From 58c3caae0718757323586def0d0503be0db87188 Mon Sep 17 00:00:00 2001 From: mmattel Date: Wed, 19 Jun 2024 12:01:16 +0200 Subject: [PATCH 1/4] [5.0] Refactor the 'ocis_wopi' deployment example --- deployments/examples/ocis_wopi/.env | 220 +++++++++++--- deployments/examples/ocis_wopi/README.md | 10 +- .../collabora/docker-compose-additions.yml | 67 +++++ .../companion/docker-compose-additions.yml | 38 +++ .../examples/ocis_wopi/docker-compose.yml | 277 +----------------- .../inbucket/docker-compose-additions.yml | 24 ++ .../docker-compose-additions.yml | 2 - .../ocis/docker-compose-additions.yml | 66 +++++ .../onlyoffice/docker-compose-additions.yml | 73 +++++ .../tika/docker-compose-additions.yml | 14 + .../wopi/docker-compose-additions.yml | 38 +++ 11 files changed, 507 insertions(+), 322 deletions(-) create mode 100644 deployments/examples/ocis_wopi/collabora/docker-compose-additions.yml create mode 100644 deployments/examples/ocis_wopi/companion/docker-compose-additions.yml create mode 100644 deployments/examples/ocis_wopi/inbucket/docker-compose-additions.yml create mode 100644 deployments/examples/ocis_wopi/ocis/docker-compose-additions.yml create mode 100644 deployments/examples/ocis_wopi/onlyoffice/docker-compose-additions.yml create mode 100644 deployments/examples/ocis_wopi/tika/docker-compose-additions.yml create mode 100644 deployments/examples/ocis_wopi/wopi/docker-compose-additions.yml diff --git a/deployments/examples/ocis_wopi/.env b/deployments/examples/ocis_wopi/.env index b7616b8c944..f995a3384fc 100644 --- a/deployments/examples/ocis_wopi/.env +++ b/deployments/examples/ocis_wopi/.env @@ -1,73 +1,213 @@ -# If you're on a internet facing server please comment out following line. -# It skips certificate validation for various parts of oCIS and is needed if you use self signed certificates. +# DO NOT DELETE OR CHANGE THE FOLLOWING LIST +# except you add or remove a service +# this list prevents the compose warning: +# ..."variable is not set. Defaulting to a blank string." + +OCIS= +TIKA= +WOPISERVER= +COLLABORA= +MONITORING= +COMPANION= +ONLYOFFICE= +INBUCKET= + + +# Define the docker compose log driver used. +# Do not change until you know what you are doing. +LOG_DRIVER= + +# If you're on an internet facing server. comment out following line. +# It skips certificate validation for various parts of Infinite Scale and is +# needed when self signed certificates are used. INSECURE=true -### Traefik settings ### -# Serve Traefik dashboard. Defaults to "false". + +### Traefik Settings ### + +# Serve Traefik dashboard. +# Defaults to "false". TRAEFIK_DASHBOARD= -# Domain of Traefik, where you can find the dashboard. Defaults to "traefik.owncloud.test" + +# Domain of Traefik, where you can find the dashboard. +# Defaults to "traefik.owncloud.test" TRAEFIK_DOMAIN= -# Basic authentication for the dashboard. Defaults to user "admin" and password "admin" (written as: "admin:admin"). + +# Basic authentication for the traefik dashboard. +# Defaults to user "admin" and password "admin" (written as: "admin:admin"). TRAEFIK_BASIC_AUTH_USERS= -# Email address for obtaining LetsEncrypt certificates, needs only be changed if this is a public facing server + +# Email address for obtaining LetsEncrypt certificates. +# Needs only be changed if this is a public facing server. TRAEFIK_ACME_MAIL= + # Defaults to "https://acme-v02.api.letsencrypt.org/directory". -# Set to: "https://acme-staging-v02.api.letsencrypt.org/directory" for testing to check the certificate process. -# With staging, there will be an SSL error in the browser. When certificates are displayed and are emitted by -# "Fake LE Intermediate X1", the process went well and the envvar can be reset to empty to get valid certificates. +# Set to the following for testing to check the certificate process: +# "https://acme-staging-v02.api.letsencrypt.org/directory" +# With staging configured, there will be an SSL error in the browser. +# When certificates are displayed and are emitted by # "Fake LE Intermediate X1", +# the process went well and the envvar can be reset to empty to get valid certificates. TRAEFIK_ACME_CASERVER= -### oCIS settings ### -# oCIS version. Defaults to "latest" + +### Infinite Scale Settings ### + +# Beside Traefik, this service must stay enabled. +# Disable only for testing purposes. +OCIS=:ocis/docker-compose-additions.yml + +# The oCIS container version. +# Defaults to "latest". It is recommended to use a stable version like 5.0.5. OCIS_DOCKER_TAG= -# Domain of oCIS, where you can find the frontend. Defaults to "ocis.owncloud.test" + +# Domain of oCIS, where you can find the frontend. +# Defaults to "ocis.owncloud.test" OCIS_DOMAIN= + # oCIS admin user password. Defaults to "admin". ADMIN_PASSWORD= -# The demo users should not be created on a production instance + +# Demo users should not be created on a production instance, # because their passwords are public. Defaults to "false". +# Also see: https://doc.owncloud.com/ocis/latest/deployment/general/general-info.html#demo-users-and-groups DEMO_USERS= -# Log level for OCIS_DOCKER_TAG -OCIS_LOG_LEVEL= -### Wopi server settings ### -# cs3org wopi server version. Defaults to "v10.4.0" +# Define the loglevel used. +# For more details see: +# https://doc.owncloud.com/ocis/latest/deployment/services/env-vars-special-scope.html +LOG_LEVEL= + +# Define SMPT settings if you would like to send Infinite Scale email notifications. +# For more details see: +# https://doc.owncloud.com/ocis/latest/deployment/services/s-list/notifications.html + +# SMTP host to connect to. +SMTP_HOST= + +# Port of the SMTP host to connect to. +SMTP_PORT= + +# An eMail address that is used for sending Infinite Scale notification eMails +# like "ocis notifications ". +SMTP_SENDER= + +# Username for the SMTP host to connect to. +SMTP_USERNAME= + +# Password for the SMTP host to connect to. +SMTP_PASSWORD= + +# Authentication method for the SMTP communication. +SMTP_AUTHENTICATION= + +# Allow insecure connections to the SMTP server. Defaults to false. +SMTP_INSECURE= + + +## Default Enabled Services ## + +### Apache Tika Content Analysis Toolkit ### + +# Tika (search) is enabled by default, comment if not required. +TIKA=:tika/docker-compose-additions.yml +# Set the desired docker image tag or digest. +# Defaults to "latest" +#TIKA_IMAGE= + + +### Wopi Server Settings ### + +# Wopi Server is enabled by default, comment if not required. +# Note that without the wopiserver, office apps will fail to start. +WOPISERVER=:wopi/docker-compose-additions.yml + +# cs3org WOPI Server Version. +# Defaults to "v10.5.0" WOPISERVER_DOCKER_TAG= -# cs3org wopi server domain. Defaults to "wopiserver.owncloud.test" + +# cs3org WOPI Server Domain. Defaults to "wopiserver.owncloud.test" WOPISERVER_DOMAIN= -# JWT secret which is used for the documents to be request by the Wopi client from the cs3org Wopi server. Must be change in order to have a secure Wopi server. Defaults to "LoremIpsum567" + +# JWT secret which is used for the documents to be request by the WOPI client +# from the cs3org WOPI server. Must be changed in order to have a secure WOPI server. +# Defaults to "LoremIpsum567" WOPI_JWT_SECRET= -### Collabora settings ### -# Domain of Collabora, where you can find the frontend. Defaults to "collabora.owncloud.test" + +### Collabora Settings ### + +# Collabora web office is default enabled, comment if not required. +COLLABORA=:collabora/docker-compose-additions.yml + +# Domain of Collabora, where you can find the frontend. +# Defaults to "collabora.owncloud.test" COLLABORA_DOMAIN= -# Admin user for Collabora. Defaults to blank, provide one to enable access. Collabora Admin Panel URL: https://{COLLABORA_DOMAIN}/browser/dist/admin/admin.html + +# Admin user for Collabora. +# Defaults to blank. Provide one to enable access. +# Collabora Admin Panel URL: +# https://{COLLABORA_DOMAIN}/browser/dist/admin/admin.html COLLABORA_ADMIN_USER= -# Admin password for Collabora. Defaults to blank, provide one to enable access + +# Admin password for Collabora. +# Defaults to blank, provide one to enable access COLLABORA_ADMIN_PASSWORD= -### OnlyOffice settings ### -# Domain of OnlyOffice, where you can find the frontend. Defaults to "onlyoffice.owncloud.test" -ONLYOFFICE_DOMAIN= -### Email / Inbucket settings ### -# Inbucket / Mail domain. Defaults to "mail.owncloud.test" -INBUCKET_DOMAIN= +### Supplemental Configurations ### +# If you want to use supplemental configurations, +# you need to uncomment lines containing :path/file.yml +# and configure the service if required. -### Apache Tika Content analysis toolkit ### -# Set the desired docker image tag or digest, defaults to "latest" -TIKA_IMAGE= -# If you want to use debugging and tracing with this stack, -# you need uncomment following line. Please see documentation at -# https://owncloud.dev/ocis/deployment/monitoring-tracing/ -#COMPOSE_FILE=docker-compose.yml:monitoring_tracing/docker-compose-additions.yml +## Debugging - Monitoring ## +# Please see documentation at: https://owncloud.dev/ocis/deployment/monitoring-tracing/ +# Only enable if you have Collabora AND OnlyOffice enabled +#MONITORING=:monitoring_tracing/docker-compose-additions.yml + + +## Uppy Companion Settings ## + +#COMPANION=:companion/docker-compose-additions.yml -### Uppy Companion settings ### -# Domain of Uppy Companion. Defaults to "companion.owncloud.test" COMPANION_IMAGE= + +# Domain of Uppy Companion. Defaults to "companion.owncloud.test" COMPANION_DOMAIN= COMPANION_WEB_CONFIG_FILE_NAME= -# Provider settings, see https://uppy.io/docs/companion/#provideroptions for reference. Empty by default, which disables providers. + +# Provider settings, see https://uppy.io/docs/companion/#provideroptions for reference. +# Empty by default, which disables providers. COMPANION_ONEDRIVE_KEY= COMPANION_ONEDRIVE_SECRET= + + +## OnlyOffice Settings ## +#ONLYOFFICE=:onlyoffice/docker-compose-additions.yml + +# Domain for OnlyOffice. Defaults to "onlyoffice.owncloud.test" +ONLYOFFICE_DOMAIN= + + +## Inbucket Settings ## +#INBUCKET=:inbucket/docker-compose-additions.yml + +# email server (in this case inbucket acts as mail catcher) +# Domain for Inbucket. Defaults to "mail.owncloud.test" +INBUCKET_DOMAIN= + +# Mutual exclusive with ocis settings, only uncomment when the ocis settings are NOT set +#SMTP_HOST=inbucket +#SMTP_PORT=2500 +#SMTP_SENDER="oCIS notifications " +#SMTP_USERNAME="notifications@${OCIS_DOMAIN:-ocis.owncloud.test}" +# the mail catcher uses self signed certificates +#SMTP_INSECURE: "true" + + +### IMPORTANT ### +# This MUST be the last line as it assembles the supplemental compose files to be used. +# ALL supplemental configs must be added here, independent if commented or not. +# Each var must either be empty or contain :path/file.yml +COMPOSE_FILE=docker-compose.yml${OCIS}${TIKA}${WOPISERVER}${COLLABORA}${MONITORING}${COMPANION}${ONLYOFFICE}${INBUCKET} + diff --git a/deployments/examples/ocis_wopi/README.md b/deployments/examples/ocis_wopi/README.md index 9a346f65057..76f5bc4b55e 100644 --- a/deployments/examples/ocis_wopi/README.md +++ b/deployments/examples/ocis_wopi/README.md @@ -1,10 +1,4 @@ ---- -document this deployment example in: docs/ocis/deployment/ocis_wopi.md ---- +Please refer to our [admin documentation](https://doc.owncloud.com/ocis/latest/depl-examples/ubuntu-compose/ubuntu-compose-prod.html) for instructions on how to deploy this scenario. -# Infinite Scale WOPI Deployment Example +Note: This deployment setup is highly configurable. At minimum, it starts traefik`, ocis`, tika`, the wopiserver` and collabora`. Additional services can be started by removing the respective comment in the `.env` file. Depending on the service added, related variables need to be configured. -This deployment example is documented in the [developer documentation](https://owncloud.dev/ocis/deployment/ocis_wopi/). -See the link for more details and instructions on how to deploy this scenario. - -Also see the [Admin Documentation](https://doc.owncloud.com/ocis/latest/index.html) for administrative and more configuration details. diff --git a/deployments/examples/ocis_wopi/collabora/docker-compose-additions.yml b/deployments/examples/ocis_wopi/collabora/docker-compose-additions.yml new file mode 100644 index 00000000000..f32b945a027 --- /dev/null +++ b/deployments/examples/ocis_wopi/collabora/docker-compose-additions.yml @@ -0,0 +1,67 @@ +--- +services: + traefik: + networks: + ocis-net: + aliases: + - ${COLLABORA_DOMAIN:-collabora.owncloud.test} + + collabora: + # collabora can currently NOT be updated to: 24.x due to a bug in collabora + # this is the latest tested and functional collabora version + image: collabora/code:23.05.10.1.1 + networks: + - ocis-net + environment: + aliasgroup1: https://${WOPISERVER_DOMAIN:-wopiserver.owncloud.test}:443 + DONT_GEN_SSL_CERT: "YES" + extra_params: --o:ssl.enable=false --o:ssl.termination=true --o:welcome.enable=false --o:net.frame_ancestors=${OCIS_DOMAIN:-ocis.owncloud.test} + username: ${COLLABORA_ADMIN_USER} + password: ${COLLABORA_ADMIN_PASSWORD} + cap_add: + - MKNOD + labels: + - "traefik.enable=true" + - "traefik.http.routers.collabora.entrypoints=https" + - "traefik.http.routers.collabora.rule=Host(`${COLLABORA_DOMAIN:-collabora.owncloud.test}`)" + - "traefik.http.routers.collabora.tls.certresolver=http" + - "traefik.http.routers.collabora.service=collabora" + - "traefik.http.services.collabora.loadbalancer.server.port=9980" + logging: + driver: ${LOG_DRIVER:-local} + restart: always + healthcheck: + test: ["CMD", "curl", "-f", "http://localhost:9980/hosting/discovery"] + + ocis-appprovider-collabora: + image: owncloud/ocis:${OCIS_DOCKER_TAG:-latest} + networks: + ocis-net: + command: app-provider server + environment: + OCIS_LOG_LEVEL: ${OCIS_LOG_LEVEL:-info} + # use the internal service name of the gateway + APP_PROVIDER_GRPC_ADDR: 0.0.0.0:9164 + # configure the service name to avoid collision with like with onlyoffice + APP_PROVIDER_SERVICE_NAME: app-provider-collabora + # use the internal service name + APP_PROVIDER_EXTERNAL_ADDR: com.owncloud.api.app-provider-collabora + APP_PROVIDER_DRIVER: wopi + APP_PROVIDER_WOPI_APP_NAME: Collabora + APP_PROVIDER_WOPI_APP_ICON_URI: https://${COLLABORA_DOMAIN:-collabora.owncloud.test}/favicon.ico + APP_PROVIDER_WOPI_APP_URL: https://${COLLABORA_DOMAIN:-collabora.owncloud.test} + APP_PROVIDER_WOPI_INSECURE: "${INSECURE:-false}" + APP_PROVIDER_WOPI_WOPI_SERVER_EXTERNAL_URL: https://${WOPISERVER_DOMAIN:-wopiserver.owncloud.test} + APP_PROVIDER_WOPI_FOLDER_URL_BASE_URL: https://${OCIS_DOMAIN:-ocis.owncloud.test} + # share the registry with the ocis container + MICRO_REGISTRY_ADDRESS: ocis:9233 + volumes: + - ocis-config:/etc/ocis + logging: + driver: ${LOG_DRIVER:-local} + restart: always + depends_on: + ocis: + condition: service_started + collabora: + condition: service_healthy diff --git a/deployments/examples/ocis_wopi/companion/docker-compose-additions.yml b/deployments/examples/ocis_wopi/companion/docker-compose-additions.yml new file mode 100644 index 00000000000..6e213d4d5e7 --- /dev/null +++ b/deployments/examples/ocis_wopi/companion/docker-compose-additions.yml @@ -0,0 +1,38 @@ +--- +services: + traefik: + networks: + ocis-net: + aliases: + - ${COMPANION_DOMAIN:-companion.owncloud.test} + + companion: + # companion could be updated to: 4.14.0 <-- needs checking + image: ${COMPANION_IMAGE:-transloadit/companion:4.5.1} + networks: + - ocis-net + environment: + NODE_ENV: production + NODE_TLS_REJECT_UNAUTHORIZED: 0 + COMPANION_DATADIR: /tmp/companion/ + COMPANION_DOMAIN: ${COMPANION_DOMAIN:-companion.owncloud.test} + COMPANION_PROTOCOL: https + COMPANION_UPLOAD_URLS: "^https://${OCIS_DOMAIN:-ocis.owncloud.test}/" + COMPANION_ONEDRIVE_KEY: "${COMPANION_ONEDRIVE_KEY}" + COMPANION_ONEDRIVE_SECRET: "${COMPANION_ONEDRIVE_SECRET}" + volumes: + - companion-data:/tmp/companion/ + labels: + - "traefik.enable=true" + - "traefik.http.routers.companion.entrypoints=https" + - "traefik.http.routers.companion.rule=Host(`${COMPANION_DOMAIN:-companion.owncloud.test}`)" + - "traefik.http.routers.companion.tls.certresolver=http" + - "traefik.http.routers.companion.service=companion" + - "traefik.http.services.companion.loadbalancer.server.port=3020" + logging: + driver: ${LOG_DRIVER:-local} + restart: always + +volumes: + companion-data: + diff --git a/deployments/examples/ocis_wopi/docker-compose.yml b/deployments/examples/ocis_wopi/docker-compose.yml index 9b7f2fd6b0b..9b0bff1bdbc 100644 --- a/deployments/examples/ocis_wopi/docker-compose.yml +++ b/deployments/examples/ocis_wopi/docker-compose.yml @@ -1,17 +1,9 @@ --- -version: "3.7" - services: traefik: - image: traefik:v2.9.1 + image: traefik:v3.0.2 networks: - ocis-net: - aliases: - - ${OCIS_DOMAIN:-ocis.owncloud.test} - - ${WOPISERVER_DOMAIN:-wopiserver.owncloud.test} - - ${COLLABORA_DOMAIN:-collabora.owncloud.test} - - ${ONLYOFFICE_DOMAIN:-onlyoffice.owncloud.test} - - ${COMPANION_DOMAIN:-companion.owncloud.test} + - ocis-net command: - "--log.level=${TRAEFIK_LOG_LEVEL:-ERROR}" # letsencrypt configuration @@ -41,7 +33,8 @@ services: - "certs:/certs" labels: - "traefik.enable=${TRAEFIK_DASHBOARD:-false}" - - "traefik.http.middlewares.traefik-auth.basicauth.users=${TRAEFIK_BASIC_AUTH_USERS:-admin:$$apr1$$4vqie50r$$YQAmQdtmz5n9rEALhxJ4l.}" # defaults to admin:admin + # basic authentication for the traefik dashboard, defaults to admin:admin + - "traefik.http.middlewares.traefik-auth.basicauth.users=${TRAEFIK_BASIC_AUTH_USERS:-admin:$$apr1$$4vqie50r$$YQAmQdtmz5n9rEALhxJ4l.}" - "traefik.http.routers.traefik.entrypoints=https" - "traefik.http.routers.traefik.rule=Host(`${TRAEFIK_DOMAIN:-traefik.owncloud.test}`)" - "traefik.http.routers.traefik.middlewares=traefik-auth" @@ -51,269 +44,9 @@ services: driver: ${LOG_DRIVER:-local} restart: always - ocis: - image: owncloud/ocis:${OCIS_DOCKER_TAG:-latest} - networks: - ocis-net: - entrypoint: - - /bin/sh - # run ocis init to initialize a configuration file with random secrets - # it will fail on subsequent runs, because the config file already exists - # therefore we ignore the error and then start the ocis server - command: ["-c", "ocis init || true; ocis server"] - environment: - OCIS_URL: https://${OCIS_DOMAIN:-ocis.owncloud.test} - OCIS_LOG_LEVEL: ${OCIS_LOG_LEVEL:-info} - OCIS_LOG_COLOR: "${OCIS_LOG_COLOR:-false}" - PROXY_TLS: "false" # do not use SSL between Traefik and oCIS - GATEWAY_GRPC_ADDR: 0.0.0.0:9142 # make the REVA gateway accessible to the app drivers - # INSECURE: needed if oCIS / Traefik is using self generated certificates - OCIS_INSECURE: "${INSECURE:-false}" - # basic auth (not recommended, but needed for eg. WebDav clients that do not support OpenID Connect) - PROXY_ENABLE_BASIC_AUTH: "${PROXY_ENABLE_BASIC_AUTH:-false}" - # admin user password - IDM_ADMIN_PASSWORD: "${ADMIN_PASSWORD:-admin}" # this overrides the admin password from the configuration file - # demo users - IDM_CREATE_DEMO_USERS: "${DEMO_USERS:-false}" - # fulltext search - SEARCH_EXTRACTOR_TYPE: tika - SEARCH_EXTRACTOR_TIKA_TIKA_URL: http://tika:9998 - FRONTEND_FULL_TEXT_SEARCH_ENABLED: "true" - # email server (in this case inbucket acts as mail catcher) - NOTIFICATIONS_SMTP_HOST: inbucket - NOTIFICATIONS_SMTP_PORT: 2500 - NOTIFICATIONS_SMTP_SENDER: oCIS notifications - NOTIFICATIONS_SMTP_USERNAME: notifications@${OCIS_DOMAIN:-ocis.owncloud.test} - NOTIFICATIONS_SMTP_INSECURE: "true" # the mail catcher uses self signed certificates - # make the registry available to the app provider containers - MICRO_REGISTRY_ADDRESS: 127.0.0.1:9233 - NATS_NATS_HOST: 0.0.0.0 - NATS_NATS_PORT: 9233 - volumes: - - ./config/ocis/app-registry.yaml:/etc/ocis/app-registry.yaml - - ./config/ocis/web.yaml:/etc/ocis/web.yaml - - ocis-config:/etc/ocis - - ocis-data:/var/lib/ocis - labels: - - "traefik.enable=true" - - "traefik.http.routers.ocis.entrypoints=https" - - "traefik.http.routers.ocis.rule=Host(`${OCIS_DOMAIN:-ocis.owncloud.test}`)" - - "traefik.http.routers.ocis.tls.certresolver=http" - - "traefik.http.routers.ocis.service=ocis" - - "traefik.http.services.ocis.loadbalancer.server.port=9200" - logging: - driver: ${LOG_DRIVER:-local} - restart: always - - ocis-appprovider-collabora: - image: owncloud/ocis:${OCIS_DOCKER_TAG:-latest} - networks: - ocis-net: - command: app-provider server - environment: - OCIS_LOG_LEVEL: ${OCIS_LOG_LEVEL:-info} - # use the internal service name of the gateway - REVA_GATEWAY: ${REVA_GATEWAY:-com.owncloud.api.gateway} - APP_PROVIDER_GRPC_ADDR: 0.0.0.0:9164 - # configure the service name to avoid collision with onlyoffice - APP_PROVIDER_SERVICE_NAME: app-provider-collabora - # use the internal service name - APP_PROVIDER_EXTERNAL_ADDR: com.owncloud.api.app-provider-collabora - APP_PROVIDER_DRIVER: wopi - APP_PROVIDER_WOPI_APP_NAME: Collabora - APP_PROVIDER_WOPI_APP_ICON_URI: https://${COLLABORA_DOMAIN:-collabora.owncloud.test}/favicon.ico - APP_PROVIDER_WOPI_APP_URL: https://${COLLABORA_DOMAIN:-collabora.owncloud.test} - APP_PROVIDER_WOPI_INSECURE: "${INSECURE:-false}" - APP_PROVIDER_WOPI_WOPI_SERVER_EXTERNAL_URL: https://${WOPISERVER_DOMAIN:-wopiserver.owncloud.test} - APP_PROVIDER_WOPI_FOLDER_URL_BASE_URL: https://${OCIS_DOMAIN:-ocis.owncloud.test} - # share the registry with the ocis container - MICRO_REGISTRY_ADDRESS: ocis:9233 - volumes: - - ocis-config:/etc/ocis - logging: - driver: ${LOG_DRIVER:-local} - restart: always - depends_on: - ocis: - condition: service_started - collabora: - condition: service_healthy - - ocis-appprovider-onlyoffice: - image: owncloud/ocis:${OCIS_DOCKER_TAG:-latest} - networks: - ocis-net: - command: app-provider server - environment: - OCIS_LOG_LEVEL: ${OCIS_LOG_LEVEL:-info} - # use the internal service name of the gateway - REVA_GATEWAY: ${REVA_GATEWAY:-com.owncloud.api.gateway} - APP_PROVIDER_GRPC_ADDR: 0.0.0.0:9164 - # configure the service name to avoid collision with collabora - APP_PROVIDER_SERVICE_NAME: app-provider-onlyoffice - # use the internal service name - APP_PROVIDER_EXTERNAL_ADDR: com.owncloud.api.app-provider-onlyoffice - APP_PROVIDER_DRIVER: wopi - APP_PROVIDER_WOPI_APP_NAME: OnlyOffice - APP_PROVIDER_WOPI_APP_ICON_URI: https://${ONLYOFFICE_DOMAIN:-onlyoffice.owncloud.test}/web-apps/apps/documenteditor/main/resources/img/favicon.ico - APP_PROVIDER_WOPI_APP_URL: https://${ONLYOFFICE_DOMAIN:-onlyoffice.owncloud.test} - APP_PROVIDER_WOPI_INSECURE: "${INSECURE:-false}" - APP_PROVIDER_WOPI_WOPI_SERVER_EXTERNAL_URL: https://${WOPISERVER_DOMAIN:-wopiserver.owncloud.test} - APP_PROVIDER_WOPI_FOLDER_URL_BASE_URL: https://${OCIS_DOMAIN:-ocis.owncloud.test} - # share the registry with the ocis container - MICRO_REGISTRY_ADDRESS: ocis:9233 - volumes: - - ocis-config:/etc/ocis - logging: - driver: ${LOG_DRIVER:-local} - restart: always - depends_on: - ocis: - condition: service_started - onlyoffice: - condition: service_healthy - - wopiserver: - image: cs3org/wopiserver:${WOPISERVER_DOCKER_TAG:-v10.4.0} - networks: - ocis-net: - entrypoint: - - /bin/sh - - /entrypoint-override.sh - environment: - WOPISERVER_INSECURE: "${INSECURE:-false}" - WOPISECRET: ${WOPI_JWT_SECRET:-LoremIpsum567} - WOPISERVER_DOMAIN: ${WOPISERVER_DOMAIN:-wopiserver.owncloud.test} - volumes: - - ./config/wopiserver/entrypoint-override.sh:/entrypoint-override.sh - - ./config/wopiserver/wopiserver.conf.dist:/etc/wopi/wopiserver.conf.dist - - wopi-recovery:/var/spool/wopirecovery - labels: - - "traefik.enable=true" - - "traefik.http.routers.wopiserver.entrypoints=https" - - "traefik.http.routers.wopiserver.rule=Host(`${WOPISERVER_DOMAIN:-wopiserver.owncloud.test}`)" - - "traefik.http.routers.wopiserver.tls.certresolver=http" - - "traefik.http.routers.wopiserver.service=wopiserver" - - "traefik.http.services.wopiserver.loadbalancer.server.port=8880" - logging: - driver: ${LOG_DRIVER:-local} - restart: always - - collabora: - image: collabora/code:23.05.5.2.1 - networks: - ocis-net: - environment: - aliasgroup1: https://${WOPISERVER_DOMAIN:-wopiserver.owncloud.test}:443 - DONT_GEN_SSL_CERT: "YES" - extra_params: --o:ssl.enable=false --o:ssl.termination=true --o:welcome.enable=false --o:net.frame_ancestors=${OCIS_DOMAIN:-ocis.owncloud.test} - username: ${COLLABORA_ADMIN_USER} - password: ${COLLABORA_ADMIN_PASSWORD} - cap_add: - - MKNOD - labels: - - "traefik.enable=true" - - "traefik.http.routers.collabora.entrypoints=https" - - "traefik.http.routers.collabora.rule=Host(`${COLLABORA_DOMAIN:-collabora.owncloud.test}`)" - - "traefik.http.routers.collabora.tls.certresolver=http" - - "traefik.http.routers.collabora.service=collabora" - - "traefik.http.services.collabora.loadbalancer.server.port=9980" - logging: - driver: ${LOG_DRIVER:-local} - restart: always - healthcheck: - test: ["CMD", "curl", "-f", "http://localhost:9980/hosting/discovery"] - - onlyoffice: - image: onlyoffice/documentserver:7.5.0 - networks: - ocis-net: - entrypoint: - - /bin/sh - - /entrypoint-override.sh - environment: - WOPI_ENABLED: "true" - USE_UNAUTHORIZED_STORAGE: "${INSECURE:-false}" # self signed certificates - volumes: - - ./config/onlyoffice/entrypoint-override.sh:/entrypoint-override.sh - - ./config/onlyoffice/local.json:/etc/onlyoffice/documentserver/local.dist.json - labels: - - "traefik.enable=true" - - "traefik.http.routers.onlyoffice.entrypoints=https" - - "traefik.http.routers.onlyoffice.rule=Host(`${ONLYOFFICE_DOMAIN:-onlyoffice.owncloud.test}`)" - - "traefik.http.routers.onlyoffice.tls.certresolver=http" - - "traefik.http.routers.onlyoffice.service=onlyoffice" - - "traefik.http.services.onlyoffice.loadbalancer.server.port=80" - # websockets can't be opened when this is ommitted - - "traefik.http.middlewares.onlyoffice.headers.customrequestheaders.X-Forwarded-Proto=https" - - "traefik.http.routers.onlyoffice.middlewares=onlyoffice" - logging: - driver: ${LOG_DRIVER:-local} - restart: always - healthcheck: - test: ["CMD", "curl", "-f", "http://localhost/hosting/discovery"] - - tika: - image: ${TIKA_IMAGE:-apache/tika:latest-full} - networks: - ocis-net: - restart: always - - companion: - image: ${COMPANION_IMAGE:-transloadit/companion:4.5.1} - networks: - ocis-net: - environment: - NODE_ENV: production - NODE_TLS_REJECT_UNAUTHORIZED: 0 - COMPANION_DATADIR: /tmp/companion/ - COMPANION_DOMAIN: ${COMPANION_DOMAIN:-companion.owncloud.test} - COMPANION_PROTOCOL: https - COMPANION_UPLOAD_URLS: "^https://${OCIS_DOMAIN:-ocis.owncloud.test}/" - COMPANION_ONEDRIVE_KEY: "${COMPANION_ONEDRIVE_KEY}" - COMPANION_ONEDRIVE_SECRET: "${COMPANION_ONEDRIVE_SECRET}" - volumes: - - companion-data:/tmp/companion/ - labels: - - "traefik.enable=true" - - "traefik.http.routers.companion.entrypoints=https" - - "traefik.http.routers.companion.rule=Host(`${COMPANION_DOMAIN:-companion.owncloud.test}`)" - - "traefik.http.routers.companion.tls.certresolver=http" - - "traefik.http.routers.companion.service=companion" - - "traefik.http.services.companion.loadbalancer.server.port=3020" - logging: - driver: ${LOG_DRIVER:-local} - restart: always - - inbucket: - image: inbucket/inbucket - networks: - ocis-net: - entrypoint: - - /bin/sh - command: [ "-c", "apk add openssl; openssl req -subj '/CN=inbucket.test' -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -keyout /tmp/server.key -out /tmp/server.crt; /start-inbucket.sh" ] - environment: - INBUCKET_SMTP_TLSENABLED: "true" - INBUCKET_SMTP_TLSPRIVKEY: /tmp/server.key - INBUCKET_SMTP_TLSCERT: /tmp/server.crt - INBUCKET_STORAGE_MAILBOXMSGCAP: 1000 - labels: - - "traefik.enable=true" - - "traefik.http.routers.inbucket.entrypoints=https" - - "traefik.http.routers.inbucket.rule=Host(`${INBUCKET_DOMAIN:-mail.owncloud.test}`)" - - "traefik.http.routers.inbucket.tls.certresolver=http" - - "traefik.http.routers.inbucket.service=inbucket" - - "traefik.http.services.inbucket.loadbalancer.server.port=9000" - logging: - driver: ${LOG_DRIVER:-local} - restart: always - volumes: certs: - ocis-config: - ocis-data: - wopi-recovery: - companion-data: networks: ocis-net: + diff --git a/deployments/examples/ocis_wopi/inbucket/docker-compose-additions.yml b/deployments/examples/ocis_wopi/inbucket/docker-compose-additions.yml new file mode 100644 index 00000000000..8debd714e59 --- /dev/null +++ b/deployments/examples/ocis_wopi/inbucket/docker-compose-additions.yml @@ -0,0 +1,24 @@ +--- +services: + inbucket: + image: inbucket/inbucket + networks: + - ocis-net + entrypoint: + - /bin/sh + command: [ "-c", "apk add openssl; openssl req -subj '/CN=inbucket.test' -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -keyout /tmp/server.key -out /tmp/server.crt; /start-inbucket.sh" ] + environment: + INBUCKET_SMTP_TLSENABLED: "true" + INBUCKET_SMTP_TLSPRIVKEY: /tmp/server.key + INBUCKET_SMTP_TLSCERT: /tmp/server.crt + INBUCKET_STORAGE_MAILBOXMSGCAP: 1000 + labels: + - "traefik.enable=true" + - "traefik.http.routers.inbucket.entrypoints=https" + - "traefik.http.routers.inbucket.rule=Host(`${INBUCKET_DOMAIN:-mail.owncloud.test}`)" + - "traefik.http.routers.inbucket.tls.certresolver=http" + - "traefik.http.routers.inbucket.service=inbucket" + - "traefik.http.services.inbucket.loadbalancer.server.port=9000" + logging: + driver: ${LOG_DRIVER:-local} + restart: always diff --git a/deployments/examples/ocis_wopi/monitoring_tracing/docker-compose-additions.yml b/deployments/examples/ocis_wopi/monitoring_tracing/docker-compose-additions.yml index 47839287163..78bcdec809c 100644 --- a/deployments/examples/ocis_wopi/monitoring_tracing/docker-compose-additions.yml +++ b/deployments/examples/ocis_wopi/monitoring_tracing/docker-compose-additions.yml @@ -1,6 +1,4 @@ --- -version: "3.7" - services: ocis: environment: diff --git a/deployments/examples/ocis_wopi/ocis/docker-compose-additions.yml b/deployments/examples/ocis_wopi/ocis/docker-compose-additions.yml new file mode 100644 index 00000000000..4f87d92e673 --- /dev/null +++ b/deployments/examples/ocis_wopi/ocis/docker-compose-additions.yml @@ -0,0 +1,66 @@ +--- +services: + traefik: + networks: + ocis-net: + aliases: + - ${OCIS_DOMAIN:-ocis.owncloud.test} + + ocis: + image: owncloud/ocis:${OCIS_DOCKER_TAG:-latest} + networks: + - ocis-net + entrypoint: + - /bin/sh + # run ocis init to initialize a configuration file with random secrets + # it will fail on subsequent runs, because the config file already exists + # therefore we ignore the error and then start the ocis server + command: ["-c", "ocis init || true; ocis server"] + environment: + OCIS_URL: https://${OCIS_DOMAIN:-ocis.owncloud.test} + OCIS_LOG_LEVEL: ${LOG_LEVEL:-info} + # do not use SSL between Traefik and oCIS + PROXY_TLS: "false" + # make the REVA gateway accessible to the app drivers + GATEWAY_GRPC_ADDR: 0.0.0.0:9142 + # INSECURE: needed if oCIS / Traefik is using self generated certificates + OCIS_INSECURE: "${INSECURE:-false}" + # admin user password + # use the admin password from the configuration file if defined + IDM_ADMIN_PASSWORD: "${ADMIN_PASSWORD:-admin}" + # demo users + IDM_CREATE_DEMO_USERS: "${DEMO_USERS:-false}" + # email server (if configured) + NOTIFICATIONS_SMTP_HOST: "${SMTP_HOST}" + NOTIFICATIONS_SMTP_PORT: "${SMTP_PORT}" + NOTIFICATIONS_SMTP_SENDER: "${SMTP_SENDER}" + NOTIFICATIONS_SMTP_USERNAME: "${SMTP_USERNAME}" + NOTIFICATIONS_SMTP_INSECURE: "${SMTP_INSECURE}" + # other required configurations + MICRO_REGISTRY_ADDRESS: 127.0.0.1:9233 + NATS_NATS_HOST: 0.0.0.0 + NATS_NATS_PORT: 9233 + # enable to allow using the banned passwords + #OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST: banned-password-list.txt + volumes: + # paths are relative to the main compose file + - ocis-config:/etc/ocis + - ocis-data:/var/lib/ocis + - ./config/ocis/app-registry.yaml:/etc/ocis/app-registry.yaml + - ./config/ocis/web.yaml:/etc/ocis/web.yaml + - ./config/ocis/banned-password-list.txt:/etc/ocis/banned-password-list.txt + labels: + - "traefik.enable=true" + - "traefik.http.routers.ocis.entrypoints=https" + - "traefik.http.routers.ocis.rule=Host(`${OCIS_DOMAIN:-ocis.owncloud.test}`)" + - "traefik.http.routers.ocis.tls.certresolver=http" + - "traefik.http.routers.ocis.service=ocis" + - "traefik.http.services.ocis.loadbalancer.server.port=9200" + logging: + driver: ${LOG_DRIVER:-local} + restart: always + +volumes: + ocis-config: + ocis-data: + diff --git a/deployments/examples/ocis_wopi/onlyoffice/docker-compose-additions.yml b/deployments/examples/ocis_wopi/onlyoffice/docker-compose-additions.yml new file mode 100644 index 00000000000..2aab3428284 --- /dev/null +++ b/deployments/examples/ocis_wopi/onlyoffice/docker-compose-additions.yml @@ -0,0 +1,73 @@ +--- +services: + traefik: + networks: + ocis-net: + aliases: + - ${ONLYOFFICE_DOMAIN:-onlyoffice.owncloud.test} + + onlyoffice: + # onlyoffice could be updated to: 8.0.1 <-- needs checking + # the image used is the community edition, the EE has not been tested. + image: onlyoffice/documentserver:7.5.0 + networks: + ocis-net: + entrypoint: + - /bin/sh + - /entrypoint-override.sh + environment: + WOPI_ENABLED: "true" + # self signed certificates + USE_UNAUTHORIZED_STORAGE: "${INSECURE:-false}" + volumes: + # paths are relative to the main compose file + - ./config/onlyoffice/entrypoint-override.sh:/entrypoint-override.sh + - ./config/onlyoffice/local.json:/etc/onlyoffice/documentserver/local.dist.json + labels: + - "traefik.enable=true" + - "traefik.http.routers.onlyoffice.entrypoints=https" + - "traefik.http.routers.onlyoffice.rule=Host(`${ONLYOFFICE_DOMAIN:-onlyoffice.owncloud.test}`)" + - "traefik.http.routers.onlyoffice.tls.certresolver=http" + - "traefik.http.routers.onlyoffice.service=onlyoffice" + - "traefik.http.services.onlyoffice.loadbalancer.server.port=80" + # websockets can't be opened when this is ommitted + - "traefik.http.middlewares.onlyoffice.headers.customrequestheaders.X-Forwarded-Proto=https" + - "traefik.http.routers.onlyoffice.middlewares=onlyoffice" + logging: + driver: ${LOG_DRIVER:-local} + restart: always + healthcheck: + test: ["CMD", "curl", "-f", "http://localhost/hosting/discovery"] + + ocis-appprovider-onlyoffice: + image: owncloud/ocis:${OCIS_DOCKER_TAG:-latest} + networks: + ocis-net: + command: app-provider server + environment: + OCIS_LOG_LEVEL: ${OCIS_LOG_LEVEL:-info} + # use the internal service name of the gateway + APP_PROVIDER_GRPC_ADDR: 0.0.0.0:9164 + # configure the service name to avoid collision like with with collabora + APP_PROVIDER_SERVICE_NAME: app-provider-onlyoffice + # use the internal service name + APP_PROVIDER_EXTERNAL_ADDR: com.owncloud.api.app-provider-onlyoffice + APP_PROVIDER_DRIVER: wopi + APP_PROVIDER_WOPI_APP_NAME: OnlyOffice + APP_PROVIDER_WOPI_APP_ICON_URI: https://${ONLYOFFICE_DOMAIN:-onlyoffice.owncloud.test}/web-apps/apps/documenteditor/main/resources/img/favicon.ico + APP_PROVIDER_WOPI_APP_URL: https://${ONLYOFFICE_DOMAIN:-onlyoffice.owncloud.test} + APP_PROVIDER_WOPI_INSECURE: "${INSECURE:-false}" + APP_PROVIDER_WOPI_WOPI_SERVER_EXTERNAL_URL: https://${WOPISERVER_DOMAIN:-wopiserver.owncloud.test} + APP_PROVIDER_WOPI_FOLDER_URL_BASE_URL: https://${OCIS_DOMAIN:-ocis.owncloud.test} + # share the registry with the ocis container + MICRO_REGISTRY_ADDRESS: ocis:9233 + volumes: + - ocis-config:/etc/ocis + logging: + driver: ${LOG_DRIVER:-local} + restart: always + depends_on: + ocis: + condition: service_started + onlyoffice: + condition: service_healthy diff --git a/deployments/examples/ocis_wopi/tika/docker-compose-additions.yml b/deployments/examples/ocis_wopi/tika/docker-compose-additions.yml new file mode 100644 index 00000000000..1f94fe60473 --- /dev/null +++ b/deployments/examples/ocis_wopi/tika/docker-compose-additions.yml @@ -0,0 +1,14 @@ +--- +services: + tika: + image: ${TIKA_IMAGE:-apache/tika:latest-full} + networks: + ocis-net: + restart: always + + ocis: + environment: + # fulltext search + SEARCH_EXTRACTOR_TYPE: tika + SEARCH_EXTRACTOR_TIKA_TIKA_URL: http://tika:9998 + FRONTEND_FULL_TEXT_SEARCH_ENABLED: "true" diff --git a/deployments/examples/ocis_wopi/wopi/docker-compose-additions.yml b/deployments/examples/ocis_wopi/wopi/docker-compose-additions.yml new file mode 100644 index 00000000000..aa6b301d0e8 --- /dev/null +++ b/deployments/examples/ocis_wopi/wopi/docker-compose-additions.yml @@ -0,0 +1,38 @@ +--- +services: + traefik: + networks: + ocis-net: + aliases: + - ${WOPISERVER_DOMAIN:-wopiserver.owncloud.test} + + wopiserver: + image: cs3org/wopiserver:${WOPISERVER_DOCKER_TAG:-v10.5.0} + networks: + - ocis-net + entrypoint: + - /bin/sh + - /entrypoint-override.sh + environment: + WOPISERVER_INSECURE: "${INSECURE:-false}" + WOPISECRET: ${WOPI_JWT_SECRET:-LoremIpsum567} + WOPISERVER_DOMAIN: ${WOPISERVER_DOMAIN:-wopiserver.owncloud.test} + volumes: + # paths are relative to the main compose file + - ./config/wopiserver/entrypoint-override.sh:/entrypoint-override.sh + - ./config/wopiserver/wopiserver.conf.dist:/etc/wopi/wopiserver.conf.dist + - wopi-recovery:/var/spool/wopirecovery + labels: + - "traefik.enable=true" + - "traefik.http.routers.wopiserver.entrypoints=https" + - "traefik.http.routers.wopiserver.rule=Host(`${WOPISERVER_DOMAIN:-wopiserver.owncloud.test}`)" + - "traefik.http.routers.wopiserver.tls.certresolver=http" + #- "traefik.http.routers.wopiserver.service=wopiserver" + - "traefik.http.services.wopiserver.loadbalancer.server.port=8880" + logging: + driver: ${LOG_DRIVER:-local} + restart: always + +volumes: + wopi-recovery: + From 14db9274c8d3c1ffc2f4b3cced82935bbda324c1 Mon Sep 17 00:00:00 2001 From: mmattel Date: Wed, 19 Jun 2024 16:43:01 +0200 Subject: [PATCH 2/4] update traefik to 3.0.3 --- deployments/examples/ocis_wopi/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deployments/examples/ocis_wopi/docker-compose.yml b/deployments/examples/ocis_wopi/docker-compose.yml index 9b0bff1bdbc..2033ecfbe98 100644 --- a/deployments/examples/ocis_wopi/docker-compose.yml +++ b/deployments/examples/ocis_wopi/docker-compose.yml @@ -1,7 +1,7 @@ --- services: traefik: - image: traefik:v3.0.2 + image: traefik:v3.0.3 networks: - ocis-net command: From 6446f513bbec9952e85010d40700ec93a979b4b2 Mon Sep 17 00:00:00 2001 From: Michael Barz Date: Thu, 20 Jun 2024 12:11:29 +0200 Subject: [PATCH 3/4] fix: simplify one more time --- deployments/examples/ocis_wopi/.env | 50 +++++++------------ ...er-compose-additions.yml => collabora.yml} | 0 ...er-compose-additions.yml => companion.yml} | 0 ...ker-compose-additions.yml => inbucket.yml} | 8 +++ ...r-compose-additions.yml => monitoring.yml} | 0 .../docker-compose-additions.yml => ocis.yml} | 2 +- ...r-compose-additions.yml => onlyoffice.yml} | 0 .../docker-compose-additions.yml => tika.yml} | 0 ...r-compose-additions.yml => wopiserver.yml} | 0 9 files changed, 28 insertions(+), 32 deletions(-) rename deployments/examples/ocis_wopi/{collabora/docker-compose-additions.yml => collabora.yml} (100%) rename deployments/examples/ocis_wopi/{companion/docker-compose-additions.yml => companion.yml} (100%) rename deployments/examples/ocis_wopi/{inbucket/docker-compose-additions.yml => inbucket.yml} (71%) rename deployments/examples/ocis_wopi/{monitoring_tracing/docker-compose-additions.yml => monitoring.yml} (100%) rename deployments/examples/ocis_wopi/{ocis/docker-compose-additions.yml => ocis.yml} (97%) rename deployments/examples/ocis_wopi/{onlyoffice/docker-compose-additions.yml => onlyoffice.yml} (100%) rename deployments/examples/ocis_wopi/{tika/docker-compose-additions.yml => tika.yml} (100%) rename deployments/examples/ocis_wopi/{wopi/docker-compose-additions.yml => wopiserver.yml} (100%) diff --git a/deployments/examples/ocis_wopi/.env b/deployments/examples/ocis_wopi/.env index f995a3384fc..f162f516555 100644 --- a/deployments/examples/ocis_wopi/.env +++ b/deployments/examples/ocis_wopi/.env @@ -1,20 +1,5 @@ -# DO NOT DELETE OR CHANGE THE FOLLOWING LIST -# except you add or remove a service -# this list prevents the compose warning: -# ..."variable is not set. Defaulting to a blank string." - -OCIS= -TIKA= -WOPISERVER= -COLLABORA= -MONITORING= -COMPANION= -ONLYOFFICE= -INBUCKET= - - # Define the docker compose log driver used. -# Do not change until you know what you are doing. +# Defaults to local LOG_DRIVER= # If you're on an internet facing server. comment out following line. @@ -41,9 +26,8 @@ TRAEFIK_BASIC_AUTH_USERS= # Needs only be changed if this is a public facing server. TRAEFIK_ACME_MAIL= -# Defaults to "https://acme-v02.api.letsencrypt.org/directory". # Set to the following for testing to check the certificate process: -# "https://acme-staging-v02.api.letsencrypt.org/directory" +# "https://acme-staging-v02.api.letsencrypt.org/directory" # With staging configured, there will be an SSL error in the browser. # When certificates are displayed and are emitted by # "Fake LE Intermediate X1", # the process went well and the envvar can be reset to empty to get valid certificates. @@ -52,12 +36,12 @@ TRAEFIK_ACME_CASERVER= ### Infinite Scale Settings ### -# Beside Traefik, this service must stay enabled. -# Disable only for testing purposes. -OCIS=:ocis/docker-compose-additions.yml +# The oCIS container image. +# Defaults to "owncloud/ocis" which contains the production releases. +OCIS_DOCKER_IMAGE= # The oCIS container version. -# Defaults to "latest". It is recommended to use a stable version like 5.0.5. +# Defaults to "latest". This will point to the latest stable tag. OCIS_DOCKER_TAG= # Domain of oCIS, where you can find the frontend. @@ -109,17 +93,19 @@ SMTP_INSECURE= ### Apache Tika Content Analysis Toolkit ### # Tika (search) is enabled by default, comment if not required. -TIKA=:tika/docker-compose-additions.yml +# the leading colon is required to enable the service +TIKA=:tika.yml # Set the desired docker image tag or digest. # Defaults to "latest" -#TIKA_IMAGE= +TIKA_IMAGE= ### Wopi Server Settings ### # Wopi Server is enabled by default, comment if not required. # Note that without the wopiserver, office apps will fail to start. -WOPISERVER=:wopi/docker-compose-additions.yml +# the leading colon is required to enable the service +WOPISERVER=:wopiserver.yml # cs3org WOPI Server Version. # Defaults to "v10.5.0" @@ -137,7 +123,8 @@ WOPI_JWT_SECRET= ### Collabora Settings ### # Collabora web office is default enabled, comment if not required. -COLLABORA=:collabora/docker-compose-additions.yml +# the leading colon is required to enable the service +COLLABORA=:collabora.yml # Domain of Collabora, where you can find the frontend. # Defaults to "collabora.owncloud.test" @@ -167,8 +154,8 @@ COLLABORA_ADMIN_PASSWORD= ## Uppy Companion Settings ## - -#COMPANION=:companion/docker-compose-additions.yml +# the leading colon is required to enable the service +COMPANION=:companion.yml COMPANION_IMAGE= @@ -183,14 +170,15 @@ COMPANION_ONEDRIVE_SECRET= ## OnlyOffice Settings ## -#ONLYOFFICE=:onlyoffice/docker-compose-additions.yml +# the leading colon is required to enable the service +# ONLYOFFICE=:onlyoffice.yml # Domain for OnlyOffice. Defaults to "onlyoffice.owncloud.test" ONLYOFFICE_DOMAIN= ## Inbucket Settings ## -#INBUCKET=:inbucket/docker-compose-additions.yml +# INBUCKET=:inbucket.yml # email server (in this case inbucket acts as mail catcher) # Domain for Inbucket. Defaults to "mail.owncloud.test" @@ -209,5 +197,5 @@ INBUCKET_DOMAIN= # This MUST be the last line as it assembles the supplemental compose files to be used. # ALL supplemental configs must be added here, independent if commented or not. # Each var must either be empty or contain :path/file.yml -COMPOSE_FILE=docker-compose.yml${OCIS}${TIKA}${WOPISERVER}${COLLABORA}${MONITORING}${COMPANION}${ONLYOFFICE}${INBUCKET} +COMPOSE_FILE=docker-compose.yml:ocis.yml${TIKA:-}${WOPISERVER:-}${COLLABORA:-}${MONITORING:-}${COMPANION:-}${ONLYOFFICE:-}${INBUCKET:-} diff --git a/deployments/examples/ocis_wopi/collabora/docker-compose-additions.yml b/deployments/examples/ocis_wopi/collabora.yml similarity index 100% rename from deployments/examples/ocis_wopi/collabora/docker-compose-additions.yml rename to deployments/examples/ocis_wopi/collabora.yml diff --git a/deployments/examples/ocis_wopi/companion/docker-compose-additions.yml b/deployments/examples/ocis_wopi/companion.yml similarity index 100% rename from deployments/examples/ocis_wopi/companion/docker-compose-additions.yml rename to deployments/examples/ocis_wopi/companion.yml diff --git a/deployments/examples/ocis_wopi/inbucket/docker-compose-additions.yml b/deployments/examples/ocis_wopi/inbucket.yml similarity index 71% rename from deployments/examples/ocis_wopi/inbucket/docker-compose-additions.yml rename to deployments/examples/ocis_wopi/inbucket.yml index 8debd714e59..47e1d288985 100644 --- a/deployments/examples/ocis_wopi/inbucket/docker-compose-additions.yml +++ b/deployments/examples/ocis_wopi/inbucket.yml @@ -1,5 +1,13 @@ --- services: + ocis: + environment: + NOTIFICATIONS_SMTP_HOST: inbucket + NOTIFICATIONS_SMTP_PORT: 2500 + NOTIFICATIONS_SMTP_SENDER: oCIS notifications + NOTIFICATIONS_SMTP_USERNAME: notifications@${OCIS_DOMAIN:-ocis.owncloud.test} + NOTIFICATIONS_SMTP_INSECURE: "true" # the mail catcher uses self signed certificates + inbucket: image: inbucket/inbucket networks: diff --git a/deployments/examples/ocis_wopi/monitoring_tracing/docker-compose-additions.yml b/deployments/examples/ocis_wopi/monitoring.yml similarity index 100% rename from deployments/examples/ocis_wopi/monitoring_tracing/docker-compose-additions.yml rename to deployments/examples/ocis_wopi/monitoring.yml diff --git a/deployments/examples/ocis_wopi/ocis/docker-compose-additions.yml b/deployments/examples/ocis_wopi/ocis.yml similarity index 97% rename from deployments/examples/ocis_wopi/ocis/docker-compose-additions.yml rename to deployments/examples/ocis_wopi/ocis.yml index 4f87d92e673..b564a395c19 100644 --- a/deployments/examples/ocis_wopi/ocis/docker-compose-additions.yml +++ b/deployments/examples/ocis_wopi/ocis.yml @@ -7,7 +7,7 @@ services: - ${OCIS_DOMAIN:-ocis.owncloud.test} ocis: - image: owncloud/ocis:${OCIS_DOCKER_TAG:-latest} + image: ${OCIS_DOCKER_IMAGE:-owncloud/ocis}:${OCIS_DOCKER_TAG:-latest} networks: - ocis-net entrypoint: diff --git a/deployments/examples/ocis_wopi/onlyoffice/docker-compose-additions.yml b/deployments/examples/ocis_wopi/onlyoffice.yml similarity index 100% rename from deployments/examples/ocis_wopi/onlyoffice/docker-compose-additions.yml rename to deployments/examples/ocis_wopi/onlyoffice.yml diff --git a/deployments/examples/ocis_wopi/tika/docker-compose-additions.yml b/deployments/examples/ocis_wopi/tika.yml similarity index 100% rename from deployments/examples/ocis_wopi/tika/docker-compose-additions.yml rename to deployments/examples/ocis_wopi/tika.yml diff --git a/deployments/examples/ocis_wopi/wopi/docker-compose-additions.yml b/deployments/examples/ocis_wopi/wopiserver.yml similarity index 100% rename from deployments/examples/ocis_wopi/wopi/docker-compose-additions.yml rename to deployments/examples/ocis_wopi/wopiserver.yml From 4ab23b0df5e7852a6f8541af9661cc2e5cdf831a Mon Sep 17 00:00:00 2001 From: Michael Barz Date: Thu, 20 Jun 2024 13:58:19 +0200 Subject: [PATCH 4/4] feat: make ocis selectable --- deployments/examples/ocis_wopi/.env | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/deployments/examples/ocis_wopi/.env b/deployments/examples/ocis_wopi/.env index f162f516555..7cb9dde4ef0 100644 --- a/deployments/examples/ocis_wopi/.env +++ b/deployments/examples/ocis_wopi/.env @@ -36,6 +36,10 @@ TRAEFIK_ACME_CASERVER= ### Infinite Scale Settings ### +# Beside Traefik, this service must stay enabled. +# Disable only for testing purposes. +OCIS=:ocis.yml + # The oCIS container image. # Defaults to "owncloud/ocis" which contains the production releases. OCIS_DOCKER_IMAGE= @@ -197,5 +201,5 @@ INBUCKET_DOMAIN= # This MUST be the last line as it assembles the supplemental compose files to be used. # ALL supplemental configs must be added here, independent if commented or not. # Each var must either be empty or contain :path/file.yml -COMPOSE_FILE=docker-compose.yml:ocis.yml${TIKA:-}${WOPISERVER:-}${COLLABORA:-}${MONITORING:-}${COMPANION:-}${ONLYOFFICE:-}${INBUCKET:-} +COMPOSE_FILE=docker-compose.yml${OCIS:-}${TIKA:-}${WOPISERVER:-}${COLLABORA:-}${MONITORING:-}${COMPANION:-}${ONLYOFFICE:-}${INBUCKET:-}