sambuc/nextcloud
1
0
Fork 0
generated from sambuc/tpl.docker-compose
Code Issues Pull Requests Projects Releases Wiki Activity

Nextcloud config

Browse Source
This commit is contained in:
Lionel Sambuc
2021-04-17 19:52:27 +00:00
parent 6562d7bd3b
commit dfdc8e033f
5 changed files with 167 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored Normal file
View File

@@ -0,0 +1,2 @@
*.env
nextcloud/

27
README.md
View File

@@ -1,2 +1,27 @@
# tpl.docker-compose # Nextcloud
## Requirements
* Docker
* docker-compose
## Quick start
1. Copy the examples and adapt as needed their content:
```sh
cp env.example .env
cp db.env.example db.env
```
2. Start Nextcloud:
```sh
docker-compose up -d
```
3. Add crontab entry:
```
*/5 * * * * docker exec -u www-data cloud_app_1 php cron.php
```

4
db.env.example Normal file
View File

@@ -0,0 +1,4 @@
POSTGRES_DB=nextcloud
POSTGRES_PORT=5432
POSTGRES_USER=postgres
POSTGRES_PASSWORD=postgres

128
docker-compose.yml Normal file
View File

@@ -0,0 +1,128 @@
version: "3.8"
networks:
internal:
internal: true
proxy_home:
external: true
services:
memcache:
image: "redis:6.2-alpine"
restart: always
networks:
- internal
environment:
- REDIS_HOST=memcache
db:
image: "postgres:13.2-alpine"
restart: always
networks:
- internal
volumes:
- "./postgres_data:/var/lib/postgresql/data:rw"
env_file:
- ./db.env
environment:
- POSTGRES_HOST=db
app:
image: "nextcloud:21"
restart: always
networks:
- proxy_home
- internal
# NextCloud issues direct internet calls for plugins!
- default
depends_on:
- db
- memcache
volumes:
- "./nextcloud/:/var/www/html/:rw"
#- "./nextcloud/apps/:/var/www/html/custom_apps/:rw"
#- "./nextcloud/config/:/var/www/html/config/:rw"
#- "./nextcloud/data/:/var/www/html/data/:rw"
env_file:
- ./db.env
environment:
- POSTGRES_HOST=db
- REDIS_HOST=memcache
- APACHE_DISABLE_REWRITE_IP=1
- TRUSTED_PROXIES=${TRUSTED_PROXIES}
- OVERWRITEHOST=${FQDN_CLOUD}
- OVERWRITEPROTOCOL=https
labels:
- "traefik.enable=true"
- "traefik.docker.network=proxy_home"
- "traefik.http.services.nextcloud.loadbalancer.server.port=80"
# MIDDLEWARES
- "traefik.http.middlewares.append-slash.redirectregex.permanent=true"
- "traefik.http.middlewares.append-slash.redirectregex.regex=https://(.*)${DOMAIN_NAME}$$"
- "traefik.http.middlewares.append-slash.redirectregex.replacement=https://$${1}${DOMAIN_NAME}/"
- "traefik.http.middlewares.headers-same-origin.headers.customframeoptionsvalue=SAMEORIGIN"
# CalDAV / CardDAV
- "traefik.http.middlewares.nextcloud-dav.redirectregex.permanent=true"
- "traefik.http.middlewares.nextcloud-dav.redirectregex.regex=https://(.*)/.well-known/(card|cal)dav"
- "traefik.http.middlewares.nextcloud-dav.redirectregex.replacement=https://$${1}/remote.php/dav/"
# Priority goes from first in the list to last.
- "traefik.http.middlewares.nextcloud.chain.middlewares=headers-same-origin,headers-base@file,headers-sts@file,headers-policy-domain@file"
# Pico CMS redirect / rewrite rules
- "traefik.http.middlewares.sites-redirect.redirectregex.permanent=true"
- "traefik.http.middlewares.sites-redirect.redirectregex.regex=^https://${FQDN_SITES}/?$$"
- "traefik.http.middlewares.sites-redirect.redirectregex.replacement=https://${FQDN_HOME}/"
- "traefik.http.middlewares.sites-exceptions.replacepathregex.regex=^/apps/cms_pico/pico/(.*?/)?(custom_)?apps/(.*)$$"
- "traefik.http.middlewares.sites-exceptions.replacepathregex.replacement=/$${2}apps/$${3}"
- "traefik.http.middlewares.sites-path.replacepathregex.regex=^/(.*)$$"
- "traefik.http.middlewares.sites-path.replacepathregex.replacement=/apps/cms_pico/pico/$${1}"
- "traefik.http.middlewares.sites-home-path.replacepathregex.regex=^/(.*)$$"
- "traefik.http.middlewares.sites-home-path.replacepathregex.replacement=/apps/cms_pico/pico/home/$${1}"
- "traefik.http.middlewares.sites-blog-path.replacepathregex.regex=^/(.*)$$"
- "traefik.http.middlewares.sites-blog-path.replacepathregex.replacement=/apps/cms_pico/pico/blog/$${1}"
# Use a chain to guarantee ordering
- "traefik.http.middlewares.sites.chain.middlewares=sites-path,sites-exceptions"
- "traefik.http.middlewares.sites-home.chain.middlewares=sites-home-path,sites-exceptions"
- "traefik.http.middlewares.sites-blog.chain.middlewares=sites-blog-path,sites-exceptions"
# NextCloud
- "traefik.http.routers.nextcloud.service=nextcloud"
- "traefik.http.routers.nextcloud.entrypoints=web-secure"
- "traefik.http.routers.nextcloud.rule=(Host(`${FQDN_CLOUD}`) || Host(`${FQDN_DRIVE}`))"
- "traefik.http.routers.nextcloud.tls=true"
- "traefik.http.routers.nextcloud.tls.certresolver=letsencrypt"
- "traefik.http.routers.nextcloud.middlewares=nextcloud,nextcloud-dav"
# Main site
- "traefik.http.routers.home.service=nextcloud"
- "traefik.http.routers.home.entrypoints=web-secure"
- "traefik.http.routers.home.rule=(Host(`${DOMAIN_NAME}`) || Host(`${FQDN_HOME}`))"
- "traefik.http.routers.home.tls=true"
- "traefik.http.routers.home.tls.certresolver=letsencrypt"
- "traefik.http.routers.home.middlewares=nextcloud,append-slash,sites-home"
# Blog
- "traefik.http.routers.blog.service=nextcloud"
- "traefik.http.routers.blog.entrypoints=web-secure"
- "traefik.http.routers.blog.rule=Host(`${FQDN_BLOG}`)"
- "traefik.http.routers.blog.tls=true"
- "traefik.http.routers.blog.tls.certresolver=letsencrypt"
- "traefik.http.routers.blog.middlewares=nextcloud,append-slash,sites-blog"
# Web sites
- "traefik.http.routers.sites.service=nextcloud"
- "traefik.http.routers.sites.entrypoints=web-secure"
- "traefik.http.routers.sites.rule=Host(`${FQDN_SITES}`)"
- "traefik.http.routers.sites.tls=true"
- "traefik.http.routers.sites.tls.certresolver=letsencrypt"
- "traefik.http.routers.sites.middlewares=nextcloud,sites-redirect,sites"

7
env.example Normal file
View File

@@ -0,0 +1,7 @@
FQDN_CLOUD=cloud.example.net
FQDN_DRIVE=drive.example.net
FQDN_SITES=sites.example.net
FQDN_HOME=www.example.net
FQDN_BLOG=blog.example.net
DOMAIN_NAME=example.net
TRUSTED_PROXIES=192.168.254.0/20