Docker/docker-compose.nextcloud.yml

version: '3'

services:
  nextcloud:
    container_name: nextcloud
    image: nextcloud:27
    logging:
      driver: "json-file"
      options:
        max-size: "5m"
        max-file: "3"
    restart: always
    dns:
      - 10.0.0.3
      - 8.8.8.8
    ports:
      - "8009:80"
    networks:
      - backend
    depends_on:
      - redis
      - postgres
    labels:
      - diun.enable=true
      - "traefik.enable=true"
      - "traefik.http.routers.nextcloud.entrypoints=web-secure"
      - "traefik.http.routers.nextcloud.middlewares=nextcloud,nextcloud_redirect"
      - "traefik.http.routers.nextcloud.tls.certresolver=milvert_dns"
      - "traefik.http.routers.nextcloud.rule=Host(`moln.${DOMAIN}`)"
      - "traefik.http.middlewares.nextcloud.headers.customFrameOptionsValue=ALLOW-FROM https://milvert.com"
      - "traefik.http.middlewares.nextcloud.headers.contentSecurityPolicy=frame-ancestors 'self' milvert.com"
      - "traefik.http.middlewares.nextcloud.headers.stsSeconds=155520011"
      - "traefik.http.middlewares.nextcloud.headers.stsIncludeSubdomains=true"
      - "traefik.http.middlewares.nextcloud.headers.stsPreload=true"
      - "traefik.http.middlewares.nextcloud.headers.customFrameOptionsValue=SAMEORIGIN"
      - "traefik.http.middlewares.nextcloud.headers.referrerPolicy=no-referrer"
      - "traefik.http.middlewares.nextcloud.headers.browserXSSFilter=true"
      - "traefik.http.middlewares.nextcloud.headers.contentTypeNosniff=true"
      - "traefik.http.middlewares.nextcloud_redirect.redirectregex.regex=/.well-known/(card|cal)dav"
      - "traefik.http.middlewares.nextcloud_redirect.redirectregex.replacement=/remote.php/dav/"
    environment:
      - POSTGRES_DB=nextcloud
      - POSTGRES_USER=nextcloud
      - POSTGRES_PASSWORD=bajsa
      - POSTGRES_HOST=postgres
      - NEXTCLOUD_ADMIN_USER=admin
      - NEXTCLOUD_ADMIN_PASSWORD=bajsa123
      - REDIS_HOST=redis
      - NEXTCLOUD_TRUSTED_DOMAINS=moln.milvert.com
      - TRUSTED_PROXIES=172.19.0.0/16
    volumes:
      #      - ${DIR}/nextcloud-www:/var/www/html
      - ./nextcloud/cronjob:/var/spool/cron/crontabs/www-data
        #- /srv/owncloud:/var/www/html/data
      - /media/NAS:/media/NAS

networks:
  frontend:
    external: true
  backend:
    external: false