Three closeouts in one pass: 1. DEVELOPMENT.md — consolidated hook-conventions table covering all 8 per-app hook types (tools / update-specifics / compose-tags / webui-refresh / the two traefik markers / the two network-provider hooks). One place to look instead of inferring from the codebase. 2. Nextcloud APCu wired alongside Redis: appUpdateSpecifics_nextcloud now sets memcache.local=\OC\Memcache\APCu too (was deferred from the fpm switch). APCu = cheap in-process cache; the fpm-alpine image ships the extension. CLI mode may emit a harmless "no memory cache" notice on `occ` runs — Nextcloud is graceful, the FPM worker still uses APCu fine. 3. Container-side file-capture rollout to 3 confident cases: - bookstack: lscr.io/linuxserver/bookstack with PUID=1000 → /config (1000:1000) - gitea: gitea/gitea with USER_UID=1000 → /data (1000:1000) - owncloud: owncloud/server (Apache/PHP) → /mnt/data (33:33, www-data) Snapshots are now complete for these (the dir's excluded from the raw restic pass and captured live through the container as a tar → libreportal-owned staging, same proven pattern as Nextcloud). Less-evidenced candidates left for live verification: linkding, mastodon, jellyfin, trilium, focalboard, invidious, vaultwarden, headscale-service — each needs its in-container uid confirmed before labeling (wrong uid won't break backup, but restore would chown to the wrong owner). Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> Signed-off-by: librelad <librelad@digitalangels.vip>
108 lines
4.5 KiB
YAML
Executable File
108 lines
4.5 KiB
YAML
Executable File
networks:
|
|
owncloud-internal:
|
|
DOCKER_NETWORK_DATA: #LIBREPORTAL|DOCKER_NETWORK_TAG|DOCKER_NETWORK_DATA
|
|
external: true
|
|
|
|
services:
|
|
owncloud-service: #LIBREPORTAL|SERVICE_TAG_1|owncloud-service
|
|
container_name: owncloud-service
|
|
image: owncloud/server:latest
|
|
restart: unless-stopped
|
|
hostname: owncloud
|
|
depends_on:
|
|
- owncloud-mariadb
|
|
- owncloud-redis
|
|
# GLUETUN_OFF_BEGIN
|
|
ports:
|
|
- "PORTS_DATA_1" #LIBREPORTAL|PORTS_TAG_1|PORTS_DATA_1
|
|
# GLUETUN_OFF_END
|
|
environment:
|
|
- OWNCLOUD_DOMAIN=DOMAINSUBNAME_DATA #LIBREPORTAL|DOMAINSUBNAME_TAG|DOMAINSUBNAME_DATA
|
|
- OWNCLOUD_TRUSTED_DOMAINS=TRUSTED_DOMAINS_DATA #LIBREPORTAL|TRUSTED_DOMAINS_TAG|TRUSTED_DOMAINS_DATA
|
|
- OWNCLOUD_DB_TYPE=mysql
|
|
- OWNCLOUD_DB_NAME=RANDOM_DATA_3 #LIBREPORTAL|RANDOM_TAG_3|RANDOM_DATA_3
|
|
- OWNCLOUD_DB_USERNAME=RANDOM_DATA_1 #LIBREPORTAL|RANDOM_TAG_1|RANDOM_DATA_1
|
|
- OWNCLOUD_DB_PASSWORD=PASSWORD_DATA_1 #LIBREPORTAL|PASSWORD_TAG_1|PASSWORD_DATA_1
|
|
- OWNCLOUD_DB_HOST=owncloud-mariadb
|
|
- OWNCLOUD_ADMIN_USERNAME=RANDOM_DATA_2 #LIBREPORTAL|RANDOM_TAG_2|RANDOM_DATA_2
|
|
- OWNCLOUD_ADMIN_PASSWORD=PASSWORD_DATA_2 #LIBREPORTAL|PASSWORD_TAG_2|PASSWORD_DATA_2
|
|
- OWNCLOUD_MYSQL_UTF8MB4=true
|
|
- OWNCLOUD_REDIS_ENABLED=true
|
|
- OWNCLOUD_REDIS_HOST=owncloud-redis
|
|
labels:
|
|
libreportal.category: "CATEGORY_DATA" #LIBREPORTAL|CATEGORY_TAG|CATEGORY_DATA
|
|
libreportal.title: "TITLE_DATA" #LIBREPORTAL|TITLE_TAG|TITLE_DATA
|
|
libreportal.backup.db: "mariadb:owncloud-mariadb:mysql:"
|
|
libreportal.backup.files: "owncloud-service:/mnt/data:files:33:33"
|
|
traefik.enable: TRAEFIK_ENABLE_DATA #LIBREPORTAL|TRAEFIK_ENABLE_TAG|TRAEFIK_ENABLE_DATA
|
|
# TRAEFIK_PORT_1_BEGIN
|
|
traefik.http.routers.owncloud-service.entrypoints: web,websecure
|
|
traefik.http.routers.owncloud-service.rule: Host(`DOMAINSUBNAME_DATA_1`) #LIBREPORTAL|DOMAINSUBNAME_TAG_1|DOMAINSUBNAME_DATA_1
|
|
traefik.http.routers.owncloud-service.tls: true
|
|
traefik.http.routers.owncloud-service.tls.certresolver: production
|
|
traefik.http.services.owncloud-service.loadbalancer.server.port: PORT_INTERNAL_DATA_1 #LIBREPORTAL|PORT_INTERNAL_TAG_1|PORT_INTERNAL_DATA_1
|
|
traefik.http.routers.owncloud-service.middlewares: MIDDLEWARE_DATA_1 #LIBREPORTAL|MIDDLEWARE_TAG_1|MIDDLEWARE_DATA_1
|
|
# TRAEFIK_PORT_1_END
|
|
traefik.docker.network: DOCKER_NETWORK_DATA #LIBREPORTAL|DOCKER_NETWORK_TAG|DOCKER_NETWORK_DATA
|
|
healthcheck:
|
|
test: ["CMD", "/usr/bin/healthcheck"]
|
|
interval: 30s
|
|
timeout: 10s
|
|
retries: 5
|
|
disable: HEALTHCHECK_DATA #LIBREPORTAL|HEALTHCHECK_TAG|HEALTHCHECK_DATA
|
|
volumes:
|
|
- SOCKET_DATA #LIBREPORTAL|SOCKET_TAG|SOCKET_DATA
|
|
- "./files:/mnt/data"
|
|
# GLUETUN_OFF_BEGIN
|
|
networks:
|
|
DOCKER_NETWORK_DATA: #LIBREPORTAL|DOCKER_NETWORK_TAG|DOCKER_NETWORK_DATA
|
|
ipv4_address: IP_DATA_1 #LIBREPORTAL|IP_TAG_1|IP_DATA_1
|
|
owncloud-internal:
|
|
# GLUETUN_OFF_END
|
|
# GLUETUN_ON_BEGIN
|
|
# network_mode: "container:gluetun-service"
|
|
# GLUETUN_ON_END
|
|
logging:
|
|
driver: "json-file"
|
|
options:
|
|
max-size: "1m"
|
|
|
|
owncloud-mariadb: #LIBREPORTAL|SERVICE_TAG_2|owncloud-mariadb
|
|
container_name: owncloud-mariadb
|
|
image: mariadb:10.6
|
|
restart: unless-stopped
|
|
hostname: mariadb
|
|
environment:
|
|
- MYSQL_ROOT_PASSWORD=PASSWORD_DATA_3 #LIBREPORTAL|PASSWORD_TAG_3|PASSWORD_DATA_3
|
|
- MYSQL_USER=RANDOM_DATA_1 #LIBREPORTAL|RANDOM_TAG_1|RANDOM_DATA_1
|
|
- MYSQL_PASSWORD=PASSWORD_DATA_1 #LIBREPORTAL|PASSWORD_TAG_1|PASSWORD_DATA_1
|
|
- MYSQL_DATABASE=RANDOM_DATA_3 #LIBREPORTAL|RANDOM_TAG_3|RANDOM_DATA_3
|
|
command: ["--max-allowed-packet=128M", "--innodb-log-file-size=64M"]
|
|
healthcheck:
|
|
test: ["CMD", "mysqladmin", "ping", "-u", "root", "--password=PASSWORD_DATA_3"] #LIBREPORTAL|PASSWORD_TAG_3|PASSWORD_DATA_3
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 5
|
|
disable: HEALTHCHECK_DATA #LIBREPORTAL|HEALTHCHECK_TAG|HEALTHCHECK_DATA
|
|
volumes:
|
|
- "./mysql:/var/lib/mysql"
|
|
networks:
|
|
owncloud-internal:
|
|
|
|
owncloud-redis: #LIBREPORTAL|SERVICE_TAG_3|owncloud-redis
|
|
container_name: owncloud-redis
|
|
image: redis:6
|
|
restart: unless-stopped
|
|
hostname: redis
|
|
command: ["--databases", "1"]
|
|
healthcheck:
|
|
test: ["CMD", "redis-cli", "ping"]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 5
|
|
disable: HEALTHCHECK_DATA #LIBREPORTAL|HEALTHCHECK_TAG|HEALTHCHECK_DATA
|
|
volumes:
|
|
- "./redis:/data"
|
|
networks:
|
|
owncloud-internal:
|