-
-
Save ismailyenigul/f03b4f5f15e5e61ac5b80905c5d2890a to your computer and use it in GitHub Desktop.
| # docker network create nextcloud | |
| NOTES: | |
| 1. [email protected] | |
| 2. TRUSTED_PROXIES values based on your 'nexcloud network' | |
| 3. remove traefik.http.middlewares.nextcloud.headers.contentSecurityPolicy and | |
| traefik.http.middlewares.nextcloud.headers.customFrameOptionsValue if you don't want to allow iframe your domain | |
| 3 | |
| # cat docker-compose.yml | |
| version: '3.3' | |
| volumes: | |
| nextcloud-www: | |
| driver: local | |
| nextcloud-db: | |
| driver: local | |
| redis: | |
| driver: local | |
| letsencrypt: | |
| driver: local | |
| services: | |
| traefik: | |
| image: traefik:v2.2 | |
| container_name: traefik | |
| restart: always | |
| command: | |
| - "--log.level=DEBUG" | |
| - "--api.insecure=true" | |
| - "--providers.docker=true" | |
| - "--providers.docker.exposedbydefault=true" | |
| - "--entrypoints.web.address=:80" | |
| - "--entrypoints.websecure.address=:443" | |
| - "--entrypoints.web.http.redirections.entryPoint.to=websecure" | |
| - "--entrypoints.web.http.redirections.entryPoint.scheme=https" | |
| - "--certificatesresolvers.myresolver.acme.httpchallenge=true" | |
| - "--certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web" | |
| - "[email protected]" | |
| - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json" | |
| ports: | |
| - 80:80 | |
| - 443:443 | |
| networks: | |
| - nextcloud | |
| volumes: | |
| - /var/run/docker.sock:/var/run/docker.sock | |
| - letsencrypt:/letsencrypt | |
| db: | |
| restart: always | |
| image: postgres:11 | |
| networks: | |
| - nextcloud | |
| environment: | |
| - POSTGRES_USER=nextcloud | |
| - POSTGRES_PASSWORD=password | |
| - POSTGRES_DB=nextcloud | |
| volumes: | |
| - nextcloud-db:/var/lib/postgresql/data | |
| redis: | |
| image: redis:latest | |
| restart: always | |
| networks: | |
| - nextcloud | |
| volumes: | |
| - redis:/var/lib/redis | |
| nextcloud: | |
| image: nextcloud:latest | |
| restart: always | |
| networks: | |
| - nextcloud | |
| depends_on: | |
| - redis | |
| - db | |
| labels: | |
| - traefik.http.routers.nextcloud.middlewares=nextcloud,nextcloud_redirect | |
| - traefik.http.routers.nextcloud.tls.certresolver=myresolver | |
| - traefik.http.routers.nextcloud.rule=Host(`nextcloud.mydomain.com`) | |
| - traefik.http.middlewares.nextcloud.headers.customFrameOptionsValue=ALLOW-FROM https://mydomain.com | |
| - traefik.http.middlewares.nextcloud.headers.contentSecurityPolicy=frame-ancestors 'self' mydomain.com *.mydomain.net | |
| - traefik.http.middlewares.nextcloud.headers.stsSeconds=155520011 | |
| - traefik.http.middlewares.nextcloud.headers.stsIncludeSubdomains=true | |
| - traefik.http.middlewares.nextcloud.headers.stsPreload=true | |
| - traefik.http.middlewares.nextcloud_redirect.redirectregex.regex=/.well-known/(card|cal)dav | |
| - traefik.http.middlewares.nextcloud_redirect.redirectregex.replacement=/remote.php/dav/ | |
| environment: | |
| - POSTGRES_DB=nextcloud | |
| - POSTGRES_USER=nextcloud | |
| - POSTGRES_PASSWORD=password | |
| - POSTGRES_HOST=db | |
| - NEXTCLOUD_ADMIN_USER=admin | |
| - NEXTCLOUD_ADMIN_PASSWORD=adminpass | |
| - REDIS_HOST=redis | |
| - NEXTCLOUD_TRUSTED_DOMAINS=nextcloud.mydomain.com | |
| - TRUSTED_PROXIES=172.18.0.0/16 | |
| volumes: | |
| - nextcloud-www:/var/www/html | |
| networks: | |
| nextcloud: | |
| external: true |
This works for me generally but I get a warning in firefox that not all elements of my page are being served over https. If I inspect the page these are some elements that are not secured. Do you have any idea's how to resolve this?
- Read the docs: https://hub.docker.com/_/nextcloud
- Add to yaml file in section Nextcloud
environment:
— OVERWRITEPROTOCOL=https
@BartKoppers that fixed it for me. I did read the docs BTW it just wasn't clear to me that would solve my issue.
@BartKoppers that fixed it for me. I did read the docs BTW it just wasn't clear to me that would solve my issue.
Yeah, I agree - docs on NC / NC Docker are somewhat scattered. Glad it helped!
Why would you choose the non-FPM version of Nextcloud, isn't it slower?
Why would you choose the non-FPM version of Nextcloud, isn't it slower?
Don't know how much slower.
I do know that:
- use of FPM would need another container.
- as it needs a httpd layer between Traefik and NC
- and, it's easier without
But, if you write a Gist here, I'm willing to test!
Ha thanks!
I am pretty clueless to be honest, my question is purely based on what I read online. I do use FileRun (similar to NextCloud but much faster and purely focused on file management, max 10 users). It does use FPM.
oh man, thank you!
This works for me generally but I get a warning in firefox that not all elements of my page are being served over https. If I inspect the page these are some elements that are not secured. Do you have any idea's how to resolve this?
