Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Docker-compose file for nextcloud with pgsql,redis and traefik deployment
# docker network create nextcloud
NOTES:
1. certificatesresolvers.myresolver.acme.email=myemail@gmail.com
2. TRUSTED_PROXIES values based on your 'nexcloud network'
3. remove traefik.http.middlewares.nextcloud.headers.contentSecurityPolicy and
traefik.http.middlewares.nextcloud.headers.customFrameOptionsValue if you don't want to allow iframe your domain
3
# cat docker-compose.yml
version: '3.3'
volumes:
nextcloud-www:
driver: local
nextcloud-db:
driver: local
redis:
driver: local
letsencrypt:
driver: local
services:
traefik:
image: traefik:v2.2
container_name: traefik
restart: always
command:
- "--log.level=DEBUG"
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=true"
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
- "--entrypoints.web.http.redirections.entryPoint.to=websecure"
- "--entrypoints.web.http.redirections.entryPoint.scheme=https"
- "--certificatesresolvers.myresolver.acme.httpchallenge=true"
- "--certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web"
- "--certificatesresolvers.myresolver.acme.email=myemail@gmail.com"
- "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
ports:
- 80:80
- 443:443
networks:
- nextcloud
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- letsencrypt:/letsencrypt
db:
restart: always
image: postgres:11
networks:
- nextcloud
environment:
- POSTGRES_USER=nextcloud
- POSTGRES_PASSWORD=password
- POSTGRES_DB=nextcloud
volumes:
- nextcloud-db:/var/lib/postgresql/data
redis:
image: redis:latest
restart: always
networks:
- nextcloud
volumes:
- redis:/var/lib/redis
nextcloud:
image: nextcloud:latest
restart: always
networks:
- nextcloud
depends_on:
- redis
- db
labels:
- traefik.http.routers.nextcloud.middlewares=nextcloud,nextcloud_redirect
- traefik.http.routers.nextcloud.tls.certresolver=myresolver
- traefik.http.routers.nextcloud.rule=Host(`nextcloud.mydomain.com`)
- traefik.http.middlewares.nextcloud.headers.customFrameOptionsValue=ALLOW-FROM https://mydomain.com
- traefik.http.middlewares.nextcloud.headers.contentSecurityPolicy=frame-ancestors 'self' mydomain.com *.mydomain.net
- traefik.http.middlewares.nextcloud.headers.stsSeconds=155520011
- traefik.http.middlewares.nextcloud.headers.stsIncludeSubdomains=true
- traefik.http.middlewares.nextcloud.headers.stsPreload=true
- traefik.http.middlewares.nextcloud_redirect.redirectregex.regex=/.well-known/(card|cal)dav
- traefik.http.middlewares.nextcloud_redirect.redirectregex.replacement=/remote.php/dav/
environment:
- POSTGRES_DB=nextcloud
- POSTGRES_USER=nextcloud
- POSTGRES_PASSWORD=password
- POSTGRES_HOST=db
- NEXTCLOUD_ADMIN_USER=admin
- NEXTCLOUD_ADMIN_PASSWORD=adminpass
- REDIS_HOST=redis
- NEXTCLOUD_TRUSTED_DOMAINS=nextcloud.mydomain.com
- TRUSTED_PROXIES=172.18.0.0/16
volumes:
- nextcloud-www:/var/www/html
networks:
nextcloud:
external: true
@thenewnano
Copy link

thenewnano commented Aug 10, 2020

This works but I had to integrate it into my compose file and added exposedbydefault is false there
labels: - "traefik.enable=true" - "traefik.docker.network=nextcloud" #not sure if this is needed ...

Loading

@borgmanJeremy
Copy link

borgmanJeremy commented Oct 19, 2020

This works for me generally but I get a warning in firefox that not all elements of my page are being served over https. If I inspect the page these are some elements that are not secured. Do you have any idea's how to resolve this?
image

Loading

@BartKoppers
Copy link

BartKoppers commented Nov 14, 2020

This works for me generally but I get a warning in firefox that not all elements of my page are being served over https. If I inspect the page these are some elements that are not secured. Do you have any idea's how to resolve this?

  1. Read the docs: https://hub.docker.com/_/nextcloud
  2. Add to yaml file in section Nextcloud
    environment:
    — OVERWRITEPROTOCOL=https

Loading

@borgmanJeremy
Copy link

borgmanJeremy commented Nov 14, 2020

@BartKoppers that fixed it for me. I did read the docs BTW it just wasn't clear to me that would solve my issue.

Loading

@BartKoppers
Copy link

BartKoppers commented Dec 2, 2020

@BartKoppers that fixed it for me. I did read the docs BTW it just wasn't clear to me that would solve my issue.

Yeah, I agree - docs on NC / NC Docker are somewhat scattered. Glad it helped!

Loading

@zilexa
Copy link

zilexa commented Jan 24, 2021

Why would you choose the non-FPM version of Nextcloud, isn't it slower?

Loading

@BartKoppers
Copy link

BartKoppers commented Jan 26, 2021

Why would you choose the non-FPM version of Nextcloud, isn't it slower?

Don't know how much slower.
I do know that:

  • use of FPM would need another container.
  • as it needs a httpd layer between Traefik and NC
  • and, it's easier without

But, if you write a Gist here, I'm willing to test!

Loading

@zilexa
Copy link

zilexa commented Jan 27, 2021

Ha thanks!
I am pretty clueless to be honest, my question is purely based on what I read online. I do use FileRun (similar to NextCloud but much faster and purely focused on file management, max 10 users). It does use FPM.

Loading

@vgdh
Copy link

vgdh commented Jul 25, 2021

oh man, thank you!

Loading

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment