Initial commit

.travis.yml

@@ -0,0 +1,29 @@
+---
+language: python
+python: "2.7"
+
+# Use the new container infrastructure
+sudo: false
+
+# Install ansible
+addons:
+  apt:
+    packages:
+    - python-pip
+
+install:
+  # Install ansible
+  - pip install ansible
+
+  # Check ansible version
+  - ansible --version
+
+  # Create ansible.cfg with correct roles_path
+  - printf '[defaults]\nroles_path=../' >ansible.cfg
+
+script:
+  # Basic role syntax check
+  - ansible-playbook tests/test.yml -i tests/inventory --syntax-check
+
+notifications:
+  webhooks: https://galaxy.ansible.com/api/v1/notifications/

LICENSE

@@ -0,0 +1,19 @@
+MIT License Copyright (c) 2020 Jan Beilicke <dev@jotbe.io>
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is furnished
+to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice (including the next
+paragraph) shall be included in all copies or substantial portions of the
+Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS
+OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
+WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF
+OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

README.md

@@ -0,0 +1,53 @@
+ONLYOFFICE Document Server (Docker-Compose)
+===========================================
+
+A [ONLYOFFICE Document Server](https://onlyoffice.com/) server that can be run behind [Traefik](https://traefik.io).
+
+Works e.g. with [Nextcloud](https://nextcloud.com/onlyoffice/), [Moodle](https://github.com/logicexpertise/moodle-mod_onlyoffice) and other open source tools.
+
+To tweak the config of the Document Server, you may have to modify the `.env` template. 
+
+[More information regarding ONLYOFFICE Document Server for Docker](https://github.com/ONLYOFFICE/docker-onlyoffice-nextcloud)
+
+After installation:
+
+- Ensure that the ONLYOFFICE instance URL (e.g. `https://documentserver.example.tld`) returns a welcome page.
+- Add the ONLYOFFICE App to Nextcloud
+- Go to Nextcloud settings > ONLYOFFICE and set the Document Server URL.
+
+Requirements
+------------
+
+- Ansible (implemented and tested with v2.9)
+- Ubuntu or Debian server
+- [Docker Engine](https://docs.docker.com/install/) + [Docker Compose](https://docs.docker.com/compose/install/)
+- Traefik or another reverse proxy that takes care of TLS
+
+Role Variables
+--------------
+
+| Variable                                | Description                                                                             | Default            |
+| ---------------------------             | -------------------------------------------------------------------------------         | ------------------ |
+| docker_user                             | The user who is going to manage/run the Docker Compose services                         | deploy             |
+| onlyoffice_document_server_virtual_host | The host under which ONLYOFFICE is available from the outside (e.g. docsrv.example.org) | localhost          |
+| onlyoffice_document_server_http_port    | HTTP port                                                                               | 80                 |
+| onlyoffice_document_server_https_port   | HTTPS port                                                                              | 443                |
+| onlyoffice_document_server_jwt_enabled  | Whether JWT authentication should be used                                               | "false"            |
+| onlyoffice_document_server_jwt_secret   | A shared secret used by ONLYOFFICE and the integrator apps, e.g. Nextcloud              | "secret"           |
+
+
+Dependencies
+------------
+
+Example Playbook
+----------------
+
+License
+-------
+
+MIT
+
+Author Information
+------------------
+
+This role was created in 2020 by [Jan Beilicke](https://jotbe.io).

defaults/main.yml

@@ -0,0 +1,6 @@
+---
+# defaults file for ONLYOFFICE Document Server
+docker_user: deploy
+onlyoffice_document_server_http_port: 80
+onlyoffice_document_server_https_port: 443
+onlyoffice_document_server_virtual_host: localhost

handlers/main.yml

@@ -0,0 +1,2 @@
+---
+# handlers file for jitsi

meta/main.yml

@@ -0,0 +1,43 @@
+galaxy_info:
+  author: Jan Beilicke
+  description: Dockerized Jitsi Meet behind Traefik
+
+  #issue_tracker_url: https://git.jotbe.io/jotbe/ansible-role-docker-jitsi/issues
+
+  # Choose a valid license ID from https://spdx.org - some suggested licenses:
+  # - BSD-3-Clause (default)
+  # - MIT
+  # - GPL-2.0-or-later
+  # - GPL-3.0-only
+  # - Apache-2.0
+  # - CC-BY-4.0
+  license: MIT
+
+  min_ansible_version: 2.9
+
+  # If this a Container Enabled role, provide the minimum Ansible Container version.
+  # min_ansible_container_version:
+
+  #
+  # Provide a list of supported platforms, and for each platform a list of versions.
+  # If you don't wish to enumerate all versions for a particular platform, use 'all'.
+  # To view available platforms and versions (or releases), visit:
+  # https://galaxy.ansible.com/api/v1/platforms/
+  #
+  platforms:
+  - name: Debian
+    versions:
+    - all
+  - name: Ubuntu
+    versions:
+    - all
+
+  galaxy_tags:
+    - docker
+    - traefik
+    - chat
+    - videoconferencing
+
+dependencies: []
+  # - geerlingguy.pip
+  # - geerlingguy.docker

tasks/main.yml

@@ -0,0 +1,74 @@
+---
+# tasks file for ONLYOFFICE Document Server
+- name: Ensure ONLYOFFICE Document Server config directory exists
+  file:
+    path: /home/{{ docker_user }}/onlyoffice-document-server
+    state: directory
+    owner: '{{ docker_user }}'
+    group: '{{ docker_user }}'
+  tags: config
+
+- name: Provide docker-compose.yml
+  template:
+    src: templates/docker-compose.onlyoffice-document-server.yml.j2
+    dest: /home/{{ docker_user }}/onlyoffice-document-server/docker-compose.yml
+    owner: "{{ docker_user }}"
+    group: "{{ docker_user }}"
+    mode: '0644'
+  tags: config
+
+- name: Output docker-compose.yml
+  shell: cat /home/{{ docker_user }}/onlyoffice-document-server/docker-compose.yml
+  register: output
+  tags: config
+
+- debug:
+    var: output
+
+- name: Provide env vars
+  template:
+    src: templates/env.onlyoffice-document-server.j2
+    dest: /home/{{ docker_user }}/onlyoffice-document-server/.env
+    owner: "{{ docker_user }}"
+    group: "{{ docker_user }}"
+    mode: '0640'
+  tags: config
+
+- name: "docker-compose: Teardown existing service"
+  docker_compose:
+    project_src: "/home/{{ docker_user }}/onlyoffice-document-server/"
+    state: absent
+  tags: ['never', 'teardown']
+
+- name: "docker-compose: Bootstrap service"
+  docker_compose:
+    project_src: "/home/{{ docker_user }}/onlyoffice-document-server/"
+  register: output
+
+- debug:
+    var: output
+
+- assert:
+    that:
+      - "output.ansible_facts['onlyoffice-document-server']['onlyoffice-document-server'].state.running"
+
+- name: "Wait for service (443/TLS) to become available from the public internet"
+  become: false
+  wait_for:
+    host: "{{ onlyoffice_document_server_virtual_host }}"
+    port: 443
+  delegate_to: localhost
+
+- name: "Test whether the service is healthy from the public internet"
+  become: false
+  uri:
+    url: https://{{ onlyoffice_document_server_virtual_host }}
+    return_content: yes
+    timeout: 600
+    validate_certs: no
+  register: url_check
+  delegate_to: localhost
+
+# - fail:
+#     msg: 'Service is not available!'
+#   when: "'OK' not in url_check.content"

templates/docker-compose.onlyoffice-document-server.yml.j2

@@ -0,0 +1,35 @@
+version: '3'
+
+services:
+  onlyoffice-document-server:
+    container_name: onlyoffice-document-server
+    image: onlyoffice/documentserver
+    restart: unless-stopped
+    ports:
+      - "{{ onlyoffice_document_server_http_port }}:80"
+      - "{{ onlyoffice_document_server_https_port }}:443"
+    environment:
+      - JWT_ENABLED
+      - JWT_SECRET
+    volumes:
+      - document_data:/var/www/onlyoffice/Data
+      - document_log:/var/log/onlyoffice
+    labels:
+        - "traefik.enable=true"
+        - "traefik.docker.network=traefik_public"
+        - "traefik.http.routers.onlyoffice-document-server.rule=Host(`{{ onlyoffice_document_server_virtual_host }}`)"
+        - "traefik.port=8282"
+        - "traefik.http.routers.onlyoffice-document-server.entrypoints=websecure"
+        - "traefik.http.routers.onlyoffice-document-server.tls=true"
+        - "traefik.http.routers.onlyoffice-document-server.tls.certresolver=defaultresolver"
+    networks:
+      public:
+
+volumes:
+  document_data:
+  document_log:
+
+networks:
+  public:
+    external:
+      name: traefik_public

templates/env.onlyoffice-document-server.j2

@@ -0,0 +1,3 @@
+JWT_ENABLED={{ onlyoffice_document_server_jwt_enabled | default('false')}}
+JWT_SECRET={{ onlyoffice_document_server_jwt_secret | default('secret') }}
+JWT_HEADER={{ onlyoffice_document_server_jwt_header | default('Authorization') }}

tests/inventory

@@ -0,0 +1,2 @@
+localhost
+

tests/test.yml

@@ -0,0 +1,5 @@
+---
+- hosts: localhost
+  remote_user: root
+  roles:
+    - jotbe.onlyoffice-document-server-docker

vars/main.yml

@@ -0,0 +1,2 @@
+---
+# vars file for ONLYOFFICE Document Server