx caching or a reverse proxy cache in front of Harp to serve fully static assets directly from memory. Nextcloud File Locks
Developers have created a virtual filesystem layer where Nextcloud acts as the (knowing what files exist and who owns them), while Harp acts as the data plane (moving the actual bytes).