Dateien hochladen nach „nextcloud“
Add nextcloud service
This commit is contained in:
parent
6105b70fbf
commit
d66f34936b
150
nextcloud/docker-compose.yml
Normal file
150
nextcloud/docker-compose.yml
Normal file
@ -0,0 +1,150 @@
|
||||
version: '3.5'
|
||||
|
||||
networks:
|
||||
default:
|
||||
external:
|
||||
name: traefik_default
|
||||
|
||||
services:
|
||||
nextcloud-db:
|
||||
env_file: live.env
|
||||
image: mariadb:10
|
||||
container_name: nextcloud-db
|
||||
command: --transaction-isolation=READ-COMMITTED --log-bin=ROW
|
||||
labels:
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
networks:
|
||||
- default
|
||||
ports:
|
||||
- 3306:3306
|
||||
restart: unless-stopped
|
||||
volumes:
|
||||
- /etc/localtime:/etc/localtime:ro
|
||||
- /etc/timezone:/etc/timezone:ro
|
||||
- ${NEXTCLOUD_ROOT}/mariadb:/var/lib/mysql
|
||||
|
||||
nextcloud-redis:
|
||||
image: redis:6-alpine
|
||||
container_name: nextcloud-redis
|
||||
command: redis-server --requirepass ${REDIS_HOST_PASSWORD}
|
||||
labels:
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
networks:
|
||||
- default
|
||||
restart: unless-stopped
|
||||
volumes:
|
||||
- ${NEXTCLOUD_ROOT}/redis:/data
|
||||
- /etc/localtime:/etc/localtime:ro
|
||||
- /etc/timezone:/etc/timezone:ro
|
||||
|
||||
|
||||
nextcloud-app:
|
||||
depends_on:
|
||||
- nextcloud-db
|
||||
- nextcloud-redis
|
||||
container_name: nextcloud-app
|
||||
env_file: live.env
|
||||
environment:
|
||||
- NEXTCLOUD_TRUSTED_DOMAINS='${NEXTCLOUD_FQDN}'
|
||||
extra_hosts:
|
||||
- "${NEXTCLOUD_FQDN}:${TRAEFIK_CONTAINER_IP}"
|
||||
- "${COLLABORA_FQDN}:${TRAEFIK_CONTAINER_IP}"
|
||||
image: nextcloud:20
|
||||
labels:
|
||||
# Watchtower
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
# Routes
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.nextcloud.entrypoints=websecure"
|
||||
- "traefik.http.routers.nextcloud.rule=Host(`nextcloud.${DOMAIN}`)"
|
||||
- "traefik.http.routers.nextcloud.tls=true"
|
||||
- "traefik.http.routers.nextcloud.tls.certresolver=myresolver"
|
||||
- "traefik.http.services.nextcloud.loadbalancer.server.port=80"
|
||||
# HSTS and Cal Dav
|
||||
- "traefik.http.middlewares.nc-rep.redirectregex.regex=https://(.*)/.well-known/(card|cal)dav"
|
||||
- "traefik.http.middlewares.nc-rep.redirectregex.replacement=https://$$1/remote.php/dav/"
|
||||
- "traefik.http.middlewares.nc-rep.redirectregex.permanent=true"
|
||||
- "traefik.http.middlewares.nc-header.headers.referrerPolicy=no-referrer"
|
||||
- "traefik.http.middlewares.nc-header.headers.stsSeconds=31536000"
|
||||
- "traefik.http.middlewares.nc-header.headers.forceSTSHeader=true"
|
||||
- "traefik.http.middlewares.nc-header.headers.stsPreload=true"
|
||||
- "traefik.http.middlewares.nc-header.headers.stsIncludeSubdomains=true"
|
||||
- "traefik.http.middlewares.nc-header.headers.browserXssFilter=true"
|
||||
- "traefik.http.middlewares.nc-header.headers.customRequestHeaders.X-Forwarded-Proto=https"
|
||||
- "traefik.http.routers.nextcloud.middlewares=nc-rep,nc-header"
|
||||
networks:
|
||||
- default
|
||||
restart: unless-stopped
|
||||
volumes:
|
||||
- ${NEXTCLOUD_ROOT}/html:/var/www/html
|
||||
- ${NEXTCLOUD_ROOT}/data:/srv/nextcloud/data
|
||||
|
||||
nextcloud-cron:
|
||||
image: nextcloud:20
|
||||
container_name: nextcloud-cron
|
||||
labels:
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
restart: unless-stopped
|
||||
volumes:
|
||||
- ${NEXTCLOUD_ROOT}/html:/var/www/html
|
||||
- ${NEXTCLOUD_ROOT}/data:/srv/nextcloud/data
|
||||
entrypoint: /cron.sh
|
||||
depends_on:
|
||||
- nextcloud-db
|
||||
- nextcloud-redis
|
||||
- nextcloud-collabora
|
||||
|
||||
nextcloud-coturn:
|
||||
image: instrumentisto/coturn
|
||||
container_name: nextcloud-coturn
|
||||
restart: unless-stopped
|
||||
ports:
|
||||
- "3478:3478/tcp"
|
||||
- "3478:3478/udp"
|
||||
networks:
|
||||
- default
|
||||
command:
|
||||
- -n
|
||||
- --log-file=stdout
|
||||
- --min-port=49160
|
||||
- --max-port=49200
|
||||
- --realm=${NEXTCLOUD_FQDN}
|
||||
- --use-auth-secret
|
||||
- --static-auth-secret=${COTURN_SECRET}
|
||||
|
||||
nextcloud-collabora:
|
||||
image: collabora/code:6.4.2.2
|
||||
container_name: nextcloud-collabora
|
||||
env_file: live.env
|
||||
extra_hosts:
|
||||
- "${NEXTCLOUD_FQDN}:${TRAEFIK_CONTAINER_IP}"
|
||||
- "${COLLABORA_FQDN}:${TRAEFIK_CONTAINER_IP}"
|
||||
hostname: collabora.sporada.eu
|
||||
labels:
|
||||
# Watchtower
|
||||
- "com.centurylinklabs.watchtower.enable=true"
|
||||
# Routes
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.collabora.entrypoints=websecure"
|
||||
- "traefik.http.routers.collabora.rule=Host(`collabora.${DOMAIN}`)"
|
||||
- "traefik.http.routers.collabora.tls.certresolver=myresolver"
|
||||
- "traefik.http.services.collabora.loadbalancer.server.port=9980"
|
||||
restart: unless-stopped
|
||||
networks:
|
||||
- default
|
||||
ports:
|
||||
- "9980:9980"
|
||||
environment:
|
||||
- domain=${COLLABORA_DOMAIN}
|
||||
- server_name=${COLLABORA_FQDN}
|
||||
- username=${COLLABORA_USERNAME}
|
||||
- password=${COLLABORA_PASSWORD}
|
||||
- extra_params=--o:ssl.enable=false --o:ssl.termination=true
|
||||
cap_add:
|
||||
- MKNOD
|
||||
volumes:
|
||||
- /etc/localtime:/etc/localtime:ro
|
||||
- /etc/timezone:/etc/timezone:ro
|
||||
- ./collabora/loolwsd.xml:/etc/loolwsd/loolwsd.xml
|
||||
|
||||
|
29
nextcloud/live.env.tpl
Normal file
29
nextcloud/live.env.tpl
Normal file
@ -0,0 +1,29 @@
|
||||
# MariaDB settings
|
||||
MYSQL_ROOT_PASSWORD=password_db_root
|
||||
MYSQL_DATABASE=nextcloud
|
||||
MYSQL_USER=nextcloud
|
||||
MYSQL_PASSWORD=password_db
|
||||
MYSQL_INITDB_SKIP_TZINFO=1
|
||||
MYSQL_HOST=nextcloud-db
|
||||
|
||||
# Redis
|
||||
REDIS_HOST=nextcloud-redis
|
||||
REDIS_HOST_PASSWORD=password_redis
|
||||
|
||||
# Nextcloud
|
||||
NEXTCLOUD_ROOT=/home/compute/services/nextcloud
|
||||
NEXTCLOUD_DATA_DIR=/srv/nextcloud/data
|
||||
NEXTCLOUD_FQDN=your_nextcloud_sub_domain.domain.com
|
||||
# This is the IP of the Trafik container. This changes if the traefik container restarts. If it is not the current traefik container IP collabora does not work. Check the current traefik container IP with: docker inspect traefik and get the IP from the Networks -> traefik_default -> IPAddress section
|
||||
TRAEFIK_CONTAINER_IP=172.27.0.16
|
||||
|
||||
# Collabora
|
||||
COLLABORA_FQDN=collabora.domain.com
|
||||
COLLABORA_DOMAIN=nextcloud_sub_domain\\.domain\\.com # This is the domain which the collabora server is requests accepting from.
|
||||
COLLABORA_USERNAME=username
|
||||
COLLABORA_PASSWORD=password_collabora
|
||||
|
||||
# COTURN
|
||||
COTURN_SECRET=password_coturn
|
||||
# Traefik
|
||||
DOMAIN=domain.com
|
Loading…
x
Reference in New Issue
Block a user