Dateien hochladen nach „nextcloud“

Add nextcloud service
2021-03-25 14:37:52 +01:00 · 2021-03-25 14:37:52 +01:00 · d66f34936b
commit d66f34936b
parent 6105b70fbf
2 changed files with 179 additions and 0 deletions
--- a/nextcloud/docker-compose.yml
+++ b/nextcloud/docker-compose.yml
@ -0,0 +1,150 @@
+version: '3.5'
+
+networks:
+  default:
+    external:
+      name: traefik_default
+
+services:
+  nextcloud-db:
+    env_file: live.env
+    image: mariadb:10
+    container_name: nextcloud-db
+    command: --transaction-isolation=READ-COMMITTED --log-bin=ROW
+    labels:
+      - "com.centurylinklabs.watchtower.enable=true"
+    networks:
+      - default
+    ports:
+      - 3306:3306
+    restart: unless-stopped
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+      - /etc/timezone:/etc/timezone:ro
+      - ${NEXTCLOUD_ROOT}/mariadb:/var/lib/mysql
+
+  nextcloud-redis:
+    image: redis:6-alpine
+    container_name: nextcloud-redis
+    command: redis-server --requirepass ${REDIS_HOST_PASSWORD}
+    labels:
+      - "com.centurylinklabs.watchtower.enable=true"
+    networks:
+      - default
+    restart: unless-stopped
+    volumes:
+      - ${NEXTCLOUD_ROOT}/redis:/data
+      - /etc/localtime:/etc/localtime:ro
+      - /etc/timezone:/etc/timezone:ro
+      
+
+  nextcloud-app:
+    depends_on:
+      - nextcloud-db
+      - nextcloud-redis
+    container_name: nextcloud-app
+    env_file: live.env
+    environment:
+      - NEXTCLOUD_TRUSTED_DOMAINS='${NEXTCLOUD_FQDN}'
+    extra_hosts:
+      - "${NEXTCLOUD_FQDN}:${TRAEFIK_CONTAINER_IP}"
+      - "${COLLABORA_FQDN}:${TRAEFIK_CONTAINER_IP}"
+    image: nextcloud:20
+    labels:
+      # Watchtower
+      - "com.centurylinklabs.watchtower.enable=true"
+      # Routes
+      - "traefik.enable=true"
+      - "traefik.http.routers.nextcloud.entrypoints=websecure"
+      - "traefik.http.routers.nextcloud.rule=Host(`nextcloud.${DOMAIN}`)"
+      - "traefik.http.routers.nextcloud.tls=true"
+      - "traefik.http.routers.nextcloud.tls.certresolver=myresolver"
+      - "traefik.http.services.nextcloud.loadbalancer.server.port=80"
+      # HSTS and Cal Dav
+      - "traefik.http.middlewares.nc-rep.redirectregex.regex=https://(.*)/.well-known/(card|cal)dav"
+      - "traefik.http.middlewares.nc-rep.redirectregex.replacement=https://$$1/remote.php/dav/"
+      - "traefik.http.middlewares.nc-rep.redirectregex.permanent=true"
+      - "traefik.http.middlewares.nc-header.headers.referrerPolicy=no-referrer"
+      - "traefik.http.middlewares.nc-header.headers.stsSeconds=31536000"
+      - "traefik.http.middlewares.nc-header.headers.forceSTSHeader=true"
+      - "traefik.http.middlewares.nc-header.headers.stsPreload=true"
+      - "traefik.http.middlewares.nc-header.headers.stsIncludeSubdomains=true"
+      - "traefik.http.middlewares.nc-header.headers.browserXssFilter=true"
+      - "traefik.http.middlewares.nc-header.headers.customRequestHeaders.X-Forwarded-Proto=https"
+      - "traefik.http.routers.nextcloud.middlewares=nc-rep,nc-header"
+    networks:
+      - default
+    restart: unless-stopped
+    volumes:
+      - ${NEXTCLOUD_ROOT}/html:/var/www/html
+      - ${NEXTCLOUD_ROOT}/data:/srv/nextcloud/data
+
+  nextcloud-cron:
+    image: nextcloud:20
+    container_name: nextcloud-cron
+    labels:
+      - "com.centurylinklabs.watchtower.enable=true"
+    restart: unless-stopped
+    volumes:
+      - ${NEXTCLOUD_ROOT}/html:/var/www/html
+      - ${NEXTCLOUD_ROOT}/data:/srv/nextcloud/data
+    entrypoint: /cron.sh
+    depends_on:
+      - nextcloud-db
+      - nextcloud-redis
+      - nextcloud-collabora
+
+  nextcloud-coturn:
+      image: instrumentisto/coturn
+      container_name: nextcloud-coturn
+      restart: unless-stopped
+      ports:
+       - "3478:3478/tcp"
+       - "3478:3478/udp"
+      networks:
+        - default
+      command:
+        - -n
+        - --log-file=stdout
+        - --min-port=49160
+        - --max-port=49200
+        - --realm=${NEXTCLOUD_FQDN}
+        - --use-auth-secret
+        - --static-auth-secret=${COTURN_SECRET}
+
+  nextcloud-collabora:
+    image: collabora/code:6.4.2.2
+    container_name: nextcloud-collabora
+    env_file: live.env
+    extra_hosts:
+      - "${NEXTCLOUD_FQDN}:${TRAEFIK_CONTAINER_IP}"
+      - "${COLLABORA_FQDN}:${TRAEFIK_CONTAINER_IP}"
+    hostname: collabora.sporada.eu
+    labels:
+      # Watchtower
+      - "com.centurylinklabs.watchtower.enable=true"
+      # Routes
+      - "traefik.enable=true"
+      - "traefik.http.routers.collabora.entrypoints=websecure"
+      - "traefik.http.routers.collabora.rule=Host(`collabora.${DOMAIN}`)"
+      - "traefik.http.routers.collabora.tls.certresolver=myresolver"
+      - "traefik.http.services.collabora.loadbalancer.server.port=9980"
+    restart: unless-stopped
+    networks:
+      - default
+    ports:
+      - "9980:9980"
+    environment:
+      - domain=${COLLABORA_DOMAIN}
+      - server_name=${COLLABORA_FQDN}
+      - username=${COLLABORA_USERNAME}
+      - password=${COLLABORA_PASSWORD}
+      - extra_params=--o:ssl.enable=false --o:ssl.termination=true
+    cap_add:
+      - MKNOD
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+      - /etc/timezone:/etc/timezone:ro
+      - ./collabora/loolwsd.xml:/etc/loolwsd/loolwsd.xml
+  
+  
--- a/nextcloud/live.env.tpl
+++ b/nextcloud/live.env.tpl
@ -0,0 +1,29 @@
+# MariaDB settings
+MYSQL_ROOT_PASSWORD=password_db_root
+MYSQL_DATABASE=nextcloud
+MYSQL_USER=nextcloud
+MYSQL_PASSWORD=password_db
+MYSQL_INITDB_SKIP_TZINFO=1
+MYSQL_HOST=nextcloud-db
+
+# Redis
+REDIS_HOST=nextcloud-redis
+REDIS_HOST_PASSWORD=password_redis
+
+# Nextcloud
+NEXTCLOUD_ROOT=/home/compute/services/nextcloud
+NEXTCLOUD_DATA_DIR=/srv/nextcloud/data
+NEXTCLOUD_FQDN=your_nextcloud_sub_domain.domain.com
+# This is the IP of the Trafik container. This changes if the traefik container restarts. If it is not the current traefik container IP collabora does not work. Check the current traefik container IP with: docker inspect traefik and get the IP from the Networks -> traefik_default -> IPAddress section
+TRAEFIK_CONTAINER_IP=172.27.0.16
+
+# Collabora
+COLLABORA_FQDN=collabora.domain.com
+COLLABORA_DOMAIN=nextcloud_sub_domain\\.domain\\.com # This is the domain which the collabora server is requests accepting from.
+COLLABORA_USERNAME=username
+COLLABORA_PASSWORD=password_collabora
+
+# COTURN
+COTURN_SECRET=password_coturn
+# Traefik
+DOMAIN=domain.com