Compare commits
2 commits
master
...
feature/mu
| Author | SHA1 | Date | |
|---|---|---|---|
| da24f66926 | |||
| 525a7336f2 |
5 changed files with 45 additions and 36 deletions
17
README.md
17
README.md
|
|
@ -26,14 +26,15 @@ Requirements
|
||||||
Role Variables
|
Role Variables
|
||||||
--------------
|
--------------
|
||||||
|
|
||||||
| Variable | Description | Default |
|
| Variable | Description | Default |
|
||||||
| --------------------------- | ------------------------------------------------------------------------------- | ------------------ |
|
| --------------------------- | ------------------------------------------------------------------------------- | ------------------ |
|
||||||
| docker_user | The user who is going to manage/run the Docker Compose services | deploy |
|
| onlyoffice_install_user | The user who is going to manage/run the Docker Compose services | {{ ansible_user } |
|
||||||
| onlyoffice_virtual_host | The host under which ONLYOFFICE is available from the outside (e.g. docsrv.example.org) | localhost |
|
| onlyoffice_install_path | The location where the service should be deployed | /home/{{ onlyoffice_install_user }} |
|
||||||
| onlyoffice_allow_origin_list | Satisfy [CORS](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) [Access-Control-Allow-Origin](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin): <br>A comma-separated list of hosts incl. scheme, e.g. https://nextcloud.example.tld | localhost |
|
| onlyoffice_virtual_host | The host under which ONLYOFFICE is available from the outside (e.g. docsrv.example.org) | localhost |
|
||||||
| onlyoffice_jwt_enabled | Whether JWT authentication should be used | "false" |
|
| onlyoffice_allow_origin_list | Satisfy [CORS](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) [Access-Control-Allow-Origin](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin): <br>A comma-separated list of hosts incl. scheme, e.g. https://nextcloud.example.tld | localhost |
|
||||||
| onlyoffice_jwt_secret | A shared secret used by ONLYOFFICE and the integrator apps, e.g. Nextcloud | "secret" |
|
| onlyoffice_jwt_enabled | Whether JWT authentication should be used | false |
|
||||||
|
| onlyoffice_jwt_secret | A shared secret used by ONLYOFFICE and the integrator apps, e.g. Nextcloud | "secret" |
|
||||||
|
| onlyoffice_jwt_header | The authorization header included in the JWT token | "Authorization" |
|
||||||
|
|
||||||
Dependencies
|
Dependencies
|
||||||
------------
|
------------
|
||||||
|
|
|
||||||
|
|
@ -1,4 +1,11 @@
|
||||||
---
|
---
|
||||||
# defaults file for ONLYOFFICE Document Server
|
# defaults file for ONLYOFFICE Document Server
|
||||||
docker_user: deploy
|
onlyoffice_install_user: '{{ ansible_user }}' # This user must be present on the host
|
||||||
|
onlyoffice_install_path: '/home/{{ onlyoffice_install_user }}'
|
||||||
|
onlyoffice_multitenant_label:
|
||||||
onlyoffice_virtual_host: localhost
|
onlyoffice_virtual_host: localhost
|
||||||
|
onlyoffice_jwt_enabled: false
|
||||||
|
onlyoffice_jwt_secret: 'secret'
|
||||||
|
onlyoffice_jwt_header: 'Authorization'
|
||||||
|
# Internal variables
|
||||||
|
onlyoffice_multitenant_postfix: "{{ '_' + onlyoffice_multitenant_label if (onlyoffice_multitenant_label) else '' }}"
|
||||||
|
|
|
||||||
|
|
@ -2,23 +2,23 @@
|
||||||
# tasks file for ONLYOFFICE Document Server
|
# tasks file for ONLYOFFICE Document Server
|
||||||
- name: Ensure ONLYOFFICE Document Server config directory exists
|
- name: Ensure ONLYOFFICE Document Server config directory exists
|
||||||
file:
|
file:
|
||||||
path: /home/{{ docker_user }}/onlyoffice-document-server
|
path: "{{ onlyoffice_install_path }}/onlyoffice-document-server"
|
||||||
state: directory
|
state: directory
|
||||||
owner: '{{ docker_user }}'
|
owner: '{{ onlyoffice_install_user }}'
|
||||||
group: '{{ docker_user }}'
|
group: '{{ onlyoffice_install_user }}'
|
||||||
tags: config
|
tags: config
|
||||||
|
|
||||||
- name: Provide docker-compose.yml
|
- name: Provide docker-compose.yml
|
||||||
template:
|
template:
|
||||||
src: templates/docker-compose.onlyoffice-document-server.yml.j2
|
src: templates/docker-compose.onlyoffice-document-server.yml.j2
|
||||||
dest: /home/{{ docker_user }}/onlyoffice-document-server/docker-compose.yml
|
dest: "{{ onlyoffice_install_path }}/onlyoffice-document-server/docker-compose.yml"
|
||||||
owner: "{{ docker_user }}"
|
owner: "{{ onlyoffice_install_user }}"
|
||||||
group: "{{ docker_user }}"
|
group: "{{ onlyoffice_install_user }}"
|
||||||
mode: '0644'
|
mode: '0644'
|
||||||
tags: config
|
tags: config
|
||||||
|
|
||||||
- name: Output docker-compose.yml
|
- name: Output docker-compose.yml
|
||||||
shell: cat /home/{{ docker_user }}/onlyoffice-document-server/docker-compose.yml
|
shell: cat {{ onlyoffice_install_path }}/onlyoffice-document-server/docker-compose.yml
|
||||||
register: output
|
register: output
|
||||||
tags: config
|
tags: config
|
||||||
|
|
||||||
|
|
@ -28,21 +28,21 @@
|
||||||
- name: Provide env vars
|
- name: Provide env vars
|
||||||
template:
|
template:
|
||||||
src: templates/env.onlyoffice-document-server.j2
|
src: templates/env.onlyoffice-document-server.j2
|
||||||
dest: /home/{{ docker_user }}/onlyoffice-document-server/.env
|
dest: "{{ onlyoffice_install_path }}/onlyoffice-document-server/.env"
|
||||||
owner: "{{ docker_user }}"
|
owner: "{{ onlyoffice_install_user }}"
|
||||||
group: "{{ docker_user }}"
|
group: "{{ onlyoffice_install_user }}"
|
||||||
mode: '0640'
|
mode: '0640'
|
||||||
tags: config
|
tags: config
|
||||||
|
|
||||||
- name: "docker-compose: Teardown existing service"
|
- name: "docker-compose: Teardown existing service"
|
||||||
docker_compose:
|
docker_compose:
|
||||||
project_src: "/home/{{ docker_user }}/onlyoffice-document-server/"
|
project_src: "{{ onlyoffice_install_path }}/onlyoffice-document-server/"
|
||||||
state: absent
|
state: absent
|
||||||
tags: ['never', 'teardown']
|
tags: ['never', 'teardown']
|
||||||
|
|
||||||
- name: "docker-compose: Bootstrap service"
|
- name: "docker-compose: Bootstrap service"
|
||||||
docker_compose:
|
docker_compose:
|
||||||
project_src: "/home/{{ docker_user }}/onlyoffice-document-server/"
|
project_src: "{{ onlyoffice_install_path }}/onlyoffice-document-server/"
|
||||||
register: output
|
register: output
|
||||||
|
|
||||||
- debug:
|
- debug:
|
||||||
|
|
|
||||||
|
|
@ -2,33 +2,34 @@ version: '3'
|
||||||
|
|
||||||
services:
|
services:
|
||||||
onlyoffice-document-server:
|
onlyoffice-document-server:
|
||||||
container_name: onlyoffice-document-server
|
|
||||||
image: onlyoffice/documentserver
|
image: onlyoffice/documentserver
|
||||||
|
container_name: onlyoffice-document-server{{ onlyoffice_multitenant_label }}
|
||||||
|
hostname: onlyoffice-document-server{{ onlyoffice_multitenant_label }}
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
environment:
|
environment:
|
||||||
- JWT_ENABLED
|
- JWT_ENABLED
|
||||||
- JWT_SECRET
|
- JWT_SECRET
|
||||||
volumes:
|
volumes:
|
||||||
- document_data:/var/www/onlyoffice/Data
|
- document_data{{ onlyoffice_multitenant_label }}:/var/www/onlyoffice/Data
|
||||||
- document_log:/var/log/onlyoffice
|
- document_log{{ onlyoffice_multitenant_label }}:/var/log/onlyoffice
|
||||||
labels:
|
labels:
|
||||||
- "traefik.enable=true"
|
- "traefik.enable=true"
|
||||||
- "traefik.docker.network=traefik_public"
|
- "traefik.docker.network=traefik_public"
|
||||||
- "traefik.http.routers.onlyoffice.rule=Host(`{{ onlyoffice_virtual_host }}`)"
|
- "traefik.http.routers.onlyoffice{{ onlyoffice_multitenant_label }}.rule=Host(`{{ onlyoffice_virtual_host }}`)"
|
||||||
- "traefik.http.routers.onlyoffice.entrypoints=websecure"
|
- "traefik.http.routers.onlyoffice{{ onlyoffice_multitenant_label }}.entrypoints=websecure"
|
||||||
- "traefik.http.routers.onlyoffice.tls=true"
|
- "traefik.http.routers.onlyoffice{{ onlyoffice_multitenant_label }}.tls=true"
|
||||||
- "traefik.http.routers.onlyoffice.tls.certresolver=defaultresolver"
|
- "traefik.http.routers.onlyoffice{{ onlyoffice_multitenant_label }}.tls.certresolver=defaultresolver"
|
||||||
{% if onlyoffice_allow_origin_list %}
|
{% if onlyoffice_allow_origin_list %}
|
||||||
- "traefik.http.middlewares.onlyoffice-headers.headers.accesscontrolalloworiginlist={{ onlyoffice_allow_origin_list }}"
|
- "traefik.http.middlewares.onlyoffice{{ onlyoffice_multitenant_label }}-headers.headers.accesscontrolalloworiginlist={{ onlyoffice_allow_origin_list }}"
|
||||||
{% endif %}
|
{% endif %}
|
||||||
- "traefik.http.middlewares.onlyoffice-headers.headers.customrequestheaders.X-Forwarded-Proto=https"
|
- "traefik.http.middlewares.onlyoffice{{ onlyoffice_multitenant_label }}-headers.headers.customrequestheaders.X-Forwarded-Proto=https"
|
||||||
- "traefik.http.routers.onlyoffice.middlewares=onlyoffice-headers"
|
- "traefik.http.routers.onlyoffice{{ onlyoffice_multitenant_label }}.middlewares=onlyoffice{{ onlyoffice_multitenant_label }}-headers"
|
||||||
networks:
|
networks:
|
||||||
public:
|
public:
|
||||||
|
|
||||||
volumes:
|
volumes:
|
||||||
document_data:
|
document_data{{ onlyoffice_multitenant_label }}:
|
||||||
document_log:
|
document_log{{ onlyoffice_multitenant_label }}:
|
||||||
|
|
||||||
networks:
|
networks:
|
||||||
public:
|
public:
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,3 @@
|
||||||
JWT_ENABLED={{ onlyoffice_jwt_enabled | default('false')}}
|
JWT_ENABLED={{ onlyoffice_jwt_enabled }}
|
||||||
JWT_SECRET={{ onlyoffice_jwt_secret | default('secret') }}
|
JWT_SECRET={{ onlyoffice_jwt_secret }}
|
||||||
JWT_HEADER={{ onlyoffice_jwt_header | default('Authorization') }}
|
JWT_HEADER={{ onlyoffice_jwt_header }}
|
||||||
Loading…
Add table
Reference in a new issue