From a6ef3c13c9c368b023e2c2020d0136d3f61bc047 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Florian=20L=C3=BCke?= <f.lueke@mesytec.com>
Date: Sun, 3 Sep 2023 21:52:27 +0200
Subject: [PATCH] working nextcloud setup

---
 docker-compose.yml | 95 +++++++++++++++++++++++++++++++++++++++++-----
 1 file changed, 85 insertions(+), 10 deletions(-)

diff --git a/docker-compose.yml b/docker-compose.yml
index 4880343..6af0abb 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -25,6 +25,8 @@ services:
       - "./letsencrypt:/letsencrypt"
       - "./traefik/logs:/logs"
       - "/var/run/docker.sock:/var/run/docker.sock:ro"
+    environment:
+      - TZ=Europe/Berlin
     labels:
       - "traefik.enable=true"
       # Make the traefik dashboard available under https://oxmox.root.sx/traefik/dashboard/
@@ -33,18 +35,91 @@ services:
       - "traefik.http.routers.traefik_api.entrypoints=websecure"
       - "traefik.http.routers.traefik_api.tls.certresolver=myresolver"
       - "traefik.http.routers.traefik_api.service=api@internal"
-      - "traefik.http.routers.traefik_api.middlewares=traefik_api_auth,traefik_api_strip"
-      - "traefik.http.middlewares.traefik_api_auth.basicauth.users=florian:$$apr1$$x/GrMMGU$$Dn7yVliaRFEwlW17SNh6s."
+      - "traefik.http.routers.traefik_api.middlewares=traefik_api_strip"
+      #- "traefik.http.middlewares.traefik_api_auth.basicauth.users=florian:$$apr1$$x/GrMMGU$$Dn7yVliaRFEwlW17SNh6s."
       - "traefik.http.middlewares.traefik_api_strip.stripprefix.prefixes=/traefik/"
 
-  #whoami:
-  #  image: "traefik/whoami"
-  #  container_name: "simple-service"
-  #  labels:
-  #    - "traefik.enable=true"
-  #    - "traefik.http.routers.whoami.rule=Host(`oxmox.root.sx`) && Path(`/whoami`)"
-  #    - "traefik.http.routers.whoami.entrypoints=websecure"
-  #    - "traefik.http.routers.whoami.tls.certresolver=myresolver"
+  nextcloud-db:
+    image: mariadb:latest
+    container_name: "nextcloud-db"
+    restart: unless-stopped
+    command: --transaction-isolation=READ-COMMITTED --log-bin=binlog --binlog-format=ROW
+    volumes:
+      - ./nextcloud-db:/var/lib/mysql
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - MYSQL_DATABASE=nextcloud
+      - MYSQL_USER=nextcloud
+      - MYSQL_PASSWORD_FILE=/run/secrets/nextcloud_db_password
+      - MYSQL_ROOT_PASSWORD_FILE=/run/secrets/nextcloud_db_root_password
+      - TZ=Europe/Berlin
+    secrets:
+      - nextcloud_db_password
+      - nextcloud_db_root_password
+    labels:
+      - "traefik.enable=true"
+
+  nextcloud-app:
+    image: nextcloud:stable
+    container_name: "nextcloud-app"
+    restart: unless-stopped
+    links:
+      - nextcloud-db
+    depends_on:
+      - nextcloud-db
+    volumes:
+      - ./nextcloud-app/nextcloud:/var/www/html
+    environment:
+      - MYSQL_DATABASE=nextcloud
+      - MYSQL_USER=nextcloud
+      - MYSQL_HOST=nextcloud-db
+      - MYSQL_PASSWORD_FILE=/run/secrets/nextcloud_db_password
+      - MYSQL_ROOT_PASSWORD_FILE=/run/secrets/nextcloud_db_root_password
+      # https://github.com/nextcloud/docker/blob/master/README.md#using-the-apache-image-behind-a-reverse-proxy-and-auto-configure-server-host-and-protocol
+      - APACHE_DISABLE_REWRITE_IP=1
+      - TRUSTED_PROXIES=192.168.128.0/24
+      - NEXTCLOUD_TRUSTED_DOMAINS=*
+      #- NEXTCLOUD_ADMIN_USER=admin
+      #- NEXTCLOUD_ADMIN_PASSWORD_FILE=/run/secrets/nextcloud_admin_password
+      - TZ=Europe/Berlin
+    secrets:
+      - nextcloud_db_password
+      - nextcloud_db_root_password
+      - nextcloud_admin_password
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.nextcloud_app.rule=Host(`oxmox.root.sx`) && PathPrefix(`/nextcloud`)"
+      - "traefik.http.routers.nextcloud_app.entrypoints=websecure"
+      - "traefik.http.routers.nextcloud_app.tls.certresolver=myresolver"
+      - "traefik.http.routers.nextcloud_app.middlewares=nextcloud_app_strip"
+      - "traefik.http.middlewares.nextcloud_app_strip.stripprefix.prefixes=/nextcloud"
+      #- "traefik.http.middlewares.nextcloud_app_auth.basicauth.users=florian:$$apr1$$x/GrMMGU$$Dn7yVliaRFEwlW17SNh6s."
+
+      - "traefik.http.routers.nextcloud_dav.rule=Host(`oxmox.root.sx`) && PathPrefix(`/.well-known/`)"
+      - "traefik.http.routers.nextcloud_dav.entrypoints=websecure"
+      - "traefik.http.routers.nextcloud_dav.tls.certresolver=myresolver"
+      - "traefik.http.routers.nextcloud_dav.middlewares=nextcloud_app_dav"
+      - "traefik.http.middlewares.nextcloud_app_dav.replacepathregex.regex=^/.well-known/ca(l|rd)dav"
+      - "traefik.http.middlewares.nextcloud_app_dav.replacepathregex.replacement=/remote.php/dav/"
+
+  whoami:
+    image: "traefik/whoami"
+    container_name: "simple-service"
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.whoami.rule=Host(`oxmox.root.sx`) && Path(`/whoami`)"
+      - "traefik.http.routers.whoami.entrypoints=websecure"
+      - "traefik.http.routers.whoami.tls.certresolver=myresolver"
+
+secrets:
+  nextcloud_db_password:
+    file: ./secrets/nextcloud_db_password
+  nextcloud_db_root_password:
+    file: ./secrets/nextcloud_db_root_password
+  nextcloud_admin_password:
+    file: ./secrets/nextcloud_admin_password
+  
 
   #dashboard:
   #  image: "traefik/whoami"