LetsBeBiz-Redesign/letsbe-ansible-runner/stacks/nextcloud/docker-compose.yml

version: '3.9'

services:
  db:
    container_name: {{ customer }}-nextcloud-postgres
    image: postgres:16-alpine #original postgres:alpine
    restart: always
    volumes:
      - {{ customer }}-nextcloud-database:/var/lib/postgresql/data:Z
      - {{ customer }}-nextcloud-backups:/tmp/backups
    environment:
      POSTGRES_DB: nextcloud
      POSTGRES_USER: {{ nextcloud_postgres_user }}
      POSTGRES_PASSWORD: {{ nextcloud_postgres_password }}
    networks:
      {{ customer }}-nextcloud:
        ipv4_address: 172.20.9.2

  redis:
    container_name: {{ customer }}-nextcloud-redis
    image: redis:alpine
    restart: always
    networks:
      {{ customer }}-nextcloud:
        ipv4_address: 172.20.9.3

  app:
    container_name: {{ customer }}-nextcloud-app
    image: nextcloud:production-apache
    restart: always
    labels:
      - "diun.enable=true"
    ports:
      - '127.0.0.1:3023:80'
    volumes:
      - {{ customer }}-nextcloud-html:/var/www/html:z
      - /opt/letsbe/config/nextcloud:/var/www/html/config
      - /opt/letsbe/data/nextcloud:/var/www/html/data
      - {{ customer }}-nextcloud-backups:/tmp/backups
    environment:
      #Nextcloud
      POSTGRES_HOST: {{ customer }}-nextcloud-postgres
      REDIS_HOST: {{ customer }}-nextcloud-redis
      POSTGRES_DB: nextcloud
      POSTGRES_USER: {{ nextcloud_postgres_user }}
      POSTGRES_PASSWORD: {{ nextcloud_postgres_password }}
      # #SMTP
      # SMTP_HOST: 'mail.{{ domain }}'
      # SMTP_PORT: '587'
      # SMTP_NAME: 'system@{{ domain }}'
      # SMTP_PASSWORD: ''
      # MAIL_FROM_ADDRESS: 'system'
      # MAIL_DOMAIN: '{{ domain }}'
      #Admin
      NEXTCLOUD_ADMIN_USER: administrator@letsbe.biz
      NEXTCLOUD_ADMIN_PASSWORD: '{{ nextcloud_admin_password }}'
      #Config
      NEXTCLOUD_TRUSTED_DOMAINS: '{{ domain_nextcloud }} 127.0.0.1 0.0.0.0'
      TRUSTED_PROXIES: '{{ domain_nextcloud }} 127.0.0.1 0.0.0.0 172.*.*.*'
      OVERWRITECLIURL: https://{{ domain_nextcloud }}
      OVERWRITEPROTOCOL: https
      OVERWRITEHOST: {{ domain_nextcloud }}
      #APACHE_DISABLE_REWRITE_IP: 1
    depends_on:
      - db
      - redis
    networks:
      {{ customer }}-nextcloud:
        ipv4_address: 172.20.9.4

  cron:
    container_name: {{ customer }}-nextcloud-cron
    image: nextcloud:production-apache
    restart: always
    volumes:
      - {{ customer }}-nextcloud-html:/var/www/html:z
      - /opt/letsbe/config/nextcloud:/var/www/html/config
      - /opt/letsbe/data/nextcloud:/var/www/html/data
    entrypoint: /cron.sh
    depends_on:
      - db
      - redis
    networks:
      {{ customer }}-nextcloud:
        ipv4_address: 172.20.9.5
  
  collabora:
    image: collabora/code:latest
    container_name: {{ customer }}-nextcloud-collabora
    restart: always
    environment:
      - password={{ collabora_password }}
      - username={{ collabora_user }}
      - domain={{ domain_collabora }}
      - extra_params=--o:ssl.enable=true
    ports:
      - '127.0.0.1:3044:9980'
    networks:
      {{ customer }}-nextcloud:
        ipv4_address: 172.20.9.7

  nextcloud-whiteboard-server:
    image: ghcr.io/nextcloud-releases/whiteboard:release
    ports:
      - '127.0.0.1:3060:3002'
    environment:
      NEXTCLOUD_URL: '{{ domain_nextcloud }}'
      JWT_SECRET_KEY: '{{ nextcloud_jwt_secret }}'
    networks:
      {{ customer }}-nextcloud:
        ipv4_address: 172.20.9.8

  talk-hpb:
    container_name: {{ customer }}-nextcloud-talk-hpb
    image: ghcr.io/nextcloud-releases/aio-talk:latest
    restart: always
    environment:
      NC_DOMAIN: {{ domain_nextcloud }}
      TALK_PORT: "3478"
      TURN_SECRET: "{{ turn_secret }}"
      SIGNALING_SECRET: "{{ signaling_secret }}"
      INTERNAL_SECRET: "{{ internal_secret }}"
    ports:
      - "127.0.0.1:3061:8081"
    networks:
      {{ customer }}-nextcloud:
        ipv4_address: 172.20.9.6

  coturn:
    image: instrumentisto/coturn:latest
    container_name: {{ customer }}-coturn
    restart: always
    ports:
      - "3478:3478/udp"
      - "3478:3478/tcp"
      - "49160-49200:49160-49200/udp"
    command:
      -n
      --log-file=stdout
      --fingerprint
      --realm={{ domain_nextcloud }}
      --external-ip={{ server_ip }}/172.20.9.9
      --listening-port=3478
      --min-port=49160
      --max-port=49200
      --use-auth-secret
      --static-auth-secret={{ turn_secret }}
      --no-multicast-peers
      --no-cli
    networks:
      {{ customer }}-nextcloud:
        ipv4_address: 172.20.9.9

networks:
  {{ customer }}-nextcloud:
    ipam:
      driver: default
      config:
        - subnet: 172.20.9.0/28
          gateway: 172.20.9.1

volumes:
  {{ customer }}-nextcloud-html:
    # driver: local
    #   driver_opts:
    #     size: 100g
  {{ customer }}-nextcloud-database:
    # driver: local
    #   driver_opts:
    #     size: 100g
  {{ customer }}-nextcloud-backups:
Include full contents of all nested repositories Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-02-27 16:25:02 +01:00			`version: '3.9'`

			`services:`
			`db:`
			`container_name: {{ customer }}-nextcloud-postgres`
			`image: postgres:16-alpine #original postgres:alpine`
			`restart: always`
			`volumes:`
			`- {{ customer }}-nextcloud-database:/var/lib/postgresql/data:Z`
			`- {{ customer }}-nextcloud-backups:/tmp/backups`
			`environment:`
			`POSTGRES_DB: nextcloud`
			`POSTGRES_USER: {{ nextcloud_postgres_user }}`
			`POSTGRES_PASSWORD: {{ nextcloud_postgres_password }}`
			`networks:`
			`{{ customer }}-nextcloud:`
			`ipv4_address: 172.20.9.2`

			`redis:`
			`container_name: {{ customer }}-nextcloud-redis`
			`image: redis:alpine`
			`restart: always`
			`networks:`
			`{{ customer }}-nextcloud:`
			`ipv4_address: 172.20.9.3`

			`app:`
			`container_name: {{ customer }}-nextcloud-app`
			`image: nextcloud:production-apache`
			`restart: always`
			`labels:`
			`- "diun.enable=true"`
			`ports:`
			`- '127.0.0.1:3023:80'`
			`volumes:`
			`- {{ customer }}-nextcloud-html:/var/www/html:z`
			`- /opt/letsbe/config/nextcloud:/var/www/html/config`
			`- /opt/letsbe/data/nextcloud:/var/www/html/data`
			`- {{ customer }}-nextcloud-backups:/tmp/backups`
			`environment:`
			`#Nextcloud`
			`POSTGRES_HOST: {{ customer }}-nextcloud-postgres`
			`REDIS_HOST: {{ customer }}-nextcloud-redis`
			`POSTGRES_DB: nextcloud`
			`POSTGRES_USER: {{ nextcloud_postgres_user }}`
			`POSTGRES_PASSWORD: {{ nextcloud_postgres_password }}`
			`# #SMTP`
			`# SMTP_HOST: 'mail.{{ domain }}'`
			`# SMTP_PORT: '587'`
			`# SMTP_NAME: 'system@{{ domain }}'`
			`# SMTP_PASSWORD: ''`
			`# MAIL_FROM_ADDRESS: 'system'`
			`# MAIL_DOMAIN: '{{ domain }}'`
			`#Admin`
			`NEXTCLOUD_ADMIN_USER: administrator@letsbe.biz`
			`NEXTCLOUD_ADMIN_PASSWORD: '{{ nextcloud_admin_password }}'`
			`#Config`
			`NEXTCLOUD_TRUSTED_DOMAINS: '{{ domain_nextcloud }} 127.0.0.1 0.0.0.0'`
			`TRUSTED_PROXIES: '{{ domain_nextcloud }} 127.0.0.1 0.0.0.0 172...*'`
			`OVERWRITECLIURL: https://{{ domain_nextcloud }}`
			`OVERWRITEPROTOCOL: https`
			`OVERWRITEHOST: {{ domain_nextcloud }}`
			`#APACHE_DISABLE_REWRITE_IP: 1`
			`depends_on:`
			`- db`
			`- redis`
			`networks:`
			`{{ customer }}-nextcloud:`
			`ipv4_address: 172.20.9.4`

			`cron:`
			`container_name: {{ customer }}-nextcloud-cron`
			`image: nextcloud:production-apache`
			`restart: always`
			`volumes:`
			`- {{ customer }}-nextcloud-html:/var/www/html:z`
			`- /opt/letsbe/config/nextcloud:/var/www/html/config`
			`- /opt/letsbe/data/nextcloud:/var/www/html/data`
			`entrypoint: /cron.sh`
			`depends_on:`
			`- db`
			`- redis`
			`networks:`
			`{{ customer }}-nextcloud:`
			`ipv4_address: 172.20.9.5`

			`collabora:`
			`image: collabora/code:latest`
			`container_name: {{ customer }}-nextcloud-collabora`
			`restart: always`
			`environment:`
			`- password={{ collabora_password }}`
			`- username={{ collabora_user }}`
			`- domain={{ domain_collabora }}`
			`- extra_params=--o:ssl.enable=true`
			`ports:`
			`- '127.0.0.1:3044:9980'`
			`networks:`
			`{{ customer }}-nextcloud:`
			`ipv4_address: 172.20.9.7`

			`nextcloud-whiteboard-server:`
			`image: ghcr.io/nextcloud-releases/whiteboard:release`
			`ports:`
			`- '127.0.0.1:3060:3002'`
			`environment:`
			`NEXTCLOUD_URL: '{{ domain_nextcloud }}'`
			`JWT_SECRET_KEY: '{{ nextcloud_jwt_secret }}'`
			`networks:`
			`{{ customer }}-nextcloud:`
			`ipv4_address: 172.20.9.8`

			`talk-hpb:`
			`container_name: {{ customer }}-nextcloud-talk-hpb`
			`image: ghcr.io/nextcloud-releases/aio-talk:latest`
			`restart: always`
			`environment:`
			`NC_DOMAIN: {{ domain_nextcloud }}`
			`TALK_PORT: "3478"`
			`TURN_SECRET: "{{ turn_secret }}"`
			`SIGNALING_SECRET: "{{ signaling_secret }}"`
			`INTERNAL_SECRET: "{{ internal_secret }}"`
			`ports:`
			`- "127.0.0.1:3061:8081"`
			`networks:`
			`{{ customer }}-nextcloud:`
			`ipv4_address: 172.20.9.6`

			`coturn:`
			`image: instrumentisto/coturn:latest`
			`container_name: {{ customer }}-coturn`
			`restart: always`
			`ports:`
			`- "3478:3478/udp"`
			`- "3478:3478/tcp"`
			`- "49160-49200:49160-49200/udp"`
			`command:`
			`-n`
			`--log-file=stdout`
			`--fingerprint`
			`--realm={{ domain_nextcloud }}`
			`--external-ip={{ server_ip }}/172.20.9.9`
			`--listening-port=3478`
			`--min-port=49160`
			`--max-port=49200`
			`--use-auth-secret`
			`--static-auth-secret={{ turn_secret }}`
			`--no-multicast-peers`
			`--no-cli`
			`networks:`
			`{{ customer }}-nextcloud:`
			`ipv4_address: 172.20.9.9`

			`networks:`
			`{{ customer }}-nextcloud:`
			`ipam:`
			`driver: default`
			`config:`
			`- subnet: 172.20.9.0/28`
			`gateway: 172.20.9.1`

			`volumes:`
			`{{ customer }}-nextcloud-html:`
			`# driver: local`
			`# driver_opts:`
			`# size: 100g`
			`{{ customer }}-nextcloud-database:`
			`# driver: local`
			`# driver_opts:`
			`# size: 100g`
			`{{ customer }}-nextcloud-backups:`