.gitignore

@@ -2,3 +2,5 @@
 *.swp
 env_override
 docker-compose.override.yml
+env_collabora_override
+.idea

README.md

@@ -0,0 +1,142 @@
+## Abstract
+
+This docker-compose allows to easily run a Nextcloud instance with Collabora.
+
+## Prerequisites for production use
+
+- Domain records:
+  - One record for Nextcloud (eg: `nextcloud.example.com`)
+  - One record for Collabora (eg: `collabora.example.com`)
+  - BOTH records must be (resolvable AND accessible) from (Nextcloud container AND Collabora container AND final users)
+- HTTPS for Nextcloud and Collabora (eg: [Let’s Encrypt](https://letsencrypt.org/))
+- Reverse proxy for SSL termination
+
+## Installation
+
+### Tweak files
+
+- `env`
+  - Set `TZ`
+    - The timezone to be used in the container (See [List_of_tz_database_time_zones](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones))
+    - Example: `Europe/Paris`
+  - Generate secure password for `POSTGRES_PASSWORD`
+    - Password to be set (and used) for the Nextcloud database user. It will only be set when postgres files (`./data/postgres/data/...`) are created. Any further change won't update it.
+    - Example: [passwordsgenerator.net](https://passwordsgenerator.net/)
+  - Generate secure password for `NEXTCLOUD_ADMIN_PASSWORD`
+    - Password to be set for Nextcloud `root` user. It will only be set when Nextcloud will install itself. Any further change won't update it.
+    - Example: [passwordsgenerator.net](https://passwordsgenerator.net/)
+
+- `env_collabora`
+  - Set `domain`
+    - Regexp for domain(s) allowed to used Collabora. It must match your Nextcloud domain.
+    - Example: `nextcloud\.example\.com` (Note the backslashes to escape the dots)
+  - Generate secure password for `password`
+    - Password to be set for Collabora admin panel (https://collabora.example.com/loleaflet/dist/admin/admin.html)
+    - Example: [passwordsgenerator.net](https://passwordsgenerator.net/)
+
+- `docker-compose.yml`
+  - Set restart policies
+    - Uncomment `restart` lines to allow docker to automatically start the containers on reboot.
+
+### Reverse proxy
+
+`/etc/apache2/sites-available/nextcloud.example.com.conf`:
+```
+<IfModule mod_ssl.c>
+    <VirtualHost *:80>
+        ServerName nextcloud.example.com
+        Redirect permanent / https://nextcloud.example.com/
+    </VirtualHost>
+    <VirtualHost *:443>
+        Include sites-available/nextcloud.example.com.include
+
+        SSLEngine on
+        SSLCertificateFile /etc/letsencrypt/live/example.com/cert.pem
+        SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
+        SSLCertificateChainFile /etc/letsencrypt/live/example.com/chain.pem
+    </VirtualHost>
+</IfModule>
+<IfModule !mod_ssl.c>
+    <VirtualHost *:80>
+        Include sites-available/nextcloud.example.com.include
+    </VirtualHost>
+</IfModule>
+```
+
+`/etc/apache2/sites-available/nextcloud.example.com.include`:
+```
+ServerName nextcloud.example.com
+ServerAlias nextcloud.example.com
+ProxyPreserveHost On
+ProxyRequests off
+ProxyPass / http://127.0.0.1:35081/
+ProxyPassReverse / http://127.0.0.1:35081/
+
+```
+
+`/etc/apache2/sites-available/collabora.example.com.conf`:
+```
+<IfModule mod_ssl.c>
+    <VirtualHost *:80>
+        ServerName collabora.example.com
+        Redirect permanent / https://collabora.example.com/
+    </VirtualHost>
+    <VirtualHost *:443>
+        Include sites-available/collabora.example.com.include
+
+        SSLEngine on
+        SSLCertificateFile /etc/letsencrypt/live/example.com/cert.pem
+        SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
+        SSLCertificateChainFile /etc/letsencrypt/live/example.com/chain.pem
+    </VirtualHost>
+</IfModule>
+<IfModule !mod_ssl.c>
+    <VirtualHost *:80>
+        Include sites-available/collabora.example.com.include
+    </VirtualHost>
+</IfModule>
+
+```
+
+`/etc/apache2/sites-available/collabora.example.com.include`:
+```
+ServerName collabora.example.com
+ServerAlias collabora.example.com
+ProxyPreserveHost On
+ProxyRequests off
+
+AllowEncodedSlashes NoDecode
+
+# Order of ProxyPass matters
+
+ProxyPassMatch "/lool/(.*)/ws$" ws://127.0.0.1:35082/lool/$1/ws nocanon
+ProxyPass   /lool/adminws ws://127.0.0.1:35082/lool/adminws
+
+ProxyPass / http://127.0.0.1:35082/
+ProxyPassReverse / http://127.0.0.1:35082/
+
+```
+
+### Run
+
+```
+docker-compose up --build -d
+```
+
+### Install Nextcloud integration app
+
+- Login on Nextcloud with `root` account
+- Go to Upper right `account picture` / `Apps` / Upper right `search` icon
+- Type `Collabora Online`
+- Click `Download and enable`
+- Wait for installation to finish
+- Go to Upper right `account picture` / `Settings` / Lower left `Collabora Online`
+- Set your Collabora URL (eg: `https://collabora.example.com`)
+- Click `Apply`
+- Go back to Files
+- Click `+`
+- Click `New Document`
+- Type a name
+- Validate
+- Click the newly created document
+- Enjoy

collabora/Dockerfile

@@ -0,0 +1 @@
+FROM collabora/code

docker-compose.yml

@@ -3,37 +3,53 @@ version: '2'
 services:
     postgresql:
         build: ./postgresql
-        container_name: owncloud-postgresql
+        container_name: nextcloud-postgresql
 #        restart: unless-stopped
         networks:
-            owncloud.internal.docker:
+            main:
                 aliases:
-                    - postgresql.owncloud.internal.docker
+                    - postgresql.main.internal.docker
         volumes:
             - ./data/postgresql/data:/var/lib/postgresql/data
-            - ./data/postgresql/backup:/var/lib/postgresql/backup
         ports:
-            - "127.0.0.1:35080:5432"
+            - "127.0.0.1:3580:5432"
         env_file:
             - env
 
-    owncloud:
-        build: ./owncloud
-        container_name: owncloud-owncloud
+    nextcloud:
+        build: ./nextcloud
+        container_name: nextcloud-nextcloud
 #        restart: unless-stopped
         networks:
-            owncloud.internal.docker:
+            main:
                 aliases:
-                    - owncloud.owncloud.internal.docker
+                    - nextcloud.main.internal.docker
         volumes:
-            - ./data/owncloud/apps:/var/www/html/apps
-            - ./data/owncloud/config:/var/www/html/config
-            - ./data/owncloud/data:/var/www/html/data
+            - ./data/nextcloud/apps:/var/www/html/apps
+            - ./data/nextcloud/config:/var/www/html/config
+            - ./data/nextcloud/data:/var/www/html/data
         ports:
-          #- "127.0.0.1:35081:80"
-            - "0.0.0.0:35081:80"
+            - "127.0.0.1:35081:80"
+        environment:
+          - POSTGRES_DB=nextcloud
         env_file:
             - env
 
+    collabora:
+        build: ./collabora
+        container_name: nextcloud-collabora
+#        restart: unless-stopped
+        networks:
+            main:
+                aliases:
+                    - collabora.main.internal.docker
+        ports:
+            - "127.0.0.1:35082:9980"
+        cap_add:
+          - MKNOD
+        env_file:
+            - env
+            - env_collabora
+
 networks:
-    owncloud.internal.docker:
+    main:

env

@@ -1,10 +1,8 @@
-POSTGRES_MASTER_MODE=1
-POSTGRES_HOST=postgresql.owncloud.internal.docker
-POSTGRES_USER=owncloud
+TZ=Europe/London
+
+POSTGRES_USER=postgres
 POSTGRES_PASSWORD=change_it
-POSTGRES_DB=owncloud
-POSTGRES_REP_USER=replicator
-POSTGRES_REP_PASSWORD=change_it
-POSTGRES_REP_ALLOWED_HOST=127.0.0.1/32
-POSTGRES_RO_USER=owncloud_ro
-POSTGRES_RO_PASSWORD=change_it
+POSTGRES_HOST=postgresql.main.internal.docker:5432
+
+NEXTCLOUD_ADMIN_USER=root
+NEXTCLOUD_ADMIN_PASSWORD=change_it

env_collabora

@@ -0,0 +1,4 @@
+domain=collabora\.example\.com
+extra_params=--o:ssl.enable=false --o:ssl.termination=true
+username=root
+password=change_it

nextcloud/Dockerfile

@@ -0,0 +1 @@
+FROM nextcloud:16.0-apache

owncloud/Dockerfile

@@ -1 +0,0 @@
-FROM owncloud:10.0-apache

postgresql/Dockerfile

@@ -1 +1 @@
-FROM robinthoni/postgres-backup-multiarch:9.6-1.1.0
+FROM postgres:11