kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-11-26 06:43:10 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
aca2da885da4e052d96c08b69bcbb600c11804ba
computer-playbook/roles/web-app-nextcloud/templates/env.j2
Kevin Veen-Birkenbach e333c9d85b Fix Nextcloud Talk Recording volumes and fully enable external DB/Redis integration for ONLYOFFICE. 
Includes:
- Talk recording tmp volume wiring for Nextcloud
- ONLYOFFICE external PostgreSQL/Redis env integration
- Added explicit volumes for pgdata/redis/rabbitmq
- Switched ONLYOFFICE role to sys-stk-full-stateful
- Updated docker-compose mounts and vars
- CSP and feature flag improvements

Conversation reference: https://chatgpt.com/share/6922f50e-cc44-800f-89fc-e1251c5bbe45
2025-11-23 12:51:03 +01:00

67 lines
3.0 KiB
Django/Jinja
Raw Blame History

# @See https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/config_sample_php_parameters.html
# @See https://github.com/nextcloud/docker/blob/master/README.md
# Database Configuration
MYSQL_DATABASE= "{{ database_name }}"
MYSQL_USER= "{{ database_username }}"
MYSQL_PASSWORD= "{{ database_password }}"
MYSQL_HOST= "{{ database_host }}:{{ database_port }}"
# PHP
PHP_MEMORY_LIMIT= "{{ applications | get_app_conf(application_id, 'performance.php.memory_limit') }}"
PHP_UPLOAD_LIMIT= "{{ applications | get_app_conf(application_id, 'performance.php.upload_limit') }}"
PHP_OPCACHE_MEMORY_CONSUMPTION= "{{ applications | get_app_conf(application_id, 'performance.php.opcache_memory_consumption') }}"
# Email Configuration
SMTP_HOST= {{ SYSTEM_EMAIL.HOST }}
SMTP_SECURE= {{ 'ssl' if SYSTEM_EMAIL.TLS else '' }}
SMTP_PORT= {{ SYSTEM_EMAIL.PORT }}
SMTP_NAME= {{ users['no-reply'].email }}
SMTP_PASSWORD= {{ users['no-reply'].mailu_token }}
# Email from configuration
MAIL_FROM_ADDRESS= "{{ users['no-reply'].username }}"
MAIL_DOMAIN= "{{ SYSTEM_EMAIL.DOMAIN }}"
# Initial Admin Data
NEXTCLOUD_ADMIN_USER= "{{ NEXTCLOUD_ADMINISTRATOR_USERNAME }}"
NEXTCLOUD_ADMIN_PASSWORD= "{{ NEXTCLOUD_ADMINISTRATOR_PASSWORD }}"
# Security
NEXTCLOUD_TRUSTED_DOMAINS= "{{ NEXTCLOUD_DOMAIN }}"
# Whitelist local docker gateway in Nextcloud to prevent brute-force throtteling
TRUSTED_PROXIES= "{{ networks.internet.values() | select | join(',') }}"
OVERWRITECLIURL= "{{ NEXTCLOUD_URL }}"
OVERWRITEPROTOCOL= "{{ WEB_PROTOCOL }}"
# Redis Configuration
REDIS_HOST= redis
REDIS_PORT= 6379
{% if NEXTCLOUD_HPB_PLUGIN_ENABLED %}
# Talk Configuration
NC_DOMAIN={{ NEXTCLOUD_DOMAIN }}
TALK_HOST={{ NEXTCLOUD_HPB_DOMAIN }}
TURN_SECRET={{ NEXTCLOUD_HPB_TURN_ONBOARD_SECRET }}
SIGNALING_SECRET={{ NEXTCLOUD_HPB_SIGNALING_SECRET }}
INTERNAL_SECRET={{ NEXTCLOUD_HPB_INTERNAL_SECRET }}
TZ={{ HOST_TIMEZONE }}
TALK_PORT={{ NEXTCLOUD_HPB_TURN_ONBOARD_PORT }}
TURN_MIN_PORT={{ NEXTCLOUD_HPB_TURN_ONBOARD_RELAY_PORT_START }}
TURN_MAX_PORT={{ NEXTCLOUD_HPB_TURN_ONBOARD_RELAY_PORT_END }}
COTURN_MIN_PORT={{ NEXTCLOUD_HPB_TURN_ONBOARD_RELAY_PORT_START }}
COTURN_MAX_PORT={{ NEXTCLOUD_HPB_TURN_ONBOARD_RELAY_PORT_END }}
{% endif %}
{% if NEXTCLOUD_WHITEBOARD_ENABLED %}
# @todo move it to an own env file for encapsuling reasons
NEXTCLOUD_URL= "{{ NEXTCLOUD_URL }}"
JWT_SECRET_KEY= "{{ NEXTCLOUD_WHITEBOARD_JWT }}"
STORAGE_STRATEGY=redis
REDIS_URL=redis://redis:6379/0
# Chromium (headless) hardening for Whiteboard
CHROMIUM_FLAGS=--headless=new --no-sandbox --disable-gpu --disable-dev-shm-usage --use-gl=swiftshader --disable-software-rasterizer
PUPPETEER_EXECUTABLE_PATH=/usr/bin/chromium
PUPPETEER_SKIP_DOWNLOAD=true
{% endif %}
Reference in New Issue View Git Blame Copy Permalink