kennyparsons/Caddyfile

## Caddyfile
nextcloud.mydomain.dev {

	root   /srv/vaultfs/rootfs/container/mounts/nextcloud/html
	log    /var/log/nextcloud_access.log
	errors /var/log/nextcloud_errors.log

	fastcgi / 127.30.1.17:9000 php {
		env PATH /bin
	}

	header / {
		 Strict-Transport-Security	   "max-age=15768000;"
	}

	# checks for images
        rewrite {
	        ext .svg .gif .png .html .ttf .woff .ico .jpg .jpeg
		r ^/index.php/(.+)$
		to /{1} /index.php?{1}
	}

	rewrite {
                r ^/\.well-known/host-meta$
                to /public.php?service=host-meta&{query}
        }
	rewrite {
                r ^/\.well-known/host-meta\.json$
                to /public.php?service=host-meta-json&{query}
        }
	rewrite {
                r ^/\.well-known/webfinger$
                to /public.php?service=webfinger&{query}
        }

	rewrite {
		r ^/index.php/.*$
		to /index.php?{query}
	}

	# client support (e.g. os x calendar / contacts)
	redir /.well-known/carddav /remote.php/carddav 301
	redir /.well-known/caldav /remote.php/caldav 301

	# remove trailing / as it causes errors with php-fpm
	rewrite {
		r ^/remote.php/(webdav|caldav|carddav|dav)(\/?)(\/?)$
		to /remote.php/{1}
	}

	rewrite {
		r ^/remote.php/(webdav|caldav|carddav|dav)/(.+?)(\/?)(\/?)$
		to /remote.php/{1}/{2}
	}

	rewrite {
		r ^/public.php/(dav|webdav|caldav|carddav)(\/?)(\/?)$
		to /public.php/{1}
	}

	rewrite {
		r ^/public.php/(dav|webdav|caldav|carddav)/(.+)(\/?)(\/?)$
		to /public.php/{1}/{2}
	}

	# .htaccess / data / config / ... shouldn't be accessible from outside
	status 403 {
		/.htaccess
		/data
		/config
		/db_structure
		/.xml
		/README
	}

}

## nextcloud.yml
version: '3.2'
services:

  nextclouddb:
    image: mariadb
    command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
    restart: always
    volumes:
      - /srv/vaultfs/rootfs/container/mounts/nextcloud/db:/var/lib/mysql
    env_file:
      - nextcloud.env
    networks:
      caddynet:
        ipv4_address: 172.30.1.16

  app:
    image: nextcloud:fpm
    links:
      - nextclouddb
    volumes:
      - /srv/vaultfs/rootfs/container/mounts/nextcloud/html:/var/www/html
    restart: always
    networks:
      caddynet:
        ipv4_address: 172.30.1.17

networks:
  caddynet:
    external:
      name: caddynet
	nextcloud.mydomain.dev {

	root /srv/vaultfs/rootfs/container/mounts/nextcloud/html
	log /var/log/nextcloud_access.log
	errors /var/log/nextcloud_errors.log

	fastcgi / 127.30.1.17:9000 php {
	env PATH /bin
	}

	header / {
	Strict-Transport-Security "max-age=15768000;"
	}

	# checks for images
	rewrite {
	ext .svg .gif .png .html .ttf .woff .ico .jpg .jpeg
	r ^/index.php/(.+)$
	to /{1} /index.php?{1}
	}

	rewrite {
	r ^/\.well-known/host-meta$
	to /public.php?service=host-meta&{query}
	}
	rewrite {
	r ^/\.well-known/host-meta\.json$
	to /public.php?service=host-meta-json&{query}
	}
	rewrite {
	r ^/\.well-known/webfinger$
	to /public.php?service=webfinger&{query}
	}

	rewrite {
	r ^/index.php/.*$
	to /index.php?{query}
	}

	# client support (e.g. os x calendar / contacts)
	redir /.well-known/carddav /remote.php/carddav 301
	redir /.well-known/caldav /remote.php/caldav 301

	# remove trailing / as it causes errors with php-fpm
	rewrite {
	r ^/remote.php/(webdav\|caldav\|carddav\|dav)(\/?)(\/?)$
	to /remote.php/{1}
	}

	rewrite {
	r ^/remote.php/(webdav\|caldav\|carddav\|dav)/(.+?)(\/?)(\/?)$
	to /remote.php/{1}/{2}
	}

	rewrite {
	r ^/public.php/(dav\|webdav\|caldav\|carddav)(\/?)(\/?)$
	to /public.php/{1}
	}

	rewrite {
	r ^/public.php/(dav\|webdav\|caldav\|carddav)/(.+)(\/?)(\/?)$
	to /public.php/{1}/{2}
	}

	# .htaccess / data / config / ... shouldn't be accessible from outside
	status 403 {
	/.htaccess
	/data
	/config
	/db_structure
	/.xml
	/README
	}

	}
	version: '3.2'
	services:

	nextclouddb:
	image: mariadb
	command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
	restart: always
	volumes:
	- /srv/vaultfs/rootfs/container/mounts/nextcloud/db:/var/lib/mysql
	env_file:
	- nextcloud.env
	networks:
	caddynet:
	ipv4_address: 172.30.1.16

	app:
	image: nextcloud:fpm
	links:
	- nextclouddb
	volumes:
	- /srv/vaultfs/rootfs/container/mounts/nextcloud/html:/var/www/html
	restart: always
	networks:
	caddynet:
	ipv4_address: 172.30.1.17

	networks:
	caddynet:
	external:
	name: caddynet