diff --git a/roles/collabora/defaults/main.yml b/roles/collabora/defaults/main.yml index 0f490f3..f5b48c8 100644 --- a/roles/collabora/defaults/main.yml +++ b/roles/collabora/defaults/main.yml @@ -1,3 +1,28 @@ #SPDX-License-Identifier: MIT-0 --- # defaults file for collabora + +# Base directory configuration (inherited from base role or defined here) +docker_compose_base_dir: /etc/docker/compose +docker_volume_base_dir: /srv/data + +# Collabora-specific configuration +collabora_service_name: collabora +collabora_docker_compose_dir: "{{ docker_compose_base_dir }}/{{ collabora_service_name }}" + +# Service configuration +collabora_domain: "office.local.test" +collabora_image: "collabora/code:latest" +collabora_port: 9980 +collabora_extra_hosts: [] + +# Traefik configuration +collabora_traefik_network: "proxy" +collabora_use_ssl: true + +# Allowed WOPI host domains (Nextcloud, OpenCloud, etc.) +# These domains are allowed to open documents via Collabora. +# Each entry is used as a regex pattern (dots are auto-escaped). +collabora_allowed_domains: + - "nextcloud.local.test" + - "opencloud.local.test" \ No newline at end of file diff --git a/roles/collabora/handlers/main.yml b/roles/collabora/handlers/main.yml index 47ac933..bfd2b02 100644 --- a/roles/collabora/handlers/main.yml +++ b/roles/collabora/handlers/main.yml @@ -1,3 +1,8 @@ #SPDX-License-Identifier: MIT-0 --- # handlers file for collabora + +- name: restart collabora + community.docker.docker_compose_v2: + project_src: "{{ collabora_docker_compose_dir }}" + state: restarted \ No newline at end of file diff --git a/roles/collabora/tasks/main.yml b/roles/collabora/tasks/main.yml index ec3bb73..1893498 100644 --- a/roles/collabora/tasks/main.yml +++ b/roles/collabora/tasks/main.yml @@ -1,3 +1,21 @@ #SPDX-License-Identifier: MIT-0 --- # tasks file for collabora + +- name: Create docker compose directory + file: + path: "{{ collabora_docker_compose_dir }}" + state: directory + mode: '0755' + +- name: Create docker-compose file for collabora + template: + src: docker-compose.yml.j2 + dest: "{{ collabora_docker_compose_dir }}/docker-compose.yml" + mode: '0644' + notify: restart collabora + +- name: Start collabora container + community.docker.docker_compose_v2: + project_src: "{{ collabora_docker_compose_dir }}" + state: present \ No newline at end of file diff --git a/roles/collabora/templates/docker-compose.yml.j2 b/roles/collabora/templates/docker-compose.yml.j2 new file mode 100644 index 0000000..cb284fb --- /dev/null +++ b/roles/collabora/templates/docker-compose.yml.j2 @@ -0,0 +1,36 @@ +services: + collabora: + image: {{ collabora_image }} + container_name: {{ collabora_service_name }} + restart: unless-stopped + environment: + domain: {{ collabora_allowed_domains | map('replace', '.', '\\.') | map('regex_replace', '^(.*)$', '^\\1$$') | join('|') }} + extra_params: >- + --o:ssl.enable=false + --o:ssl.termination=true + --o:net.frame_ancestors={{ collabora_allowed_domains | map('regex_replace', '^(.*)$', 'https://\\1') | join(' ') }} + cap_add: + - MKNOD + networks: + - {{ collabora_traefik_network }} +{% if collabora_extra_hosts is defined and collabora_extra_hosts | length > 0 %} + extra_hosts: +{% for host in collabora_extra_hosts %} + - "{{ host }}" +{% endfor %} +{% endif %} + labels: + - traefik.enable=true + - traefik.docker.network={{ collabora_traefik_network }} + - traefik.http.routers.{{ collabora_service_name }}.rule=Host(`{{ collabora_domain }}`) + - traefik.http.services.{{ collabora_service_name }}.loadbalancer.server.port={{ collabora_port }} +{% if collabora_use_ssl %} + - traefik.http.routers.{{ collabora_service_name }}.entrypoints=websecure + - traefik.http.routers.{{ collabora_service_name }}.tls=true +{% else %} + - traefik.http.routers.{{ collabora_service_name }}.entrypoints=web +{% endif %} + +networks: + {{ collabora_traefik_network }}: + external: true \ No newline at end of file diff --git a/roles/nextcloud/defaults/main.yml b/roles/nextcloud/defaults/main.yml index 1aa4ea3..7110ca5 100644 --- a/roles/nextcloud/defaults/main.yml +++ b/roles/nextcloud/defaults/main.yml @@ -27,8 +27,6 @@ nextcloud_use_ssl: true nextcloud_enable_collabora: true nextcloud_collabora_domain: "office.local.test" -nextcloud_collabora_service_name: collabora -nextcloud_collabora_image: collabora/code:latest nextcloud_collabora_disable_cert_verification: false nextcloud_use_s3_storage: false diff --git a/roles/nextcloud/templates/docker-compose.yml.j2 b/roles/nextcloud/templates/docker-compose.yml.j2 index b8a8a4d..3ae9fd5 100644 --- a/roles/nextcloud/templates/docker-compose.yml.j2 +++ b/roles/nextcloud/templates/docker-compose.yml.j2 @@ -109,34 +109,6 @@ services: {% endfor %} {% endif %} -{% if nextcloud_enable_collabora %} - collabora: - image: {{ nextcloud_collabora_image }} - restart: always - environment: - domain: ^{{ nextcloud_domain | replace('.', '\\.') }}$ - extra_params: >- - --o:ssl.enable=false - --o:ssl.termination=true - --o:net.frame_ancestors=https://{{ nextcloud_domain }} - cap_add: - - MKNOD - networks: - - {{ nextcloud_traefik_network }} - labels: - - traefik.enable=true - - traefik.docker.network={{ nextcloud_traefik_network }} - - traefik.http.routers.{{ nextcloud_collabora_service_name }}.rule=Host(`{{ nextcloud_collabora_domain }}`) - - traefik.http.services.{{ nextcloud_collabora_service_name }}.loadbalancer.server.port=9980 -{% if nextcloud_use_ssl %} - - traefik.http.routers.{{ nextcloud_collabora_service_name }}.entrypoints=websecure - - traefik.http.routers.{{ nextcloud_collabora_service_name }}.tls=true -{% else %} - - traefik.http.routers.{{ nextcloud_collabora_service_name }}.entrypoints=web -{% endif %} - -{% endif %} - networks: {{ nextcloud_backend_network }}: {{ nextcloud_traefik_network }}: