diff --git a/stacks/nextcloud/docker-compose.yml b/stacks/nextcloud/docker-compose.yml index f47df94..b85cf8c 100644 --- a/stacks/nextcloud/docker-compose.yml +++ b/stacks/nextcloud/docker-compose.yml @@ -1,145 +1,66 @@ -version: '3.8' - -networks: - nextcloud: - -volumes: - files: - driver: local - driver_opts: - type: cifs - device: //ws22-fs.taudris.com/Resilient/Nextcloud/files - #credentials=/root/.smbcredentials-transmission,_netdev,dir_mode=0777,file_mode=0777,iocharset=utf8,relatime,cache=loose,vers=3.1.1,noauto,x-systemd.automount,x-systemd.idle-timeout=30 0 0 - #o: "addr=ws22-fs.taudris.com,username=nextcloud,password=ZcdokLjERGSbwc8XDM72oTT6t7b5VxwavsxEE8RT7VGMAWjExQy6zVUB5xzK6Vj9,_netdev,dir_mode=0777,file_mode=0777,iocharset=utf8,relatime,vers=3.1.1,noauto,x-systemd.automount,x-systemd.idle-timeout=30" - #o: addr=ws22-fs.taudris.com,username=nextcloud,password=ZcdokLjERGSbwc8XDM72oTT6t7b5VxwavsxEE8RT7VGMAWjExQy6zVUB5xzK6Vj9,_netdev,dir_mode=0777,file_mode=0777,iocharset=utf8,relatime,vers=3.1.1 - o: addr=ws22-fs.taudris.com,username=nextcloud,password=ZcdokLjERGSbwc8XDM72oTT6t7b5VxwavsxEE8RT7VGMAWjExQy6zVUB5xzK6Vj9,iocharset=utf8,relatime,vers=3.1.1,dir_mode=0770,file_mode=0770,rw,uid=1002,gid=1002,noauto,x-systemd.idle-timeout=30 - redis_data: - driver: local - driver_opts: - type: cifs - device: //ws22-fs.taudris.com/Resilient/Nextcloud/redis - o: addr=ws22-fs.taudris.com,username=nextcloud,password=ZcdokLjERGSbwc8XDM72oTT6t7b5VxwavsxEE8RT7VGMAWjExQy6zVUB5xzK6Vj9,iocharset=utf8,relatime,vers=3.1.1,dir_mode=0770,file_mode=0770,rw,uid=1002,gid=1002 - storage: - driver: local - driver_opts: - type: cifs - device: //ws22-fs.taudris.com/Resilient/Nextcloud/storage - o: addr=ws22-fs.taudris.com,username=nextcloud,password=ZcdokLjERGSbwc8XDM72oTT6t7b5VxwavsxEE8RT7VGMAWjExQy6zVUB5xzK6Vj9,iocharset=utf8,relatime,vers=3.1.1,dir_mode=0770,file_mode=0770,rw,uid=1002,gid=1002 - cron-scripts: - driver: local - driver_opts: - type: cifs - device: //ws22-fs.taudris.com/Resilient/Nextcloud/cron-scripts - o: addr=ws22-fs.taudris.com,username=nextcloud,password=ZcdokLjERGSbwc8XDM72oTT6t7b5VxwavsxEE8RT7VGMAWjExQy6zVUB5xzK6Vj9,iocharset=utf8,relatime,vers=3.1.1,dir_mode=0770,file_mode=0770,rw,uid=1002,gid=1002 - services: - app: - image: nextcloud:stable-apache + nextcloud-aio-mastercontainer: + image: nextcloud/all-in-one:latest + init: true restart: always - networks: - nextcloud: - aliases: - - nextcloud.taudris.com + container_name: nextcloud-aio-mastercontainer # This line is not allowed to be changed as otherwise AIO will not work correctly + volumes: + - nextcloud_aio_mastercontainer:/mnt/docker-aio-config # This line is not allowed to be changed as otherwise the built-in backup solution will not work + - /var/run/docker.sock:/var/run/docker.sock:ro # May be changed on macOS, Windows or docker rootless. See the applicable documentation. If adjusting, don't forget to also set 'WATCHTOWER_DOCKER_SOCKET_PATH'! ports: - - 7980:80 - user: 1002:1002 #set to match the user that has permission to the volumes - volumes: - - files:/var/www/html:rw - - storage:/storage:rw - - /etc/localtime:/etc/localtime:ro - environment: - OVERWRITEPROTOCOL: https - NEXTCLOUD_TRUSTED_DOMAINS: nextcloud.taudris.com - NEXTCLOUD_DATA_DIR: /storage - NEXTCLOUD_ADMIN_PASSWORD: u8KXCqiZcVBUVr2Wa7EpkuDKPs8KYLb8uFNu3nfBQrxPx3ybUypgDkUVZP3E5v4T - POSTGRES_HOST: db - POSTGRES_DB: nextcloud - POSTGRES_USER: nextcloud - POSTGRES_PASSWORD: qe8S4GioPRS2AZWwqLejzoEDNhGsJMrij6TJ4bXxC2XkfvjxNKoqKktvrHEcER6k - REDIS_HOST: redis - REDIS_HOST_PASSWORD: rYGNbjKkbKjALePfGDyLZ6uNp2UD3U4dGf4SZyL5iWqz3nexdko2HdS9vqDMRWVP - depends_on: - - db - - redis + - 80:80 # Can be removed when running behind a web server or reverse proxy (like Apache, Nginx, Cloudflare Tunnel and else). See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md + - 8080:8080 + - 8443:8443 # Can be removed when running behind a web server or reverse proxy (like Apache, Nginx, Cloudflare Tunnel and else). See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md + # environment: # Is needed when using any of the options below + # - AIO_DISABLE_BACKUP_SECTION=false # Setting this to true allows to hide the backup section in the AIO interface. See https://github.com/nextcloud/all-in-one#how-to-disable-the-backup-section + # - APACHE_PORT=11000 # Is needed when running behind a web server or reverse proxy (like Apache, Nginx, Cloudflare Tunnel and else). See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md + # - APACHE_IP_BINDING=127.0.0.1 # Should be set when running behind a web server or reverse proxy (like Apache, Nginx, Cloudflare Tunnel and else) that is running on the same host. See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md + # - BORG_RETENTION_POLICY=--keep-within=7d --keep-weekly=4 --keep-monthly=6 # Allows to adjust borgs retention policy. See https://github.com/nextcloud/all-in-one#how-to-adjust-borgs-retention-policy + # - COLLABORA_SECCOMP_DISABLED=false # Setting this to true allows to disable Collabora's Seccomp feature. See https://github.com/nextcloud/all-in-one#how-to-disable-collaboras-seccomp-feature + # - NEXTCLOUD_DATADIR=/mnt/ncdata # Allows to set the host directory for Nextcloud's datadir. ⚠️⚠️⚠️ Warning: do not set or adjust this value after the initial Nextcloud installation is done! See https://github.com/nextcloud/all-in-one#how-to-change-the-default-location-of-nextclouds-datadir + # - NEXTCLOUD_MOUNT=/mnt/ # Allows the Nextcloud container to access the chosen directory on the host. See https://github.com/nextcloud/all-in-one#how-to-allow-the-nextcloud-container-to-access-directories-on-the-host + # - NEXTCLOUD_UPLOAD_LIMIT=10G # Can be adjusted if you need more. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-upload-limit-for-nextcloud + # - NEXTCLOUD_MAX_TIME=3600 # Can be adjusted if you need more. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-max-execution-time-for-nextcloud + # - NEXTCLOUD_MEMORY_LIMIT=512M # Can be adjusted if you need more. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-php-memory-limit-for-nextcloud + # - NEXTCLOUD_TRUSTED_CACERTS_DIR=/path/to/my/cacerts # CA certificates in this directory will be trusted by the OS of the nexcloud container (Useful e.g. for LDAPS) See See https://github.com/nextcloud/all-in-one#how-to-trust-user-defined-certification-authorities-ca + # - NEXTCLOUD_STARTUP_APPS=deck twofactor_totp tasks calendar contacts notes # Allows to modify the Nextcloud apps that are installed on starting AIO the first time. See https://github.com/nextcloud/all-in-one#how-to-change-the-nextcloud-apps-that-are-installed-on-the-first-startup + # - NEXTCLOUD_ADDITIONAL_APKS=imagemagick # This allows to add additional packages to the Nextcloud container permanently. Default is imagemagick but can be overwritten by modifying this value. See https://github.com/nextcloud/all-in-one#how-to-add-os-packages-permanently-to-the-nextcloud-container + # - NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS=imagick # This allows to add additional php extensions to the Nextcloud container permanently. Default is imagick but can be overwritten by modifying this value. See https://github.com/nextcloud/all-in-one#how-to-add-php-extensions-permanently-to-the-nextcloud-container + # - NEXTCLOUD_ENABLE_DRI_DEVICE=true # This allows to enable the /dev/dri device in the Nextcloud container. ⚠️⚠️⚠️ Warning: this only works if the '/dev/dri' device is present on the host! If it should not exist on your host, don't set this to true as otherwise the Nextcloud container will fail to start! See https://github.com/nextcloud/all-in-one#how-to-enable-hardware-transcoding-for-nextcloud + # - NEXTCLOUD_KEEP_DISABLED_APPS=false # Setting this to true will keep Nextcloud apps that are disabled in the AIO interface and not uninstall them if they should be installed. See https://github.com/nextcloud/all-in-one#how-to-keep-disabled-apps + # - TALK_PORT=3478 # This allows to adjust the port that the talk container is using. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-talk-port + # - WATCHTOWER_DOCKER_SOCKET_PATH=/var/run/docker.sock # Needs to be specified if the docker socket on the host is not located in the default '/var/run/docker.sock'. Otherwise mastercontainer updates will fail. For macos it needs to be '/var/run/docker.sock' + # networks: # Is needed when you want to create the nextcloud-aio network with ipv6-support using this file, see the network config at the bottom of the file + # - nextcloud-aio # Is needed when you want to create the nextcloud-aio network with ipv6-support using this file, see the network config at the bottom of the file + # # Uncomment the following line when using SELinux + # security_opt: ["label:disable"] - cron: - image: rcdailey/nextcloud-cronjob - restart: always - network_mode: none - depends_on: - - app - volumes: - - cron-scripts:/cron-scripts:ro - - /var/run/docker.sock:/var/run/docker.sock:ro - - /etc/localtime:/etc/localtime:ro - environment: - - NEXTCLOUD_CONTAINER_NAME=app - - NEXTCLOUD_PROJECT_NAME=nextcloud - - NEXTCLOUD_EXEC_USER=1002 + # # Optional: Caddy reverse proxy. See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md + # # You can find further examples here: https://github.com/nextcloud/all-in-one/discussions/588 + # caddy: + # image: caddy:alpine + # restart: always + # container_name: caddy + # volumes: + # - ./Caddyfile:/etc/caddy/Caddyfile + # - ./certs:/certs + # - ./config:/config + # - ./data:/data + # - ./sites:/srv + # network_mode: "host" - collabora: - image: collabora/code - restart: always - networks: - nextcloud: -# aliases: -# - collabora.taudris.com - ports: - - 9980:9980 - environment: - username: admin - password: 68gfyjs7s7ZoKHjYWHHEJEXLYcTFpQeb5wHv2cp33UW2vv5VKwjZtCmRrNeuCwAR - domain: 192\\.168\\.11\\.1 - dictionaries: en_US - extra_params: --o:ssl.enable=false --o:ssl.termination=true - server_name: collabora.taudris.com - cert_domain: collabora.taudris.com - volumes: - - /etc/localtime:/etc/localtime:ro - cap_add: - - MKNOD - tty: true +volumes: # If you want to store the data on a different drive, see https://github.com/nextcloud/all-in-one#how-to-store-the-filesinstallation-on-a-separate-drive + nextcloud_aio_mastercontainer: + name: nextcloud_aio_mastercontainer # This line is not allowed to be changed as otherwise the built-in backup solution will not work - db: - image: postgres:15.1 - restart: always - networks: - - nextcloud - volumes: - - /etc/nextcloud/db:/var/lib/postgresql/data:rw - - /etc/localtime:/etc/localtime:ro - environment: - POSTGRES_DB: nextcloud - POSTGRES_USER: nextcloud - POSTGRES_PASSWORD: qe8S4GioPRS2AZWwqLejzoEDNhGsJMrij6TJ4bXxC2XkfvjxNKoqKktvrHEcER6k - - redis: - image: redis - restart: always - command: redis-server --requirepass rYGNbjKkbKjALePfGDyLZ6uNp2UD3U4dGf4SZyL5iWqz3nexdko2HdS9vqDMRWVP - networks: - - nextcloud - volumes: - - redis_data:/data:rw - - /etc/localtime:/etc/localtime:ro - user: 1002:1002 #set to match the user that has permission to the volumes - -# coturn: -# image: instrumentisto/coturn -# restart: always -# network_mode: host -# #networks: -# # - nextcloud -# ports: -# - "3478:3478/tcp" -# - "3478:3478/udp" -# volumes: -# - /etc/localtime:/etc/localtime:ro -# command: -# - -n -# - --log-file=stdout -# - --min-port=49160 -# - --max-port=49200 -# - --realm=nextcloud.taudris.com -# - --use-auth-secret -# - --static-auth-secret=RtoRDRtHjmX8tvRcdvL3ncjPcXK5tWSJD4LYf4hiBYWefdHPk7jWvs5foXtYa7bb +# # Optional: If you need ipv6, follow step 1 and 2 of https://github.com/nextcloud/all-in-one/blob/main/docker-ipv6-support.md first and then uncomment the below config in order to activate ipv6 for the internal nextcloud-aio network. +# # Please make sure to uncomment also the networking lines of the mastercontainer above in order to actually create the network with docker-compose +# networks: +# nextcloud-aio: +# name: nextcloud-aio # This line is not allowed to be changed as otherwise the created network will not be used by the other containers of AIO +# driver: bridge +# enable_ipv6: true +# ipam: +# driver: default +# config: +# - subnet: fd12:3456:789a:2::/64 # IPv6 subnet to use \ No newline at end of file