services: nextcloud-db: image: mariadb:lts container_name: nextcloud-db restart: unless-stopped command: > --transaction-isolation=READ-COMMITTED --binlog-format=ROW --character-set-server=utf8mb4 --collation-server=utf8mb4_general_ci environment: TZ: ${TZ} MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD} MYSQL_DATABASE: ${MYSQL_DATABASE} MYSQL_USER: ${MYSQL_USER} MYSQL_PASSWORD: ${MYSQL_PASSWORD} volumes: - /opt/nextcloud/db:/var/lib/mysql:Z networks: - nextcloud_internal nextcloud-redis: image: redis:7-alpine container_name: nextcloud-redis restart: unless-stopped command: redis-server --save 60 1 --loglevel warning environment: TZ: ${TZ} volumes: - /opt/nextcloud/redis:/data:Z networks: - nextcloud_internal nextcloud: image: nextcloud:33-apache container_name: nextcloud pull_policy: always restart: unless-stopped depends_on: - nextcloud-db - nextcloud-redis environment: TZ: ${TZ} MYSQL_HOST: nextcloud-db MYSQL_DATABASE: ${MYSQL_DATABASE} MYSQL_USER: ${MYSQL_USER} MYSQL_PASSWORD: ${MYSQL_PASSWORD} REDIS_HOST: nextcloud-redis NEXTCLOUD_ADMIN_USER: ${NEXTCLOUD_ADMIN_USER} NEXTCLOUD_ADMIN_PASSWORD: ${NEXTCLOUD_ADMIN_PASSWORD} NEXTCLOUD_TRUSTED_DOMAINS: ${NC_DOMAIN} nextcloud localhost TRUSTED_PROXIES: ${TRUSTED_PROXIES} OVERWRITEHOST: ${NC_DOMAIN} OVERWRITEPROTOCOL: https OVERWRITECLIURL: https://${NC_DOMAIN} PHP_MEMORY_LIMIT: 2048M PHP_UPLOAD_LIMIT: 16G SMTP_HOST: ${SMTP_HOST} SMTP_PORT: ${SMTP_PORT} SMTP_SECURE: ${SMTP_SECURE} SMTP_AUTHTYPE: ${SMTP_AUTHTYPE} SMTP_NAME: ${SMTP_NAME} SMTP_PASSWORD: ${SMTP_PASSWORD} MAIL_FROM_ADDRESS: ${MAIL_FROM_ADDRESS} MAIL_DOMAIN: ${MAIL_DOMAIN} volumes: - /opt/nextcloud/html:/var/www/html:Z - /opt/nextcloud/config:/var/www/html/config:Z - /opt/nextcloud/data:/var/www/html/data:Z - /opt/nextcloud/custom_apps:/var/www/html/custom_apps:Z - /opt/nextcloud/themes:/var/www/html/themes:Z # Opcional: exponer archivo final de Paperless en Nextcloud como solo lectura - /opt/paperless/media:/mnt/paperless-media:ro,Z networks: - nextcloud_internal - proxy - mail_internal labels: - traefik.http.middlewares.nc-dav.redirectregex.permanent=true - traefik.http.middlewares.nc-dav.redirectregex.regex=https://(.*)/.well-known/(?:card|cal)dav - traefik.http.middlewares.nc-dav.redirectregex.replacement=https://$${1}/remote.php/dav - traefik.http.middlewares.nc-secure-headers.headers.stsSeconds=31536000 - traefik.http.middlewares.nc-secure-headers.headers.stsIncludeSubdomains=true - traefik.http.middlewares.nc-secure-headers.headers.stsPreload=true - traefik.http.middlewares.nc-secure-headers.headers.contentTypeNosniff=true - traefik.http.middlewares.nc-secure-headers.headers.browserXssFilter=true - traefik.http.services.nextcloud.loadbalancer.server.port=80 nextcloud-cron: image: nextcloud:33-apache container_name: nextcloud-cron restart: unless-stopped depends_on: - nextcloud entrypoint: /cron.sh environment: TZ: ${TZ} MYSQL_HOST: nextcloud-db MYSQL_DATABASE: ${MYSQL_DATABASE} MYSQL_USER: ${MYSQL_USER} MYSQL_PASSWORD: ${MYSQL_PASSWORD} REDIS_HOST: nextcloud-redis SMTP_HOST: ${SMTP_HOST} SMTP_PORT: ${SMTP_PORT} SMTP_SECURE: ${SMTP_SECURE} SMTP_AUTHTYPE: ${SMTP_AUTHTYPE} SMTP_NAME: ${SMTP_NAME} SMTP_PASSWORD: ${SMTP_PASSWORD} MAIL_FROM_ADDRESS: ${MAIL_FROM_ADDRESS} MAIL_DOMAIN: ${MAIL_DOMAIN} volumes: - /opt/nextcloud/html:/var/www/html:Z - /opt/nextcloud/config:/var/www/html/config:Z - /opt/nextcloud/data:/var/www/html/data:Z - /opt/nextcloud/custom_apps:/var/www/html/custom_apps:Z - /opt/nextcloud/themes:/var/www/html/themes:Z # Opcional: exponer archivo final de Paperless en Nextcloud como solo lectura - /opt/paperless/media:/mnt/paperless-media:ro,Z networks: - nextcloud_internal - mail_internal onlyoffice-documentserver: image: onlyoffice/documentserver:9.3.1 container_name: onlyoffice-documentserver restart: unless-stopped environment: TZ: ${TZ} JWT_ENABLED: "true" JWT_SECRET: ${OO_JWT_SECRET} JWT_HEADER: Authorization SECURE_LINK_SECRET: ${OO_SECURE_LINK_SECRET} ALLOW_PRIVATE_IP_ADDRESS: "true" volumes: - /opt/onlyoffice/logs:/var/log/onlyoffice:Z - /opt/onlyoffice/data:/var/www/onlyoffice/Data:Z - /opt/onlyoffice/lib:/var/lib/onlyoffice:Z - /opt/onlyoffice/postgresql:/var/lib/postgresql:Z #- /opt/onlyoffice/plugins:/var/www/onlyoffice/documentserver/sdkjs-plugins:Z networks: - nextcloud_internal - proxy labels: - traefik.http.middlewares.oo-secure-headers.headers.stsSeconds=31536000 - traefik.http.middlewares.oo-secure-headers.headers.stsIncludeSubdomains=true - traefik.http.middlewares.oo-secure-headers.headers.stsPreload=true - traefik.http.middlewares.oo-secure-headers.headers.contentTypeNosniff=true - traefik.http.middlewares.oo-forwarded.headers.customRequestHeaders.X-Forwarded-Proto=https - traefik.http.middlewares.oo-forwarded.headers.customRequestHeaders.X-Forwarded-Host=${OO_DOMAIN} - traefik.http.middlewares.oo-forwarded.headers.customRequestHeaders.X-Forwarded-Port=443 - traefik.http.middlewares.oo-forwarded.headers.customRequestHeaders.X-Forwarded-Ssl=on - traefik.http.services.onlyoffice.loadbalancer.server.port=80 networks: nextcloud_internal: driver: bridge proxy: external: true mail_internal: external: true