multi and single docker-compose deployment

Signed-off-by: Ismail Yenigul <ismailyenigul@gmail.com>
2025-06-17 16:44:46 +02:00 · 2020-05-10 13:47:40 +03:00 · 2020-05-10 13:47:40 +03:00 · 2d7258086e
commit 2d7258086e
parent 3fc0c5f09e
5 changed files with 166 additions and 4 deletions
--- a/.examples/docker-compose/with-traefik2-postgresql-redis-single-network/README.md
+++ b/.examples/docker-compose/with-traefik2-postgresql-redis-single-network/README.md
@ -0,0 +1,16 @@
+## Trafik Single Network Deployment
+
+1. Create a  network
+
+` # docker network  create  nextcloud `
+
+4. Edit `docker-compose.yml`
+    -  Change ACME Email Address
+    - Change traefik.http.routers.nextcloud.rule Host
+    - Remove `traefik.http.middlewares.nextcloud.headers.customFrameOptionsValue` and `contentSecurityPolicy`
+      if you dont need to iframe access from your external website
+    - Change PostgreSQL environments
+    - Edit `TRUSTED_PROXIES` with your nextcloud network address
+5. Deploy nextcloud
+
+ `docker-compose docker-compose.yml up -d`
--- a/.examples/docker-compose/with-traefik2-postgresql-redis-single-network/docker-compose.yml
+++ b/.examples/docker-compose/with-traefik2-postgresql-redis-single-network/docker-compose.yml
@ -0,0 +1,104 @@
+
+# Create  network first
+# docker network create nextcloud
+#NOTES:
+#1. certificatesresolvers.myresolver.acme.email=myemail@gmail.com 
+#2. TRUSTED_PROXIES values based on your 'nexcloud network'
+#3. remove traefik.http.middlewares.nextcloud.headers.contentSecurityPolicy and  
+#traefik.http.middlewares.nextcloud.headers.customFrameOptionsValue if you don't want to allow iframe your domain
+# cat docker-compose.yml
+
+version: '3.1'
+
+volumes:
+  nextcloud-www:
+    driver: local
+  nextcloud-db:
+    driver: local
+  redis:
+    driver: local
+  letsencrypt:
+    driver: local
+
+
+services:
+
+  traefik:
+    image: traefik:v2.2
+    container_name: traefik
+    restart: always
+    command:
+      - "--log.level=DEBUG"
+      - "--api.insecure=true"
+      - "--providers.docker=true"
+      - "--providers.docker.exposedbydefault=true"
+      - "--entrypoints.web.address=:80"
+      - "--entrypoints.websecure.address=:443"
+      - "--entrypoints.web.http.redirections.entryPoint.to=websecure"
+      - "--entrypoints.web.http.redirections.entryPoint.scheme=https"
+      - "--certificatesresolvers.myresolver.acme.httpchallenge=true"
+      - "--certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web"
+      - "--certificatesresolvers.myresolver.acme.email=myemail@gmail.com"
+      - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
+    ports:
+      - 80:80
+      - 443:443
+    networks:
+      - nextcloud
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+      - letsencrypt:/letsencrypt
+  db:
+    restart: always
+    image: postgres:11
+    networks:
+      - nextcloud
+    environment:
+    - POSTGRES_USER=nextcloud
+    - POSTGRES_PASSWORD=password
+    - POSTGRES_DB=nextcloud
+    volumes:
+    - nextcloud-db:/var/lib/postgresql/data
+  redis:
+    image: redis:latest
+    restart: always
+    networks:
+      - nextcloud
+    volumes:
+      - redis:/var/lib/redis
+
+  nextcloud:
+    image: nextcloud:latest
+    restart: always
+    networks:
+      - nextcloud
+    depends_on:
+      - redis
+      - db
+    labels:
+      - traefik.http.routers.nextcloud.middlewares=nextcloud,nextcloud_redirect
+      - traefik.http.routers.nextcloud.tls.certresolver=myresolver
+      - traefik.http.routers.nextcloud.rule=Host(`nextcloud.mydomain.com`)
+      - traefik.http.middlewares.nextcloud.headers.customFrameOptionsValue=ALLOW-FROM https://mydomain.com
+      - traefik.http.middlewares.nextcloud.headers.contentSecurityPolicy=frame-ancestors 'self' mydomain.com *.mydomain.net
+      - traefik.http.middlewares.nextcloud.headers.stsSeconds=155520011
+      - traefik.http.middlewares.nextcloud.headers.stsIncludeSubdomains=true
+      - traefik.http.middlewares.nextcloud.headers.stsPreload=true
+      - traefik.http.middlewares.nextcloud_redirect.redirectregex.regex=/.well-known/(card|cal)dav
+      - traefik.http.middlewares.nextcloud_redirect.redirectregex.replacement=/remote.php/dav/
+    environment:
+      - POSTGRES_DB=nextcloud
+      - POSTGRES_USER=nextcloud
+      - POSTGRES_PASSWORD=password
+      - POSTGRES_HOST=db
+      - NEXTCLOUD_ADMIN_USER=admin
+      - NEXTCLOUD_ADMIN_PASSWORD=adminpass
+      - REDIS_HOST=redis
+      - NEXTCLOUD_TRUSTED_DOMAINS=nextcloud.mydomain.com
+      - TRUSTED_PROXIES=172.18.0.0/16
+    volumes:
+      - nextcloud-www:/var/www/html
+
+networks:
+  nextcloud:
+    external: true