dns.env file did not work out, env_file: element not being read before dns: element. Using folder-specific .env files instead, seems to be loaded before dns: element. Also move other values to the env files for better password privacy.

Config/Nextcloud/.env.example

@@ -0,0 +1,26 @@
+# Environment file for Nextcloud stack.
+
+## Nextcloud ##
+
+PHP_UPLOAD_LIMIT=5G
+
+## MySQL ##
+
+MYSQL_HOST=db
+MYSQL_DATABASE=nextcloud
+MYSQL_ROOT_PASSWORD=ChangeMe
+MYSQL_USER=nc
+MYSQL_PASSWORD=changeme
+
+## REDIS ##
+
+REDIS_HOST=redis
+REDIS_HOST_PASSWORD=someredispassword
+
+## Other ##
+
+# If you have both Nextcloud and OnlyOffice on the same internal network you
+#   will likely want to set this to an internal DNS server. Some routers will
+#   drop traffic if an internal IP tries to communicate with the WAN IP, causing
+#   the curl to OnlyOffice's /healthcheck to fail. Do the same in both configs.
+DNS=192.168.1.1

Config/Nextcloud/docker-compose.yml

@@ -16,17 +16,12 @@ services:
     command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
     volumes:
       - ../../Volumes/Nextcloud/mariadb:/var/lib/mysql
-    environment:
-      - MYSQL_ROOT_PASSWORD=ChangeMe
-      - MYSQL_DATABASE=nextcloud
-      - MYSQL_USER=nc
-      - MYSQL_PASSWORD=changeme
 
   redis:
     container_name: nc-redis
     image: redis
     restart: always
-    command: redis-server --requirepass someredispassword
+    command: redis-server --requirepass $REDIS_HOST_PASSWORD
 
   app:
     container_name: nc-app
@@ -39,16 +34,5 @@ services:
       - redis
     volumes:
       - ../../Volumes/Nextcloud/nextcloud:/var/www/html
-    env_file:
-      - ../../dns.env
-    environment:
-      - MYSQL_DATABASE=nextcloud
-      - MYSQL_USER=nc
-      - MYSQL_PASSWORD=changeme
-      - MYSQL_HOST=db
-      - PHP_UPLOAD_LIMIT=5G
-      - REDIS_HOST=redis
-      - REDIS_HOST_PASSWORD=someredispassword
     dns:
-      - "$DNS1"
-      - "$DNS2"
+      - "$DNS"

Config/OnlyOffice/.env.example

@@ -0,0 +1,10 @@
+# Environment file for OnlyOffice.
+
+# Secret that should be typed into the Nextcloud Admin Settings UI.
+JWT_SECRET=abc123
+
+# If you have both Nextcloud and OnlyOffice on the same internal network you
+#   will likely want to set this to an internal DNS server. Some routers will
+#   drop traffic if an internal IP tries to communicate with the WAN IP, causing
+#   the curl to OnlyOffice's /healthcheck to fail. Do the same in both configs.
+DNS=192.168.1.1

Config/OnlyOffice/docker-compose.yml

@@ -11,10 +11,5 @@ services:
     ports:
       - 8000:80
       - 4443:443
-    environment:
-      - JWT_SECRET=abc123
-    env_file:
-      - ../../dns.env
     dns:
-      - $DNS1
-      - $DNS2
+      - "$DNS"

dns.env.example

@@ -1,20 +0,0 @@
-# File to hold any specific DNS servers you'd like to use. This is helpful in
-#  situations such as Nextcloud needing to access an OnlyOffice server on the
-#  internal network but the router does not allow the traffic to go out and back
-#  in. Therefore a local DNS is necessary in order to tell Nextcloud that the
-#  document server is a local IP address rather than the WAN address like an
-#  external DNS would.
-# This file should be sourced by the shell instance starting the containers, it
-#  unfortunately cannot be specified in the env_file: element because the dns:
-#  element reads its variables before env_file: is loaded. Putting the servers
-#  into environment: works but then the configuration is no longer private.
-
-# A private DNS server, such as one run by this project's Config/DNS/ config.
-DNS1=10.110.1.53
-
-# Fallback server, such as Cloudflare 1.1.1.1 or the system's local gateway.
-DNS2=192.168.1.1
-
-# Explicitly defined external DNS servers.
-DNS_EX1=1.1.1.1
-DNS_EX2=1.0.0.1

source.env

@@ -14,5 +14,3 @@ DOCKER_PATH="$DOCKER_HOME/bin"
 PATH="$DOCKER_PATH:$PATH"
 
 export DOCKER_HOME DOCKER_PATH PATH
-
-source $DIR/dns.env