mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2025-04-03 15:54:15 +02:00
Optimized PHP performance
This commit is contained in:
parent
9a49e7aa3b
commit
93ff9ea575
@ -257,31 +257,36 @@ defaults_applications:
|
|||||||
|
|
||||||
## Nextcloud
|
## Nextcloud
|
||||||
nextcloud:
|
nextcloud:
|
||||||
version: "production" # @see https://nextcloud.com/blog/nextcloud-release-channels-and-how-to-track-them/
|
version: "production" # @see https://nextcloud.com/blog/nextcloud-release-channels-and-how-to-track-them/
|
||||||
ldap:
|
ldap:
|
||||||
enabled: True # Enables LDAP by default
|
enabled: True # Enables LDAP by default
|
||||||
oidc:
|
oidc:
|
||||||
enabled: "{{ _applications_nextcloud_oidc_enabled }}" # Activate OIDC for Nextcloud
|
enabled: "{{ _applications_nextcloud_oidc_enabled }}" # Activate OIDC for Nextcloud
|
||||||
# floavor decides which OICD plugin should be used.
|
# floavor decides which OICD plugin should be used.
|
||||||
# Available options: oidc_login, sociallogin
|
# Available options: oidc_login, sociallogin
|
||||||
# @see https://apps.nextcloud.com/apps/oidc_login
|
# @see https://apps.nextcloud.com/apps/oidc_login
|
||||||
# @see https://apps.nextcloud.com/apps/sociallogin
|
# @see https://apps.nextcloud.com/apps/sociallogin
|
||||||
flavor: "oidc_login" # Keeping on sociallogin because the other option is not implemented yet
|
flavor: "oidc_login" # Keeping on sociallogin because the other option is not implemented yet
|
||||||
force_import: False # Forces the import of the LDIF files
|
force_import: False # Forces the import of the LDIF files
|
||||||
database:
|
database:
|
||||||
central_storage: True # Activate Central Database Storage
|
central_storage: True # Activate Central Database Storage
|
||||||
credentials:
|
credentials:
|
||||||
# database_password: Null # Needs to be set in inventory file
|
# database_password: Null # Needs to be set in inventory file
|
||||||
users:
|
users:
|
||||||
administrator:
|
administrator:
|
||||||
username: "{{users.administrator.username}}"
|
username: "{{users.administrator.username}}"
|
||||||
initial_password: "{{users.administrator.initial_password}}"
|
initial_password: "{{users.administrator.initial_password}}" # Keep in mind to change the password fast after creation and activate 2FA
|
||||||
default_quota: '1000000000' # Quota to assign if no quota is specified in the OIDC response (bytes)
|
default_quota: '1000000000' # Quota to assign if no quota is specified in the OIDC response (bytes)
|
||||||
legacy_login_mask:
|
legacy_login_mask:
|
||||||
enabled: False # If true, then legacy login mask is shown. Otherwise just SSO
|
enabled: False # If true, then legacy login mask is shown. Otherwise just SSO
|
||||||
container:
|
container:
|
||||||
application: "nextcloud-application" # Nextcloud application container name
|
application: "nextcloud-application" # Nextcloud application container name
|
||||||
proxy: "nextcloud-web" # Nextcloud Proxy Container Name
|
proxy: "nextcloud-web" # Nextcloud Proxy Container Name
|
||||||
|
performance:
|
||||||
|
php:
|
||||||
|
memory_limit: "{{ ((ansible_memtotal_mb | int) / 30)|int }}M" # Dynamic set memory limit
|
||||||
|
upload_limit: "5G" # Set upload limit to 5GB for big media files
|
||||||
|
opcache_memory_consumption: "{{ ((ansible_memtotal_mb | int) / 30)|int }}M" # Dynamic set memory consumption
|
||||||
plugins:
|
plugins:
|
||||||
# List for Nextcloud Plugin Routine
|
# List for Nextcloud Plugin Routine
|
||||||
# Decides if plugins should be activated or deactivated
|
# Decides if plugins should be activated or deactivated
|
||||||
@ -434,7 +439,7 @@ defaults_applications:
|
|||||||
enabled: false # Deactivated because it let to bugs
|
enabled: false # Deactivated because it let to bugs
|
||||||
richdocuments:
|
richdocuments:
|
||||||
# Nextcloud Rich Documents: provides collaborative document editing capabilities (https://apps.nextcloud.com/apps/richdocuments)
|
# Nextcloud Rich Documents: provides collaborative document editing capabilities (https://apps.nextcloud.com/apps/richdocuments)
|
||||||
enabled: true
|
enabled: false # @todo To set it default to true activate https://hub.docker.com/r/collabora/code before
|
||||||
sociallogin:
|
sociallogin:
|
||||||
# Nextcloud social login: allows authentication using social networks (https://apps.nextcloud.com/apps/sociallogin)
|
# Nextcloud social login: allows authentication using social networks (https://apps.nextcloud.com/apps/sociallogin)
|
||||||
enabled: "{{ _applications_nextcloud_oidc_flavor=='sociallogin' | lower }}"
|
enabled: "{{ _applications_nextcloud_oidc_flavor=='sociallogin' | lower }}"
|
||||||
@ -443,7 +448,7 @@ defaults_applications:
|
|||||||
- oidc_login # Will be disabled
|
- oidc_login # Will be disabled
|
||||||
spreed:
|
spreed:
|
||||||
# Nextcloud Spreed: offers video conferencing and chat functionalities (https://apps.nextcloud.com/apps/spreed)
|
# Nextcloud Spreed: offers video conferencing and chat functionalities (https://apps.nextcloud.com/apps/spreed)
|
||||||
enabled: true
|
enabled: false # @todo to activate it first implement docker-coturn and activate it
|
||||||
tables:
|
tables:
|
||||||
# Nextcloud tables: allows creation and editing of tables within the interface (https://apps.nextcloud.com/apps/tables)
|
# Nextcloud tables: allows creation and editing of tables within the interface (https://apps.nextcloud.com/apps/tables)
|
||||||
enabled: true
|
enabled: true
|
||||||
|
|||||||
@ -16,7 +16,8 @@
|
|||||||
owner: "{{nextcloud_docker_user_id}}"
|
owner: "{{nextcloud_docker_user_id}}"
|
||||||
group: "{{nextcloud_docker_user_id}}"
|
group: "{{nextcloud_docker_user_id}}"
|
||||||
loop: "{{ lookup('fileglob', role_path ~ '/templates/config/*.j2', wantlist=True) }}"
|
loop: "{{ lookup('fileglob', role_path ~ '/templates/config/*.j2', wantlist=True) }}"
|
||||||
notify: docker compose restart
|
# Not all type of changes take instantly place. Due to this reason a rebuild is required.
|
||||||
|
notify: docker compose project setup
|
||||||
|
|
||||||
- name: "include role for {{application_id}} to recieve certs & do modification routines"
|
- name: "include role for {{application_id}} to recieve certs & do modification routines"
|
||||||
include_role:
|
include_role:
|
||||||
|
|||||||
@ -4,10 +4,11 @@
|
|||||||
return array (
|
return array (
|
||||||
# For single server setup APCu is recommended, for multi server setup Redis
|
# For single server setup APCu is recommended, for multi server setup Redis
|
||||||
'memcache.local' => '\\OC\\Memcache\\{% if deployment_mode == "single" %}APCu{% else %}Redis{% endif %}',
|
'memcache.local' => '\\OC\\Memcache\\{% if deployment_mode == "single" %}APCu{% else %}Redis{% endif %}',
|
||||||
'memcache.locking' => '\\OC\\Memcache\\Redis',
|
# The following lines are configured via the environment variables
|
||||||
'redis' =>
|
# 'memcache.locking' => '\\OC\\Memcache\\Redis',
|
||||||
array (
|
# 'redis' =>
|
||||||
'host' => 'redis',
|
# array (
|
||||||
'port' => 6379,
|
# 'host' => 'redis',
|
||||||
)
|
# 'port' => 6379,
|
||||||
|
# )
|
||||||
);
|
);
|
||||||
|
|||||||
@ -1,6 +1,7 @@
|
|||||||
<?php
|
<?php
|
||||||
# Activates the turn server
|
# Activates the turn server
|
||||||
# @see https://nextcloud-talk.readthedocs.io/en/latest/TURN/
|
# @see https://nextcloud-talk.readthedocs.io/en/latest/TURN/
|
||||||
|
|
||||||
return 'turn_servers' => [
|
return 'turn_servers' => [
|
||||||
[
|
[
|
||||||
'host' => 'coturn',
|
'host' => 'coturn',
|
||||||
|
|||||||
@ -2,27 +2,39 @@
|
|||||||
# @See https://github.com/nextcloud/docker/blob/master/README.md
|
# @See https://github.com/nextcloud/docker/blob/master/README.md
|
||||||
|
|
||||||
# Database Configuration
|
# Database Configuration
|
||||||
MYSQL_DATABASE= "{{database_name}}"
|
MYSQL_DATABASE= "{{database_name}}"
|
||||||
MYSQL_USER= "{{database_username}}"
|
MYSQL_USER= "{{database_username}}"
|
||||||
MYSQL_PASSWORD= "{{database_password}}"
|
MYSQL_PASSWORD= "{{database_password}}"
|
||||||
MYSQL_HOST= "{{database_host}}:{{database_port}}"
|
MYSQL_HOST= "{{database_host}}:{{database_port}}"
|
||||||
|
|
||||||
# Memory
|
# PHP
|
||||||
PHP_MEMORY_LIMIT= 1G # Required for plugin duplicate finder
|
PHP_MEMORY_LIMIT= "{{applications[application_id].perfomance.php.memory_limit}}"
|
||||||
|
PHP_UPLOAD_LIMIT= "{{applications[application_id].perfomance.php.upload_limit}}"
|
||||||
|
PHP_OPCACHE_MEMORY_CONSUMPTION= "{{applications[application_id].perfomance.php.opcache_memory_consumption}}"
|
||||||
|
|
||||||
# Email Configuration
|
# Email Configuration
|
||||||
SMTP_HOST= {{system_email.host}}
|
SMTP_HOST= {{system_email.host}}
|
||||||
SMTP_SECURE= {{ 'ssl' if system_email.tls else '' }}
|
SMTP_SECURE= {{ 'ssl' if system_email.tls else '' }}
|
||||||
SMTP_PORT= {{system_email.port}}
|
SMTP_PORT= {{system_email.port}}
|
||||||
SMTP_NAME= {{system_email.username}}
|
SMTP_NAME= {{system_email.username}}
|
||||||
SMTP_PASSWORD= {{system_email.password}}
|
SMTP_PASSWORD= {{system_email.password}}
|
||||||
|
|
||||||
# Email from configuration
|
# Email from configuration
|
||||||
MAIL_FROM_ADDRESS= "{{system_email.local}}"
|
MAIL_FROM_ADDRESS= "{{system_email.local}}"
|
||||||
MAIL_DOMAIN= "{{system_email.domain}}"
|
MAIL_DOMAIN= "{{system_email.domain}}"
|
||||||
|
|
||||||
# Initial Admin Data
|
# Initial Admin Data
|
||||||
NEXTCLOUD_ADMIN_USER= "{{applications[application_id].users.administrator.username}}"
|
NEXTCLOUD_ADMIN_USER= "{{applications[application_id].users.administrator.username}}"
|
||||||
NEXTCLOUD_ADMIN_PASSWORD= "{{applications[application_id].users.administrator.initial_password}}"
|
NEXTCLOUD_ADMIN_PASSWORD= "{{applications[application_id].users.administrator.initial_password}}"
|
||||||
|
|
||||||
NEXTCLOUD_TRUSTED_DOMAINS= "{{domains[application_id]}}"
|
# Security
|
||||||
|
|
||||||
|
NEXTCLOUD_TRUSTED_DOMAINS= "{{domains[application_id]}}"
|
||||||
|
# Whitelist local docker gateway in Nextcloud to prevent brute-force throtteling
|
||||||
|
TRUSTED_PROXIES= "192.168.102.65"
|
||||||
|
OVERWRITECLIURL= "https://{{domains[application_id]}}"
|
||||||
|
OVERWRITEPROTOCOL= "https"
|
||||||
|
|
||||||
|
# Redis Configuration
|
||||||
|
REDIS_HOST= redis
|
||||||
|
REDIS_PORT= 6379
|
||||||
@ -12,12 +12,4 @@ nextcloud_system_config:
|
|||||||
value: "{{ on_calendar_nextcloud }}"
|
value: "{{ on_calendar_nextcloud }}"
|
||||||
|
|
||||||
- parameter: "default_phone_region"
|
- parameter: "default_phone_region"
|
||||||
value: "{{ locale | upper }}"
|
value: "{{ locale | upper }}"
|
||||||
|
|
||||||
# Force https
|
|
||||||
- parameter: "overwrite.cli.url"
|
|
||||||
value: "https://{{domains[application_id]}}"
|
|
||||||
|
|
||||||
# Force https
|
|
||||||
- parameter: "overwriteprotocol"
|
|
||||||
value: "https"
|
|
||||||
@ -9,6 +9,7 @@ location {{location | default("/")}}
|
|||||||
# headers
|
# headers
|
||||||
proxy_set_header Host $host;
|
proxy_set_header Host $host;
|
||||||
proxy_set_header X-Real-IP $remote_addr;
|
proxy_set_header X-Real-IP $remote_addr;
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
proxy_set_header X-Forwarded-Proto $scheme;
|
proxy_set_header X-Forwarded-Proto $scheme;
|
||||||
proxy_set_header X-Forwarded-Port 443;
|
proxy_set_header X-Forwarded-Port 443;
|
||||||
proxy_set_header Accept-Encoding "";
|
proxy_set_header Accept-Encoding "";
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user