• 0 Posts
  • 3 Comments
Joined 1 year ago
cake
Cake day: November 15th, 2023

help-circle
  • Sure:

    POSTGRES

    ---
    version: '3.8'
    services:
      postgres:
        container_name: postgres
        image: postgres:14-alpine
        environment:
          POSTGRES_PASSWORD: "XXXXXXXXXXXXXXXX"
          PGDATA: "/var/lib/postgresql/data/pgdata"
        volumes:
          - type: bind
            source: ./data
            target: /var/lib/postgresql/data
          - type: volume
            source: postgres-socket
            target: /run/postgresql
        logging:
          driver: json-file
          options:
            max-size: 2m
        restart: unless-stopped
    networks:
      default:
        external:
          name: backend
    volumes:
      postgres-socket:
        name: postgres-socket
    

    REDIS

    ---
    version: '3.8'
    services:
      redis:
        image: redis:7.2-alpine
        command:
          - /data/redis.conf
          - --loglevel
          - verbose
        volumes:
          - type: bind
            source: ./data
            target: /data
          - type: volume
            source: redis-socket
            target: /var/run
        logging:
          driver: json-file
          options:
            max-size: 2m
        restart: unless-stopped
    networks:
      default:
        external:
          name: backend
    volumes:
      redis-socket:
        name: redis-socket
    

    Here’s redis.conf, it took me a couple of tries to get it just right:

    # create a unix domain socket to listen on
    unixsocket /var/run/redis/redis.sock
    unixsocketperm 666
    # protected-mode no
    requirepass rrrrrrrrrrrrr
    bind 0.0.0.0
    port 6379
    tcp-keepalive 300
    daemonize no
    stop-writes-on-bgsave-error no
    rdbcompression yes
    rdbchecksum yes
    # maximum memory allowed for redis
    maxmemory 50M
    # how redis will evice old objects - least recently used
    maxmemory-policy allkeys-lru
    # logging
    # levels: debug verbose notice warning
    loglevel notice
    logfile ""
    always-show-logo yes
    

    NEXTCLOUD

    ---
    version: '3.8'
    services:
      nextcloud:
        image: nextcloud:27-fpm
        env_file:
          - data/environment.txt
        volumes:
          - type: bind
            source: ./data/html
            target: /var/www/html
          - type: volume
            source: redis-socket
            target: /redis
          - type: volume
            source: postgres-socket
            target: /postgres
          - type: tmpfs
            target: /tmp:exec
          - type: bind
            source: ./data/zz-docker.conf
            target: /usr/local/etc/php-fpm.d/zz-docker.conf
          - type: bind
            source: ./data/opcache_cli.conf
            target: /usr/local/etc/php/conf.d/opcache_cli.conf
        networks:
          - web
          - backend
        logging:
          driver: json-file
          options:
            max-size: 2m
        restart: unless-stopped
      crond:
        image: nextcloud:27-fpm
        entrypoint: /cron.sh
        env_file:
          - data/environment.txt
        volumes:
          - type: bind
            source: ./data/html
            target: /var/www/html
          - type: bind
            source: ./data/zz-docker.conf
            target: /usr/local/etc/php-fpm.d/zz-docker.conf
          - type: volume
            source: redis-socket
            target: /redis
          - type: volume
            source: postgres-socket
            target: /postgres
          - type: tmpfs
            target: /tmp:exec
        networks:
          - web
          - backend
        logging:
          driver: json-file
          options:
            max-size: 2m
        restart: unless-stopped
      collabora:
        image: collabora/code:23.05.5.4.1
        privileged: true
        environment:
          extra_params: "--o:ssl.enable=false --o:ssl.termination=true"
          aliasgroup1: 'https://my.nextcloud.domain.org:443'
        cap_add:
          - MKNOD
        networks:
          - web
        logging:
          driver: json-file
          options:
            max-size: 2m
        restart: unless-stopped
    networks:
      backend:
        external:
          name: backend
      web:
        external:
          name: web
    volumes:
      redis-socket:
        name: redis-socket
      postgres-socket:
        name: postgres-socket
    

    The environment.txt file is hostnames, logins, passwords, etc…

    POSTGRES_DB=nextcloud
    POSTGRES_USER=xxxxxxx
    POSTGRES_PASSWORD=yyyyyyyyyyyyyyyyyyy
    POSTGRES_SERVER=postgres
    POSTGRES_HOST=/postgres/.s.PGSQL.5432
    NEXTCLOUD_ADMIN_USER=aaaaa
    NEXTCLOUD_ADMIN_PASSWORD=hhhhhhhhhhhhhhhhhhh
    REDIS_HOST=redis
    REDIS_HOST_PORT=6379
    REDIS_HOST_PASSWORD=rrrrrrrrrrrrr
    

    The zz-docker.conf file sets some process tuning and log format, some might not even be necessary:

    [global]
    daemonize = no
    error_log = /proc/self/fd/2
    log_limit = 8192
    
    [www]
    access.log = /proc/self/fd/2
    access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%"
    catch_workers_output = yes
    decorate_workers_output = no
    clear_env = no
    
    user = www-data
    group = www-data
    
    listen = 9000
    listen = /var/www/html/.fpm-sock
    listen.owner = www-data
    listen.group = www-data
    listen.mode = 0666
    listen.backlog = 512
    
    pm = dynamic
    pm.max_children = 16
    pm.start_servers = 6
    pm.min_spare_servers = 4
    pm.max_spare_servers = 6
    pm.process_idle_timeout = 30s;
    pm.max_requests = 512
    

    The opcache_cli.conf file has a single line:

    opcache.enable_cli=1
    

    I don’t remember why it’s there but it’s working so I’m not touching it :-D

    Good luck :-)