From a513caf0e8eecf9451938b1e31c470417c62e79c Mon Sep 17 00:00:00 2001 From: Valentin Lab Date: Tue, 10 Oct 2023 17:04:07 +0200 Subject: [PATCH] new: [collabora] add charm --- collabora/README.org | 3 + collabora/hooks/init | 25 +++++++++ collabora/hooks/post_deploy | 55 +++++++++++++++++++ collabora/hooks/web_proxy-relation-joined | 29 ++++++++++ collabora/lib/common | 3 + collabora/metadata.yml | 67 +++++++++++++++++++++++ 6 files changed, 182 insertions(+) create mode 100644 collabora/README.org create mode 100755 collabora/hooks/init create mode 100755 collabora/hooks/post_deploy create mode 100755 collabora/hooks/web_proxy-relation-joined create mode 100644 collabora/lib/common create mode 100644 collabora/metadata.yml diff --git a/collabora/README.org b/collabora/README.org new file mode 100644 index 0000000..1d2cb91 --- /dev/null +++ b/collabora/README.org @@ -0,0 +1,3 @@ +# -*- ispell-local-dictionary: "english" -*- + + diff --git a/collabora/hooks/init b/collabora/hooks/init new file mode 100755 index 0000000..c866395 --- /dev/null +++ b/collabora/hooks/init @@ -0,0 +1,25 @@ +#!/bin/bash + +## Init is run on host +## For now it is run every time the script is launched, but +## it should be launched only once after build. + +## Accessible variables are: +## - SERVICE_NAME Name of current service +## - DOCKER_BASE_IMAGE Base image from which this service might be built if any +## - SERVICE_DATASTORE Location on host of the DATASTORE of this service +## - SERVICE_CONFIGSTORE Location on host of the CONFIGSTORE of this service + + +set -e + +version_gt() { test "$(printf '%s\n' "$@" | sort -V | head -n 1)" != "$1"; } + +## bug: https://github.com/adoptium/containers/issues/215#issuecomment-1142046045 +docker_version=$(docker info --format '{{.ServerVersion}}') +if ! version_gt "$docker_version" 20.10.0; then + err "Sorry, $SERVICE_NAME require docker version >= 20.10 (current: $docker_version)" + exit 1 +fi + + diff --git a/collabora/hooks/post_deploy b/collabora/hooks/post_deploy new file mode 100755 index 0000000..ec48080 --- /dev/null +++ b/collabora/hooks/post_deploy @@ -0,0 +1,55 @@ +#!/bin/bash + +set -e + + +# if ! nextcloud_domain=$(relation:get "$MASTER_TARGET_SERVICE_NAME":web-proxy domain) || [ -z "$nextcloud_domain" ]; then +# ## No domain, probably no web-proxy then. + +# container=$(get_running_containers_for_service "$MASTER_TARGET_SERVICE_NAME" | head -n 1) +# container_network_ip=$(get_docker_ip "$container") +# container_ip=${container_network_ip#*:} + +# nextcloud_domain="${container_ip}:80" +# fi + +if ! nextcloud_app_service=$(service:traverse "$MASTER_BASE_SERVICE_NAME":nextcloud-app); then + err "Couldn't find service for"\ + "${DARKYELLOW}$MASTER_BASE_SERVICE_NAME${NORMAL}--${DARKCYAN}nextcloud-app${NORMAL}--> ?" + exit 1 +fi + +if ! collabora_domain=$(relation:get "$MASTER_BASE_SERVICE_NAME":web-proxy url) || [ -z "$collabora_domain" ]; then + ## No domain, probably no web-proxy then. + + # container=$(get_running_containers_for_service "$MASTER_BASE_SERVICE_NAME" | head -n 1) + # container_network_ip=$(get_docker_ip "$container") + # container_ip=${container_network_ip#*:} + + collabora_domain="$SERVICE_NAME:9980" +fi + +info "collabora_domain: '$collabora_domain'" + +if ! get_healthy_container_ip_for_service "$SERVICE_NAME" 9980; then + exit 17 +fi + + +## XXXvlab: we really need to have a state based cache thingy, because +## setting the same password each time is really time consumming. +compose --no-relations --no-init \ + occ "$nextcloud_app_service" \ + app:install richdocuments \; \ + config:app:set --value="${collabora_domain}" richdocuments wopi_url \; \ + richdocuments:activate-config + + +# nextcloud_domain="${nextcloud_domain//./\\.}" + +# config-add "\ +# services: +# $MASTER_BASE_SERVICE_NAME: +# environment: +# domain: \"${nextcloud_domain}\" +# " diff --git a/collabora/hooks/web_proxy-relation-joined b/collabora/hooks/web_proxy-relation-joined new file mode 100755 index 0000000..07b25d4 --- /dev/null +++ b/collabora/hooks/web_proxy-relation-joined @@ -0,0 +1,29 @@ +#!/bin/bash + +set -e + +URL=$(relation-get url) || exit 1 +PROTO="${URL%%://*}" + +ssl_enable=true +case "$PROTO" in + http) + ssl_enable=false + ;; + https) + ssl_enable=true + ;; + *) + err "Invalid protocol '$PROTO'." + exit 1 + ;; +esac + + +config-add "\ +services: + $MASTER_BASE_SERVICE_NAME: + environment: + server_name: \"$URL\" + extra_params: \"--o:ssl.enable=false --o:ssl.termination=${ssl_enable} \" +" diff --git a/collabora/lib/common b/collabora/lib/common new file mode 100644 index 0000000..1558c9a --- /dev/null +++ b/collabora/lib/common @@ -0,0 +1,3 @@ +# -*- mode: shell-script -*- + + diff --git a/collabora/metadata.yml b/collabora/metadata.yml new file mode 100644 index 0000000..7af5a9d --- /dev/null +++ b/collabora/metadata.yml @@ -0,0 +1,67 @@ +# from: collabora/code:23.05.3.1.1 +docker-image: docker.0k.io/collabora:2305.3.1 + +docker-compose: + cap_add: + - MKNOD + + +uses: + nextcloud-app: + #constraint: required | recommended | optional + #auto: pair | summon | none ## default: pair + constraint: required + auto: pair + solves: + server: "document server" + + web-proxy: + #constraint: required | recommended | optional + #auto: pair | summon | none ## default: pair + constraint: required + auto: summon + solves: + proxy: "Public access" + default-options: + target: !var-expand ${MASTER_BASE_SERVICE_NAME}:9980 + apache-custom-rules: + - !var-expand | + # From: https://help.nextcloud.com/t/how-to-install-collabora-in-docker-with-nextcloud-23/133730 + # Encoded slashes need to be allowed + AllowEncodedSlashes NoDecode + + # Container uses a unique non-signed certificate + # SSLProxyEngine On + # SSLProxyVerify None + # SSLProxyCheckPeerCN Off + # SSLProxyCheckPeerName Off + + # keep the host + ProxyPreserveHost On + + # static html, js, images, etc. served from coolwsd + # browser is the client part of Collabora Online + ProxyPass /browser http://${MASTER_BASE_SERVICE_NAME}:9980/browser retry=0 + ProxyPassReverse /browser http://${MASTER_BASE_SERVICE_NAME}:9980/browser + + # WOPI discovery URL + ProxyPass /hosting/discovery http://${MASTER_BASE_SERVICE_NAME}:9980/hosting/discovery retry=0 + ProxyPassReverse /hosting/discovery http://${MASTER_BASE_SERVICE_NAME}:9980/hosting/discovery + + # Capabilities + ProxyPass /hosting/capabilities http://${MASTER_BASE_SERVICE_NAME}:9980/hosting/capabilities retry=0 + ProxyPassReverse /hosting/capabilities http://${MASTER_BASE_SERVICE_NAME}:9980/hosting/capabilities + + # Main websocket + ProxyPassMatch "/cool/(.*)/ws$" ws://${MASTER_BASE_SERVICE_NAME}:9980/cool/\$1/ws nocanon + + # Admin Console websocket + ProxyPass /cool/adminws ws://${MASTER_BASE_SERVICE_NAME}:9980/cool/adminws + + # Download as, Fullscreen presentation and Image upload operations + ProxyPass /cool http://${MASTER_BASE_SERVICE_NAME}:9980/cool + ProxyPassReverse /cool http://${MASTER_BASE_SERVICE_NAME}:9980/cool + + # Compatibility with integrations that use the /lool/convert-to endpoint + ProxyPass /lool http://${MASTER_BASE_SERVICE_NAME}:9980/cool + ProxyPassReverse /lool http://${MASTER_BASE_SERVICE_NAME}:9980/cool