version: '3.4'

services:
  app:
    image: 'nextcloud:24.0.4-apache'

    deploy:
      mode: 'replicated'
      replicas: 1
      placement:
        constraints:
          - 'node.labels.class.nextcloud==true'
      labels:
        - 'traefik.enable=true'

        # We create a middleware that redirects the cal/carddav
        - 'traefik.http.middlewares.nextcloud-caldav.redirectregex.permanent=true'
        - 'traefik.http.middlewares.nextcloud-caldav.redirectregex.regex=^https://(.*)/.well-known/(card|cal)dav'
        - 'traefik.http.middlewares.nextcloud-caldav.redirectregex.replacement=https://$${1}/remote.php/dav/'

        - 'traefik.http.routers.nextcloud.rule=Host(`cloud.rustybever.be`)'

        # We then enable this middleware for the actual nextcloud router
        - 'traefik.http.routers.nextcloud.middlewares=nextcloud-caldav@docker'

        - 'traefik.http.routers.nextcloud.tls=true'
        - 'traefik.http.routers.nextcloud.tls.certresolver=letsEncrypt'
        - 'traefik.http.services.nextcloud.loadbalancer.server.port=80'

    environment:
      - 'POSTGRES_DB=nextcloud'
      - 'POSTGRES_USER=nextcloud'
      - 'POSTGRES_PASSWORD=nextcloud'
      - 'POSTGRES_HOST=db'
      - 'REDIS_HOST=redis'
      - 'NEXTCLOUD_ADMIN_USER_FILE=/run/secrets/nextcloud_admin_user'
      - 'NEXTCLOUD_ADMIN_PASSWORD_FILE=/run/secrets/nextcloud_admin_password'
      - 'NEXTCLOUD_TRUSTED_DOMAINS=cloud.rustybever.be'
    networks:
      - default
      - public
    secrets:
      - nextcloud_admin_user
      - nextcloud_admin_password
    volumes:
      - 'config:/var/www/html/config'
      - 'data:/var/www/html/data'
      - 'root:/var/www/html'

  cron:
    image: 'nextcloud:24.0.4-apache'
    entrypoint: '/cron.sh'

    deploy:
      mode: 'replicated'
      replicas: 1
      placement:
        constraints:
          - 'node.labels.class.nextcloud==true'
          
    environment:
      - 'POSTGRES_DB=nextcloud'
      - 'POSTGRES_USER=nextcloud'
      - 'POSTGRES_PASSWORD=nextcloud'
      - 'POSTGRES_HOST=db'
      - 'REDIS_HOST=redis'
      - 'NEXTCLOUD_ADMIN_USER_FILE=/run/secrets/nextcloud_admin_user'
      - 'NEXTCLOUD_ADMIN_PASSWORD_FILE=/run/secrets/nextcloud_admin_password'
      - 'NEXTCLOUD_TRUSTED_DOMAINS=cloud.rustybever.be'
    secrets:
      - nextcloud_admin_user
      - nextcloud_admin_password
    volumes:
      - 'config:/var/www/html/config'
      - 'data:/var/www/html/data'
      - 'root:/var/www/html'

  db:
    image: 'postgres:14.5-alpine'

    healthcheck:
      test: pg_isready -U nextcloud
      interval: 30s 
      timeout: 5s
      retries: 3
      start_period: 15s

    deploy:
      mode: 'replicated'
      replicas: 1
      placement:
        constraints:
          - 'node.labels.class.nextcloud==true'

    environment:
      - 'POSTGRES_DB=nextcloud'
      - 'POSTGRES_USER=nextcloud'
      - 'POSTGRES_PASSWORD=nextcloud'
    volumes:
      - 'db-data:/var/lib/postgresql/data'

  redis:
    image: 'redis:7.0.4-alpine'

    healthcheck:
      test: 'redis-cli -h localhost ping'
      interval: '10s'
      timeout: '5s'
      retries: 3

    deploy:
      mode: 'replicated'
      replicas: 1
      placement:
        constraints:
          - 'node.labels.class.nextcloud==true'

networks:
  public:
    external: true

secrets:
  nextcloud_admin_user:
    external: true
  nextcloud_admin_password:
    external: true

volumes:
  config:
  data:
  root:
  db-data: