mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2026-03-19 16:07:23 -04:00
Code Issues Packages Projects Releases Wiki Activity

fix wopi integration and wopi deployment

Browse Source
This commit is contained in:
Willy Kloucek
2022-05-05 10:55:16 +02:00
parent b9803e3690
commit f2d82bd1ac
12 changed files with 147 additions and 178 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
deployments/examples/ocis_individual_services/docker-compose.yml
View File

@@ -695,7 +695,7 @@ services:
OCIS_LOG_COLOR: "${OCIS_LOG_COLOR:-false}"
OCIS_LOG_PRETTY: "${OCIS_LOG_PRETTY:-false}"
STORAGE_GATEWAY_GRPC_ADDR: 0.0.0.0:9142
GATEWAY_GRPC_ADDR: 0.0.0.0:9142
REVA_GATEWAY: storage-gateway:9142

20
deployments/examples/ocis_wopi/.env
View File

@@ -2,10 +2,6 @@
# It skips certificate validation for various parts of oCIS and is needed if you use self signed certificates.
INSECURE=true
# The demo users should not be created on a production instance
# because their passwords are public
DEMO_USERS=true
### Traefik settings ###
# Serve Traefik dashboard. Defaults to "false".
TRAEFIK_DASHBOARD=
@@ -21,16 +17,11 @@ TRAEFIK_ACME_MAIL=
OCIS_DOCKER_TAG=
# Domain of oCIS, where you can find the frontend. Defaults to "ocis.owncloud.test"
OCIS_DOMAIN=
# IDP LDAP bind password. Must be changed in order to have a secure oCIS. Defaults to "idp".
IDP_LDAP_BIND_PASSWORD=
# Storage LDAP bind password. Must be changed in order to have a secure oCIS. Defaults to "reva".
STORAGE_LDAP_BIND_PASSWORD=
# JWT secret which is used for the storage provider. Must be changed in order to have a secure oCIS. Defaults to "Pive-Fumkiu4"
OCIS_JWT_SECRET=
# JWT secret which is used for uploads to create transfer tokens. Must be changed in order to have a secure oCIS. Defaults to "replace-me-with-a-transfer-secret"
STORAGE_TRANSFER_SECRET=
# Machine auth api key secret. Must be changed in order to have a secure oCIS. Defaults to "change-me-please"
OCIS_MACHINE_AUTH_API_KEY=
# oCIS admin user password. Defaults to "admin".
ADMIN_PASSWORD=
# The demo users should not be created on a production instance
# because their passwords are public. Defaults to "false".
DEMO_USERS=
### Wopi server settings ###
# cs3org wopi server version. Defaults to "latest"
@@ -60,7 +51,6 @@ CODIMD_DOMAIN=
# Secret which is used for the communication with the WOPI server. Must be changed in order to have a secure CodiMD. Defaults to "LoremIpsum456"
CODIMD_SECRET=
# If you want to use debugging and tracing with this stack,
# you need uncomment following line. Please see documentation at
# https://owncloud.dev/ocis/deployment/monitoring-tracing/

2
deployments/examples/ocis_wopi/config/ocis-appdriver-codimd/entrypoint-override.sh
View File

@@ -8,7 +8,7 @@ apk add curl
retries=10
while [[ $retries -gt 0 ]]; do
if curl --silent --show-error --fail http://codimd:3000 > /dev/null; then
ocis storage-app-provider server
ocis app-provider server
else
echo "CodiMD is not yet available, trying again in 10 seconds"
sleep 10

2
deployments/examples/ocis_wopi/config/ocis-appdriver-onlyoffice/entrypoint-override.sh
View File

@@ -8,7 +8,7 @@ apk add curl
retries=10
while [[ $retries -gt 0 ]]; do
if curl --silent --show-error --fail http://onlyoffice/hosting/discovery > /dev/null; then
ocis storage-app-provider server
ocis app-provider server
else
echo "OnlyOffice is not yet available, trying again in 10 seconds"
sleep 10

72
deployments/examples/ocis_wopi/config/ocis/app-registry.yaml Normal file
View File

@@ -0,0 +1,72 @@
app_registry:
mimetypes:
- mime_type: application/pdf
extension: pdf
name: PDF
description: PDF document
icon: ''
default_app: ''
allow_creation: false
- mime_type: application/vnd.oasis.opendocument.text
extension: odt
name: OpenDocument
description: OpenDocument text document
icon: ''
default_app: Collabora
allow_creation: true
- mime_type: application/vnd.oasis.opendocument.spreadsheet
extension: ods
name: OpenSpreadsheet
description: OpenDocument spreadsheet document
icon: ''
default_app: Collabora
allow_creation: true
- mime_type: application/vnd.oasis.opendocument.presentation
extension: odp
name: OpenPresentation
description: OpenDocument presentation document
icon: ''
default_app: Collabora
allow_creation: true
- mime_type: application/vnd.openxmlformats-officedocument.wordprocessingml.document
extension: docx
name: Microsoft Word
description: Microsoft Word document
icon: ''
default_app: OnlyOffice
allow_creation: true
- mime_type: application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
extension: xlsx
name: Microsoft Excel
description: Microsoft Excel document
icon: ''
default_app: OnlyOffice
allow_creation: true
- mime_type: application/vnd.openxmlformats-officedocument.presentationml.presentation
extension: pptx
name: Microsoft PowerPoint
description: Microsoft PowerPoint document
icon: ''
default_app: OnlyOffice
allow_creation: true
- mime_type: application/vnd.jupyter
extension: ipynb
name: Jupyter Notebook
description: Jupyter Notebook
icon: ''
default_app: ''
allow_creation: true
- mime_type: text/markdown
extension: md
name: Markdown file
description: Markdown file
icon: ''
default_app: CodiMD
allow_creation: true
- mime_type: application/compressed-markdown
extension: zmd
name: Compressed markdown file
description: Compressed markdown file
icon: ''
default_app: CodiMD
allow_creation: false

24
deployments/examples/ocis_wopi/config/ocis/entrypoint-override.sh
View File

@@ -1,24 +0,0 @@
#!/bin/sh
set -e
ocis server&
sleep 10
echo "##################################################"
echo "change default secrets:"
# IDP
IDP_USER_UUID=$(ocis accounts list | grep "| Kopano IDP " | egrep '[0-9a-f]{8}-([0-9a-f]{4}-){3}[0-9a-f]{12}' -o)
echo " IDP user UUID: $IDP_USER_UUID"
ocis accounts update --password $IDP_LDAP_BIND_PASSWORD $IDP_USER_UUID
# REVA
REVA_USER_UUID=$(ocis accounts list | grep " | Reva Inter " | egrep '[0-9a-f]{8}-([0-9a-f]{4}-){3}[0-9a-f]{12}' -o)
echo " Reva user UUID: $REVA_USER_UUID"
ocis accounts update --password $STORAGE_LDAP_BIND_PASSWORD $REVA_USER_UUID
echo "default secrets changed"
echo "##################################################"
wait # wait for oCIS to exit

92
deployments/examples/ocis_wopi/config/ocis/mimetypes.json
View File

@@ -1,92 +0,0 @@
[
{
"mime_type": "application/pdf",
"extension": "pdf",
"name": "PDF",
"description": "PDF document",
"icon": "",
"default_app": "",
"allow_creation": false
},
{
"mime_type": "application/vnd.oasis.opendocument.text",
"extension": "odt",
"name": "OpenDocument",
"description": "OpenDocument text document",
"icon": "",
"default_app": "Collabora",
"allow_creation": true
},
{
"mime_type": "application/vnd.oasis.opendocument.spreadsheet",
"extension": "ods",
"name": "OpenSpreadsheet",
"description": "OpenDocument spreadsheet document",
"icon": "",
"default_app": "Collabora",
"allow_creation": true
},
{
"mime_type": "application/vnd.oasis.opendocument.presentation",
"extension": "odp",
"name": "OpenPresentation",
"description": "OpenDocument presentation document",
"icon": "",
"default_app": "Collabora",
"allow_creation": true
},
{
"mime_type": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"extension": "docx",
"name": "Microsoft Word",
"description": "Microsoft Word document",
"icon": "",
"default_app": "OnlyOffice",
"allow_creation": true
},
{
"mime_type": "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet",
"extension": "xlsx",
"name": "Microsoft Excel",
"description": "Microsoft Excel document",
"icon": "",
"default_app": "OnlyOffice",
"allow_creation": true
},
{
"mime_type": "application/vnd.openxmlformats-officedocument.presentationml.presentation",
"extension": "pptx",
"name": "Microsoft PowerPoint",
"description": "Microsoft PowerPoint document",
"icon": "",
"default_app": "OnlyOffice",
"allow_creation": true
},
{
"mime_type": "application/vnd.jupyter",
"extension": "ipynb",
"name": "Jupyter Notebook",
"description": "Jupyter Notebook",
"icon": "",
"default_app": "",
"allow_creation": true
},
{
"mime_type": "text/markdown",
"extension": "md",
"name": "Markdown file",
"description": "Markdown file",
"icon": "",
"default_app": "CodiMD",
"allow_creation": true
},
{
"mime_type": "application/compressed-markdown",
"extension": "zmd",
"name": "Compressed markdown file",
"description": "Compressed markdown file",
"icon": "",
"default_app": "CodiMD",
"allow_creation": false
}
]

87
deployments/examples/ocis_wopi/docker-compose.yml
View File

@@ -52,31 +52,28 @@ services:
ocis-net:
entrypoint:
- /bin/sh
- /entrypoint-override.sh
# run ocis init to initialize a configuration file with random secrets
# it will fail on subsequent runs, because the config file already exists
# therefore we ignore the error and then start the ocis server
command: ["-c", "ocis init || true; ocis server"]
environment:
OCIS_URL: https://${OCIS_DOMAIN:-ocis.owncloud.test}
OCIS_DOMAIN: ${OCIS_DOMAIN:-ocis.owncloud.test}
OCIS_LOG_LEVEL: ${OCIS_LOG_LEVEL:-error} # make oCIS less verbose
PROXY_TLS: "false" # do not use SSL between Traefik and oCIS
# change default secrets
IDP_LDAP_BIND_PASSWORD: ${IDP_LDAP_BIND_PASSWORD:-idp}
STORAGE_LDAP_BIND_PASSWORD: ${STORAGE_LDAP_BIND_PASSWORD:-reva}
OCIS_JWT_SECRET: ${OCIS_JWT_SECRET:-Pive-Fumkiu4}
OCIS_MACHINE_AUTH_API_KEY: ${OCIS_MACHINE_AUTH_API_KEY:-change-me-please}
OCIS_TRANSFER_SECRET: ${STORAGE_TRANSFER_SECRET:-replace-me-with-a-transfer-secret}
# app registry
STORAGE_GATEWAY_GRPC_ADDR: 0.0.0.0:9142 # make the REVA gateway accessible to the app drivers
STORAGE_APP_REGISTRY_MIMETYPES_JSON: /var/tmp/ocis/app-config/mimetypes.json
GATEWAY_GRPC_ADDR: 0.0.0.0:9142 # make the REVA gateway accessible to the app drivers
# INSECURE: needed if oCIS / Traefik is using self generated certificates
OCIS_INSECURE: "${INSECURE:-false}"
# basic auth (not recommended, but needed for eg. WebDav clients that do not support OpenID Connect)
PROXY_ENABLE_BASIC_AUTH: "${PROXY_ENABLE_BASIC_AUTH:-false}"
# admin user password
IDM_ADMIN_PASSWORD: "${ADMIN_PASSWORD:-admin}" # this overrides the admin password from the configuration file
# demo users
ACCOUNTS_DEMO_USERS_AND_GROUPS: "${DEMO_USERS:-false}" # deprecated, remove after switching to LibreIDM
IDM_CREATE_DEMO_USERS: "${DEMO_USERS:-false}"
OCIS_CONFIG_DIR: /etc/ocis #TODO: remove me after https://github.com/owncloud/ocis/issues/3688
volumes:
- ./config/ocis/entrypoint-override.sh:/entrypoint-override.sh
- ./config/ocis/mimetypes.json:/var/tmp/ocis/app-config/mimetypes.json
- ./config/ocis/app-registry.yaml:/etc/ocis/app-registry.yaml
- ocis-config:/etc/ocis
- ocis-data:/var/lib/ocis
labels:
- "traefik.enable=true"
@@ -93,20 +90,22 @@ services:
image: owncloud/ocis:${OCIS_DOCKER_TAG:-latest}
networks:
ocis-net:
command: storage-app-provider server
command: app-provider server
environment:
REVA_GATEWAY: ${REVA_GATEWAY:-ocis:9142}
APP_PROVIDER_GRPC_ADDR: 0.0.0.0:9164
APP_PROVIDER_EXTERNAL_ADDR: ocis-appdriver-collabora:9164
OCIS_JWT_SECRET: ${OCIS_JWT_SECRET:-Pive-Fumkiu4}
OCIS_MACHINE_AUTH_API_KEY: ${OCIS_MACHINE_AUTH_API_KEY:-change-me-please}
APP_PROVIDER_DRIVER: wopi
APP_PROVIDER_WOPI_DRIVER_APP_NAME: Collabora
APP_PROVIDER_WOPI_DRIVER_APP_ICON_URI: https://${COLLABORA_DOMAIN:-collabora.owncloud.test}/favicon.ico
APP_PROVIDER_WOPI_DRIVER_APP_URL: https://${COLLABORA_DOMAIN:-collabora.owncloud.test}
APP_PROVIDER_WOPI_DRIVER_INSECURE: "${INSECURE:-false}"
APP_PROVIDER_WOPI_DRIVER_IOP_SECRET: ${WOPI_IOP_SECRET:-LoremIpsum123}
APP_PROVIDER_WOPI_DRIVER_WOPI_URL: https://${WOPISERVER_DOMAIN:-wopiserver.owncloud.test}
APP_PROVIDER_WOPI_APP_NAME: Collabora
APP_PROVIDER_WOPI_APP_ICON_URI: https://${COLLABORA_DOMAIN:-collabora.owncloud.test}/favicon.ico
APP_PROVIDER_WOPI_APP_URL: https://${COLLABORA_DOMAIN:-collabora.owncloud.test}
APP_PROVIDER_WOPI_INSECURE: "${INSECURE:-false}"
APP_PROVIDER_WOPI_WOPI_SERVER_IOP_SECRET: ${WOPI_IOP_SECRET:-LoremIpsum123}
APP_PROVIDER_WOPI_WOPI_SERVER_EXTERNAL_URL: https://${WOPISERVER_DOMAIN:-wopiserver.owncloud.test}
OCIS_CONFIG_DIR: /etc/ocis #TODO: remove me after https://github.com/owncloud/ocis/issues/3688
volumes:
- ocis-config:/etc/ocis
logging:
driver: "local"
restart: always
@@ -119,22 +118,23 @@ services:
entrypoint:
- /bin/sh
- /entrypoint-override.sh
#command: storage-app-provider server
#command: app-provider server
environment:
REVA_GATEWAY: ${REVA_GATEWAY:-ocis:9142}
APP_PROVIDER_GRPC_ADDR: 0.0.0.0:9164
APP_PROVIDER_EXTERNAL_ADDR: ocis-appdriver-onlyoffice:9164
OCIS_JWT_SECRET: ${OCIS_JWT_SECRET:-Pive-Fumkiu4}
OCIS_MACHINE_AUTH_API_KEY: ${OCIS_MACHINE_AUTH_API_KEY:-change-me-please}
APP_PROVIDER_DRIVER: wopi
APP_PROVIDER_WOPI_DRIVER_APP_NAME: OnlyOffice
APP_PROVIDER_WOPI_DRIVER_APP_ICON_URI: https://${ONLYOFFICE_DOMAIN:-onlyoffice.owncloud.test}/web-apps/apps/documenteditor/main/resources/img/favicon.ico
APP_PROVIDER_WOPI_DRIVER_APP_URL: https://${ONLYOFFICE_DOMAIN:-onlyoffice.owncloud.test}
APP_PROVIDER_WOPI_DRIVER_INSECURE: "${INSECURE:-false}"
APP_PROVIDER_WOPI_DRIVER_IOP_SECRET: ${WOPI_IOP_SECRET:-LoremIpsum123}
APP_PROVIDER_WOPI_DRIVER_WOPI_URL: https://${WOPISERVER_DOMAIN:-wopiserver.owncloud.test}
APP_PROVIDER_WOPI_APP_NAME: OnlyOffice
APP_PROVIDER_WOPI_APP_ICON_URI: https://${ONLYOFFICE_DOMAIN:-onlyoffice.owncloud.test}/web-apps/apps/documenteditor/main/resources/img/favicon.ico
APP_PROVIDER_WOPI_APP_URL: https://${ONLYOFFICE_DOMAIN:-onlyoffice.owncloud.test}
APP_PROVIDER_WOPI_INSECURE: "${INSECURE:-false}"
APP_PROVIDER_WOPI_WOPI_SERVER_IOP_SECRET: ${WOPI_IOP_SECRET:-LoremIpsum123}
APP_PROVIDER_WOPI_WOPI_SERVER_EXTERNAL_URL: https://${WOPISERVER_DOMAIN:-wopiserver.owncloud.test}
OCIS_CONFIG_DIR: /etc/ocis #TODO: remove me after https://github.com/owncloud/ocis/issues/3688
volumes:
- ./config/ocis-appdriver-onlyoffice/entrypoint-override.sh:/entrypoint-override.sh
- ocis-config:/etc/ocis
logging:
driver: "local"
restart: always
@@ -147,23 +147,24 @@ services:
entrypoint:
- /bin/sh
- /entrypoint-override.sh
#command: storage-app-provider server
#command: app-provider server
environment:
REVA_GATEWAY: ${REVA_GATEWAY:-ocis:9142}
APP_PROVIDER_GRPC_ADDR: 0.0.0.0:9164
APP_PROVIDER_EXTERNAL_ADDR: ocis-appdriver-codimd:9164
OCIS_JWT_SECRET: ${OCIS_JWT_SECRET:-Pive-Fumkiu4}
OCIS_MACHINE_AUTH_API_KEY: ${OCIS_MACHINE_AUTH_API_KEY:-change-me-please}
APP_PROVIDER_DRIVER: wopi
APP_PROVIDER_WOPI_DRIVER_APP_NAME: CodiMD
APP_PROVIDER_WOPI_DRIVER_APP_API_KEY: ${CODIMD_SECRET:-LoremIpsum456}
APP_PROVIDER_WOPI_DRIVER_APP_ICON_URI: https://${CODIMD_DOMAIN:-codimd.owncloud.test}/favicon.png
APP_PROVIDER_WOPI_DRIVER_APP_URL: https://${CODIMD_DOMAIN:-codimd.owncloud.test}
APP_PROVIDER_WOPI_DRIVER_INSECURE: "${INSECURE:-false}"
APP_PROVIDER_WOPI_DRIVER_IOP_SECRET: ${WOPI_IOP_SECRET:-LoremIpsum123}
APP_PROVIDER_WOPI_DRIVER_WOPI_URL: https://${WOPISERVER_DOMAIN:-wopiserver.owncloud.test}
APP_PROVIDER_WOPI_APP_NAME: CodiMD
APP_PROVIDER_WOPI_APP_API_KEY: ${CODIMD_SECRET:-LoremIpsum456}
APP_PROVIDER_WOPI_APP_ICON_URI: https://${CODIMD_DOMAIN:-codimd.owncloud.test}/favicon.png
APP_PROVIDER_WOPI_APP_URL: https://${CODIMD_DOMAIN:-codimd.owncloud.test}
APP_PROVIDER_WOPI_INSECURE: "${INSECURE:-false}"
APP_PROVIDER_WOPI_WOPI_SERVER_IOP_SECRET: ${WOPI_IOP_SECRET:-LoremIpsum123}
APP_PROVIDER_WOPI_WOPI_SERVER_EXTERNAL_URL: https://${WOPISERVER_DOMAIN:-wopiserver.owncloud.test}
OCIS_CONFIG_DIR: /etc/ocis #TODO: remove me after https://github.com/owncloud/ocis/issues/3688
volumes:
- ./config/ocis-appdriver-codimd/entrypoint-override.sh:/entrypoint-override.sh
- ocis-config:/etc/ocis
logging:
driver: "local"
restart: always
@@ -183,6 +184,7 @@ services:
WOPISERVER_DOMAIN: ${WOPISERVER_DOMAIN:-wopiserver.owncloud.test}
COLLABORA_DOMAIN: ${COLLABORA_DOMAIN:-collabora.owncloud.test}
volumes:
- /home/kloucek/Projects/github.com/cs3org/wopiserver/src:/app #TODO: remove me
- ./config/wopiserver/entrypoint-override.sh:/entrypoint-override.sh
- ./config/wopiserver/wopiserver.conf.dist:/etc/wopi/wopiserver.conf.dist
- wopi-data:/var/wopi_local_storage
@@ -286,6 +288,7 @@ services:
volumes:
certs:
ocis-config:
ocis-data:
wopi-data:
wopi-logs:

4
extensions/app-provider/pkg/config/config.go
View File

@@ -18,8 +18,8 @@ type Config struct {
TokenManager *TokenManager `yaml:"token_manager"`
Reva *Reva `yaml:"reva"`
ExternalAddr string `yaml:"external_addr"`
Driver string `yaml:"driver"`
ExternalAddr string `yaml:"external_addr" env:"APP_PROVIDER_EXTERNAL_ADDR"`
Driver string `yaml:"driver" env:"APP_PROVIDER_DRIVER"`
Drivers Drivers `yaml:"drivers"`
Supervised bool `yaml:"-"`

6
extensions/frontend/pkg/config/config.go
View File

@@ -34,6 +34,7 @@ type Config struct {
PublicURL string `yaml:"public_url" env:"OCIS_URL;FRONTEND_PUBLIC_URL"`
AppHandler AppHandler `yaml:"app_handler"`
Archiver Archiver `yaml:"archiver"`
DataGateway DataGateway `yaml:"data_gateway"`
OCS OCS `yaml:"ocs"`
@@ -86,6 +87,11 @@ type Auth struct {
CredentialsByUserAgent map[string]string `yaml:"credentials_by_user_agent"`
}
type AppHandler struct {
Prefix string `yaml:"-"`
Insecure bool `yaml:"insecure" env:"OCIS_INSECURE;FRONTEND_APP_HANDLER_INSECURE"`
}
type Archiver struct {
MaxNumFiles int64 `yaml:"max_num_files" env:"FRONTEND_ARCHIVER_MAX_NUM_FILES"`
MaxSize int64 `yaml:"max_size" env:"FRONTEND_ARCHIVER_MAX_SIZE"`

3
extensions/frontend/pkg/config/defaults/defaultconfig.go
View File

@@ -42,6 +42,9 @@ func DefaultConfig() *config.Config {
SupportedTypes: []string{"sha1", "md5", "adler32"},
PreferredUploadType: "",
},
AppHandler: config.AppHandler{
Prefix: "app",
},
Archiver: config.Archiver{
Insecure: false,
Prefix: "archiver",

11
extensions/frontend/pkg/revaconfig/config.go
View File

@@ -77,6 +77,17 @@ func FrontendConfigFromStruct(cfg *config.Config) map[string]interface{} {
},
// TODO build services dynamically
"services": map[string]interface{}{
// this reva service called "appprovider" comes from
// `internal/http/services/appprovider` and is a translation
// layer from the grpc app registry to http, used by eg. ownCloud Web
// It should not be confused with `internal/grpc/services/appprovider`
// which is currently only has only the driver for the CS3org WOPI server
"appprovider": map[string]interface{}{
"prefix": cfg.AppHandler.Prefix,
"transfer_shared_secret": cfg.TransferSecret,
"timeout": 86400,
"insecure": cfg.AppHandler.Insecure,
},
"archiver": map[string]interface{}{
"prefix": cfg.Archiver.Prefix,
"timeout": 86400,