Hi,
I am trying to implement a NextCloud + OnlyOffice service behind traefik with docker-compose. I have create a user-defined certificate for Nextcloud but I need to do for onlyoffice too.
To do working the https for Nextcloud I have modified the default certificate store but I dont know how to add a new certificate-store entry for onlyoffice.
Any idea?
This my code:
version: "2.2"
networks:
proxy:
external: true
internal:
external: false
services:
traefik:
image: "traefik:v2.2"
container_name: "traefik"
command:
#- "--log.level=DEBUG"
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
- "--providers.file.filename=/etc/traefik/tls/nextcloud-nxtsvc-pre.toml"
- "--providers.file.watch=true"
labels:
- "traefik.enable=true"
- "traefik.http.routers.traefik.rule=Host(`monitor-nxtsvc-pre.mydomain.org`)"
ports:
- "80:80"
- "8080:8080"
- "443:443"
volumes:
- "/var/run/docker.sock:/var/run/docker.sock:ro"
- "./traefik/tls/:/etc/traefik/tls/"
- "/etc/localtime:/etc/localtime:ro"
mem_reservation: 512 mb
mem_limit: 1000000000
networks:
- proxy
nextcloud:
image: nextcloud
environment:
- MYSQL_DATABASE=nextcloudpre
- MYSQL_USER=root
links:
- mysql
restart: always
volumes:
- ./nextcloud/nextcloud:/var/www/html
- ./nextcloud/apps:/var/www/html/custom_apps
- ./nextcloud/data:/var/www/html/data
- ./nextcloud/config:/var/www/html/config
- /etc/localtime:/etc/localtime:ro
labels:
- "traefik.enable=true"
- "traefik.docker.network=proxy"
- "traefik.http.routers.nextcloudpre-http.rule=Host(`nextcloud-nxtsvc-pre.mydomain.org`)"
- "traefik.http.routers.nextcloudpre-http.entrypoints=web"
- "traefik.http.routers.nextcloudpre-http.service=pool-nextcloudpre"
- "traefik.http.routers.nextcloud-https.rule=Host(`nextcloud-nxtsvc-pre.mydomain.org`)"
- "traefik.http.routers.nextcloud-https.entrypoints=websecure"
- "traefik.http.routers.nextcloud-https.tls=true"
- "traefik.http.routers.nextcloud-https.service=pool-nextcloudpre"
- "traefik.http.services.pool-nextcloudpre.loadbalancer.server.port=80"
- "traefik.http.services.pool-nextcloudpre.loadbalancer.server.scheme=http"
- "traefik.http.services.pool-nextcloudpre.loadbalancer.sticky.cookie=true"
- "traefik.http.services.pool-nextcloudpre.loadbalancer.sticky.cookie.name=nxtc-pre-cookie"
#- "traefik.http.services.nextcloud.loadbalancer.sticky.cookie.secure=true"
#- "traefik.http.services.myservice.loadbalancer.sticky.cookie.samesite=none"
mem_reservation: 2 gb
mem_limit: 4000000000
scale: 2
networks:
- internal
- proxy
depends_on:
- mysql
onlyoffice-ds:
#container_name: onlyoffice
image: onlyoffice/documentserver:latest
stdin_open: true
tty: true
restart: always
expose:
- '80'
volumes:
- ./onlyoffice/Data:/var/www/onlyoffice/data
- ./onlyoffice/log:/var/www/onlyoffice/log
- ./onlyoffice/config/default.json:/etc/onlyoffice/documentserver/default.json
- ./onlyoffice/config/local.json:/etc/onlyoffice/documentserver/local.json
- ./onlyoffice/config/http-common.conf:/etc/onlyoffice/documentserver/nginx/includes/http-common.conf
- /etc/localtime:/etc/localtime:ro
labels:
- "traefik.enable=true"
- "traefik.http.routers.onlyoffice-ds.rule=Host(`onlyoffice-nxtsvc-pre.mydomain.org`)"
- "traefik.http.routers.onlyoffice-ds.entrypoints=web"
- "traefik.docker.network=proxy"
- "traefik.http.services.onlyoffice-ds.loadbalancer.server.port=80"
- "traefik.http.services.onlyoffice-ds.loadbalancer.server.scheme=http"
- "traefik.http.services.onlyoffice-ds.loadbalancer.sticky.cookie=true"
- "traefik.http.services.onlyoffice-ds.loadbalancer.sticky.cookie.name=ooffice-pre-cookie"
mem_reservation: 2 gb
mem_limit: 4000000000
networks:
- proxy
depends_on:
- nextcloud
mysql:
image: mariadb:latest
environment:
- MYSQL_ROOT_PASSWORD=XXXXXXXXXX
restart: always
volumes:
- ./mysql/mysqldir:/var/lib/mysql
- /etc/localtime:/etc/localtime:ro
mem_reservation: 512 mb
mem_limit: 756000000
networks:
- internal
labels:
- traefik.enable=false
/etc/traefik/tls/nextcloud-nxtsvc-pre.toml
# Dynamic configuration
[tls.stores]
[tls.stores.default]
[tls.stores.default.defaultCertificate]
certFile = "/etc/traefik/tls/nextcloud-nxtsvc-pre_tls.crt"
keyFile = "/etc/traefik/tls/nextcloud-nxtsvc-pre_tls.key"
[tls.stores.onlyofficepre]
[tls.stores.onlyofficepre.defaultCertificate]
certFile = "/etc/traefik/tls/onlyoffice-nxtsvc-pre_tls.crt"
keyFile = "/etc/traefik/tls/onlyoffice-nxtsvc-pre_tls.key"