nassella/app
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Improving ghost & nextcloud compose configs.

Browse Source
This commit is contained in:
Thomas Hintz
2025-12-08 06:58:02 -08:00
parent 179373f04a
commit 73d6d28c69
5 changed files with 105 additions and 58 deletions
Download Patch File Download Diff File Expand all files Collapse all files

57
all-apps/nextcloud/docker-compose.yaml
View File

@@ -5,17 +5,17 @@ secrets:
file: ./nextcloud/nextcloud_admin_password
nextcloud_admin_user:
file: ./nextcloud/nextcloud_admin_user
postgres_db:
nextcloud_postgres_db:
file: ./nextcloud/postgres_db
postgres_password:
nextcloud_postgres_password:
file: ./nextcloud/postgres_password
postgres_user:
nextcloud_postgres_user:
file: ./nextcloud/postgres_user
redis_password:
nextcloud_redis_password:
file: ./nextcloud/redis_password
services:
db:
nextcloud_db:
image: postgres:17.6-trixie
env_file:
- ./nextcloud/nextcloud.env
@@ -23,12 +23,8 @@ services:
restart: always
volumes:
- /nassella/nextcloud/var-lib-postgresql-data:/var/lib/postgresql/data
environment:
- POSTGRES_DB_FILE=/run/secrets/postgres_db
- POSTGRES_USER_FILE=/run/secrets/postgres_user
- POSTGRES_PASSWORD_FILE=/run/secrets/postgres_password
networks:
- internal
- nextcloud_internal
healthcheck:
test: ["CMD-SHELL", "pg_isready -d `cat $$POSTGRES_DB_FILE` -U `cat $$POSTGRES_USER_FILE`"]
start_period: 15s
@@ -36,58 +32,49 @@ services:
retries: 3
timeout: 5s
secrets:
- postgres_db
- postgres_password
- postgres_user
redis:
- nextcloud_postgres_db
- nextcloud_postgres_password
- nextcloud_postgres_user
nextcloud_redis:
image: redis:8.2.1-bookworm
env_file:
- ./nextcloud/nextcloud.env
command: bash -c 'redis-server --requirepass "$$(cat /run/secrets/redis_password)"'
command: bash -c 'redis-server --requirepass "$$(cat /run/secrets/nextcloud_redis_password)"'
secrets:
- redis_password
- nextcloud_redis_password
restart: always
healthcheck:
test: ["CMD-SHELL", "redis-cli --no-auth-warning -a \"$$(cat /run/secrets/redis_password)\" ping | grep PONG"]
test: ["CMD-SHELL", "redis-cli --no-auth-warning -a \"$$(cat /run/secrets/nextcloud_redis_password)\" ping | grep PONG"]
start_period: 10s
interval: 30s
retries: 3
timeout: 3s
networks:
- internal
- nextcloud_internal
nextcloud:
image: nextcloud:31.0.8-apache
environment:
- POSTGRES_HOST=db
- POSTGRES_DB=nextcloud
- POSTGRES_USER=nextcloud
- POSTGRES_PASSWORD=dbpassword
- NEXTCLOUD_ADMIN_PASSWORD=password
- NEXTCLOUD_ADMIN_USER=admin
- REDIS_HOST=redis
- NEXTCLOUD_TRUSTED_DOMAINS=nextcloud.nassella.cc # TODO generate this?
depends_on:
redis:
nextcloud_redis:
condition: service_healthy
db:
nextcloud_db:
condition: service_healthy
env_file:
- ./nextcloud/nextcloud.env
secrets:
- postgres_db
- postgres_password
- postgres_user
- nextcloud_postgres_db
- nextcloud_postgres_password
- nextcloud_postgres_user
- nextcloud_admin_user
- nextcloud_admin_password
- redis_password
- nextcloud_redis_password
networks:
- lb
- internal
- nextcloud_internal
volumes:
- /nassella/nextcloud/var-www-html:/var/www/html
restart: unless-stopped
networks:
lb:
internal:
nextcloud_internal:
driver: bridge
internal: true

12
all-apps/nextcloud/nextcloud.env.tmpl
View File

@@ -7,13 +7,13 @@ OVERWRITEPROTOCOL=https
TRUSTED_PROXIES=172.16.0.0/24 # trust the local lb
PHP_MEMORY_LIMIT=1G
PHP_UPLOAD_LIMIT=10G
POSTGRES_HOST=db
POSTGRES_DB_FILE=/run/secrets/postgres_db
POSTGRES_USER_FILE=/run/secrets/postgres_user
POSTGRES_PASSWORD_FILE=/run/secrets/postgres_password
POSTGRES_HOST=nextcloud_db
POSTGRES_DB_FILE=/run/secrets/nextcloud_postgres_db
POSTGRES_USER_FILE=/run/secrets/nextcloud_postgres_user
POSTGRES_PASSWORD_FILE=/run/secrets/nextcloud_postgres_password
# admin user
NEXTCLOUD_ADMIN_PASSWORD_FILE=/run/secrets/nextcloud_admin_password
NEXTCLOUD_ADMIN_USER_FILE=/run/secrets/nextcloud_admin_user
# redis
REDIS_HOST=redis
REDIS_HOST_PASSWORD_FILE=/run/secrets/redis_password
REDIS_HOST=nextcloud_redis
REDIS_HOST_PASSWORD_FILE=/run/secrets/nextcloud_redis_password