Esqueleto del proyecto ASIR 2022

nextcloud/.env

@@ -0,0 +1,4 @@
+POSTGRES_PW=PASSWORD_BD
+REDIS_PW=PW_REDIS
+NEXTCLOUD_PW=PASSDWORD_APP
+DOMAIN=DOMAIN

nextcloud/README.md

@@ -0,0 +1,49 @@
+# NextCloud
+
+To run docker-compose up you have to adapt `.env`
+
+## Usage
+
+Set the following environment variables:
+
+```env
+POSTGRES_PW=
+REDIS_PW=
+POSTGRES_PW=
+DOMAIN=
+```
+
+And then run
+
+```sh
+docker-compose up -d
+```
+
+## Useful
+
+This is a summary of useful commands to maintain your Nextcloud instance. I covered some basics, so do not expect a hollistic list of useful commands
+
+### Backup
+
+```sh
+#!/bin/bash
+cd PATH_TO_YOUR_NEXTCLOUD
+
+# Set maintenance mode on
+docker exec --user www-data nextcloud_nextcloud_1 php occ maintenance:mode --on
+
+tar -czvg PATH_TO_YOUR_NEXTCLOUD/snapshot.file -f PATH_TO_YOUR_NEXTCLOUD/nextcloud-`date +%d-%m-%Y_%H-%M-%S`.tar.gz ./nextcloud-db ./redis ./nextcloud-www
+
+# Set maintenance mode off
+docker exec --user www-data nextcloud_nextcloud_1 php occ maintenance:mode --off
+```
+
+### Run Cron
+
+```sh
+docker exec -u www-data CONTAINER_NAME php cron.php
+```
+
+## CoTURN
+
+Helps to integrate Nextcloud Talks, however, this part is still under investigation. Go to our CoTURN[documentation](./coturn/README.md) to get the latest information.

nextcloud/docker-compose.yaml

@@ -0,0 +1,70 @@
+version: '3.3'
+services:
+  dbnc:
+    restart: always
+    image: postgres:11
+    container_name: nextcloud_db
+    networks:
+      - other
+    environment:
+    - POSTGRES_USER=NOMBRE_USUARIO
+    - POSTGRES_PASSWORD=${POSTGRES_PW}
+    - POSTGRES_DB=NOMBRE_BD
+    volumes:
+    - ./nextcloud-db:/var/lib/postgresql/data
+  redis:
+    image: redis:latest
+    container_name: nextcloud_redis
+    restart: always
+    command: redis-server --requirepass ${REDIS_PW}
+    networks:
+      - other
+#      - proxy
+    volumes:
+      - ./redis:/var/lib/redis
+
+  nextcloud:
+    image: nextcloud:latest
+    container_name: nextcloud
+    restart: always
+    hostname: nextcloud.${DOMAIN}
+    networks:
+      - other
+      - proxy
+    depends_on:
+      - redis
+      - dbnc
+    labels:
+      - "traefik.enable=true"
+      - "traefik.docker.network=proxy"
+      - "traefik.http.routers.nextcloud.entrypoints=websecure"
+      - "traefik.http.routers.nextcloud.middlewares=nextcloud,nextcloud_redirect"
+      - "traefik.http.routers.me.tls.certresolver=mytlschallenge"
+      - "traefik.http.routers.nextcloud.rule=Host(`nextcloud.${DOMAIN}`)"
+      # - "traefik.http.middlewares.nextcloud.headers.customFrameOptionsValue=ALLOW-FROM https://${DOMAIN}"
+      # - "traefik.http.middlewares.nextcloud.headers.contentSecurityPolicy=frame-ancestors 'self' ${DOMAIN} *.${DOMAIN}"
+      # - "traefik.http.middlewares.testHeader.headers.customrequestheaders.X-Frame-Options=SAMEORIGIN"
+      - "traefik.http.middlewares.nextcloud.headers.stsSeconds=155520011"
+      - "traefik.http.middlewares.nextcloud.headers.stsIncludeSubdomains=true"
+      - "traefik.http.middlewares.nextcloud.headers.stsPreload=true"
+      - "traefik.http.middlewares.nextcloud_redirect.redirectregex.regex=/.well-known/(card|cal)dav"
+      - "traefik.http.middlewares.nextcloud_redirect.redirectregex.replacement=/remote.php/dav/"
+    environment:
+      - POSTGRES_DB=NOMBRE_BD
+      - POSTGRES_USER=NOMBRE_USUARIO
+      - POSTGRES_PASSWORD=${POSTGRES_PW}
+      - POSTGRES_HOST=dbnc
+      - NEXTCLOUD_ADMIN_USER=NOMBRE_USUARIO_APP
+      - NEXTCLOUD_ADMIN_PASSWORD=${NEXTCLOUD_PW}
+      - REDIS_HOST=redis
+      - REDIS_HOST_PASSWORD=${REDIS_PW}
+      - NEXTCLOUD_TRUSTED_DOMAINS=nextcloud.${DOMAIN}
+#      - TRUSTED_PROXIES=172.18.0.0/16
+      - OVERWRITEPROTOCOL=https
+    volumes:
+      - ./nextcloud-www:/var/www/html
+
+networks:
+  proxy:
+    external: true
+  other: