+# V0.1.8 Dokumentation, onlyoffice
+
+- 10_einrichten_ansible_auf_workstation.md: missing "add_user"
+- new installation template: onlyoffice
+
+
# V0.1.7 Documentation
- README.md
### Zugriff auf localhost per ssh ermöglichen
Um die Konfiguration zu ändern muss ssh auf die lokale Workstation per ssh zugreifen können:
```
+adduser ansadm -uid=260
DIR=/home/ansadm/.ssh
cat $DIR/id_rsa.pub >>$DIR/authorized_keys
chmod 600 $DIR/authorized_keys
--- /dev/null
+---
+- name: Creates a Nextcloud instance (all in one, AIO) with Docker
+ # needed facts (variables) from commandline (e.g. -e domain=example.com -e force=true):
+ # -
+ # All variables are taken from vars/nextcloud.yaml
+ hosts: all
+ vars_files:
+ - ../vars/common.yaml
+ - ../vars/ssl-certificate.yaml
+ - ../vars/nextcloud.yaml
+ tasks:
+ - name: create certificate for {{ domain }}
+ import_tasks: ../tasks/t_ssl_create_certificate.yaml
+ vars:
+ domain: "{{ nc_domain }}"
+
+ - name: Create the NGINX configuration for {{domain}}
+ import_tasks: ../tasks/t_nginx_create_site.yaml
+ vars:
+ domain: "{{ nc_domain }}"
+ document_root: "/srv/www/{{ nc_domain }}"
+ when: false
+
+ - name: Create the directory for Nextcloud instance
+ ansible.builtin.file:
+ path: "/srv/www/{{ nc_domain }}"
+ state: directory
+ owner: www-data
+ group: www-data
+ mode: '0775'
+
+ - name: Create the directory for Nextcloud data
+ ansible.builtin.file:
+ path: "{{ nc_files }}"
+ state: directory
+ owner: www-data
+ group: www-data
+ mode: '0775'
+ recurse: true
+
+ - name: Install the docker compose f
+ ansible.builtin.template:
+ src: ../templates.local/nextcloud/docker.composer.yaml.j2
+ dest: /srv/www/{{ nc_domain }}/docker-compose.yaml
+ owner: www-data
+ group: www-data
+ mode: '0644'
+ - name: Ensure the file with the Diffie/Hellman key exchange parameters exists
+ ansible.builtin.get_url:
+ url: https://ssl-config.mozilla.org/ffdhe2048.txt
+ dest: /etc/nginx/snippets/dhparam
+ mode: '0644'
+ owner: root
+ group: root
+ force: no
+
+ - name: Install the nginx configuration for Nextcloud
+ ansible.builtin.template:
+ src: ../templates.local/nextcloud/markt.gemeinwohl-gesellschaft.de.j2
+ dest: /etc/nginx/sites-available/{{ nc_domain }}
+ owner: root
+ group: root
+ mode: '0644'
--- /dev/null
+---
+- name: Creates a database, a database user of a web application.
+ # Stores the data in configuration files (remote and local)
+ # needed facts (variables) from the command line: (e.g. -e webapp_name=webapp):
+ hosts: all
+ vars_files:
+ - ../vars/common.yaml
+ - ../vars/onlyoffice.yaml
+ tasks:
+ - name: Create the docker compose file for onlyoffice
+ ansible.builtin.template:
+ src: ../templates.fix/onlyoffice/docker-compose.yaml.j2
+ dest: "{{ onlyoffice_base }}/docker-compose.yaml"
+ owner: root
+ group: root
+ mode: '0644'
--- /dev/null
+# needed variables:
+# domain: the site domain
+# ip: the interface ip (0.0.0.0 or 127.0.0.1)
+# nickname: a short name of the site (names the log files)
+# port: the port of the application
+server {
+ listen 80;
+ server_name {{ domain }};
+ include snippets/letsencrypt.conf;
+ root /srv/www/{{ domain }};
+ location / {
+ return 301 https://$server_name$request_uri; # enforce https
+ }
+}
+
+server {
+ listen 443 ssl;
+ http2 on;
+ server_name {{ domain }};
+ access_log /var/log/nginx/a_{{ nickname }}.log;
+ error_log /var/log/nginx/e_{{ nickname }}.log;
+
+ ssl_certificate /etc/letsencrypt/live/{{ domain }}/fullchain.pem;
+ ssl_certificate_key /etc/letsencrypt/live/{{ domain }}/privkey.pem;
+ #ssl_certificate /etc/ssl/certs/{{ domain }}.pem;
+ #ssl_certificate_key /etc/ssl/private/{{ domain }}.key;
+ location / {
+ proxy_pass http://{{ ip }}:{{ port }};
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-Proto $scheme;
+ }
+}
--- /dev/null
+version: '3.7'
+services:
+ # This service runs the ONLYOFFICE Document Server
+ onlyoffice:
+ # A friendly name for your container
+ container_name: onlyoffice-docs
+ # The official ONLYOFFICE Document Server image
+ image: onlyoffice/documentserver
+ # Expose port 80 (HTTP) from the container to port 80 on the host
+ ports:
+ - "{{ onlyoffice_port }}:80"
+ # Environment variable for security: JWT is critical for integration
+ environment:
+ # !! CRITICAL: REPLACE 'my_jwt_secret' with a strong, random password.
+ # You must use this same secret key in any client application (e.g., Nextcloud).
+ - JWT_SECRET="{{ onlyoffice_secret }}"
+ # Ensures the container automatically restarts if it crashes or the host reboots
+ restart: always
+ # Maps local host directories to container directories for persistent storage
+ volumes:
+ # Logs for troubleshooting
+ - "{{ onlyoffice_base }}/logs:/var/log/onlyoffice"
+ # Main data directory, contains certificates and configuration
+ - "{{ onlyoffice_base }}/data:/var/www/onlyoffice/Data"
+ # Internal cache files
+ - "{{ onlyoffice_base }}/lib:/var/lib/onlyoffice"
+ # PostgreSQL database files for Document Server
+ - "{{ onlyoffice_db_base }}/postgresql:/var/lib/postgresql"
local domain=$1
if [ -e $BASE_WEBAPPS/$domain.conf ]; then
. $BASE_WEBAPPS/$domain.conf
+ mkdir -p $domain/db
if [ -n "$db_name" -a "$db_type" = 'mysql' ]; then
local sql=$BASE_DIR/$domain/db/$domain.sql.gz
mysqldump -h $db_host -u $db_user "-p$db_password" $db_name | gzip > $sql
function SaveAll(){
cd $BASE_DIR
for domain in *; do
- if [ -d $BASE_DIR/$domain/db ]; then
- SaveOne $domain
- fi
+ SaveOne $domain
done
}
-SaveAll
\ No newline at end of file
+if [ "$1" = "one" ]; then
+ test -n "$2" && SaveOne $2
+else
+ SaveAll
+fi
--- /dev/null
+nc_domain: markt.gemeinwohl-gesellschaft.de
+nc_apache_port: 11000
+nc_files: /srv/data/markt.gemeinwohl-gesellschaft.de
+
projects / ansknife.git / commitdiff