Shortened variable prefix; Fixed Nextcloud integration

README.md

@@ -29,11 +29,10 @@ Role Variables
 | Variable                     | Description                                                                                                                                                                                                                                                                        | Default            |
 | ---------------------------  | -------------------------------------------------------------------------------                                                                                                                                                                                                    | ------------------ |
 | docker_user                  | The user who is going to manage/run the Docker Compose services                                                                                                                                                                                                                    | deploy             |
-| onlyoffice_document_server_virtual_host | The host under which ONLYOFFICE is available from the outside (e.g. docsrv.example.org) | localhost          |
-| onlyoffice_document_server_http_port    | HTTP port                                                                               | 80                 |
-| onlyoffice_document_server_https_port   | HTTPS port                                                                              | 443                |
-| onlyoffice_document_server_jwt_enabled  | Whether JWT authentication should be used                                               | "false"            |
-| onlyoffice_document_server_jwt_secret   | A shared secret used by ONLYOFFICE and the integrator apps, e.g. Nextcloud              | "secret"           |
+| onlyoffice_virtual_host      | The host under which ONLYOFFICE is available from the outside (e.g. docsrv.example.org)                                                                                                                                                                                            | localhost          |
+| onlyoffice_allow_origin_list | Satisfy [CORS](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) [Access-Control-Allow-Origin](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin):  <br>A comma-separated list of hosts incl. scheme, e.g. https://nextcloud.example.tld | localhost          |
+| onlyoffice_jwt_enabled       | Whether JWT authentication should be used                                                                                                                                                                                                                                          | "false"            |
+| onlyoffice_jwt_secret        | A shared secret used by ONLYOFFICE and the integrator apps, e.g. Nextcloud                                                                                                                                                                                                         | "secret"           |
 
 
 Dependencies

defaults/main.yml

@@ -1,6 +1,4 @@
 ---
 # defaults file for ONLYOFFICE Document Server
 docker_user: deploy
-onlyoffice_document_server_http_port: 80
-onlyoffice_document_server_https_port: 443
-onlyoffice_document_server_virtual_host: localhost
+onlyoffice_virtual_host: localhost

tasks/main.yml

@@ -55,7 +55,7 @@
 - name: "Test whether the service is healthy from the public internet"
   become: false
   uri:
-    url: https://{{ onlyoffice_document_server_virtual_host }}
+    url: https://{{ onlyoffice_virtual_host }}
     timeout: 300
     validate_certs: no
   register: url_check

templates/docker-compose.onlyoffice-document-server.yml.j2

@@ -5,9 +5,6 @@ services:
     container_name: onlyoffice-document-server
     image: onlyoffice/documentserver
     restart: unless-stopped
-    ports:
-      - "{{ onlyoffice_document_server_http_port }}:80"
-      - "{{ onlyoffice_document_server_https_port }}:443"
     environment:
       - JWT_ENABLED
       - JWT_SECRET
@@ -17,11 +14,15 @@ services:
     labels:
         - "traefik.enable=true"
         - "traefik.docker.network=traefik_public"
-        - "traefik.http.routers.onlyoffice-document-server.rule=Host(`{{ onlyoffice_document_server_virtual_host }}`)"
-        - "traefik.port=8282"
-        - "traefik.http.routers.onlyoffice-document-server.entrypoints=websecure"
-        - "traefik.http.routers.onlyoffice-document-server.tls=true"
-        - "traefik.http.routers.onlyoffice-document-server.tls.certresolver=defaultresolver"
+        - "traefik.http.routers.onlyoffice.rule=Host(`{{ onlyoffice_virtual_host }}`)"
+        - "traefik.http.routers.onlyoffice.entrypoints=websecure"
+        - "traefik.http.routers.onlyoffice.tls=true"
+        - "traefik.http.routers.onlyoffice.tls.certresolver=defaultresolver"
+{% if onlyoffice_allow_origin_list %}
+        - "traefik.http.middlewares.onlyoffice-headers.headers.accesscontrolalloworiginlist={{ onlyoffice_allow_origin_list }}"
+{% endif %}
+        - "traefik.http.middlewares.onlyoffice-headers.headers.customrequestheaders.X-Forwarded-Proto=https"
+        - "traefik.http.routers.onlyoffice.middlewares=onlyoffice-headers"
     networks:
       public:
 

templates/env.onlyoffice-document-server.j2

@@ -1,3 +1,3 @@
-JWT_ENABLED={{ onlyoffice_document_server_jwt_enabled | default('false')}}
-JWT_SECRET={{ onlyoffice_document_server_jwt_secret | default('secret') }}
-JWT_HEADER={{ onlyoffice_document_server_jwt_header | default('Authorization') }}
+JWT_ENABLED={{ onlyoffice_jwt_enabled | default('false')}}
+JWT_SECRET={{ onlyoffice_jwt_secret | default('secret') }}
+JWT_HEADER={{ onlyoffice_jwt_header | default('Authorization') }}