From c403419ea1be44513a21fa7224619ce0a958ec3b Mon Sep 17 00:00:00 2001
From: root <root@bananaserver>
Date: Tue, 23 Dec 2025 00:23:18 +0100
Subject: [PATCH] adapt for traefik labels

---
 apache/nextcloud.conf |  1 +
 docker-compose.yml    | 23 ++++++++++++++++++++++-
 2 files changed, 23 insertions(+), 1 deletion(-)

diff --git a/apache/nextcloud.conf b/apache/nextcloud.conf
index 0b86b8e..36254bc 100644
--- a/apache/nextcloud.conf
+++ b/apache/nextcloud.conf
@@ -1,5 +1,6 @@
 # Configuration pour reverse proxy Traefik
 # Récupération de l'IP réelle du client via X-Forwarded-For
+ServerName cloud.agence66.fr
 RemoteIPHeader X-Forwarded-For
 RemoteIPTrustedProxy 172.16.0.0/12
 RemoteIPTrustedProxy 10.0.0.0/8
diff --git a/docker-compose.yml b/docker-compose.yml
index 9dc2c80..5f983c3 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -55,7 +55,28 @@ services:
     networks:
       - nextcloud-net
       - traefik-net
-
+    labels:
+      - "traefik.enable=true"
+      # Router configuration
+      - "traefik.http.routers.cloud.rule=Host(`${NEXTCLOUD_DOMAIN}`)"
+      - "traefik.http.routers.cloud.entrypoints=websecure"
+      - "traefik.http.routers.cloud.tls.certresolver=letsencrypt"
+      - "traefik.http.routers.cloud.middlewares=nextcloud-headers,nextcloud-buffering,nextcloud-redirect"
+      # Service configuration
+      - "traefik.http.services.cloud.loadbalancer.server.port=80"
+      # Middleware: Headers
+      - "traefik.http.middlewares.nextcloud-headers.headers.customrequestheaders.X-Forwarded-Proto=https"
+      - "traefik.http.middlewares.nextcloud-headers.headers.customresponseheaders.Strict-Transport-Security=max-age=15552000"
+      # Middleware: Buffering pour gros fichiers
+      - "traefik.http.middlewares.nextcloud-buffering.buffering.maxRequestBodyBytes=2147483648"
+      - "traefik.http.middlewares.nextcloud-buffering.buffering.memRequestBodyBytes=104857600"
+      - "traefik.http.middlewares.nextcloud-buffering.buffering.maxResponseBodyBytes=2147483648"
+      - "traefik.http.middlewares.nextcloud-buffering.buffering.memResponseBodyBytes=104857600"
+      - "traefik.http.middlewares.nextcloud-buffering.buffering.retryExpression=IsNetworkError() && Attempts() < 3"
+      # Middleware: Redirect pour CalDAV/CardDAV
+      - "traefik.http.middlewares.nextcloud-redirect.redirectregex.regex=https://(.*)/.well-known/(card|cal)dav"
+      - "traefik.http.middlewares.nextcloud-redirect.redirectregex.replacement=https://$$1/remote.php/dav/"
+      - "traefik.http.middlewares.nextcloud-redirect.redirectregex.permanent=true"
   redis:
     image: redis:alpine
     restart: unless-stopped