diff --git a/files/proxy/Dockerfile b/files/proxy/Dockerfile new file mode 100644 index 0000000..ad6d753 --- /dev/null +++ b/files/proxy/Dockerfile @@ -0,0 +1,3 @@ +FROM nginxproxy/nginx-proxy:1.9-alpine + +COPY uploadsize.conf /etc/nginx/conf.d/uploadsize.conf diff --git a/files/proxy/uploadsize.conf b/files/proxy/uploadsize.conf new file mode 100644 index 0000000..7e3906e --- /dev/null +++ b/files/proxy/uploadsize.conf @@ -0,0 +1,2 @@ +client_max_body_size 10G; +proxy_request_buffering off; diff --git a/templates/docker-compose.yml.j2 b/templates/docker-compose.yml.j2 new file mode 100644 index 0000000..d523f7e --- /dev/null +++ b/templates/docker-compose.yml.j2 @@ -0,0 +1,112 @@ +services: + # Note: PostgreSQL is an external service. You can find more information about the configuration here: + # https://hub.docker.com/_/postgres + db: + # Note: Check the recommend version here: https://docs.nextcloud.com/server/latest/admin_manual/installation/system_requirements.html#server + image: postgres:alpine + restart: always + volumes: + - db:/var/lib/postgresql/data:Z + env_file: + - .db.env + + # Note: Redis is an external service. You can find more information about the configuration here: + # https://hub.docker.com/_/redis + redis: + image: redis:alpine + restart: always + + app: + image: nextcloud:fpm-alpine + restart: always + volumes: + - nextcloud:/var/www/html:z + # NOTE: The `volumes` config of the `cron` and `app` containers must match + environment: + - POSTGRES_HOST=db + - REDIS_HOST=redis + env_file: + - .db.env + depends_on: + - db + - redis + - proxy + + # Note: Nginx is an external service. You can find more information about the configuration here: + # https://hub.docker.com/_/nginx/ + web: + image: nginx:alpine-slim + restart: always + volumes: + # https://docs.nextcloud.com/server/latest/admin_manual/installation/nginx.html + - ./web/nginx.conf:/etc/nginx/nginx.conf:ro + # NOTE: The `volumes` included below should match those of the `app` container (unless you know what you're doing) + - nextcloud:/var/www/html:z,ro + environment: + - VIRTUAL_HOST="{{ inventory_hostname | default('ansible_undefined_fact') }}" + - LETSENCRYPT_HOST="{{ inventory_hostname | default('ansible_undefined_fact') }}" + - LETSENCRYPT_EMAIL="admin@libre.audio" + depends_on: + - app + networks: + - proxy-tier + - default + + cron: + image: nextcloud:fpm-alpine + restart: always + volumes: + - nextcloud:/var/www/html:z + # NOTE: The `volumes` config of the `cron` and `app` containers must match + entrypoint: /cron.sh + depends_on: + - db + - redis + + # Note: Nginx-proxy is an external service. You can find more information about the configuration here: + # Warning: Do not use :latest tags of nginx-proxy unless absolutely sure about the consequences. + # https://hub.docker.com/r/nginxproxy/nginx-proxy + proxy: + build: ./proxy + restart: always + ports: + - 8080:80 + - 4443:443 + labels: + - "com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy" + volumes: + - certs:/etc/nginx/certs:z,ro + - vhost.d:/etc/nginx/vhost.d:z + - html:/usr/share/nginx/html:z + - /run/user/{{ getent_passwd[item.name][2] }}/podman/podman.sock:/tmp/docker.sock:ro + networks: + - proxy-tier + + # Note: Letsencrypt companion is an external service. You can find more information about the configuration here: + # https://hub.docker.com/r/nginxproxy/acme-companion + letsencrypt-companion: + image: nginxproxy/acme-companion + restart: always + volumes: + - certs:/etc/nginx/certs:z + - acme:/etc/acme.sh:z + - vhost.d:/etc/nginx/vhost.d:z + - html:/usr/share/nginx/html:z + - /run/user/{{ getent_passwd[item.name][2] }}/podman/podman.sock:/tmp/docker.sock:ro + environment: + - DEFAULT_EMAIL="admin@libre.audio" + networks: + - proxy-tier + depends_on: + - proxy + +volumes: + db: + nextcloud: + certs: + acme: + vhost.d: + html: + +networks: + proxy-tier: