--- services: nextcloud: image: nextcloud:${NC_VERSION} restart: unless-stopped depends_on: - db environment: - MYSQL_HOST=db - MYSQL_DATABASE=${NC_DATABASE_NAME} - MYSQL_USER=${NC_DATABASE_USER} - MYSQL_PASSWORD=${NC_DATABASE_PASS} - OVERWRITEPROTOCOL=https labels: - traefik.enable=${TRAEFIK_ENABLED} - traefik.docker.network=${TRAEFIK_NETWORK} # specify a custom middleware for nextcloud-specific configuration - traefik.http.middlewares.nextcloud-redirectregex.redirectRegex.permanent=true - traefik.http.middlewares.nextcloud-redirectregex.redirectRegex.regex="https://(.*)/.well-known/(card|cal)dav" - traefik.http.middlewares.nextcloud-redirectregex.redirectRegex.replacement="https://$${1}/remote.php/dav/" ### Section HTTP - traefik.http.routers.http-${TRAEFIK_ROUTER}.entrypoints=http # redirect to HTTPS only - traefik.http.routers.http-${TRAEFIK_ROUTER}.middlewares=http-to-https - traefik.http.routers.http-${TRAEFIK_ROUTER}.rule=Host(`${TRAEFIK_MATCHRULE}`) ### Section HTTPS - traefik.http.routers.https-${TRAEFIK_ROUTER}.entrypoints=https # configure the exposed service - traefik.http.routers.https-${TRAEFIK_ROUTER}.middlewares=hsts,nextcloud-redirectregex - traefik.http.routers.https-${TRAEFIK_ROUTER}.rule=Host(`${TRAEFIK_MATCHRULE}`) # of course, enable TLS and it's certificate provider - traefik.http.routers.https-${TRAEFIK_ROUTER}.tls=${TRAEFIK_TLSENABLED} - traefik.http.routers.https-${TRAEFIK_ROUTER}.tls.certresolver=${TRAEFIK_CERTRESOLVER} # specify a service so a custom port can be used - traefik.http.services.${TRAEFIK_SERVICE}.loadbalancer.server.port=${TRAEFIK_SERVICE_PORT} networks: - internal - traefik volumes: - ./data/nextcloud:/var/www/html db: image: mariadb:${DB_VERSION} restart: unless-stopped environment: - MYSQL_ROOT_PASSWORD=${DB_ROOT_PASS} - MYSQL_DATABASE=${NC_DATABASE_NAME} - MYSQL_USER=${NC_DATABASE_USER} - MYSQL_PASSWORD=${NC_DATABASE_PASS} networks: - internal volumes: - ./data/mysql:/var/lib/mysql networks: internal: traefik: external: true name: ${TRAEFIK_NETWORK}