mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2025-03-31 14:24:16 +02:00
Optimized PHP performance
This commit is contained in:
parent
9a49e7aa3b
commit
93ff9ea575
@ -257,31 +257,36 @@ defaults_applications:
|
||||
|
||||
## Nextcloud
|
||||
nextcloud:
|
||||
version: "production" # @see https://nextcloud.com/blog/nextcloud-release-channels-and-how-to-track-them/
|
||||
version: "production" # @see https://nextcloud.com/blog/nextcloud-release-channels-and-how-to-track-them/
|
||||
ldap:
|
||||
enabled: True # Enables LDAP by default
|
||||
enabled: True # Enables LDAP by default
|
||||
oidc:
|
||||
enabled: "{{ _applications_nextcloud_oidc_enabled }}" # Activate OIDC for Nextcloud
|
||||
enabled: "{{ _applications_nextcloud_oidc_enabled }}" # Activate OIDC for Nextcloud
|
||||
# floavor decides which OICD plugin should be used.
|
||||
# Available options: oidc_login, sociallogin
|
||||
# @see https://apps.nextcloud.com/apps/oidc_login
|
||||
# @see https://apps.nextcloud.com/apps/sociallogin
|
||||
flavor: "oidc_login" # Keeping on sociallogin because the other option is not implemented yet
|
||||
force_import: False # Forces the import of the LDIF files
|
||||
flavor: "oidc_login" # Keeping on sociallogin because the other option is not implemented yet
|
||||
force_import: False # Forces the import of the LDIF files
|
||||
database:
|
||||
central_storage: True # Activate Central Database Storage
|
||||
central_storage: True # Activate Central Database Storage
|
||||
credentials:
|
||||
# database_password: Null # Needs to be set in inventory file
|
||||
# database_password: Null # Needs to be set in inventory file
|
||||
users:
|
||||
administrator:
|
||||
username: "{{users.administrator.username}}"
|
||||
initial_password: "{{users.administrator.initial_password}}"
|
||||
default_quota: '1000000000' # Quota to assign if no quota is specified in the OIDC response (bytes)
|
||||
initial_password: "{{users.administrator.initial_password}}" # Keep in mind to change the password fast after creation and activate 2FA
|
||||
default_quota: '1000000000' # Quota to assign if no quota is specified in the OIDC response (bytes)
|
||||
legacy_login_mask:
|
||||
enabled: False # If true, then legacy login mask is shown. Otherwise just SSO
|
||||
enabled: False # If true, then legacy login mask is shown. Otherwise just SSO
|
||||
container:
|
||||
application: "nextcloud-application" # Nextcloud application container name
|
||||
proxy: "nextcloud-web" # Nextcloud Proxy Container Name
|
||||
application: "nextcloud-application" # Nextcloud application container name
|
||||
proxy: "nextcloud-web" # Nextcloud Proxy Container Name
|
||||
performance:
|
||||
php:
|
||||
memory_limit: "{{ ((ansible_memtotal_mb | int) / 30)|int }}M" # Dynamic set memory limit
|
||||
upload_limit: "5G" # Set upload limit to 5GB for big media files
|
||||
opcache_memory_consumption: "{{ ((ansible_memtotal_mb | int) / 30)|int }}M" # Dynamic set memory consumption
|
||||
plugins:
|
||||
# List for Nextcloud Plugin Routine
|
||||
# Decides if plugins should be activated or deactivated
|
||||
@ -434,7 +439,7 @@ defaults_applications:
|
||||
enabled: false # Deactivated because it let to bugs
|
||||
richdocuments:
|
||||
# Nextcloud Rich Documents: provides collaborative document editing capabilities (https://apps.nextcloud.com/apps/richdocuments)
|
||||
enabled: true
|
||||
enabled: false # @todo To set it default to true activate https://hub.docker.com/r/collabora/code before
|
||||
sociallogin:
|
||||
# Nextcloud social login: allows authentication using social networks (https://apps.nextcloud.com/apps/sociallogin)
|
||||
enabled: "{{ _applications_nextcloud_oidc_flavor=='sociallogin' | lower }}"
|
||||
@ -443,7 +448,7 @@ defaults_applications:
|
||||
- oidc_login # Will be disabled
|
||||
spreed:
|
||||
# Nextcloud Spreed: offers video conferencing and chat functionalities (https://apps.nextcloud.com/apps/spreed)
|
||||
enabled: true
|
||||
enabled: false # @todo to activate it first implement docker-coturn and activate it
|
||||
tables:
|
||||
# Nextcloud tables: allows creation and editing of tables within the interface (https://apps.nextcloud.com/apps/tables)
|
||||
enabled: true
|
||||
|
@ -16,7 +16,8 @@
|
||||
owner: "{{nextcloud_docker_user_id}}"
|
||||
group: "{{nextcloud_docker_user_id}}"
|
||||
loop: "{{ lookup('fileglob', role_path ~ '/templates/config/*.j2', wantlist=True) }}"
|
||||
notify: docker compose restart
|
||||
# Not all type of changes take instantly place. Due to this reason a rebuild is required.
|
||||
notify: docker compose project setup
|
||||
|
||||
- name: "include role for {{application_id}} to recieve certs & do modification routines"
|
||||
include_role:
|
||||
|
@ -4,10 +4,11 @@
|
||||
return array (
|
||||
# For single server setup APCu is recommended, for multi server setup Redis
|
||||
'memcache.local' => '\\OC\\Memcache\\{% if deployment_mode == "single" %}APCu{% else %}Redis{% endif %}',
|
||||
'memcache.locking' => '\\OC\\Memcache\\Redis',
|
||||
'redis' =>
|
||||
array (
|
||||
'host' => 'redis',
|
||||
'port' => 6379,
|
||||
)
|
||||
# The following lines are configured via the environment variables
|
||||
# 'memcache.locking' => '\\OC\\Memcache\\Redis',
|
||||
# 'redis' =>
|
||||
# array (
|
||||
# 'host' => 'redis',
|
||||
# 'port' => 6379,
|
||||
# )
|
||||
);
|
||||
|
@ -1,6 +1,7 @@
|
||||
<?php
|
||||
# Activates the turn server
|
||||
# @see https://nextcloud-talk.readthedocs.io/en/latest/TURN/
|
||||
|
||||
return 'turn_servers' => [
|
||||
[
|
||||
'host' => 'coturn',
|
||||
|
@ -2,27 +2,39 @@
|
||||
# @See https://github.com/nextcloud/docker/blob/master/README.md
|
||||
|
||||
# Database Configuration
|
||||
MYSQL_DATABASE= "{{database_name}}"
|
||||
MYSQL_USER= "{{database_username}}"
|
||||
MYSQL_PASSWORD= "{{database_password}}"
|
||||
MYSQL_HOST= "{{database_host}}:{{database_port}}"
|
||||
MYSQL_DATABASE= "{{database_name}}"
|
||||
MYSQL_USER= "{{database_username}}"
|
||||
MYSQL_PASSWORD= "{{database_password}}"
|
||||
MYSQL_HOST= "{{database_host}}:{{database_port}}"
|
||||
|
||||
# Memory
|
||||
PHP_MEMORY_LIMIT= 1G # Required for plugin duplicate finder
|
||||
# PHP
|
||||
PHP_MEMORY_LIMIT= "{{applications[application_id].perfomance.php.memory_limit}}"
|
||||
PHP_UPLOAD_LIMIT= "{{applications[application_id].perfomance.php.upload_limit}}"
|
||||
PHP_OPCACHE_MEMORY_CONSUMPTION= "{{applications[application_id].perfomance.php.opcache_memory_consumption}}"
|
||||
|
||||
# Email Configuration
|
||||
SMTP_HOST= {{system_email.host}}
|
||||
SMTP_SECURE= {{ 'ssl' if system_email.tls else '' }}
|
||||
SMTP_PORT= {{system_email.port}}
|
||||
SMTP_NAME= {{system_email.username}}
|
||||
SMTP_PASSWORD= {{system_email.password}}
|
||||
SMTP_HOST= {{system_email.host}}
|
||||
SMTP_SECURE= {{ 'ssl' if system_email.tls else '' }}
|
||||
SMTP_PORT= {{system_email.port}}
|
||||
SMTP_NAME= {{system_email.username}}
|
||||
SMTP_PASSWORD= {{system_email.password}}
|
||||
|
||||
# Email from configuration
|
||||
MAIL_FROM_ADDRESS= "{{system_email.local}}"
|
||||
MAIL_DOMAIN= "{{system_email.domain}}"
|
||||
MAIL_FROM_ADDRESS= "{{system_email.local}}"
|
||||
MAIL_DOMAIN= "{{system_email.domain}}"
|
||||
|
||||
# Initial Admin Data
|
||||
NEXTCLOUD_ADMIN_USER= "{{applications[application_id].users.administrator.username}}"
|
||||
NEXTCLOUD_ADMIN_PASSWORD= "{{applications[application_id].users.administrator.initial_password}}"
|
||||
NEXTCLOUD_ADMIN_USER= "{{applications[application_id].users.administrator.username}}"
|
||||
NEXTCLOUD_ADMIN_PASSWORD= "{{applications[application_id].users.administrator.initial_password}}"
|
||||
|
||||
NEXTCLOUD_TRUSTED_DOMAINS= "{{domains[application_id]}}"
|
||||
# Security
|
||||
|
||||
NEXTCLOUD_TRUSTED_DOMAINS= "{{domains[application_id]}}"
|
||||
# Whitelist local docker gateway in Nextcloud to prevent brute-force throtteling
|
||||
TRUSTED_PROXIES= "192.168.102.65"
|
||||
OVERWRITECLIURL= "https://{{domains[application_id]}}"
|
||||
OVERWRITEPROTOCOL= "https"
|
||||
|
||||
# Redis Configuration
|
||||
REDIS_HOST= redis
|
||||
REDIS_PORT= 6379
|
@ -12,12 +12,4 @@ nextcloud_system_config:
|
||||
value: "{{ on_calendar_nextcloud }}"
|
||||
|
||||
- parameter: "default_phone_region"
|
||||
value: "{{ locale | upper }}"
|
||||
|
||||
# Force https
|
||||
- parameter: "overwrite.cli.url"
|
||||
value: "https://{{domains[application_id]}}"
|
||||
|
||||
# Force https
|
||||
- parameter: "overwriteprotocol"
|
||||
value: "https"
|
||||
value: "{{ locale | upper }}"
|
@ -9,6 +9,7 @@ location {{location | default("/")}}
|
||||
# headers
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_set_header X-Forwarded-Port 443;
|
||||
proxy_set_header Accept-Encoding "";
|
||||
|
Loading…
x
Reference in New Issue
Block a user