Docker-compose file for nextcloud with pgsql,redis and traefik deployment

nextcloud-pgsql-redis-traefikv2-docker-compose.yml

# docker network create nextcloud

NOTES:
1. [email protected] 
2. TRUSTED_PROXIES values based on your 'nexcloud network'
3. remove traefik.http.middlewares.nextcloud.headers.contentSecurityPolicy and  
traefik.http.middlewares.nextcloud.headers.customFrameOptionsValue if you don't want to allow iframe your domain
3

# cat docker-compose.yml

version: '3.3'

volumes:
  nextcloud-www:
    driver: local
  nextcloud-db:
    driver: local
  redis:
    driver: local
  letsencrypt:
    driver: local


services:

  traefik:
    image: traefik:v2.2
    container_name: traefik
    restart: always
    command:
      - "--log.level=DEBUG"
      - "--api.insecure=true"
      - "--providers.docker=true"
      - "--providers.docker.exposedbydefault=true"
      - "--entrypoints.web.address=:80"
      - "--entrypoints.websecure.address=:443"
      - "--entrypoints.web.http.redirections.entryPoint.to=websecure"
      - "--entrypoints.web.http.redirections.entryPoint.scheme=https"
      - "--certificatesresolvers.myresolver.acme.httpchallenge=true"
      - "--certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web"
      - "[email protected]"
      - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
    ports:
      - 80:80
      - 443:443
    networks:
      - nextcloud
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - letsencrypt:/letsencrypt
  db:
    restart: always
    image: postgres:11
    networks:
      - nextcloud
    environment:
    - POSTGRES_USER=nextcloud
    - POSTGRES_PASSWORD=password
    - POSTGRES_DB=nextcloud
    volumes:
    - nextcloud-db:/var/lib/postgresql/data
  redis:
    image: redis:latest
    restart: always
    networks:
      - nextcloud
    volumes:
      - redis:/var/lib/redis

  nextcloud:
    image: nextcloud:latest
    restart: always
    networks:
      - nextcloud
    depends_on:
      - redis
      - db
    labels:
      - traefik.http.routers.nextcloud.middlewares=nextcloud,nextcloud_redirect
      - traefik.http.routers.nextcloud.tls.certresolver=myresolver
      - traefik.http.routers.nextcloud.rule=Host(`nextcloud.mydomain.com`)
      - traefik.http.middlewares.nextcloud.headers.customFrameOptionsValue=ALLOW-FROM https://mydomain.com
      - traefik.http.middlewares.nextcloud.headers.contentSecurityPolicy=frame-ancestors 'self' mydomain.com *.mydomain.net
      - traefik.http.middlewares.nextcloud.headers.stsSeconds=155520011
      - traefik.http.middlewares.nextcloud.headers.stsIncludeSubdomains=true
      - traefik.http.middlewares.nextcloud.headers.stsPreload=true
      - traefik.http.middlewares.nextcloud_redirect.redirectregex.regex=/.well-known/(card|cal)dav
      - traefik.http.middlewares.nextcloud_redirect.redirectregex.replacement=/remote.php/dav/
    environment:
      - POSTGRES_DB=nextcloud
      - POSTGRES_USER=nextcloud
      - POSTGRES_PASSWORD=password
      - POSTGRES_HOST=db
      - NEXTCLOUD_ADMIN_USER=admin
      - NEXTCLOUD_ADMIN_PASSWORD=adminpass
      - REDIS_HOST=redis
      - NEXTCLOUD_TRUSTED_DOMAINS=nextcloud.mydomain.com
      - TRUSTED_PROXIES=172.18.0.0/16
    volumes:
      - nextcloud-www:/var/www/html

networks:
  nextcloud:
    external: true

Why would you choose the non-FPM version of Nextcloud, isn't it slower?

Don't know how much slower.
I do know that:

• use of FPM would need another container.
• as it needs a httpd layer between Traefik and NC
• and, it's easier without

But, if you write a Gist here, I'm willing to test!

Ha thanks!
I am pretty clueless to be honest, my question is purely based on what I read online. I do use FileRun (similar to NextCloud but much faster and purely focused on file management, max 10 users). It does use FPM.

oh man, thank you!