diff --git a/roles/web-app-nextcloud/config/main.yml b/roles/web-app-nextcloud/config/main.yml index 8cd2eed7..458212f0 100644 --- a/roles/web-app-nextcloud/config/main.yml +++ b/roles/web-app-nextcloud/config/main.yml @@ -42,6 +42,7 @@ docker: data: nextcloud_data whiteboard_tmp: nextcloud_whiteboard_tmp whiteboard_fontcache: nextcloud_whiteboard_fontcache + talk_recording_tmp: nextcloud_talk_recording_tmp services: redis: enabled: true diff --git a/roles/web-app-nextcloud/templates/docker-compose.yml.j2 b/roles/web-app-nextcloud/templates/docker-compose.yml.j2 index f43274ea..2d5d2699 100644 --- a/roles/web-app-nextcloud/templates/docker-compose.yml.j2 +++ b/roles/web-app-nextcloud/templates/docker-compose.yml.j2 @@ -129,9 +129,10 @@ networks: default: ipv4_address: 192.168.102.72 + volumes: + - talk_recording_tmp:/tmp {% endif %} - {% include 'roles/docker-compose/templates/volumes.yml.j2' %} data: name: {{ NEXTCLOUD_VOLUME }} @@ -141,5 +142,9 @@ whiteboard_fontcache: name: {{ NEXTCLOUD_WHITEBOARD_FRONTCACHE_VOLUME }} {% endif %} +{% if NEXTCLOUD_RECORDING_ENABLED | bool %} + talk_recording_tmp: + name: {{ NEXTCLOUD_RECORDING_TMP_VOLUME }} +{% endif %} {% include 'roles/docker-compose/templates/networks.yml.j2' %} diff --git a/roles/web-app-nextcloud/templates/env.j2 b/roles/web-app-nextcloud/templates/env.j2 index 993d4a0a..9948d1a5 100644 --- a/roles/web-app-nextcloud/templates/env.j2 +++ b/roles/web-app-nextcloud/templates/env.j2 @@ -62,7 +62,6 @@ STORAGE_STRATEGY=redis REDIS_URL=redis://redis:6379/0 # Chromium (headless) hardening for Whiteboard CHROMIUM_FLAGS=--headless=new --no-sandbox --disable-gpu --disable-dev-shm-usage --use-gl=swiftshader --disable-software-rasterizer -# Falls das Image Chromium mitbringt – Pfad meistens /usr/bin/chromium oder /usr/bin/chromium-browser: PUPPETEER_EXECUTABLE_PATH=/usr/bin/chromium PUPPETEER_SKIP_DOWNLOAD=true {% endif %} \ No newline at end of file diff --git a/roles/web-app-nextcloud/vars/main.yml b/roles/web-app-nextcloud/vars/main.yml index 31231537..3ad706ef 100644 --- a/roles/web-app-nextcloud/vars/main.yml +++ b/roles/web-app-nextcloud/vars/main.yml @@ -141,6 +141,7 @@ NEXTCLOUD_RECORDING_VERSION: "{{ applications | get_app_conf(applic NEXTCLOUD_RECORDING_ENABLED: "{{ NEXTCLOUD_HPB_PLUGIN_ENABLED }}" NEXTCLOUD_RECORDING_PORT: 1234 NEXTCLOUD_RECORDING_SECRET: "{{ applications | get_app_conf(application_id, 'credentials.talk_recording_secret') }}" +NEXTCLOUD_RECORDING_TMP_VOLUME: "{{ applications | get_app_conf(application_id, 'docker.volumes.talk_recording_tmp') }}" ### Collabora NEXTCLOUD_COLLABORA_URL: "{{ domains | get_url('web-svc-collabora', WEB_PROTOCOL) }}" diff --git a/roles/web-svc-onlyoffice/config/main.yml b/roles/web-svc-onlyoffice/config/main.yml index 7ba895f9..232171be 100644 --- a/roles/web-svc-onlyoffice/config/main.yml +++ b/roles/web-svc-onlyoffice/config/main.yml @@ -22,9 +22,9 @@ server: docker: services: redis: - enabled: false + enabled: true database: - enabled: false + enabled: true onlyoffice: image: "onlyoffice/documentserver" version: "latest" @@ -33,6 +33,19 @@ docker: mem_reservation: "1g" mem_limit: "2g" pids_limit: 2048 + volumes: + data: onlyoffice_data # /var/www/onlyoffice/Data + logs: onlyoffice_logs # /var/log/onlyoffice + fonts: onlyoffice_fonts # /usr/share/fonts/truetype/custom + lib: onlyoffice_lib # /var/lib/onlyoffice + rabbitmqdata: onlyoffice_rabbitmqdata # /var/lib/rabbitmq + + # The redis and db volume are just dummy volumes and aren't used + pgdata: onlyoffice_pgdata # /var/lib/postgresql + redisdata: onlyoffice_redisdata # /var/lib/redis features: - logout: false - desktop: true + logout: false + desktop: true + matomo: true + css: true + central_database: true diff --git a/roles/web-svc-onlyoffice/tasks/01_core.yml b/roles/web-svc-onlyoffice/tasks/01_core.yml index fa6be069..225e566a 100644 --- a/roles/web-svc-onlyoffice/tasks/01_core.yml +++ b/roles/web-svc-onlyoffice/tasks/01_core.yml @@ -1,6 +1,6 @@ -- name: "Load core functions for '{{ application_id }}'" +- name: "load docker, db and proxy for {{ application_id }}" include_role: - name: sys-stk-full-stateless + name: sys-stk-full-stateful vars: docker_compose_flush_handlers: true docker_compose_file_creation_enabled: true diff --git a/roles/web-svc-onlyoffice/templates/docker-compose.yml.j2 b/roles/web-svc-onlyoffice/templates/docker-compose.yml.j2 index b24ff250..479364db 100644 --- a/roles/web-svc-onlyoffice/templates/docker-compose.yml.j2 +++ b/roles/web-svc-onlyoffice/templates/docker-compose.yml.j2 @@ -8,5 +8,30 @@ - "127.0.0.1:{{ http_port }}:{{ container_port }}" {% include 'roles/docker-container/templates/healthcheck/curl.yml.j2' %} {% include 'roles/docker-container/templates/networks.yml.j2' %} + volumes: + - data:/var/www/onlyoffice/Data + - logs:/var/log/onlyoffice + - fonts:/usr/share/fonts/truetype/custom + - lib:/var/lib/onlyoffice + - pgdata:/var/lib/postgresql + - redisdata:/var/lib/redis + - rabbitmqdata:/var/lib/rabbitmq +{% include 'roles/docker-container/templates/depends_on/dmbs_excl.yml.j2' %} {% include 'roles/docker-compose/templates/networks.yml.j2' %} + +{% include 'roles/docker-compose/templates/volumes.yml.j2' %} + data: + name: {{ ONLYOFFICE_VOLUME_DATA }} + logs: + name: {{ ONLYOFFICE_VOLUME_LOGS }} + fonts: + name: {{ ONLYOFFICE_VOLUME_FONTS }} + lib: + name: {{ ONLYOFFICE_VOLUME_LIB }} + pgdata: + name: {{ ONLYOFFICE_VOLUME_PGDATA }} + redisdata: + name: {{ ONLYOFFICE_VOLUME_REDIS }} + rabbitmqdata: + name: {{ ONLYOFFICE_VOLUME_RABBITMQ }} diff --git a/roles/web-svc-onlyoffice/templates/env.j2 b/roles/web-svc-onlyoffice/templates/env.j2 index 1ae4cda2..9491696d 100644 --- a/roles/web-svc-onlyoffice/templates/env.j2 +++ b/roles/web-svc-onlyoffice/templates/env.j2 @@ -1,3 +1,16 @@ +# ONLYOFFICE external PostgreSQL settings +DB_TYPE={{ database_type }} +DB_HOST={{ database_host }} +DB_PORT={{ database_port }} +DB_NAME={{ database_name }} +DB_USER={{ database_username }} +DB_PWD={{ database_password }} + +# Redis +REDIS_SERVER_HOST=redis +REDIS_SERVER_PORT=6379 +# AMQP_URI=amqp://user:password@rabbitmq.example.internal:5672/onlyoffice + JWT_ENABLED=true JWT_SECRET={{ ONLYOFFICE_JWT_SECRET }} JWT_HEADER=Authorization diff --git a/roles/web-svc-onlyoffice/vars/main.yml b/roles/web-svc-onlyoffice/vars/main.yml index ce2502ea..be055e15 100644 --- a/roles/web-svc-onlyoffice/vars/main.yml +++ b/roles/web-svc-onlyoffice/vars/main.yml @@ -1,12 +1,22 @@ --- +# General application_id: web-svc-onlyoffice - +database_type: "postgres" domain: "{{ domains | get_domain(application_id) }}" http_port: "{{ ports.localhost.http[application_id] }}" - container_port: 80 # OnlyOffice DocumentServer Standardport +# ONLYOFFICE ONLYOFFICE_CONTAINER: "{{ applications | get_app_conf(application_id, 'docker.services.onlyoffice.name') }}" ONLYOFFICE_IMAGE: "{{ applications | get_app_conf(application_id, 'docker.services.onlyoffice.image') }}" ONLYOFFICE_VERSION: "{{ applications | get_app_conf(application_id, 'docker.services.onlyoffice.version') }}" -ONLYOFFICE_JWT_SECRET: "{{ applications | get_app_conf(application_id, 'credentials.onlyoffice_jwt_secret') }}" \ No newline at end of file +ONLYOFFICE_JWT_SECRET: "{{ applications | get_app_conf(application_id, 'credentials.onlyoffice_jwt_secret') }}" + +## Volumes +ONLYOFFICE_VOLUME_DATA: "{{ applications | get_app_conf(application_id, 'docker.volumes.data') }}" +ONLYOFFICE_VOLUME_LOGS: "{{ applications | get_app_conf(application_id, 'docker.volumes.logs') }}" +ONLYOFFICE_VOLUME_FONTS: "{{ applications | get_app_conf(application_id, 'docker.volumes.fonts') }}" +ONLYOFFICE_VOLUME_LIB: "{{ applications | get_app_conf(application_id, 'docker.volumes.lib') }}" +ONLYOFFICE_VOLUME_PGDATA: "{{ applications | get_app_conf(application_id, 'docker.volumes.pgdata') }}" +ONLYOFFICE_VOLUME_REDIS: "{{ applications | get_app_conf(application_id, 'docker.volumes.redisdata') }}" +ONLYOFFICE_VOLUME_RABBITMQ: "{{ applications | get_app_conf(application_id, 'docker.volumes.rabbitmqdata') }}" \ No newline at end of file