Ditching using NGINX and added Collabora

templates/Nextcloud/0/README.md

@@ -2,6 +2,18 @@
 
 ## First Run Setup
 
+### Add Configuration For NGINX
+
+nginx.conf and mime.types to be put in the Configuration/NGINX directory.
+
+Included nginx.conf has only a few minor tweaks from the one located here:
+
+https://docs.nextcloud.com/server/stable/admin_manual/installation/nginx.html#nextcloud-in-the-webroot-of-nginx
+
+??? Template 1.conf is WITHOUT Collabora
+
+??? Template 2.conf is WITH Collabora
+
 ### Add Your Domain as a Trusted Domain
 
 [Official Documentation](https://docs.nextcloud.com/server/latest/admin_manual/installation/installation_wizard.html#trusted-domains)

templates/Nextcloud/0/docker-compose.yml

@@ -1,43 +1,57 @@
 version: '2'
 
 services:
+  {{- if eq .Values.COLLABORA "true"}}
+  collabora:
+    image: collabora/code:latest
+    cap_add:
+      - MKNOD # Ability to create special files (https://docs.docker.com/engine/reference/run/#runtime-privilege-and-linux-capabilities)
+    dns: # Using Cloudflare DNS
+      - 1.1.1.1
+      - 1.0.0.1
+    environment:
+      domain: collabora.${TRAEFIK_HOST}
+    expose:
+      - "9980"
+    labels:
+      io.rancher.container.pull_image: always
+      {{- if .Values.HOST_LABEL}}
+      io.rancher.scheduler.affinity:host_label: ${HOST_LABEL}
+      {{- end}}
+      traefik.enable: true
+      ### Start Web Segment
+      traefik.frontend.entryPoints: http,https
+      traefik.frontend.headers.forceSTSHeader: true
+      traefik.frontend.headers.referrerPolicy: no-referrer # Security enhancement (Prevents leaking of referer information)
+      traefik.frontend.headers.SSLRedirect: true
+      traefik.frontend.headers.STSPreload: true
+      traefik.frontend.headers.STSSeconds: 15552000
+      traefik.frontend.rule: Host:collabora.${TRAEFIK_HOST}
+      traefik.port: "9980"
+      ### End Web Segment
+    networks:
+      - public-proxy
+    restart: on-failure
+  {{- end}}
   nextcloud:
-    image: nextcloud:fpm-alpine
+    image: nextcloud:stable-apache
     dns: # Using Cloudflare DNS
       - 1.1.1.1
       - 1.0.0.1
     environment:
       MYSQL_HOST: mysql
-      MYSQL_DATABASE: nextcloud
+      MYSQL_DATABASE: nextcloud_db
       MYSQL_USER: nextcloud_user
       MYSQL_PASSWORD: ${DB_USER_PASS}
       NEXTCLOUD_ADMIN_USER: ${NC_ADMIN}
       NEXTCLOUD_ADMIN_PASSWORD: ${NC_ADMIN_PASS}
     expose:
       - "80"
-      - "9000"
     labels:
       io.rancher.container.pull_image: always
       {{- if .Values.HOST_LABEL}}
       io.rancher.scheduler.affinity:host_label: ${HOST_LABEL}
       {{- end}}
-    networks:
-      - public-proxy
-    restart: on-failure
-    volumes_from:
-      - nginx
-  nginx:
-    image: nginx:latest # Can't use ":alpine" until I have a way to get the "www-data" user added automatically. (Project for another time)
-    dns: # Using Cloudflare DNS
-      - 1.1.1.1
-      - 1.0.0.1
-    labels:
-      io.rancher.container.pull_image: always
-      {{- if .Values.HOST_LABEL}}
-      io.rancher.scheduler.affinity:host_label: ${HOST_LABEL}
-      {{- end}}
-      io.rancher.sidekicks: nextcloud
-      {{- if .Values.TRAEFIK_HOST}}
       traefik.enable: true
       ### Start Web Segment
       traefik.frontend.entryPoints: http,https
@@ -49,12 +63,11 @@ services:
       traefik.frontend.rule: Host:${TRAEFIK_HOST}
       traefik.port: "80"
       ### End Web Segment
-      {{- else}}
-      traefik.enable: false
-      {{- end}}
     links:
+      {{- if eq .Values.COLLABORA "true"}}
+      - collabora
+      {{- end}}
       - mysql
-      - nextcloud
       {{- if eq .Values.REDIS "true"}}
       - redis
       {{- end}}
@@ -68,18 +81,17 @@ services:
     volumes:
       - /etc/localtime:/etc/localtime:ro # Syncronize time of container with the host system
       - /etc/timezone:/etc/timezone:ro # Syncronize timezone of container with the host system
-      - /RancherCattle/${DATA_DIR}/Configuration/Nextcloud:/var/www/html/config # Nextcloud configuration files
-      - /RancherCattle/${DATA_DIR}/Configuration/NGINX:/etc/nginx # NGINX configuration files
+      - /RancherCattle/${DATA_DIR}/Configuration:/var/www/html/config # Nextcloud configuration files
       - /RancherCattle/${DATA_DIR}/Apps:/var/www/html/custom_apps # Nextcloud apps
       - /RancherCattle/${DATA_DIR}/Nextcloud:/var/www/html # Nextcloud site
       - /RancherCattle/${DATA_DIR}/UserData:/var/www/html/data # Users' data file
   mysql:
-    image: mysql:5
+    image: mysql:latest
     dns: # Using Cloudflare DNS
       - 1.1.1.1
       - 1.0.0.1
     environment:
-      MYSQL_DATABASE: nextcloud # Will rename this to "nextcloud_db" in the future.
+      MYSQL_DATABASE: nextcloud_db
       MYSQL_ROOT_PASSWORD: ${DB_ROOT_PASS}
       MYSQL_USER: nextcloud_user
       MYSQL_PASSWORD: ${DB_USER_PASS}
@@ -115,6 +127,6 @@ services:
 
 networks:
   db-admin: 
-    external: true # Created by phpMyAdmin stack
+    external: true # Created by Adminer or phpMyAdmin stack
   public-proxy:
     external: true # Created by Traefik stack

templates/Nextcloud/0/rancher-compose.yml

@@ -66,10 +66,18 @@ catalog:
       required: true
       type: password
 
+    - variable: "COLLABORA"
+      label: "Enable Collabora"
+      description: |
+        Add a Collabora container for office document editing and live collaboration. Additional setup required, see README.
+      default: true
+      required: true
+      type: boolean
+
     - variable: "REDIS"
       label: "Enable Redis"
       description: |
-        Add a Redis container for memory caching. Must be setup manually.
+        Add a Redis container for memory caching. Additional setup required, see README.
       default: true
       required: true
       type: boolean
@@ -78,6 +86,6 @@ catalog:
       label: "Data Directory"
       description: |
         The directory to store persistent data for the stack.
-      default: "Personal-Experimental/Nextcloud"
+      default: "Personal/Nextcloud-Experimental"
       required: true
       type: string