docker编排部署nginx+nextcloud+mariadb

1、编写docker-compose.yml

version: '3'


services:
  db:
    image: mariadb:10.5
    restart: always
    command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
    volumes:
      - ./nextcloud/db:/var/lib/mysql
    environment:
      - MYSQL_ROOT_PASSWORD=password
      - MYSQL_PASSWORD=password
      - MYSQL_DATABASE=nextcloud
      - MYSQL_USER=nextcloud

  app:
    image: nextcloud
    restart: always
    links:
      - db
    volumes:
      - ./nextcloud/nextcloud:/var/www/html
    environment:
      - MYSQL_PASSWORD=password
      - MYSQL_DATABASE=nextcloud
      - MYSQL_USER=nextcloud
      - MYSQL_HOST=db

  web:
    image: nginx:latest
    restart: always
    links:
      - app
    ports:
      - "80:80"
      - "443:443"     ##https需要配置
    volumes:
      - ./nextcloud/nginx.conf:/etc/nginx/nginx.conf
      - ./nextcloud/nextcloud:/var/www/html
      - ./nextcloud/nginx_vhost/nextcloud.conf:/etc/nginx/conf.d/nextcloud.conf
      - ./nextcloud/nextcloud.crt:/etc/nginx/ssl/nextcloud.crt    ##https需要配置
      - ./nextcloud/nextcloud.key:/etc/nginx/ssl/nextcloud.key    ##https需要配置

2、需要在当前文件目录创建nextcloud目录。

mkdir -p nextcloud/{db,nextcloud,nginx_vhost}

3、编写nginx.conf

user  nginx;
worker_processes  auto;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;

events {
    worker_connections  1024;
}

http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    #gzip  on;

    include /etc/nginx/conf.d/*.conf;  # 包含其他配置文件
}

4、编写nextcloud.conf
https版本需要将证书文件按上传到nextcloud目录

server {
    listen 80;
    server_name 192.168.58.6;  # 替换为你的域名或IP地址

    location / {
        return 301 https://$host$request_uri;
    }
}

server {
    listen 443 ssl;
    server_name 192.168.58.6;  # 替换为你的域名或IP地址

    ssl_certificate /etc/nginx/ssl/nextcloud.crt;
    ssl_certificate_key /etc/nginx/ssl/nextcloud.key;

    location / {
        proxy_pass http://app:80;  # 假设Nextcloud容器名为app
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For 		         
        $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
	add_header Strict-Transport-Security 'max-age=15552000';
    }

location /.well-known/carddav {
    return 301 $scheme://$host/remote.php/dav;
}

location /.well-known/caldav {
    return 301 $scheme://$host/remote.php/dav;
}
    error_page 500 502 503 504 /50x.html;
    location = /50x.html {
        root /usr/share/nginx/html;
    }
}

http版本

server {
    listen 80;
    server_name 192.168.58.6;  # 替换为你的域名或IP地址

    location / {
        proxy_pass http://app:80;  # 假设Nextcloud容器名为app
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
	add_header Strict-Transport-Security 'max-age=15552000';
    }

location /.well-known/carddav {
    return 301 $scheme://$host/remote.php/dav;
}

location /.well-known/caldav {
    return 301 $scheme://$host/remote.php/dav;
}
    error_page 500 502 503 504 /50x.html;
    location = /50x.html {
        root /usr/share/nginx/html;
    }
}

5、启动

docker-compose up -d