ressources/nextcloud-docker/docker-compose.yml

version: "3.8"

networks:
  traefik:
    external: true
  lan:
    internal: true
    
services:   
  nextcloud:
    image: git.draconis.me/draconis/nextcloud-docker
      #build: build/nextcloud
    container_name: nextcloud
    restart: unless-stopped
    environment:
      - POSTGRES_HOST=nextcloud-postgres
      - POSTGRES_DB_FILE=/run/secrets/postgres_db
      - POSTGRES_USER_FILE=/run/secrets/postgres_user
      - POSTGRES_PASSWORD_FILE=/run/secrets/postgres_password
      - REDIS_HOST=redis
      - APC_SHM_SIZE=128M
      - GID=33
      - UID=33
      - OPCACHE_MEM_SIZE=128
      - TZ=Europe/Paris
      - UPLOAD_MAX_SIZE=10G
      - TRUSTED_PROXIES=172.18.0.0/16
    secrets:
      - postgres_db
      - postgres_password
      - postgres_user 
    depends_on:
      - nextcloud-postgres
      - redis
    volumes:
      - ./html:/var/www/html/
      - /mnt/nas/photos:/nas/photos
    networks:
      - traefik
      - lan
    labels:
      - traefik.enable=true
      - traefik.docker.network=traefik
      - traefik.http.routers.nextcloud.middlewares=nextcloud-dav,hsts-headers@file,compression@file
      - traefik.http.routers.nextcloud.rule=Host(`nuage.draconis.me`)
      - traefik.http.routers.nextcloud.entrypoints=https
      - traefik.http.routers.nextcloud.tls=true
      - traefik.http.routers.nextcloud.tls.certresolver=le
      - traefik.http.services.nextcloud.loadbalancer.server.port=80
      - traefik.http.middlewares.nextcloud-dav.replacepathregex.regex=^/.well-known/(card|cal)dav
      - traefik.http.middlewares.nextcloud-dav.replacepathregex.replacement=/remote.php/dav/


# PostgresSQL
  nextcloud-postgres:
    image: postgres:14-alpine
    container_name: nextcloud-postgres
    restart: unless-stopped
    environment:
      - POSTGRES_DB_FILE=/run/secrets/postgres_db
      - POSTGRES_USER_FILE=/run/secrets/postgres_user
      - POSTGRES_PASSWORD_FILE=/run/secrets/postgres_password
    secrets:
      - postgres_db
      - postgres_password
      - postgres_user
    networks:
      - lan
    volumes:
      - ./postgres:/var/lib/postgresql/data
  # Redis    
  redis:
    image: redis:alpine
    container_name: redis
    restart: unless-stopped
    init: true
    networks:
      - lan
    sysctls:
      - net.core.somaxconn=4096
      # - vm.overcommit_memory=1
    volumes:
      - ./redis:/data
  # Backup
  nextcloud-backup:
    image: git.draconis.me/draconis/borgbackup-docker
    container_name: nextcloud-backup
    hostname: nextcloud-backup
    restart: unless-stopped
    environment:
      - BORG_PASSPHRASE=
      - FOLDERS_TO_BACKUP_PATH=/volumetobackup
      - BACKUP_PATH=/var/lib/borg-backups/nextcloud
      - POSTGRES_HOST=
      - POSTGRES_PASSWORD=
      - POSTGRES_USER=
      - BORGHOST=
      - PORT=
    networks:
      - lan
      - traefik
    volumes:
        - ./backup/nextcloud/html:/volumetobackup
        - /root/.ssh:/root/.ssh:ro

secrets:
  postgres_db:
    file: ./secrets/postgres_db.txt 
  postgres_password:
    file: ./secrets/postgres_password.txt 
  postgres_user:
    file: ./secrets/postgres_user.txt