services: web: image: nginx:stable depends_on: - app volumes: - ${VOLUMES_PATH}/nextcloud/html:/var/www/html:ro - $PWD/nginx.conf:/etc/nginx/nginx.conf:ro restart: unless-stopped networks: - web - nextcloud # healthcheck: # test: curl -sSf 'http://localhost/status.php' | grep '"installed":true' | grep '"maintenance":false' | grep '"needsDbUpgrade":false' || exit 1 # interval: 5s # timeout: 3s labels: - "traefik.enable=true" - "traefik.http.routers.nextcloud.rule=Host(`cloud.${DOMAIN}`)" - "traefik.http.routers.nextcloud.entrypoints=websecure" - "traefik.http.routers.nextcloud.tls.certresolver=netcup" - "traefik.http.routers.nextcloud.tls.options=intermediate@file" - "traefik.http.middlewares.nextcloudHeader.headers.customRequestHeaders.X-Forwarded-Proto=https" - "traefik.http.middlewares.nextcloudHeader.headers.stsSeconds=15552000" - "traefik.http.middlewares.nextcloudHeader.headers.stsIncludeSubdomains=true" - "traefik.http.middlewares.nextcloudHeader.headers.stsPreload=true" - "traefik.http.middlewares.nextcloudHeader.headers.forceSTSHeader=true" - "traefik.http.middlewares.nextcloudHeader.headers.customResponseHeaders.X-Robots-Tag=noindex,nofollow" - "traefik.http.routers.nextcloud.middlewares=nextcloudHeader" - "docker.group=netxtcloud" app: image: nextcloud:${NC_MAIN_VERSION}-fpm-own build: context: ./ args: - NC_MAIN_VERSION=${NC_MAIN_VERSION} volumes: - ${VOLUMES_PATH}/nextcloud/html:/var/www/html - ${VOLUMES_PATH}/nextcloud/data:/var/www/html/data - type: tmpfs target: /tmp restart: unless-stopped networks: - nextcloud environment: - NEXTCLOUD_TRUSTED_DOMAINS=${NEXTCLOUD_TRUSTED_DOMAINS} - MYSQL_HOST=db - MYSQL_PASSWORD=${MYSQL_PASSWORD} - MYSQL_DATABASE=${MYSQL_DATABASE} - MYSQL_USER=${MYSQL_USER} - REDIS_HOST=redis - REDIS_HOST_PASSWORD=${REDIS_HOST_PASSWORD} depends_on: - db - redis labels: - "docker.group=netxtcloud" cron: image: nextcloud:${NC_MAIN_VERSION}-fpm-own build: context: ./ args: - NC_MAIN_VERSION=${NC_MAIN_VERSION} restart: unless-stopped networks: - nextcloud volumes: - ${VOLUMES_PATH}/nextcloud/html:/var/www/html - ${VOLUMES_PATH}/nextcloud/data:/var/www/html/data entrypoint: /cron.sh depends_on: - db - redis labels: - "docker.group=netxtcloud" # notify_push aka Client Push aka High Performance Back-end for Nextcloud File # https://nextcloud.com/blog/nextcloud-faster-than-ever-introducing-files-high-performance-back-end/ push: image: nextcloud:${NC_MAIN_VERSION}-fpm restart: unless-stopped networks: - web - nextcloud volumes: - ${VOLUMES_PATH}/nextcloud/html:/var/www/html:ro - ${VOLUMES_PATH}/nextcloud/data:/var/www/html/data:ro environment: - PORT=7867 - NEXTCLOUD_URL=http://web entrypoint: /var/www/html/custom_apps/notify_push/bin/x86_64/notify_push /var/www/html/config/config.php labels: - "traefik.enable=true" - "traefik.http.routers.ncpush.rule=Host(`cloud.${DOMAIN}`) && PathPrefix(`/push`)" - "traefik.http.routers.ncpush.entrypoints=websecure" - "traefik.http.routers.ncpush.tls.certresolver=netcup" - "traefik.http.routers.ncpush.tls.options=intermediate@file" - "traefik.http.services.ncpush.loadbalancer.server.port=7867" - "traefik.http.routers.ncpush.middlewares=ncpushstrip" - "traefik.http.middlewares.ncpushstrip.stripprefix.prefixes=/push" - "docker.group=proxy" db: image: mariadb:10 command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW --skip-innodb-read-only-compressed volumes: - ${VOLUMES_PATH}/nextcloud/db:/var/lib/mysql restart: unless-stopped environment: - PUID=1000 - PGID=1000 - TZ=Europe/Berlin - MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD} - MYSQL_PASSWORD=${MYSQL_PASSWORD} - MYSQL_DATABASE=${MYSQL_DATABASE} - MYSQL_USER=${MYSQL_USER} - MARIADB_AUTO_UPGRADE=1 logging: driver: "json-file" options: max-size: "200k" max-file: "5" networks: - nextcloud - mariadb healthcheck: test: ["CMD", "mysqladmin" ,"--user" ,"$MYSQL_USER" ,"--password=$MYSQL_PASSWORD" ,"ping" ,"-h" ,"localhost"] interval: 20s timeout: 3s labels: - "docker.group=netxtcloud" # adminer: # image: adminer # restart: unless-stopped # networks: # - web # - mariadb # environment: # - ADMINER_DEFAULT_SERVER=db # - ADMINER_DESIGN=flat # depends_on: # - db # labels: # - "traefik.enable=true" # - "traefik.http.routers.adminer.rule=Host(`adminer.${DOMAIN}`)" # - "traefik.http.routers.adminer.entrypoints=websecure" # - "traefik.http.routers.adminer.tls.certresolver=netcup" # - "traefik.http.routers.adminer.tls.options=intermediate@file" # - "traefik.http.routers.adminer.middlewares=adminerauth" # - "traefik.http.middlewares.adminerauth.basicauth.users=${HTPASSWD_ADMINER}" # - "docker.group=netxtcloud" redis: image: redis restart: unless-stopped command: redis-server --requirepass ${REDIS_HOST_PASSWORD} networks: - nextcloud - monitoring volumes: - ${VOLUMES_PATH}/nextcloud/redis:/data healthcheck: test: ["CMD", "redis-cli", "ping"] interval: 5s timeout: 3s labels: - "docker.group=netxtcloud" collabora: image: collabora/code networks: - nextcloud - web volumes: - /etc/timezone:/etc/timezone - /etc/localtime:/etc/localtime cap_add: - MKNOD expose: - 9980 environment: - domain=cloud.${DOMAIN} - username=${COLLABORA_ADMIN_USER} - password=${COLLABORA_ADMIN_PASSWORD} - "extra_params=--o:ssl.enable=false --o:ssl.termination=true" restart: unless-stopped labels: - "traefik.enable=true" - "traefik.http.routers.collabora.rule=Host(`collabora.${DOMAIN}`)" - "traefik.http.routers.collabora.entrypoints=websecure" - "traefik.http.routers.collabora.tls.certresolver=netcup" - "traefik.http.routers.collabora.tls.options=intermediate@file" - "traefik.http.services.collabora.loadbalancer.server.port=9980" - "docker.group=netxtcloud" drawio-export: image: jgraph/export-server expose: - "8000" networks: - nextcloud volumes: - ${VOLUMES_PATH}/nextcloud/fonts:/usr/share/fonts/drawio restart: unless-stopped labels: - "docker.group=netxtcloud" drawio: image: jgraph/drawio networks: - web - nextcloud depends_on: - drawio-export environment: - VIRTUAL_HOST=drawio.${DOMAIN} - VIRTUAL_PORT=8080 - LETS_ENCRYPT_ENABLED=false - EXPORT_URL=http://drawio-export:8000/ restart: unless-stopped healthcheck: test: curl -f http://localhost:8080 || exit 1 interval: 1m30s timeout: 10s retries: 5 start_period: 20s labels: - "traefik.enable=true" - "traefik.http.routers.drawio.rule=Host(`drawio.${DOMAIN}`)" - "traefik.http.routers.drawio.entrypoints=websecure" - "traefik.http.routers.drawio.tls.certresolver=netcup" - "traefik.http.routers.drawio.tls.options=intermediate@file" - "traefik.http.services.drawio.loadbalancer.server.port=8080" - "docker.group=netxtcloud" networks: web: external: true nextcloud: ipam: config: - subnet: 172.153.0.0/16 # necessary for the notify_push <-> nextcloud traffic mariadb: monitoring: external: true