2021-05-09 22:07:17 +02:00
|
|
|
version: "3.8"
|
|
|
|
|
|
|
|
services:
|
|
|
|
documentserver:
|
2022-03-20 22:38:44 +01:00
|
|
|
image: onlyoffice/documentserver:7.0.1.37
|
2021-05-09 22:07:17 +02:00
|
|
|
networks:
|
|
|
|
- proxy
|
|
|
|
restart: unless-stopped
|
2021-07-21 17:58:15 +02:00
|
|
|
env_file: secrets/oo.secrets
|
|
|
|
environment:
|
|
|
|
- JWT_ENABLED=true
|
2021-05-09 22:07:17 +02:00
|
|
|
labels:
|
|
|
|
- "traefik.enable=true"
|
|
|
|
- "traefik.http.middlewares.ds-redirect-websecure.redirectscheme.scheme=https"
|
|
|
|
- "traefik.http.routers.ds-http.middlewares=ds-redirect-websecure"
|
|
|
|
- "traefik.http.routers.ds-http.rule=Host(`${OOCN}`)"
|
|
|
|
- "traefik.http.routers.ds-http.entrypoints=web"
|
|
|
|
- "traefik.http.routers.ds-https.rule=Host(`${OOCN}`)"
|
|
|
|
- "traefik.http.routers.ds-https.entrypoints=websecure"
|
|
|
|
- "traefik.http.routers.ds-https.tls=true"
|
|
|
|
- "traefik.http.routers.ds-https.tls.certresolver=myhttpchallenge"
|
|
|
|
- "traefik.http.middlewares.ds-header.headers.customRequestHeaders.X-Forwarded-Proto=https"
|
|
|
|
- "traefik.http.routers.ds-https.middlewares=ds-header"
|
|
|
|
|
|
|
|
redis:
|
|
|
|
image: redis:6.2.1
|
|
|
|
command: ["sh", "-c", "redis-server --requirepass $${REDIS_HOST_PASSWORD}"]
|
|
|
|
restart: unless-stopped
|
|
|
|
env_file: secrets/redis.secrets
|
|
|
|
volumes:
|
|
|
|
- ${DATA_PATH}/redis:/var/lib/redis
|
|
|
|
|
|
|
|
db:
|
|
|
|
image: mariadb:10.5.4
|
|
|
|
command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
|
|
|
|
restart: unless-stopped
|
|
|
|
volumes:
|
|
|
|
- ${DATA_PATH}/my.cnf:/etc/mysql/my.cnf:ro
|
|
|
|
- ${DATA_PATH}/db:/var/lib/mysql
|
2021-05-24 11:48:07 +02:00
|
|
|
env_file: secrets/db.secrets
|
2021-11-10 01:29:40 +01:00
|
|
|
labels:
|
|
|
|
- "co.elastic.logs/module=mysql"
|
2021-05-09 22:07:17 +02:00
|
|
|
|
|
|
|
app:
|
2022-04-19 17:29:59 +02:00
|
|
|
image: nextcloud:22.2.6
|
2021-05-09 22:07:17 +02:00
|
|
|
depends_on:
|
|
|
|
- db
|
|
|
|
- redis
|
|
|
|
networks:
|
|
|
|
- proxy
|
|
|
|
- default
|
|
|
|
expose:
|
|
|
|
- "80"
|
|
|
|
links:
|
|
|
|
- db
|
|
|
|
volumes:
|
|
|
|
- ${DATA_PATH}/app/html:/var/www/html
|
2022-02-24 17:19:14 +01:00
|
|
|
- ${DATA_PATH}/app/skeleton:/var/www/html/gnous-skeleton:ro
|
2021-05-09 22:07:17 +02:00
|
|
|
restart: unless-stopped
|
2021-05-24 11:48:07 +02:00
|
|
|
env_file: secrets/app.secrets
|
2021-05-09 22:07:17 +02:00
|
|
|
environment:
|
|
|
|
- APACHE_DISABLE_REWRITE_IP=1
|
|
|
|
labels:
|
|
|
|
- "traefik.enable=true"
|
|
|
|
- "traefik.docker.network=proxy"
|
|
|
|
- "traefik.http.middlewares.nc-redirect-websecure.redirectscheme.scheme=https"
|
|
|
|
- "traefik.http.routers.nc-http.middlewares=nc-redirect-websecure"
|
|
|
|
- "traefik.http.routers.nc-http.rule=Host(`${NCCN}`,`${SAN1}`)"
|
|
|
|
- "traefik.http.routers.nc-http.entrypoints=web"
|
|
|
|
- "traefik.http.routers.nc-https.rule=Host(`${NCCN}`,`${SAN1}`)"
|
|
|
|
- "traefik.http.routers.nc-https.entrypoints=websecure"
|
|
|
|
- "traefik.http.routers.nc-https.tls=true"
|
|
|
|
- "traefik.http.routers.nc-https.tls.certresolver=myhttpchallenge"
|
|
|
|
- "traefik.http.middlewares.nc-redirectregex.redirectregex.regex=https://(.*)/.well-known/(card|cal)dav"
|
|
|
|
- "traefik.http.middlewares.nc-redirectregex.redirectregex.replacement=https://$${1}/remote.php/dav/"
|
|
|
|
- "traefik.http.middlewares.nc-redirectregex.redirectregex.permanent=true"
|
|
|
|
- "traefik.http.routers.nc-https.middlewares=nc-redirectregex"
|
|
|
|
- "traefik.http.routers.nc-https.middlewares=nc-Header"
|
|
|
|
- "traefik.http.middlewares.nc-Header.headers.stsSeconds=15552000"
|
|
|
|
- "co.elastic.logs/module=apache"
|
|
|
|
- "co.elastic.logs/fileset=access"
|
|
|
|
|
|
|
|
networks:
|
|
|
|
proxy:
|
|
|
|
external: true
|