LetsBeBiz-Redesign/letsbe-ansible-runner/stacks/nextcloud/docker-compose.yml

version: '3.9'

services:
  db:
    container_name: {{ customer }}-nextcloud-postgres
    image: postgres:16-alpine #original postgres:alpine
    restart: always
    volumes:
      - {{ customer }}-nextcloud-database:/var/lib/postgresql/data:Z
      - {{ customer }}-nextcloud-backups:/tmp/backups
    environment:
      POSTGRES_DB: nextcloud
      POSTGRES_USER: {{ nextcloud_postgres_user }}
      POSTGRES_PASSWORD: {{ nextcloud_postgres_password }}
    networks:
      {{ customer }}-nextcloud:
        ipv4_address: 172.20.9.2

  redis:
    container_name: {{ customer }}-nextcloud-redis
    image: redis:alpine
    restart: always
    networks:
      {{ customer }}-nextcloud:
        ipv4_address: 172.20.9.3

  app:
    container_name: {{ customer }}-nextcloud-app
    image: nextcloud:production-apache
    restart: always
    labels:
      - "diun.enable=true"
    ports:
      - '127.0.0.1:3023:80'
    volumes:
      - {{ customer }}-nextcloud-html:/var/www/html:z
      - /opt/letsbe/config/nextcloud:/var/www/html/config
      - /opt/letsbe/data/nextcloud:/var/www/html/data
      - {{ customer }}-nextcloud-backups:/tmp/backups
    environment:
      #Nextcloud
      POSTGRES_HOST: {{ customer }}-nextcloud-postgres
      REDIS_HOST: {{ customer }}-nextcloud-redis
      POSTGRES_DB: nextcloud
      POSTGRES_USER: {{ nextcloud_postgres_user }}
      POSTGRES_PASSWORD: {{ nextcloud_postgres_password }}
      # #SMTP
      # SMTP_HOST: 'mail.{{ domain }}'
      # SMTP_PORT: '587'
      # SMTP_NAME: 'system@{{ domain }}'
      # SMTP_PASSWORD: ''
      # MAIL_FROM_ADDRESS: 'system'
      # MAIL_DOMAIN: '{{ domain }}'
      #Admin
      NEXTCLOUD_ADMIN_USER: administrator@letsbe.biz
      NEXTCLOUD_ADMIN_PASSWORD: '{{ nextcloud_admin_password }}'
      #Config
      NEXTCLOUD_TRUSTED_DOMAINS: '{{ domain_nextcloud }} 127.0.0.1 0.0.0.0'
      TRUSTED_PROXIES: '{{ domain_nextcloud }} 127.0.0.1 0.0.0.0 172.*.*.*'
      OVERWRITECLIURL: https://{{ domain_nextcloud }}
      OVERWRITEPROTOCOL: https
      OVERWRITEHOST: {{ domain_nextcloud }}
      #APACHE_DISABLE_REWRITE_IP: 1
    depends_on:
      - db
      - redis
    networks:
      {{ customer }}-nextcloud:
        ipv4_address: 172.20.9.4

  cron:
    container_name: {{ customer }}-nextcloud-cron
    image: nextcloud:production-apache
    restart: always
    volumes:
      - {{ customer }}-nextcloud-html:/var/www/html:z
      - /opt/letsbe/config/nextcloud:/var/www/html/config
      - /opt/letsbe/data/nextcloud:/var/www/html/data
    entrypoint: /cron.sh
    depends_on:
      - db
      - redis
    networks:
      {{ customer }}-nextcloud:
        ipv4_address: 172.20.9.5
  
  collabora:
    image: collabora/code:latest
    container_name: {{ customer }}-nextcloud-collabora
    restart: always
    environment:
      - password={{ collabora_password }}
      - username={{ collabora_user }}
      - domain={{ domain_collabora }}
      - extra_params=--o:ssl.enable=true
    ports:
      - '127.0.0.1:3044:9980'
    networks:
      {{ customer }}-nextcloud:
        ipv4_address: 172.20.9.7

  nextcloud-whiteboard-server:
    image: ghcr.io/nextcloud-releases/whiteboard:release
    ports:
      - '127.0.0.1:3060:3002'
    environment:
      NEXTCLOUD_URL: '{{ domain_nextcloud }}'
      JWT_SECRET_KEY: '{{ nextcloud_jwt_secret }}'
    networks:
      {{ customer }}-nextcloud:
        ipv4_address: 172.20.9.8

  talk-hpb:
    container_name: {{ customer }}-nextcloud-talk-hpb
    image: ghcr.io/nextcloud-releases/aio-talk:latest
    restart: always
    environment:
      NC_DOMAIN: {{ domain_nextcloud }}
      TALK_PORT: "3478"
      TURN_SECRET: "{{ turn_secret }}"
      SIGNALING_SECRET: "{{ signaling_secret }}"
      INTERNAL_SECRET: "{{ internal_secret }}"
    ports:
      - "127.0.0.1:3061:8081"
    networks:
      {{ customer }}-nextcloud:
        ipv4_address: 172.20.9.6

  coturn:
    image: instrumentisto/coturn:latest
    container_name: {{ customer }}-coturn
    restart: always
    ports:
      - "3478:3478/udp"
      - "3478:3478/tcp"
      - "49160-49200:49160-49200/udp"
    command:
      -n
      --log-file=stdout
      --fingerprint
      --realm={{ domain_nextcloud }}
      --external-ip={{ server_ip }}/172.20.9.9
      --listening-port=3478
      --min-port=49160
      --max-port=49200
      --use-auth-secret
      --static-auth-secret={{ turn_secret }}
      --no-multicast-peers
      --no-cli
    networks:
      {{ customer }}-nextcloud:
        ipv4_address: 172.20.9.9

networks:
  {{ customer }}-nextcloud:
    ipam:
      driver: default
      config:
        - subnet: 172.20.9.0/28
          gateway: 172.20.9.1

volumes:
  {{ customer }}-nextcloud-html:
    # driver: local
    #   driver_opts:
    #     size: 100g
  {{ customer }}-nextcloud-database:
    # driver: local
    #   driver_opts:
    #     size: 100g
  {{ customer }}-nextcloud-backups: