infrastructure/coreos-config/compose/03_nextcloud/docker-compose.yml

63 lines
2.0 KiB
YAML

version: '2'
services:
db:
image: mariadb:latest
restart: always
command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW --innodb-file-per-table=1 --skip-innodb-read-only-compressed
volumes:
- database:/var/lib/mysql
environment:
- MYSQL_ROOT_PASSWORD={{ nextcloud.db.rootpassword }}
- MYSQL_PASSWORD={{ nextcloud.db.password }}
- MYSQL_DATABASE={{ nextcloud.db.name }}
- MYSQL_USER={{ nextcloud.db.user }}
labels:
- "com.centurylinklabs.watchtower.scope=update"
networks:
- backend
app:
image: registry.tobiasmanske.de/nextcloud:main
restart: always
links:
- db
volumes:
- nc_config:/var/www/html/config
- nc_custom_apps:/var/www/html/custom_apps
- nc_data:/var/www/data
environment:
- MYSQL_PASSWORD={{ nextcloud.db.password }}
- MYSQL_DATABASE={{ nextcloud.db.name }}
- MYSQL_USER={{ nextcloud.db.user }}
- MYSQL_HOST=db
networks:
- backend
- gateway
- default
labels:
- "traefik.enable=true"
- "traefik.http.routers.nextcloud.rule=Host(`wolke.chaoswg.org`)"
- "traefik.http.routers.nextcloud.entryPoints=websecure"
- "traefik.http.services.nextcloud.loadbalancer.server.port=80"
- "traefik.http.middlewares.nextcloud.headers.customrequestheaders.Front-End-Https=on"
- "traefik.http.middlewares.nextcloud.headers.customresponseheaders.Strict-Transport-Security=max-age=15768000; includeSubDomains;"
- "traefik.http.middlewares.nextcloud-dav.replacepathregex.regex=^/.well-known/ca(l|rd)dav"
- "traefik.http.middlewares.nextcloud-dav.replacepathregex.replacement=/remote.php/dav/"
- "traefik.http.middlewares.compression.compress=true"
- "traefik.http.routers.nextcloud.middlewares=nextcloud,nextcloud-dav,compression"
- "com.centurylinklabs.watchtower.scope=update"
volumes:
nc_config:
nc_custom_apps:
nc_data:
database:
networks:
gateway:
external: true
name: gateway
backend:
internal: true