# Nextcloud-Stack services: nextcloud: image: nextcloud:32-fpm container_name: nextcloud depends_on: - nextcloud-redis environment: - DOMAIN=${DOMAIN} - NEXTCLOUD_ADMIN_USER=${NEXTCLOUD_ADMIN_USER:-admin} - NEXTCLOUD_ADMIN_PASSWORD=${NEXTCLOUD_ADMIN_PASSWORD:-admin} - NEXTCLOUD_DEFAULT_PHONE_REGION=DE - NEXTCLOUD_DEFAULT_LANGUAGE=${NEXTCLOUD_DEFAULT_LANGUAGE:-de} - ONLYOFFICE_JWT_SECRET=${ONLYOFFICE_JWT_SECRET} - POSTGRES_DB=${NEXTCLOUD_DB_NAME} - POSTGRES_HOST=${NEXTCLOUD_DB_HOST} - POSTGRES_PASSWORD=${NEXTCLOUD_DB_PASSWORD} - POSTGRES_USER=${NEXTCLOUD_DB_USER} - OVERWRITEPROTOCOL=https - OVERWRITEHOST=${NEXTCLOUD_DOMAIN} - REDIS_HOST=nextcloud-redis - TRUSTED_PROXIES=172.22.0.0/16 172.19.0.0/16 - COLLABORA_DOMAIN=${COLLABORA_DOMAIN} - TALK_DOMAIN=${TALK_DOMAIN} - TALK_TURN_SECRET=${TALK_TURN_SECRET} - TALK_SIGNALING_SECRET=${TALK_SIGNALING_SECRET} labels: - "traefik.enable=false" volumes: - nextcloud-data:/var/www/html - ./hooks/post-installation:/docker-entrypoint-hooks.d/post-installation - ./php/opcache.ini:/usr/local/etc/php/conf.d/opcache-recommended.ini:ro expose: - 80 - 9000 networks: - nextcloud - traefik - database restart: unless-stopped nextcloud-reverse-proxy: container_name: nextcloud-reverse-proxy image: nginx:1.27 depends_on: - nextcloud labels: - "traefik.enable=true" - "traefik.docker.network=traefik" - "traefik.http.routers.nextcloud-reverse-proxy.rule=Host(`${NEXTCLOUD_DOMAIN}`)" - "traefik.http.routers.nextcloud-reverse-proxy.entrypoints=web,websecure" - "traefik.http.routers.nextcloud-reverse-proxy.middlewares=https-redirect" - "traefik.http.routers.nextcloud-reverse-proxy.tls=true" - "traefik.http.routers.nextcloud-reverse-proxy.tls.certresolver=le" - "traefik.http.services.nextcloud-reverse-proxy.loadbalancer.server.port=80" volumes: - ./reverse-proxy/nginx.conf:/etc/nginx/nginx.conf - nextcloud-data:/var/www/html networks: - nextcloud - traefik restart: unless-stopped nextcloud-redis: image: redis:alpine container_name: nextcloud-redis networks: - nextcloud restart: unless-stopped collabora: image: collabora/code:latest container_name: nextcloud-collabora environment: - domain=${NEXTCLOUD_DOMAIN} - aliasgroup1=https://${NEXTCLOUD_DOMAIN}:443 - username=${COLLABORA_USERNAME} - password=${COLLABORA_PASSWORD} - extra_params=--o:ssl.enable=false --o:ssl.termination=true --o:welcome.enable=false --o:logging.level=warning - dictionaries=de_DE en_GB en_US labels: - "traefik.enable=true" - "traefik.docker.network=traefik" - "traefik.http.routers.collabora.rule=Host(`${COLLABORA_DOMAIN}`)" - "traefik.http.routers.collabora.entrypoints=web,websecure" - "traefik.http.routers.collabora.middlewares=https-redirect" - "traefik.http.routers.collabora.tls=true" - "traefik.http.routers.collabora.tls.certresolver=le" - "traefik.http.services.collabora.loadbalancer.server.port=9980" - "traefik.http.services.collabora.loadbalancer.server.scheme=http" networks: - nextcloud - traefik restart: unless-stopped cap_add: - MKNOD - SYS_ADMIN security_opt: - apparmor:unconfined nc-talk: container_name: nc-talk image: ghcr.io/nextcloud-releases/aio-talk:latest init: true ports: - "3478:3478/tcp" - "3478:3478/udp" environment: - NC_DOMAIN=${NEXTCLOUD_DOMAIN} - TALK_HOST=${TALK_DOMAIN} - TURN_SECRET=${TALK_TURN_SECRET} - SIGNALING_SECRET=${TALK_SIGNALING_SECRET} - INTERNAL_SECRET=${TALK_INTERNAL_SECRET} - TZ=${TZ:-Europe/Berlin} - TALK_PORT=3478 labels: - "traefik.enable=true" - "traefik.docker.network=traefik" - "traefik.http.routers.nc-talk.rule=Host(`${TALK_DOMAIN}`)" - "traefik.http.routers.nc-talk.entrypoints=websecure" - "traefik.http.routers.nc-talk.middlewares=https-redirect" - "traefik.http.routers.nc-talk.tls=true" - "traefik.http.routers.nc-talk.tls.certresolver=le" - "traefik.http.services.nc-talk.loadbalancer.server.port=8081" networks: - nextcloud - traefik restart: unless-stopped volumes: nextcloud-data: name: nextcloud-data networks: database: external: true nextcloud: external: true traefik: external: true