diff --git a/changelog/unreleased/enhanacement-clamav-example.md b/changelog/unreleased/enhanacement-clamav-example.md new file mode 100644 index 000000000..17d1f0d19 --- /dev/null +++ b/changelog/unreleased/enhanacement-clamav-example.md @@ -0,0 +1,6 @@ +Enhancement: Docker compose example for ClamAV + +This PR adds a docker compose example for running a local oCIS together with ClamAV as virus scanner. +The example is for demonstration purposes only and should not be used in production. + +https://github.com/owncloud/ocis/pull/9229 diff --git a/deployments/examples/ocis_clamav/README.md b/deployments/examples/ocis_clamav/README.md new file mode 100644 index 000000000..027d3b37e --- /dev/null +++ b/deployments/examples/ocis_clamav/README.md @@ -0,0 +1,6 @@ +--- +document this deployment example in: docs/ocis/deployment/ocis_clamav.md +--- + +Please refer to [our documentation](https://owncloud.dev/ocis/deployment/ocis_clamav/) +for instructions on how to run this scenario. diff --git a/deployments/examples/ocis_clamav/docker-compose.yml b/deployments/examples/ocis_clamav/docker-compose.yml new file mode 100644 index 000000000..1d3e9c2fe --- /dev/null +++ b/deployments/examples/ocis_clamav/docker-compose.yml @@ -0,0 +1,57 @@ +--- +version: "3.7" + +services: + ocis: + image: owncloud/ocis:${OCIS_DOCKER_TAG:-latest} + networks: + ocis-net: + entrypoint: + - /bin/sh + # run ocis init to initialize a configuration file with random secrets + # it will fail on subsequent runs, because the config file already exists + # therefore we ignore the error and then start the ocis server + command: [ "-c", "ocis init || true; ocis server" ] + environment: + # setup is for demonstration purposes only; + OCIS_INSECURE: "${INSECURE:-false}" + OCIS_LOG_LEVEL: ${OCIS_LOG_LEVEL:-info} + # admin user password + IDM_ADMIN_PASSWORD: "${ADMIN_PASSWORD:-admin}" # this overrides the admin password from the configuration file + # demo users + IDM_CREATE_DEMO_USERS: "${DEMO_USERS:-true}" + # enable the antivirus service + OCIS_ADD_RUN_SERVICES: "antivirus" + # configure the antivirus service + POSTPROCESSING_STEPS: "virusscan" + ANTIVIRUS_SCANNER_TYPE: "clamav" + ANTIVIRUS_CLAMAV_SOCKET: "/var/run/clamav/clamd.sock" + volumes: + - "ocis-config:/etc/ocis" + - "ocis-data:/var/lib/ocis" + - "clamav-socket:/var/run/clamav" + ports: + - 9200:9200 + logging: + driver: "local" + restart: always + + clamav: + image: clamav/clamav:${CLAMAV_DOCKER_TAG:-latest} + networks: + ocis-net: + volumes: + - "clamav-socket:/tmp" + - "clamav-db:/var/lib/clamav" + logging: + driver: "local" + restart: always + +volumes: + clamav-socket: + clamav-db: + ocis-config: + ocis-data: + +networks: + ocis-net: diff --git a/docs/ocis/deployment/ocis_clamav.md b/docs/ocis/deployment/ocis_clamav.md new file mode 100644 index 000000000..bb74c9e0c --- /dev/null +++ b/docs/ocis/deployment/ocis_clamav.md @@ -0,0 +1,35 @@ +--- +title: "oCIS with clamav" +date: 2024-05-21T14:04:00+01:00 +weight: 101 +geekdocRepo: https://github.com/owncloud/ocis +geekdocEditPath: edit/master/docs/ocis/deployment +geekdocFilePath: ocis_clamav.md +--- + +{{< toc >}} + +## Overview + +- oCIS with standard clamav setup + +[Find this example on GitHub](https://github.com/owncloud/ocis/tree/master/deployments/examples/ocis_clamav) + +The docker stack contains the following services: + +oCIS itself, without any proxy in front of it, keep in mind, +the example is for demonstration purposes only and should not be used in production. + +A pre-configured clamav container to virus scan files uploaded to oCIS. + +## Server Deployment + +The provided docker compose file is for local demonstration purposes only. +It is not recommended to use this setup in production. + +## Local setup + +`docker-compose up -d` + +once all containers are up and running, you can access the oCIS instance at `https://localhost:9200`, +clamav could take some time to start up, so please be patient.