Different optimations for collabora

2025-08-26 21:45:20 +02:00 · 2025-08-20 08:34:12 +02:00 · 2025-08-20 08:34:12 +02:00 · 9cfb8f3a60
commit 9cfb8f3a60
parent 3e5344a46c
8 changed files with 42 additions and 12 deletions
--- a/roles/web-app-nextcloud/config/main.yml
+++ b/roles/web-app-nextcloud/config/main.yml
@ -10,6 +10,7 @@ server:
      font-src:
        - "data:"
      connect-src:
        - "wss://collabora.{{ PRIMARY_DOMAIN }}"
        - "{{ WEB_PROTOCOL }}://collabora.{{ PRIMARY_DOMAIN }}"
      frame-src:
        - "{{ WEB_PROTOCOL }}://collabora.{{ PRIMARY_DOMAIN }}"
--- a/roles/web-app-nextcloud/tasks/main.yml
+++ b/roles/web-app-nextcloud/tasks/main.yml
@ -5,8 +5,9 @@
  vars:
    flush_handlers: true
  when:    
-  - run_once_web_svc_collabora is not defined
+    - run_once_web_svc_collabora is not defined
-  - NEXTCLOUD_COLLABORA_ENABLED
+    - NEXTCLOUD_COLLABORA_ENABLED | bool
 - name: "include role for {{ application_id }} to receive certs & do modification routines"
  include_role:
@ -59,7 +60,6 @@
 - name: Load system configuration steps
  include_tasks: "{{ item }}"
  loop:
    - 02_upgrade.yml
    - 03_admin.yml
    - 04_system_config.yml
--- a/roles/web-app-nextcloud/tasks/plugins/user_ldap.yml
+++ b/roles/web-app-nextcloud/tasks/plugins/user_ldap.yml
@ -3,4 +3,7 @@
 - name: Set Nextcloud LDAP bind password
  command: >
-    {{ NEXTCLOUD_DOCKER_EXEC_OCC }} ldap:set-config s01 ldapAgentPassword "{{ ldap.bind_credential }}"
+    {{ NEXTCLOUD_DOCKER_EXEC_OCC }} ldap:set-config s01 ldapAgentPassword "{{ ldap.bind_credential }}"
  async: "{{ ASYNC_TIME if ASYNC_ENABLED | bool else omit }}"
  poll:  "{{ ASYNC_POLL if ASYNC_ENABLED | bool else omit }}"
  no_log: "{{ MASK_CREDENTIALS_IN_LOGS | bool }}"
--- a/roles/web-app-nextcloud/vars/main.yml
+++ b/roles/web-app-nextcloud/vars/main.yml
@ -68,4 +68,5 @@ nextcloud_docker_include_instructions_file:     "/tmp/includes.php"
 ## Execution
 NEXTCLOUD_DOCKER_EXEC:                          "docker exec -u {{ NEXTCLOUD_DOCKER_USER }} {{ NEXTCLOUD_CONTAINER }}" # General execute composition
-NEXTCLOUD_DOCKER_EXEC_OCC:                      "{{NEXTCLOUD_DOCKER_EXEC}} {{ NEXTCLOUD_DOCKER_WORK_DIRECTORY }}occ"   # Execute docker occ command
+NEXTCLOUD_DOCKER_EXEC_OCC:                      "{{NEXTCLOUD_DOCKER_EXEC}} {{ NEXTCLOUD_DOCKER_WORK_DIRECTORY }}occ"   # Execute docker occ command
 # NEXTCLOUD_COLLOBORA_CONF_EXEC:                  "docker exec {{ applications | get_app_conf('web-svc-collabora', 'docker.services.collabora.name') }} coolconfig"
--- a/roles/web-svc-collabora/tasks/01_core.yml
+++ b/roles/web-svc-collabora/tasks/01_core.yml
@ -0,0 +1,20 @@
 - name: Update Collabora systemplate to include new fonts
  command: "{{ COLLABORA_DOCKER_CONF_EXEC }} update-system-template"
  register: collabora_fonts
  changed_when: >
    (not ASYNC_ENABLED | bool )
    and
    ('updated' in (collabora_fonts.stdout | default('')))
  async: "{{ ASYNC_TIME  if (ASYNC_ENABLED | default(false) | bool) else omit }}"
  poll:  "{{ ASYNC_POLL if (ASYNC_ENABLED | default(false) | bool) else omit }}"
  when: MODE_UPDATE | bool
 - name: Allow Nextcloud host IP for Collabora preview conversion
  command: "{{ COLLABORA_DOCKER_CONF_EXEC }} set net.post_allow.host {{ networks.internet.ip4 }}"
  register: collabora_preview
  changed_when: >
    (not ASYNC_ENABLED | bool )
    and
    ('already present' not in (collabora_preview.stdout | default('')))
  async: "{{ ASYNC_TIME if ASYNC_ENABLED | bool else omit }}"
  poll:  "{{ ASYNC_POLL if ASYNC_ENABLED | bool else omit }}"
--- a/roles/web-svc-collabora/tasks/main.yml
+++ b/roles/web-svc-collabora/tasks/main.yml
@ -2,5 +2,9 @@
  - name: "load docker, proxy for '{{ application_id }}'"
    include_role:
      name: cmp-docker-proxy
    vars:
      docker_compose_flush_handlers: true
  - name: "Load core functions for '{{ application_id }}'"
    include_tasks: 01_core.yml
  - include_tasks: utils/run_once.yml
  when: run_once_web_svc_collabora is not defined
--- a/roles/web-svc-collabora/templates/env.j2
+++ b/roles/web-svc-collabora/templates/env.j2
@ -1,4 +1,2 @@
-domain={{ (domains | get_domain('web-app-nextcloud')) | regex_replace('\\.', '\\\\.') }}
+domain={{ COLLABORA_ALLOWED_DOMAINS }}
-{# username=admin #}
+extra_params=--o:ssl.enable=false --o:ssl.termination=true --o:net.service_root=/ --o:net.wopi_allowed_hosts={{ COLLABORA_ALLOWED_HOSTS }}
 {# password={{ applications | get_app_conf('web-svc-collabora', 'credentials.admin_password', False, 'ChangeMe!') }}" #}
 extra_params=--o:ssl.enable=false --o:ssl.termination=true
--- a/roles/web-svc-collabora/vars/main.yml
+++ b/roles/web-svc-collabora/vars/main.yml
@ -6,6 +6,9 @@ container_port:         9980
 container_healthcheck:  "/hosting/discovery"
 # Collabora
-COLLABORA_CONTAINER:  "{{ applications | get_app_conf(application_id, 'docker.services.collabora.name') }}"
+COLLABORA_CONTAINER:        "{{ applications | get_app_conf(application_id, 'docker.services.collabora.name') }}"
-COLLABORA_IMAGE:      "{{ applications | get_app_conf(application_id, 'docker.services.collabora.image') }}"
+COLLABORA_IMAGE:            "{{ applications | get_app_conf(application_id, 'docker.services.collabora.image') }}"
-COLLABORA_VERSION:    "{{ applications | get_app_conf(application_id, 'docker.services.collabora.version') }}"
+COLLABORA_VERSION:          "{{ applications | get_app_conf(application_id, 'docker.services.collabora.version') }}"
 COLLABORA_DOCKER_CONF_EXEC: "docker exec {{ COLLABORA_CONTAINER }} coolconfig"
 COLLABORA_ALLOWED_DOMAINS:  "(.*\\.|){{ PRIMARY_DOMAIN | regex_replace('\\.', '\\\\.') }}"
 COLLABORA_ALLOWED_HOSTS:    "{{ domains | get_domain('web-app-nextcloud') }}"