mirror of
https://github.com/nextcloud/all-in-one.git
synced 2024-11-14 11:04:28 +08:00
db84d7d486
Signed-off-by: GitHub <noreply@github.com>
366 lines
10 KiB
YAML
366 lines
10 KiB
YAML
services:
|
|
nextcloud-aio-apache:
|
|
depends_on:
|
|
nextcloud-aio-onlyoffice:
|
|
condition: service_started
|
|
required: false
|
|
nextcloud-aio-collabora:
|
|
condition: service_started
|
|
required: false
|
|
nextcloud-aio-talk:
|
|
condition: service_started
|
|
required: false
|
|
nextcloud-aio-nextcloud:
|
|
condition: service_started
|
|
required: false
|
|
nextcloud-aio-notify-push:
|
|
condition: service_started
|
|
required: false
|
|
image: nextcloud/aio-apache:latest
|
|
init: true
|
|
ports:
|
|
- ${APACHE_IP_BINDING}:${APACHE_PORT}:${APACHE_PORT}/tcp
|
|
- ${APACHE_IP_BINDING}:${APACHE_PORT}:${APACHE_PORT}/udp
|
|
environment:
|
|
- NC_DOMAIN=${NC_DOMAIN}
|
|
- NEXTCLOUD_HOST=nextcloud-aio-nextcloud
|
|
- COLLABORA_HOST=nextcloud-aio-collabora
|
|
- TALK_HOST=nextcloud-aio-talk
|
|
- APACHE_PORT=${APACHE_PORT}
|
|
- ONLYOFFICE_HOST=nextcloud-aio-onlyoffice
|
|
- TZ=${TIMEZONE}
|
|
- APACHE_MAX_SIZE=${APACHE_MAX_SIZE}
|
|
- APACHE_MAX_TIME=${NEXTCLOUD_MAX_TIME}
|
|
- NOTIFY_PUSH_HOST=nextcloud-aio-notify-push
|
|
volumes:
|
|
- nextcloud_aio_nextcloud:/var/www/html:ro
|
|
- nextcloud_aio_apache:/mnt/data:rw
|
|
restart: unless-stopped
|
|
networks:
|
|
- nextcloud-aio
|
|
read_only: true
|
|
tmpfs:
|
|
- /var/log/supervisord
|
|
- /var/run/supervisord
|
|
- /usr/local/apache2/logs
|
|
- /tmp
|
|
- /home/www-data
|
|
|
|
nextcloud-aio-database:
|
|
image: nextcloud/aio-postgresql:latest
|
|
init: true
|
|
expose:
|
|
- "5432"
|
|
volumes:
|
|
- nextcloud_aio_database:/var/lib/postgresql/data:rw
|
|
- nextcloud_aio_database_dump:/mnt/data:rw
|
|
environment:
|
|
- POSTGRES_PASSWORD=${DATABASE_PASSWORD}
|
|
- POSTGRES_DB=nextcloud_database
|
|
- POSTGRES_USER=nextcloud
|
|
- TZ=${TIMEZONE}
|
|
- PGTZ=${TIMEZONE}
|
|
stop_grace_period: 1800s
|
|
restart: unless-stopped
|
|
shm_size: 268435456
|
|
networks:
|
|
- nextcloud-aio
|
|
read_only: true
|
|
tmpfs:
|
|
- /var/run/postgresql
|
|
|
|
nextcloud-aio-nextcloud:
|
|
depends_on:
|
|
nextcloud-aio-database:
|
|
condition: service_started
|
|
required: false
|
|
nextcloud-aio-redis:
|
|
condition: service_started
|
|
required: false
|
|
nextcloud-aio-clamav:
|
|
condition: service_started
|
|
required: false
|
|
nextcloud-aio-fulltextsearch:
|
|
condition: service_started
|
|
required: false
|
|
nextcloud-aio-talk-recording:
|
|
condition: service_started
|
|
required: false
|
|
nextcloud-aio-imaginary:
|
|
condition: service_started
|
|
required: false
|
|
image: nextcloud/aio-nextcloud:latest
|
|
init: true
|
|
expose:
|
|
- "9000"
|
|
- "9001"
|
|
volumes:
|
|
- nextcloud_aio_nextcloud:/var/www/html:rw
|
|
- ${NEXTCLOUD_DATADIR}:/mnt/ncdata:rw
|
|
- ${NEXTCLOUD_MOUNT}:${NEXTCLOUD_MOUNT}:rw
|
|
- ${NEXTCLOUD_TRUSTED_CACERTS_DIR}:/usr/local/share/ca-certificates:ro
|
|
environment:
|
|
- POSTGRES_HOST=nextcloud-aio-database
|
|
- POSTGRES_PASSWORD=${DATABASE_PASSWORD}
|
|
- POSTGRES_DB=nextcloud_database
|
|
- POSTGRES_USER=nextcloud
|
|
- REDIS_HOST=nextcloud-aio-redis
|
|
- REDIS_HOST_PASSWORD=${REDIS_PASSWORD}
|
|
- NC_DOMAIN=${NC_DOMAIN}
|
|
- ADMIN_USER=admin
|
|
- ADMIN_PASSWORD=${NEXTCLOUD_PASSWORD}
|
|
- NEXTCLOUD_DATA_DIR=/mnt/ncdata
|
|
- OVERWRITEHOST=${NC_DOMAIN}
|
|
- OVERWRITEPROTOCOL=https
|
|
- TURN_SECRET=${TURN_SECRET}
|
|
- SIGNALING_SECRET=${SIGNALING_SECRET}
|
|
- ONLYOFFICE_SECRET=${ONLYOFFICE_SECRET}
|
|
- NEXTCLOUD_MOUNT=${NEXTCLOUD_MOUNT}
|
|
- CLAMAV_ENABLED=${CLAMAV_ENABLED}
|
|
- CLAMAV_HOST=nextcloud-aio-clamav
|
|
- ONLYOFFICE_ENABLED=${ONLYOFFICE_ENABLED}
|
|
- COLLABORA_ENABLED=${COLLABORA_ENABLED}
|
|
- COLLABORA_HOST=nextcloud-aio-collabora
|
|
- TALK_ENABLED=${TALK_ENABLED}
|
|
- ONLYOFFICE_HOST=nextcloud-aio-onlyoffice
|
|
- UPDATE_NEXTCLOUD_APPS=${UPDATE_NEXTCLOUD_APPS}
|
|
- TZ=${TIMEZONE}
|
|
- TALK_PORT=${TALK_PORT}
|
|
- IMAGINARY_ENABLED=${IMAGINARY_ENABLED}
|
|
- IMAGINARY_HOST=nextcloud-aio-imaginary
|
|
- PHP_UPLOAD_LIMIT=${NEXTCLOUD_UPLOAD_LIMIT}
|
|
- PHP_MEMORY_LIMIT=${NEXTCLOUD_MEMORY_LIMIT}
|
|
- FULLTEXTSEARCH_ENABLED=${FULLTEXTSEARCH_ENABLED}
|
|
- FULLTEXTSEARCH_HOST=nextcloud-aio-fulltextsearch
|
|
- PHP_MAX_TIME=${NEXTCLOUD_MAX_TIME}
|
|
- TRUSTED_CACERTS_DIR=${NEXTCLOUD_TRUSTED_CACERTS_DIR}
|
|
- STARTUP_APPS=${NEXTCLOUD_STARTUP_APPS}
|
|
- ADDITIONAL_APKS=${NEXTCLOUD_ADDITIONAL_APKS}
|
|
- ADDITIONAL_PHP_EXTENSIONS=${NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS}
|
|
- INSTALL_LATEST_MAJOR=${INSTALL_LATEST_MAJOR}
|
|
- TALK_RECORDING_ENABLED=${TALK_RECORDING_ENABLED}
|
|
- RECORDING_SECRET=${RECORDING_SECRET}
|
|
- TALK_RECORDING_HOST=nextcloud-aio-talk-recording
|
|
- FULLTEXTSEARCH_PASSWORD=${FULLTEXTSEARCH_PASSWORD}
|
|
- REMOVE_DISABLED_APPS=${REMOVE_DISABLED_APPS}
|
|
- APACHE_PORT=${APACHE_PORT}
|
|
- APACHE_IP_BINDING=${APACHE_IP_BINDING}
|
|
restart: unless-stopped
|
|
networks:
|
|
- nextcloud-aio
|
|
|
|
nextcloud-aio-notify-push:
|
|
image: nextcloud/aio-notify-push:latest
|
|
init: true
|
|
expose:
|
|
- "7867"
|
|
volumes:
|
|
- nextcloud_aio_nextcloud:/nextcloud:ro
|
|
environment:
|
|
- NC_DOMAIN=${NC_DOMAIN}
|
|
- NEXTCLOUD_HOST=nextcloud-aio-nextcloud
|
|
- REDIS_HOST=nextcloud-aio-redis
|
|
- REDIS_HOST_PASSWORD=${REDIS_PASSWORD}
|
|
- POSTGRES_HOST=nextcloud-aio-database
|
|
- POSTGRES_PASSWORD=${DATABASE_PASSWORD}
|
|
- POSTGRES_DB=nextcloud_database
|
|
- POSTGRES_USER=nextcloud
|
|
restart: unless-stopped
|
|
networks:
|
|
- nextcloud-aio
|
|
read_only: true
|
|
|
|
nextcloud-aio-redis:
|
|
image: nextcloud/aio-redis:latest
|
|
init: true
|
|
expose:
|
|
- "6379"
|
|
environment:
|
|
- REDIS_HOST_PASSWORD=${REDIS_PASSWORD}
|
|
- TZ=${TIMEZONE}
|
|
volumes:
|
|
- nextcloud_aio_redis:/data:rw
|
|
restart: unless-stopped
|
|
networks:
|
|
- nextcloud-aio
|
|
read_only: true
|
|
|
|
nextcloud-aio-collabora:
|
|
image: nextcloud/aio-collabora:latest
|
|
init: true
|
|
expose:
|
|
- "9980"
|
|
environment:
|
|
- aliasgroup1=https://${NC_DOMAIN}:443
|
|
- extra_params=--o:ssl.enable=false --o:ssl.termination=true --o:mount_jail_tree=false --o:logging.level=warning --o:home_mode.enable=true ${COLLABORA_SECCOMP_POLICY} --o:remote_font_config.url=https://${NC_DOMAIN}/apps/richdocuments/settings/fonts.json
|
|
- dictionaries=${COLLABORA_DICTIONARIES}
|
|
- TZ=${TIMEZONE}
|
|
- server_name=${NC_DOMAIN}
|
|
- DONT_GEN_SSL_CERT=1
|
|
restart: unless-stopped
|
|
profiles:
|
|
- collabora
|
|
networks:
|
|
- nextcloud-aio
|
|
|
|
nextcloud-aio-talk:
|
|
image: nextcloud/aio-talk:latest
|
|
init: true
|
|
ports:
|
|
- ${TALK_PORT}:${TALK_PORT}/tcp
|
|
- ${TALK_PORT}:${TALK_PORT}/udp
|
|
expose:
|
|
- "8081"
|
|
environment:
|
|
- NC_DOMAIN=${NC_DOMAIN}
|
|
- TURN_SECRET=${TURN_SECRET}
|
|
- SIGNALING_SECRET=${SIGNALING_SECRET}
|
|
- TZ=${TIMEZONE}
|
|
- TALK_PORT=${TALK_PORT}
|
|
- INTERNAL_SECRET=${TALK_INTERNAL_SECRET}
|
|
restart: unless-stopped
|
|
profiles:
|
|
- talk
|
|
- talk-recording
|
|
networks:
|
|
- nextcloud-aio
|
|
read_only: true
|
|
tmpfs:
|
|
- /var/log/supervisord
|
|
- /var/run/supervisord
|
|
- /opt/eturnal/run
|
|
- /conf
|
|
- /tmp
|
|
|
|
nextcloud-aio-talk-recording:
|
|
image: nextcloud/aio-talk-recording:latest
|
|
init: true
|
|
expose:
|
|
- "1234"
|
|
environment:
|
|
- NC_DOMAIN=${NC_DOMAIN}
|
|
- TZ=${TIMEZONE}
|
|
- RECORDING_SECRET=${RECORDING_SECRET}
|
|
- INTERNAL_SECRET=${TALK_INTERNAL_SECRET}
|
|
shm_size: 2147483648
|
|
restart: unless-stopped
|
|
profiles:
|
|
- talk-recording
|
|
networks:
|
|
- nextcloud-aio
|
|
read_only: true
|
|
tmpfs:
|
|
- /tmp
|
|
- /conf
|
|
|
|
nextcloud-aio-clamav:
|
|
image: nextcloud/aio-clamav:latest
|
|
init: false
|
|
expose:
|
|
- "3310"
|
|
environment:
|
|
- TZ=${TIMEZONE}
|
|
- CLAMD_STARTUP_TIMEOUT=90
|
|
volumes:
|
|
- nextcloud_aio_clamav:/var/lib/clamav:rw
|
|
restart: unless-stopped
|
|
profiles:
|
|
- clamav
|
|
networks:
|
|
- nextcloud-aio
|
|
read_only: true
|
|
tmpfs:
|
|
- /var/lock
|
|
- /var/log/clamav
|
|
- /tmp
|
|
|
|
nextcloud-aio-onlyoffice:
|
|
image: nextcloud/aio-onlyoffice:latest
|
|
init: true
|
|
expose:
|
|
- "80"
|
|
environment:
|
|
- TZ=${TIMEZONE}
|
|
- JWT_ENABLED=true
|
|
- JWT_HEADER=AuthorizationJwt
|
|
- JWT_SECRET=${ONLYOFFICE_SECRET}
|
|
volumes:
|
|
- nextcloud_aio_onlyoffice:/var/lib/onlyoffice:rw
|
|
restart: unless-stopped
|
|
profiles:
|
|
- onlyoffice
|
|
networks:
|
|
- nextcloud-aio
|
|
|
|
nextcloud-aio-imaginary:
|
|
image: nextcloud/aio-imaginary:latest
|
|
init: true
|
|
expose:
|
|
- "9000"
|
|
environment:
|
|
- TZ=${TIMEZONE}
|
|
restart: unless-stopped
|
|
cap_add:
|
|
- SYS_NICE
|
|
profiles:
|
|
- imaginary
|
|
networks:
|
|
- nextcloud-aio
|
|
read_only: true
|
|
tmpfs:
|
|
- /tmp
|
|
|
|
nextcloud-aio-fulltextsearch:
|
|
image: nextcloud/aio-fulltextsearch:latest
|
|
init: false
|
|
expose:
|
|
- "9200"
|
|
environment:
|
|
- TZ=${TIMEZONE}
|
|
- ES_JAVA_OPTS=-Xms512M -Xmx512M
|
|
- bootstrap.memory_lock=true
|
|
- cluster.name=nextcloud-aio
|
|
- discovery.type=single-node
|
|
- logger.org.elasticsearch.discovery=WARN
|
|
- http.port=9200
|
|
- xpack.license.self_generated.type=basic
|
|
- xpack.security.enabled=false
|
|
- FULLTEXTSEARCH_PASSWORD=${FULLTEXTSEARCH_PASSWORD}
|
|
volumes:
|
|
- nextcloud_aio_elasticsearch:/usr/share/elasticsearch/data:rw
|
|
restart: unless-stopped
|
|
profiles:
|
|
- fulltextsearch
|
|
networks:
|
|
- nextcloud-aio
|
|
|
|
volumes:
|
|
nextcloud_aio_apache:
|
|
name: nextcloud_aio_apache
|
|
nextcloud_aio_clamav:
|
|
name: nextcloud_aio_clamav
|
|
nextcloud_aio_database:
|
|
name: nextcloud_aio_database
|
|
nextcloud_aio_database_dump:
|
|
name: nextcloud_aio_database_dump
|
|
nextcloud_aio_elasticsearch:
|
|
name: nextcloud_aio_elasticsearch
|
|
nextcloud_aio_nextcloud:
|
|
name: nextcloud_aio_nextcloud
|
|
nextcloud_aio_onlyoffice:
|
|
name: nextcloud_aio_onlyoffice
|
|
nextcloud_aio_redis:
|
|
name: nextcloud_aio_redis
|
|
nextcloud_aio_nextcloud_data:
|
|
name: nextcloud_aio_nextcloud_data
|
|
|
|
# Inspired by https://github.com/mailcow/mailcow-dockerized/blob/master/docker-compose.yml
|
|
networks:
|
|
nextcloud-aio:
|
|
name: nextcloud-aio
|
|
driver: bridge
|
|
enable_ipv6: true
|
|
ipam:
|
|
driver: default
|
|
config:
|
|
- subnet: ${IPV6_NETWORK}
|