hosting/cloudserve-infrastructure
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
cloudserve-infrastructure/roles/nextcloud/templates/docker-stack.yml.j2
Marty Oehme 135aadf3a0
feat(restic): Add restic backup maintenance stack 
Sets up regular backup maintenance for a restic (S3) backend, and
enables global variables for other roles to use for their individual
backup. Example found in nextcloud role.
2025-02-03 18:45:33 +01:00

198 lines
6.3 KiB
Django/Jinja
Raw Blame History

version: '3.7'
services:
web:
image: caddy
networks:
- backend
- "{{ docker_swarm_public_network_name }}"
healthcheck:
test: ["CMD", "wget", "--quiet", "--spider", "--tries=1", "http://127.0.0.1:2019/metrics"]
interval: 1m
timeout: 10s
retries: 3
start_period: 1m
volumes:
- data:/var/www/html:ro
- "{{ nextcloud_upstream_file_dir }}/Caddyfile:/etc/caddy/Caddyfile:ro"
- caddy:/data
app:
image: "{{ stack_image }}:{{ nextcloud_version }}"
networks:
- backend
volumes:
- data:/var/www/html
healthcheck:
test: ["CMD", "nc", "-z", "localhost", "9000"]
interval: 1m
timeout: 10s
retries: 3
start_period: 5m
# needed for db to be up,
# see https://help.nextcloud.com/t/failed-to-install-nextcloud-with-docker-compose/83681/15
# entrypoint: sh -c "while !(nc -z db 5432); do sleep 30; done; /entrypoint.sh php-fpm"
environment:
- NEXTCLOUD_ADMIN_USER={{ nextcloud_app_admin_username }}
- NEXTCLOUD_ADMIN_PASSWORD={{ nextcloud_app_admin_password }}
- REDIS_HOST=redis
- REDIS_HOST_PASSWORD={{ nextcloud_redis_password }}
- POSTGRES_HOST=db
- POSTGRES_DB={{ nextcloud_db_username }}
- POSTGRES_USER={{ nextcloud_db_username }}
- POSTGRES_PASSWORD={{ nextcloud_db_password }}
- PHP_MEMORY_LIMIT={{ nextcloud_php_memory_limit }}
- PHP_UPLOAD_LIMIT={{ nextcloud_php_upload_limit }}
{% if nextcloud_trusted_domains is not undefined and not none %}
- NEXTCLOUD_TRUSTED_DOMAINS={{ nextcloud_trusted_domains }}
{% endif %}
{% if nextcloud_smtp_host is not undefined and not none %}
- SMTP_HOST={{ nextcloud_smtp_host }}
{% endif %}
{% if nextcloud_smtp_port is not undefined and not none %}
- SMTP_PORT={{ nextcloud_smtp_port }}
{% endif %}
{% if nextcloud_smtp_secure is not undefined and not none %}
- SMTP_SECURE={{ nextcloud_smtp_secure }}
{% endif %}
{% if nextcloud_smtp_authtype is not undefined and not none %}
- SMTP_AUTHTYPE={{ nextcloud_smtp_authtype }}
{% endif %}
{% if nextcloud_smtp_username is not undefined and not none %}
- SMTP_NAME={{ nextcloud_smtp_username }}
{% endif %}
{% if nextcloud_smtp_password is not undefined and not none %}
- SMTP_PASSWORD={{ nextcloud_smtp_password }}
{% endif %}
{% if nextcloud_smtp_from_address is not undefined and not none %}
- MAIL_FROM_ADDRESS={{ nextcloud_smtp_from_address }}
{% endif %}
{% if nextcloud_smtp_from_domain is not undefined and not none %}
- MAIL_DOMAIN={{ nextcloud_smtp_from_domain }}
{% endif %}
{% if nextcloud_s3_host is not undefined and not none %}
- OBJECTSTORE_S3_HOST={{ nextcloud_s3_host }}
{% endif %}
{% if nextcloud_s3_bucket is not undefined and not none %}
- OBJECTSTORE_S3_BUCKET={{ nextcloud_s3_bucket }}
{% endif %}
{% if nextcloud_s3_key is not undefined and not none %}
- OBJECTSTORE_S3_KEY={{ nextcloud_s3_key }}
{% endif %}
{% if nextcloud_s3_secret is not undefined and not none %}
- OBJECTSTORE_S3_SECRET={{ nextcloud_s3_secret }}
{% endif %}
{% if nextcloud_s3_port is not undefined and not none %}
- OBJECTSTORE_S3_PORT={{ nextcloud_s3_port }}
{% endif %}
{% if nextcloud_s3_ssl is not undefined and not none %}
- OBJECTSTORE_S3_SSL={{ nextcloud_s3_ssl }}
{% endif %}
{% if nextcloud_s3_region is not undefined and not none %}
- OBJECTSTORE_S3_REGION={{ nextcloud_s3_region }}
{% endif %}
{% if nextcloud_s3_usepath_style is not undefined and not none %}
- OBJECTSTORE_S3_USEPATH_STYLE={{ nextcloud_s3_usepath_style }}
{% endif %}
{% if nextcloud_use_https is not undefined and not false %}
- OVERWRITEPROTOCOL=https
{% endif %}
cron:
image: {{ stack_image }}:{{ nextcloud_version }}
volumes:
- data:/var/www/html
healthcheck:
test: ["CMD", "php", "status.php", "|", "grep", "-q", "installed"]
interval: 1m
timeout: 10s
retries: 3
start_period: 5m
entrypoint: /cron.sh
networks:
- backend
db:
image: postgres:{{ nextcloud_db_version }}
environment:
- POSTGRES_USER={{ nextcloud_db_username }}
- POSTGRES_PASSWORD={{ nextcloud_db_password }}
healthcheck:
test: ["CMD", "pg_isready", "-q", "-U", "{{ nextcloud_db_username }}"]
interval: 1m
timeout: 10s
retries: 3
start_period: 1m
networks:
- backend
volumes:
- db:/var/lib/postgresql/data
redis:
image: redis:alpine
command: redis-server --requirepass {{ nextcloud_redis_password }}
healthcheck:
test: ["CMD", "redis-cli", "--pass", "{{ nextcloud_redis_password }}","ping"]
interval: 1m
timeout: 10s
retries: 3
start_period: 1m
volumes:
- redis:/data
networks:
- backend
# from https://okxo.de/speed-up-nextcloud-preview-generation-with-imaginary/
# and https://github.com/nextcloud/all-in-one/tree/main/Containers/imaginary
imaginary:
image: nextcloud/aio-imaginary:latest
environment:
- PORT=9000
healthcheck:
test: ["CMD", "/healthcheck.sh"]
interval: 1m
timeout: 10s
retries: 3
start_period: 1m
command: -return-size -max-allowed-resolution 222.2 -concurrency 50 -enable-url-source -log-level debug
cap_add:
- CAP_SYS_NICE
networks:
- backend
{% if backup_enable is not undefined and not false and nextcloud_backup_enable is not undefined and not false %}
backup:
image: mazzolino/restic
environment:
- "TZ={{ restic_timezone }}"
# go-cron starts w seconds
- "BACKUP_CRON={{ nextcloud_backup_cron }}"
- "RESTIC_REPOSITORY={{ restic_repo }}"
- "AWS_ACCESS_KEY_ID={{ restic_s3_key }}"
- "AWS_SECRET_ACCESS_KEY={{ restic_s3_secret }}"
- "RESTIC_PASSWORD={{ restic_pass }}"
- "RESTIC_BACKUP_TAGS=nextcloud"
- "RESTIC_BACKUP_SOURCES=/volumes"
volumes:
- db:/volumes/nextcloud_db:ro
- data:/volumes/nextcloud_data:ro
{% endif %}
# metrics:
# image: telegraf
# hostname: "${HOSTNAME:-vmi352583.contaboserver.net}"
# networks:
# - backend
# volumes:
# - ./telegraf:/etc/telegraf/telegraf.conf:ro
volumes:
data:
db:
redis:
caddy:
networks:
"{{ docker_swarm_public_network_name }}":
external: true
backend:
Reference in a new issue View git blame Copy permalink