Add persistent volumes for Keycloak and configuration improvements for Nextcloud and SSL

.gitignore

@@ -1,4 +1,4 @@
 data/
 logs/
-src/configs
+src/configs/certs
 

src/configs/nextcloud/config.php

@@ -0,0 +1,44 @@
+<?php
+$CONFIG = array (
+  'htaccess.RewriteBase' => '/',
+  'memcache.local' => '\\OC\\Memcache\\APCu',
+  'apps_paths' => 
+  array (
+    0 => 
+    array (
+      'path' => '/var/www/html/apps',
+      'url' => '/apps',
+      'writable' => false,
+    ),
+    1 => 
+    array (
+      'path' => '/var/www/html/custom_apps',
+      'url' => '/custom_apps',
+      'writable' => true,
+    ),
+  ),
+  'upgrade.disable-web' => true,
+  'instanceid' => 'ocjo4cs4dcis',
+  'passwordsalt' => 'ylWtmswXFQJgVHCYeumxhR5uzUCIYN',
+  'secret' => 'd8qzGMcBrLAHjjFWb7PsmIlvyhHUqyDFjqVC4nfiOzvpSipx',
+  'trusted_domains' => 
+  array (
+    0 => 'cloud.mrx8086.com',
+  ),
+  'datadirectory' => '/var/www/html/data',
+  'dbtype' => 'mysql',
+  'version' => '30.0.2.2',
+  'overwrite.cli.url' => 'http://cloud.mrx8086.com',
+  'dbname' => 'nextcloud_db',
+  'dbhost' => 'nextcloud-db',
+  'dbport' => '',
+  'dbtableprefix' => 'oc_',
+  'mysql.utf8mb4' => true,
+  'dbuser' => 'nextcloud_user',
+  'dbpassword' => 'nextcloudpass',
+  'installed' => true,
+  'overwriteprotocol' => 'https',
+  'trusted_proxies' => ['172.18.0.5'],
+  'maintenance_window_start' => '02:00',
+  'config_is_read_only' => true,
+);

src/configs/nextcloud/hsts.conf

@@ -0,0 +1,4 @@
+# hsts.conf
+<IfModule mod_headers.c>
+    Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
+</IfModule>

src/configs/nextcloud/nextcloud-ssl.conf

@@ -0,0 +1,19 @@
+<VirtualHost *:443>
+    ServerAdmin webmaster@localhost
+    DocumentRoot /var/www/html
+    ServerName cloud.mrx8086.com
+
+    SSLEngine on
+    SSLCertificateFile /etc/ssl/certs/mrx8086.com/fullchain.pem
+    SSLCertificateKeyFile /etc/ssl/certs/mrx8086.com/privkey.pem
+    SSLCertificateChainFile /etc/ssl/certs/mrx8086.com/chain.pem
+
+    <Directory /var/www/html>
+        Options +FollowSymlinks
+        AllowOverride All
+        Require all granted
+    </Directory>
+
+    ErrorLog ${APACHE_LOG_DIR}/error.log
+    CustomLog ${APACHE_LOG_DIR}/access.log combined
+</VirtualHost>

src/docker/docker-compose.yml

@@ -75,17 +75,31 @@ services:
       - MYSQL_DATABASE=${NEXTCLOUD_DB_NAME}
       - MYSQL_USER=${NEXTCLOUD_DB_USER}
       - MYSQL_PASSWORD=${NEXTCLOUD_DB_PASSWORD}
+      - OVERWRITEPROTOCOL=https   # Setze das Protokoll auf HTTPS
+      - TRUSTED_PROXIES=172.18.0.5  # Setze die trusted_proxies
+      - OVERWRITE_CLI_URL=https://cloud.mrx8086.com  # Setze die CLI-URL auf HTTPS      
     ports:
-      - "8080:80"
+      - "9080:80"    # HTTP Port für Nextcloud
+      - "9443:443"   # HTTPS Port für Nextcloud
     volumes:
       - ../data/nextcloud:/var/www/html
+      - ../configs/certs/mrx8086.com:/etc/ssl/certs/mrx8086.com
+      - ../configs/nextcloud/nextcloud-ssl.conf:/etc/apache2/sites-available/nextcloud-ssl.conf
+      - ../configs/nextcloud/hsts.conf:/etc/apache2/conf-available/hsts.conf  # HSTS Konfiguration hinzufügen
+      - ../configs/nextcloud/config.php:/var/www/html/config/config.php  # Überschreibe config.php
     depends_on:
       - nextcloud-db
     networks:
         - automate-network
+    command:  >
+      bash -c "
+      a2enmod ssl &&
+      a2ensite nextcloud-ssl &&
+      a2enconf hsts &&
+      apache2-foreground"
   
   nextcloud-db:
-    image: 'mariadb:10.5'
+    image: 'mariadb:latest'
     container_name: 'nextcloud-db'
     restart: unless-stopped
     environment:
@@ -98,7 +112,7 @@ services:
     volumes:
       - ../data/nextcloud_db:/var/lib/mysql
     networks:
-      - automate-network      
+      - automate-network
 
   kimai:
     image: 'kimai/kimai2:apache'
@@ -220,4 +234,5 @@ networks:
 
 volumes:
   data:
-  plugins:
+  plugins:
+