From ab8def29ba9dabfabeec1978aff608a80a277ee2 Mon Sep 17 00:00:00 2001 From: Michael Barz Date: Tue, 14 Oct 2025 17:43:43 +0200 Subject: [PATCH] feat: move collaboration behind the proxy --- traefik/collabora.yml | 16 +++++----- weboffice/collabora.yml | 70 +++++++++++++++++++++++------------------ 2 files changed, 48 insertions(+), 38 deletions(-) diff --git a/traefik/collabora.yml b/traefik/collabora.yml index 74182ee..9e403ee 100644 --- a/traefik/collabora.yml +++ b/traefik/collabora.yml @@ -6,14 +6,14 @@ services: aliases: - ${COLLABORA_DOMAIN:-collabora.opencloud.test} - ${WOPISERVER_DOMAIN:-wopiserver.opencloud.test} - collaboration: - labels: - - "traefik.enable=true" - - "traefik.http.routers.collaboration.entrypoints=https" - - "traefik.http.routers.collaboration.rule=Host(`${WOPISERVER_DOMAIN:-wopiserver.opencloud.test}`)" - - "traefik.http.routers.collaboration.${TRAEFIK_SERVICES_TLS_CONFIG}" - - "traefik.http.routers.collaboration.service=collaboration" - - "traefik.http.services.collaboration.loadbalancer.server.port=9300" +# collaboration: +# labels: +# - "traefik.enable=true" +# - "traefik.http.routers.collaboration.entrypoints=https" +# - "traefik.http.routers.collaboration.rule=Host(`${WOPISERVER_DOMAIN:-wopiserver.opencloud.test}`)" +# - "traefik.http.routers.collaboration.${TRAEFIK_SERVICES_TLS_CONFIG}" +# - "traefik.http.routers.collaboration.service=collaboration" +# - "traefik.http.services.collaboration.loadbalancer.server.port=9300" collabora: labels: - "traefik.enable=true" diff --git a/weboffice/collabora.yml b/weboffice/collabora.yml index fe697f8..025f02e 100644 --- a/weboffice/collabora.yml +++ b/weboffice/collabora.yml @@ -6,30 +6,14 @@ services: # this is needed for setting the correct CSP header COLLABORA_DOMAIN: ${COLLABORA_DOMAIN:-collabora.opencloud.test} # expose nats and the reva gateway for the collaboration service - NATS_NATS_HOST: 0.0.0.0 - GATEWAY_GRPC_ADDR: 0.0.0.0:9142 + # NATS_NATS_HOST: 0.0.0.0 + # GATEWAY_GRPC_ADDR: 0.0.0.0:9142 # make collabora the secure view app - FRONTEND_APP_HANDLER_SECURE_VIEW_APP_ADDR: eu.opencloud.api.collaboration.CollaboraOnline + FRONTEND_APP_HANDLER_SECURE_VIEW_APP_ADDR: eu.opencloud.api.collaboration GRAPH_AVAILABLE_ROLES: "b1e2218d-eef8-4d4c-b82d-0f1a1b48f3b5,a8d5fe5e-96e3-418d-825b-534dbdf22b99,fb6c3e19-e378-47e5-b277-9732f9de6e21,58c63c02-1d89-4572-916a-870abc5a1b7d,2d00ce52-1fc2-4dbc-8b95-a73b73395f5a,1c996275-f1c9-4e71-abdf-a42f6495e960,312c0871-5ef7-4b3a-85b6-0e4074c64049,aa97fe03-7980-45ac-9e50-b325749fd7e6" - - collaboration: - image: ${OC_DOCKER_IMAGE:-opencloudeu/opencloud-rolling}:${OC_DOCKER_TAG:-latest} - networks: - opencloud-net: - depends_on: - opencloud: - condition: service_started - collabora: - condition: service_healthy - entrypoint: - - /bin/sh - command: [ "-c", "opencloud collaboration server" ] - environment: - COLLABORATION_GRPC_ADDR: 0.0.0.0:9301 - COLLABORATION_HTTP_ADDR: 0.0.0.0:9300 - MICRO_REGISTRY: "nats-js-kv" - MICRO_REGISTRY_ADDRESS: "opencloud:9233" - COLLABORATION_WOPI_SRC: https://${WOPISERVER_DOMAIN:-wopiserver.opencloud.test} + # COLLABORATION_GRPC_ADDR: 0.0.0.0:9301 + # COLLABORATION_HTTP_ADDR: 0.0.0.0:9300 + COLLABORATION_WOPI_SRC: https://${OC_DOMAIN:-cloud.opencloud.test} COLLABORATION_APP_NAME: "CollaboraOnline" COLLABORATION_APP_PRODUCT: "Collabora" COLLABORATION_APP_ADDR: https://${COLLABORA_DOMAIN:-collabora.opencloud.test} @@ -37,13 +21,39 @@ services: COLLABORATION_APP_INSECURE: "${INSECURE:-true}" COLLABORATION_CS3API_DATAGATEWAY_INSECURE: "${INSECURE:-true}" COLLABORATION_LOG_LEVEL: ${LOG_LEVEL:-info} - OC_URL: https://${OC_DOMAIN:-cloud.opencloud.test} - volumes: - # configure the .env file to use own paths instead of docker internal volumes - - ${OC_CONFIG_DIR:-opencloud-config}:/etc/opencloud - logging: - driver: ${LOG_DRIVER:-local} - restart: always + +# collaboration: +# image: ${OC_DOCKER_IMAGE:-opencloudeu/opencloud-rolling}:${OC_DOCKER_TAG:-latest} +# networks: +# opencloud-net: +# depends_on: +# opencloud: +# condition: service_started +# collabora: +# condition: service_healthy +# entrypoint: +# - /bin/sh +# command: [ "-c", "opencloud collaboration server" ] +# environment: +# COLLABORATION_GRPC_ADDR: 0.0.0.0:9301 +# COLLABORATION_HTTP_ADDR: 0.0.0.0:9300 +# MICRO_REGISTRY: "nats-js-kv" +# MICRO_REGISTRY_ADDRESS: "opencloud:9233" +# COLLABORATION_WOPI_SRC: https://${WOPISERVER_DOMAIN:-wopiserver.opencloud.test} +# COLLABORATION_APP_NAME: "CollaboraOnline" +# COLLABORATION_APP_PRODUCT: "Collabora" +# COLLABORATION_APP_ADDR: https://${COLLABORA_DOMAIN:-collabora.opencloud.test} +# COLLABORATION_APP_ICON: https://${COLLABORA_DOMAIN:-collabora.opencloud.test}/favicon.ico +# COLLABORATION_APP_INSECURE: "${INSECURE:-true}" +# COLLABORATION_CS3API_DATAGATEWAY_INSECURE: "${INSECURE:-true}" +# COLLABORATION_LOG_LEVEL: ${LOG_LEVEL:-info} +# OC_URL: https://${OC_DOMAIN:-cloud.opencloud.test} +# volumes: +# # configure the .env file to use own paths instead of docker internal volumes +# - ${OC_CONFIG_DIR:-opencloud-config}:/etc/opencloud +# logging: +# driver: ${LOG_DRIVER:-local} +# restart: always collabora: image: collabora/code:25.04.4.2.1 @@ -51,7 +61,7 @@ services: networks: opencloud-net: environment: - aliasgroup1: https://${WOPISERVER_DOMAIN:-wopiserver.opencloud.test}:443 + aliasgroup1: https://${OC_DOMAIN:-cloud.opencloud.test}:443 DONT_GEN_SSL_CERT: "YES" extra_params: | --o:ssl.enable=${COLLABORA_SSL_ENABLE:-true} \