1 changed files with 39 additions and 58 deletions
--- a/nextcloud-collabora.md
+++ b/nextcloud-collabora.md
@ -2,7 +2,7 @@
 title: Nextcloud & Collabora
 description: How to configure a properly working setup using Traefik
 published: true
-date: 2020-05-07T11:33:22.135Z
+date: 2020-04-30T19:21:45.022Z
 tags: 
 ---

@ -10,91 +10,69 @@ tags:

 Our setup relies heavily on `traefik` and won't work without it. See our traefik configuration page on how to prepare your system to accept this configuration.

+> This configuration hasn't been updated to Traefik v2 yet
+{.is-warning}
+
+
 # docker-compose.yml

 ```
-version: '3'
+version: '3.7'

 services:

-  nginx:
-    image: nginx:alpine
-    restart: unless-stopped
-    volumes:
-      - ./nginx.conf:/etc/nginx/nginx.conf
-      - ./nextcloud:/var/www/html
-    labels:
-      - traefik.enable=true
-      - traefik.http.routers.cloud.entryPoints=web-secure
-      - traefik.http.routers.cloud.rule=Host(`cloud.fosc.space`)
-      - traefik.http.routers.cloud.tls.certresolver=default
-      - traefik.http.routers.cloud.middlewares=cloud@docker
-      - traefik.http.middlewares.cloud.headers.customFrameOptionsValue=SAMEORIGIN
-      - traefik.http.middlewares.cloud.headers.framedeny=true
-      - traefik.http.middlewares.cloud.headers.sslredirect=true
-      - traefik.http.middlewares.cloud.headers.stsSeconds=15552000
+  nextcloud:
+    image: nextcloud:18
    depends_on:
-      - fpm
-
-  fpm:
-    image: nextcloud
-    restart: unless-stopped
+      - postgres
+      - collabora
+      - redis
    volumes:
      - ./nextcloud:/var/www/html
+    restart: unless-stopped
    environment:
      - NEXTCLOUD_TRUSTED_DOMAINS=cloud.fosc.space
+      - POSTGRES_HOST=postgres
+      - POSTGRES_USER=postgres
+      - POSTGRES_PASSWORD=aaaaaaaaaaaaa
+      - POSTGRES_DB=nextcloud
      - REDIS_HOST=redis
-      - MYSQL_HOST=mariadb
-      - MYSQL_USER=nextcloud
-      - MYSQL_PASSWORD=hunter2
-      - MYSQL_DATABASE=nextcloud
-      - NEXTCLOUD_ADMIN_USER=admin
-      - NEXTCLOUD_ADMIN_PASSWORD=hunter2
-    depends_on:
-      - mariadb
-      - redis
-      - cron
+    labels:
+      - "traefik.frontend.rule=Host:cloud.fosc.space"
+      - "traefik.frontend.headers.STSSeconds=15552000"
+      - "traefik.frontend.redirect.regex=https://(.*)/.well-known/(card|cal)dav"
+      - "traefik.frontend.redirect.replacement=https://$$1/remote.php/dav/"
+      - "traefik.frontend.redirect.permanent=true"

-  mariadb:
-    image: mariadb
+  postgres:
+    image: postgres:alpine
    restart: unless-stopped
    environment:
-      - MYSQL_ROOT_PASSWORD=hunter2
-      - MYSQL_USER=nextcloud
-      - MYSQL_PASSWORD=hunter2
-      - MYSQL_DATABASE=nextcloud
+      - POSTGRES_USER=postgres
+      - POSTGRES_PASSWORD=aaaaaaaaaaaaa
    volumes:
-      - ./db:/var/lib/mysql
+      - ./db:/var/lib/postgresql/data
+    labels:
+      - traefik.enable=false

  collabora:
    image: collabora/code
    restart: unless-stopped
    environment:
      - username=admin
-      - password=hunter3
+      - password=eeeeeeeeeeeee
      - DONT_GEN_SSL_CERT=true
      - "domain=cloud\\.fosc\\.space"
      - "extra_params=--o:ssl.enable=false --o:ssl.termination=true --o:storage.wopi.host[0]=::ffff:[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+ --o:net.post_allow.host[0]=::ffff:[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+ --o:storage.wopi.host[1]=[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+ --o:net.post_allow.host[1]=[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+ --o:storage.wopi.host[2]=cloud.fosc.space"
    labels:
-      - traefik.enable=true
-      - traefik.http.routers.coll.entryPoints=web-secure
-      - traefik.http.routers.coll.rule=Host(`collabora.fosc.space`)
-      - traefik.http.routers.coll.tls.certresolver=default
-      - traefik.http.services.coll.loadbalancer.server.port=9980
+      - "traefik.frontend.rule=Host:collabora.fosc.space"
+      - "traefik.port=9980"

  redis:
-    image: redis:alpine
+    image: redis
    restart: unless-stopped
-
-  cron:
-    image: nextcloud
-    restart: always
-    volumes:
-      - ./nextcloud:/var/www/html
-    entrypoint: /cron.sh
-    depends_on:
-      - mariadb
-      - redis
+    labels:
+      - traefik.enable=false
 ```

 # Nextcloud configuration
@ -105,6 +83,9 @@ Once everything is up and running, install the Collabora plugin for Nextcloud an
 {.is-info}

 # Quirks
-> To get rid of the secure proxy warning, add a `NEXTCLOUD_TRUSTED_PROXIES` entry to Nextcloud's config.php with your host's hostname or IP address. For some reason, this configuration is not exposed via environment variables and cannot be fixed from docker-compose. 
+> The Collabora container is extremely slow to start and seems to work about only half the time. If stuff isn't working, just restart it once or twice. Eventually it will work. 
+
+>This configuration is 100% working and any attempt at touching it will just make it worse.
+{.is-warning}