version: "3.8" services: web: image: nginx:1.20.0 configs: - source: nginx_conf target: /etc/nginx/nginx.conf environment: - DOMAIN - STACK_NAME volumes: - nextcloud:/var/www/html/ - nextapps:/var/www/html/custom_apps:cached - nextdata:/var/www/html/data:cached - nextconfig:/var/www/html/config:cached - ${EXTRA_VOLUME} networks: - proxy - internal deploy: update_config: failure_action: rollback order: start-first labels: - "traefik.enable=true" - "traefik.docker.network=proxy" - "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=80" - "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`${EXTRA_DOMAINS})" - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}" - "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure" - "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect" - "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true" - "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}" - "coop-cloud.${STACK_NAME}.web.version=1.20.0-ea4560b8" app: image: nextcloud:22.1.0-fpm depends_on: - db configs: - source: fpm_tune target: /usr/local/etc/php/conf.d/fpm-tune.ini secrets: - db_password - admin_password environment: - DOMAIN - STACK_NAME - MYSQL_HOST=db - MYSQL_DATABASE=nextcloud - MYSQL_USER=nextcloud - MYSQL_PASSWORD_FILE=/run/secrets/db_password - NEXTCLOUD_ADMIN_USER=${ADMIN_USER} - NEXTCLOUD_ADMIN_PASSWORD_FILE=/run/secrets/admin_password - NEXTCLOUD_TRUSTED_DOMAINS=${DOMAIN} - TRUSTED_PROXIES=traefik - REDIS_HOST=cache - SMTP_HOST - MAIL_FROM_ADDRESS - MAIL_DOMAIN - SMTP_AUTHTYPE=PLAIN - OVERWRITEPROTOCOL=https - PHP_MEMORY_LIMIT=1G volumes: - nextcloud:/var/www/html/ - nextapps:/var/www/html/custom_apps:cached - nextdata:/var/www/html/data:cached - nextconfig:/var/www/html/config:cached - ${EXTRA_VOLUME} networks: - internal deploy: update_config: failure_action: rollback order: start-first labels: - "coop-cloud.${STACK_NAME}.app.version=22.1.0-fpm-d1c56487" db: image: "mariadb:10.5" environment: - MYSQL_DATABASE=nextcloud - MYSQL_USER=nextcloud - MYSQL_PASSWORD_FILE=/run/secrets/db_password - MYSQL_ROOT_PASSWORD_FILE=/run/secrets/db_root_password configs: - source: my_tune target: /etc/mysql/conf.d/my-tune.cnf secrets: - db_root_password - db_password volumes: - "mariadb:/var/lib/mysql" networks: - internal deploy: labels: - "coop-cloud.${STACK_NAME}.db.version=10.5-62601155" cron: image: nextcloud:22.1.0-fpm volumes: - nextcloud:/var/www/html/ - nextapps:/var/www/html/custom_apps:cached - nextdata:/var/www/html/data:cached - nextconfig:/var/www/html/config:cached - ${EXTRA_VOLUME} networks: - internal entrypoint: /cron.sh deploy: labels: - "coop-cloud.${STACK_NAME}.cron.version=22.1.0-fpm-d1c56487" cache: image: redis:6.2.5-alpine networks: - internal volumes: - "redis:/data" deploy: labels: - "coop-cloud.${STACK_NAME}.cache.version=6.2.5-alpine-b658aeb0" secrets: db_root_password: external: true name: ${STACK_NAME}_db_root_password_${SECRET_DB_ROOT_PASSWORD_VERSION} db_password: external: true name: ${STACK_NAME}_db_password_${SECRET_DB_ROOT_PASSWORD_VERSION} admin_password: external: true name: ${STACK_NAME}_admin_password_${SECRET_ADMIN_PASSWORD_VERSION} volumes: nextcloud: nextapps: nextdata: nextconfig: mariadb: redis: configs: nginx_conf: name: ${STACK_NAME}_nginx_${NGINX_CONF_VERSION} file: nginx.conf.tmpl template_driver: golang fpm_tune: name: ${STACK_NAME}_fpm_tune_${FPM_TUNE_VERSION} file: fpm-tune.ini my_tune: name: ${STACK_NAME}_my_cnf_${MY_CNF_VERSION} file: my-tune.cnf networks: proxy: external: true internal: