Compare commits

..

No commits in common. "1572aabe53e6b094d87fa03f3ca8872318ffcddf" and "6b254cc1d70e2fa714c2d94c2c4f8024a8d8d8a1" have entirely different histories.

View File

@ -2,7 +2,7 @@
title: Nextcloud & Collabora
description: How to configure a properly working setup using Traefik
published: true
date: 2020-05-07T11:33:22.135Z
date: 2020-04-30T19:21:45.022Z
tags:
---
@ -10,91 +10,69 @@ tags:
Our setup relies heavily on `traefik` and won't work without it. See our traefik configuration page on how to prepare your system to accept this configuration.
> This configuration hasn't been updated to Traefik v2 yet
{.is-warning}
# docker-compose.yml
```
version: '3'
version: '3.7'
services:
nginx:
image: nginx:alpine
restart: unless-stopped
volumes:
- ./nginx.conf:/etc/nginx/nginx.conf
- ./nextcloud:/var/www/html
labels:
- traefik.enable=true
- traefik.http.routers.cloud.entryPoints=web-secure
- traefik.http.routers.cloud.rule=Host(`cloud.fosc.space`)
- traefik.http.routers.cloud.tls.certresolver=default
- traefik.http.routers.cloud.middlewares=cloud@docker
- traefik.http.middlewares.cloud.headers.customFrameOptionsValue=SAMEORIGIN
- traefik.http.middlewares.cloud.headers.framedeny=true
- traefik.http.middlewares.cloud.headers.sslredirect=true
- traefik.http.middlewares.cloud.headers.stsSeconds=15552000
nextcloud:
image: nextcloud:18
depends_on:
- fpm
fpm:
image: nextcloud
restart: unless-stopped
- postgres
- collabora
- redis
volumes:
- ./nextcloud:/var/www/html
restart: unless-stopped
environment:
- NEXTCLOUD_TRUSTED_DOMAINS=cloud.fosc.space
- POSTGRES_HOST=postgres
- POSTGRES_USER=postgres
- POSTGRES_PASSWORD=aaaaaaaaaaaaa
- POSTGRES_DB=nextcloud
- REDIS_HOST=redis
- MYSQL_HOST=mariadb
- MYSQL_USER=nextcloud
- MYSQL_PASSWORD=hunter2
- MYSQL_DATABASE=nextcloud
- NEXTCLOUD_ADMIN_USER=admin
- NEXTCLOUD_ADMIN_PASSWORD=hunter2
depends_on:
- mariadb
- redis
- cron
labels:
- "traefik.frontend.rule=Host:cloud.fosc.space"
- "traefik.frontend.headers.STSSeconds=15552000"
- "traefik.frontend.redirect.regex=https://(.*)/.well-known/(card|cal)dav"
- "traefik.frontend.redirect.replacement=https://$$1/remote.php/dav/"
- "traefik.frontend.redirect.permanent=true"
mariadb:
image: mariadb
postgres:
image: postgres:alpine
restart: unless-stopped
environment:
- MYSQL_ROOT_PASSWORD=hunter2
- MYSQL_USER=nextcloud
- MYSQL_PASSWORD=hunter2
- MYSQL_DATABASE=nextcloud
- POSTGRES_USER=postgres
- POSTGRES_PASSWORD=aaaaaaaaaaaaa
volumes:
- ./db:/var/lib/mysql
- ./db:/var/lib/postgresql/data
labels:
- traefik.enable=false
collabora:
image: collabora/code
restart: unless-stopped
environment:
- username=admin
- password=hunter3
- password=eeeeeeeeeeeee
- DONT_GEN_SSL_CERT=true
- "domain=cloud\\.fosc\\.space"
- "extra_params=--o:ssl.enable=false --o:ssl.termination=true --o:storage.wopi.host[0]=::ffff:[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+ --o:net.post_allow.host[0]=::ffff:[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+ --o:storage.wopi.host[1]=[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+ --o:net.post_allow.host[1]=[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+ --o:storage.wopi.host[2]=cloud.fosc.space"
labels:
- traefik.enable=true
- traefik.http.routers.coll.entryPoints=web-secure
- traefik.http.routers.coll.rule=Host(`collabora.fosc.space`)
- traefik.http.routers.coll.tls.certresolver=default
- traefik.http.services.coll.loadbalancer.server.port=9980
- "traefik.frontend.rule=Host:collabora.fosc.space"
- "traefik.port=9980"
redis:
image: redis:alpine
image: redis
restart: unless-stopped
cron:
image: nextcloud
restart: always
volumes:
- ./nextcloud:/var/www/html
entrypoint: /cron.sh
depends_on:
- mariadb
- redis
labels:
- traefik.enable=false
```
# Nextcloud configuration
@ -105,6 +83,9 @@ Once everything is up and running, install the Collabora plugin for Nextcloud an
{.is-info}
# Quirks
> To get rid of the secure proxy warning, add a `NEXTCLOUD_TRUSTED_PROXIES` entry to Nextcloud's config.php with your host's hostname or IP address. For some reason, this configuration is not exposed via environment variables and cannot be fixed from docker-compose.
> The Collabora container is extremely slow to start and seems to work about only half the time. If stuff isn't working, just restart it once or twice. Eventually it will work.
>This configuration is 100% working and any attempt at touching it will just make it worse.
{.is-warning}