services: # ───────────────────────────────────────────── # Nextcloud — sync & share + editor web # ───────────────────────────────────────────── nextcloud: image: nextcloud:28-apache container_name: nextcloud restart: unless-stopped depends_on: - nextcloud-db - nextcloud-redis environment: NEXTCLOUD_ADMIN_USER: ${NC_ADMIN_USER} NEXTCLOUD_ADMIN_PASSWORD: ${NC_ADMIN_PASSWORD} NEXTCLOUD_TRUSTED_DOMAINS: ${NC_DOMAIN} MYSQL_HOST: nextcloud-db MYSQL_DATABASE: ${DB_NAME} MYSQL_USER: ${DB_USER} MYSQL_PASSWORD: ${DB_PASSWORD} REDIS_HOST: nextcloud-redis # Necessario per funzionare dietro Cloudflare Tunnel OVERWRITEPROTOCOL: https OVERWRITECLIURL: https://${NC_DOMAIN} volumes: - nextcloud_html:/var/www/html - nextcloud_data:/var/www/html/data expose: - "80" mem_limit: 512m mem_reservation: 256m cpus: "0.75" networks: - office_net # ───────────────────────────────────────────── # MariaDB — database per Nextcloud (più leggero di PostgreSQL) # ───────────────────────────────────────────── nextcloud-db: image: mariadb:11-ubi container_name: nextcloud-db restart: unless-stopped environment: MYSQL_ROOT_PASSWORD: ${DB_ROOT_PASSWORD} MYSQL_DATABASE: ${DB_NAME} MYSQL_USER: ${DB_USER} MYSQL_PASSWORD: ${DB_PASSWORD} volumes: - nextcloud_db:/var/lib/mysql expose: - "3306" mem_limit: 256m mem_reservation: 128m cpus: "0.25" networks: - office_net # ───────────────────────────────────────────── # Redis — cache per Nextcloud (velocizza molto) # ───────────────────────────────────────────── nextcloud-redis: image: redis:7-alpine container_name: nextcloud-redis restart: unless-stopped command: redis-server --save "" --appendonly no --maxmemory 64mb --maxmemory-policy allkeys-lru mem_limit: 80m mem_reservation: 32m cpus: "0.10" networks: - office_net # ───────────────────────────────────────────── # ONLYOFFICE Document Server # ───────────────────────────────────────────── onlyoffice: image: onlyoffice/documentserver:latest container_name: onlyoffice restart: unless-stopped environment: JWT_ENABLED: "true" JWT_SECRET: ${JWT_SECRET} JWT_HEADER: Authorization volumes: - onlyoffice_data:/var/www/onlyoffice/Data - onlyoffice_logs:/var/log/onlyoffice - onlyoffice_lib:/var/lib/onlyoffice expose: - "80" mem_limit: 1g mem_reservation: 512m cpus: "1.0" networks: - office_net # ───────────────────────────────────────────── # Cloudflare Tunnel # Espone SOLO Nextcloud (porta 80) verso l'esterno. # ONLYOFFICE è raggiungibile internamente da Nextcloud # tramite http://onlyoffice:80 # ───────────────────────────────────────────── cloudflared: image: cloudflare/cloudflared:latest container_name: cloudflared restart: unless-stopped command: tunnel --no-autoupdate run --token ${CLOUDFLARE_TOKEN} mem_limit: 128m mem_reservation: 64m cpus: "0.25" depends_on: - nextcloud - onlyoffice networks: - office_net # ───────────────────────────────────────────── # Volumi persistenti # ───────────────────────────────────────────── volumes: nextcloud_html: nextcloud_data: nextcloud_db: onlyoffice_data: onlyoffice_logs: onlyoffice_lib: # ───────────────────────────────────────────── # Rete interna # ───────────────────────────────────────────── networks: office_net: driver: bridge