From 6ea0b2445e1474a837f21dd27318596b934fdc80 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Fri, 8 Oct 2021 08:10:37 +0200 Subject: [PATCH] update deployment config and docs --- .../ocis_wopi/latest.yml | 4 +- .../ocis_wopi/released.yml | 4 +- deployments/examples/ocis_wopi/.env | 16 +++++-- .../examples/ocis_wopi/docker-compose.yml | 2 +- docs/ocis/deployment/ocis_wopi.md | 47 ++++++++++++------- 5 files changed, 47 insertions(+), 26 deletions(-) diff --git a/deployments/continuous-deployment-config/ocis_wopi/latest.yml b/deployments/continuous-deployment-config/ocis_wopi/latest.yml index dcee49563c..006c1160a4 100644 --- a/deployments/continuous-deployment-config/ocis_wopi/latest.yml +++ b/deployments/continuous-deployment-config/ocis_wopi/latest.yml @@ -37,10 +37,10 @@ TRAEFIK_ACME_MAIL: wkloucek@owncloud.com OCIS_DOCKER_TAG: latest OCIS_DOMAIN: ocis.ocis-wopi.latest.owncloud.works - OCIS_WOPISERVER_DOCKER_TAG: latest - CS3ORG_WOPISERVER_DOCKER_TAG: latest WOPISERVER_DOMAIN: wopiserver.ocis-wopi.latest.owncloud.works COLLABORA_DOMAIN: collabora.ocis-wopi.latest.owncloud.works + ONLYOFFICE_DOMAIN: onlyoffice.ocis-wopi.latest.owncloud.works + CODIMD_DOMAIN: codimd.ocis-wopi.latest.owncloud.works COMPOSE_FILE: docker-compose.yml:monitoring_tracing/docker-compose-additions.yml - name: monitoring git_url: https://github.com/owncloud-devops/monitoring-tracing-client.git diff --git a/deployments/continuous-deployment-config/ocis_wopi/released.yml b/deployments/continuous-deployment-config/ocis_wopi/released.yml index a6e17e9849..6dd9a23e50 100644 --- a/deployments/continuous-deployment-config/ocis_wopi/released.yml +++ b/deployments/continuous-deployment-config/ocis_wopi/released.yml @@ -37,10 +37,10 @@ TRAEFIK_ACME_MAIL: wkloucek@owncloud.com OCIS_DOCKER_TAG: 1 OCIS_DOMAIN: ocis.ocis-wopi.released.owncloud.works - OCIS_WOPISERVER_DOCKER_TAG: latest - CS3ORG_WOPISERVER_DOCKER_TAG: latest WOPISERVER_DOMAIN: wopiserver.ocis-wopi.released.owncloud.works COLLABORA_DOMAIN: collabora.ocis-wopi.released.owncloud.works + ONLYOFFICE_DOMAIN: onlyoffice.ocis-wopi.released.owncloud.works + CODIMD_DOMAIN: codimd.ocis-wopi.released.owncloud.works COMPOSE_FILE: docker-compose.yml:monitoring_tracing/docker-compose-additions.yml - name: monitoring git_url: https://github.com/owncloud-devops/monitoring-tracing-client.git diff --git a/deployments/examples/ocis_wopi/.env b/deployments/examples/ocis_wopi/.env index 72c75988e5..b61977b073 100644 --- a/deployments/examples/ocis_wopi/.env +++ b/deployments/examples/ocis_wopi/.env @@ -29,10 +29,8 @@ STORAGE_TRANSFER_SECRET= OCIS_MACHINE_AUTH_API_KEY= ### Wopi server settings ### -# oCIS Wopi server version. Defaults to "latest" -OCIS_WOPISERVER_DOCKER_TAG= # cs3org wopi server version. Defaults to "latest" -CS3ORG_WOPISERVER_DOCKER_TAG= +WOPISERVER_DOCKER_TAG= # cs3org wopi server domain. Defaults to "wopiserver.owncloud.test" WOPISERVER_DOMAIN= # JWT secret which is used for the documents to be request by the Wopi client from the cs3org Wopi server. Must be change in order to have a secure Wopi server. Defaults to "LoremIpsum567" @@ -45,9 +43,19 @@ WOPI_IOP_SECRET= COLLABORA_DOMAIN= # Admin user for Collabora. Defaults to blank, provide one to enable access COLLABORA_ADMIN_USER= -# Admin password for COllabora. Defaults to blank, provide one to enable access +# Admin password for Collabora. Defaults to blank, provide one to enable access COLLABORA_ADMIN_PASSWORD= +### OnlyOffice settings ### +# Domain of OnlyOffice, where you can find the frontend. Defaults to "onlyoffice.owncloud.test" +ONLYOFFICE_DOMAIN= + +### CodiMD settings ### +# Domain of Collabora, where you can find the frontend. Defaults to "codimd.owncloud.test" +CODIMD_DOMAIN= +# Secret which is used for the communication with the WOPI server. Must be changed in order to have a secure CodiMD. Defaults to "LoremIpsum456" +CODIMD_SECRET= + # If you want to use debugging and tracing with this stack, # you need uncomment following line. Please see documentation at diff --git a/deployments/examples/ocis_wopi/docker-compose.yml b/deployments/examples/ocis_wopi/docker-compose.yml index bea27b8040..e4e1dbb0fa 100644 --- a/deployments/examples/ocis_wopi/docker-compose.yml +++ b/deployments/examples/ocis_wopi/docker-compose.yml @@ -160,7 +160,7 @@ services: restart: always wopiserver: - image: cs3org/wopiserver:${CS3ORG_WOPISERVER_DOCKER_TAG:-latest} + image: cs3org/wopiserver:${WOPISERVER_DOCKER_TAG:-latest} networks: ocis-net: entrypoint: diff --git a/docs/ocis/deployment/ocis_wopi.md b/docs/ocis/deployment/ocis_wopi.md index 50aeff1226..135d4df1c3 100644 --- a/docs/ocis/deployment/ocis_wopi.md +++ b/docs/ocis/deployment/ocis_wopi.md @@ -11,20 +11,20 @@ geekdocFilePath: ocis_wopi.md ## Overview -* oCIS, Wopi server and Collabora running behind Traefik as reverse proxy -* Collabora enables you to edit text documents in your browser -* Wopi server acts as a bridge to make the oCIS storage accessible to Collabora +* oCIS, Wopi server, Collabora, OnlyOffice and CodiMD running behind Traefik as reverse proxy +* Collabora, OnlyOffice and CodiMD enable you to edit documents in your browser +* Wopi server acts as a bridge to make the oCIS storage accessible to Collabora, OnlyOffice and CodiMD * Traefik generating self signed certificates for local setup or obtaining valid SSL certificates for a server setup [Find this example on GitHub](https://github.com/owncloud/ocis/tree/master/deployments/examples/ocis_wopi) -The docker stack consists 5 containers. One of them is Traefik, a proxy which is terminating SSL and forwards the requests to oCIS in the internal docker network. +The docker stack consists of 10 containers. One of them is Traefik, a proxy which is terminating SSL and forwards the requests to oCIS in the internal docker network. -The next container is oCIS itself in a configuration like the [oCIS with Traefik example]({{< ref "ocis_traefik" >}}), except that for this example a custom proxy and web UI configuration is used to enable the oCIS Wopi extension. +The next container is oCIS itself in a configuration like the [oCIS with Traefik example]({{< ref "ocis_traefik" >}}), except that for this example a custom mimetype configuration is used. -The oCIS WOPI server extension is running in another container and enables you to open files in Collabora from within ownCloud Web. +There are three oCIS app driver containers that register Collabora, OnlyOffice and CodiMD at the app registry. -The last two containers are the WOPI server and Collabora. +The last four containers are the WOPI server, Collabora, OnlyOffice and CodiMD. ## Server Deployment @@ -34,6 +34,8 @@ The last two containers are the WOPI server and Collabora. * Three domains set up and pointing to your server - ocis.* for serving oCIS - collabora.* for serving Collabora + - onlyoffice.* for serving OnlyOffice + - codimd.* for serving CodiMD - wopiserver.* for serving the WOPI server - traefik.* for serving the Traefik dashboard @@ -84,10 +86,8 @@ See also [example server setup]({{< ref "preparing_server" >}}) OCIS_MACHINE_AUTH_API_KEY= ### Wopi server settings ### - # oCIS Wopi server version. Defaults to "latest" - OCIS_WOPISERVER_DOCKER_TAG= # cs3org wopi server version. Defaults to "latest" - CS3ORG_WOPISERVER_DOCKER_TAG= + WOPISERVER_DOCKER_TAG= # cs3org wopi server domain. Defaults to "wopiserver.owncloud.test" WOPISERVER_DOMAIN= # JWT secret which is used for the documents to be request by the Wopi client from the cs3org Wopi server. Must be change in order to have a secure Wopi server. Defaults to "LoremIpsum567" @@ -100,9 +100,18 @@ See also [example server setup]({{< ref "preparing_server" >}}) COLLABORA_DOMAIN= # Admin user for Collabora. Defaults to blank, provide one to enable access COLLABORA_ADMIN_USER= - # Admin password for COllabora. Defaults to blank, provide one to enable access + # Admin password for Collabora. Defaults to blank, provide one to enable access COLLABORA_ADMIN_PASSWORD= + ### OnlyOffice settings ### + # Domain of OnlyOffice, where you can find the frontend. Defaults to "onlyoffice.owncloud.test" + ONLYOFFICE_DOMAIN= + + ### CodiMD settings ### + # Domain of Collabora, where you can find the frontend. Defaults to "codimd.owncloud.test" + CODIMD_DOMAIN= + # Secret which is used for the communication with the WOPI server. Must be changed in order to have a secure CodiMD. Defaults to "LoremIpsum456" + CODIMD_SECRET= ``` You are installing oCIS on a server and Traefik will obtain valid certificates for you so please remove `INSECURE=true` or set it to `false`. @@ -119,18 +128,20 @@ See also [example server setup]({{< ref "preparing_server" >}}) You also must override three default secrets in `IDP_LDAP_BIND_PASSWORD`, `STORAGE_LDAP_BIND_PASSWORD` and `OCIS_JWT_SECRET` in order to secure your oCIS instance. Choose some random strings eg. from the output of `openssl rand -base64 32`. For more information see [secure an oCIS instance]({{< ref "./#secure-an-ocis-instance" >}}). - By default the oCIS WOPI server extension will be started in the `latest` version. If you want to start a specific version of oCIS WOPI server set the version to `OCIS_WOPISERVER_DOCKER_TAG=`. Available versions can be found on [Docker Hub](https://hub.docker.com/r/owncloud/ocis-wopiserver/tags?page=1&ordering=last_updated). + By default the CS3Org WOPI server will also be started in the `latest` version. If you want to start a specific version of it, you can set the version to `WOPISERVER_DOCKER_TAG=`. Available versions can be found on [Docker Hub](https://hub.docker.com/r/cs3org/wopiserver/tags?page=1&ordering=last_updated). - By default the CS3Org WOPI server will also be started in the `latest` version. If you want to start a specific version of it, you can set the version to `CS3ORG_WOPISERVER_DOCKER_TAG=`. Available versions can be found on [Docker Hub](https://hub.docker.com/r/cs3org/wopiserver/tags?page=1&ordering=last_updated). - - Set your domain for the CS3Org WOPI server in `WOPISERVER_DOMAIN=`, where Collabora can download the files. + Set your domain for the CS3Org WOPI server in `WOPISERVER_DOMAIN=`, where all office suites can download the files via the WOPI protocol. You also must override the default WOPI JWT secret and the WOPI IOP secret, in order to have a secure setup. Do this by setting `WOPI_JWT_SECRET` and `WOPI_IOP_SECRET` to a long and random string. - Now it's time to set up Collabora and you need to configure the Domain of Collabora in `COLLABORA_DOMAIN=`. + Now it's time to set up Collabora and you need to configure the domain of Collabora in `COLLABORA_DOMAIN=`. If you want to use the Collabora admin panel you need to set user name and passwort for in `COLLABORA_ADMIN_USER=` and `COLLABORA_ADMIN_PASSWORD=`. + Next up is OnlyOffice, which also needs a domain in `ONLYOFFICE_DOMAIN=`. + + The last configuration options are for CodiMD, which needs a domain in `CODIMD_DOMAIN=` and a random secret in `CODIMD_SECRET=`. + Now you have configured everything and can save the file. * Start the docker stack @@ -149,6 +160,8 @@ On Linux and macOS you can add them to your `/etc/hosts` files like this: 127.0.0.1 ocis.owncloud.test 127.0.0.1 traefik.owncloud.test 127.0.0.1 collabora.owncloud.test +127.0.0.1 onlyoffice.owncloud.test +127.0.0.1 codimd.owncloud.test 127.0.0.1 wopiserver.owncloud.test ``` @@ -156,6 +169,6 @@ After that you're ready to start the application stack: `docker-compose up -d` -Open https://collabora.owncloud.test and https://wopiserver.owncloud.test in your browser and accept the invalid certificate warning. +Open https://collabora.owncloud.test, https://onlyoffice.owncloud.test, https://codimd.owncloud.test and https://wopiserver.owncloud.test in your browser and accept the invalid certificate warning. Open https://ocis.owncloud.test in your browser and accept the invalid certificate warning. You are now able to open an office document in your browser. You may need to wait some minutes until all services are fully ready, so make sure that you try to reload the pages from time to time.