Huge role refactoring/cleanup. Other commits will propably follow. Because some bugs will exist. Still important for longrun and also for auto docs/help/slideshow generation

2025-08-29 15:06:26 +02:00 · 2025-07-08 23:43:13 +02:00
parent 6b87a049d4
commit 563d5fd528
1242 changed files with 2301 additions and 1355 deletions
--- a/roles/web-app-collabora/README.md
+++ b/roles/web-app-collabora/README.md
@@ -0,0 +1,30 @@
+# Docker Collabora (DRAFT)
+
+## Description
+
+This Ansible role deploys Collabora Online (CODE) in Docker to enable real-time, in-browser document editing for Nextcloud. It automates the setup of the Collabora CODE container, Nginx reverse proxy configuration, network isolation via Docker networks, and environment variable management.
+
+## Overview
+
+* **Dockerized Collabora CODE:** Uses the official `collabora/code` image.
+* **Nginx Reverse Proxy:** Configures a public-facing proxy with TLS termination and WebSocket support for `/cool/` paths.
+* **Docker Network Management:** Creates an isolated `/28` subnet for Collabora and connects containers securely.
+* **Environment Configuration:** Generates a `.env` file with domain, credentials, and extra parameters for Collabora's WOPI server.
+
+## Features
+
+* Automatic creation of a dedicated Docker network for Collabora.
+* Proxy configuration template for Nginx with long timeouts and WebSocket upgrades.
+* Customizable domain names and ports via Ansible variables.
+* Support for SSL termination at the proxy level.
+* Integration hooks to restart Nginx and recreate Docker Compose stacks on changes.
+
+## Documentation
+
+See the role’s `README.md`, task files, and Jinja2 templates in the `roles/web-app-collabora` directory for usage examples and variable definitions.
+
+## Further Resources
+
+* [Collabora & Talk Super integration demo](https://www.youtube.com/watch?v=7cRmvTyt1ik)
+* [Collabora configuration examples archive](https://cloud.thesysadminhub.com/s/FNKyP43y35HGDTJ?dir=/&openfile=true)
+* [Official Collabora CODE website](https://www.collaboraoffice.com/code/)
--- a/roles/web-app-collabora/meta/main.yml
+++ b/roles/web-app-collabora/meta/main.yml
@@ -0,0 +1,28 @@
+---
+galaxy_info:
+  author: "Kevin Veen-Birkenbach"
+  description: "Deploy Collabora Online CODE in Docker with automated proxy, networking, and environment configuration."
+  license: "CyMaIS NonCommercial License (CNCL)"
+  license_url: "https://s.veen.world/cncl"
+  company: |
+    Kevin Veen-Birkenbach
+    Consulting & Coaching Solutions
+    https://www.veen.world
+  min_ansible_version: "2.9"
+  platforms:
+    - name: Linux
+      versions:
+        - all
+  galaxy_tags:
+    - collabora
+    - docker
+    - nginx
+    - office
+    - wopi
+    - code
+  repository: "https://s.veen.world/cymais"
+  issue_tracker_url: "https://s.veen.world/cymaisissues"
+  documentation: "https://s.veen.world/cymais/web-app-collabora"
+  logo:
+    class: "fa-solid fa-file-code"
+  run_after: []
--- a/roles/web-app-collabora/tasks/main.yml
+++ b/roles/web-app-collabora/tasks/main.yml
@@ -0,0 +1,18 @@
+- name: create nextcloud nginx proxy configuration file
+  template: 
+    src:  "nginx.conf.j2" 
+    dest: "{{nginx.directories.http.servers}}{{domains | get_domain(application_id)}}.conf"
+  notify: restart nginx
+
+- name: "Include docker-compose role"
+  include_role: 
+    name: docker-compose
+
+- name: Create Docker network for Collabora
+  docker_network:
+    name: central_mariadb
+    state: present
+    ipam_config:
+      - subnet: "{{ networks.local.collabora.subnet }}"
+  when: run_once_docker_mariadb is not defined
+
--- a/roles/web-app-collabora/templates/docker-compose.yml.j2
+++ b/roles/web-app-collabora/templates/docker-compose.yml.j2
@@ -0,0 +1,13 @@
+{% include 'roles/docker-compose/templates/base.yml.j2' %}
+
+  collabora:
+    image: collabora/code
+    container_name: collabora
+    ports:
+      - "127.0.0.1:{{ports.localhost.http[application_id]}}:80"
+
+{% include 'roles/docker-container/templates/base.yml.j2' %}
+{% include 'roles/docker-container/templates/depends_on/dmbs_excl.yml.j2' %}
+{% include 'roles/docker-container/templates/networks.yml.j2' %}
+
+{% include 'roles/docker-compose/templates/networks.yml.j2' %}
--- a/roles/web-app-collabora/templates/env.j2
+++ b/roles/web-app-collabora/templates/env.j2
@@ -0,0 +1,4 @@
+domain=nxsrv
+username=admin
+password=${COLLABRA_PASSWORD}
+extra_params=--o:ssl.enable=false --o:ssl.termination=true
--- a/roles/web-app-collabora/templates/nginx.conf.j2
+++ b/roles/web-app-collabora/templates/nginx.conf.j2
@@ -0,0 +1,15 @@
+server {
+  server_name {{domain}};
+
+  {% include 'roles/letsencrypt/templates/ssl_header.j2' %}
+
+  {% include 'roles/webserver-injector-core/templates/global.includes.conf.j2'%}
+  
+  {% include 'roles/webserver-proxy-core/templates/headers/content_security_policy.conf.j2' %}
+
+  {% include 'roles/webserver-proxy-core/templates/location/proxy_basic.conf.j2' %}
+
+  {% set location = '^~ /cool/' %}
+  
+  {% include 'roles/webserver-proxy-core/templates/location/proxy_basic.conf.j2' %}
+}
--- a/roles/web-app-collabora/vars/configuration.yml
+++ b/roles/web-app-collabora/vars/configuration.yml
@@ -0,0 +1,9 @@
+domains:
+  canonical:
+    - "collabora.{{ primary_domain }}"
+docker:
+  services:
+    redis:
+      enabled: true
+    database: 
+      enabled: false # May this is wrong. Just set during refactoring
--- a/roles/web-app-collabora/vars/main.yml
+++ b/roles/web-app-collabora/vars/main.yml
@@ -0,0 +1,2 @@
+---
+application_id: collabora