add nextcloud

time spent: 40m

Author: Friz-zy

README.md

@@ -7,7 +7,7 @@ Warning: This setup doesn't provide high level of security or any [high availabi
 Also you can check [Awesome Selfhosted](https://github.com/awesome-selfhosted/awesome-selfhosted) and [Free for Dev](https://free-for.dev/) for more options ;)
 
 Time track:
-- [Filipp Frizzy](https://github.com/Friz-zy/): 57h 5m for 14 days
+- [Filipp Frizzy](https://github.com/Friz-zy/): 57h 45m for 14 days
 
 ## Available and planned open source components
 
@@ -29,12 +29,13 @@ Time track:
 
 ### Management
 * [DONE] [Gitlab](https://about.gitlab.com/) as git hosting and devops platform
+* [DONE] [Nextcloud](https://nextcloud.com/) as cloud storage with plugins for emal, task management, password storage, etc
+* [DONE] [Tuleap](https://www.tuleap.org/) as management software
 * [DONE] [Openproject](https://www.openproject.org/) as management software
 * [DONE] [Vaultwarden](https://github.com/dani-garcia/vaultwarden/wiki) as password manager for business
-* [Backlog] [Tuleap](https://www.tuleap.org/) as management software
 * [Backlog] [Zentao](https://www.zentao.pm) as scrum management software
 * [Backlog] [Taiga](https://www.taiga.io/) as kanban board based management software
-* [Backlog] [Nextcloud](https://nextcloud.com/) or [Owncloud](https://owncloud.com/) as cloud storage
+* [Backlog] [Owncloud](https://owncloud.com/) as cloud storage
 
 ### Chat
 * [DONE] [rocket](https://rocket.chat/)
@@ -95,6 +96,7 @@ cd startpack
 
 Generate random passwords
 ```
+echo -e "export NEXTCLOUD_SQL_PASSWORD=$(echo $RANDOM `date`|md5sum|base64|head -c 25)\n$(cat env.sh)" > env.sh
 echo -e "export TULEAP_SQL_PASSWORD=$(echo $RANDOM `date`|md5sum|base64|head -c 25)\n$(cat env.sh)" > env.sh
 echo -e "export STRAPI_SQL_PASSWORD=$(echo $RANDOM `date`|md5sum|base64|head -c 25)\n$(cat env.sh)" > env.sh
 echo -e "export GITLAB_SQL_PASSWORD=$(echo $RANDOM `date`|md5sum|base64|head -c 25)\n$(cat env.sh)" > env.sh
@@ -133,6 +135,7 @@ After entering all commands below you'll able to login into your new services by
 * https://adminer.${YOUR DOMAIN} user `your $USERNAME` password `your $PASSWORD`
 * https://minio.${YOUR DOMAIN} user `your $USERNAME` password `your $PASSWORD`
 * https://gitlab.${YOUR DOMAIN} user `root` password `your $PASSWORD`
+* https://nextcloud.${YOUR DOMAIN} user `your $USERNAME` password `your $PASSWORD`
 * https://tuleap.${YOUR DOMAIN} user `admin` password `your $PASSWORD`
 * https://openproject.${YOUR DOMAIN} user `admin` password `admin`
 * https://rocketchat.${YOUR DOMAIN}
@@ -149,6 +152,7 @@ docker-compose -f registry.yml up -d
 docker-compose -f minio.yml up -d
 docker-compose -f vaultwarden.yml up -d
 docker-compose -f tuleap.yml up -d
+docker-compose -f nextcloud.yml up -d
 ```
 
 After enabling portainer you should immediately go to portainer.{your domain} and set admin password
@@ -194,6 +198,7 @@ docker stack deploy --compose-file registry.yml
 docker stack deploy --compose-file minio.yml
 docker stack deploy --compose-file vaultwarden.yml
 docker stack deploy --compose-file tuleap.yml
+docker stack deploy --compose-file nextcloud.yml
 ```
 
 After enabling portainer you should immediately go to portainer.{your domain} and set admin password

configs/postgres.sql

@@ -2,11 +2,14 @@ create database nocodb;
 create database openproject;
 create database gitlab;
 create database strapi;
+create database nextcloud;
 create user nocodb with password '${NOCODB_SQL_PASSWORD}';
 create user openproject with password '${OPENPROJECT_SQL_PASSWORD}';
 create user gitlab with password '${GITLAB_SQL_PASSWORD}';
 create user strapi with password '${STRAPI_SQL_PASSWORD}';
+create user nextcloud with password '${NEXTCLOUD_SQL_PASSWORD}';
 grant all privileges on database nocodb to nocodb;
 grant all privileges on database openproject to openproject;
 grant all privileges on database gitlab to gitlab;
 grant all privileges on database strapi to strapi;
+grant all privileges on database nextcloud to nextcloud;

env.sh.test

@@ -11,6 +11,7 @@ export OPENPROJECT_SQL_PASSWORD=Change_Me!!1
 export GITLAB_SQL_PASSWORD=Change_Me!!1
 export STRAPI_SQL_PASSWORD=Change_Me!!1
 export TULEAP_SQL_PASSWORD=N2IxMTY1NjMyOTkzZDZjNTY1MTNmMDQyMTg3Y2Y0YmMgIC0K
+export NEXTCLOUD_SQL_PASSWORD=Change_Me!!1
 
 export HASHED_PASSWORD=$(openssl passwd -apr1 $PASSWORD)
 export REGISTRY_HASHED_PASSWORD=$(openssl passwd -apr1 $REGISTRY_PASSWORD)

monitoring.yml

@@ -234,6 +234,8 @@ services:
       - taiga
       - rocketchat
       - vaultwarden
+      - tuleap
+      - nextcloud
 
 x-volume: &volume
   driver: local
@@ -316,3 +318,9 @@ networks:
   taiga:
     name: taiga
     <<: *network
+  tuleap:
+    name: tuleap
+    <<: *network
+  nextcloud:
+    name: nextcloud
+    <<: *network

nextcloud.yml

@@ -0,0 +1,64 @@
+version: '3.8'
+
+x-nextcloud-labels: &nextcloud-labels
+  labels:
+    - traefik.enable=true
+    - traefik.docker.network=nextcloud
+    - traefik.http.routers.nextcloud-http.rule=Host(`nextcloud.${DOMAIN?Variable DOMAIN not set}`)
+    - traefik.http.routers.nextcloud-http.entrypoints=http
+    - traefik.http.routers.nextcloud-http.service=nextcloud
+    - traefik.http.routers.nextcloud-http.middlewares=https-redirect
+    - traefik.http.routers.nextcloud-https.rule=Host(`nextcloud.${DOMAIN?Variable DOMAIN not set}`)
+    - traefik.http.routers.nextcloud-https.entrypoints=https
+    - traefik.http.routers.nextcloud-https.tls=true
+    - traefik.http.routers.nextcloud-https.service=nextcloud
+    - traefik.http.routers.nextcloud-https.tls.certresolver=le
+    - traefik.http.services.nextcloud.loadbalancer.server.port=80
+
+x-service: &service
+  logging:
+    driver: json-file
+    options:
+      max-size: "100m"
+      max-file: "2"
+  restart: always
+  networks:
+    - nextcloud
+    - database
+
+services:
+  # https://hub.docker.com/_/nextcloud
+  nextcloud:
+    container_name: nextcloud
+    image: nextcloud
+    deploy:
+      mode: replicated
+      replicas: 1
+      <<: *nextcloud-labels
+    <<: *nextcloud-labels
+    <<: *service
+    environment:
+      POSTGRES_DB: nextcloud
+      POSTGRES_USER: nextcloud
+      POSTGRES_PASSWORD: ${NEXTCLOUD_SQL_PASSWORD?Variable NEXTCLOUD_SQL_PASSWORD not set}
+      POSTGRES_HOST: postgres
+      NEXTCLOUD_ADMIN_USER: ${USERNAME?Variable USERNAME not set}
+      NEXTCLOUD_ADMIN_PASSWORD: ${PASSWORD?Variable PASSWORD not set}
+      NEXTCLOUD_TRUSTED_DOMAINS: nextcloud.${DOMAIN?Variable DOMAIN not set}
+      VIRTUAL_HOST: nextcloud.${DOMAIN?Variable DOMAIN not set}
+      #NEXTCLOUD_UPDATE: "true"
+    volumes:
+      - nextcloud-data:/var/www/html
+    user: root
+
+volumes:
+  nextcloud-data:
+    external: True
+
+networks:
+  nextcloud:
+    name: nextcloud
+    external: true
+  database:
+    name: database
+    external: true

setup-compose.yml

@@ -84,6 +84,7 @@ services:
       - vaultwarden
       - twake
       - tuleap
+      - nextcloud
 
 x-volume: &volume
   driver: local
@@ -194,6 +195,12 @@ volumes:
     driver_opts:
       <<: *volume-driver-opts
       device: ${DATAPATH?Variable DATAPATH not set}/tuleap/data
+  nextcloud-data:
+    name: nextcloud-data
+    <<: *volume
+    driver_opts:
+      <<: *volume-driver-opts
+      device: ${DATAPATH?Variable DATAPATH not set}/nextcloud/data
 
 x-network: &network
   driver: bridge
@@ -251,3 +258,6 @@ networks:
   tuleap:
     name: tuleap
     <<: *network
+  nextcloud:
+    name: nextcloud
+    <<: *network

setup-swarm.yml

@@ -115,6 +115,7 @@ services:
       - vaultwarden
       - twake
       - tuleap
+      - nextcloud
 
 x-volume: &volume
   driver: local
@@ -225,6 +226,12 @@ volumes:
     driver_opts:
       <<: *volume-driver-opts
       device: "${MASTER_IP?Variable MASTER_IP not set}:${DATAPATH?Variable DATAPATH not set}/tuleap/data"
+  nextcloud-data:
+    name: nextcloud-data
+    <<: *volume
+    driver_opts:
+      <<: *volume-driver-opts
+      device: "${MASTER_IP?Variable MASTER_IP not set}:${DATAPATH?Variable DATAPATH not set}/nextcloud/data"
 
 x-network: &network
   driver: overlay
@@ -282,3 +289,6 @@ networks:
   tuleap:
     name: tuleap
     <<: *network
+  nextcloud:
+    name: nextcloud
+    <<: *network

setup.sh

@@ -1,4 +1,4 @@
-mkdir -p ${DATAPATH?Variable DATAPATH not set}/{traefik,mariadb,postgres,portainer,registry,minio,nocodb,openproject,gitlab,strapi,telegraf,victoriametrics,influxdb,grafana,rocketchat,rocketchat-mongodb,gitlab,vaultwarden,twake,twake-mongodb,tuleap,tuleap-mysql}/{data,entrypoint,configs,certificates,logs}
+mkdir -p ${DATAPATH?Variable DATAPATH not set}/{traefik,mariadb,postgres,portainer,registry,minio,nocodb,openproject,gitlab,strapi,telegraf,victoriametrics,influxdb,grafana,rocketchat,rocketchat-mongodb,gitlab,vaultwarden,twake,twake-mongodb,tuleap,tuleap-mysql,nextcloud}/{data,entrypoint,configs,certificates,logs}
 
 envsubst < configs/postgres.sql > ${DATAPATH?Variable DATAPATH not set}/postgres/entrypoint/init.sql
 envsubst < configs/mariadb.sql > ${DATAPATH?Variable DATAPATH not set}/mariadb/entrypoint/init.sql