From 3bb6ea43e2379bc988337945edc91747731d3067 Mon Sep 17 00:00:00 2001
From: oxmox <oxmox@noreply.localhost>
Date: Sun, 15 Oct 2023 18:28:33 +0200
Subject: [PATCH] use subdommains; make nextcloud log external IPs

---
 docker-compose.yml | 18 +++++++-----------
 1 file changed, 7 insertions(+), 11 deletions(-)

diff --git a/docker-compose.yml b/docker-compose.yml
index 82b4a72..ccb2a54 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -122,11 +122,11 @@ services:
       - MYSQL_PASSWORD_FILE=/run/secrets/nextcloud_db_password
       - MYSQL_ROOT_PASSWORD_FILE=/run/secrets/nextcloud_db_root_password
       # reverse proxy setup
-      - APACHE_DISABLE_REWRITE_IP=1
-      - TRUSTED_PROXIES=192.168.128.0/24
-      - NEXTCLOUD_TRUSTED_DOMAINS=oxmox.dev
+      #- APACHE_DISABLE_REWRITE_IP=0
+      - TRUSTED_PROXIES="172.18.0.0/16 172.18.0.9"
+      - NEXTCLOUD_TRUSTED_DOMAINS=cloud.oxmox.dev
       # PHP tuning
-      - PHP_MEMORY_LIMIT=256M # default=512M
+      - PHP_MEMORY_LIMIT=512M # default=512M
       - PHP_UPLOAD_LIMIT=512M # default=512M
       # Sadly this did not work for me.
       #- NEXTCLOUD_ADMIN_USER=admin
@@ -137,13 +137,11 @@ services:
       - nextcloud_admin_password
     labels:
       - "traefik.enable=true"
-      - "traefik.http.routers.nextcloud_app.rule=Host(`oxmox.dev`) && PathPrefix(`/nextcloud`)"
+      - "traefik.http.routers.nextcloud_app.rule=Host(`cloud.oxmox.dev`)"
       - "traefik.http.routers.nextcloud_app.entrypoints=websecure"
       - "traefik.http.routers.nextcloud_app.tls.certresolver=myresolver"
-      - "traefik.http.routers.nextcloud_app.middlewares=nextcloud_app_strip"
-      - "traefik.http.middlewares.nextcloud_app_strip.stripprefix.prefixes=/nextcloud"
 
-      - "traefik.http.routers.nextcloud_dav.rule=Host(`oxmox.dev`) && PathPrefix(`/.well-known/`)"
+      - "traefik.http.routers.nextcloud_dav.rule=(Host(`cloud.oxmox.dev`) || Host(`oxmox.dev`)) && PathPrefix(`/.well-known/`)"
       - "traefik.http.routers.nextcloud_dav.entrypoints=websecure"
       - "traefik.http.routers.nextcloud_dav.tls.certresolver=myresolver"
       - "traefik.http.routers.nextcloud_dav.middlewares=nextcloud_app_dav"
@@ -224,11 +222,9 @@ services:
       - FORGEJO__database__PASSWD=forgejo1234
     labels:
       - "traefik.enable=true"
-      - "traefik.http.routers.forgejo_app.rule=Host(`oxmox.dev`) && PathPrefix(`/forge`)"
+      - "traefik.http.routers.forgejo_app.rule=Host(`forge.oxmox.dev`)"
       - "traefik.http.routers.forgejo_app.entrypoints=websecure"
       - "traefik.http.routers.forgejo_app.tls.certresolver=myresolver"
-      - "traefik.http.routers.forgejo_app.middlewares=forgejo_app_strip"
-      - "traefik.http.middlewares.forgejo_app_strip.stripprefix.prefixes=/forge"
       - "traefik.http.services.forgejo-app.loadbalancer.server.port=3000"
 
   prometheus: