feat(nextcloud): integrate Talk & Whiteboard; refactor to NEXTCLOUD_* vars; full-stack setup

config(ports): add Nextcloud websocket port (4003); canonical domains (nextcloud/talk/whiteboard) refactor: unify get_app_conf usage & Jinja spacing; migrate paths/handlers to new NEXTCLOUD_* vars feat(plugins): split plugin routines; configure Whiteboard via occ (URL + JWT) fix(oidc): use NEXTCLOUD_URL for logout; correct LDAP attribute mappings; add OIDC flavor switch feat: Whiteboard container & reverse-proxy location; Talk STUN/WS ports; Redis URL for Whiteboard chore: drop obsolete TODO; minor cleanups in oauth2-proxy, matrix, peertube, pgadmin, phpldapadmin, pixelfed, phpmyadmin security(schema): Bluesky jwt_secret now base64_prefixed_32; add Nextcloud whiteboard_jwt_secret db: normalize postgres image tag templating; central DB host checks spacing fixes ops: add full-stack bootstrap (certs, proxy, volumes); internal nginx config reload handler update refs: https://chatgpt.com/share/68b5f5b7-8d64-800f-b001-1241f818dc0e
2025-09-09 19:57:16 +02:00 · 2025-09-01 21:37:02 +02:00
parent 110381e80c
commit 7ca8b7c71d
48 changed files with 276 additions and 201 deletions
--- a/roles/web-app-nextcloud/templates/docker-compose.yml.j2
+++ b/roles/web-app-nextcloud/templates/docker-compose.yml.j2
@@ -1,11 +1,11 @@
 {% include 'roles/docker-compose/templates/base.yml.j2' %}

  application:
-    image: "{{ nextcloud_image }}:{{ nextcloud_version }}"
+    image: "{{ NEXTCLOUD_IMAGE }}:{{ NEXTCLOUD_VERSION }}"
    container_name: {{ NEXTCLOUD_CONTAINER }}
    volumes:
      - data:{{ NEXTCLOUD_DOCKER_WORK_DIRECTORY }}
-      - {{ nextcloud_host_config_additives_directory }}:{{ nextcloud_docker_config_additives_directory }}:ro
+      - {{ NEXTCLOUD_HOST_CONF_ADD_PATH }}:{{ NEXTCLOUD_DOCKER_CONF_ADD_PATH }}:ro
    healthcheck:
      test: ["CMD", "su", "www-data", "-s", "/bin/sh", "-c", "php {{ NEXTCLOUD_DOCKER_WORK_DIRECTORY }}occ status"]
      interval: 1m
@@ -16,25 +16,36 @@
 {% include 'roles/docker-container/templates/networks.yml.j2' %}
        ipv4_address: 192.168.102.69

-{% if nextcloud_talk_enabled %}
+{% if NEXTCLOUD_TALK_ENABLED %}
  talk:
    {% include 'roles/docker-container/templates/base.yml.j2' %}
-    image: "{{ nextcloud_talk_image }}:{{ nextcloud_talk_version }}"
-    container_name: {{ nextcloud_talk_name }}
-    hostname: hpb_yt
+    image: "{{ NEXTCLOUD_TALK_IMAGE }}:{{ NEXTCLOUD_TALK_VERSION }}"
+    container_name: {{ NEXTCLOUD_TALK_CONTAINER }}
    init: true
    ports:
-      - {{ networks.internet.ip4 }}:{{ nextcloud_talk_stun_port }}:3478/tcp #TURN TCP
-      - {{ networks.internet.ip4 }}:{{ nextcloud_talk_stun_port }}:3478/udp #TURN UDP
-      - {{ networks.internet.ip4 }}:8181:8081/tcp                           #Signaling @todo needs to be optimized
+      - {{ networks.internet.ip4 }}:{{ NEXTCLOUD_TALK_STUN_PORT }}:3478/tcp #TURN TCP
+      - {{ networks.internet.ip4 }}:{{ NEXTCLOUD_TALK_STUN_PORT }}:3478/udp #TURN UDP
+      - {{ networks.internet.ip4 }}:{{ NEXTCLOUD_TALK_WS_PORT }}:8081/tcp
    networks:
      default:
        ipv4_address: 192.168.102.68
 {% endif %}

+{% if NEXTCLOUD_WHITEBOARD_ENABLED %}
+  whiteboard:
+    {% include 'roles/docker-container/templates/base.yml.j2' %}
+    image: "{{ NEXTCLOUD_WHITEBOARD_IMAGE }}:{{ NEXTCLOUD_WHITEBOARD_VERSION }}"
+    container_name: {{ NEXTCLOUD_WHITEBOARD_CONTAINER }}
+    expose:
+      - "{{ NEXTCLOUD_WHITEBOARD_INTERNAL_PORT }}"
+    networks:
+      default:
+        ipv4_address: 192.168.102.71
+{% endif %}
+
  proxy:
-    image: "{{ nextcloud_proxy_image }}:{{ nextcloud_proxy_version }}"
-    container_name: "{{ nextcloud_proxy_name }}"
+    image: "{{ NEXTCLOUD_PROXY_IMAGE }}:{{ NEXTCLOUD_PROXY_VERSION }}"
+    container_name: "{{ NEXTCLOUD_PROXY_CONTAINER }}"
    logging:
      driver: journald
    restart: {{ DOCKER_RESTART_POLICY }}
@@ -51,8 +62,8 @@
        ipv4_address: 192.168.102.67

  cron:
-    container_name: "{{ nextcloud_cron_name }}"
-    image: "{{ nextcloud_image }}:{{ nextcloud_version }}"
+    container_name: "{{ NEXTCLOUD_CRON_CONTAINER }}"
+    image: "{{ NEXTCLOUD_IMAGE }}:{{ NEXTCLOUD_VERSION }}"
    restart: {{ DOCKER_RESTART_POLICY }}
    logging:
      driver: journald
@@ -70,6 +81,6 @@

 {% include 'roles/docker-compose/templates/volumes.yml.j2' %}
  data:
-    name: {{ nextcloud_volume }}
+    name: {{ NEXTCLOUD_VOLUME }}

 {% include 'roles/docker-compose/templates/networks.yml.j2' %}