mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2025-10-10 02:38:10 +02:00
Nextcloud: set conservative Docker resource limits and template cleanups
- Add CPU/memory/PID limits for redis, database, proxy, cron, talk, whiteboard - Keep nextcloud service unchanged except existing settings - Normalize service_name templating and indentation in docker-compose.yml.j2 - Mount Janus config for Talk via volume Ref: https://chatgpt.com/share/68db9f41-16ec-800f-9cdf-7530862f89aa
This commit is contained in:
@@ -31,8 +31,16 @@ docker:
|
|||||||
services:
|
services:
|
||||||
redis:
|
redis:
|
||||||
enabled: true
|
enabled: true
|
||||||
|
cpus: "0.25"
|
||||||
|
mem_reservation: "64m"
|
||||||
|
mem_limit: "256m"
|
||||||
|
pids_limit: 256
|
||||||
database:
|
database:
|
||||||
enabled: true
|
enabled: true
|
||||||
|
cpus: "0.75"
|
||||||
|
mem_reservation: "512m"
|
||||||
|
mem_limit: "1.5g"
|
||||||
|
pids_limit: 512
|
||||||
nextcloud:
|
nextcloud:
|
||||||
name: "nextcloud"
|
name: "nextcloud"
|
||||||
image: "nextcloud"
|
image: "nextcloud"
|
||||||
@@ -49,8 +57,16 @@ docker:
|
|||||||
version: "alpine"
|
version: "alpine"
|
||||||
backup:
|
backup:
|
||||||
no_stop_required: true
|
no_stop_required: true
|
||||||
|
cpus: "0.5"
|
||||||
|
mem_reservation: "64m"
|
||||||
|
mem_limit: "256m"
|
||||||
|
pids_limit: 512
|
||||||
cron:
|
cron:
|
||||||
name: "nextcloud-cron"
|
name: "nextcloud-cron"
|
||||||
|
cpus: "0.25"
|
||||||
|
mem_reservation: "128m"
|
||||||
|
mem_limit: "512m"
|
||||||
|
pids_limit: 256
|
||||||
talk:
|
talk:
|
||||||
name: "nextcloud-talk"
|
name: "nextcloud-talk"
|
||||||
image: "nextcloud/aio-talk"
|
image: "nextcloud/aio-talk"
|
||||||
@@ -61,12 +77,20 @@ docker:
|
|||||||
onboard_enabled: true # Deactivated because standalone turnserver works with Big Blue Button, so I assume that the nextcloud internal turnserver has it's isssues
|
onboard_enabled: true # Deactivated because standalone turnserver works with Big Blue Button, so I assume that the nextcloud internal turnserver has it's isssues
|
||||||
standalone_enabled: false
|
standalone_enabled: false
|
||||||
network_mode: host
|
network_mode: host
|
||||||
|
cpus: "1.0"
|
||||||
|
mem_reservation: "256m"
|
||||||
|
mem_limit: "1g"
|
||||||
|
pids_limit: 512
|
||||||
whiteboard:
|
whiteboard:
|
||||||
name: "nextcloud-whiteboard"
|
name: "nextcloud-whiteboard"
|
||||||
image: "ghcr.io/nextcloud-releases/whiteboard"
|
image: "ghcr.io/nextcloud-releases/whiteboard"
|
||||||
version: "latest"
|
version: "latest"
|
||||||
backup:
|
backup:
|
||||||
no_stop_required: true
|
no_stop_required: true
|
||||||
|
cpus: "0.25"
|
||||||
|
mem_reservation: "128m"
|
||||||
|
mem_limit: "512m"
|
||||||
|
pids_limit: 256
|
||||||
enabled: "{{ applications | get_app_conf('web-app-nextcloud', 'features.oidc', False) }}" # Activate OIDC for Nextcloud
|
enabled: "{{ applications | get_app_conf('web-app-nextcloud', 'features.oidc', False) }}" # Activate OIDC for Nextcloud
|
||||||
# floavor decides which OICD plugin should be used.
|
# floavor decides which OICD plugin should be used.
|
||||||
# Available options: oidc_login, sociallogin
|
# Available options: oidc_login, sociallogin
|
||||||
|
|||||||
@@ -1,6 +1,7 @@
|
|||||||
{% include 'roles/docker-compose/templates/base.yml.j2' %}
|
{% include 'roles/docker-compose/templates/base.yml.j2' %}
|
||||||
|
|
||||||
proxy:
|
{% set service_name = 'proxy' %}
|
||||||
|
{{ service_name }}:
|
||||||
image: "{{ NEXTCLOUD_PROXY_IMAGE }}:{{ NEXTCLOUD_PROXY_VERSION }}"
|
image: "{{ NEXTCLOUD_PROXY_IMAGE }}:{{ NEXTCLOUD_PROXY_VERSION }}"
|
||||||
container_name: "{{ NEXTCLOUD_PROXY_CONTAINER }}"
|
container_name: "{{ NEXTCLOUD_PROXY_CONTAINER }}"
|
||||||
logging:
|
logging:
|
||||||
@@ -9,9 +10,9 @@
|
|||||||
ports:
|
ports:
|
||||||
- "127.0.0.1:{{ NEXTCLOUD_PORT }}:{{ container_port }}"
|
- "127.0.0.1:{{ NEXTCLOUD_PORT }}:{{ container_port }}"
|
||||||
volumes:
|
volumes:
|
||||||
- "{{ NEXTCLOUD_HOST_NGINX_SRC }}:/etc/nginx/nginx.conf:ro"
|
- "{{ NEXTCLOUD_HOST_NGINX_SRC }}:/etc/nginx/nginx.conf:ro"
|
||||||
volumes_from:
|
volumes_from:
|
||||||
- application
|
- {{ NEXTCLOUD_SERVICE }}
|
||||||
{% include 'roles/docker-container/templates/healthcheck/curl.yml.j2' %}
|
{% include 'roles/docker-container/templates/healthcheck/curl.yml.j2' %}
|
||||||
networks:
|
networks:
|
||||||
default:
|
default:
|
||||||
@@ -21,7 +22,8 @@
|
|||||||
- "host.docker.internal:host-gateway"
|
- "host.docker.internal:host-gateway"
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
application:
|
{% set service_name = NEXTCLOUD_SERVICE %}
|
||||||
|
{{ service_name }}:
|
||||||
image: "{{ NEXTCLOUD_IMAGE }}:{{ NEXTCLOUD_VERSION }}"
|
image: "{{ NEXTCLOUD_IMAGE }}:{{ NEXTCLOUD_VERSION }}"
|
||||||
container_name: {{ NEXTCLOUD_CONTAINER }}
|
container_name: {{ NEXTCLOUD_CONTAINER }}
|
||||||
volumes:
|
volumes:
|
||||||
@@ -38,7 +40,8 @@
|
|||||||
ipv4_address: 192.168.102.69
|
ipv4_address: 192.168.102.69
|
||||||
|
|
||||||
{% if NEXTCLOUD_TALK_SIGNALING_ENABLED | bool %}
|
{% if NEXTCLOUD_TALK_SIGNALING_ENABLED | bool %}
|
||||||
talk:
|
{% set service_name = 'talk' %}
|
||||||
|
{{ service_name }}:
|
||||||
{% set container_port = NEXTCLOUD_TALK_SIGNALING_PORT %}
|
{% set container_port = NEXTCLOUD_TALK_SIGNALING_PORT %}
|
||||||
{% include 'roles/docker-container/templates/base.yml.j2' %}
|
{% include 'roles/docker-container/templates/base.yml.j2' %}
|
||||||
{% include 'roles/docker-container/templates/healthcheck/tcp.yml.j2' %}
|
{% include 'roles/docker-container/templates/healthcheck/tcp.yml.j2' %}
|
||||||
@@ -46,6 +49,8 @@
|
|||||||
container_name: {{ NEXTCLOUD_TALK_CONTAINER }}
|
container_name: {{ NEXTCLOUD_TALK_CONTAINER }}
|
||||||
init: true
|
init: true
|
||||||
network_mode: {{ NEXTCLOUD_TALK_NETWORK_MODE }}
|
network_mode: {{ NEXTCLOUD_TALK_NETWORK_MODE }}
|
||||||
|
volumes:
|
||||||
|
- {{ NEXTCLOUD_HOST_JANUS_CONF_PATH }}:/usr/local/etc/janus/janus.jcfg:ro
|
||||||
{% if NEXTCLOUD_TALK_NETWORK_MODE == 'bridge' and NEXTCLOUD_TALK_TURN_ONBOARD_ENABLED | bool %}
|
{% if NEXTCLOUD_TALK_NETWORK_MODE == 'bridge' and NEXTCLOUD_TALK_TURN_ONBOARD_ENABLED | bool %}
|
||||||
ports:
|
ports:
|
||||||
- {{ networks.internet.ip4 }}:{{ NEXTCLOUD_TALK_TURN_ONBOARD_PORT }}:{{ NEXTCLOUD_TALK_TURN_ONBOARD_PORT }}/tcp
|
- {{ networks.internet.ip4 }}:{{ NEXTCLOUD_TALK_TURN_ONBOARD_PORT }}:{{ NEXTCLOUD_TALK_TURN_ONBOARD_PORT }}/tcp
|
||||||
@@ -60,7 +65,8 @@
|
|||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
{% if NEXTCLOUD_WHITEBOARD_ENABLED %}
|
{% if NEXTCLOUD_WHITEBOARD_ENABLED %}
|
||||||
whiteboard:
|
{% set service_name = 'whiteboard' %}
|
||||||
|
{{ service_name }}:
|
||||||
{% set container_port = NEXTCLOUD_WHITEBOARD_PORT_INTERNAL %}
|
{% set container_port = NEXTCLOUD_WHITEBOARD_PORT_INTERNAL %}
|
||||||
{% include 'roles/docker-container/templates/base.yml.j2' %}
|
{% include 'roles/docker-container/templates/base.yml.j2' %}
|
||||||
{% include 'roles/docker-container/templates/healthcheck/nc.yml.j2' %}
|
{% include 'roles/docker-container/templates/healthcheck/nc.yml.j2' %}
|
||||||
@@ -73,7 +79,8 @@
|
|||||||
ipv4_address: 192.168.102.71
|
ipv4_address: 192.168.102.71
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
cron:
|
{% set service_name = 'cron' %}
|
||||||
|
{{ service_name }}:
|
||||||
container_name: "{{ NEXTCLOUD_CRON_CONTAINER }}"
|
container_name: "{{ NEXTCLOUD_CRON_CONTAINER }}"
|
||||||
image: "{{ NEXTCLOUD_IMAGE }}:{{ NEXTCLOUD_VERSION }}"
|
image: "{{ NEXTCLOUD_IMAGE }}:{{ NEXTCLOUD_VERSION }}"
|
||||||
restart: {{ DOCKER_RESTART_POLICY }}
|
restart: {{ DOCKER_RESTART_POLICY }}
|
||||||
|
|||||||
Reference in New Issue
Block a user