From efbdb61b006e0592dc55a9b5bad4375336195da6 Mon Sep 17 00:00:00 2001
From: Jef Roosens <roosensjef@gmail.com>
Date: Mon, 14 Feb 2022 11:10:14 +0100
Subject: [PATCH] First version of nextcloud stack

---
 stacks/nextcloud.yml | 103 +++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 103 insertions(+)
 create mode 100644 stacks/nextcloud.yml

diff --git a/stacks/nextcloud.yml b/stacks/nextcloud.yml
new file mode 100644
index 0000000..1258962
--- /dev/null
+++ b/stacks/nextcloud.yml
@@ -0,0 +1,103 @@
+version: '3'
+
+services:
+  app:
+    image: 'nextcloud:23.0.1-apache'
+
+    deploy:
+      mode: 'replicated'
+      replicas: 1
+      placement:
+        constraints:
+          - 'node.labels.class.nextcloud==true'
+      labels:
+        - 'traefik.enable=true'
+
+        # We create a middleware that redirects the cal/carddav
+        - 'traefik.http.middlewares.nextcloud-caldav.redirectregex.permanent=true'
+        - 'traefik.http.middlewares.nextcloud-caldav.redirectregex.regex=^https://(.*)/.well-known/(card|cal)dav'
+        - 'traefik.http.middlewares.nextcloud-caldav.redirectregex.replacement=https://$${1}/remote.php/dav/'
+
+        - 'traefik.http.routers.nextcloud.rule=Host(`cloud.rustybever.be`)'
+
+        # We then enable this middleware for the actual nextcloud router
+        - 'traefik.http.routers.nextcloud.middlewares=nextcloud-caldav@docker'
+
+        - 'traefik.http.routers.nextcloud.tls=true'
+        - 'traefik.http.routers.nextcloud.tls.certresolver=letsEncrypt'
+        - 'traefik.http.services.nextcloud.loadbalancer.server.port=8000'
+
+    environment:
+      - 'POSTGRES_DB=nextcloud'
+      - 'POSTGRES_USER=nextcloud'
+      - 'POSTGRES_PASSWORD=nextcloud'
+      - 'POSTGRES_HOST=db'
+      - 'REDIS_HOST=redis'
+      - 'NEXTCLOUD_ADMIN_USER_FILE=/run/secrets/nextcloud_admin_user'
+      - 'NEXTCLOUD_ADMIN_PASSWORD_FILE=/run/secrets/nextcloud_admin_password'
+    networks:
+      - default
+      - public
+    secrets:
+      - nextcloud_admin_user
+      - nextcloud_admin_password
+    volumes:
+      - 'config:/var/www/html/config'
+      - 'data:/var/www/html/data'
+      - 'root:/var/www/html'
+
+  db:
+    image: 'postgres:14.2-alpine'
+
+    healthcheck:
+      test: pg_isready
+      interval: 30s 
+      timeout: 5s
+      retries: 3
+      start_period: 15s
+
+    deploy:
+      mode: 'replicated'
+      replicas: 1
+      placement:
+        constraints:
+          - 'node.labels.class.nextcloud==true'
+
+    environment:
+      - 'POSTGRES_DB=nextcloud'
+      - 'POSTGRES_USER=nextcloud'
+      - 'POSTGRES_PASSWORD=nextcloud'
+    volumes:
+      - 'db-data:/var/lib/postgresql/data'
+
+  redis:
+    image: 'redis:6.2.6-alpine'
+
+    healthcheck:
+      test: 'redis-cli -h localhost ping'
+      interval: '10s'
+      timeout: '5s'
+      retries: 3
+
+    deploy:
+      mode: 'replicated'
+      replicas: 1
+      placement:
+        constraints:
+          - 'node.labels.class.nextcloud==true'
+
+networks:
+  public:
+    external: true
+
+secrets:
+  nextcloud_admin_user:
+    external: true
+  nextcloud_admin_password:
+    external: true
+
+volumes:
+  config:
+  data:
+  root:
+  db-data: