William/Personal-Rancher-Catalog
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'develop/nextcloud'

Browse Source 
# Conflicts:
#	templates/Nextcloud/0/docker-compose.yml
This commit is contained in:
WilliamMiceli
2019-01-11 21:55:14 -05:00
parent ead5e508bc 8379cd75c3
commit a7c3ecdb9c
3 changed files with 66 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
templates/Nextcloud/0/README.md
View File

@@ -1 +1,14 @@
# Nextcloud # Nextcloud
## Pre-Requisites
* Traefik deployed
## Useful Tools
* [Official Security Check](https://scan.nextcloud.com/)
## To-Do's
* Explain how to manually setup Redis
* Fix Cron container, does not yet properly execute yet

76
templates/Nextcloud/0/docker-compose.yml
View File

@@ -1,60 +1,78 @@
version: '2' version: '2'
services: services:
# cron:
# image: nextcloud:stable-apache
# dns: # Using Cloudflare DNS
# - 1.1.1.1
# - 1.0.0.1
# entrypoint: | # www-data uid: 82
# sh -c 'sh -s <<EOF
# trap "break;exit" SIGHUP SIGINT SIGTERM
# while /bin/true; do
# su -s "/bin/sh" -c "/usr/local/bin/php /var/www/html/cron.php" www-data
# echo $$(date) - Running cron finished
# sleep 900
# done
# EOF'
# restart: on-failure
# user: "www-data"
# volumes_from:
# - nginx
nextcloud: nextcloud:
image: nextcloud:stable-apache image: nextcloud:stable-apache
dns: dns: # Using Cloudflare DNS
- 1.1.1.1 - 1.1.1.1
- 1.0.0.1 - 1.0.0.1
environment: environment:
MYSQL_HOST: mysql MYSQL_HOST: mysql
MYSQL_DATABASE: nextcloud MYSQL_DATABASE: nextcloud_db
MYSQL_USER: nextcloud_user MYSQL_USER: nextcloud_user
MYSQL_PASSWORD: ${DB_USER_PASS} MYSQL_PASSWORD: ${DB_USER_PASS}
NEXTCLOUD_ADMIN_USER: ${NC_ADMIN} NEXTCLOUD_ADMIN_USER: ${NC_ADMIN}
NEXTCLOUD_ADMIN_PASSWORD: ${NC_ADMIN_PASS} NEXTCLOUD_ADMIN_PASSWORD: ${NC_ADMIN_PASS}
NEXTCLOUD_TRUSTED_DOMAINS: ${TRAEFIK_HOST}
labels: labels:
io.rancher.container.pull_image: always io.rancher.container.pull_image: always
{{- if .Values.HOST_LABEL}} {{- if .Values.HOST_LABEL}}
io.rancher.scheduler.affinity:host_label: ${HOST_LABEL} io.rancher.scheduler.affinity:host_label: ${HOST_LABEL}
{{- end}} {{- end}}
{{- if .Values.TRAEFIK_HOST}} # io.rancher.sidekicks: cron
traefik.enable: true traefik.enable: true
### Start Web Segment ### Start Nextcloud Segment
traefik.frontend.entryPoints: http,https traefik.nextcloud.frontend.entryPoints: http,https
traefik.frontend.headers.forceSTSHeader: true traefik.nextcloud.frontend.headers.forceSTSHeader: true
traefik.frontend.headers.referrerPolicy: no-referrer traefik.nextcloud.frontend.headers.referrerPolicy: no-referrer # Security enhancement (Prevents leaking of referer information)
traefik.frontend.headers.SSLRedirect: true traefik.nextcloud.frontend.headers.SSLRedirect: true
traefik.frontend.headers.STSPreload: true traefik.nextcloud.frontend.headers.STSPreload: true
traefik.frontend.headers.STSSeconds: 15552000 traefik.nextcloud.frontend.headers.STSSeconds: 15552000
traefik.frontend.rule: Host:${TRAEFIK_HOST} traefik.nextcloud.frontend.rule: Host:${TRAEFIK_HOST}
traefik.port: "80" traefik.nextcloud.port: "80"
### End Web Segment ### End Nextcloud Segment
{{- else}}
traefik.enable: false
{{- end}}
links: links:
- mysql - mysql
{{- if eq .Values.REDIS "true"}} {{- if eq .Values.REDIS "true"}}
- redis - redis
{{- end}} {{- end}}
networks: {{- if .Values.WEB_PORT}}
- public-proxy
ports: ports:
- "${WEB_PORT}:80" - "${WEB_PORT}:80"
{{- end}}
restart: on-failure restart: on-failure
volumes: volumes:
- /etc/localtime:/etc/localtime:ro # Syncronize time of container with the host system - /etc/localtime:/etc/localtime:ro # Syncronize time of container with the host system
- /etc/timezone:/etc/timezone:ro # Syncronize timezone of container with the host system - /etc/timezone:/etc/timezone:ro # Syncronize timezone of container with the host system
- /RancherCattle/${DATA_DIR}/Application:/var/www/html - /RancherCattle/${DATA_DIR}/Apps:/var/www/html/custom_apps # Nextcloud apps
- /RancherCattle/${DATA_DIR}/UserData:/var/www/html/data - /RancherCattle/${DATA_DIR}/Configuration:/var/www/html/config # Nextcloud configuration files
- /RancherCattle/${DATA_DIR}/Nextcloud:/var/www/html # Nextcloud site
- /RancherCattle/${DATA_DIR}/UserData:/var/www/html/data # Users' data file
mysql: mysql:
image: mysql:5 image: mysql:5
dns: dns: # Using Cloudflare DNS
- 1.1.1.1 - 1.1.1.1
- 1.0.0.1 - 1.0.0.1
environment: environment:
MYSQL_DATABASE: nextcloud MYSQL_DATABASE: nextcloud_db
MYSQL_ROOT_PASSWORD: ${DB_ROOT_PASS} MYSQL_ROOT_PASSWORD: ${DB_ROOT_PASS}
MYSQL_USER: nextcloud_user MYSQL_USER: nextcloud_user
MYSQL_PASSWORD: ${DB_USER_PASS} MYSQL_PASSWORD: ${DB_USER_PASS}
@@ -63,6 +81,7 @@ services:
{{- if .Values.HOST_LABEL}} {{- if .Values.HOST_LABEL}}
io.rancher.scheduler.affinity:host_label: ${HOST_LABEL} io.rancher.scheduler.affinity:host_label: ${HOST_LABEL}
{{- end}} {{- end}}
traefik.enable: false
restart: on-failure restart: on-failure
volumes: volumes:
- /etc/localtime:/etc/localtime:ro # Syncronize time of container with the host system - /etc/localtime:/etc/localtime:ro # Syncronize time of container with the host system
@@ -70,17 +89,18 @@ services:
- /RancherCattle/${DATA_DIR}/Database:/var/lib/mysql - /RancherCattle/${DATA_DIR}/Database:/var/lib/mysql
{{- if eq .Values.REDIS "true"}} {{- if eq .Values.REDIS "true"}}
redis: redis:
image: redis:latest image: redis:alpine
dns: dns: # Using Cloudflare DNS
- 1.1.1.1 - 1.1.1.1
- 1.0.0.1 - 1.0.0.1
labels: labels:
io.rancher.container.pull_image: always
{{- if .Values.HOST_LABEL}} {{- if .Values.HOST_LABEL}}
io.rancher.scheduler.affinity:host_label: ${HOST_LABEL} io.rancher.scheduler.affinity:host_label: ${HOST_LABEL}
{{- end}} {{- end}}
traefik.enable: false
restart: on-failure restart: on-failure
volumes:
- /etc/localtime:/etc/localtime:ro # Syncronize time of container with the host system
- /etc/timezone:/etc/timezone:ro # Syncronize timezone of container with the host system
{{- end}} {{- end}}
networks:
public-proxy:
external: true

20
templates/Nextcloud/0/rancher-compose.yml
View File

@@ -20,7 +20,6 @@ catalog:
label: "Public Host Domain" label: "Public Host Domain"
description: | description: |
The host that Traefik will use to provide public access. The host that Traefik will use to provide public access.
Leaving this empty will disable Traefik on this stack.
default: "subdomain.domain.tld" default: "subdomain.domain.tld"
required: false required: false
type: string type: string
@@ -29,8 +28,9 @@ catalog:
label: "Web Port" label: "Web Port"
description: | description: |
The port to locally access the web interface on. The port to locally access the web interface on.
Leaving this empty will disable opening any port on the host system.
default: "10100" default: "10100"
required: true required: false
type: string type: string
- variable: "DB_ROOT_PASS" - variable: "DB_ROOT_PASS"
@@ -68,7 +68,7 @@ catalog:
- variable: "REDIS" - variable: "REDIS"
label: "Enable Redis" label: "Enable Redis"
description: | description: |
Add a Redis container for memory caching. Must be setup manually. Add a Redis container for memory caching. Additional setup required, see README.
default: true default: true
required: true required: true
type: boolean type: boolean
@@ -80,17 +80,3 @@ catalog:
default: "Personal/Nextcloud" default: "Personal/Nextcloud"
required: true required: true
type: string type: string
services:
nextcloud:
scale: 1
# health_check:
# port: ${HOST_HTTP_PORT}
# request_line: GET /healthcheck HTTP/1.0
# interval: 5000
# response_timeout: 2000
# healthy_threshold: 2
# unhealthy_threshold: 3
# strategy: none
mysql:
scale: 1