agence66-nextcloud-docker/docker-compose.yml

services:
  nextcloud:
    build: .
    image: nextcloud-custom:latest
    restart: unless-stopped
    ports:
      - "127.0.0.1:8888:80"
    volumes:
      - ./data:/var/www/html
      - ./apache/nextcloud.conf:/etc/apache2/conf-enabled/nextcloud.conf:ro
      - ./apache/mpm_prefork.conf:/etc/apache2/mods-available/mpm_prefork.conf:ro
      - ./logs/apache:/var/log/apache2
    logging:
      driver: "json-file"
      options:
        max-size: "10m"
        max-file: "3"
        tag: "nextcloud"
    environment:
      # Database
      - MYSQL_HOST=db
      - MYSQL_DATABASE=${MYSQL_DATABASE:-nextcloud}
      - MYSQL_USER=${MYSQL_USER}
      - MYSQL_PASSWORD=${MYSQL_PASSWORD}
      # Domaine
      - NEXTCLOUD_TRUSTED_DOMAINS=${NEXTCLOUD_DOMAIN}
      - TRUSTED_PROXIES=${TRUSTED_PROXIES:-}
      - OVERWRITEPROTOCOL=${OVERWRITE_PROTOCOL:-http}
      - OVERWRITEHOST=${OVERWRITE_HOST:-}
      - OVERWRITECLIURL=${OVERWRITE_CLI_URL:-}
      # Redis
      - REDIS_HOST=redis
      - REDIS_HOST_PASSWORD=${REDIS_HOST_PASSWORD}
      # PHP
      - PHP_MEMORY_LIMIT=4096M
      - PHP_UPLOAD_MAX_FILESIZE=10G
      - PHP_POST_MAX_SIZE=10G
      - PHP_MAX_EXECUTION_TIME=7200
      - PHP_MAX_INPUT_TIME=7200
      # - PHP_UPLOAD_MAX_FILESIZE=1024G
      # - PHP_POST_MAX_SIZE=1024G
      # - PHP_MAX_EXECUTION_TIME=86400
      # - PHP_MAX_INPUT_TIME=86400
      # Apache
      - APACHE_BODY_LIMIT=0
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost/status.php"]
      interval: 30s
      timeout: 10s
      retries: 3
    depends_on:
      db:
        condition: service_healthy
      redis:
        condition: service_started
    networks:
      - nextcloud-net
      - traefik-net
    labels:
      - "traefik.enable=true"
      # Router configuration
      - "traefik.http.routers.cloud.rule=Host(`${NEXTCLOUD_DOMAIN}`)"
      - "traefik.http.routers.cloud.entrypoints=websecure"
      - "traefik.http.routers.cloud.tls.certresolver=letsencrypt"
      - "traefik.http.routers.cloud.middlewares=nextcloud-headers,nextcloud-redirect"
      # Service configuration
      - "traefik.http.services.cloud.loadbalancer.server.port=80"
      - "traefik.http.services.cloud.loadbalancer.serverstransport=nextcloud-transport"
      # Middleware: Headers
      - "traefik.http.middlewares.nextcloud-headers.headers.customrequestheaders.X-Forwarded-Proto=https"
      - "traefik.http.middlewares.nextcloud-headers.headers.customresponseheaders.Strict-Transport-Security=max-age=15552000"
      # Middleware: Redirect pour CalDAV/CardDAV
      - "traefik.http.middlewares.nextcloud-redirect.redirectregex.regex=https://(.*)/.well-known/(card|cal)dav"
      - "traefik.http.middlewares.nextcloud-redirect.redirectregex.replacement=https://$$1/remote.php/dav/"
      - "traefik.http.middlewares.nextcloud-redirect.redirectregex.permanent=true"
  redis:
    image: redis:alpine
    restart: unless-stopped
    command: redis-server --requirepass ${REDIS_HOST_PASSWORD} --maxmemory 2gb --maxmemory-policy allkeys-lru
    networks:
      - nextcloud-net

  cron:
    image: nextcloud-custom:latest
    restart: always
    volumes_from:
      - nextcloud
    entrypoint: /cron.sh
    depends_on:
      - nextcloud
      - db
      - redis
    networks:
      - nextcloud-net

  backup-cron:
    build: ./cron
    restart: unless-stopped
    volumes:
      # Monter le projet complet pour accéder aux scripts
      - .:/project
      # Monter Docker socket pour exécuter les commandes docker-compose
      - /var/run/docker.sock:/var/run/docker.sock
      # Partager les volumes avec nextcloud pour les backups
      - ./data:/var/www/html
      - ./db:/var/lib/mysql
      - ./backups:/project/backups
      - ./logs:/logs
    environment:
      - TZ=Europe/Paris
      - COMPOSE_PROJECT_NAME
    depends_on:
      - nextcloud
      - db
    networks:
      - nextcloud-net

  db:
    image: mariadb:10.11
    restart: unless-stopped
    volumes:
      - ./db:/var/lib/mysql
      - ./db-config/my.cnf:/etc/mysql/conf.d/custom.cnf:ro
    environment:
      - MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}
      - MYSQL_DATABASE=nextcloud
      - MYSQL_USER=${MYSQL_USER}
      - MYSQL_PASSWORD=${MYSQL_PASSWORD}
    healthcheck:
      test: ["CMD", "healthcheck.sh", "--connect", "--innodb_initialized"]
      interval: 10s
      timeout: 5s
      retries: 3
    networks:
      - nextcloud-net

networks:
  nextcloud-net:
    driver: bridge
  traefik-net:
    external: true