compose/cloudstorage/compose.yml

version: "3.9"
services:
  nextcloud:
    image: nextcloud:latest
    container_name: nextcloud
    restart: always
    networks:
      - cloud_net
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=America/Toronto
      # Database connection
      - MYSQL_HOST=nextcloud_mariadb
      - MYSQL_DATABASE=nextcloud
      - MYSQL_USER=nextcloud
      - MYSQL_PASSWORD=${NEXTCLOUD_MYSQL_PASSWORD}
      # Reverse Proxy Overrides (Crucial for HTTPS behind Traefik)
      - OVERWRITEPROTOCOL=https
      - OVERWRITECLIURL=https://cloud.${DOMAIN}
      - NEXTCLOUD_TRUSTED_DOMAINS=cloud.${DOMAIN}
    volumes:
      - /mnt/HoardingCow_docker_data/NextCloud/data:/var/www/html:rw
    depends_on:
      - nextcloud_mariadb
    labels:
      - "traefik.enable=true"

      # Router for HTTP -> HTTPS Redirection (Matching your Gitea style)
      - "traefik.http.routers.nextcloud-http.rule=Host(`cloud.${DOMAIN}`)"
      - "traefik.http.routers.nextcloud-http.entrypoints=web"
      - "traefik.http.routers.nextcloud-http.middlewares=redirect-to-https"

      # Router for HTTPS
      - "traefik.http.routers.nextcloud-https.rule=Host(`cloud.${DOMAIN}`)"
      - "traefik.http.routers.nextcloud-https.entrypoints=websecure"
      - "traefik.http.routers.nextcloud-https.tls=true"
      - "traefik.http.routers.nextcloud-https.tls.certresolver=njalla"

      # Middlewares: Redirection + Nextcloud DAV fixes
      - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
      - "traefik.http.middlewares.nextcloud-dav.redirectregex.permanent=true"
      - "traefik.http.middlewares.nextcloud-dav.redirectregex.regex=https://(.*)/.well-known/(card|cal)dav"
      - "traefik.http.middlewares.nextcloud-dav.redirectregex.replacement=https://$$1/remote.php/dav/"
      
      # Apply both redirection and DAV fixes
      - "traefik.http.routers.nextcloud-https.middlewares=nextcloud-dav"

  nextcloud_cron:
    image: nextcloud:latest
    container_name: nextcloud_cron
    restart: always 
    networks:
      - cloud_net
    entrypoint: /cron.sh
    volumes:
      - /mnt/HoardingCow_docker_data/NextCloud/data:/var/www/html:rw
    depends_on:
      - nextcloud

  nextcloud_mariadb:
    image: mariadb:latest
    container_name: nextcloud_mariadb
    restart: unless-stopped
    networks:
      - cloud_internal
    environment:
      - MYSQL_RANDOM_ROOT_PASSWORD=yes
      - MYSQL_USER=nextcloud
      - MYSQL_PASSWORD=${NEXTCLOUD_MYSQL_PASSWORD}
      - MYSQL_DATABASE=nextcloud
    volumes:
      - /mnt/HoardingCow_docker_data/NextCloud/database:/var/lib/mysql:rw
    # command: ["--innodb-force-recovery=6"]

networks:
  cloud_net:
    external: true
    name: cloud_net
  cloud_internal:
    driver: bridge
    name: cloud_internal