multi and single docker-compose deployment

Signed-off-by: Ismail Yenigul <ismailyenigul@gmail.com>
2024-09-30 00:12:36 +02:00 · 2020-05-10 13:47:40 +03:00 · 2020-05-10 13:47:40 +03:00 · 2d7258086e
commit 2d7258086e
parent 3fc0c5f09e
5 changed files with 166 additions and 4 deletions
--- a/.examples/docker-compose/with-traefik2-postgresql-redis-multi-network/README.md
+++ b/.examples/docker-compose/with-traefik2-postgresql-redis-multi-network/README.md
@ -0,0 +1,21 @@
+## Trafik Multi Network Deployment
+
+1. Create Traefik network
+
+` # docker network  create --driver=bridge --attachable --internal=false traefik `
+
+2. Edit `traefik2/docker-compose.yml` for ACME email
+
+3. Deploy traefik
+
+ `docker-compose -f traefik2/docker-compose.yml up -d`
+
+4. Edit `nextcloud/docker-compose.yml`
+    - Change traefik.http.routers.nextcloud.rule Host
+    - Remove `traefik.http.middlewares.nextcloud.headers.customFrameOptionsValue` and `contentSecurityPolicy`
+      if you dont need to iframe access from your external website
+    - Change PostgreSQL environments
+    - Edit `TRUSTED_PROXIES` with your traefik network address
+5. Deploy nextcloud
+
+ `docker-compose -f nextcloud/docker-compose.yml up -d`
--- a/.examples/docker-compose/with-traefik2-postgresql-redis-multi-network/nextcloud/docker-compose.yml
+++ b/.examples/docker-compose/with-traefik2-postgresql-redis-multi-network/nextcloud/docker-compose.yml
@ -0,0 +1,82 @@
+
+# Create netxcloud network first
+# docker network create nextcloud
+#NOTES:
+#1. certificatesresolvers.myresolver.acme.email=myemail@gmail.com 
+#2. TRUSTED_PROXIES values based on your 'traefik docker network run docker network inspect traefik' to see the network
+#3. remove traefik.http.middlewares.nextcloud.headers.contentSecurityPolicy and  
+#traefik.http.middlewares.nextcloud.headers.customFrameOptionsValue if you don't want to allow iframe your domain
+# cat docker-compose.yml
+
+version: '3.3'
+
+volumes:
+  nextcloud-www:
+    driver: local
+  nextcloud-db:
+    driver: local
+  redis:
+    driver: local
+
+
+services:
+
+  db:
+    restart: always
+    image: postgres:11
+    networks:
+      - nextcloud
+    environment:
+    - POSTGRES_USER=nextcloud
+    - POSTGRES_PASSWORD=password
+    - POSTGRES_DB=nextcloud
+    volumes:
+    - nextcloud-db:/var/lib/postgresql/data
+  redis:
+    image: redis:latest
+    restart: always
+    networks:
+      - nextcloud
+    volumes:
+      - redis:/var/lib/redis
+
+  nextcloud:
+    image: nextcloud:latest
+    restart: always
+    networks:
+      - default
+      - nextcloud
+    depends_on:
+      - redis
+      - db
+    labels:
+      - traefik.http.routers.nextcloud.middlewares=nextcloud,nextcloud_redirect
+      - traefik.http.routers.nextcloud.tls.certresolver=myresolver
+      - traefik.http.routers.nextcloud.rule=Host(`nextcloud.mydomain.com`)
+      - traefik.http.middlewares.nextcloud.headers.customFrameOptionsValue=ALLOW-FROM https://mydomain.com
+      - traefik.http.middlewares.nextcloud.headers.contentSecurityPolicy=frame-ancestors 'self' mydomain.com *.mydomain.net
+      - traefik.http.middlewares.nextcloud.headers.stsSeconds=155520011
+      - traefik.http.middlewares.nextcloud.headers.stsIncludeSubdomains=true
+      - traefik.http.middlewares.nextcloud.headers.stsPreload=true
+      - traefik.http.middlewares.nextcloud_redirect.redirectregex.regex=/.well-known/(card|cal)dav
+      - traefik.http.middlewares.nextcloud_redirect.redirectregex.replacement=/remote.php/dav/
+    environment:
+      - POSTGRES_DB=nextcloud
+      - POSTGRES_USER=nextcloud
+      - POSTGRES_PASSWORD=password
+      - POSTGRES_HOST=db
+      - NEXTCLOUD_ADMIN_USER=admin
+      - NEXTCLOUD_ADMIN_PASSWORD=adminpass
+      - REDIS_HOST=redis
+      - NEXTCLOUD_TRUSTED_DOMAINS=nextcloud.mydomain.com
+      - TRUSTED_PROXIES=172.19.0.0/16
+    volumes:
+      - nextcloud-www:/var/www/html
+
+networks:
+  default:
+    external:
+      name: traefik
+
+  nextcloud:
+      internal: true
--- a/.examples/docker-compose/with-traefik2-postgresql-redis-multi-network/traefik2/docker-compose.yml
+++ b/.examples/docker-compose/with-traefik2-postgresql-redis-multi-network/traefik2/docker-compose.yml
@ -0,0 +1,47 @@
+
+# Create  network first
+# docker network  create --driver=bridge --attachable --internal=false traefik
+#NOTES:
+#1. certificatesresolvers.myresolver.acme.email=myemail@gmail.com 
+# cat docker-compose.yml
+
+version: '3.3'
+
+volumes:
+  letsencrypt:
+    driver: local
+
+
+services:
+
+  traefik:
+    image: traefik:v2.2
+    container_name: traefik
+    restart: always
+    command:
+      - "--log.level=DEBUG"
+      - "--api.insecure=true"
+      - "--providers.docker=true"
+      - "--providers.docker.network=traefik"
+      - "--providers.docker.exposedbydefault=true"
+      - "--entrypoints.web.address=:80"
+      - "--entrypoints.websecure.address=:443"
+      - "--entrypoints.web.http.redirections.entryPoint.to=websecure"
+      - "--entrypoints.web.http.redirections.entryPoint.scheme=https"
+      - "--certificatesresolvers.myresolver.acme.httpchallenge=true"
+      - "--certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web"
+      - "--certificatesresolvers.myresolver.acme.email=myemail@gmail.com"
+      - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
+    ports:
+      - 80:80
+      - 443:443
+    networks:
+      - default
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+      - letsencrypt:/letsencrypt
+
+networks:
+  default:
+    external:
+      name: traefik
--- a/.examples/docker-compose/with-traefik2-postgresql-redis-single-network/README.md
+++ b/.examples/docker-compose/with-traefik2-postgresql-redis-single-network/README.md
@ -0,0 +1,16 @@
+## Trafik Single Network Deployment
+
+1. Create a  network
+
+` # docker network  create  nextcloud `
+
+4. Edit `docker-compose.yml`
+    -  Change ACME Email Address
+    - Change traefik.http.routers.nextcloud.rule Host
+    - Remove `traefik.http.middlewares.nextcloud.headers.customFrameOptionsValue` and `contentSecurityPolicy`
+      if you dont need to iframe access from your external website
+    - Change PostgreSQL environments
+    - Edit `TRUSTED_PROXIES` with your nextcloud network address
+5. Deploy nextcloud
+
+ `docker-compose docker-compose.yml up -d`
--- a/.examples/docker-compose/with-traefik2-postgresql-redis-single-network/docker-compose.yml
+++ b/.examples/docker-compose/with-traefik2-postgresql-redis-single-network/docker-compose.yml
@ -76,11 +76,7 @@ services:
      - redis
      - db
    labels:
-      - traefik.protocol=http
-      - traefik.port=80
      - traefik.http.routers.nextcloud.middlewares=nextcloud,nextcloud_redirect
-      - traefik.http.routers.nextcloud.tls=true
-      - traefik.http.routers.nextcloud.entrypoints=websecure
      - traefik.http.routers.nextcloud.tls.certresolver=myresolver
      - traefik.http.routers.nextcloud.rule=Host(`nextcloud.mydomain.com`)
      - traefik.http.middlewares.nextcloud.headers.customFrameOptionsValue=ALLOW-FROM https://mydomain.com