Compare commits
17 Commits
0.5.0+v0.1
...
main
| Author | SHA1 | Date | |
|---|---|---|---|
| f4135d7820 | |||
| 016728f970 | |||
| 9c4a1f823c | |||
| 0411553e36 | |||
| 7146f3e8be | |||
| 306914f9d8 | |||
| c408893d5f | |||
| 196d20a92e | |||
| 8ec47fa554 | |||
| e6ebe275a3 | |||
| 415bb3d9a9 | |||
| 7bc5a4bcca | |||
| d838d62103 | |||
| af25d3acc0 | |||
| 223a242f70 | |||
| 6ac2a5c838 | |||
| 3a9e85a114 |
15
.env.sample
15
.env.sample
@ -28,6 +28,8 @@ SECRET_MINIO_RU_VERSION=v1
|
||||
SECRET_POSTGRES_P_VERSION=v1
|
||||
# DJANGO_HOST_EMAIL_PASSWORD
|
||||
SECRET_EMAIL_PASS_VERSION=v1
|
||||
# COLLABORA_ADMIN_PASSWORD
|
||||
SECRET_COLLABORA_P_VERSION=v1
|
||||
|
||||
##############################################################################
|
||||
# EMAIL
|
||||
@ -66,6 +68,19 @@ LOGGING_LEVEL_HANDLERS_CONSOLE=INFO
|
||||
LOGGING_LEVEL_LOGGERS_ROOT=INFO
|
||||
LOGGING_LEVEL_LOGGERS_APP=INFO
|
||||
|
||||
##############################################################################
|
||||
# COLLABORA ADMIN PANEL
|
||||
##############################################################################
|
||||
# Username for the Collabora admin panel (https://COLLABORA_DOMAIN/browser/dist/admin/admin.html)
|
||||
# Password is managed via Docker secret 'collabora_p'
|
||||
#COLLABORA_ADMIN_USERNAME=admin
|
||||
|
||||
##############################################################################
|
||||
# BACKUPS
|
||||
##############################################################################
|
||||
# Set to false to disable backup-bot labels (default: true)
|
||||
#ENABLE_BACKUPS=true
|
||||
|
||||
##############################################################################
|
||||
# WOPI SCHEDULING
|
||||
##############################################################################
|
||||
|
||||
10
README.md
10
README.md
@ -7,11 +7,11 @@
|
||||
* **Category**: Apps
|
||||
* **Status**: 2
|
||||
* **Image**: [`lasuite/drive`](https://hub.docker.com/r/lasuite/drive), 4, upstream
|
||||
* **Healthcheck**: No
|
||||
* **Backups**: No
|
||||
* **Email**: 3
|
||||
* **Healthcheck**: Yes
|
||||
* **Backups**: Yes
|
||||
* **Email**: Yes
|
||||
* **Tests**: No
|
||||
* **SSO**: 3
|
||||
* **SSO**: Yes
|
||||
|
||||
<!-- endmetadata -->
|
||||
|
||||
@ -69,7 +69,7 @@ OIDC_RP_CLIENT_ID=<yourkeycloakclientid>
|
||||
then redeploy drive:
|
||||
`abra app deploy <app-name> --force`
|
||||
|
||||
at this point, when you go to your drive url, you shoud then be able to click "login" and login with the username and password for the user you created in keycloak.
|
||||
at this point, when you go to your drive url, you should then be able to click "login" and login with the username and password for the user you created in keycloak.
|
||||
|
||||
you can make additional users in keycloak for this "client" and they will all be able to login to drive and collaborate.
|
||||
|
||||
|
||||
@ -11,5 +11,12 @@ set -e
|
||||
|
||||
# if not in "env" mode, then execute the original entrypoint and command
|
||||
if [ ! "$1" = "-e" ]; then
|
||||
# Run WOPI configuration on startup if enabled (celery worker service only).
|
||||
# This ensures WOPI clients are configured immediately after each deploy,
|
||||
# rather than waiting for the next celery-beat cron tick (default: 3 AM).
|
||||
if [ "${RUN_WOPI_ON_STARTUP:-}" = "true" ]; then
|
||||
echo "🐳(entrypoint) running WOPI configuration on startup..."
|
||||
python manage.py trigger_wopi_configuration || echo "⚠ WOPI configuration failed (non-fatal, will retry on schedule)"
|
||||
fi
|
||||
exec "$@"
|
||||
fi
|
||||
4
abra.sh
4
abra.sh
@ -1,9 +1,9 @@
|
||||
# Set any config versions here
|
||||
# Docs: https://docs.coopcloud.tech/maintainers/handbook/#manage-configs
|
||||
export ABRA_ENTRYPOINT_VERSION=v5
|
||||
export ABRA_ENTRYPOINT_VERSION=v11
|
||||
export NGINX_CONF_VERSION=v6
|
||||
export ONLYOFFICE_CONF_VERSION=v2
|
||||
export PG_BACKUP_VERSION=v3
|
||||
export PG_BACKUP_VERSION=v4
|
||||
|
||||
environment() {
|
||||
# this exports all the secrets as environment variables
|
||||
|
||||
68
compose.yml
68
compose.yml
@ -27,6 +27,9 @@ x-common-env: &common-env
|
||||
DJANGO_EMAIL_USE_SSL:
|
||||
DJANGO_EMAIL_USE_TLS:
|
||||
DJANGO_EMAIL_FROM:
|
||||
DJANGO_EMAIL_URL_APP:
|
||||
DJANGO_CSRF_TRUSTED_ORIGINS:
|
||||
DATA_UPLOAD_MAX_MEMORY_SIZE:
|
||||
# Backend url
|
||||
DRIVE_BASE_URL: "https://${DOMAIN}"
|
||||
# Media
|
||||
@ -92,14 +95,14 @@ services:
|
||||
|
||||
app:
|
||||
user: "${DOCKER_USER:-1000}"
|
||||
image: lasuite/drive-frontend:v0.12.0
|
||||
image: lasuite/drive-frontend:v0.18.0
|
||||
networks:
|
||||
- backend
|
||||
deploy:
|
||||
labels:
|
||||
- "traefik.enable=false"
|
||||
- "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT:-120}"
|
||||
- "coop-cloud.${STACK_NAME}.version=0.5.0+v0.12.0"
|
||||
- "coop-cloud.${STACK_NAME}.version=0.8.0+v0.18.0"
|
||||
environment:
|
||||
<<: [ *common-env ]
|
||||
healthcheck:
|
||||
@ -113,7 +116,7 @@ services:
|
||||
|
||||
backend:
|
||||
user: ${DOCKER_USER:-1000}
|
||||
image: lasuite/drive-backend:v0.12.0
|
||||
image: lasuite/drive-backend:v0.18.0
|
||||
command: [ "gunicorn", "-c", "/usr/local/etc/gunicorn/drive.py", "drive.wsgi:application" ]
|
||||
entrypoint: [ "/abra-entrypoint.sh", "/usr/local/bin/entrypoint" ]
|
||||
environment:
|
||||
@ -137,13 +140,14 @@ services:
|
||||
|
||||
celery:
|
||||
user: ${DOCKER_USER:-1000}
|
||||
image: lasuite/drive-backend:v0.12.0
|
||||
image: lasuite/drive-backend:v0.18.0
|
||||
networks:
|
||||
- backend
|
||||
command: [ "celery", "-A", "drive.celery_app", "worker", "-l", "INFO" ]
|
||||
entrypoint: ["/abra-entrypoint.sh", "/usr/local/bin/entrypoint"]
|
||||
environment:
|
||||
<<: [*common-env, *postgres-env]
|
||||
RUN_WOPI_ON_STARTUP: "true"
|
||||
configs:
|
||||
- source: abra_entrypoint
|
||||
target: /abra-entrypoint.sh
|
||||
@ -158,7 +162,7 @@ services:
|
||||
|
||||
celery-beat:
|
||||
user: ${DOCKER_USER:-1000}
|
||||
image: lasuite/drive-backend:v0.12.0
|
||||
image: lasuite/drive-backend:v0.18.0
|
||||
networks:
|
||||
- backend
|
||||
command: [ "celery", "-A", "drive.celery_app", "beat", "-l", "INFO", "--schedule", "/tmp/celerybeat-schedule" ]
|
||||
@ -205,9 +209,14 @@ services:
|
||||
- postgres_p
|
||||
|
||||
redis:
|
||||
image: redis:8
|
||||
image: redis:8.6.3
|
||||
healthcheck:
|
||||
test: ["CMD", "redis-cli", "ping"]
|
||||
interval: 10s
|
||||
timeout: 5s
|
||||
retries: 5
|
||||
networks:
|
||||
- backend
|
||||
- backend
|
||||
|
||||
mailcatcher:
|
||||
image: sj26/mailcatcher:v0.10.0
|
||||
@ -274,23 +283,29 @@ services:
|
||||
- "traefik.http.middlewares.${STACK_NAME}_minio-cors.headers.accessControlMaxAge=600"
|
||||
- "traefik.http.middlewares.${STACK_NAME}_minio-cors.headers.addVaryHeader=true"
|
||||
- "traefik.http.routers.${STACK_NAME}_minio.middlewares=${STACK_NAME}_minio-cors"
|
||||
- "backupbot.backup=${ENABLE_BACKUPS:-true}"
|
||||
|
||||
collabora:
|
||||
image: collabora/code:latest
|
||||
# healthcheck:
|
||||
# test: [ "CMD", "curl", "-f", "http://localhost:9980/hosting/discovery" ]
|
||||
# interval: 30s
|
||||
# retries: 5
|
||||
# start_period: 60s
|
||||
# timeout: 10s
|
||||
image: collabora/code:25.04.9.4.1
|
||||
entrypoint: >
|
||||
sh -c "
|
||||
export password=\"$$(cat /run/secrets/collabora_p)\" &&
|
||||
exec /start-collabora-online.sh"
|
||||
healthcheck:
|
||||
test: [ "CMD", "curl", "-f", "http://localhost:9980/hosting/discovery" ]
|
||||
interval: 30s
|
||||
retries: 5
|
||||
start_period: 60s
|
||||
timeout: 10s
|
||||
networks:
|
||||
- backend
|
||||
- proxy
|
||||
environment:
|
||||
- extra_params=--o:ssl.enable=false --o:ssl.termination=true
|
||||
- username=drive
|
||||
- password=password
|
||||
- username=${COLLABORA_ADMIN_USERNAME:-admin}
|
||||
- server_name=${COLLABORA_DOMAIN}
|
||||
secrets:
|
||||
- collabora_p
|
||||
deploy:
|
||||
labels:
|
||||
- "traefik.enable=true"
|
||||
@ -309,13 +324,13 @@ services:
|
||||
- "traefik.http.routers.${STACK_NAME}_collabora.middlewares=${STACK_NAME}_collabora-cors"
|
||||
|
||||
onlyoffice:
|
||||
image: onlyoffice/documentserver-de:9.2
|
||||
# healthcheck:
|
||||
# test: [ "CMD", "curl", "-f", "http://localhost/hosting/discovery" ]
|
||||
# interval: 30s
|
||||
# retries: 5
|
||||
# start_period: 60s
|
||||
# timeout: 10s
|
||||
image: onlyoffice/documentserver-de:9.3.1.2
|
||||
healthcheck:
|
||||
test: [ "CMD", "curl", "-f", "http://localhost/hosting/discovery" ]
|
||||
interval: 30s
|
||||
retries: 5
|
||||
start_period: 60s
|
||||
timeout: 10s
|
||||
environment:
|
||||
TZ: "Europe/Berlin"
|
||||
USE_UNAUTHORIZED_STORAGE: "true"
|
||||
@ -348,7 +363,7 @@ services:
|
||||
|
||||
|
||||
web:
|
||||
image: nginx:1.29
|
||||
image: nginx:1.30.0
|
||||
configs:
|
||||
- source: nginx_conf
|
||||
target: /etc/nginx/conf.d/default.conf
|
||||
@ -413,7 +428,10 @@ secrets:
|
||||
name: ${STACK_NAME}_minio_rp_${SECRET_MINIO_RP_VERSION}
|
||||
minio_ru:
|
||||
external: true
|
||||
name: ${STACK_NAME}_minio_ru_${SECRET_MINIO_RP_VERSION}
|
||||
name: ${STACK_NAME}_minio_ru_${SECRET_MINIO_RU_VERSION}
|
||||
collabora_p:
|
||||
external: true
|
||||
name: ${STACK_NAME}_collabora_p_${SECRET_COLLABORA_P_VERSION}
|
||||
email_pass:
|
||||
external: true
|
||||
name: ${STACK_NAME}_email_pass_${SECRET_EMAIL_PASS_VERSION}
|
||||
@ -10,7 +10,7 @@ function backup {
|
||||
}
|
||||
|
||||
function restore {
|
||||
cd /var/lib/postgresql/data/
|
||||
cd /var/lib/postgresql/data/pgdata
|
||||
restore_config(){
|
||||
# Restore allowed connections
|
||||
cat pg_hba.conf.bak > pg_hba.conf
|
||||
|
||||
9
release/0.7.0+v0.12.0
Normal file
9
release/0.7.0+v0.12.0
Normal file
@ -0,0 +1,9 @@
|
||||
**Breaking change:** The Collabora admin panel password is now a secret (`collabora_p`).
|
||||
|
||||
After upgrading, you must generate the new secret for collabora to work:
|
||||
|
||||
```
|
||||
abra app secret generate <app-domain> collabora_p v1
|
||||
abra app config <app-domain> # set SECRET_COLLABORA_P_VERSION=v1
|
||||
```
|
||||
|
||||
Reference in New Issue
Block a user