From 2badc54f9183461d3daba53e9b244bbf98b70e97 Mon Sep 17 00:00:00 2001
From: Henrik <henrik@mertens.digital>
Date: Sun, 7 May 2023 12:40:32 +0000
Subject: [PATCH] added nextcloud standalone

---
 Composer/basic/docker-compose.yml             | 53 ++++++++-------
 .../default-config/preview.config.php         |  0
 .../docker-compose.yml                        | 65 ++++++++++++++-----
 3 files changed, 77 insertions(+), 41 deletions(-)
 rename Composer/{nextcloud => nextcloud-standalone}/default-config/preview.config.php (100%)
 rename Composer/{nextcloud => nextcloud-standalone}/docker-compose.yml (55%)

diff --git a/Composer/basic/docker-compose.yml b/Composer/basic/docker-compose.yml
index 61bf02c..bf76f0f 100644
--- a/Composer/basic/docker-compose.yml
+++ b/Composer/basic/docker-compose.yml
@@ -11,11 +11,18 @@ services:
       - --providers.docker.network=proxy
       - --serversTransport.insecureSkipVerify=true 
       - --api
-      #Lets Encrypt
-      - --certificatesresolvers.letsencrypt.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory
-      - --certificatesresolvers.letsencrypt.acme.email=${ACME_EMAIL}
-      - --certificatesresolvers.letsencrypt.acme.storage=/acme.json
-      - --certificatesresolvers.letsencrypt.acme.tlschallenge=true
+
+      - "--certificatesresolvers.letsencrypt.acme.httpchallenge=true"
+      - "--certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web"
+      #- "--certificatesresolvers.letsencrypt.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
+      - "--certificatesresolvers.letsencrypt.acme.email=${ACME_EMAIL}"
+      - "--certificatesresolvers.letsencrypt.acme.storage=/letsencrypt/acme.json"
+
+      #Lets Encrypt TLS Challenge
+      #- --certificatesresolvers.letsencrypt.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory
+      #- --certificatesresolvers.letsencrypt.acme.email=${ACME_EMAIL}
+      #- --certificatesresolvers.letsencrypt.acme.storage=/acme.json
+      #- --certificatesresolvers.letsencrypt.acme.tlschallenge=true
       #Logging
       - "--accesslog=true"
       - "--accesslog.filePath=/logs/access.log"
@@ -28,12 +35,12 @@ services:
       - /etc/timezone:/etc/timezone:ro
       - /etc/localtime:/etc/localtime:ro
       - "/var/run/docker.sock:/var/run/docker.sock:ro"
-      - "./data/letsencrypt/acme.json:/acme.json"
+      - "./data/letsencrypt:/letsencrypt"
       - ./data/logs/:/logs/
     labels:
       # Dashboard
       - "traefik.enable=true"
-      - "traefik.http.routers.traefik.rule=Host(`treafik.dev.mertens.digital`)"
+      - "traefik.http.routers.traefik.rule=Host(`traefik.dev.mertens.digital`)"
       - "traefik.http.routers.traefik.service=api@internal"
       - "traefik.http.routers.traefik.tls.certresolver=letsencrypt"
       - "traefik.http.routers.traefik.entrypoints=websecure"
@@ -54,22 +61,22 @@ services:
     volumes:
       - /var/run/docker.sock:/var/run/docker.sock
   
-  whoami:
-    image:  traefik/whoami
-    command:
-       - --port=2001
-       - --name=test
-    ports:
-       - "2001:2001"
-    networks:
-      - proxy
-    labels:
-      - "traefik.enable=true"
-      - "traefik.http.routers.whoami.entrypoints=websecure"
-      - "traefik.http.routers.whoami.rule=Host(`whoami.dev.mertens.digital`)"
-      - "traefik.http.routers.whoami.tls=true"
-      - "traefik.http.routers.whoami.tls.certresolver=letsencrypt"
-      - "traefik.http.services.whoami.loadbalancer.server.port=2001"
+  # whoami:
+  #   image:  traefik/whoami
+  #   command:
+  #      - --port=2001
+  #      - --name=test
+  #   ports:
+  #      - "2001:2001"
+  #   networks:
+  #     - proxy
+  #   labels:
+  #     - "traefik.enable=true"
+  #     - "traefik.http.routers.whoami.entrypoints=websecure"
+  #     - "traefik.http.routers.whoami.rule=Host(`whoami.dev.mertens.digital`)"
+  #     - "traefik.http.routers.whoami.tls=true"
+  #     - "traefik.http.routers.whoami.tls.certresolver=letsencrypt"
+  #     - "traefik.http.services.whoami.loadbalancer.server.port=2001"
 
 
 
diff --git a/Composer/nextcloud/default-config/preview.config.php b/Composer/nextcloud-standalone/default-config/preview.config.php
similarity index 100%
rename from Composer/nextcloud/default-config/preview.config.php
rename to Composer/nextcloud-standalone/default-config/preview.config.php
diff --git a/Composer/nextcloud/docker-compose.yml b/Composer/nextcloud-standalone/docker-compose.yml
similarity index 55%
rename from Composer/nextcloud/docker-compose.yml
rename to Composer/nextcloud-standalone/docker-compose.yml
index 54a3794..c2fa94c 100644
--- a/Composer/nextcloud/docker-compose.yml
+++ b/Composer/nextcloud-standalone/docker-compose.yml
@@ -1,24 +1,29 @@
 version: '3'
 
 services:
+  
   app:
     image: nextcloud
     restart: always
     networks:
-      - caddy
+      - proxy
       - nextcloud
     labels:
-      caddy: ${HOSTNAME}
-      caddy.reverse_proxy: "{{upstreams http 80}}"
-      caddy.0_redir: "/.well-known/carddav /remote.php/dav 301"
-      caddy.1_redir: "/.well-known/caldav /remote.php/dav 301"
-      caddy.header: "Strict-Transport-Security max-age=15552000"
-      caddy.tls: "internal"
+      - "traefik.enable=true"
+      - "traefik.http.routers.nextcloud.rule=Host(`${HOSTNAME}`)"
+      - "traefik.http.routers.nextcloud.service=nextcloud"
+      - "traefik.http.routers.nextcloud.entrypoints=websecure"
+      - "traefik.http.services.nextcloud.loadbalancer.server.port=80"
+      - "traefik.http.routers.nextcloud.tls=true"
+      - "traefik.http.routers.nextcloud.tls.certresolver=letsencrypt"
+      - "traefik.http.services.nextcloud.loadbalancer.passhostheader=true"
+      - "traefik.http.routers.nextcloud.middlewares=compresstraefik"
+      - "traefik.http.middlewares.compresstraefik.compress=true"
     volumes:
       - ./data/nextcloud/www:/var/www/html
-      - ./default-config/preview.config.php:/var/www/html/config/preview.config.php
+      #- ./default-config/preview.config.php:/var/www/html/config/preview.config.php
     depends_on:
-      - clamav
+      #- clamav
       - preview
       - db
       - redis
@@ -42,14 +47,38 @@ services:
       - PORT=9000
     command: -concurrency 50 -enable-url-source
 
-  clamav:
-    image: "clamav/clamav:stable_base"
-    container_name: "clamav"
-    networks:
-      - nextcloud
-    volumes:
-      - ./data/clamav/virus_db:/var/lib/clamav/   # Virus database
+  collabora-code:
+    image: collabora/code
+    container_name: collabora-code
+    cap_add:
+     - MKNOD
+    ports:
+      - 9980:9980
+    environment:
+      - "domain=cloud\\.dev\\.mertens\\.digital"
+      - username=admin
+      - "extra_params=--o:ssl.enable=false --o:ssl.termination=true"
+      - password=CREATE-A-SECURE-PASSWORD-HERE
     restart: unless-stopped
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.collabora.entrypoints=websecure"
+      - "traefik.http.routers.collabora.rule=Host(`${COLLABORA_FQDN}`)"
+      - "traefik.http.routers.collabora.tls=true"
+      - "traefik.http.routers.collabora.tls.certresolver=letsencrypt"
+      - "traefik.http.services.collabora.loadbalancer.server.port=9980"
+      #- "traefik.http.services.collabora.loadbalancer.passhostheader=true"
+    networks:
+      - proxy
+
+  # clamav:
+  #   image: "clamav/clamav:stable_base"
+  #   container_name: "clamav"
+  #   networks:
+  #     - nextcloud
+  #   volumes:
+  #     - ./data/clamav/virus_db:/var/lib/clamav/   # Virus database
+  #   restart: unless-stopped
   
   # Does Not Work
   #notify_push:
@@ -89,12 +118,12 @@ services:
 
 
   db:
-    container_name: db
     image: postgres:alpine
     restart: always
     networks:
       - nextcloud
     environment:
+      POSTGRES_DB: nextcloud
       POSTGRES_USER: ${POSTGRES_USER}
       POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
     volumes:
@@ -111,5 +140,5 @@ services:
 networks:
   nextcloud:
     internal: true
-  caddy:
+  proxy:
     external: true