Commit bd748d9a authored by Arie Peterson's avatar Arie Peterson

Merge branch '4-use-onlyoffice-instead-of-collabora' into 'master'

Resolve "use onlyoffice instead of collabora"

Closes #4 and bootstrap#222

See merge request !3
parents 3a36fb56 7e88abed
apiVersion: v1
description: |
A helm chart for installing NextCloud and setting up ONLYOFFICE integration
name: nextcloud-onlyoffice
version: 0.1.1
# What is this?
Installs Nextcloud and Collabora and configures Nextcloud to use Collabora as
Installs Nextcloud and ONLYOFFICE and configures Nextcloud to use ONLYOFFICE as
its document editor. Depends on the
[Nextcloud](https://github.com/helm/charts/tree/master/stable/nextcloud) and
[Collabora-code](https://github.com/helm/charts/tree/master/stable/collabora-code)
`@stable` charts. For configuration details on those charts, refer to their
documentation.
[Nextcloud](https://github.com/helm/charts/tree/master/stable/nextcloud)
`@stable` chart and [our ONLYOFFICE DocumentServer
chart](https://code.greenhost.net/openappstack/nextcloud/tree/master/onlyoffice-documentserver).
For configuration details on those charts, refer to their documentation.
## Installation
Install with:
Make sure you have a `onlyoffice-documentserver` helm repo before running helm
dep update for this chart. You can add it with:
```
helm install . --wait
helm repo add onlyoffice-documentserver git+https://code.greenhost.net/openappstack/nextcloud@onlyoffice-documentserver?ref=master
```
The `onlyoffice-documentserver.onlyoffice.server_name` variable needs to be
overwritten with an URL that points to your onlyoffice for this to work
correctly. See `values-local.yaml.example` for an example of domain
configurations you might want to do. These instructions assume you copy
`values-local.yaml.example` to `values-local.yaml` and edit it.
Install with:
```
helm install . --wait -f values-local.yaml
```
**The `--wait` is important!** We need that because of how [helm chart
......@@ -29,6 +42,10 @@ being executed.
The included `values.yaml` file configures Nextcloud to use a Mariadb database,
otherwise the Job can not access the database for plugin installation.
It also configures NextCloud to use a persistent volume, because this is
necessary for the integration job to work. Be sure to change the default size of
the persistent disk from 2 GB if you need more.
## Certificates
Note that collabora needs to have a valid TLS certificate, otherwise NextCloud
......
......@@ -4,10 +4,9 @@ dependencies:
repository: "@stable"
tags:
- nextcloud
# Needs https://github.com/helm/charts/pull/13311
- name: collabora-code
version: 1.0.2
repository: "@stable"
- name: onlyoffice-documentserver
version: 0.1.0
repository: "@onlyoffice-documentserver"
tags:
- collabora
- onlyoffice
- nextcloud
{{- $collabora := index .Values "collabora-code" -}}
Thank you for installing {{ .Chart.Name }}.
Your release is named {{ .Release.Name }}. This chart has installed Nextcloud
with Mariadb enabled and Collabora. Nextcloud is available under a pod starting
with the name {{ .Release.Name }}-nextcloud, the Collabora pod name starts with
with Mariadb enabled and ONLYOFFICE. Nextcloud is available under a pod starting
with the name {{ .Release.Name }}-nextcloud, the ONLYOFFICE pod name starts with
{{ .Release.Name }}-office.
Nextcloud has been configured to use Collabora for opening rich text documents,
using the `richdocuments` app. It uses WOPI url:
"https://{{ $collabora.collabora.server_name }}"
Nextcloud has been configured to use ONLYOFFICE for opening rich text documents,
using the `onlyoffice` app.
To learn more, try:
......
......@@ -2,7 +2,7 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "nextcloud-collabora.name" -}}
{{- define "nextcloud-onlyoffice.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
......@@ -11,7 +11,7 @@ Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "nextcloud-collabora.fullname" -}}
{{- define "nextcloud-onlyoffice.fullname" -}}
{{- if .Values.fullnameOverride -}}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
......@@ -27,6 +27,6 @@ If release name contains chart name it will be used as a full name.
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "nextcloud-collabora.chart" -}}
{{- define "nextcloud-onlyoffice.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
# Work around the fact that we can not index hyphenated names
# (https://github.com/helm/helm/issues/2993)
{{- $collabora := index .Values "collabora-code" }}
apiVersion: batch/v1
kind: Job
metadata:
name: "{{ .Release.Name }}-register-collabora"
name: "{{ .Release.Name }}-register-onlyoffice"
labels:
app.kubernetes.io/managed-by: {{ .Release.Service | quote }}
app.kubernetes.io/instance: {{ .Release.Name | quote }}
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
annotations:
"helm.sh/hook": post-install
"helm.sh/hook": post-install,post-upgrade
"helm.sh/hook-weight": "0"
"helm.sh/hook-delete-policy": hook-succeeded
spec:
......@@ -28,12 +27,11 @@ spec:
runAsUser: 33
runAsGroup: 33
containers:
- name: {{ .Release.Name }}-register-collabora-job
- name: {{ .Release.Name }}-register-onlyoffice-job
image: {{ .Values.nextcloud.image.repository }}:{{ .Values.nextcloud.image.tag }}
command:
- "/bin/bash"
- "-c"
- "echo 'install' && php occ app:install richdocuments && echo 'enable' && php occ app:enable richdocuments && echo 'config 1' && php occ config:app:set richdocuments disable_certificate_verification --value yes && echo 'config 2' && php occ config:app:set richdocuments wopi_url --value https://{{ $collabora.collabora.server_name }}"
- "/var/local/onlyoffice-setup.sh"
volumeMounts:
- name: nextcloud-data
mountPath: /var/www/html/
......@@ -50,6 +48,8 @@ spec:
- name: nextcloud-data
mountPath: /var/www/html/themes
subPath: themes
- name: onlyoffice-config
mountPath: /var/local
env:
{{- if .Values.nextcloud.internalDatabase.enabled }}
- name: SQLITE_DATABASE
......@@ -105,3 +105,8 @@ spec:
{{- else }}
emptyDir: {}
{{- end }}
- name: onlyoffice-config
configMap:
name: {{ .Release.Name }}-onlyoffice-config
{{- $onlyoffice := index .Values "onlyoffice-documentserver" }}
apiVersion: v1
kind: ConfigMap
metadata:
name: "{{ .Release.Name }}-onlyoffice-config"
labels:
app.kubernetes.io/managed-by: {{ .Release.Service | quote }}
app.kubernetes.io/instance: {{ .Release.Name | quote }}
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
data:
onlyoffice-config.json: |
{
"apps": {
"onlyoffice": {
"DocumentServerInternalUrl": "",
"DocumentServerUrl": "https:\/\/{{ $onlyoffice.onlyoffice.server_name }}\/",
"StorageUrl": "https:\/\/{{ .Values.nextcloud.nextcloud.host }}\/",
"defFormats": "{\"csv\":\"false\",\"doc\":\"false\",\"docm\":\"false\",\"docx\":\"true\",\"dotx\":\"false\",\"epub\":\"false\",\"html\":\"false\",\"odp\":\"true\",\"ods\":\"true\",\"odt\":\"true\",\"pdf\":\"false\",\"potm\":\"false\",\"potx\":\"false\",\"ppsm\":\"false\",\"ppsx\":\"false\",\"ppt\":\"false\",\"pptm\":\"false\",\"pptx\":\"true\",\"rtf\":\"false\",\"txt\":\"false\",\"xls\":\"false\",\"xlsm\":\"false\",\"xlsx\":\"true\",\"xltm\":\"false\",\"xltx\":\"false\"}",
"editFormats": "{\"csv\":\"true\",\"odp\":\"true\",\"ods\":\"true\",\"odt\":\"true\",\"rtf\":\"false\",\"txt\":\"true\"}",
"enabled": "yes",
"groups": "[]",
"jwt_secret": "",
"sameTab": "false",
"settings_error": "",
"types": "filesystem"
}
}
}
onlyoffice-setup.sh: |
#!/bin/bash
set -ev
# Debug: place the json file in a persistent location for reuse
cp /var/local/onlyoffice-config.json /var/www/html/
# Only install onlyoffice if it's not installed already
if ! php occ app:list | grep -q onlyoffice; then
php occ app:install onlyoffice
fi
# Enable onlyoffice app
php occ app:enable onlyoffice
# Config settings from the configmap above
php occ config:import /var/local/onlyoffice-config.json
nextcloud:
nextcloud:
host: "files.oas.maartendewaard.nl"
password: Set a password here
ingress:
enabled: true
annotations:
# Tell traefik to automatically get a TLS certificate
kubernetes.io/tls-acme: "true"
hosts:
- "files.your.domain"
# Enable and configure MariaDB chart
mariadb:
db:
password: Set a mysql password
master:
persistence:
## Enable PostgreSQL persistence using Persistent Volume Claims.
enabled: true
size: 512Mi
replication:
enabled:
false
rootUser:
password: Set a mysql root user password
onlyoffice-documentserver:
ingress:
enabled: true
paths:
- "/"
hosts:
- "office.your.domain"
onlyoffice:
server_name: "office.your.domain"
mariadb:
enabled: true
......@@ -7,12 +7,19 @@ nextcloud:
mariadb:
enabled: true
# Use 2 GB of storage for NC storage (maybe make configurable later?)
persistence:
enabled: true
size: 2Gi
# Necessary so the chart gets installed (because the requirements.yaml has a
# condition: `condition: mariadb.enabled`). Follow
# https://github.com/helm/helm/issues/5135 for more info.
mariadb:
enabled: true
collabora-code:
onlyoffice-documentserver:
onlyoffice:
containerPort: 80
livenessProbe:
initialDelaySeconds: 90
initialDelaySeconds: 40
apiVersion: v1
appVersion: "1.0"
description: |
A helm chart for installing NextCloud and setting up collabora integration
name: nextcloud-collabora
version: 0.1.0
dependencies:
- name: nextcloud
repository: https://kubernetes-charts.storage.googleapis.com
version: 1.1.1
- name: collabora-code
repository: https://kubernetes-charts.storage.googleapis.com
version: 1.0.2
digest: sha256:873a73729328b195e802e24fb0523eadf25fcdef38f39f516f9f8e21c7d1157b
generated: 2019-05-28T13:56:53.685080137+02:00
apiVersion: v1
appVersion: 5.3.1.26
description: A Helm chart for onlyoffice's documentserver
home: https://www.onlyoffice.com/
icon: https://download.onlyoffice.com/assets/fb/fb_icon_325x325.jpg
maintainers:
- email: maarten@greenhost.nl
name: Maarten
name: onlyoffice-documentserver
sources:
- https://code.greenhost.net/openappstack/nextcloud
version: 0.1.0
# ONLYOFFICE
Simple helm chart for running onlyoffice's documentserver container.
Chart based on a copy of the [COLLABORA code helm
chart](https://github.com/helm/charts/tree/master/stable/collabora-code)
Parameters:
**NOTE:** The `onlyoffice.server_name` variable needs to be overwritten with an
URL that points to your onlyoffice for this to work correctly.
| Parameter | Description | Default |
| ------------------------------------------------- | ------------------------------------------------------------- | ----------------------------------------------------------- |
| `replicaCount` | Number of provisioner instances to deployed | `1` |
| `strategy` | Specifies the strategy used to replace old Pods by new ones | `Recreate` |
| `image.repository` | Provisioner image | `onlyoffice/documentserver` |
| `image.tag` | Version of provisioner image | `5.3.1.26` |
| `image.pullPolicy` | Image pull policy | `IfNotPresent` |
| `onlyoffice.server_name` | Onlyoffice server URL | `onlyoffice.domain` |
| `ingress.enabled` | | `false` |
| `ingress.annotations` | | `{}` |
| `ingress.paths` | | `[]` |
| `ingress.hosts` | | `[]` |
| `ingress.tls` | | `[]` |
| `livenessProbe.enabled` | Turn on and off liveness probe | `true` |
| `livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `30` |
| `livenessProbe.periodSeconds` | How often to perform the probe | `10` |
| `livenessProbe.timeoutSeconds` | When the probe times out | `2` |
| `livenessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` |
| `livenessProbe.failureThreshold` | Minimum consecutive failures for the probe | `3` |
| `readinessProbe.enabled` | Turn on and off readiness probe | `true` |
| `readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `30` |
| `readinessProbe.periodSeconds` | How often to perform the probe | `10` |
| `readinessProbe.timeoutSeconds` | When the probe times out | `2` |
| `readinessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` |
| `readinessProbe.failureThreshold` | Minimum consecutive failures for the probe | `3` |
| `securityContext` | Change pod security contenxt | `{}` |
| `resources` | Resources required (e.g. CPU, memory) | `{}` |
| `nodeSelector` | Node labels for pod assignment | `{}` |
| `affinity` | Affinity settings | `{}` |
| `tolerations` | List of node taints to tolerate | `[]` |
1. Get the application URL by running these commands:
{{- if .Values.ingress.enabled }}
{{- range $host := .Values.ingress.hosts }}
{{- range $.Values.ingress.paths }}
http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host }}{{ . }}
{{- end }}
{{- end }}
{{- else if contains "NodePort" .Values.service.type }}
export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "onlyoffice-documentserver.fullname" . }})
export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
echo http://$NODE_IP:$NODE_PORT
{{- else if contains "LoadBalancer" .Values.service.type }}
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
You can watch the status of by running 'kubectl get svc -w {{ include "onlyoffice-documentserver.fullname" . }}'
export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "onlyoffice-documentserver.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
echo http://$SERVICE_IP:{{ .Values.service.port }}
{{- else if contains "ClusterIP" .Values.service.type }}
export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "onlyoffice-documentserver.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
echo "Visit http://127.0.0.1:9980 to use your application"
kubectl port-forward $POD_NAME 9980:9980
{{- end }}
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "onlyoffice-documentserver.name" -}}
{{- default "onlyoffice-documentserver" .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "onlyoffice-documentserver.fullname" -}}
{{- if .Values.fullnameOverride -}}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{/* Instead of what most charts do, we don't use .Chart.Name here, because that can break the use of this template function in parent charts. */}}
{{- $name := default "onlyoffice-documentserver" .Values.nameOverride -}}
{{- if contains $name .Release.Name -}}
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "onlyoffice-documentserver.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "onlyoffice-documentserver.fullname" . }}
labels:
app.kubernetes.io/name: {{ include "onlyoffice-documentserver.name" . }}
helm.sh/chart: {{ include "onlyoffice-documentserver.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
spec:
replicas: {{ .Values.replicaCount }}
strategy:
type: {{ .Values.strategy }}
selector:
matchLabels:
app.kubernetes.io/name: {{ include "onlyoffice-documentserver.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
template:
metadata:
labels:
app.kubernetes.io/name: {{ include "onlyoffice-documentserver.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
spec:
containers:
- name: {{ .Chart.Name }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
{{- if .Values.livenessProbe.enabled }}
livenessProbe:
failureThreshold: 3
httpGet:
path: /
port: http
scheme: HTTP
initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.livenessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }}
successThreshold: {{ .Values.livenessProbe.successThreshold }}
failureThreshold: {{ .Values.livenessProbe.failureThreshold }}
{{- end }}
{{- if .Values.readinessProbe.enabled }}
readinessProbe:
failureThreshold: 3
httpGet:
path: /
port: http
scheme: HTTP
initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.readinessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }}
successThreshold: {{ .Values.readinessProbe.successThreshold }}
failureThreshold: {{ .Values.readinessProbe.failureThreshold }}
{{- end }}
ports:
- name: http
containerPort: {{ .Values.onlyoffice.containerPort }}
protocol: TCP
resources:
{{- toYaml .Values.resources | nindent 12 }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- if .Values.ingress.enabled -}}
{{- $fullName := include "onlyoffice-documentserver.fullname" . -}}
{{- $ingressPaths := .Values.ingress.paths -}}
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: {{ $fullName }}
labels:
app.kubernetes.io/name: {{ include "onlyoffice-documentserver.name" . }}
helm.sh/chart: {{ include "onlyoffice-documentserver.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- with .Values.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if .Values.ingress.tls }}
tls:
{{- range .Values.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
rules:
{{- range .Values.ingress.hosts }}
- host: {{ . | quote }}
http:
paths:
{{- range $ingressPaths }}
- path: {{ . }}
backend:
serviceName: {{ $fullName }}
servicePort: http
{{- end }}
{{- end }}
{{- end }}
apiVersion: v1
kind: Service
metadata:
name: {{ include "onlyoffice-documentserver.fullname" . }}
labels:
app.kubernetes.io/name: {{ include "onlyoffice-documentserver.name" . }}
helm.sh/chart: {{ include "onlyoffice-documentserver.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
spec:
type: {{ .Values.service.type }}
ports:
- port: {{ .Values.service.port }}
targetPort: http
protocol: TCP
name: http
selector:
app.kubernetes.io/name: {{ include "onlyoffice-documentserver.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
apiVersion: v1
kind: Pod
metadata:
name: "{{ include "onlyoffice-documentserver.fullname" . }}-test-connection"
labels:
app.kubernetes.io/name: {{ include "onlyoffice-documentserver.name" . }}
helm.sh/chart: {{ include "onlyoffice-documentserver.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
annotations:
"helm.sh/hook": test-success
spec:
containers:
- name: wget
image: busybox
command: ['wget']
args: ['{{ include "onlyoffice-documentserver.fullname" . }}:{{ .Values.service.port }}']
restartPolicy: Never
# Default values for onlyoffice.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
replicaCount: 1
image:
repository: onlyoffice/documentserver
tag: 5.3.1.26
pullPolicy: IfNotPresent
strategy: Recreate
nameOverride: ""
fullnameOverride: ""
service:
type: ClusterIP
port: 9980
ingress:
enabled: false
annotations: {}
paths: []
hosts: []
tls: []
onlyoffice:
# port that server onlyoffice in container
containerPort: 80
# URL to the server running onlyoffice, replace this with your own domain!
server_name: onlyoffice.domain
resources: {}
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
nodeSelector: {}
tolerations: []
securityContext: {}
affinity: {}
livenessProbe:
enabled: true
initialDelaySeconds: 30
timeoutSeconds: 2
periodSeconds: 10
successThreshold: 1
failureThreshold: 3
readinessProbe:
enabled: true
initialDelaySeconds: 30
timeoutSeconds: 2
periodSeconds: 10
successThreshold: 1
failureThreshold: 3
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment