Add service container for executing cron tasks

Add entrypoint that calls envsubst ahead of starting nginx

Makefile

@@ -1,20 +0,0 @@
-REPOSITORY_PROXY   = dev.enpaul.net/skylab/nxcloud-proxy
-REPOSITORY_SERVER  = dev.enpaul.net/skylab/nxcloud-server
-
-
-.PHONY: help docs
-# source: https://marmelab.com/blog/2016/02/29/auto-documented-makefile.html
-help: ## List Makefile targets
-	$(info Makefile documentation)
-	@grep -E '^[a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | sort | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-10s\033[0m %s\n", $$1, $$2}'
-
-
-image:  ## Build image
-	podman build ./php-fpm --tag $(REPOSITORY_SERVER):latest
-	podman build ./nginx --tag $(REPOSITORY_PROXY):latest
-
-push: image  ## Build and publish image
-	podman login $(shell echo $(REPOSITORY_SERVER) | cut -d '/' -f 1)
-	podman push $(REPOSITORY_SERVER):latest
-	podman login $(shell echo $(REPOSITORY_PROXY) | cut -d '/' -f 1)
-	podman push $(REPOSITORY_PROXY):latest

docker-compose.yml

@@ -2,70 +2,79 @@
 services:
 
   nginx:
+    container_name: nginx-nextcloud
     build: ./nginx
     ports:
-      - 8080:80
+      - 80:80
       - 443:443
     volumes:
-      - ./appdata/application:/var/www/html
+      - ${NEXTCLOUD_DIR}:/var/www/html
-      - ./appdata/data:/data
+      - ${DATA_DIR}:/data
     environment:
-      - NEXTCLOUD_PHP_FPM_HOST=nxcloud-server-1:9000
+      - NEXTCLOUD_PHP_FPM_HOST=${NEXTCLOUD_PHP_FPM_HOST}
-      - NEXTCLOUD_DOMAIN=localhost
+      - NEXTCLOUD_DOMAIN=${NEXTCLOUD_DOMAIN}
-      - NEXTCLOUD_MAX_UPLOAD_SIZE=4G
+      - NEXTCLOUD_MAX_UPLOAD_SIZE=${NEXTCLOUD_MAX_UPLOAD_SIZE}
     networks:
       - nextcloud
     depends_on:
-      - server
+      - php-fpm-nextcloud
-      - redis
+      - redis-nextcloud
-      - mariadb
+      - mariadb-nextcloud
 
-  server:
+  php-fpm-nextcloud:
+    container_name: php-fpm-nextcloud
     build:
       context: ./php-fpm
       tags:
-        - vcs.enp.one/skylab/nextcloud-server:latest
+        - localhost/php-fpm-nextcloud:latest
     volumes:
-      - ./appdata/application:/var/www/html
+      - ${NEXTCLOUD_DIR}:/var/www/html
-      - ./appdata/data:/data
+      - ${DATA_DIR}:/data
     networks:
       - nextcloud
 
-  mariadb:
+  mariadb-nextcloud:
+    container_name: mariadb-nextcloud
     image: mariadb
     command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
+    restart: always
     volumes:
-      - ./appdata/database:/var/lib/mysql
+      - ./mariadb:/var/lib/mysql
     environment:
-      - MARIADB_RANDOM_ROOT_PASSWORD=true
+      - MYSQL_ROOT_PASSWORD=${MARIADB_ROOT_PASS}
-      - MYSQL_PASSWORD=nextcloud
+      - MYSQL_PASSWORD=${MARIADB_PASS}
       - MYSQL_DATABASE=nextcloud
       - MYSQL_USER=nextcloud
     networks:
       - nextcloud
 
-  redis:
+  redis-nextcloud:
+    container_name: redis-nextcloud
+#    image: redis:latest
+# keydb is a fork and drop-in replacement for Redis
     image: eqalpha/keydb
+    restart: unless-stopped
     networks:
       - nextcloud
 
-  cron:
+  cron-nextcloud:
-    image: vcs.enp.one/skylab/nextcloud-server:latest
+    container_name: cron-nextcloud
+    image: localhost/php-fpm-nextcloud:latest
+    restart: unless-stopped
     command:
+      - bash
       - -c
-      - "'while true; do php --define apc.enable_cli=1 /var/www/html/cron.php; sleep 300; done'"
+      - "'while true; do php --define apc.enable_cli=1 /var/www/html/cron.php && sleep 300; done'"
     networks:
       - nextcloud
     user: www-data
-    entrypoint:
-      - /bin/bash
     volumes:
-      - ./appdata/application:/var/www/html
+      - ${NEXTCLOUD_DIR}:/var/www/html
-      - ./appdata/data:/data
+      - ${DATA_DIR}:/data
     depends_on:
-      - server
+      - php-fpm-nextcloud
-      - redis
+      - redis-nextcloud
-      - mariadb
+      - mariadb-nextcloud
 
 networks:
   nextcloud:

nginx/Dockerfile

@@ -1,7 +1,7 @@
 FROM docker.io/library/nginx:latest
 
 ENV NEXTCLOUD_DOMAIN=example.com
-ENV NEXTCLOUD_PHP_FPM_HOST=server:9000
+ENV NEXTCLOUD_PHP_FPM_HOST=php-fpm-nextcloud:9000
 ENV NEXTCLOUD_MAX_UPLOAD_SIZE=512M
 
 ADD nginx.conf.template /nginx.conf.template

nginx/nginx.conf.template

@@ -13,8 +13,8 @@ http {
     }
 
     server {
-        listen 80 http2;
+        listen 80;
-        listen [::]:80 http2;
+        listen [::]:80;
         # INFO: Set this to your domain
         server_name ${NEXTCLOUD_DOMAIN};
 
@@ -154,7 +154,6 @@ http {
             fastcgi_request_buffering off;
 
             fastcgi_max_temp_file_size 0;
-            fastcgi_read_timeout 600;
         }
 
         # Serve static files

php-fpm/Dockerfile

@@ -55,16 +55,12 @@ RUN install-php-extensions \
     redis \
     imagick \
     sysvsem \
-    opcache \
+    opcache
-    pgsql
 
 
 # Copy optimized php.ini-development and production
 COPY ./php.ini-production /usr/local/etc/php/php.ini
 
-# Copy optimized php-fpm.ini
-COPY ./php-fpm.ini /usr/local/etc/php-fpm.d/zz-pm-tuning.conf
-
 # Set the working directory
 WORKDIR /var/www/html
 

php-fpm/php-fpm.ini

@@ -1,6 +0,0 @@
-pm = static
-pm.max_children = 800
-pm.start_servers = 200
-pm.min_spare_servers = 200
-pm.max_spare_servers = 600
-rlimit_files = 4096

php-fpm/php.ini-production

@@ -348,13 +348,13 @@ disable_classes =
 ; the file operations performed.
 ; Note: if open_basedir is set, the cache is disabled
 ; https://php.net/realpath-cache-size
-realpath_cache_size = 4096k
+;realpath_cache_size = 4096k
 
 ; Duration of time, in seconds for which to cache realpath information for a given
 ; file or directory. For systems with rarely changing files, consider increasing this
 ; value.
 ; https://php.net/realpath-cache-ttl
-realpath_cache_ttl = 120
+;realpath_cache_ttl = 120
 
 ; Enables or disables the circular reference collector.
 ; https://php.net/zend.enable-gc
@@ -432,7 +432,7 @@ max_input_time = 60
 
 ; Maximum amount of memory a script may consume
 ; https://php.net/memory-limit
-memory_limit = 8G
+memory_limit = 2048M
 
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ; Error handling and logging ;
@@ -855,7 +855,7 @@ file_uploads = On
 upload_max_filesize = 10G
 
 ; Maximum number of files that can be uploaded via a single request
-max_file_uploads = 100
+max_file_uploads = 20
 
 ;;;;;;;;;;;;;;;;;;
 ; Fopen wrappers ;
@@ -1789,14 +1789,14 @@ opcache.enable=1
 opcache.enable_cli=1
 
 ; The OPcache shared memory storage size.
-opcache.memory_consumption=256
+opcache.memory_consumption=128
 
 ; The amount of memory for interned strings in Mbytes.
-opcache.interned_strings_buffer=24
+opcache.interned_strings_buffer=16
 
 ; The maximum number of keys (scripts) in the OPcache hash table.
 ; Only numbers between 200 and 1000000 are allowed.
-opcache.max_accelerated_files=10000
+opcache.max_accelerated_files=4000
 
 ; The maximum percentage of "wasted" memory until a restart is scheduled.
 ;opcache.max_wasted_percentage=5
@@ -1814,7 +1814,7 @@ opcache.validate_timestamps=1
 ; How often (in seconds) to check file timestamps for changes to the shared
 ; memory storage allocation. ("1" means validate once per second, but only
 ; once per request. "0" means always validate)
-opcache.revalidate_freq=1
+opcache.revalidate_freq=60
 
 ; Enables or disables file search in include_path optimization
 ;opcache.revalidate_path=0
@@ -1972,10 +1972,3 @@ opcache.save_comments=1
 
 ; List of headers files to preload, wildcard patterns allowed.
 ;ffi.preload=
-
-
-; Useful Nextcloud optimizations and additions
-apc.enable_cli=1
-opcache.jit_buffer_size = 128M
-opcache.jit = tracing
-opcache.jit = 1235