Domovská stránka Prehľadávať Pomoc
Registrovať Prihlásiť sa
root
/
apps
1
0
Fork 0
Súbory Issues 0 Pull requesty 0 Wiki
Branch: master
Branche Tagy
apps
/
ix-dev
/
stable
/
collabora
/
templates
/
docker-compose.yaml

docker-compose.yaml 2.9 KB
Permanentný odkaz História Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152 
  1. {% from "macros/nginx.conf.jinja" import nginx_conf %}
    2. 

  2. {% set tpl = ix_lib.base.render.Render(values) %}
    3. 

  3. 

  4. {% set c1 = tpl.add_container(values.consts.collabora_container_name, "image") %}
    5. 

  5. {% set nginx = namespace(x=None) %}
    6. 

  6. 

  7. {% if values.network.certificate_id %}
    8. 

  8.   {% set nginx.x = tpl.add_container(values.consts.nginx_container_name, "nginx_image") %}
    9. 

  9.   {% do nginx.x.depends.add_dependency(values.consts.collabora_container_name, "service_healthy") %}
    10. 

  10.   {% do nginx.x.add_caps(["CHOWN", "FOWNER", "DAC_OVERRIDE", "SETGID", "SETUID"]) %}
    11. 

  11.   {% do nginx.x.healthcheck.set_test("curl", {"port": values.network.web_port.port_number, "path": "/robots.txt", "scheme": "https"}) %}
    12. 

  12.   {% do nginx.x.add_port(values.network.web_port) %}
    13. 

  13. 

  14.   {% set cert = values.ix_certificates[values.network.certificate_id] %}
    15. 

  15.   {% do nginx.x.configs.add("private", cert.privatekey, values.consts.nginx_ssl_key_path) %}
    16. 

  16.   {% do nginx.x.configs.add("public", cert.certificate, values.consts.nginx_ssl_cert_path) %}
    17. 

  17. 

  18.   {% do nginx.x.configs.add("nginx.conf", nginx_conf(values), "/etc/nginx/nginx.conf") %}
    19. 

  19. 

  20.   {% do nginx.x.add_storage("/var/cache/nginx", {"type": "anonymous"}) %}
    21. 

  21.   {% do nginx.x.add_storage("/var/run", {"type": "anonymous"}) %}
    22. 

  22. {% else %}
    23. 

  23.   {% do c1.add_port(values.network.web_port, {"container_port": values.consts.internal_collabora_web_port}) %}
    24. 

  24. {% endif %}
    25. 

  25. 

  26. {% do c1.remove_security_opt("no-new-privileges") %}
    27. 

  27. {% do c1.add_caps(caps=["CHOWN", "FOWNER", "DAC_OVERRIDE", "SETGID", "SETUID", "SETFCAP", "SYS_CHROOT", "MKNOD"]) %}
    28. 

  28. {% do c1.healthcheck.set_test("http", {"port": values.consts.internal_collabora_web_port})%}
    29. 

  29. 

  30. {% do c1.environment.add_env("timezone", values.TZ) %}
    31. 

  31. {% do c1.environment.add_env("aliasgroup1", values.collabora.aliasgroup1|join(",")) %}
    32. 

  32. {% do c1.environment.add_env("dictionaries", values.collabora.dictionaries|join(" ")) %}
    33. 

  33. {% do c1.environment.add_env("extra_params", values.collabora.extra_params|join(" ")) %}
    34. 

  34. {% do c1.environment.add_env("DONT_GEN_SSL_CERT", true) %}
    35. 

  35. {% set domain = values.collabora.server_name if ":" in values.collabora.server_name else "%s:%d"|format(values.collabora.server_name, values.network.web_port.port_number) %}
    36. 

  36. {% do c1.environment.add_env("server_name", domain.split(":443")[0].split(":80")[0]) %}
    37. 

  37. {% if values.collabora.enable_webui %}
    38. 

  38.   {% do c1.environment.add_env("username", values.collabora.username) %}
    39. 

  39.   {% do c1.environment.add_env("password", values.collabora.password) %}
    40. 

  40. {% endif %}
    41. 

  41. 

  42. {% do c1.environment.add_user_envs(values.collabora.additional_envs) %}
    43. 

  43. 

  44. {% for store in values.storage.additional_storage %}
    45. 

  45.   {% do c1.add_storage(store.mount_path, store)%}
    46. 

  46. {% endfor %}
    47. 

  47. 

  48. {% set proto = "https" if values.network.certificate_id else "http" %}
    49. 

  49. {% set path = "/browser/dist/admin/admin.html" if values.collabora.enable_webui else "/" %}
    50. 

  50. {% do tpl.portals.add(values.network.web_port, {"scheme": proto, "path": path}) %}
    51. 

  51. 

  52. {{ tpl.render() | tojson }}
    53.