commit 7aa44854aeb4d88899ea461c03ddd9113bd97c96 Author: Jan Beilicke Date: Sat Mar 28 17:56:49 2020 +0100 Initial commit diff --git a/.travis.yml b/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..86aa256 --- /dev/null +++ b/LICENSE @@ -0,0 +1,19 @@ +MIT License Copyright (c) 2020 Jan Beilicke + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is furnished +to do so, subject to the following conditions: + +The above copyright notice and this permission notice (including the next +paragraph) shall be included in all copies or substantial portions of the +Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS +FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS +OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, +WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF +OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/README.md b/README.md new file mode 100644 index 0000000..9df87fb --- /dev/null +++ b/README.md @@ -0,0 +1,51 @@ +Collabora Online Developer Edition (Docker-Compose) +=================================================== + +A [Collabora Online Developer Edition (CODE)](https://www.collaboraoffice.com/code/) server that can be run behind [Traefik](https://traefik.io). + +Works e.g. with [Nextcloud](https://nextcloud.com/collaboraonline/), [Moodle](https://moodle.org/plugins/mod_collabora) and other open source tools. + +To tweak the config of Collabora, you may have to modify the `.env` template. + +[More information regarding CODE for Docker](https://www.collaboraoffice.com/code/docker/) + +After installation: + +- Ensure that the CODE instance URL (e.g. `https://collabora.example.tld`) returns `OK`. +- Add the Collabora App to Nextcloud +- Go to Nextcloud settings > Collabora and set the CODE instance URL. + +Requirements +------------ + +- Ansible (implemented and tested with v2.9) +- Ubuntu or Debian server +- [Docker Engine](https://docs.docker.com/install/) + [Docker Compose](https://docs.docker.com/compose/install/) +- Traefik or another reverse proxy that takes care of TLS + +Role Variables +-------------- + +| Variable | Description | Default | +| --------------------------- | ------------------------------------------------------------------------------- | ------------------ | +| docker_user | The user who is going to manage/run the Docker Compose services | deploy | +| collabora_virtual_host | The host under which CODE is available from the outside (e.g. collabora.example.org) | localhost | +| collabora_domain_regex_pattern | A regular expression to match hosts that should be allowed to access CODE | localhost | +| collabora_admin_user | Used to access to the Admin UI: https:///loleaflet/dist/admin/admin.html | | +| collabora_admin_password | | | + +Dependencies +------------ + +Example Playbook +---------------- + +License +------- + +MIT + +Author Information +------------------ + +This role was created in 2020 by [Jan Beilicke](https://jotbe.io). diff --git a/defaults/main.yml b/defaults/main.yml new file mode 100644 index 0000000..db7156e --- /dev/null +++ b/defaults/main.yml @@ -0,0 +1,7 @@ +--- +# defaults file for Collabora Online +docker_user: deploy +collabora_exposed_port: 9980 +collabora_virtual_host: localhost +collabora_public_url: http://{{ collabora_virtual_host }} +collabora_domain_regex_pattern: localhost diff --git a/handlers/main.yml b/handlers/main.yml new file mode 100644 index 0000000..30d065c --- /dev/null +++ b/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for jitsi \ No newline at end of file diff --git a/meta/main.yml b/meta/main.yml new file mode 100644 index 0000000..105caf2 --- /dev/null +++ b/meta/main.yml @@ -0,0 +1,43 @@ +galaxy_info: + author: Jan Beilicke + description: Dockerized Jitsi Meet behind Traefik + + #issue_tracker_url: https://git.jotbe.io/jotbe/ansible-role-docker-jitsi/issues + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: MIT + + min_ansible_version: 2.9 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + platforms: + - name: Debian + versions: + - all + - name: Ubuntu + versions: + - all + + galaxy_tags: + - docker + - traefik + - chat + - videoconferencing + +dependencies: [] + # - geerlingguy.pip + # - geerlingguy.docker diff --git a/tasks/main.yml b/tasks/main.yml new file mode 100644 index 0000000..1fad4b9 --- /dev/null +++ b/tasks/main.yml @@ -0,0 +1,73 @@ +--- +# tasks file for Collabora Online +- name: Ensure Collabora Online config directory exists + file: + path: /home/{{ docker_user }}/collabora-online + state: directory + owner: '{{ docker_user }}' + group: '{{ docker_user }}' + tags: config + +- name: Provide docker-compose.yml + template: + src: templates/docker-compose.collabora-online.yml.j2 + dest: /home/{{ docker_user }}/collabora-online/docker-compose.yml + owner: "{{ docker_user }}" + group: "{{ docker_user }}" + mode: '0644' + tags: config + +- name: Output docker-compose.yml + shell: cat /home/{{ docker_user }}/collabora-online/docker-compose.yml + register: output + tags: config + +- debug: + var: output + +- name: Provide Collabora env vars + template: + src: templates/env.collabora-online.j2 + dest: /home/{{ docker_user }}/collabora-online/.env + owner: "{{ docker_user }}" + group: "{{ docker_user }}" + mode: '0640' + tags: config + +- name: "docker-compose: Teardown existing Collabora service" + docker_compose: + project_src: "/home/{{ docker_user }}/collabora-online/" + state: absent + tags: ['never', 'teardown'] + +- name: "docker-compose: Bootstrap Collabora service" + docker_compose: + project_src: "/home/{{ docker_user }}/collabora-online/" + register: output + +- debug: + var: output + +- assert: + that: + - "output.ansible_facts['collabora']['collabora-online_collabora_1'].state.running" + +- name: "Wait for Collabora service (443/TLS) to become available from the public internet" + become: false + wait_for: + host: "{{ collabora_virtual_host }}" + port: 443 + delegate_to: localhost + +- name: "Test whether Collabora is healthy from the public internet" + become: false + uri: + url: https://{{ collabora_virtual_host }} + return_content: yes + timeout: 600 + register: url_check + delegate_to: localhost + +- fail: + msg: 'Collabora is not available!' + when: "'OK' not in url_check.content" diff --git a/templates/docker-compose.collabora-online.yml.j2 b/templates/docker-compose.collabora-online.yml.j2 new file mode 100644 index 0000000..f63b7c0 --- /dev/null +++ b/templates/docker-compose.collabora-online.yml.j2 @@ -0,0 +1,31 @@ +version: '3' + +services: + collabora: + image: collabora/code + restart: unless-stopped + environment: + - extra_params + - domain +{% if collabora_admin_user is defined and collabora_admin_password is defined %} + - username + - password +{% endif %} + - SLEEPFORDEBUGGER + labels: + - "traefik.enable=true" + - "traefik.docker.network=traefik_public" + - "traefik.http.routers.collabora.rule=Host(`{{ collabora_virtual_host }}`)" + - "traefik.port=9980" + - "traefik.http.routers.collabora.entrypoints=websecure" + - "traefik.http.routers.collabora.tls=true" + - "traefik.http.routers.collabora.tls.certresolver=defaultresolver" + networks: + public: + cap_add: + - MKNOD + +networks: + public: + external: + name: traefik_public diff --git a/templates/env.collabora-online.j2 b/templates/env.collabora-online.j2 new file mode 100644 index 0000000..8c4446d --- /dev/null +++ b/templates/env.collabora-online.j2 @@ -0,0 +1,7 @@ +extra_params=--o:ssl.enable=false --o:ssl.termination=true +domain={{collabora_domain_regex_pattern|replace('\\', '\\\\')}} +{% if collabora_admin_user is defined and collabora_admin_password is defined %} +username={{ collabora_admin_user }} +password={{ collabora_admin_password }} +{% endif %} +SLEEPFORDEBUGGER=0 \ No newline at end of file diff --git a/tests/inventory b/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/tests/test.yml b/tests/test.yml new file mode 100644 index 0000000..7d29923 --- /dev/null +++ b/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - jitsi \ No newline at end of file diff --git a/vars/main.yml b/vars/main.yml new file mode 100644 index 0000000..a6b20d1 --- /dev/null +++ b/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for jitsi \ No newline at end of file