Added Collabora draft for nextcloud

2025-10-31 02:10:05 +00:00 · 2025-06-19 00:56:28 +02:00
parent ae25673853
commit 94dd57d5cd
15 changed files with 150 additions and 1 deletions
--- a/roles/docker-collabora/README.md
+++ b/roles/docker-collabora/README.md
@@ -0,0 +1,30 @@
+# Docker Collabora (DRAFT)
+
+## Description
+
+This Ansible role deploys Collabora Online (CODE) in Docker to enable real-time, in-browser document editing for Nextcloud. It automates the setup of the Collabora CODE container, Nginx reverse proxy configuration, network isolation via Docker networks, and environment variable management.
+
+## Overview
+
+* **Dockerized Collabora CODE:** Uses the official `collabora/code` image.
+* **Nginx Reverse Proxy:** Configures a public-facing proxy with TLS termination and WebSocket support for `/cool/` paths.
+* **Docker Network Management:** Creates an isolated `/28` subnet for Collabora and connects containers securely.
+* **Environment Configuration:** Generates a `.env` file with domain, credentials, and extra parameters for Collabora's WOPI server.
+
+## Features
+
+* Automatic creation of a dedicated Docker network for Collabora.
+* Proxy configuration template for Nginx with long timeouts and WebSocket upgrades.
+* Customizable domain names and ports via Ansible variables.
+* Support for SSL termination at the proxy level.
+* Integration hooks to restart Nginx and recreate Docker Compose stacks on changes.
+
+## Documentation
+
+See the role’s `README.md`, task files, and Jinja2 templates in the `roles/docker-collabora` directory for usage examples and variable definitions.
+
+## Further Resources
+
+* [Collabora & Talk Super integration demo](https://www.youtube.com/watch?v=7cRmvTyt1ik)
+* [Collabora configuration examples archive](https://cloud.thesysadminhub.com/s/FNKyP43y35HGDTJ?dir=/&openfile=true)
+* [Official Collabora CODE website](https://www.collaboraoffice.com/code/)
--- a/roles/docker-collabora/meta/main.yml
+++ b/roles/docker-collabora/meta/main.yml
@@ -0,0 +1,28 @@
+---
+galaxy_info:
+  author: "Kevin Veen-Birkenbach"
+  description: "Deploy Collabora Online CODE in Docker with automated proxy, networking, and environment configuration."
+  license: "CyMaIS NonCommercial License (CNCL)"
+  license_url: "https://s.veen.world/cncl"
+  company: |
+    Kevin Veen-Birkenbach
+    Consulting & Coaching Solutions
+    https://www.veen.world
+  min_ansible_version: "2.9"
+  platforms:
+    - name: Linux
+      versions:
+        - all
+  galaxy_tags:
+    - collabora
+    - docker
+    - nginx
+    - office
+    - wopi
+    - code
+  repository: "https://s.veen.world/cymais"
+  issue_tracker_url: "https://s.veen.world/cymaisissues"
+  documentation: "https://s.veen.world/cymais/docker-collabora"
+  logo:
+    class: "fa-solid fa-file-code"
+  run_after: []
--- a/roles/docker-collabora/tasks/main.yml
+++ b/roles/docker-collabora/tasks/main.yml
@@ -0,0 +1,20 @@
+- name: create nextcloud nginx proxy configuration file
+  template: 
+    src:  "nginx.conf.j2" 
+    dest: "{{nginx.directories.http.servers}}{{domains | get_domain(application_id)}}.conf"
+  notify: restart nginx
+
+- name: "Include docker-compose role"
+  include_role: 
+    name: docker-compose
+
+- name: Create Docker network for Collabora
+  docker_network:
+    name: central_mariadb
+    state: present
+    ipam_config:
+      - subnet: "{{ networks.local.collabora.subnet }}"
+  when: run_once_docker_mariadb is not defined
+
+- include_tasks: "{{ playbook_dir }}/roles/docker-compose/tasks/create-files.yml"
+
--- a/roles/docker-collabora/templates/docker-compose.yml.j2
+++ b/roles/docker-collabora/templates/docker-compose.yml.j2
@@ -0,0 +1,15 @@
+services:
+
+{% include 'templates/docker/services/redis.yml.j2' %}
+
+  collabora:
+    image: collabora/code
+    container_name: collabora
+    ports:
+      - "127.0.0.1:{{ports.localhost.http[application_id]}}:80"
+
+{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'templates/docker/container/depends-on-database-redis.yml.j2' %}
+{% include 'templates/docker/container/networks.yml.j2' %}
+
+{% include 'templates/docker/compose/networks.yml.j2' %}
--- a/roles/docker-collabora/templates/env.j2
+++ b/roles/docker-collabora/templates/env.j2
@@ -0,0 +1,4 @@
+domain=nxsrv
+username=admin
+password=${COLLABRA_PASSWORD}
+extra_params=--o:ssl.enable=false --o:ssl.termination=true
--- a/roles/docker-collabora/templates/nginx.conf.j2
+++ b/roles/docker-collabora/templates/nginx.conf.j2
@@ -0,0 +1,15 @@
+server {
+  server_name {{domain}};
+
+  {% include 'roles/letsencrypt/templates/ssl_header.j2' %}
+
+  {% include 'roles/nginx-modifier-all/templates/global.includes.conf.j2'%}
+  
+  {% include 'roles/nginx-docker-reverse-proxy/templates/headers/content_security_policy.conf.j2' %}
+
+  {% include 'roles/nginx-docker-reverse-proxy/templates/location/proxy_basic.conf.j2' %}
+
+  {% set location = '^~ /cool/' %}
+  
+  {% include 'roles/nginx-docker-reverse-proxy/templates/location/proxy_basic.conf.j2' %}
+}
--- a/roles/docker-collabora/vars/configuration.yml
+++ b/roles/docker-collabora/vars/configuration.yml
@@ -0,0 +1,3 @@
+domains:
+  canonical:
+    - "collabora.{{ primary_domain }}"
--- a/roles/docker-collabora/vars/main.yml
+++ b/roles/docker-collabora/vars/main.yml
@@ -0,0 +1,2 @@
+---
+application_id: collabora
--- a/roles/docker-nextcloud/Todo.md
+++ b/roles/docker-nextcloud/Todo.md
@@ -0,0 +1,2 @@
+# Todo
+- Implement Collabora and Talk Supper . [See](https://www.youtube.com/watch?v=7cRmvTyt1ik)
--- a/roles/docker-nextcloud/meta/main.yml
+++ b/roles/docker-nextcloud/meta/main.yml
@@ -28,3 +28,7 @@ galaxy_info:
  documentation: "https://s.veen.world/cymais/docker-nextcloud"
  logo:
    class: "fa-solid fa-cloud"
+  run_after:
+    - docker-collabora
+    - docker-keycloak
+    - docker-mastodon
--- a/roles/docker-nextcloud/templates/docker-compose.yml.j2
+++ b/roles/docker-nextcloud/templates/docker-compose.yml.j2
@@ -20,6 +20,28 @@ services:
 {% include 'templates/docker/container/networks.yml.j2' %}
        ipv4_address: 192.168.102.69

+  # @Todo activate
+  #nc-talk:
+  #  image: nextcloud/aio-talk:latest
+  #  container_name: talk_hpb
+  #  hostname: hpb_yt
+  #  restart: unless-stopped
+  #  init: true
+  #  ports:
+  #    - 3478:3478/tcp #TURN TCP
+  #    - 3478:3478/udp #TURN UDP
+  #    - 8181:8081/tcp #Signaling
+  #  environment:
+  #    - NC_DOMAIN=cloud.yourdomain.tld
+  #    - TALK_HOST=signaling.yourdomain.tld
+  #    - TURN_SECRET=${TURN_SECRET}
+  #    - SIGNALING_SECRET=${SIGNALING_SECRET}
+  #    - TZ=Europe/Berlin
+  #    - TALK_PORT=3478
+  #    - INTERNAL_SECRET=${INTERNAL_SECRET}
+  #  networks:
+  #    - nxnetwork_yt
+
  web:
    image: nginx:alpine
    container_name: {{applications.nextcloud.container.proxy}}
--- a/roles/docker-nextcloud/templates/nginx/host.conf.j2
+++ b/roles/docker-nextcloud/templates/nginx/host.conf.j2
@@ -1,4 +1,4 @@
-# This is the nginx configuration file for the proxy server
+{# This is the nginx configuration file for the proxy server #}

 server
 {
--- a/roles/docker-nextcloud/vars/configuration.yml
+++ b/roles/docker-nextcloud/vars/configuration.yml
@@ -36,6 +36,7 @@ legacy_login_mask:
 container:
  application:                  "nextcloud-application"                         # Nextcloud application container name
  proxy:                        "nextcloud-web"                                 # Nextcloud Proxy Container Name
+  collabora:                    "nextcloud-collabora"                                                   
 performance:
  php:
    memory_limit:               "{{ ((ansible_memtotal_mb | int) / 30)|int }}M" # Dynamic set memory limit