javielico/nextcloud
0
0
Fork 0
forked from coop-cloud/nextcloud
Code Issues Pull Requests Packages Projects Releases Wiki Activity
nextcloud/compose.yml
Philipp Rothmann e8a8f636d0 add headers to embed nextcloud in frame on external site 
This introduces new env variables to configure nextloud to be embedded via
iframe on an external site.
Setting X_FRAME_OPTIONS_ENABLED=1 will configure nginx and nextcloud to
set X-Frame-Options and CSP headers to allow the domain configured in
X_FRAME_OPTIONS_ALLOW_FROM.
2022-08-31 15:40:18 +02:00

139 lines
3.8 KiB
YAML
Raw Blame History

version: "3.8"
services:
web:
image: nginx:1.23.1
configs:
- source: nginx_conf
target: /etc/nginx/nginx.conf
environment:
- X_FRAME_OPTIONS_ALLOW_FROM
- X_FRAME_OPTIONS_ENABLED
- DOMAIN
- STACK_NAME
volumes:
- nextcloud:/var/www/html/
- nextapps:/var/www/html/custom_apps:cached
- nextdata:/var/www/html/data:cached
- nextconfig:/var/www/html/config:cached
- ${EXTRA_VOLUME}
networks:
- proxy
- internal
deploy:
update_config:
failure_action: rollback
order: start-first
labels:
- "traefik.enable=true"
- "traefik.docker.network=proxy"
- "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=80"
- "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`${EXTRA_DOMAINS})"
- "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
- "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
- "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect"
- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true"
- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
app:
image: nextcloud:24.0.3-fpm
depends_on:
- db
configs:
- source: fpm_tune
target: /usr/local/etc/php-fpm.d/fpm-tune.conf
- source: entrypoint
target: /custom-entrypoint.sh
mode: 555
entrypoint: /custom-entrypoint.sh
secrets:
- db_password
- admin_password
environment:
- X_FRAME_OPTIONS_ALLOW_FROM
- X_FRAME_OPTIONS_ENABLED
- DOMAIN
- STACK_NAME
- NEXTCLOUD_ADMIN_USER=${ADMIN_USER}
- NEXTCLOUD_ADMIN_PASSWORD_FILE=/run/secrets/admin_password
- NEXTCLOUD_TRUSTED_DOMAINS=${DOMAIN}
- TRUSTED_PROXIES=traefik
- REDIS_HOST=cache
- SMTP_HOST
- MAIL_FROM_ADDRESS
- MAIL_DOMAIN
- SMTP_AUTHTYPE=PLAIN
- OVERWRITEPROTOCOL=https
- PHP_MEMORY_LIMIT=1G
volumes:
- nextcloud:/var/www/html/
- nextapps:/var/www/html/custom_apps:cached
- nextdata:/var/www/html/data:cached
- nextconfig:/var/www/html/config:cached
- ${EXTRA_VOLUME}
networks:
- internal
deploy:
update_config:
failure_action: rollback
order: start-first
labels:
- "coop-cloud.${STACK_NAME}.version=2.1.2+24.0.3-fpm"
- "backupbot.backup=true"
- "backupbot.backup.path=/var/www/html/config/,/var/www/html/data/,/var/www/html/custom_apps/"
cron:
image: nextcloud:24.0.3-fpm
volumes:
- nextcloud:/var/www/html/
- nextapps:/var/www/html/custom_apps:cached
- nextdata:/var/www/html/data:cached
- nextconfig:/var/www/html/config:cached
- ${EXTRA_VOLUME}
networks:
- internal
entrypoint: /cron.sh
cache:
image: redis:7.0.4-alpine
networks:
- internal
volumes:
- "redis:/data"
secrets:
db_root_password:
external: true
name: ${STACK_NAME}_db_root_password_${SECRET_DB_ROOT_PASSWORD_VERSION}
db_password:
external: true
name: ${STACK_NAME}_db_password_${SECRET_DB_ROOT_PASSWORD_VERSION}
admin_password:
external: true
name: ${STACK_NAME}_admin_password_${SECRET_ADMIN_PASSWORD_VERSION}
volumes:
nextcloud:
nextapps:
nextdata:
nextconfig:
redis:
configs:
nginx_conf:
name: ${STACK_NAME}_nginx_${NGINX_CONF_VERSION}
file: nginx.conf.tmpl
template_driver: golang
fpm_tune:
name: ${STACK_NAME}_fpm_tune_${FPM_TUNE_VERSION}
file: fpm-tune.ini
entrypoint:
name: ${STACK_NAME}_entrypoint_${ENTRYPOINT_VERSION}
file: entrypoint.sh.tmpl
template_driver: golang
networks:
proxy:
external: true
internal:
Reference in New Issue View Git Blame Copy Permalink