Это старая версия документа!
Nextcloud
Установка Onlyoffice + Drawio + Drawio Export
nano docker_compose.yml
version: '3' services: # http://192.168.1.6 nginx: container_name: nextcloud-proxy image: nginx:latest restart: always networks: localnetwork: ipv4_address: "192.168.1.6" nextcloud_network: depends_on: - app - drawio - onlyoffice ports: - 192.168.1.6:80:80 # - 192.168.1.6:443:443 volumes: - proxy:/etc/nginx - data:/var/www/html # docker exec -u www-data nextcloud-app php occ config:system:set trusted_domains 4 --value=178.140.10.58 # docker exec -u www-data nextcloud-app php occ --no-warnings config:system:set onlyoffice DocumentServerUrl --value="/ds-vpath/" # docker exec -u www-data nextcloud-app php occ --no-warnings config:system:set onlyoffice DocumentServerInternalUrl --value="http://onlyoffice-document-server/" # docker exec -u www-data nextcloud-app php occ --no-warnings config:system:set onlyoffice jwt_secret --value="secret" # docker exec -u www-data nextcloud-app php occ upgrade app: image: nextcloud:latest container_name: nextcloud-app networks: nextcloud_network: expose: - '80' - '9000' depends_on: - db - redis volumes: - /etc/localtime:/etc/localtime:ro - data:/var/www/html:z environment: - TZ=Europe/Moscow - MYSQL_HOST=db - REDIS_HOST=redis - SKIP_DOMAIN_VALIDATION=true restart: unless-stopped # http://nextcloud-drawio drawio: image: jgraph/drawio:dev container_name: nextcloud-drawio networks: nextcloud_network: expose: - '8080' depends_on: - image-export environment: - DRAWIO_SELF_CONTAINED=1 - EXPORT_URL=http://image-export:8000/ # - PLANTUML_URL=http://plantuml-server:8080/ # - DRAWIO_BASE_URL=${DRAWIO_BASE_URL} restart: unless-stopped # http://image-export:8000/ image-export: image: jgraph/export-server container_name: nextcloud-drawio-export expose: - "8000" networks: nextcloud_network: # environment: # - DRAWIO_SERVER_URL=${DRAWIO_BASE_URL} #volumes: #- ./fonts:/usr/share/fonts/drawio restart: unless-stopped # ONLYOFFICE Docs address: /ds-vpath/ # ONLYOFFICE Docs address for internal requests from the server: /nextcloud-onlyoffice/ onlyoffice: container_name: nextcloud-onlyoffice image: onlyoffice/documentserver:latest environment: - JWT_SECRET=secret networks: nextcloud_network: restart: unless-stopped expose: - '80' # - '443' volumes: - document_data:/var/www/onlyoffice/Data - document_log:/var/log/onlyoffice cron: image: nextcloud:latest restart: unless-stopped volumes: - /etc/localtime:/etc/localtime:ro - data:/var/www/html:z environment: - TZ=Europe/Moscow entrypoint: /cron.sh depends_on: - db - redis networks: nextcloud_network: db: image: mariadb:11.4.5 container_name: nextcloud-mariadb command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW networks: nextcloud_network: volumes: - /etc/localtime:/etc/localtime:ro - db:/var/lib/mysql:rw environment: - TZ=Europe/Moscow - MYSQL_ROOT_PASSWORD=toor - MYSQL_PASSWORD=mysql - MYSQL_DATABASE=nextcloud - MYSQL_USER=nextcloud restart: unless-stopped redis: image: redis:alpine restart: unless-stopped networks: nextcloud_network: es01: image: elasticsearch:8.17.2 container_name: nextcloud-es01 restart: always environment: node.name: elasticsearch bootstrap.memory_lock: true ES_JAVA_OPTS: -Xms512m -Xmx512m xpack.security.enabled: false # Bootstrap password. # Used to initialize the keystore during the initial startup of # Elasticsearch. Ignored on subsequent runs. # ELASTIC_PASSWORD: ${ELASTIC_PASSWORD:-pass} # Use single node discovery in order to disable production mode and avoid bootstrap checks. # see: https://www.elastic.co/guide/en/elasticsearch/reference/current/bootstrap-checks.html discovery.type: single-node ulimits: memlock: soft: -1 hard: -1 volumes: - data01:/usr/share/elasticsearch/data expose: - 9200 - 9300 networks: nextcloud_network: volumes: proxy: data: db: document_data: document_log: data01: networks: nextcloud_network: localnetwork: name: localnetwork driver: ipvlan driver_opts: parent: eno1 ipvlan_mode: l3 ipam: config: - subnet: "192.168.1.0/24" ip_range: "192.168.1.1/24" gateway: "192.168.1.1"
Настройка прокси-сервера
nano /etc/nginx/nginx.conf
user www-data; worker_processes 1; error_log /var/log/nginx/error.log warn; pid /var/run/nginx.pid; events { worker_connections 1024; } http { include /etc/nginx/mime.types; default_type application/octet-stream; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; sendfile on; #tcp_nopush on; keepalive_timeout 65; map $http_host $this_host { "" $host; default $http_host; } map $http_x_forwarded_proto $the_scheme { default $http_x_forwarded_proto; "" $scheme; } map $http_x_forwarded_host $the_host { default $http_x_forwarded_host; "" $this_host; } server { listen 80; # The below allows for being behind a reverse proxy and allowing the Nextcloud app to connect server_tokens off; # Add headers to serve security related headers add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;"; add_header X-Content-Type-Options nosniff; add_header X-XSS-Protection "1; mode=block"; add_header X-Robots-Tag none; add_header X-Download-Options noopen; add_header X-Permitted-Cross-Domain-Policies none; root /var/www/html; client_max_body_size 10G; # 0=unlimited - set max upload size fastcgi_buffers 64 4K; gzip off; index index.php; location / { proxy_pass http://nextcloud-app; proxy_redirect off; client_max_body_size 100m; proxy_http_version 1.1; #proxy_set_header Upgrade $http_upgrade; #proxy_set_header Connection "upgrade"; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; #proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; #proxy_set_header X-Forwarded-Host $the_host/ds-vpath; #proxy_set_header X-Forwarded-Proto $the_scheme; } # onlyoffice location ~* ^/ds-vpath/ { rewrite /ds-vpath/(.*) /$1 break; proxy_pass http://nextcloud-onlyoffice; proxy_redirect off; client_max_body_size 100m; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Host $the_host/ds-vpath; proxy_set_header X-Forwarded-Proto $the_scheme; } # drawio location ~* ^/drawio/ { rewrite /drawio/(.*) /$1 break; proxy_pass http://nextcloud-drawio:8080; proxy_redirect off; client_max_body_size 100m; proxy_http_version 1.1; #proxy_set_header Upgrade $http_upgrade; #proxy_set_header Connection "upgrade"; #proxy_set_header Host $http_host; #proxy_set_header X-Real-IP $remote_addr; #proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; #proxy_set_header X-Forwarded-Host $the_host/ds-vpath; #proxy_set_header X-Forwarded-Proto $the_scheme; } # drawio-export PDF location /service/0 { rewrite /\/service\/0/(.*) /$1 break; proxy_pass http://nextcloud-drawio-export:8000; proxy_redirect off; client_max_body_size 100m; proxy_http_version 1.1; #proxy_set_header Upgrade $http_upgrade; #proxy_set_header Connection "upgrade"; #proxy_set_header Host $http_host; #proxy_set_header X-Real-IP $remote_addr; #proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; #proxy_set_header X-Forwarded-Host $the_host/ds-vpath; #proxy_set_header X-Forwarded-Proto $the_scheme; } } }
Установка контейнера и настройка приложения
$ docker compose up -d $ docker exec -u www-data nextcloud-app php occ config:system:set trusted_domains 4 --value=178.140.10.58 $ docker exec -u www-data nextcloud-app php occ app:install onlyoffice $ docker exec -u www-data nextcloud-app php occ --no-warnings config:system:set onlyoffice DocumentServerUrl --value="/ds-vpath/" $ docker exec -u www-data nextcloud-app php occ --no-warnings config:system:set onlyoffice DocumentServerInternalUrl --value="http://nextcloud-onlyoffice/" $ docker exec -u www-data nextcloud-app php occ --no-warnings config:system:set onlyoffice jwt_secret --value="secret"
- trusted_domains 1 - Индекс в массиве trusted_domains
Fulltextsearch + Elasticsearch
$ docker exec nextcloud-app curl -XGET 'nextcloud-es01:9200/?pretty' $ docker exec -u www-data nextcloud-app php occ fulltextsearch:test $ docker exec -u www-data nextcloud-app php occ full:index
OCC
$ docker exec -u www-data nextcloud-app php occ config:app:set calendar publicCalendars --value '[{"name":"My custom calendar","source":"http://example.com/example.ics"}]' $ docker exec -u www-data nextcloud-app php occ config:app:set dav calendarSubscriptionRefreshRate --value "PT6H" $ docker exec -u www-data nextcloud-app php occ config:app:set dav webcalAllowLocalAccess --value yes $ docker exec -u www-data nextcloud-app php occ upgrade $ docker exec nextcloud-app php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');" $ docker exec nextcloud-app php composer-setup.php $ docker exec nextcloud-app mv /var/www/html/composer.phar /usr/local/bin/composer $ docker exec nextcloud-app chmod +x /usr/local/bin/composer
Maintenance
$ docker exec -u www-data nextcloud-app php occ maintenance:mode --off
Composer
$ docker exec -u www-data nextcloud-app bash -c 'cd /var/www/html && ls -la' $ docker exec -u www-data nextcloud-app bash -c 'cd /var/www/html/custom_apps/backup && composer install'