it-stack-dev
diff --git a/‎.env.example‎
Lines changed: 23 additions & 0 deletions b/‎.env.example‎
Lines changed: 23 additions & 0 deletions
diff --git a/‎.github/workflows/ci.yml‎
Lines changed: 45 additions & 0 deletions b/‎.github/workflows/ci.yml‎
Lines changed: 45 additions & 0 deletions
diff --git a/‎.github/workflows/release.yml‎
Lines changed: 33 additions & 0 deletions b/‎.github/workflows/release.yml‎
Lines changed: 33 additions & 0 deletions
diff --git a/‎.gitignore‎
Lines changed: 19 additions & 0 deletions b/‎.gitignore‎
Lines changed: 19 additions & 0 deletions
diff --git a/‎CHANGELOG.md‎
Lines changed: 19 additions & 0 deletions b/‎CHANGELOG.md‎
Lines changed: 19 additions & 0 deletions
diff --git a/‎CODE_OF_CONDUCT.md‎
Lines changed: 9 additions & 0 deletions b/‎CODE_OF_CONDUCT.md‎
Lines changed: 9 additions & 0 deletions
diff --git a/‎CONTRIBUTING.md‎
Lines changed: 29 additions & 0 deletions b/‎CONTRIBUTING.md‎
Lines changed: 29 additions & 0 deletions
diff --git a/‎Dockerfile‎
Lines changed: 23 additions & 0 deletions b/‎Dockerfile‎
Lines changed: 23 additions & 0 deletions
diff --git a/‎LICENSE‎
Lines changed: 17 additions & 0 deletions b/‎LICENSE‎
Lines changed: 17 additions & 0 deletions
diff --git a/‎Makefile‎
Lines changed: 54 additions & 0 deletions b/‎Makefile‎
Lines changed: 54 additions & 0 deletions
@@ -0,0 +1,23 @@
+# it-stack-nextcloud — Example environment variables
+# Copy to .env and fill in values
+
+# Database
+DB_HOST=lab-db1
+DB_PORT=5432
+DB_NAME=nextcloud_db
+DB_USER=nextcloud_user
+DB_PASSWORD=CHANGE_ME
+
+# Redis
+REDIS_HOST=lab-db1
+REDIS_PORT=6379
+
+# Keycloak SSO
+KEYCLOAK_URL=https://lab-id1:8443
+KEYCLOAK_REALM=it-stack
+KEYCLOAK_CLIENT_ID=nextcloud
+KEYCLOAK_CLIENT_SECRET=CHANGE_ME
+
+# Logging
+GRAYLOG_HOST=lab-proxy1
+GRAYLOG_PORT=12201
@@ -0,0 +1,45 @@
+name: CI
+
+on:
+  push:
+    branches: [main, develop]
+  pull_request:
+    branches: [main, develop]
+
+jobs:
+  lint:
+    name: Lint
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Validate docker-compose files
+        run: |
+          for f in docker/docker-compose.*.yml; do
+            echo "Validating \..."
+            docker compose -f "\" config -q
+          done
+      - name: Lint shell scripts
+        run: |
+          sudo apt-get install -y shellcheck
+          shellcheck tests/labs/*.sh docker/entrypoint.sh
+
+  test-lab-01:
+    name: Lab 01 — Standalone
+    runs-on: ubuntu-latest
+    needs: lint
+    steps:
+      - uses: actions/checkout@v4
+      - name: Run Lab 01
+        run: bash tests/labs/test-lab-06-01.sh
+
+  security-scan:
+    name: Security Scan
+    runs-on: ubuntu-latest
+    needs: lint
+    steps:
+      - uses: actions/checkout@v4
+      - name: Run Trivy on Dockerfile
+        uses: aquasecurity/trivy-action@master
+        with:
+          scan-type: config
+          scan-ref: .
@@ -0,0 +1,33 @@
+name: Release
+
+on:
+  push:
+    tags: ['v*.*.*']
+
+jobs:
+  build-and-push:
+    name: Build and Push Docker Image
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+    steps:
+      - uses: actions/checkout@v4
+      - name: Log in to GHCR
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Extract metadata
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ghcr.io/it-stack-dev/it-stack-nextcloud
+      - name: Build and push
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
@@ -0,0 +1,19 @@
+# Secrets
+.env
+.env.*
+!.env.example
+configs/secrets/
+*.key
+*.pem
+*.crt
+
+# Docker volumes
+data/
+volumes/
+
+# Terraform
+.terraform/
+*.tfstate
+
+# Ansible
+*.retry
@@ -0,0 +1,19 @@
+# Changelog — IT-Stack NEXTCLOUD
+
+All notable changes to this module are documented here.  
+Format: [Keep a Changelog](https://keepachangelog.com/en/1.0.0/)  
+Versioning: [SemVer](https://semver.org/spec/v2.0.0.html)
+
+## [Unreleased]
+
+### Added
+- Initial module scaffold with 6-lab structure
+- Docker Compose files for all 6 lab environments
+- Lab test scripts (06-01 through 06-06)
+- Architecture, deployment, and troubleshooting documentation
+- GitHub Actions CI/CD workflows
+- Module manifest: it-stack-nextcloud.yml
+
+## [0.1.0] — 2026-02-27
+
+- Initial repository scaffold
@@ -0,0 +1,9 @@
+# Code of Conduct
+
+This project follows the Contributor Covenant Code of Conduct.  
+See the organization-level policy:  
+https://github.com/it-stack-dev/.github/blob/main/CODE_OF_CONDUCT.md
+
+## Enforcement
+
+Violations may be reported to: **conduct@it-stack.lab**
@@ -0,0 +1,29 @@
+# Contributing to IT-Stack NEXTCLOUD
+
+Thank you for contributing to this module!
+
+Please read the organization-level contribution guidelines first:  
+https://github.com/it-stack-dev/.github/blob/main/CONTRIBUTING.md
+
+## Module-Specific Notes
+
+- This is **Module 06** in the IT-Stack platform
+- All changes must preserve the 6-lab testing progression
+- Lab 06-01 (Standalone) must always work without external dependencies
+- Test with make test-lab-01 before submitting a PR
+
+## Development Setup
+
+```bash
+git clone https://github.com/it-stack-dev/it-stack-nextcloud.git
+cd it-stack-nextcloud
+make install
+make test
+```
+
+## Submitting Changes
+
+1. Branch from develop: git checkout -b feature/your-feature develop
+2. Make your changes
+3. Run make test-lab-01 to verify standalone still works
+4. Open a PR targeting develop
@@ -0,0 +1,23 @@
+# Dockerfile — IT-Stack NEXTCLOUD wrapper
+# Module 06 | Category: collaboration | Phase: 2
+# Base image: nextcloud:28-apache
+
+FROM nextcloud:28-apache
+
+# Labels
+LABEL org.opencontainers.image.title="it-stack-nextcloud" \
+      org.opencontainers.image.description="Nextcloud file sync, calendar, and office suite" \
+      org.opencontainers.image.vendor="it-stack-dev" \
+      org.opencontainers.image.licenses="Apache-2.0" \
+      org.opencontainers.image.source="https://github.com/it-stack-dev/it-stack-nextcloud"
+
+# Copy custom configuration and scripts
+COPY src/ /opt/it-stack/nextcloud/
+COPY docker/entrypoint.sh /entrypoint.sh
+RUN chmod +x /entrypoint.sh
+
+# Health check
+HEALTHCHECK --interval=30s --timeout=10s --start-period=60s --retries=3 \
+    CMD curl -f http://localhost/health || exit 1
+
+ENTRYPOINT ["/entrypoint.sh"]
@@ -0,0 +1,17 @@
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+Copyright 2026 it-stack-dev contributors
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
@@ -0,0 +1,54 @@
+# Makefile — IT-Stack NEXTCLOUD (Module 06)
+.PHONY: help build install test test-lab-01 test-lab-02 test-lab-03 \
+        test-lab-04 test-lab-05 test-lab-06 deploy clean lint
+
+COMPOSE_STANDALONE = docker/docker-compose.standalone.yml
+COMPOSE_LAN        = docker/docker-compose.lan.yml
+COMPOSE_ADVANCED   = docker/docker-compose.advanced.yml
+COMPOSE_SSO        = docker/docker-compose.sso.yml
+COMPOSE_INTEGRATION= docker/docker-compose.integration.yml
+COMPOSE_PRODUCTION = docker/docker-compose.production.yml
+
+help: ## Show this help
+	@grep -E '^[a-zA-Z_-]+:.*?## .*$$' Makefile | awk 'BEGIN {FS = ":.*?## "}; {printf "  \033[36m%-20s\033[0m %s\n", $$1, $$2}'
+
+build: ## Build Docker image
+	docker build -t it-stack/nextcloud:latest .
+
+install: ## Start standalone (Lab 01) environment
+	docker compose -f $$(COMPOSE_STANDALONE) up -d
+	@echo "Waiting for nextcloud to be ready..."
+	@sleep 10
+	@docker compose -f $$(COMPOSE_STANDALONE) ps
+
+test: test-lab-01 ## Run default test (Lab 01)
+
+test-lab-01: ## Lab 01 — Standalone
+	@bash tests/labs/test-lab-06-01.sh
+
+test-lab-02: ## Lab 02 — External Dependencies
+	@bash tests/labs/test-lab-06-02.sh
+
+test-lab-03: ## Lab 03 — Advanced Features
+	@bash tests/labs/test-lab-06-03.sh
+
+test-lab-04: ## Lab 04 — SSO Integration
+	@bash tests/labs/test-lab-06-04.sh
+
+test-lab-05: ## Lab 05 — Advanced Integration
+	@bash tests/labs/test-lab-06-05.sh
+
+test-lab-06: ## Lab 06 — Production Deployment
+	@bash tests/labs/test-lab-06-06.sh
+
+deploy: ## Deploy to target server (lab-app1)
+	ansible-playbook -i ansible/inventory.yml ansible/playbooks/deploy-nextcloud.yml
+
+clean: ## Stop and remove all containers and volumes
+	docker compose -f $$(COMPOSE_STANDALONE) down -v --remove-orphans
+	docker compose -f $$(COMPOSE_LAN) down -v --remove-orphans 2>/dev/null || true
+	docker compose -f $$(COMPOSE_ADVANCED) down -v --remove-orphans 2>/dev/null || true
+
+lint: ## Lint docker-compose and shell scripts
+	docker compose -f $$(COMPOSE_STANDALONE) config -q
+	@for f in tests/labs/*.sh; do shellcheck $$f; done