From a1d7128a41dd9f85645b904eaedb0dfd463d874b Mon Sep 17 00:00:00 2001
From: Arpad Krejczinger <krejczinger.arpad@gmail.com>
Date: Tue, 19 Aug 2025 19:40:25 +0200
Subject: [PATCH] Add Nextcloud Docker configuration with secure password
 handling
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- Complete Docker Compose setup with MariaDB and Redis
- External storage mounts for existing homelab folders
- Secure password handling using Docker secrets from ~/creds/
- Configured for /cloud path with proper reverse proxy settings

Note: Nextcloud was tested but disabled in favor of copyparty for
file server functionality due to performance and complexity concerns.

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
---
 config/docker/nextcloud/docker-compose.yml | 83 ++++++++++++++++++++++
 1 file changed, 83 insertions(+)
 create mode 100644 config/docker/nextcloud/docker-compose.yml

diff --git a/config/docker/nextcloud/docker-compose.yml b/config/docker/nextcloud/docker-compose.yml
new file mode 100644
index 0000000..edb32be
--- /dev/null
+++ b/config/docker/nextcloud/docker-compose.yml
@@ -0,0 +1,83 @@
+# DEPLOYMENT LOCATION: /opt/docker/nextcloud/docker-compose.yml
+# Deploy with:
+#   sudo mkdir -p /opt/docker/nextcloud
+#   sudo cp config/docker/nextcloud/docker-compose.yml /opt/docker/nextcloud/
+#   sudo cp config/docker/nextcloud/.env /opt/docker/nextcloud/
+#   cd /opt/docker/nextcloud && sudo docker-compose up -d
+
+services:
+  nextcloud-db:
+    image: mariadb:10.11
+    restart: unless-stopped
+    container_name: nextcloud-db
+    environment:
+      - MYSQL_ROOT_PASSWORD_FILE=/run/secrets/mysql_root_password
+      - MYSQL_PASSWORD_FILE=/run/secrets/mysql_password
+      - MYSQL_DATABASE=nextcloud
+      - MYSQL_USER=nextcloud
+    volumes:
+      - nextcloud_db:/var/lib/mysql
+    networks:
+      - nextcloud
+    secrets:
+      - mysql_root_password
+      - mysql_password
+
+  nextcloud-redis:
+    image: redis:7-alpine
+    restart: unless-stopped
+    container_name: nextcloud-redis
+    networks:
+      - nextcloud
+
+  nextcloud-app:
+    image: nextcloud:29
+    restart: unless-stopped
+    container_name: nextcloud-app
+    ports:
+      - "8083:80"
+    environment:
+      - MYSQL_PASSWORD_FILE=/run/secrets/mysql_password
+      - MYSQL_DATABASE=nextcloud
+      - MYSQL_USER=nextcloud
+      - MYSQL_HOST=nextcloud-db
+      - REDIS_HOST=nextcloud-redis
+      - NEXTCLOUD_TRUSTED_DOMAINS=ak-homelab.duckdns.org 192.168.0.100 localhost
+      - NEXTCLOUD_ADMIN_USER=hoborg
+      - NEXTCLOUD_ADMIN_PASSWORD_FILE=/run/secrets/nextcloud_admin_password
+      - OVERWRITEPROTOCOL=https
+      - OVERWRITEHOST=ak-homelab.duckdns.org
+      - OVERWRITEWEBROOT=/cloud
+    volumes:
+      - nextcloud_data:/var/www/html
+      # External storage mounts for existing folders
+      - /home/hoborg/shared:/external_storage/shared:rw
+      - /home/hoborg/Documents:/external_storage/documents:rw
+      - /home/hoborg/Music:/external_storage/music:rw
+      - /home/hoborg/Videos:/external_storage/videos:rw
+      - /home/hoborg/Pictures:/external_storage/pictures:rw
+      - /home/hoborg/private:/external_storage/private:rw
+    depends_on:
+      - nextcloud-db
+      - nextcloud-redis
+    networks:
+      - nextcloud
+    secrets:
+      - mysql_password
+      - nextcloud_admin_password
+
+secrets:
+  mysql_root_password:
+    file: /home/hoborg/creds/nextcloud_mysql_root_password.txt
+  mysql_password:
+    file: /home/hoborg/creds/nextcloud_mysql_password.txt
+  nextcloud_admin_password:
+    file: /home/hoborg/creds/nextcloud_admin_password.txt
+
+volumes:
+  nextcloud_db:
+  nextcloud_data:
+
+networks:
+  nextcloud:
+    driver: bridge