git
b7983b30d3
modified: apps/gramps/docker-compose.yml modified: apps/nextcloud/docker-compose.yml modified: apps/passbolt/docker-compose.yml modified: core/docker-compose.yml modified: default-environment.env modified: monitoring/prometheus/docker-compose.yml
131 lines
4.8 KiB
YAML
131 lines
4.8 KiB
YAML
services:
|
|
nextcloud-webapp:
|
|
# image: nextcloud:production
|
|
profiles: ["apps","all","nextcloud"]
|
|
build:
|
|
context: ${PROJECT_ROOT}/apps/nextcloud
|
|
container_name: nextcloud-webapp
|
|
restart: always
|
|
hostname: nextcloud.lan.ddnsgeek.com
|
|
volumes:
|
|
- ${PROJECT_ROOT}/apps/nextcloud/data:/var/www/html/data:rw
|
|
- ${PROJECT_ROOT}/apps/nextcloud/config:/var/www/html/config:rw
|
|
- type: tmpfs
|
|
target: /tmp:exec
|
|
depends_on:
|
|
- nextcloud-db
|
|
- nextcloud-redis
|
|
environment:
|
|
- MYSQL_PASSWORD=${NEXTCLOUD_MYSQL_PASSWORD}
|
|
- MYSQL_DATABASE=${NEXTCLOUD_MYSQL_DATABASE}
|
|
- MYSQL_USER=${NEXTCLOUD_MYSQL_USER}
|
|
- MYSQL_HOST=${NEXTCLOUD_MYSQL_HOST}
|
|
- NEXTCLOUD_TRUSTED_DOMAINS=${NEXTCLOUD_TRUSTED_DOMAINS}
|
|
- OVERWRITEPROTOCOL=${NEXTCLOUD_OVERWRITEPROTOCOL}
|
|
- OVERWRITECLIURL=${NEXTCLOUD_OVERWRITECLIURL}
|
|
|
|
- SMTP_HOST=${NEXTCLOUD_SMTP_HOST}
|
|
- SMTP_SECURE=${NEXTCLOUD_SMTP_SECURE}
|
|
- SMTP_PORT=${NEXTCLOUD_SMTP_PORT}
|
|
- SMTP_AUTHTYPE=${NEXTCLOUD_SMTP_AUTHTYPE}
|
|
- MAIL_FROM_ADDRESS=${NEXTCLOUD_MAIL_FROM_ADDRESS}
|
|
- MAIL_DOMAIN=${NEXTCLOUD_MAIL_DOMAIN}
|
|
- SMTP_NAME=${NEXTCLOUD_SMTP_NAME}
|
|
- SMTP_PASSWORD=${NEXTCLOUD_SMTP_PASSWORD}
|
|
|
|
- REDIS_HOST=${NEXTCLOUD_REDIS_HOST}
|
|
- REDIS_HOST_PORT=${NEXTCLOUD_REDIS_HOST_PORT}
|
|
- REDIS_HOST_PASSWORD=${NEXTCLOUD_REDIS_HOST_PASSWORD}
|
|
networks:
|
|
- traefik
|
|
- nextcloud
|
|
labels:
|
|
- "traefik.http.routers.nextcloud.rule=Host(`nextcloud.lan.ddnsgeek.com`)"
|
|
- "traefik.enable=true"
|
|
- "traefik.http.routers.nextcloud.entrypoints=websecure"
|
|
- "traefik.http.routers.nextcloud.tls.certresolver=myresolver"
|
|
- "io.portainer.accesscontrol.public"
|
|
- "traefik.http.routers.nextcloud.middlewares=nextcloud-dav, nextcloud-webfinger"
|
|
- "traefik.http.middlewares.nextcloud-dav.replacepathregex.regex=^/.well-known/ca(l|rd)dav"
|
|
- "traefik.http.middlewares.nextcloud-dav.replacepathregex.replacement=/remote.php/dav/"
|
|
- "traefik.http.middlewares.nextcloud-nodeinfo.replacepathregex.regex=^/.well-known/nodeinfo"
|
|
- "traefik.http.middlewares.nextcloud-nodeinfo.replacepathregex.replacement=/nextcloud/index.php/.well-known/nodeinfo/"
|
|
- "traefik.http.middlewares.nextcloud-webfinger.redirectregex.permanent=true"
|
|
- "traefik.http.middlewares.nextcloud-webfinger.redirectregex.regex=https://(.*)/.well-known/webfinger"
|
|
- "traefik.http.middlewares.nextcloud-webfinger.redirectregex.replacement=https://$${1}/nextcloud/index.php/.well-known/webfinger"
|
|
- "traefik.docker.network=core_traefik"
|
|
|
|
healthcheck:
|
|
test:
|
|
- CMD-SHELL
|
|
- >-
|
|
php -r '$$f=@fsockopen("127.0.0.1",80,$$e,$$s,2); if(!$$f) exit(1);
|
|
fwrite($$f,"GET /status.php HTTP/1.0\r\nHost: localhost\r\nConnection: close\r\n\r\n");
|
|
$$o=""; while(!feof($$f)){$$o.=fgets($$f,1024);} fclose($$f);
|
|
if(strpos($$o,"\"installed\":true")===false) exit(1);'
|
|
interval: 30s
|
|
timeout: 5s
|
|
retries: 6
|
|
start_period: 180s
|
|
|
|
|
|
|
|
|
|
nextcloud-db:
|
|
image: mariadb:11.4
|
|
restart: always
|
|
profiles: ["apps","all","nextcloud"]
|
|
container_name: nextcloud-db
|
|
hostname: nextcloud_db
|
|
command: --transaction-isolation=READ-COMMITTED --log-bin=binlog --binlog-format=ROW
|
|
volumes:
|
|
- ${PROJECT_ROOT}/apps/nextcloud/database:/var/lib/mysql:rw
|
|
environment:
|
|
- MYSQL_ROOT_PASSWORD=${NEXTCLOUD_MYSQL_ROOT_PASSWORD}
|
|
- MYSQL_PASSWORD=${NEXTCLOUD_MYSQL_PASSWORD}
|
|
- MYSQL_DATABASE=${NEXTCLOUD_MYSQL_DATABASE}
|
|
- MYSQL_USER=${NEXTCLOUD_MYSQL_USER}
|
|
- MARIADB_AUTO_UPGRADE=${NEXTCLOUD_MARIADB_AUTO_UPGRADE}
|
|
- NEXTCLOUD_ADMIN_USER=${NEXTCLOUD_ADMIN_USER}
|
|
- NEXTCLOUD_ADMIN_PASSWORD=${NEXTCLOUD_ADMIN_PASSWORD}
|
|
networks:
|
|
- nextcloud
|
|
labels:
|
|
- "io.portainer.accesscontrol.public"
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "mariadb-admin ping -u ${NEXTCLOUD_MYSQL_USER} --password=${NEXTCLOUD_MYSQL_PASSWORD} --silent"]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 12
|
|
start_period: 60s
|
|
|
|
|
|
nextcloud-redis:
|
|
image: "redis"
|
|
profiles: ["apps","all","nextcloud"]
|
|
command: ["redis-server", "--requirepass", "${NEXTCLOUD_REDIS_HOST_PASSWORD}", "--appendonly", "yes", "--save", "60", "1000"]
|
|
hostname: redis
|
|
container_name: nextcloud-redis
|
|
environment:
|
|
- REDIS_HOST_PASSWORD=${NEXTCLOUD_REDIS_HOST_PASSWORD}
|
|
volumes:
|
|
- ${PROJECT_ROOT}/apps/nextcloud/data/redis:/data:rw
|
|
restart: always
|
|
networks:
|
|
- nextcloud
|
|
labels:
|
|
- "io.portainer.accesscontrol.public"
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "redis-cli -a ${NEXTCLOUD_REDIS_HOST_PASSWORD} PING | grep -q PONG"]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 6
|
|
start_period: 10s
|
|
|
|
|
|
networks:
|
|
# traefik_reverse_proxy:
|
|
# external: true
|
|
nextcloud:
|
|
# driver: bridge
|