fix release note: consistent placeholder

Reviewed-on: https://git.coopcloud.tech/coop-cloud/lasuite-drive/pulls/3

.env.sample

@@ -28,6 +28,8 @@ SECRET_MINIO_RU_VERSION=v1
 SECRET_POSTGRES_P_VERSION=v1
 # DJANGO_HOST_EMAIL_PASSWORD
 SECRET_EMAIL_PASS_VERSION=v1
+# COLLABORA_ADMIN_PASSWORD
+SECRET_COLLABORA_P_VERSION=v1
 
 ##############################################################################
 # EMAIL
@@ -65,3 +67,19 @@ OIDC_AUTH_REQUEST_EXTRA_PARAMS='{"acr_values": "eidas1"}'
 LOGGING_LEVEL_HANDLERS_CONSOLE=INFO
 LOGGING_LEVEL_LOGGERS_ROOT=INFO
 LOGGING_LEVEL_LOGGERS_APP=INFO
+
+##############################################################################
+# COLLABORA ADMIN PANEL
+##############################################################################
+# Username for the Collabora admin panel (https://COLLABORA_DOMAIN/browser/dist/admin/admin.html)
+# Password is managed via Docker secret 'collabora_p'
+#COLLABORA_ADMIN_USERNAME=admin
+
+##############################################################################
+# WOPI SCHEDULING
+##############################################################################
+# Celery Beat crontab for the WOPI configuration task (default: daily at 3:00 AM)
+#WOPI_CONFIGURATION_CRONTAB_MINUTE=0
+#WOPI_CONFIGURATION_CRONTAB_HOUR=3
+#WOPI_CONFIGURATION_CRONTAB_DAY_OF_MONTH=*
+#WOPI_CONFIGURATION_CRONTAB_MONTH_OF_YEAR=*

README.md

@@ -7,11 +7,11 @@
 * **Category**: Apps
 * **Status**: 2
 * **Image**: [`lasuite/drive`](https://hub.docker.com/r/lasuite/drive), 4, upstream
-* **Healthcheck**: No
-* **Backups**: No
-* **Email**: 3
+* **Healthcheck**: Yes
+* **Backups**: Yes
+* **Email**: Yes
 * **Tests**: No
-* **SSO**: 3
+* **SSO**: Yes
 
 <!-- endmetadata -->
 
@@ -69,7 +69,7 @@ OIDC_RP_CLIENT_ID=<yourkeycloakclientid>
 then redeploy drive:
 `abra app deploy <app-name> --force`
 
-at this point, when you go to your drive url, you shoud then be able to click "login" and login with the username and password for the user you created in keycloak.
+at this point, when you go to your drive url, you should then be able to click "login" and login with the username and password for the user you created in keycloak.
 
 you can make additional users in keycloak for this "client" and they will all be able to login to drive and collaborate. 
 

abra-entrypoint.sh

@@ -11,5 +11,12 @@ set -e
 
 # if not in "env" mode, then execute the original entrypoint and command
 if [ ! "$1" = "-e" ]; then
+  # Run WOPI configuration on startup if enabled (celery worker service only).
+  # This ensures WOPI clients are configured immediately after each deploy,
+  # rather than waiting for the next celery-beat cron tick (default: 3 AM).
+  if [ "${RUN_WOPI_ON_STARTUP:-}" = "true" ]; then
+    echo "🐳(entrypoint) running WOPI configuration on startup..."
+    python manage.py trigger_wopi_configuration || echo "⚠ WOPI configuration failed (non-fatal, will retry on schedule)"
+  fi
   exec "$@"
 fi

abra.sh

@@ -1,10 +1,9 @@
 # Set any config versions here
 # Docs: https://docs.coopcloud.tech/maintainers/handbook/#manage-configs
-export ABRA_ENTRYPOINT_VERSION=v5
+export ABRA_ENTRYPOINT_VERSION=v11
 export NGINX_CONF_VERSION=v6
 export ONLYOFFICE_CONF_VERSION=v2
 export PG_BACKUP_VERSION=v3
-export SCHEDULE_WOPI_VERSION=v1
 
 environment() {
   # this exports all the secrets as environment variables

compose.yml

@@ -66,6 +66,11 @@ x-common-env: &common-env
   WOPI_COLLABORA_DISCOVERY_URL: "https://${COLLABORA_DOMAIN}/hosting/discovery"
   WOPI_ONLYOFFICE_DISCOVERY_URL: "https://${ONLY_OFFICE_DOMAIN}/hosting/discovery"
   WOPI_SRC_BASE_URL: "https://${DOMAIN}"
+  # WOPI scheduling (Celery Beat crontab for WOPI configuration task)
+  WOPI_CONFIGURATION_CRONTAB_MINUTE: ${WOPI_CONFIGURATION_CRONTAB_MINUTE:-0}
+  WOPI_CONFIGURATION_CRONTAB_HOUR: ${WOPI_CONFIGURATION_CRONTAB_HOUR:-3}
+  WOPI_CONFIGURATION_CRONTAB_DAY_OF_MONTH: ${WOPI_CONFIGURATION_CRONTAB_DAY_OF_MONTH:-*}
+  WOPI_CONFIGURATION_CRONTAB_MONTH_OF_YEAR: ${WOPI_CONFIGURATION_CRONTAB_MONTH_OF_YEAR:-*}
 
 x-postgres-env: &postgres-env
   # Postgresql db container configuration
@@ -94,7 +99,7 @@ services:
       labels:
         - "traefik.enable=false"
         - "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT:-120}"
-        - "coop-cloud.${STACK_NAME}.version=0.4.0+v0.12.0"
+        - "coop-cloud.${STACK_NAME}.version=0.7.0+v0.12.0"
     environment:
       <<: [ *common-env ]
     healthcheck:
@@ -130,26 +135,20 @@ services:
       - postgres_p
       - email_pass
 
-  # this may be unecessary once the PR is merged to use celery beat
-  # but this is a workaround for now https://github.com/suitenumerique/drive/issues/484
-  scheduler:
-    image: lasuite/drive-backend:v0.12.0
+  celery:
     user: ${DOCKER_USER:-1000}
+    image: lasuite/drive-backend:v0.12.0
     networks:
       - backend
-    depends_on:
-      - db
-      - redis
+    command: [ "celery", "-A", "drive.celery_app", "worker", "-l", "INFO" ]
+    entrypoint: ["/abra-entrypoint.sh", "/usr/local/bin/entrypoint"]
     environment:
-      <<: [ *common-env, *postgres-env ]
+      <<: [*common-env, *postgres-env]
+      RUN_WOPI_ON_STARTUP: "true"
     configs:
-      - source: schedule_wopi
-        target: /app/schedule_wopi.sh
-        mode: 0755
       - source: abra_entrypoint
         target: /abra-entrypoint.sh
         mode: 0555
-    entrypoint: ["/app/schedule_wopi.sh"]
     secrets:
       - django_sk
       - django_sp
@@ -158,12 +157,12 @@ services:
       - postgres_p
       - email_pass
 
-  celery:
+  celery-beat:
     user: ${DOCKER_USER:-1000}
     image: lasuite/drive-backend:v0.12.0
     networks:
       - backend
-    command: [ "celery", "-A", "drive.celery_app", "worker", "-l", "INFO" ]
+    command: [ "celery", "-A", "drive.celery_app", "beat", "-l", "INFO", "--schedule", "/tmp/celerybeat-schedule" ]
     entrypoint: ["/abra-entrypoint.sh", "/usr/local/bin/entrypoint"]
     environment:
       <<: [*common-env, *postgres-env]
@@ -208,8 +207,13 @@ services:
 
   redis:
     image: redis:8
+    healthcheck:
+      test: ["CMD", "redis-cli", "ping"]
+      interval: 10s
+      timeout: 5s
+      retries: 5
     networks:
-      - backend 
+      - backend
 
   mailcatcher:
     image: sj26/mailcatcher:v0.10.0
@@ -278,21 +282,26 @@ services:
         - "traefik.http.routers.${STACK_NAME}_minio.middlewares=${STACK_NAME}_minio-cors"
 
   collabora:
-    image: collabora/code:latest
-#    healthcheck:
-#      test: [ "CMD", "curl", "-f", "http://localhost:9980/hosting/discovery" ]
-#      interval: 30s
-#      retries: 5
-#      start_period: 60s
-#      timeout: 10s
+    image: collabora/code:25.04.9.1.1
+    entrypoint: >
+      sh -c "
+      export password=\"$$(cat /run/secrets/collabora_p)\" &&
+      exec /start-collabora-online.sh"
+    healthcheck:
+      test: [ "CMD", "curl", "-f", "http://localhost:9980/hosting/discovery" ]
+      interval: 30s
+      retries: 5
+      start_period: 60s
+      timeout: 10s
     networks:
       - backend
       - proxy
     environment:
       - extra_params=--o:ssl.enable=false --o:ssl.termination=true
-      - username=drive
-      - password=password
+      - username=${COLLABORA_ADMIN_USERNAME:-admin}
       - server_name=${COLLABORA_DOMAIN}
+    secrets:
+      - collabora_p
     deploy:
       labels:
       - "traefik.enable=true"
@@ -312,12 +321,12 @@ services:
 
   onlyoffice:
     image: onlyoffice/documentserver-de:9.2
-#    healthcheck:
-#      test: [ "CMD", "curl", "-f", "http://localhost/hosting/discovery" ]
-#      interval: 30s
-#      retries: 5
-#      start_period: 60s
-#      timeout: 10s
+    healthcheck:
+      test: [ "CMD", "curl", "-f", "http://localhost/hosting/discovery" ]
+      interval: 30s
+      retries: 5
+      start_period: 60s
+      timeout: 10s
     environment:
       TZ: "Europe/Berlin"
       USE_UNAUTHORIZED_STORAGE: "true"
@@ -389,10 +398,6 @@ configs:
   pg_backup:
     name: ${STACK_NAME}_pg_backup_${PG_BACKUP_VERSION}
     file: pg_backup.sh
-  schedule_wopi:
-    name: ${STACK_NAME}_schedule_wopi_${SCHEDULE_WOPI_VERSION}
-    file: schedule_wopi.sh
-    template_driver: golang
   abra_entrypoint:
     name: ${STACK_NAME}_entrypoint_${ABRA_ENTRYPOINT_VERSION}
     file: abra-entrypoint.sh
@@ -419,7 +424,10 @@ secrets:
     name: ${STACK_NAME}_minio_rp_${SECRET_MINIO_RP_VERSION}
   minio_ru:
     external: true
-    name: ${STACK_NAME}_minio_ru_${SECRET_MINIO_RP_VERSION}
+    name: ${STACK_NAME}_minio_ru_${SECRET_MINIO_RU_VERSION}
+  collabora_p:
+    external: true
+    name: ${STACK_NAME}_collabora_p_${SECRET_COLLABORA_P_VERSION}
   email_pass:
     external: true
     name: ${STACK_NAME}_email_pass_${SECRET_EMAIL_PASS_VERSION}

release/0.7.0+v0.12.0

@@ -0,0 +1,9 @@
+**Breaking change:** The Collabora admin panel password is now a secret (`collabora_p`).
+
+After upgrading, you must generate the new secret for collabora to work:
+
+```
+abra app secret generate <app-domain> collabora_p v1
+abra app config <app-domain>  # set SECRET_COLLABORA_P_VERSION=v1
+```
+

schedule_wopi.sh

@@ -1,13 +0,0 @@
-#!/bin/sh
-set -e
-
-while true; do
-    echo "Running WOPI job at $(date)"
-    # source env
-    . /abra-entrypoint.sh -e
-    # run python command
-    python manage.py trigger_wopi_configuration
-    echo "++ completed wopi trigger. now sleeping."
-    # wait before next run
-    sleep 1800  # 1800 seconds = 30 minutes
-done