henrov/nextcloud_ecosystem
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Been getting config files downloaded

Browse Source
This commit is contained in:
Henro Veijer
2026-02-23 22:01:38 +01:00
parent 56591b2c53
commit 359bd210ff
9021 changed files with 4554 additions and 118044 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docker/.env
+155
View File
@@ -0,0 +1,155 @@
# Base directory on the host for all persistent data (compose defaults to /data if unset)
DATA_DIR=/data
# ---------------------------
# Published ports (host side)
# ---------------------------
# Keycloak HTTP host port
KEYCLOAK_HTTP_PUBLISHED_PORT=8080
# Caddy host ports
CADDY_HTTP_PUBLISHED_PORT=80
CADDY_HTTPS_PUBLISHED_PORT=443
# Nextcloud signaling host port
SIGNALING_PUBLISHED_PORT=8090
# GitLab SSH host port
GITLAB_SSH_PUBLISHED_PORT=2222
# Janus published ports
JANUS_HTTP_PUBLISHED_PORT=8088
JANUS_HTTPS_PUBLISHED_PORT=8089
JANUS_ADMIN_HTTP_PUBLISHED_PORT=8188
JANUS_ADMIN_HTTPS_PUBLISHED_PORT=8889
JANUS_RTP_PUBLISHED_PORT=8000
JANUS_WS_PUBLISHED_PORT=7088
JANUS_WSS_PUBLISHED_PORT=7089
# TURN published ports
TURN_PORT=3478
TURN_TLS_PORT=5349
# ---------------------------
# Keycloak
# ---------------------------
# Keycloak DB mode/vendor (as used by Keycloak)
KC_DB=dev-file
# Enable HTTP listener (true/false)
KC_HTTP_ENABLED=true
# Public hostname for Keycloak
KC_HOSTNAME=keycloak.data-pro.nu
# Proxy headers mode (e.g. xforwarded)
KC_PROXY_HEADERS=xforwarded
# Proxy mode (e.g. edge)
KC_PROXY=edge
# Enforce strict hostname checks (true/false)
KC_HOSTNAME_STRICT=false
# Enforce strict HTTPS hostname checks (true/false)
KC_HOSTNAME_STRICT_HTTPS=false
# Enable metrics endpoint (true/false)
KC_METRICS_ENABLED=true
# Enable health endpoint (true/false)
KC_HEALTH_ENABLED=true
# Log level (e.g. info, debug)
KC_LOG_LEVEL=info
# Bootstrap admin username (first-run)
KC_BOOTSTRAP_ADMIN_USERNAME=admin
# Bootstrap admin password (first-run secret)
KC_BOOTSTRAP_ADMIN_PASSWORD=admin
# ---------------------------
# Nextcloud
# ---------------------------
# MariaDB password for the Nextcloud DB user (secret)
NEXTCLOUD_MYSQL_PASSWORD=MySQL2
# Nextcloud database name
NEXTCLOUD_MYSQL_DATABASE=nextcloud
# Nextcloud database user
NEXTCLOUD_MYSQL_USER=nextcloud
# MariaDB host (service name)
NEXTCLOUD_MYSQL_HOST=mariadb
# Redis host (service name)
NEXTCLOUD_REDIS_HOST=redis
# ---------------------------
# Signaling
# ---------------------------
# Path to signaling config inside the container
SIGNALING_CONFIG=/config/server.conf
# ---------------------------
# GitLab
# ---------------------------
# GitLab container hostname
GITLAB_HOSTNAME=gitlab.data-pro.nu
# GitLab external URL (used in omnibus config)
GITLAB_EXTERNAL_URL=https://gitlab.data-pro.nu
# ---------------------------
# Gitea
# ---------------------------
# Public hostname for Gitea
GITEA_DOMAIN=gitea.data-pro.nu
# Public root URL (must match how users access it)
GITEA_ROOT_URL=https://gitea.data-pro.nu/
# Internal HTTP port Gitea listens on inside container (usually 3000)
GITEA_HTTP_PORT=3000
# UID for file ownership on the host volume (match your server user, often 1000)
GITEA_USER_UID=1000
# GID for file ownership on the host volume (match your server group, often 1000)
GITEA_USER_GID=1000
# Hostname used in SSH clone URLs shown by Gitea
GITEA_SSH_DOMAIN=gitea.data-pro.nu
# SSH port shown in clone URLs (22 if not publishing a different host port)
GITEA_SSH_PORT=22
# OPTIONAL: host port to publish for Gitea SSH (only if you enable ports mapping in compose)
GITEA_SSH_PUBLISHED_PORT=2223
# ---------------------------
# Collabora
# ---------------------------
# Collabora 'domain' regex (escaped for .env)
COLLABORA_DOMAIN_REGEX=nextcloud\\.data\\-pro\\.nu
# Collabora admin username
COLLABORA_USERNAME=admin
# Collabora admin password (secret)
COLLABORA_PASSWORD=1Collabora2@
# Collabora runtime flags (quoted because it contains spaces)
COLLABORA_EXTRA_PARAMS="--o:ssl.enable=false --o:ssl.termination=true"
# ---------------------------
# MariaDB
# ---------------------------
# MariaDB root password (secret)
MYSQL_ROOT_PASSWORD=1MySQLRoot12!
# MariaDB initial database name
MARIADB_MYSQL_DATABASE=nextcloud
# MariaDB initial user
MARIADB_MYSQL_USER=nextcloud
# MariaDB initial user password (secret)
MARIADB_MYSQL_PASSWORD=MySQL2
#---------------------------
# n8n
# ---------------------------
N8N_HOST=n8n.data-pro.nu
N8N_PROTOCOL=https
N8N_WEBHOOK_URL=https://n8n.data-pro.nu/
N8N_ENCRYPTION_KEY=change_me_to_a_long_random_string
N8N_SECURE_COOKIE=true
N8N_TIMEZONE=Europe/AmsterdamN8N_HOST=n8n.data-pro.nu
N8N_PROTOCOL=https
N8N_WEBHOOK_URL=https://n8n.data-pro.nu/
N8N_ENCRYPTION_KEY=change_me_to_a_long_random_string
N8N_SECURE_COOKIE=true
N8N_TIMEZONE=Europe/Amsterdam
docker/docker-compose.yml
+214
View File
@@ -0,0 +1,214 @@
services:
keycloak:
image: keycloak/keycloak:latest
container_name: keycloak
restart: unless-stopped
command: start
depends_on:
- mariadb
ports:
- "${KEYCLOAK_HTTP_PUBLISHED_PORT}:8080"
environment:
KC_DB: ${KC_DB}
KC_HTTP_ENABLED: ${KC_HTTP_ENABLED}
KC_HOSTNAME: ${KC_HOSTNAME}
KC_PROXY_HEADERS: ${KC_PROXY_HEADERS}
KC_PROXY: ${KC_PROXY}
KC_HOSTNAME_STRICT: ${KC_HOSTNAME_STRICT}
KC_HOSTNAME_STRICT_HTTPS: ${KC_HOSTNAME_STRICT_HTTPS}
KC_METRICS_ENABLED: ${KC_METRICS_ENABLED}
KC_HEALTH_ENABLED: ${KC_HEALTH_ENABLED}
KC_LOG_LEVEL: ${KC_LOG_LEVEL}
KC_BOOTSTRAP_ADMIN_USERNAME: ${KC_BOOTSTRAP_ADMIN_USERNAME}
KC_BOOTSTRAP_ADMIN_PASSWORD: ${KC_BOOTSTRAP_ADMIN_PASSWORD}
volumes:
- ${DATA_DIR:-/data}/keycloak:/opt/keycloak/data
networks:
- caddy_net
caddy:
image: caddy:2
container_name: caddy
restart: unless-stopped
ports:
- "${CADDY_HTTP_PUBLISHED_PORT}:80"
- "${CADDY_HTTPS_PUBLISHED_PORT}:443"
volumes:
- ${DATA_DIR:-/data}/caddy/Caddyfile:/etc/caddy/Caddyfile
- ${DATA_DIR:-/data}/caddy:/data
- ${DATA_DIR:-/data}/caddy_config:/config
networks:
- caddy_net
nextcloud:
image: nextcloud:latest
container_name: nextcloud
restart: unless-stopped
depends_on:
- mariadb
- signaling
- caddy
- redis
- janus
- collabora
environment:
MYSQL_PASSWORD: ${NEXTCLOUD_MYSQL_PASSWORD}
MYSQL_DATABASE: ${NEXTCLOUD_MYSQL_DATABASE}
MYSQL_USER: ${NEXTCLOUD_MYSQL_USER}
MYSQL_HOST: ${NEXTCLOUD_MYSQL_HOST}
REDIS_HOST: ${NEXTCLOUD_REDIS_HOST}
volumes:
- ${DATA_DIR:-/data}/nextcloud/config:/var/www/html/config
- ${DATA_DIR:-/data}/nextcloud/data:/var/www/html/data
- ${DATA_DIR:-/data}/nextcloud/custom_apps:/var/www/html/custom_apps
- ${DATA_DIR:-/data}/nextcloud/themes:/var/www/html/themes
- ${DATA_DIR:-/data}/nextcloud/php/conf.d/opcache.ini:/usr/local/etc/php/conf.d/opcache.ini:ro
- ${DATA_DIR:-/data}/nextcloud/scripts:/data/nextcloud/scripts:ro
networks:
- caddy_net
signaling:
image: ghcr.io/strukturag/nextcloud-spreed-signaling:latest
container_name: signaling
restart: unless-stopped
ports:
- "${SIGNALING_PUBLISHED_PORT}:8090"
depends_on:
- janus
- coturn
volumes:
- ${DATA_DIR:-/data}/signaling/config:/config
- ${DATA_DIR:-/data}/certs:/certs
environment:
SIGNALING_CONFIG: ${SIGNALING_CONFIG}
networks:
- caddy_net
redis:
image: redis:latest
container_name: redis
restart: unless-stopped
volumes:
- ${DATA_DIR:-/data}/redis:/data
networks:
- caddy_net
gitea:
image: gitea/gitea:latest
container_name: gitea
restart: unless-stopped
environment:
USER_UID: ${GITEA_USER_UID}
USER_GID: ${GITEA_USER_GID}
# Configure via environment variables (maps to app.ini keys)
GITEA__server__DOMAIN: ${GITEA_DOMAIN}
GITEA__server__ROOT_URL: ${GITEA_ROOT_URL}
GITEA__server__HTTP_PORT: ${GITEA_HTTP_PORT}
# Show correct SSH clone URL in the UI
GITEA__server__SSH_DOMAIN: ${GITEA_SSH_DOMAIN}
GITEA__server__SSH_PORT: ${GITEA_SSH_PORT}
volumes:
- ${DATA_DIR:-/data}/gitea:/data
networks:
- caddy_net
# Optional: enable Git-over-SSH on a dedicated host port (avoid conflicts with GitLab 2222)
ports:
- "${GITEA_SSH_PUBLISHED_PORT}:22"
janus:
image: mwalbeck/janus-gateway
container_name: janus
restart: unless-stopped
ports:
- "${JANUS_HTTP_PUBLISHED_PORT}:8088"
- "${JANUS_HTTPS_PUBLISHED_PORT}:8089"
- "${JANUS_ADMIN_HTTP_PUBLISHED_PORT}:8188"
- "${JANUS_ADMIN_HTTPS_PUBLISHED_PORT}:8889"
- "${JANUS_RTP_PUBLISHED_PORT}:8000"
- "${JANUS_WS_PUBLISHED_PORT}:7088"
- "${JANUS_WSS_PUBLISHED_PORT}:7089"
volumes:
- ${DATA_DIR:-/data}/janus:/usr/local/etc/janus
networks:
- caddy_net
collabora:
image: collabora/code
container_name: collabora
restart: unless-stopped
environment:
- domain=${COLLABORA_DOMAIN_REGEX}
- username=${COLLABORA_USERNAME}
- password=${COLLABORA_PASSWORD}
- extra_params=${COLLABORA_EXTRA_PARAMS}
volumes:
- ${DATA_DIR:-/data}/collabora:/data
networks:
- caddy_net
mariadb:
image: mariadb:11.4
container_name: mariadb
restart: unless-stopped
environment:
MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD}
MYSQL_DATABASE: ${MARIADB_MYSQL_DATABASE}
MYSQL_USER: ${MARIADB_MYSQL_USER}
MYSQL_PASSWORD: ${MARIADB_MYSQL_PASSWORD}
volumes:
- ${DATA_DIR:-/data}/mariadb:/var/lib/mysql
networks:
- caddy_net
coturn:
image: instrumentisto/coturn
container_name: coturn
restart: unless-stopped
networks:
- caddy_net
ports:
- "${TURN_PORT}:3478" # STUN/TURN TCP
- "${TURN_PORT}:3478/udp" # STUN/TURN UDP
- "${TURN_TLS_PORT}:5349" # TLS
- "${TURN_TLS_PORT}:5349/udp"
environment:
- TURN_PORT=${TURN_PORT}
volumes:
- ${DATA_DIR:-/data}/coturn/turnserver.conf:/etc/coturn/turnserver.conf
- ${DATA_DIR:-/data}/coturn/logs:/var/log
- ${DATA_DIR:-/data}/caddy/certificates/acme-v02.api.letsencrypt.org-directory/turn.data-pro.nu:/etc/coturn/certs
# --- n8n (automation/workflows) ---
n8n:
image: n8nio/n8n:latest
container_name: n8n
restart: unless-stopped
environment:
N8N_HOST: ${N8N_HOST}
N8N_PORT: 5678
N8N_PROTOCOL: ${N8N_PROTOCOL}
WEBHOOK_URL: ${N8N_WEBHOOK_URL}
GENERIC_TIMEZONE: ${N8N_TIMEZONE:-Europe/Amsterdam}
N8N_ENCRYPTION_KEY: ${N8N_ENCRYPTION_KEY}
N8N_SECURE_COOKIE: ${N8N_SECURE_COOKIE:-true}
volumes:
- ${DATA_DIR:-/data}/n8n:/home/node/.n8n
networks:
- caddy_net
ansible:
image: alpine/ansible:latest
container_name: ansible
restart: unless-stopped
working_dir: /ansible
volumes:
- ${DATA_DIR:-/data}/ansible/ansible-project:/ansible
- ${DATA_DIR:-/data}/ansible/ansible-ssh:/home/ansible/.ssh
network_mode: host
command: ["sh", "-c", "while true; do sleep 3600; done"]
networks:
caddy_net: