working on release 0.7.0

.env.sample

@@ -28,6 +28,8 @@ SECRET_MINIO_RU_VERSION=v1
 SECRET_POSTGRES_P_VERSION=v1
 # DJANGO_HOST_EMAIL_PASSWORD
 SECRET_EMAIL_PASS_VERSION=v1
+# COLLABORA_ADMIN_PASSWORD
+SECRET_COLLABORA_P_VERSION=v1
 
 ##############################################################################
 # EMAIL
@@ -66,6 +68,13 @@ LOGGING_LEVEL_HANDLERS_CONSOLE=INFO
 LOGGING_LEVEL_LOGGERS_ROOT=INFO
 LOGGING_LEVEL_LOGGERS_APP=INFO
 
+##############################################################################
+# COLLABORA ADMIN PANEL
+##############################################################################
+# Username for the Collabora admin panel (https://COLLABORA_DOMAIN/browser/dist/admin/admin.html)
+# Password is managed via Docker secret 'collabora_ap'
+#COLLABORA_ADMIN_USERNAME=admin
+
 ##############################################################################
 # WOPI SCHEDULING
 ##############################################################################

README.md

@@ -7,11 +7,11 @@
 * **Category**: Apps
 * **Status**: 2
 * **Image**: [`lasuite/drive`](https://hub.docker.com/r/lasuite/drive), 4, upstream
-* **Healthcheck**: No
-* **Backups**: No
-* **Email**: 3
+* **Healthcheck**: Yes
+* **Backups**: Yes
+* **Email**: Yes
 * **Tests**: No
-* **SSO**: 3
+* **SSO**: Yes
 
 <!-- endmetadata -->
 
@@ -69,7 +69,7 @@ OIDC_RP_CLIENT_ID=<yourkeycloakclientid>
 then redeploy drive:
 `abra app deploy <app-name> --force`
 
-at this point, when you go to your drive url, you shoud then be able to click "login" and login with the username and password for the user you created in keycloak.
+at this point, when you go to your drive url, you should then be able to click "login" and login with the username and password for the user you created in keycloak.
 
 you can make additional users in keycloak for this "client" and they will all be able to login to drive and collaborate. 
 

abra-entrypoint.sh

@@ -8,6 +8,7 @@ set -e
 [ -f /run/secrets/django_sp ] && export DJANGO_SUPERUSER_PASSWORD="$(cat /run/secrets/django_sp)"
 [ -f /run/secrets/oidc_rpcs ] && export OIDC_RP_CLIENT_SECRET="$(cat /run/secrets/oidc_rpcs)"
 [ -f /run/secrets/email_pass ] && export DJANGO_EMAIL_HOST_PASSWORD="$(cat /run/secrets/email_pass)"
+[ -f /run/secrets/collabora_p ] && export password="$(cat /run/secrets/collabora_p)"
 
 # if not in "env" mode, then execute the original entrypoint and command
 if [ ! "$1" = "-e" ]; then

abra.sh

@@ -1,6 +1,6 @@
 # Set any config versions here
 # Docs: https://docs.coopcloud.tech/maintainers/handbook/#manage-configs
-export ABRA_ENTRYPOINT_VERSION=v7
+export ABRA_ENTRYPOINT_VERSION=v10
 export NGINX_CONF_VERSION=v6
 export ONLYOFFICE_CONF_VERSION=v2
 export PG_BACKUP_VERSION=v3

compose.yml

@@ -207,8 +207,13 @@ services:
 
   redis:
     image: redis:8
+    healthcheck:
+      test: ["CMD", "redis-cli", "ping"]
+      interval: 10s
+      timeout: 5s
+      retries: 5
     networks:
-      - backend 
+      - backend
 
   mailcatcher:
     image: sj26/mailcatcher:v0.10.0
@@ -277,21 +282,27 @@ services:
         - "traefik.http.routers.${STACK_NAME}_minio.middlewares=${STACK_NAME}_minio-cors"
 
   collabora:
-    image: collabora/code:latest
-#    healthcheck:
-#      test: [ "CMD", "curl", "-f", "http://localhost:9980/hosting/discovery" ]
-#      interval: 30s
-#      retries: 5
-#      start_period: 60s
-#      timeout: 10s
+    image: collabora/code:25.04.9.1.1
+    entrypoint: ["/abra-entrypoint.sh", "/start-collabora-online.sh"]
+    healthcheck:
+      test: [ "CMD", "curl", "-f", "http://localhost:9980/hosting/discovery" ]
+      interval: 30s
+      retries: 5
+      start_period: 60s
+      timeout: 10s
     networks:
       - backend
       - proxy
     environment:
       - extra_params=--o:ssl.enable=false --o:ssl.termination=true
-      - username=drive
-      - password=password
+      - username=${COLLABORA_ADMIN_USERNAME:-admin}
       - server_name=${COLLABORA_DOMAIN}
+    configs:
+      - source: abra_entrypoint
+        target: /abra-entrypoint.sh
+        mode: 0555
+    secrets:
+      - collabora_p
     deploy:
       labels:
       - "traefik.enable=true"
@@ -311,12 +322,12 @@ services:
 
   onlyoffice:
     image: onlyoffice/documentserver-de:9.2
-#    healthcheck:
-#      test: [ "CMD", "curl", "-f", "http://localhost/hosting/discovery" ]
-#      interval: 30s
-#      retries: 5
-#      start_period: 60s
-#      timeout: 10s
+    healthcheck:
+      test: [ "CMD", "curl", "-f", "http://localhost/hosting/discovery" ]
+      interval: 30s
+      retries: 5
+      start_period: 60s
+      timeout: 10s
     environment:
       TZ: "Europe/Berlin"
       USE_UNAUTHORIZED_STORAGE: "true"
@@ -414,7 +425,10 @@ secrets:
     name: ${STACK_NAME}_minio_rp_${SECRET_MINIO_RP_VERSION}
   minio_ru:
     external: true
-    name: ${STACK_NAME}_minio_ru_${SECRET_MINIO_RP_VERSION}
+    name: ${STACK_NAME}_minio_ru_${SECRET_MINIO_RU_VERSION}
+  collabora_p:
+    external: true
+    name: ${STACK_NAME}_collabora_p_${SECRET_COLLABORA_P_VERSION}
   email_pass:
     external: true
     name: ${STACK_NAME}_email_pass_${SECRET_EMAIL_PASS_VERSION}

release/0.7.0+v0.12.0

@@ -0,0 +1,8 @@
+**Breaking change:** The Collabora admin panel password is now a secret (`collabora_p`).
+
+After upgrading, you must generate the new secret for collabora to work:
+
+```
+abra app secret insert <app-name> collabora_p v1 <your-password>
+```
+