homeserver/docker-compose/nextcloud/docker-compose.yml.j2

135 lines
5.4 KiB
Text
Raw Normal View History

version: '3.3'
services:
######## Datenbank ########
nextcloud-db:
chore(deps): pin dependencies (#660) This PR contains the following updates: | Package | Update | Change | |---|---|---| | adamboutcher/statping-ng | pinDigest | -> `e32bd2e` | | docker.io/mongo | pinDigest | -> `656781d` | | httpd | pinDigest | -> `5201524` | | joxit/docker-registry-ui | pinDigest | -> `1cf12d4` | | [lscr.io/linuxserver/unifi-network-application](https://github.com/linuxserver/docker-unifi-network-application/packages) ([source](https://github.com/linuxserver/docker-unifi-network-application)) | pinDigest | -> `e673a61` | | mariadb | pinDigest | -> `e22328f` | | nextcloud | pinDigest | -> `4fdf4ee` | | nosduco/nforwardauth | pinDigest | -> `08fdb71` | | [photoprism/photoprism](https://github.com/photoprism/photoprism) | pinDigest | -> `cf45026` | | redis | pinDigest | -> `5372f30` | | [registry](https://github.com/distribution/distribution) | pinDigest | -> `bcece5d` | | registry.mgrote.net/nextcloud-cronjob | pinDigest | -> `9836e31` | | registry.mgrote.net/postfix | pinDigest | -> `8e0b6d8` | | registry.mgrote.net/python-api-server | pinDigest | -> `524c567` | | [traefik](https://github.com/containous/traefik) | pinDigest | -> `c5181dd` | | [woodpeckerci/woodpecker-agent](https://github.com/woodpecker-ci/woodpecker) | pinDigest | -> `b21c89a` | | [woodpeckerci/woodpecker-server](https://github.com/woodpecker-ci/woodpecker) | pinDigest | -> `4717456` | --- > ⚠ **Warning** > > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xNTIuMSIsInVwZGF0ZWRJblZlciI6IjM3LjE1Mi4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIn0=--> Reviewed-on: https://git.mgrote.net/mg/homeserver/pulls/660 Co-authored-by: Renovate Bot <renovate@mgrote.net> Co-committed-by: Renovate Bot <renovate@mgrote.net>
2024-01-26 22:38:41 +01:00
image: "mariadb:10.6.15@sha256:e22328f4d7147c2488d0e104277861be14321b3e39e91df4d90cc9a8aee9c362"
container_name: nextcloud-db
command: --transaction-isolation=READ-COMMITTED --log-bin=ROW --innodb_read_only_compressed=OFF
restart: unless-stopped
volumes:
- /etc/localtime:/etc/localtime:ro
- /etc/timezone:/etc/timezone:ro
- db:/var/lib/mysql
environment:
MYSQL_ROOT_PASSWORD: "{{ lookup('keepass', 'nextcloud_mysql_root_password', 'password') }}"
MYSQL_PASSWORD: "{{ lookup('keepass', 'nextcloud_mysql_password', 'password') }}"
MYSQL_DATABASE: nextcloud
MYSQL_USER: nextcloud
MYSQL_INITDB_SKIP_TZINFO: 1
networks:
- intern
labels:
com.centurylinklabs.watchtower.enable: true
# Error
## [ERROR] Incorrect definition of table mysql.column_stats: expected column 'histogram' at position 10 to have type longblob, found type varbinary(255).
## [ERROR] Incorrect definition of table mysql.column_stats: expected column 'hist_type' at position 9 to have type enum('SINGLE_PREC_HB','DOUBLE_PREC_HB','JSON_HB'), found type enum('SINGLE_PREC_HB','DOUBLE_PREC_HB').
# Fix
## docker exec nextcloud-db mysql nextcloud -p<MySQL-Root-Pw> -e "ALTER TABLE mysql.column_stats MODIFY histogram longblob;"
## docker exec nextcloud-db mysql nextcloud -p<MySQL-Root-Pw> -e "ALTER TABLE mysql.column_stats MODIFY hist_type enum('SINGLE_PREC_HB','DOUBLE_PREC_HB','JSON_HB');"
######## Redis ########
nextcloud-redis:
chore(deps): pin dependencies (#660) This PR contains the following updates: | Package | Update | Change | |---|---|---| | adamboutcher/statping-ng | pinDigest | -> `e32bd2e` | | docker.io/mongo | pinDigest | -> `656781d` | | httpd | pinDigest | -> `5201524` | | joxit/docker-registry-ui | pinDigest | -> `1cf12d4` | | [lscr.io/linuxserver/unifi-network-application](https://github.com/linuxserver/docker-unifi-network-application/packages) ([source](https://github.com/linuxserver/docker-unifi-network-application)) | pinDigest | -> `e673a61` | | mariadb | pinDigest | -> `e22328f` | | nextcloud | pinDigest | -> `4fdf4ee` | | nosduco/nforwardauth | pinDigest | -> `08fdb71` | | [photoprism/photoprism](https://github.com/photoprism/photoprism) | pinDigest | -> `cf45026` | | redis | pinDigest | -> `5372f30` | | [registry](https://github.com/distribution/distribution) | pinDigest | -> `bcece5d` | | registry.mgrote.net/nextcloud-cronjob | pinDigest | -> `9836e31` | | registry.mgrote.net/postfix | pinDigest | -> `8e0b6d8` | | registry.mgrote.net/python-api-server | pinDigest | -> `524c567` | | [traefik](https://github.com/containous/traefik) | pinDigest | -> `c5181dd` | | [woodpeckerci/woodpecker-agent](https://github.com/woodpecker-ci/woodpecker) | pinDigest | -> `b21c89a` | | [woodpeckerci/woodpecker-server](https://github.com/woodpecker-ci/woodpecker) | pinDigest | -> `4717456` | --- > ⚠ **Warning** > > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xNTIuMSIsInVwZGF0ZWRJblZlciI6IjM3LjE1Mi4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIn0=--> Reviewed-on: https://git.mgrote.net/mg/homeserver/pulls/660 Co-authored-by: Renovate Bot <renovate@mgrote.net> Co-committed-by: Renovate Bot <renovate@mgrote.net>
2024-01-26 22:38:41 +01:00
image: "redis:7.0.15@sha256:5372f3076d8e9822ce6ab55f3336b3b0f05c2d6ea927522669b83e10e91d9205"
container_name: nextcloud-redis
hostname: nextcloud-redis
networks:
- intern
restart: unless-stopped
command: "redis-server --requirepass {{ lookup('keepass', 'nextcloud_redis_host_password', 'password') }}"
labels:
com.centurylinklabs.watchtower.enable: true
######## cron ########
nextcloud-cron:
container_name: nextcloud-cron
chore(deps): pin dependencies (#660) This PR contains the following updates: | Package | Update | Change | |---|---|---| | adamboutcher/statping-ng | pinDigest | -> `e32bd2e` | | docker.io/mongo | pinDigest | -> `656781d` | | httpd | pinDigest | -> `5201524` | | joxit/docker-registry-ui | pinDigest | -> `1cf12d4` | | [lscr.io/linuxserver/unifi-network-application](https://github.com/linuxserver/docker-unifi-network-application/packages) ([source](https://github.com/linuxserver/docker-unifi-network-application)) | pinDigest | -> `e673a61` | | mariadb | pinDigest | -> `e22328f` | | nextcloud | pinDigest | -> `4fdf4ee` | | nosduco/nforwardauth | pinDigest | -> `08fdb71` | | [photoprism/photoprism](https://github.com/photoprism/photoprism) | pinDigest | -> `cf45026` | | redis | pinDigest | -> `5372f30` | | [registry](https://github.com/distribution/distribution) | pinDigest | -> `bcece5d` | | registry.mgrote.net/nextcloud-cronjob | pinDigest | -> `9836e31` | | registry.mgrote.net/postfix | pinDigest | -> `8e0b6d8` | | registry.mgrote.net/python-api-server | pinDigest | -> `524c567` | | [traefik](https://github.com/containous/traefik) | pinDigest | -> `c5181dd` | | [woodpeckerci/woodpecker-agent](https://github.com/woodpecker-ci/woodpecker) | pinDigest | -> `b21c89a` | | [woodpeckerci/woodpecker-server](https://github.com/woodpecker-ci/woodpecker) | pinDigest | -> `4717456` | --- > ⚠ **Warning** > > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xNTIuMSIsInVwZGF0ZWRJblZlciI6IjM3LjE1Mi4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIn0=--> Reviewed-on: https://git.mgrote.net/mg/homeserver/pulls/660 Co-authored-by: Renovate Bot <renovate@mgrote.net> Co-committed-by: Renovate Bot <renovate@mgrote.net>
2024-01-26 22:38:41 +01:00
image: "registry.mgrote.net/nextcloud-cronjob:master@sha256:9836e31f1cfed9e60c16d4f5926a8ca89a184e431d0b2ed7ebf4a21706560ec2"
restart: unless-stopped
network_mode: none
depends_on:
- nextcloud-app
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- /etc/localtime:/etc/localtime:ro
environment:
NEXTCLOUD_CONTAINER_NAME: nextcloud-app
NEXTCLOUD_CRON_MINUTE_INTERVAL: 1
labels:
com.centurylinklabs.watchtower.enable: true
######## Nextcloud ########
nextcloud-app:
chore(deps): pin dependencies (#660) This PR contains the following updates: | Package | Update | Change | |---|---|---| | adamboutcher/statping-ng | pinDigest | -> `e32bd2e` | | docker.io/mongo | pinDigest | -> `656781d` | | httpd | pinDigest | -> `5201524` | | joxit/docker-registry-ui | pinDigest | -> `1cf12d4` | | [lscr.io/linuxserver/unifi-network-application](https://github.com/linuxserver/docker-unifi-network-application/packages) ([source](https://github.com/linuxserver/docker-unifi-network-application)) | pinDigest | -> `e673a61` | | mariadb | pinDigest | -> `e22328f` | | nextcloud | pinDigest | -> `4fdf4ee` | | nosduco/nforwardauth | pinDigest | -> `08fdb71` | | [photoprism/photoprism](https://github.com/photoprism/photoprism) | pinDigest | -> `cf45026` | | redis | pinDigest | -> `5372f30` | | [registry](https://github.com/distribution/distribution) | pinDigest | -> `bcece5d` | | registry.mgrote.net/nextcloud-cronjob | pinDigest | -> `9836e31` | | registry.mgrote.net/postfix | pinDigest | -> `8e0b6d8` | | registry.mgrote.net/python-api-server | pinDigest | -> `524c567` | | [traefik](https://github.com/containous/traefik) | pinDigest | -> `c5181dd` | | [woodpeckerci/woodpecker-agent](https://github.com/woodpecker-ci/woodpecker) | pinDigest | -> `b21c89a` | | [woodpeckerci/woodpecker-server](https://github.com/woodpecker-ci/woodpecker) | pinDigest | -> `4717456` | --- > ⚠ **Warning** > > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xNTIuMSIsInVwZGF0ZWRJblZlciI6IjM3LjE1Mi4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIn0=--> Reviewed-on: https://git.mgrote.net/mg/homeserver/pulls/660 Co-authored-by: Renovate Bot <renovate@mgrote.net> Co-committed-by: Renovate Bot <renovate@mgrote.net>
2024-01-26 22:38:41 +01:00
image: "nextcloud:27.1.5@sha256:4fdf4eefe53da7677749d8efeff6bc697da753dd3ce37843385d10498ace5ffe"
container_name: nextcloud-app
restart: unless-stopped
depends_on:
- nextcloud-db
- nextcloud-redis
environment:
REDIS_HOST: nextcloud-redis
REDIS_HOST_PASSWORD: "{{ lookup('keepass', 'nextcloud_redis_host_password', 'password') }}"
MYSQL_DATABASE: nextcloud
MYSQL_USER: nextcloud
MYSQL_PASSWORD: "{{ lookup('keepass', 'nextcloud_mysql_password', 'password') }}"
MYSQL_HOST: nextcloud-db
NEXTCLOUD_TRUSTED_DOMAINS: "nextcloud.mgrote.net"
SMTP_HOST: mail-relay
#SMTP_SECURE: tls
SMTP_PORT: 25
#SMTP_AUTHTYPE: LOGIN
SMTP_NAME: info@mgrote.net
#SMTP_PASSWORD: "{{ lookup('keepass', 'strato_smtp_password', 'password') }}"
MAIL_FROM_ADDRESS: info@mgrote.net
PHP_MEMORY_LIMIT: 1024M
PHP_UPLOAD_LIMIT: 10G
APACHE_DISABLE_REWRITE_IP: 1
TRUSTED_PROXIES: "192.168.48.0/24" # Subnetz in dem sich traefik befindet
volumes:
- app:/var/www/html
- data:/var/www/html/data
networks:
- intern
- traefik
- mail-relay
labels:
com.centurylinklabs.watchtower.enable: true
com.centurylinklabs.watchtower.depends-on: nextcloud-redis,nextcloud-db
traefik.http.routers.nextcloud.rule: Host(`nextcloud.mgrote.net`)
traefik.enable: true
traefik.http.routers.nextcloud.tls: true
traefik.http.routers.nextcloud.tls.certresolver: resolver_letsencrypt
traefik.http.routers.nextcloud.entrypoints: entry_https
traefik.http.services.nextcloud.loadbalancer.server.port: 80
traefik.http.middlewares.nextcloud-webdav.replacepathregex.regex: "^/.well-known/ca(l|rd)dav"
traefik.http.middlewares.nextcloud-webdav.replacepathregex.replacement: "/remote.php/dav/"
traefik.http.middlewares.nextcloud-hsts.headers.stsincludesubdomains: false
traefik.http.middlewares.nextcloud-hsts.headers.stspreload: true
traefik.http.middlewares.nextcloud-hsts.headers.stsseconds: 15552001
traefik.http.middlewares.nextcloud-hsts.headers.isdevelopment: false
traefik.http.routers.nextcloud.middlewares: nextcloud-hsts,nextcloud-webdav
######## Networks ########
networks:
intern:
driver: bridge
traefik:
external: true
mail-relay:
external: true
######## Volumes ########
volumes:
db:
app:
data:
######## Doku ########
# Telefonregion
# docker exec --user www-data nextcloud-app php occ config:system:set default_phone_region --value="DE"
# https://help.nextcloud.com/t/nextcloud-wont-load-any-mixed-content/13565/3
# docker exec --user www-data nextcloud-app php occ config:system:set overwriteprotocol --value="https"
# docker exec --user www-data nextcloud-app php occ config:system:set overwrite.cli.url --value="http://nextcloud.mgrote.net"