3.4 KiB
3.4 KiB
title | description | published | date | tags |
---|---|---|---|---|
Nextcloud & Collabora | How to configure a properly working setup using Traefik | true | 2020-05-07T11:33:22.135Z |
Requirements
Our setup relies heavily on traefik
and won't work without it. See our traefik configuration page on how to prepare your system to accept this configuration.
docker-compose.yml
version: '3'
services:
nginx:
image: nginx:alpine
restart: unless-stopped
volumes:
- ./nginx.conf:/etc/nginx/nginx.conf
- ./nextcloud:/var/www/html
labels:
- traefik.enable=true
- traefik.http.routers.cloud.entryPoints=web-secure
- traefik.http.routers.cloud.rule=Host(`cloud.fosc.space`)
- traefik.http.routers.cloud.tls.certresolver=default
- traefik.http.routers.cloud.middlewares=cloud@docker
- traefik.http.middlewares.cloud.headers.customFrameOptionsValue=SAMEORIGIN
- traefik.http.middlewares.cloud.headers.framedeny=true
- traefik.http.middlewares.cloud.headers.sslredirect=true
- traefik.http.middlewares.cloud.headers.stsSeconds=15552000
depends_on:
- fpm
fpm:
image: nextcloud
restart: unless-stopped
volumes:
- ./nextcloud:/var/www/html
environment:
- NEXTCLOUD_TRUSTED_DOMAINS=cloud.fosc.space
- REDIS_HOST=redis
- MYSQL_HOST=mariadb
- MYSQL_USER=nextcloud
- MYSQL_PASSWORD=hunter2
- MYSQL_DATABASE=nextcloud
- NEXTCLOUD_ADMIN_USER=admin
- NEXTCLOUD_ADMIN_PASSWORD=hunter2
depends_on:
- mariadb
- redis
- cron
mariadb:
image: mariadb
restart: unless-stopped
environment:
- MYSQL_ROOT_PASSWORD=hunter2
- MYSQL_USER=nextcloud
- MYSQL_PASSWORD=hunter2
- MYSQL_DATABASE=nextcloud
volumes:
- ./db:/var/lib/mysql
collabora:
image: collabora/code
restart: unless-stopped
environment:
- username=admin
- password=hunter3
- DONT_GEN_SSL_CERT=true
- "domain=cloud\\.fosc\\.space"
- "extra_params=--o:ssl.enable=false --o:ssl.termination=true --o:storage.wopi.host[0]=::ffff:[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+ --o:net.post_allow.host[0]=::ffff:[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+ --o:storage.wopi.host[1]=[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+ --o:net.post_allow.host[1]=[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+ --o:storage.wopi.host[2]=cloud.fosc.space"
labels:
- traefik.enable=true
- traefik.http.routers.coll.entryPoints=web-secure
- traefik.http.routers.coll.rule=Host(`collabora.fosc.space`)
- traefik.http.routers.coll.tls.certresolver=default
- traefik.http.services.coll.loadbalancer.server.port=9980
redis:
image: redis:alpine
restart: unless-stopped
cron:
image: nextcloud
restart: always
volumes:
- ./nextcloud:/var/www/html
entrypoint: /cron.sh
depends_on:
- mariadb
- redis
Nextcloud configuration
Once everything is up and running, install the Collabora plugin for Nextcloud and configure the following in its settings page:
URL (and Port) of Collabora Online-server:
https://collabora.fosc.space:443
{.is-info}
Quirks
To get rid of the secure proxy warning, add a
NEXTCLOUD_TRUSTED_PROXIES
entry to Nextcloud's config.php with your host's hostname or IP address. For some reason, this configuration is not exposed via environment variables and cannot be fixed from docker-compose.