sporada/selfhosted-traefik
1
0
Fork 0
Code Issues 2 Pull Requests Projects Releases Wiki Activity
8a6433406d
selfhosted-traefik/nextcloud/docker-compose.yml
sporada d66f34936b Dateien hochladen nach „nextcloud“ 
Add nextcloud service
2021-03-25 14:37:52 +01:00

151 lines
4.7 KiB
YAML
Raw Blame History

version: '3.5'
networks:
default:
external:
name: traefik_default
services:
nextcloud-db:
env_file: live.env
image: mariadb:10
container_name: nextcloud-db
command: --transaction-isolation=READ-COMMITTED --log-bin=ROW
labels:
- "com.centurylinklabs.watchtower.enable=true"
networks:
- default
ports:
- 3306:3306
restart: unless-stopped
volumes:
- /etc/localtime:/etc/localtime:ro
- /etc/timezone:/etc/timezone:ro
- ${NEXTCLOUD_ROOT}/mariadb:/var/lib/mysql
nextcloud-redis:
image: redis:6-alpine
container_name: nextcloud-redis
command: redis-server --requirepass ${REDIS_HOST_PASSWORD}
labels:
- "com.centurylinklabs.watchtower.enable=true"
networks:
- default
restart: unless-stopped
volumes:
- ${NEXTCLOUD_ROOT}/redis:/data
- /etc/localtime:/etc/localtime:ro
- /etc/timezone:/etc/timezone:ro
nextcloud-app:
depends_on:
- nextcloud-db
- nextcloud-redis
container_name: nextcloud-app
env_file: live.env
environment:
- NEXTCLOUD_TRUSTED_DOMAINS='${NEXTCLOUD_FQDN}'
extra_hosts:
- "${NEXTCLOUD_FQDN}:${TRAEFIK_CONTAINER_IP}"
- "${COLLABORA_FQDN}:${TRAEFIK_CONTAINER_IP}"
image: nextcloud:20
labels:
# Watchtower
- "com.centurylinklabs.watchtower.enable=true"
# Routes
- "traefik.enable=true"
- "traefik.http.routers.nextcloud.entrypoints=websecure"
- "traefik.http.routers.nextcloud.rule=Host(`nextcloud.${DOMAIN}`)"
- "traefik.http.routers.nextcloud.tls=true"
- "traefik.http.routers.nextcloud.tls.certresolver=myresolver"
- "traefik.http.services.nextcloud.loadbalancer.server.port=80"
# HSTS and Cal Dav
- "traefik.http.middlewares.nc-rep.redirectregex.regex=https://(.*)/.well-known/(card|cal)dav"
- "traefik.http.middlewares.nc-rep.redirectregex.replacement=https://$$1/remote.php/dav/"
- "traefik.http.middlewares.nc-rep.redirectregex.permanent=true"
- "traefik.http.middlewares.nc-header.headers.referrerPolicy=no-referrer"
- "traefik.http.middlewares.nc-header.headers.stsSeconds=31536000"
- "traefik.http.middlewares.nc-header.headers.forceSTSHeader=true"
- "traefik.http.middlewares.nc-header.headers.stsPreload=true"
- "traefik.http.middlewares.nc-header.headers.stsIncludeSubdomains=true"
- "traefik.http.middlewares.nc-header.headers.browserXssFilter=true"
- "traefik.http.middlewares.nc-header.headers.customRequestHeaders.X-Forwarded-Proto=https"
- "traefik.http.routers.nextcloud.middlewares=nc-rep,nc-header"
networks:
- default
restart: unless-stopped
volumes:
- ${NEXTCLOUD_ROOT}/html:/var/www/html
- ${NEXTCLOUD_ROOT}/data:/srv/nextcloud/data
nextcloud-cron:
image: nextcloud:20
container_name: nextcloud-cron
labels:
- "com.centurylinklabs.watchtower.enable=true"
restart: unless-stopped
volumes:
- ${NEXTCLOUD_ROOT}/html:/var/www/html
- ${NEXTCLOUD_ROOT}/data:/srv/nextcloud/data
entrypoint: /cron.sh
depends_on:
- nextcloud-db
- nextcloud-redis
- nextcloud-collabora
nextcloud-coturn:
image: instrumentisto/coturn
container_name: nextcloud-coturn
restart: unless-stopped
ports:
- "3478:3478/tcp"
- "3478:3478/udp"
networks:
- default
command:
- -n
- --log-file=stdout
- --min-port=49160
- --max-port=49200
- --realm=${NEXTCLOUD_FQDN}
- --use-auth-secret
- --static-auth-secret=${COTURN_SECRET}
nextcloud-collabora:
image: collabora/code:6.4.2.2
container_name: nextcloud-collabora
env_file: live.env
extra_hosts:
- "${NEXTCLOUD_FQDN}:${TRAEFIK_CONTAINER_IP}"
- "${COLLABORA_FQDN}:${TRAEFIK_CONTAINER_IP}"
hostname: collabora.sporada.eu
labels:
# Watchtower
- "com.centurylinklabs.watchtower.enable=true"
# Routes
- "traefik.enable=true"
- "traefik.http.routers.collabora.entrypoints=websecure"
- "traefik.http.routers.collabora.rule=Host(`collabora.${DOMAIN}`)"
- "traefik.http.routers.collabora.tls.certresolver=myresolver"
- "traefik.http.services.collabora.loadbalancer.server.port=9980"
restart: unless-stopped
networks:
- default
ports:
- "9980:9980"
environment:
- domain=${COLLABORA_DOMAIN}
- server_name=${COLLABORA_FQDN}
- username=${COLLABORA_USERNAME}
- password=${COLLABORA_PASSWORD}
- extra_params=--o:ssl.enable=false --o:ssl.termination=true
cap_add:
- MKNOD
volumes:
- /etc/localtime:/etc/localtime:ro
- /etc/timezone:/etc/timezone:ro
- ./collabora/loolwsd.xml:/etc/loolwsd/loolwsd.xml
Reference in New Issue View Git Blame Copy Permalink