Set MySQL user password

This commit is contained in:
c v t 2020-06-29 16:00:04 +02:00
parent 2ecaf2347c
commit fc3bbbbd93
2 changed files with 32 additions and 16 deletions

View File

@ -4,51 +4,66 @@ services:
nextcloud: nextcloud:
image: nextcloud:latest image: nextcloud:latest
depends_on: depends_on:
- maindb - mariadb
secrets: secrets:
- db_root_password - db_root_password
- db_password
environment: environment:
- MYSQL_HOST=maindb:3306 - MYSQL_HOST=mariadb
- MYSQL_DATABASE=nextcloud - MYSQL_DATABASE=nextcloud
- MYSQL_USER=root - MYSQL_USER=nextcloud
- MYSQL_ROOT_PASSWORD_FILE=/run/secrets/db_root_password - MYSQL_ROOT_PASSWORD_FILE=/run/secrets/db_password
- DOMAIN=${DOMAIN} - DOMAIN=${DOMAIN}
volumes: volumes:
- /mnt/nextcloud:/var/www/html:cached - nextcloud:/var/www/html
- /mnt/nextapps:/var/www/html/custom_apps:cached - nextapps:/var/www/html/custom_apps:cached
- /mnt/nextdata:/var/www/html/data:cached - nextdata:/var/www/html/data:cached
- /mnt/nextconfig:/var/www/html/config:cached - nextconfig:/var/www/html/config:cached
networks: networks:
- proxy - proxy
- internal - internal
deploy: deploy:
placement:
constraints: [node.role == worker]
update_config:
parallelism: 2
delay: 10s
restart_policy: restart_policy:
condition: on-failure condition: on-failure
labels: labels:
- "traefik.enable=true" - "traefik.enable=true"
- "traefik.docker.network=proxy" - "traefik.docker.network=proxy"
- "traefik.http.routers.nextcloud.tls=true" - "traefik.http.routers.nextcloud.tls=true"
- "traefik.http.routers.nextcloud.entrypoints=websecure"
- "traefik.http.services.nextcloud.loadbalancer.server.port=80" - "traefik.http.services.nextcloud.loadbalancer.server.port=80"
- "traefik.http.routers.nextcloud.rule=Host(`${DOMAIN}`)" - "traefik.http.routers.nextcloud.rule=Host(`${DOMAIN}`)"
- "traefik.http.routers.nextcloud.tls.certresolver=${LETS_ENCRYPT_ENV}" #- "traefik.http.routers.nextcloud.tls.certresolver=${LETS_ENCRYPT_ENV}"
- "traefik.http.routers.myroutename.tls.certresolver=staging" - "traefik.http.routers.nextcloud.entrypoints=web-secure"
- "traefik.http.routers.nextcloud.tls.certresolver=staging"
mariadb:
image: "mariadb:10.5"
environment:
- MYSQL_DATABASE=nextcloud
- MYSQL_USER=nextcloud
- MYSQL_PASSWORD_FILE=/run/secrets/db_passwd
- MYSQL_ROOT_PASSWORD_FILE=/run/secrets/db_root_password
secrets:
- db_root_password
- db_password
volumes:
- "mariadb:/var/lib/mariadb"
networks:
- internal
secrets: secrets:
db_root_password: db_root_password:
external: true external: true
name: ${STACK_NAME}_db_root_passwd_${DB_ROOT_PASSWD_VERSION} name: ${STACK_NAME}_db_root_passwd_${DB_ROOT_PASSWD_VERSION}
db_password:
external: true
name: ${STACK_NAME}_db_passwd_${DB_ROOT_PASSWD_VERSION}
volumes: volumes:
nextcloud: nextcloud:
nextapps: nextapps:
nextdata: nextdata:
nextconfig: nextconfig:
mariadb:
networks: networks:
proxy: proxy:

View File

@ -2,4 +2,5 @@
create-secrets () { create-secrets () {
pwgen -n 32 1 | docker secret create "${STACK_NAME}_db_root_passwd_${DB_ROOT_PASSWD_VERSION}" - pwgen -n 32 1 | docker secret create "${STACK_NAME}_db_root_passwd_${DB_ROOT_PASSWD_VERSION}" -
pwgen -n 32 1 | docker secret create "${STACK_NAME}_db_passwd_${DB_ROOT_PASSWD_VERSION}" -
} }