version: '2.3' services: nextcloud-db: image: mariadb command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW container_name: nextcloud-db restart: always volumes: - /home/docker/nextcloud/container-db:/var/lib/mysql environment: - MYSQL_ROOT_PASSWORD= - MYSQL_PASSWORD= - MYSQL_DATABASE=nextcloud - MYSQL_USER=nextcloud networks: - nextcloud nextcloud: image: nextcloud:stable-fpm-alpine restart: on-failure:5 container_name: nextcloud volumes: - /home/docker/nextcloud/app:/var/www/html environment: - MYSQL_HOST=nextcloud-db - MYSQL_PASSWORD= - MYSQL_DATABASE=nextcloud - MYSQL_USER=nextcloud - REDIS_HOST=redis - REDIS_HOST_PASSWORD= depends_on: - nextcloud-db - redis security_opt: - no-new-privileges:true networks: - nextcloud nextcloud-cron: image: nextcloud:stable-fpm-alpine restart: always container_name: nextcloud-cron volumes: - /home/docker/nextcloud/app:/var/www/html entrypoint: /cron.sh depends_on: - nextcloud-db - redis networks: - nextcloud nextcloud-web: build: ./nextcloud-web restart: on-failure:5 container_name: nextcloud-web volumes: - /home/docker/nextcloud/app:/var/www/html labels: - traefik.docker.network=proxy - traefik.enable=true - traefik.protocol=http - traefik.port=80 - traefik.http.routers.nextcloud.tls=true - traefik.http.routers.nextcloud.entrypoints=websecure - traefik.http.routers.nextcloud.tls.certresolver=myresolver - traefik.http.routers.nextcloud.rule=Host(`pellets.journalismarena.eu`) - traefik.http.routers.nextcloud.middlewares=nextcloud,nextcloud_redirect - traefik.http.middlewares.nextcloud.headers.stsSeconds=155520011 - traefik.http.middlewares.nextcloud.headers.stsIncludeSubdomains=true - traefik.http.middlewares.nextcloud.headers.stsPreload=true - traefik.http.middlewares.nextcloud_redirect.redirectregex.regex=/.well-known/(card|cal)dav - traefik.http.middlewares.nextcloud_redirect.redirectregex.replacement=/remote.php/dav/ depends_on: - nextcloud security_opt: - no-new-privileges:true mem_limit: 4096M memswap_limit: 4096M networks: - proxy - nextcloud redis: image: redis:alpine restart: always container_name: nextcloud-redis command: redis-server --requirepass ZpP2FwwNeMXW7Fd networks: - nextcloud collabora: image: collabora/code container_name: collabora restart: unless-stopped mem_limit: 4096m environment: - domain=collabora-docs\\.digitalcourage\\.de - username=admin-user - password=6MktK8fu9Xx8iKrMu - extra_params=--o:logging.level=warning --o:ssl.enable=false --o:ssl.termination=true cap_add: - MKNOD networks: - proxy labels: - traefik.docker.network=proxy - traefik.enable=true - traefik.protocol=http - traefik.port=9080 - traefik.http.routers.collabora.tls=true - traefik.http.routers.collabora.entrypoints=websecure - traefik.http.routers.collabora.tls.certresolver=myresolver - traefik.http.routers.collabora.rule=Host(`collabora-docs.digitalcourage.de`) - traefik.http.routers.collabora.middlewares=collabora - traefik.http.middlewares.collabora.headers.customRequestHeaders.X-Forwarded-Proto=https - traefik.http.middlewares.collabora.headers.referrerPolicy=no-referrer - traefik.http.middlewares.collabora.headers.stsSeconds=31536000 - traefik.http.middlewares.collabora.headers.forceSTSHeader=true - traefik.http.middlewares.collabora.headers.stsPreload=true - traefik.http.middlewares.collabora.headers.stsIncludeSubdomains=true - traefik.http.middlewares.collabora.headers.browserXssFilter=true networks: proxy: external: true nextcloud: external: false