chore: ensure we can use the same collabora instance for multiple cloud instances

Signed-off-by: Bert-Jan Fikse <bert-jan@whatwedo.ch>

roles/opencloud/defaults/main.yml

@@ -41,5 +41,10 @@ opencloud_s3_access_key: ""
 opencloud_s3_secret_key: ""
 opencloud_s3_bucket: "opencloud"
 
+# Collabora integration (set opencloud_collabora_domain to enable)
+opencloud_collabora_domain: ""
+opencloud_wopi_domain: ""
+opencloud_collabora_insecure: true
+
 # CSP configuration (extra URLs to allow in connect-src)
 opencloud_csp_extra_connect_src: []

roles/opencloud/templates/docker-compose.yml.j2

@@ -7,8 +7,8 @@ services:
       - /bin/sh
     command: ["-c", "opencloud init || true; opencloud server"]
     volumes:
-      - {{ opencloud_docker_volume_dir }}/config:/etc/ocis
-      - {{ opencloud_docker_volume_dir }}/data:/var/lib/ocis
+      - {{ opencloud_docker_volume_dir }}/config:/etc/opencloud
+      - {{ opencloud_docker_volume_dir }}/data:/var/lib/opencloud
     environment:
 {% if opencloud_use_ssl %}
       OC_URL: "https://{{ opencloud_domain }}"
@@ -19,7 +19,7 @@ services:
       OC_LOG_LEVEL: "{{ opencloud_log_level }}"
       PROXY_TLS: "false"
 {% if opencloud_csp_extra_connect_src | length > 0 %}
-      PROXY_CSP_CONFIG_FILE_OVERRIDE_LOCATION: "/etc/ocis/csp-override.yaml"
+      PROXY_CSP_CONFIG_FILE_OVERRIDE_LOCATION: "/etc/opencloud/csp-override.yaml"
 {% endif %}
       IDM_ADMIN_PASSWORD: "{{ opencloud_admin_password }}"
 {% if opencloud_oidc_issuer %}
@@ -43,6 +43,19 @@ services:
       STORAGE_USERS_DECOMPOSEDS3_ACCESS_KEY: "{{ opencloud_s3_access_key }}"
       STORAGE_USERS_DECOMPOSEDS3_SECRET_KEY: "{{ opencloud_s3_secret_key }}"
       STORAGE_USERS_DECOMPOSEDS3_BUCKET: "{{ opencloud_s3_bucket }}"
+{% endif %}
+{% if opencloud_collabora_domain %}
+      OC_ADD_RUN_SERVICES: "collaboration"
+      COLLABORA_DOMAIN: "{{ opencloud_collabora_domain }}"
+      COLLABORATION_APP_NAME: "CollaboraOnline"
+      COLLABORATION_APP_PRODUCT: "Collabora"
+      COLLABORATION_APP_ADDR: "https://{{ opencloud_collabora_domain }}"
+      COLLABORATION_APP_INSECURE: "{{ opencloud_collabora_insecure | string | lower }}"
+      COLLABORATION_APP_PROOF_DISABLE: "{{ opencloud_collabora_insecure | string | lower }}"
+      COLLABORATION_CS3API_DATAGATEWAY_INSECURE: "{{ opencloud_collabora_insecure | string | lower }}"
+      COLLABORATION_HTTP_ADDR: "0.0.0.0:9300"
+      COLLABORATION_WOPI_SRC: "https://{{ opencloud_wopi_domain }}"
+      FRONTEND_APP_HANDLER_SECURE_VIEW_APP_ADDR: "eu.opencloud.api.collaboration"
 {% endif %}
     networks:
       - {{ opencloud_traefik_network }}
@@ -63,6 +76,18 @@ services:
       - traefik.http.routers.{{ opencloud_service_name }}.entrypoints=web
 {% endif %}
       - traefik.http.services.{{ opencloud_service_name }}.loadbalancer.server.port={{ opencloud_port }}
+{% if opencloud_collabora_domain %}
+      - traefik.http.routers.{{ opencloud_service_name }}.service={{ opencloud_service_name }}
+      - traefik.http.routers.{{ opencloud_service_name }}-wopi.rule=Host(`{{ opencloud_wopi_domain }}`)
+      - traefik.http.routers.{{ opencloud_service_name }}-wopi.service={{ opencloud_service_name }}-wopi
+      - traefik.http.services.{{ opencloud_service_name }}-wopi.loadbalancer.server.port=9300
+{% if opencloud_use_ssl %}
+      - traefik.http.routers.{{ opencloud_service_name }}-wopi.entrypoints=websecure
+      - traefik.http.routers.{{ opencloud_service_name }}-wopi.tls=true
+{% else %}
+      - traefik.http.routers.{{ opencloud_service_name }}-wopi.entrypoints=web
+{% endif %}
+{% endif %}
 
 networks:
   {{ opencloud_traefik_network }}: