Add Nextcloud to docker-compose.yml

This commit is contained in:
Kris Lamoureux 2022-11-22 03:27:34 -05:00
parent 91c65abb91
commit 511c26392c
Signed by: kris
GPG Key ID: 3EDA9C3441EDA925
2 changed files with 41 additions and 2 deletions

View File

@ -1,8 +1,10 @@
############### ###############
### Secrets ### ### Secrets ###
############### ###############
# These are sample public passwords not encrypted in Ansible Vault, unlike production
secret: secret:
WORDPRESS_DB_PASSWORD: WPpa55w0rd! WORDPRESS_DB_PASSWORD: WPpa55w0rd!
NEXTCLOUD_MYSQL_PASSWORD: NCpa55w0rd!
TRAEFIK_DREAMHOST_APIKEY: DHap1pa55w0rd! TRAEFIK_DREAMHOST_APIKEY: DHap1pa55w0rd!
############## ##############
@ -17,6 +19,8 @@ docker_users:
databases: databases:
- name: wordpress - name: wordpress
pass: "{{ secret.WORDPRESS_DB_PASSWORD }}" pass: "{{ secret.WORDPRESS_DB_PASSWORD }}"
- name: nextcloud
pass: "{{ secret.NEXTCLOUD_MYSQL_PASSWORD }}"
####################### #######################
### Webserver Stack ### ### Webserver Stack ###
@ -34,7 +38,7 @@ webserver:
TRAEFIK_DEBUG: true TRAEFIK_DEBUG: true
TRAEFIK_ACME_PROVIDER: dreamhost TRAEFIK_ACME_PROVIDER: dreamhost
TRAEFIK_ACME_CASERVER: https://localhost/directory TRAEFIK_ACME_CASERVER: https://localhost/directory
TRAEFIK_ACME_EMAIL: frita@example.org TRAEFIK_ACME_EMAIL: admin@example.org
TRAEFIK_DREAMHOST_APIKEY: "{{ secret.TRAEFIK_DREAMHOST_APIKEY }}" TRAEFIK_DREAMHOST_APIKEY: "{{ secret.TRAEFIK_DREAMHOST_APIKEY }}"
################# #################
@ -46,3 +50,8 @@ webserver:
#WORDPRESS_DB_NAME: wordpress #WORDPRESS_DB_NAME: wordpress
#WORDPRESS_DB_USER: wordpress #WORDPRESS_DB_USER: wordpress
WORDPRESS_DB_PASSWORD: "{{ secret.WORDPRESS_DB_PASSWORD }}" WORDPRESS_DB_PASSWORD: "{{ secret.WORDPRESS_DB_PASSWORD }}"
#################
### Nextcloud ###
#################
NEXTCLOUD_MYSQL_PASSWORD: "{{ secret.NEXTCLOUD_MYSQL_PASSWORD }}"

View File

@ -2,6 +2,7 @@ version: '3.5'
volumes: volumes:
wordpress: wordpress:
nextcloud:
networks: networks:
traefik: traefik:
@ -26,7 +27,7 @@ services:
- --certificatesresolvers.letsencrypt.acme.email=${TRAEFIK_ACME_EMAIL} - --certificatesresolvers.letsencrypt.acme.email=${TRAEFIK_ACME_EMAIL}
- --certificatesresolvers.letsencrypt.acme.storage=/etc/letsencrypt/acme.json - --certificatesresolvers.letsencrypt.acme.storage=/etc/letsencrypt/acme.json
- --certificatesresolvers.letsencrypt.acme.dnschallenge=true - --certificatesresolvers.letsencrypt.acme.dnschallenge=true
- --certificatesresolvers.letsencrypt.acme.dnschallenge.provider=${TRAEFIK_ACME_PROVIDER} - --certificatesresolvers.letsencrypt.acme.dnschallenge.provider=${TRAEFIK_ACME_PROVIDER:-manual}
- --certificatesresolvers.letsencrypt.acme.dnschallenge.delaybeforecheck=0 - --certificatesresolvers.letsencrypt.acme.dnschallenge.delaybeforecheck=0
- --certificatesresolvers.letsencrypt.acme.caserver=${TRAEFIK_ACME_CASERVER:-https://acme-staging-v02.api.letsencrypt.org/directory} - --certificatesresolvers.letsencrypt.acme.caserver=${TRAEFIK_ACME_CASERVER:-https://acme-staging-v02.api.letsencrypt.org/directory}
environment: environment:
@ -78,3 +79,32 @@ services:
- traefik - traefik
extra_hosts: extra_hosts:
- host.docker.internal:host-gateway - host.docker.internal:host-gateway
nextcloud:
image: nextcloud:${NEXTCLOUD_VERSION:-stable}
restart: always
environment:
MYSQL_HOST: ${NEXTCLOUD_MYSQL_HOST:-host.docker.internal:3306}
MYSQL_DATABASE: ${NEXTCLOUD_MYSQL_DATABASE-nextcloud}
MYSQL_USER: ${NEXTCLOUD_MYSQL_USER:-nextcloud}
MYSQL_PASSWORD: ${NEXTCLOUD_MYSQL_PASSWORD}
labels:
traefik.http.routers.nextcloud.rule: "Host(`${NEXTCLOUD_DOMAIN:-cloud.local.freeitathens.org}`)"
traefik.http.routers.nextcloud.entrypoints: websecure
traefik.http.routers.nextcloud.tls: true
traefik.http.routers.nextcloud.tls.certresolver: letsencrypt
traefik.http.routers.nextcloud.tls.domains[0].main: ${TRAEFIK_ACME_DOMAIN_MAIN:-local.freeitathens.org}
traefik.http.routers.nextcloud.tls.domains[0].sans: "${TRAEFIK_ACME_DOMAIN_SANS:-*.local.freeitathens.org}"
traefik.http.services.nextcloud.loadbalancer.server.port: 80
traefik.http.middlewares.nextcloud-webdav.redirectregex.regex: "https://(.*)/.well-known/(card|cal)dav"
traefik.http.middlewares.nextcloud-webdav.redirectregex.replacement: "https://$${1}/remote.php/dav/"
traefik.http.middlewares.nextcloud-webdav.redirectregex.permanent: true
traefik.http.routers.nextcloud.middlewares: nextcloud-webdav
traefik.docker.network: traefik
traefik.enable: ${NEXTCLOUD_WEB_ENABLED:-true}
volumes:
- nextcloud:/var/www/html
networks:
- traefik
extra_hosts:
- host.docker.internal:host-gateway