lyra_phasma/opencloud-compose
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud-compose.git synced 2026-06-08 12:10:05 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'main' into oc_port_configurable

Browse Source
This commit is contained in:
chillymattster
2025-11-26 19:06:49 +01:00
parent 900a05c2c0 79782cdd5f
commit 95c03733d7
13 changed files with 79 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
.env.example
View File

@@ -56,8 +56,11 @@ TRAEFIK_SERVICES_TLS_CONFIG="tls.certresolver=letsencrypt"
# certificates: # certificates:
# - certFile: /certs/opencloud.test.crt # - certFile: /certs/opencloud.test.crt
# keyFile: /certs/opencloud.test.key # keyFile: /certs/opencloud.test.key
# stores: # stores:
# - default # default:
# defaultCertificate:
# certFile: /certs/opencloud.test.crt
# keyFile: /certs/opencloud.test.key
# #
# The certificates need to be copied into ./certs/, the absolute path inside the container is /certs/. # The certificates need to be copied into ./certs/, the absolute path inside the container is /certs/.
# You can also use TRAEFIK_CERTS_DIR=/path/on/host to set the path to the certificates directory. # You can also use TRAEFIK_CERTS_DIR=/path/on/host to set the path to the certificates directory.
@@ -66,12 +69,15 @@ TRAEFIK_ACCESS_LOG=
# Configure the log level for Traefik. # Configure the log level for Traefik.
# Possible values are "TRACE", "DEBUG", "INFO", "WARN", "ERROR", "FATAL" and "PANIC". Default is "ERROR". # Possible values are "TRACE", "DEBUG", "INFO", "WARN", "ERROR", "FATAL" and "PANIC". Default is "ERROR".
TRAEFIK_LOG_LEVEL= TRAEFIK_LOG_LEVEL=
# The default for traefik is to run in privileged mode.
# If you want to run traefik non-privileged, use the following variable and the format [UID]:[GID] to set user and group of your choice.
# Ensure that the user has access to docker.sock and traefik volumes defined in traefik/opencloud.yml
#TRAEFIK_CONTAINER_UID_GID="1000:1000"
# Configure ports for HTTP and HTTPS when necessary, defaults are 80 and 443 # Configure ports for HTTP and HTTPS when necessary, defaults are 80 and 443
# Don't use ports in the range of 8000-9999 and 5232 as those ports are used internally and therefore might create conflicts. # Don't use ports in the range of 8000-9999 and 5232 as those ports are used internally and therefore might create conflicts.
#TRAEFIK_PORT_HTTP=4080 #TRAEFIK_PORT_HTTP=4080
#TRAEFIK_PORT_HTTPS=4443 #TRAEFIK_PORT_HTTPS=4443
## OpenCloud Settings ## ## OpenCloud Settings ##
# The opencloud container image. # The opencloud container image.
# For production releases: "opencloudeu/opencloud" # For production releases: "opencloudeu/opencloud"
@@ -81,6 +87,11 @@ OC_DOCKER_IMAGE=opencloudeu/opencloud-rolling
# The openCloud container version. # The openCloud container version.
# Defaults to "latest" and points to the latest stable tag. # Defaults to "latest" and points to the latest stable tag.
OC_DOCKER_TAG= OC_DOCKER_TAG=
# The default id used in opencloud containers is 1000 for user and group.
# If you want to change the default, use the following variable and the format [UID]:[GID].
# The change affects all containers with access to data volumes.
# Ensure that the user has access to all volumes defined in docker-compose.yml
#OC_CONTAINER_UID_GID="1000:1000"
# Domain of openCloud, where you can find the frontend. # Domain of openCloud, where you can find the frontend.
# Defaults to "cloud.opencloud.test" # Defaults to "cloud.opencloud.test"
OC_DOMAIN= OC_DOMAIN=
@@ -97,6 +108,9 @@ DEMO_USERS=
# After the first initialization, the admin password can only be changed via the OpenCloud User Settings UI or by using the OpenCloud CLI. # After the first initialization, the admin password can only be changed via the OpenCloud User Settings UI or by using the OpenCloud CLI.
# Documentation: https://docs.opencloud.eu/docs/admin/resources/common-issues#-change-admin-password-set-in-env # Documentation: https://docs.opencloud.eu/docs/admin/resources/common-issues#-change-admin-password-set-in-env
INITIAL_ADMIN_PASSWORD= INITIAL_ADMIN_PASSWORD=
# Whether clients should check for updates.
# Defaults to "true".
CHECK_FOR_UPDATES=
# Define the openCloud loglevel used. # Define the openCloud loglevel used.
# #
LOG_LEVEL= LOG_LEVEL=
@@ -179,7 +193,11 @@ START_ADDITIONAL_SERVICES=""
# search/tika.yml or by using the following command: # search/tika.yml or by using the following command:
# docker compose -f docker-compose.yml -f search/tika.yml up -d # docker compose -f docker-compose.yml -f search/tika.yml up -d
# Set the desired docker image tag or digest. # Set the desired docker image tag or digest.
# Defaults to "apache/tika:latest-full" # Defaults to "apache/tika:latest"
# The slim variant is recommended for most use cases as it provides core text extraction
# functionality with a smaller image size and faster startup time.
# Only use the full variant (apache/tika:latest-full) if you need specialized features
# like advanced OCR or specific image processing capabilities.
TIKA_IMAGE= TIKA_IMAGE=
### IMPORTANT Note for Online Office Apps ### ### IMPORTANT Note for Online Office Apps ###

10
README.md
View File

@@ -148,6 +148,14 @@ This setup includes:
- Full text search functionality in the OpenCloud interface - Full text search functionality in the OpenCloud interface
- Support for documents, PDFs, images, and other file types - Support for documents, PDFs, images, and other file types
**Tika Image Variant:**
By default, OpenCloud Compose uses `apache/tika:latest` which provides:
- Smaller image size (~300MB vs ~1.2GB for the full variant)
- Faster container startup and deployment
- Core text extraction functionality for common document formats (PDF, Office docs, text files, etc.)
The base variant is recommended for most use cases. If you need advanced features like specialized OCR processing or specific image format support, you can override the image by setting `TIKA_IMAGE=apache/tika:latest-full` in your `.env` file.
### With Radicale ### With Radicale
Enable CalDAV (calendars, to-do lists) and CardDAV (contacts) server. Enable CalDAV (calendars, to-do lists) and CardDAV (contacts) server.
@@ -338,7 +346,7 @@ Key variables:
| `INSECURE` | Skip certificate validation | true | | `INSECURE` | Skip certificate validation | true |
| `COLLABORA_DOMAIN` | Collabora domain | collabora.opencloud.test | | `COLLABORA_DOMAIN` | Collabora domain | collabora.opencloud.test |
| `WOPISERVER_DOMAIN` | WOPI server domain | wopiserver.opencloud.test | | `WOPISERVER_DOMAIN` | WOPI server domain | wopiserver.opencloud.test |
| `TIKA_IMAGE` | Apache Tika image tag | apache/tika:latest-full | | `TIKA_IMAGE` | Apache Tika image tag | apache/tika:slim |
| `KEYCLOAK_DOMAIN` | Keycloak domain | keycloak.opencloud.test | | `KEYCLOAK_DOMAIN` | Keycloak domain | keycloak.opencloud.test |
| `KEYCLOAK_ADMIN` | Keycloak admin username | kcadmin | | `KEYCLOAK_ADMIN` | Keycloak admin username | kcadmin |
| `KEYCLOAK_ADMIN_PASSWORD` | Keycloak admin password | admin | | `KEYCLOAK_ADMIN_PASSWORD` | Keycloak admin password | admin |

2
docker-compose.yml
View File

@@ -4,6 +4,7 @@ services:
image: ${OC_DOCKER_IMAGE:-opencloudeu/opencloud-rolling}:${OC_DOCKER_TAG:-latest} image: ${OC_DOCKER_IMAGE:-opencloudeu/opencloud-rolling}:${OC_DOCKER_TAG:-latest}
# changelog: https://github.com/opencloud-eu/opencloud/tree/main/changelog # changelog: https://github.com/opencloud-eu/opencloud/tree/main/changelog
# release notes: https://docs.opencloud.eu/opencloud_release_notes.html # release notes: https://docs.opencloud.eu/opencloud_release_notes.html
user: ${OC_CONTAINER_UID_GID:-1000:1000}
networks: networks:
opencloud-net: opencloud-net:
entrypoint: entrypoint:
@@ -39,6 +40,7 @@ services:
NOTIFICATIONS_SMTP_AUTHENTICATION: "${SMTP_AUTHENTICATION}" NOTIFICATIONS_SMTP_AUTHENTICATION: "${SMTP_AUTHENTICATION}"
NOTIFICATIONS_SMTP_ENCRYPTION: "${SMTP_TRANSPORT_ENCRYPTION:-none}" NOTIFICATIONS_SMTP_ENCRYPTION: "${SMTP_TRANSPORT_ENCRYPTION:-none}"
FRONTEND_ARCHIVER_MAX_SIZE: "10000000000" FRONTEND_ARCHIVER_MAX_SIZE: "10000000000"
FRONTEND_CHECK_FOR_UPDATES: "${CHECK_FOR_UPDATES:-true}"
PROXY_CSP_CONFIG_FILE_LOCATION: /etc/opencloud/csp.yaml PROXY_CSP_CONFIG_FILE_LOCATION: /etc/opencloud/csp.yaml
# enable to allow using the banned passwords list # enable to allow using the banned passwords list
OC_PASSWORD_POLICY_BANNED_PASSWORDS_LIST: banned-password-list.txt OC_PASSWORD_POLICY_BANNED_PASSWORDS_LIST: banned-password-list.txt

11
external-proxy/collabora-exposed.yml Normal file
View File

@@ -0,0 +1,11 @@
---
# only expose the ports when you know what you are doing!
services:
collaboration:
ports:
# expose the wopi server on all interfaces
- "0.0.0.0:9300:9300"
collabora:
ports:
# expose the collabora server on all interfaces
- "0.0.0.0:9980:9980"

8
external-proxy/collabora.yml
View File

@@ -2,9 +2,9 @@
services: services:
collaboration: collaboration:
ports: ports:
# expose the wopi server # expose the wopi server on localhost
- "9300:9300" - "127.0.0.1:9300:9300"
collabora: collabora:
ports: ports:
# expose the collabora server # expose the collabora server on localhost
- "9980:9980" - "127.0.0.1:9980:9980"

8
external-proxy/keycloak-exposed.yml Normal file
View File

@@ -0,0 +1,8 @@
---
# only expose the ports when you know what you re doing!
services:
keycloak:
ports:
# expose the keycloak server on all interfaces
- "0.0.0.0:9000:9000"
- "0.0.0.0:8080:8080"

5
external-proxy/keycloak.yml
View File

@@ -2,5 +2,6 @@
services: services:
keycloak: keycloak:
ports: ports:
- "9000:9000" # expose the keycloak server on localhost
- "8080:8080" - "127.0.0.1:9000:9000"
- "127.0.0.1:8080:8080"

10
external-proxy/opencloud-exposed.yml Normal file
View File

@@ -0,0 +1,10 @@
---
# only expose the ports when you know what you are doing!
services:
opencloud:
environment:
# bind to all interfaces
PROXY_HTTP_ADDR: "0.0.0.0:9200"
ports:
# expose the opencloud server on all interfaces
- "0.0.0.0:9200:9200"

4
external-proxy/opencloud.yml
View File

@@ -5,5 +5,5 @@ services:
# bind to all interfaces # bind to all interfaces
PROXY_HTTP_ADDR: "0.0.0.0:9200" PROXY_HTTP_ADDR: "0.0.0.0:9200"
ports: ports:
# expose the opencloud server # expose the opencloud server on localhost
- "9200:9200" - "127.0.0.1:9200:9200"

1
radicale/radicale.yml
View File

@@ -6,6 +6,7 @@ services:
- ./config/opencloud/proxy.yaml:/etc/opencloud/proxy.yaml - ./config/opencloud/proxy.yaml:/etc/opencloud/proxy.yaml
radicale: radicale:
image: ${RADICALE_DOCKER_IMAGE:-opencloudeu/radicale}:${RADICALE_DOCKER_TAG:-latest} image: ${RADICALE_DOCKER_IMAGE:-opencloudeu/radicale}:${RADICALE_DOCKER_TAG:-latest}
user: ${OC_CONTAINER_UID_GID:-1000:1000}
networks: networks:
opencloud-net: opencloud-net:
logging: logging:

5
search/tika.yml
View File

@@ -1,7 +1,10 @@
--- ---
services: services:
tika: tika:
image: ${TIKA_IMAGE:-apache/tika:latest-full} image: ${TIKA_IMAGE:-apache/tika:latest}
# Using the base variant for smaller image size and faster startup
# The base variant includes core functionality for text extraction
# Full variant is only needed for specialized OCR/image processing
# release notes: https://tika.apache.org # release notes: https://tika.apache.org
networks: networks:
opencloud-net: opencloud-net:

1
traefik/opencloud.yml
View File

@@ -11,6 +11,7 @@ services:
traefik: traefik:
image: traefik:v3 image: traefik:v3
# release notes: https://github.com/traefik/traefik/releases # release notes: https://github.com/traefik/traefik/releases
user: ${TRAEFIK_CONTAINER_UID_GID:-0:0}
networks: networks:
opencloud-net: opencloud-net:
aliases: aliases:

1
weboffice/collabora.yml
View File

@@ -15,6 +15,7 @@ services:
collaboration: collaboration:
image: ${OC_DOCKER_IMAGE:-opencloudeu/opencloud-rolling}:${OC_DOCKER_TAG:-latest} image: ${OC_DOCKER_IMAGE:-opencloudeu/opencloud-rolling}:${OC_DOCKER_TAG:-latest}
user: ${OC_CONTAINER_UID_GID:-1000:1000}
networks: networks:
opencloud-net: opencloud-net:
depends_on: depends_on: