76 lines
1.9 KiB
YAML
76 lines
1.9 KiB
YAML
services:
|
|
db:
|
|
image: mariadb:10.6
|
|
restart: always
|
|
command: --transaction-isolation=READ-COMMITTED --log-bin=binlog --binlog-format=ROW
|
|
volumes:
|
|
- /srv/@nextcloud/db:/var/lib/mysql
|
|
environment:
|
|
- MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}
|
|
- MYSQL_PASSWORD=${MYSQL_PASSWORD}
|
|
- MYSQL_DATABASE=nextcloud
|
|
- MYSQL_USER=nextcloud
|
|
networks:
|
|
- nextcloud
|
|
|
|
nextcloud:
|
|
image: nextcloud
|
|
container_name: nextcloud
|
|
restart: always
|
|
ports:
|
|
- 8080:80
|
|
links:
|
|
- db
|
|
volumes:
|
|
- /srv/@nextcloud/nextcloud:/var/www/html
|
|
environment:
|
|
- MYSQL_PASSWORD=${MYSQL_PASSWORD}
|
|
- MYSQL_DATABASE=nextcloud
|
|
- MYSQL_USER=nextcloud
|
|
- MYSQL_HOST=db
|
|
- OVERWRITEPROTOCOL=https
|
|
- TRUSTED_PROXIES=tailscale
|
|
- NEXTCLOUD_TRUSTED_DOMAINS=nextcloud.kamori-alkaid.ts.net
|
|
networks:
|
|
- nextcloud
|
|
|
|
tailscale:
|
|
image: tailscale/tailscale
|
|
environment:
|
|
TS_HOSTNAME: nextcloud
|
|
TS_AUTH_KEY: ${TS_AUTH_KEY}
|
|
TS_EXTRA_ARGS: --advertise-tags=tag:nextcloud # Required for OAuth client
|
|
TS_SERVE_CONFIG: /config/ts-serve.json
|
|
TS_AUTH_ONCE: true
|
|
TS_STATE_DIR: /var/lib/tailscale
|
|
init: true
|
|
healthcheck:
|
|
test: tailscale status --peers=false --json | grep 'Online.*true'
|
|
start_period: 3s
|
|
interval: 1s
|
|
retries: 3
|
|
restart: unless-stopped
|
|
devices:
|
|
- /dev/net/tun:/dev/net/tun
|
|
volumes:
|
|
- type: volume
|
|
source: tailscale
|
|
target: /var/lib/tailscale
|
|
- type: volume
|
|
source: tailscale_sock
|
|
target: /tmp # Mount entire /tmp folder to access tailscale.sock
|
|
- ./ts-serve.json:/config/ts-serve.json:ro
|
|
cap_add:
|
|
- NET_ADMIN
|
|
networks:
|
|
- nextcloud
|
|
|
|
volumes:
|
|
tailscale:
|
|
tailscale_sock:
|
|
nextcloud:
|
|
db:
|
|
|
|
networks:
|
|
nextcloud:
|
|
external: false
|