nextcloud-swarm-plugin/docker-compose.yml

services:

  web:
    build: ./docker/web
    restart: unless-stopped
    volumes_from:
      - nextcloud
    depends_on:
      - nextcloud
    labels:
      caddy: ${APP_URL:-localhost}, nextcloud.local
      caddy.reverse_proxy: '{{upstreams 80}}'
    networks:
      - frontend
      - proxy

  nextcloud:
    build:
      context: ./docker/nextcloud
      dockerfile: Dockerfile
      args:
        NC_VERSION: ${NC_VERSION:-28}
      target: ${ENV:-development}
    restart: unless-stopped
    depends_on:
      mariadb:
        condition: service_healthy
      redis:
        condition: service_healthy
    env_file:
      - .env
    environment:
      MYSQL_HOST: mariadb:3306
      REDIS_HOST: redis
    networks:
      - frontend
      - backend
    extra_hosts:
      - host.docker.internal:host-gateway
      - onlyoffice.local:host-gateway
      - hejbit.local:host-gateway
      - api.hejbit.local:host-gateway
    volumes:
      - nc-app:/var/www/html
      - ./:/var/www/html/custom_apps/files_external_ethswarm

  cron:
    image: nextcloud:${NC_VERSION:-28}-fpm-alpine
    restart: always
    volumes:
      - nc-app:/var/www/html:z
    entrypoint: /cron.sh
    depends_on:
      nextcloud:
        condition: service_started
      mariadb:
        condition: service_healthy
      redis:
        condition: service_healthy

  redis:
    image: redis:alpine
    restart: unless-stopped
    environment:
      REDIS_HOST_PASSWORD: ${REDIS_HOST_PASSWORD:-secret}
    command: redis-server --requirepass ${REDIS_HOST_PASSWORD:-secret}
    healthcheck:
      test: [ "CMD", "redis-cli", "ping" ]
      start_period: 3s
      timeout: 5s
      interval: 30s
    networks:
      - backend

  mariadb:
    image: mariadb:latest
    # set transaction isolation: https://docs.nextcloud.com/server/stable/admin_manual/configuration_database/linux_database_configuration.html
    command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW --innodb-file-per-table=1 --skip-innodb-read-only-compressed
    restart: unless-stopped
    environment:
      MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD:-rootpassword}
      MYSQL_DATABASE: ${MYSQL_DATABASE:-nextcloud}
      MYSQL_USER: ${MYSQL_USER:-nextcloud}
      MYSQL_PASSWORD: ${MYSQL_PASSWORD:-secret}
    volumes:
      - nc-db:/var/lib/mysql
    healthcheck:
      test: [ "CMD", "healthcheck.sh", "--su-mysql", "--connect", "--innodb_initialized" ]
      start_period: 3s
      timeout: 5s
      interval: 30s
    networks:
      - backend

  adminer:
    image: adminer:latest
    restart: unless-stopped
    networks:
      - backend
    ports:
      - '8080:8080'
    depends_on:
      - mariadb
    environment:
      ADMINER_DEFAULT_SERVER: mariadb
    profiles:
      - dev

  rsync:
    build:
      context: ./docker/rsync
      dockerfile: Dockerfile
    restart: unless-stopped
    cpu_shares: 512
    mem_limit: 256m
    volumes:
      - nc-app:/app:ro
      - ./dev-environment/nextcloud_source:/source
    environment:
      - RSYNC_CRONTAB=crontab
    depends_on:
      - nextcloud
    networks:
      - backend
    profiles:
      - dev

  onlyoffice:
    image: onlyoffice/documentserver
    environment:
      JWT_ENABLED: true
      JWT_SECRET: secret
      JWT_HEADER: AuthorizationJwt
      JWT_IN_BODY: true
      USE_UNAUTHORIZED_STORAGE: true
    restart: unless-stopped
    volumes:
      - onlyoffice_data:/var/www/onlyoffice/Data
      - onlyoffice_db:/var/lib/postgresql
      - onlyoffice_lib:/var/lib/onlyoffice
      - onlyoffice_logs:/var/log/onlyoffice
    extra_hosts:
      - nextcloud.local:host-gateway
    networks:
      - backend
      - proxy
    labels:
      caddy: onlyoffice.local
      caddy.reverse_proxy: '{{upstreams 80}}'
    profiles:
      - dev

  proxy:
    image: lucaslorentz/caddy-docker-proxy:alpine
    restart: unless-stopped
    ports:
      - "80:80"
      - "443:443"
      - "443:443/udp"
    volumes:
      - caddy_data:/data
      - caddy_config:/config
      - /var/run/docker.sock:/var/run/docker.sock
    environment:
      CADDY_INGRESS_NETWORKS: hejbit-network
    networks:
      - proxy
    healthcheck:
      test: [ "CMD", "curl", "--fail", "http://localhost:2019/reverse_proxy/upstreams" ]
      timeout: 30s
      retries: 3
      start_period: 10s
    profiles:
      - dev

volumes:
  nc-app:
  nc-db:
  caddy_data:
  caddy_config:
  onlyoffice_data:
  onlyoffice_db:
  onlyoffice_lib:
  onlyoffice_logs:

networks:
  frontend:
  backend:
  proxy:
    name: hejbit-network