111 lines
3.4 KiB
Markdown
111 lines
3.4 KiB
Markdown
---
|
|
title: Nextcloud & Collabora
|
|
description: How to configure a properly working setup using Traefik
|
|
published: true
|
|
date: 2020-05-07T11:33:22.135Z
|
|
tags:
|
|
---
|
|
|
|
# Requirements
|
|
|
|
Our setup relies heavily on `traefik` and won't work without it. See our traefik configuration page on how to prepare your system to accept this configuration.
|
|
|
|
# docker-compose.yml
|
|
|
|
```
|
|
version: '3'
|
|
|
|
services:
|
|
|
|
nginx:
|
|
image: nginx:alpine
|
|
restart: unless-stopped
|
|
volumes:
|
|
- ./nginx.conf:/etc/nginx/nginx.conf
|
|
- ./nextcloud:/var/www/html
|
|
labels:
|
|
- traefik.enable=true
|
|
- traefik.http.routers.cloud.entryPoints=web-secure
|
|
- traefik.http.routers.cloud.rule=Host(`cloud.fosc.space`)
|
|
- traefik.http.routers.cloud.tls.certresolver=default
|
|
- traefik.http.routers.cloud.middlewares=cloud@docker
|
|
- traefik.http.middlewares.cloud.headers.customFrameOptionsValue=SAMEORIGIN
|
|
- traefik.http.middlewares.cloud.headers.framedeny=true
|
|
- traefik.http.middlewares.cloud.headers.sslredirect=true
|
|
- traefik.http.middlewares.cloud.headers.stsSeconds=15552000
|
|
depends_on:
|
|
- fpm
|
|
|
|
fpm:
|
|
image: nextcloud
|
|
restart: unless-stopped
|
|
volumes:
|
|
- ./nextcloud:/var/www/html
|
|
environment:
|
|
- NEXTCLOUD_TRUSTED_DOMAINS=cloud.fosc.space
|
|
- REDIS_HOST=redis
|
|
- MYSQL_HOST=mariadb
|
|
- MYSQL_USER=nextcloud
|
|
- MYSQL_PASSWORD=hunter2
|
|
- MYSQL_DATABASE=nextcloud
|
|
- NEXTCLOUD_ADMIN_USER=admin
|
|
- NEXTCLOUD_ADMIN_PASSWORD=hunter2
|
|
depends_on:
|
|
- mariadb
|
|
- redis
|
|
- cron
|
|
|
|
mariadb:
|
|
image: mariadb
|
|
restart: unless-stopped
|
|
environment:
|
|
- MYSQL_ROOT_PASSWORD=hunter2
|
|
- MYSQL_USER=nextcloud
|
|
- MYSQL_PASSWORD=hunter2
|
|
- MYSQL_DATABASE=nextcloud
|
|
volumes:
|
|
- ./db:/var/lib/mysql
|
|
|
|
collabora:
|
|
image: collabora/code
|
|
restart: unless-stopped
|
|
environment:
|
|
- username=admin
|
|
- password=hunter3
|
|
- DONT_GEN_SSL_CERT=true
|
|
- "domain=cloud\\.fosc\\.space"
|
|
- "extra_params=--o:ssl.enable=false --o:ssl.termination=true --o:storage.wopi.host[0]=::ffff:[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+ --o:net.post_allow.host[0]=::ffff:[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+ --o:storage.wopi.host[1]=[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+ --o:net.post_allow.host[1]=[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+ --o:storage.wopi.host[2]=cloud.fosc.space"
|
|
labels:
|
|
- traefik.enable=true
|
|
- traefik.http.routers.coll.entryPoints=web-secure
|
|
- traefik.http.routers.coll.rule=Host(`collabora.fosc.space`)
|
|
- traefik.http.routers.coll.tls.certresolver=default
|
|
- traefik.http.services.coll.loadbalancer.server.port=9980
|
|
|
|
redis:
|
|
image: redis:alpine
|
|
restart: unless-stopped
|
|
|
|
cron:
|
|
image: nextcloud
|
|
restart: always
|
|
volumes:
|
|
- ./nextcloud:/var/www/html
|
|
entrypoint: /cron.sh
|
|
depends_on:
|
|
- mariadb
|
|
- redis
|
|
```
|
|
|
|
# Nextcloud configuration
|
|
Once everything is up and running, install the Collabora plugin for Nextcloud and configure the following in its settings page:
|
|
|
|
> URL (and Port) of Collabora Online-server:
|
|
`https://collabora.fosc.space:443`
|
|
{.is-info}
|
|
|
|
# Quirks
|
|
> To get rid of the secure proxy warning, add a `NEXTCLOUD_TRUSTED_PROXIES` entry to Nextcloud's config.php with your host's hostname or IP address. For some reason, this configuration is not exposed via environment variables and cannot be fixed from docker-compose.
|
|
|
|
|