version: '3' secrets: nextcloud_admin_password: file: ./nextcloud/nextcloud_admin_password nextcloud_admin_user: file: ./nextcloud/nextcloud_admin_user postgres_db: file: ./nextcloud/postgres_db postgres_password: file: ./nextcloud/postgres_password postgres_user: file: ./nextcloud/postgres_user redis_password: file: ./nextcloud/redis_password services: db: image: postgres env_file: - ./nextcloud/nextcloud.env shm_size: 128mb restart: always volumes: - /nassella/nextcloud/var-lib-postgresql-data:/var/lib/postgresql/data environment: - POSTGRES_DB_FILE=/run/secrets/postgres_db - POSTGRES_USER_FILE=/run/secrets/postgres_user - POSTGRES_PASSWORD_FILE=/run/secrets/postgres_password networks: - internal healthcheck: test: ["CMD-SHELL", "pg_isready -d `cat $$POSTGRES_DB_FILE` -U `cat $$POSTGRES_USER_FILE`"] start_period: 15s interval: 30s retries: 3 timeout: 5s secrets: - postgres_db - postgres_password - postgres_user redis: image: redis env_file: - ./nextcloud/nextcloud.env command: bash -c 'redis-server --requirepass "$$(cat /run/secrets/redis_password)"' secrets: - redis_password restart: always healthcheck: test: ["CMD-SHELL", "redis-cli --no-auth-warning -a \"$$(cat /run/secrets/redis_password)\" ping | grep PONG"] start_period: 10s interval: 30s retries: 3 timeout: 3s networks: - internal nextcloud: image: nextcloud environment: - POSTGRES_HOST=db - POSTGRES_DB=nextcloud - POSTGRES_USER=nextcloud - POSTGRES_PASSWORD=dbpassword - NEXTCLOUD_ADMIN_PASSWORD=password - NEXTCLOUD_ADMIN_USER=admin - REDIS_HOST=redis - NEXTCLOUD_TRUSTED_DOMAINS=nextcloud.nassella.cc # TODO generate this? ports: - "8080:80" depends_on: redis: condition: service_healthy db: condition: service_healthy env_file: - ./nextcloud/nextcloud.env secrets: - postgres_db - postgres_password - postgres_user - nextcloud_admin_user - nextcloud_admin_password - redis_password networks: - lb - internal volumes: - /nassella/nextcloud/var-www-html:/var/www/html restart: unless-stopped networks: lb: internal: driver: bridge internal: true