Hi,
I would like to know if i have a wrong configuration?
The problem I face is the following:
As an Administrator, when I open a document, I have the following menu:
As a user, I do not have the menu, Why?
Here is my configuration:
For nextcloud:
version: "2.4"
services:
nc:
image: nextcloud:production-apache
# image: nextcloud:fpm-alpine
mem_limit: 2G
container_name: nc
restart: unless-stopped
environment:
- MYSQL_DB=nextcloud
- MYSQL_USER=nc
- MYSQL_PASSWORD=DB_PASSWORD
- MYSQL_HOST=nc_mariadb
- NEXTCLOUD_ADMIN_USER=ADMIN
- NEXTCLOUD_ADMIN_PASSWORD=ADMIN_PASSWORD
- NEXTCLOUD_TRUSTED_DOMAINS="YOUR NEXTCLOUD DOMAIN"
- REDIS_HOST=nc_redis
- REDIS_HOST_PORT=6379
- SMTP_HOST=SMTP_HOST_IP_OR_NAME
- SMTP_SECURE=ssl
- SMTP_PORT=465
- SMTP_AUTHTYPE=LOGIN
- SMTP_NAME=SMTP_LOGIN
- SMTP_PASSWORD=SMTP_LOGIN_PASSWORD
- MAIL_FROM_ADDRESS=noreply-nc
- MAIL_DOMAIN="YOUR NEXTCLOUD DOMAIN"
depends_on:
- nc-mariadb
- nc-redis
volumes:
- nc_www:/var/www/html
- $PWD/custom_apps/:/var/www/html/custom_apps/
- $PWD/config/:/var/www/html/config/
- $PWD/data/:/var/www/html/data/
- $PWD/log/nextcloud.log:/var/log/nextcloud.log
- /var/run/clamav/:/var/run/clamav/
labels:
- traefik.enable=true
- traefik.docker.network=01_front
- traefik.port=80
# Entrypoint and TLS
- traefik.http.routers.nc.entrypoints=http,https
- traefik.http.routers.nc.rule=Host(`YOUR NEXTCLOUD DOMAIN`)
- traefik.http.routers.nc.tls=true
- traefik.http.routers.nc.tls.certresolver=le
# Service
- traefik.http.services.nc.loadbalancer.server.port=80
# Middlewares
- traefik.http.routers.nc.middlewares=force-https,nc,dav,webdav
# Middlewares nc force https and adds additional headers
- traefik.http.middlewares.force-https.redirectscheme.scheme=https
- traefik.http.middlewares.force-https.redirectscheme.permanent=true
- traefik.http.middlewares.nc.headers.customrequestheaders.Forwarded-Proto=https
- traefik.http.middlewares.nc.headers.customFrameOptionsValue=SAMEORIGIN
- traefik.http.middlewares.nc.headers.framedeny=true
- traefik.http.middlewares.nc.headers.sslredirect=true
- traefik.http.middlewares.nc.headers.stsincludesubdomains=true
- traefik.http.middlewares.nc.headers.stspreload=true
- traefik.http.middlewares.nc.headers.stsseconds=15552000
- traefik.http.middlewares.nc.headers.contentTypeNosniff=true
- traefik.http.middlewares.nc.headers.sslHost"=YOUR NEXTCLOUD DOMAIN"
- traefik.http.middlewares.nc.headers.sslForceHost=true
# Middleware nc-dav replaces .well-known paths for caldav and carddav with proper nextcloud path
- traefik.http.middlewares.dav.replacepathregex.regex=^/.well-known/ca(l|rd)dav
- traefik.http.middlewares.dav.replacepathregex.replacement=/remote.php/dav/
- traefik.http.middlewares.webdav.replacepathregex.regex=^/.well-known/webdav
- traefik.http.middlewares.webdav.replacepathregex.replacement=/remote.php/dav/
networks:
- 01_front
- app
- db
nc-mariadb:
image: mariadb:10.5
container_name: nc_mariadb
restart: always
volumes:
- /media/vm/database/nc/:/var/lib/mysql/
environment:
- MYSQL_ROOT_PASSWORD=ROOT_PASSWORD
- MYSQL_PASSWORD=DB_PASSWORD
- MYSQL_DATABASE=nextcloud
- MYSQL_USER=nc
#- MYSQL_ROOT_HOST=%
# command: --skip-grant-tables
# command: mysqld --innodb-buffer-pool-size=2048M
networks:
- db
nc-cron:
image: nextcloud:production-apache
container_name: nc_cron
entrypoint: /cron.sh
volumes:
- nc_www:/var/www/html
- $PWD/custom_apps/:/var/www/html/custom_apps/
- $PWD/config/:/var/www/html/config/
- $PWD/data/:/var/www/html/data/
- $PWD/log/nextcloud.log:/var/log/nextcloud.log
- /var/run/clamav/:/var/run/clamav/
depends_on:
- nc-mariadb
- nc-redis
networks:
- app
- db
labels:
- "traefik.enable=false"
nc-adminer:
image: adminer
restart: always
container_name: nc_adminer
ports:
- 8080
labels:
- traefik.enable=true
- traefik.port=8080
# Entrypoint and TLS
- traefik.http.routers.nc-adminer.entrypoints=http,https
- traefik.http.routers.nc-adminer.rule=(Host(`YOUR NEXTCLOUD DOMAIN`) && PathPrefix(`/adminer`))
- traefik.http.routers.nc-adminer.tls=true
- traefik.http.routers.nc-adminer.tls.certresolver=le
# service
- traefik.http.services.nc-adminer.loadbalancer.server.port=8080
# Middlewares
- traefik.http.routers.nc-adminer.middlewares=force-https,nc-known-ip,nc-adminer,nc-adminer-chain
# Middlewares nc force https and adds additional headers
- traefik.http.middlewares.nc-adminer-chain.chain.middlewares=force-https,nc-known-ip,nc-adminer
- traefik.http.middlewares.nc-known-ip.ipwhitelist.sourcerange=192.168.100.0/24, 192.168.200.0/24, 2a01:e34:ec45:c881::/64
- traefik.http.middlewares.force-https.redirectscheme.scheme=https
- traefik.http.middlewares.force-https.redirectscheme.permanent=true
- traefik.http.middlewares.nc-adminer.headers.customrequestheaders.Forwarded-Proto=https
- traefik.http.middlewares.nc-adminer.headers.customFrameOptionsValue=SAMEORIGIN
- traefik.http.middlewares.nc-adminer.headers.framedeny=true
- traefik.http.middlewares.nc-adminer.headers.sslredirect=true
- traefik.http.middlewares.nc-adminer.headers.stsincludesubdomains=true
- traefik.http.middlewares.nc-adminer.headers.stspreload=true
- traefik.http.middlewares.nc-adminer.headers.stsseconds=15552000
networks:
- 01_front
- db
nc-redis:
image: redis:alpine
mem_limit: 50M
mem_reservation: 20M
container_name: nc_redis
restart: unless-stopped
volumes:
- /media/vm/database/nc_redis:/data
networks:
- db
nc-clamav:
image: "quay.io/ukhomeofficedigital/clamav:latest"
container_name: nc_clamav
volumes:
- /var/run/clamav/:/var/run/clamav/
restart: unless-stopped
environment:
- CLAMD_SETTINGS_CSV="LocalSocket=/var/run/clamav/clamd.ctl"
networks:
default:
external:
name: 01_front
01_front:
external: true
app:
external: true
db:
external: true
volumes:
nc_www:
For OnlyOffice:
version: '2'
services:
onlyoffice:
container_name: onlyoffice
image: onlyoffice/documentserver:latest
stdin_open: true
tty: true
restart: always
environment:
- DB_TYPE=postgres
- DB_HOST=onlyoffice-postgresql
- DB_PORT=5432
- DB_NAME=onlyoffice
- DB_USER=onlyoffice
- DB_PWD=PASSWORD
- AMQP_TYPE=rabbitmq
- AMQP_URI=amqp://rabbitmq:PASSWORD@onlyoffice-rabbitmq
- REDIS_SERVER_HOST=onlyoffice-redis
- REDIS_SERVER_PORT=6379
# Uncomment strings below to enable the JSON Web Token validation.
- JWT_ENABLED=true
- JWT_SECRET=JWT_SECRET
- JWT_HEADER=Authorization
- JWT_IN_BODY=true
networks:
- 01_front
- db
# ports:
# - 80
volumes:
- $PWD/data:/var/www/onlyoffice/Data
- $PWD/log:/var/log/onlyoffice
- $PWD/cache:/var/lib/onlyoffice/documentserver/App_Data/cache/files
- $PWD/document_fonts:/usr/share/fonts/truetype/custom
labels:
- traefik.enable=true
- traefik.docker.network=01_front
- traefik.port=80
# Entrypoint and TLS
- traefik.http.routers.oo.entrypoints=http,https
- traefik.http.routers.oo.rule=Host(`YOUR_OO_DOMAIN`)
- traefik.http.routers.oo.tls=true
- traefik.http.routers.oo.tls.certresolver=le
# Service
- traefik.http.services.oo.loadbalancer.server.port=80
- traefik.http.services.oo.loadbalancer.passhostheader=true
# Middlewares
- traefik.http.routers.oo.middlewares=force-https,oo
# Middlewares nc force https and adds additional headers
- traefik.http.middlewares.force-https.redirectscheme.scheme=https
- traefik.http.middlewares.force-https.redirectscheme.permanent=true
- traefik.http.middlewares.oo.headers.customrequestheaders.X-Forwarded-Proto=https
# Not mandatory, it work without the following headers.
- traefik.http.middlewares.oo.headers.sslredirect=true
- traefik.http.middlewares.oo.headers.stspreload=true
- traefik.http.middlewares.oo.headers.stsseconds=15552000
onlyoffice-redis:
image: redis:alpine
container_name: onlyoffice-redis
mem_limit: 50M
mem_reservation: 20M
restart: unless-stopped
volumes:
- /media/vm/database/oo_redis:/data
networks:
- 01_front
onlyoffice-rabbitmq:
container_name: onlyoffice-rabbitmq
image: rabbitmq
restart: always
environment:
RABBITMQ_DEFAULT_USER: rabbitmq
RABBITMQ_DEFAULT_PASS: PASSWORD
networks:
- 01_front
onlyoffice-postgresql:
image: postgres:12-alpine
container_name: onlyoffice-postgresql
restart: unless-stopped
environment:
POSTGRES_DB: onlyoffice
POSTGRES_USER: onlyoffice
POSTGRES_PASSWORD: PASSWORD
volumes:
- /media/vm/database/oo:/var/lib/postgresql/data
networks:
- db
networks:
default:
external:
name: 01_front
01_front:
external: true
db:
external: true
Thanks