{ config, pkgs, lib, ... }: with lib; let nextcloudVersion = "32.0.6"; redisVersion = "8.6-alpine"; databaseVersion = "11.4"; onlyofficeVersion = "9.2"; whiteboardVersion = "v1.5.6"; helper = import ./lib.nix { inherit config pkgs lib; }; cfg = config.numbus.services.nextcloud; cfg2 = config.numbus.services.onlyoffice; cfg3 = config.numbus.services.whiteboard; in helper.mkPodmanService { description = "Nextcloud, your own online office suite"; name = "nextcloud"; pod = "nextcloud"; secondName = "onlyoffice"; thirdName = "whiteboard"; defaultPort = "11000"; secondDefaultPort = "9980"; thirdDefaultPort = "3002"; secondReverseProxied = true; thirdReverseProxied = true; secondConfigDirEnabled = true; thirdConfigDirEnabled = false; secondDataDirEnabled = false; thirdDataDirEnabled = false; # Compose file good composeText = '' services: nextcloud-server: image: docker.io/library/nextcloud:${nextcloudVersion} container_name: nextcloud-server hostname: nextcloud-server networks: nextcloud: ports: - "${cfg.port}:80/tcp" volumes: - ${cfg.configDir}/web:/var/www/html - ${cfg.dataDir}:/mnt/ncdata environment: MYSQL_HOST: nextcloud-database MYSQL_DATABASE: $MYSQL_DATABASE MYSQL_USER: $MYSQL_USER MYSQL_PASSWORD: $MYSQL_PASSWORD REDIS_HOST: nextcloud-redis REDIS_HOST_PASSWORD: $REDIS_HOST_PASSWORD NEXTCLOUD_TRUSTED_DOMAINS: ${cfg.subdomain}.${config.numbus.services.domain} NEXTCLOUD_DATA_DIR: /mnt/ncdata SMTP_HOST: $SMTP_HOST SMTP_SECURE: tls SMTP_PORT: $SMTP_PORT SMTP_NAME: $SMTP_NAME SMTP_PASSWORD: $SMTP_PASSWORD MAIL_FROM_ADDRESS: nextcloud-noreply MAIL_DOMAIN: ${config.numbus.services.domain} APACHE_DISABLE_REWRITE_IP: 1 TRUSTED_PROXIES: 192.168.11.5 OVERWRITEPROTOCOL: https depends_on: - nextcloud-database security_opt: - no-new-privileges:true cap_drop: - NET_RAW restart: unless-stopped nextcloud-redis: image: docker.io/library/redis:${redisVersion} container_name: nextcloud-redis hostname: nextcloud-redis user: '1000:1000' networks: nextcloud: volumes: - ${cfg.configDir}/redis:/data command: redis-server --requirepass $REDIS_HOST_PASSWORD --save 60 1 --loglevel warning security_opt: - no-new-privileges:true cap_drop: - NET_RAW restart: unless-stopped nextcloud-database: image: docker.io/library/mariadb:${databaseVersion} container_name: nextcloud-database hostname: nextcloud-database user: '1000:1000' networks: nextcloud: volumes: - ${cfg.configDir}/database:/var/lib/mysql environment: MARIADB_DATABASE: $MYSQL_DATABASE MARIADB_USER: $MYSQL_USER MARIADB_PASSWORD: $MYSQL_PASSWORD MARIADB_RANDOM_ROOT_PASSWORD: true security_opt: - no-new-privileges:true cap_drop: - NET_RAW restart: unless-stopped nextcloud-onlyoffice: container_name: nextcloud-onlyoffice hostname: nextcloud-onlyoffice image: docker.io/onlyoffice/documentserver:${onlyofficeVersion} environment: - JWT_SECRET=$JWT_SECRET ports: - "${cfg2.port}:80/tcp" volumes: - ${cfg2.configDir}/log:/var/log/onlyoffice - ${cfg2.configDir}/cache:/var/lib/onlyoffice - ${cfg2.configDir}/database:/var/lib/postgresql security_opt: - no-new-privileges:true cap_drop: - NET_RAW restart: unless-stopped nextcloud-whiteboard: image: ghcr.io/nextcloud-releases/whiteboard:${whiteboardVersion} container_name: nextcloud-whiteboard hostname: nextcloud-whiteboard user: '1000:1000' ports: - "${cfg3.port}:3002/tcp" environment: NEXTCLOUD_URL: https://${cfg.subdomain}.${config.numbus.services.domain} JWT_SECRET_KEY: $JWT_SECRET security_opt: - no-new-privileges:true cap_drop: - NET_RAW restart: unless-stopped networks: nextcloud: name: nextcloud driver: bridge ''; }