From d85560d899732fffa37c215caf02986d8789c15f Mon Sep 17 00:00:00 2001 From: Roman Perekhod Date: Wed, 8 May 2024 17:10:34 +0200 Subject: [PATCH 1/2] add the Collaboration stack debugging doc --- changelog/unreleased/add-debugging-doc.md | 5 + docs/ocis/development/debugging.md | 162 +++++++++++++++++++++- 2 files changed, 166 insertions(+), 1 deletion(-) create mode 100644 changelog/unreleased/add-debugging-doc.md diff --git a/changelog/unreleased/add-debugging-doc.md b/changelog/unreleased/add-debugging-doc.md new file mode 100644 index 00000000000..657fc5ab98d --- /dev/null +++ b/changelog/unreleased/add-debugging-doc.md @@ -0,0 +1,5 @@ +Enhancement: Add the Collaboration stack debugging doc + +Add the Collaboration stack debugging doc + +https://github.com/owncloud/ocis/pull/9113 diff --git a/docs/ocis/development/debugging.md b/docs/ocis/development/debugging.md index 3d9c25add3d..21fd4b8ba6b 100644 --- a/docs/ocis/development/debugging.md +++ b/docs/ocis/development/debugging.md @@ -179,8 +179,168 @@ For example `deployments/examples/ocis_wopi/docker-compose.yml` }, ``` +### Debugging the Collaboration Stack +Sometimes for debugging purposes, we want to run the WOPI stack with the collaboration service locally. +Let's focus on an example that uses the local runs of the ocis and collaboration together with the containerized traefik and collabora. +Please note: Against the stack that uses https://github.com/cs3org/wopiserver, we don't need the app_provider anymore. The new collaboration service now includes an app_provider. -### Gather error messages + +1. Update the hosts file +```bash +127.0.0.1 ocis.owncloud.test +127.0.0.1 traefik.owncloud.test +127.0.0.1 collabora.owncloud.test +127.0.0.1 collaboration.owncloud.test +``` + +2. Update the ocis/services/proxy/pkg/config/csp.yaml +``` yaml + frame-src: + - '''self''' + - 'https://embed.diagrams.net/' + - 'https://collabora.owncloud.test/' + img-src: + - '''self''' + - 'data:' + - 'blob:' + - 'https://collabora.owncloud.test/' +``` + +3. Run dependencies in a docker +3.1 Set the OCIS_DOMAIN +```bash +export OCIS_DOMAIN=ocis.owncloud.test:9200 +``` +3.2 Create the docker-compose.yml +```yaml + +--- +version: "3.7" + +services: + traefik: + image: traefik:v2.9.1 + networks: + ocis-net: + aliases: + - ${OCIS_DOMAIN:-ocis.owncloud.test} + - ${WOPISERVER_DOMAIN:-wopiserver.owncloud.test} + - ${COLLABORA_DOMAIN:-collabora.owncloud.test} + - ${ONLYOFFICE_DOMAIN:-onlyoffice.owncloud.test} + - ${COMPANION_DOMAIN:-companion.owncloud.test} + command: + - "--log.level=${TRAEFIK_LOG_LEVEL:-ERROR}" + # letsencrypt configuration + - "--certificatesResolvers.http.acme.email=${TRAEFIK_ACME_MAIL:-example@example.org}" + - "--certificatesResolvers.http.acme.storage=/certs/acme.json" + - "--certificatesResolvers.http.acme.httpChallenge.entryPoint=http" + # enable dashboard + - "--api.dashboard=true" + # define entrypoints + - "--entryPoints.http.address=:80" + - "--entryPoints.http.http.redirections.entryPoint.to=https" + - "--entryPoints.http.http.redirections.entryPoint.scheme=https" + - "--entryPoints.https.address=:443" + # docker provider (get configuration from container labels) + - "--providers.docker.endpoint=unix:///var/run/docker.sock" + - "--providers.docker.exposedByDefault=false" + # access log + - "--accessLog=true" + - "--accessLog.format=json" + - "--accessLog.fields.headers.names.X-Request-Id=keep" + ports: + - "80:80" + - "443:443" + volumes: + - "${DOCKER_SOCKET_PATH:-/var/run/docker.sock}:/var/run/docker.sock:ro" + - "certs:/certs" + labels: + - "traefik.enable=${TRAEFIK_DASHBOARD:-false}" + - "traefik.http.middlewares.traefik-auth.basicauth.users=${TRAEFIK_BASIC_AUTH_USERS:-admin:$$apr1$$4vqie50r$$YQAmQdtmz5n9rEALhxJ4l.}" # defaults to admin:admin + - "traefik.http.routers.traefik.entrypoints=https" + - "traefik.http.routers.traefik.rule=Host(`${TRAEFIK_DOMAIN:-traefik.owncloud.test}`)" + - "traefik.http.routers.traefik.middlewares=traefik-auth" + - "traefik.http.routers.traefik.tls.certresolver=http" + - "traefik.http.routers.traefik.service=api@internal" + logging: + driver: ${LOG_DRIVER:-local} + restart: always + + collabora: + image: collabora/code:23.05.5.2.1 + networks: + ocis-net: + extra_hosts: + - "collaboration.owncloud.test:host-gateway" + environment: + aliasgroup1: https://collaboration.owncloud.test:9300 + DONT_GEN_SSL_CERT: "YES" + extra_params: --o:ssl.enable=false --o:ssl.termination=true --o:welcome.enable=false --o:net.frame_ancestors=${OCIS_DOMAIN:-ocis.owncloud.test:9200} + username: ${COLLABORA_ADMIN_USER} + password: ${COLLABORA_ADMIN_PASSWORD} + cap_add: + - MKNOD + labels: + - "traefik.enable=true" + - "traefik.http.routers.collabora.entrypoints=https" + - "traefik.http.routers.collabora.rule=Host(`${COLLABORA_DOMAIN:-collabora.owncloud.test}`)" + - "traefik.http.routers.collabora.tls.certresolver=http" + - "traefik.http.routers.collabora.service=collabora" + - "traefik.http.services.collabora.loadbalancer.server.port=9980" + # websockets can't be opened when this is ommitted + - "traefik.http.middlewares.collabora.headers.customrequestheaders.X-Forwarded-Proto=https" + - "traefik.http.routers.collabora.middlewares=collabora" + logging: + driver: ${LOG_DRIVER:-local} + restart: always + healthcheck: + test: ["CMD", "curl", "-f", "http://localhost:9980/hosting/discovery"] + +volumes: + certs: + companion-data: + +networks: + ocis-net: + +``` +3.3 Run the docker compose `docker compose up -d` + +4. Run ocis or configure you IDE for debugging an application on the host machine +``` bash +OCIS_URL=https://ocis.owncloud.test:9200 \ +PROXY_ENABLE_BASIC_AUTH=true \ +MICRO_REGISTRY=nats-js-kv \ +MICRO_REGISTRY_ADDRESS="127.0.0.1:9233" \ +NATS_NATS_HOST="0.0.0.0" \ +NATS_NATS_PORT=9233 \ +GATEWAY_GRPC_ADDR="0.0.0.0:9142" \ +PROXY_CSP_CONFIG_FILE_LOCATION=ocis/services/proxy/pkg/config/csp.yaml \ +PROXY_ENABLE_BASIC_AUTH=true \ +OCIS_EXCLUDE_RUN_SERVICES=app-provider \ +ocis/bin/ocis server +``` + +5. Run collaboration server or configure you IDE for debugging an application on the host machine +```bash +COLLABORATION_APP_NAME=Collabora \ +COLLABORATION_APP_ICON=https://collabora.owncloud.test/favicon.ico \ +COLLABORATION_CS3API_DATAGATEWAY_INSECURE=true \ +COLLABORATION_HTTP_ADDR=collaboration.owncloud.test:9300 \ +COLLABORATION_HTTP_SCHEME=http \ +COLLABORATION_LOG_LEVEL=debug \ +COLLABORATION_WOPIAPP_ADDR=https://collabora.owncloud.test \ +COLLABORATION_WOPIAPP_INSECURE=true \ +MICRO_REGISTRY=nats-js-kv \ +MICRO_REGISTRY_ADDRESS=localhost:9233 \ +OCIS_URL=https://ocis.owncloud.test:9200 \ +ocis/bin/ocis collaboration server +``` + +6. Open ocis in a browser https://ocis.owncloud.test:9200 + + +### Gather Error Messages We recommend you collect all related information in a single file or in a GitHub issue. Let us start with an error that pops up in the Web UI: From 3ba15e9126c227fbba14747773cfc1d3545ff2c8 Mon Sep 17 00:00:00 2001 From: Roman Perekhod Date: Wed, 5 Jun 2024 17:07:37 +0200 Subject: [PATCH 2/2] reworked the debugging doc. added the collaboration docker compose files --- changelog/unreleased/add-debugging-doc.md | 3 +- .../examples/ocis_collaboraton/README.md | 26 +++ .../config/ocis/app-registry.yaml | 65 ++++++ .../config/ocis/banned-password-list.txt | 5 + .../ocis_collaboraton/config/ocis/csp.yaml | 37 ++++ .../ocis_collaboraton/config/ocis/web.yaml | 18 ++ .../config/onlyoffice/entrypoint-override.sh | 7 + .../config/onlyoffice/local.json | 71 ++++++ .../docker-compose.collabora.yml | 204 +++++++++++++++++ .../docker-compose.onlyoffice.yml | 205 ++++++++++++++++++ .../docker-compose-additions.yml | 36 +++ docs/ocis/development/debugging.md | 190 +++------------- ocis/docker/Dockerfile.linux.amd64 | 2 +- 13 files changed, 702 insertions(+), 167 deletions(-) create mode 100644 deployments/examples/ocis_collaboraton/README.md create mode 100644 deployments/examples/ocis_collaboraton/config/ocis/app-registry.yaml create mode 100644 deployments/examples/ocis_collaboraton/config/ocis/banned-password-list.txt create mode 100644 deployments/examples/ocis_collaboraton/config/ocis/csp.yaml create mode 100644 deployments/examples/ocis_collaboraton/config/ocis/web.yaml create mode 100755 deployments/examples/ocis_collaboraton/config/onlyoffice/entrypoint-override.sh create mode 100755 deployments/examples/ocis_collaboraton/config/onlyoffice/local.json create mode 100644 deployments/examples/ocis_collaboraton/docker-compose.collabora.yml create mode 100644 deployments/examples/ocis_collaboraton/docker-compose.onlyoffice.yml create mode 100644 deployments/examples/ocis_collaboraton/monitoring_tracing/docker-compose-additions.yml diff --git a/changelog/unreleased/add-debugging-doc.md b/changelog/unreleased/add-debugging-doc.md index 657fc5ab98d..54682a61d40 100644 --- a/changelog/unreleased/add-debugging-doc.md +++ b/changelog/unreleased/add-debugging-doc.md @@ -1,5 +1,6 @@ -Enhancement: Add the Collaboration stack debugging doc +Enhancement: Add the Collaboration stack deployment +Add the Collaboration stack deployment Add the Collaboration stack debugging doc https://github.com/owncloud/ocis/pull/9113 diff --git a/deployments/examples/ocis_collaboraton/README.md b/deployments/examples/ocis_collaboraton/README.md new file mode 100644 index 00000000000..9216f98c242 --- /dev/null +++ b/deployments/examples/ocis_collaboraton/README.md @@ -0,0 +1,26 @@ +# Documentation +The documentation is incomplete because the Collaboration server is in a development state. + +# Infinite Scale Collaboration Deployment Example + +This deployment example of the oCIS with the new Collaboration server. + +## Overview + +* oCIS, Collaboration server, Collabora or OnlyOffice running behind Traefik as reverse proxy +* Collabora or OnlyOffice enable you to edit documents in your browser +* Collaboration server acts as a bridge to make the oCIS storage accessible to Collabora or OnlyOffice +* Traefik generating self-signed certificates for local setup or obtaining valid SSL certificates for a server setup +Please note: Against the stack that uses [wopiserver](https://owncloud.dev/ocis/deployment/ocis_wopi/), we don't need the app_provider anymore. The new Collaboration server now includes an app_provider. + +### Running + +```bash +docker compose -f docker-compose.collabora.yml up -d +``` + +```bash +docker compose -f docker-compose.onlyoffice.yml up -d +``` + +Also see the [Admin Documentation](https://doc.owncloud.com/ocis/latest/index.html) for administrative and more configuration details. diff --git a/deployments/examples/ocis_collaboraton/config/ocis/app-registry.yaml b/deployments/examples/ocis_collaboraton/config/ocis/app-registry.yaml new file mode 100644 index 00000000000..b7cf0decf9a --- /dev/null +++ b/deployments/examples/ocis_collaboraton/config/ocis/app-registry.yaml @@ -0,0 +1,65 @@ +app_registry: + mimetypes: + - mime_type: application/pdf + extension: pdf + name: PDF + description: PDF document + icon: '' + default_app: '' + allow_creation: false + - mime_type: application/vnd.oasis.opendocument.text + extension: odt + name: OpenDocument + description: OpenDocument text document + icon: '' + default_app: Collabora + allow_creation: true + - mime_type: application/vnd.oasis.opendocument.spreadsheet + extension: ods + name: OpenSpreadsheet + description: OpenDocument spreadsheet document + icon: '' + default_app: Collabora + allow_creation: true + - mime_type: application/vnd.oasis.opendocument.presentation + extension: odp + name: OpenPresentation + description: OpenDocument presentation document + icon: '' + default_app: Collabora + allow_creation: true + - mime_type: application/vnd.openxmlformats-officedocument.wordprocessingml.document + extension: docx + name: Microsoft Word + description: Microsoft Word document + icon: '' + default_app: OnlyOffice + allow_creation: true + - mime_type: application/vnd.openxmlformats-officedocument.wordprocessingml.form + extension: docxf + name: Form Document + description: Form Document + icon: '' + default_app: OnlyOffice + allow_creation: true + - mime_type: application/vnd.openxmlformats-officedocument.spreadsheetml.sheet + extension: xlsx + name: Microsoft Excel + description: Microsoft Excel document + icon: '' + default_app: OnlyOffice + allow_creation: true + - mime_type: application/vnd.openxmlformats-officedocument.presentationml.presentation + extension: pptx + name: Microsoft PowerPoint + description: Microsoft PowerPoint document + icon: '' + default_app: OnlyOffice + allow_creation: true + - mime_type: application/vnd.jupyter + extension: ipynb + name: Jupyter Notebook + description: Jupyter Notebook + icon: '' + default_app: '' + allow_creation: true diff --git a/deployments/examples/ocis_collaboraton/config/ocis/banned-password-list.txt b/deployments/examples/ocis_collaboraton/config/ocis/banned-password-list.txt new file mode 100644 index 00000000000..aff7475f220 --- /dev/null +++ b/deployments/examples/ocis_collaboraton/config/ocis/banned-password-list.txt @@ -0,0 +1,5 @@ +password +12345678 +123 +ownCloud +ownCloud-1 diff --git a/deployments/examples/ocis_collaboraton/config/ocis/csp.yaml b/deployments/examples/ocis_collaboraton/config/ocis/csp.yaml new file mode 100644 index 00000000000..9852ebeae90 --- /dev/null +++ b/deployments/examples/ocis_collaboraton/config/ocis/csp.yaml @@ -0,0 +1,37 @@ +directives: + child-src: + - '''self''' + connect-src: + - '''self''' + default-src: + - '''none''' + font-src: + - '''self''' + frame-ancestors: + - '''self''' + frame-src: + - '''self''' + - 'https://embed.diagrams.net/' + # In contrary to bash and docker the default is given after the | character + - 'https://${ONLYOFFICE_DOMAIN|onlyoffice.owncloud.test}/' + - 'https://${COLLABORA_DOMAIN|collabora.owncloud.test}/' + img-src: + - '''self''' + - 'data:' + - 'blob:' + # In contrary to bash and docker the default is given after the | character + - 'https://${ONLYOFFICE_DOMAIN|onlyoffice.owncloud.test}/' + - 'https://${COLLABORA_DOMAIN|collabora.owncloud.test}/' + manifest-src: + - '''self''' + media-src: + - '''self''' + object-src: + - '''self''' + - 'blob:' + script-src: + - '''self''' + - '''unsafe-inline''' + style-src: + - '''self''' + - '''unsafe-inline''' diff --git a/deployments/examples/ocis_collaboraton/config/ocis/web.yaml b/deployments/examples/ocis_collaboraton/config/ocis/web.yaml new file mode 100644 index 00000000000..9ffff94810f --- /dev/null +++ b/deployments/examples/ocis_collaboraton/config/ocis/web.yaml @@ -0,0 +1,18 @@ +web: + config: + external_apps: + - id: preview + path: web-app-preview + config: + mimeTypes: + - image/tiff + - image/bmp + - image/x-ms-bmp + - id: importer + path: web-app-importer + config: + companionUrl: https://${COMPANION_DOMAIN|companion.owncloud.test} + supportedClouds: + - WebdavPublicLink + #- OneDrive # needs a client id and secret + #- GoogleDrive # needs a client id and secret and an addition to the DNS zone diff --git a/deployments/examples/ocis_collaboraton/config/onlyoffice/entrypoint-override.sh b/deployments/examples/ocis_collaboraton/config/onlyoffice/entrypoint-override.sh new file mode 100755 index 00000000000..60179dfe8ee --- /dev/null +++ b/deployments/examples/ocis_collaboraton/config/onlyoffice/entrypoint-override.sh @@ -0,0 +1,7 @@ +#!/bin/sh +set -e + +# we can't mount it directly because the run-document-server.sh script wants to move it +cp /etc/onlyoffice/documentserver/local.dist.json /etc/onlyoffice/documentserver/local.json + +/app/ds/run-document-server.sh diff --git a/deployments/examples/ocis_collaboraton/config/onlyoffice/local.json b/deployments/examples/ocis_collaboraton/config/onlyoffice/local.json new file mode 100755 index 00000000000..0db571fad42 --- /dev/null +++ b/deployments/examples/ocis_collaboraton/config/onlyoffice/local.json @@ -0,0 +1,71 @@ +{ + "services": { + "CoAuthoring": { + "sql": { + "type": "postgres", + "dbHost": "localhost", + "dbPort": "5432", + "dbName": "onlyoffice", + "dbUser": "onlyoffice", + "dbPass": "onlyoffice" + }, + "token": { + "enable": { + "request": { + "inbox": true, + "outbox": true + }, + "browser": true + }, + "inbox": { + "header": "Authorization" + }, + "outbox": { + "header": "Authorization" + } + }, + "secret": { + "inbox": { + "string": "B8LjkNqGxn6gf8bkuBUiMwyuCFwFddnu" + }, + "outbox": { + "string": "B8LjkNqGxn6gf8bkuBUiMwyuCFwFddnu" + }, + "session": { + "string": "B8LjkNqGxn6gf8bkuBUiMwyuCFwFddnu" + } + } + } + }, + "rabbitmq": { + "url": "amqp://guest:guest@localhost" + }, + "FileConverter": { + "converter": { + "inputLimits": [ + { + "type": "docx;dotx;docm;dotm", + "zip": { + "uncompressed": "1GB", + "template": "*.xml" + } + }, + { + "type": "xlsx;xltx;xlsm;xltm", + "zip": { + "uncompressed": "1GB", + "template": "*.xml" + } + }, + { + "type": "pptx;ppsx;potx;pptm;ppsm;potm", + "zip": { + "uncompressed": "1GB", + "template": "*.xml" + } + } + ] + } + } + +} diff --git a/deployments/examples/ocis_collaboraton/docker-compose.collabora.yml b/deployments/examples/ocis_collaboraton/docker-compose.collabora.yml new file mode 100644 index 00000000000..b52af933490 --- /dev/null +++ b/deployments/examples/ocis_collaboraton/docker-compose.collabora.yml @@ -0,0 +1,204 @@ +--- +version: "3.7" + +services: + traefik: + image: traefik:v2.9.1 + networks: + ocis-net: + aliases: + - ${OCIS_DOMAIN:-ocis.owncloud.test} + - ${collaboration_DOMAIN:-collaboration.owncloud.test} + - ${COLLABORA_DOMAIN:-collabora.owncloud.test} + - ${ONLYOFFICE_DOMAIN:-onlyoffice.owncloud.test} + - ${COMPANION_DOMAIN:-companion.owncloud.test} + command: + - "--log.level=${TRAEFIK_LOG_LEVEL:-ERROR}" + # letsencrypt configuration + - "--certificatesResolvers.http.acme.email=${TRAEFIK_ACME_MAIL:-example@example.org}" + - "--certificatesResolvers.http.acme.storage=/certs/acme.json" + - "--certificatesResolvers.http.acme.httpChallenge.entryPoint=http" + - "--certificatesresolvers.http.acme.caserver=${TRAEFIK_ACME_CASERVER:-https://acme-v02.api.letsencrypt.org/directory}" + # enable dashboard + - "--api.dashboard=true" + # define entrypoints + - "--entryPoints.http.address=:80" + - "--entryPoints.http.http.redirections.entryPoint.to=https" + - "--entryPoints.http.http.redirections.entryPoint.scheme=https" + - "--entryPoints.https.address=:443" + # docker provider (get configuration from container labels) + - "--providers.docker.endpoint=unix:///var/run/docker.sock" + - "--providers.docker.exposedByDefault=false" + # access log + - "--accessLog=true" + - "--accessLog.format=json" + - "--accessLog.fields.headers.names.X-Request-Id=keep" + ports: + - "80:80" + - "443:443" + volumes: + - "${DOCKER_SOCKET_PATH:-/var/run/docker.sock}:/var/run/docker.sock:ro" + - "certs:/certs" + labels: + - "traefik.enable=${TRAEFIK_DASHBOARD:-false}" + - "traefik.http.middlewares.traefik-auth.basicauth.users=${TRAEFIK_BASIC_AUTH_USERS:-admin:$$apr1$$4vqie50r$$YQAmQdtmz5n9rEALhxJ4l.}" # defaults to admin:admin + - "traefik.http.routers.traefik.entrypoints=https" + - "traefik.http.routers.traefik.rule=Host(`${TRAEFIK_DOMAIN:-traefik.owncloud.test}`)" + - "traefik.http.routers.traefik.middlewares=traefik-auth" + - "traefik.http.routers.traefik.tls.certresolver=http" + - "traefik.http.routers.traefik.service=api@internal" + logging: + driver: ${LOG_DRIVER:-local} + restart: always + + ocis: + image: owncloud/ocis:${OCIS_DOCKER_TAG:-latest} + networks: + ocis-net: + entrypoint: + - /bin/sh + # run ocis init to initialize a configuration file with random secrets + # it will fail on subsequent runs, because the config file already exists + # therefore we ignore the error and then start the ocis server + command: [ "-c", "ocis init || true; ocis server" ] + environment: + OCIS_URL: https://${OCIS_DOMAIN:-ocis.owncloud.test} + OCIS_LOG_LEVEL: ${OCIS_LOG_LEVEL:-info} + OCIS_LOG_COLOR: ${OCIS_LOG_COLOR:-false} + PROXY_TLS: "false" # do not use SSL between Traefik and oCIS + GATEWAY_GRPC_ADDR: 0.0.0.0:9142 # make the REVA gateway accessible to the app drivers + # INSECURE: needed if oCIS / Traefik is using self generated certificates + OCIS_INSECURE: ${INSECURE:-false} + # basic auth (not recommended, but needed for eg. WebDav clients that do not support OpenID Connect) + PROXY_ENABLE_BASIC_AUTH: "${PROXY_ENABLE_BASIC_AUTH:-false}" + # admin user password + IDM_ADMIN_PASSWORD: "${ADMIN_PASSWORD:-admin}" # this overrides the admin password from the configuration file + # demo users + IDM_CREATE_DEMO_USERS: "${DEMO_USERS:-false}" + MICRO_REGISTRY_ADDRESS: 127.0.0.1:9233 + NATS_NATS_HOST: 0.0.0.0 + NATS_NATS_PORT: 9233 + PROXY_CSP_CONFIG_FILE_LOCATION: /etc/ocis/csp.yaml + COLLABORA_DOMAIN: ${COLLABORA_DOMAIN:-collabora.owncloud.test} + ONLYOFFICE_DOMAIN: ${ONLYOFFICE_DOMAIN:-onlyoffice.owncloud.test} + # make collabora the secure view app + FRONTEND_APP_HANDLER_SECURE_VIEW_APP_ADDR: com.owncloud.api.app-provider-collabora + volumes: + - ./config/ocis/app-registry.yaml:/etc/ocis/app-registry.yaml + - ./config/ocis/csp.yaml:/etc/ocis/csp.yaml + - ./config/ocis/web.yaml:/etc/ocis/web.yaml + - ocis-config:/etc/ocis + - ocis-data:/var/lib/ocis + labels: + - "traefik.enable=true" + - "traefik.http.routers.ocis.entrypoints=https" + - "traefik.http.routers.ocis.rule=Host(`${OCIS_DOMAIN:-ocis.owncloud.test}`)" + - "traefik.http.routers.ocis.tls.certresolver=http" + - "traefik.http.routers.ocis.service=ocis" + - "traefik.http.services.ocis.loadbalancer.server.port=9200" + logging: + driver: ${LOG_DRIVER:-local} + restart: always + + collaboration: + image: owncloud/ocis:${OCIS_DOCKER_TAG:-latest} + networks: + ocis-net: + depends_on: + collabora: + condition: service_healthy + entrypoint: + - /bin/sh + command: [ "-c", "ocis collaboration server" ] + environment: + COLLABORATION_GRPC_ADDR: 0.0.0.0:9301 + COLLABORATION_HTTP_ADDR: 0.0.0.0:9300 + MICRO_REGISTRY: "nats-js-kv" + MICRO_REGISTRY_ADDRESS: "ocis:9233" + COLLABORATION_WOPI_SRC: https://${COLLABORATION_DOMAIN:-collaboration.owncloud.test} + COLLABORATION_WOPI_SECRET: LoremIpsum567 + COLLABORATION_APP_NAME: "Collabora" + COLLABORATION_APP_ADDR: https://${COLLABORA_DOMAIN:-collabora.owncloud.test} + COLLABORATION_APP_ICON: https://${COLLABORA_DOMAIN:-collabora.owncloud.test/favicon.ico} + COLLABORATION_APP_INSECURE: ${INSECURE:-false} + COLLABORATION_CS3API_DATAGATEWAY_INSECURE: ${INSECURE:-false} + COLLABORATION_LOG_LEVEL: ${OCIS_LOG_LEVEL:-info} + OCIS_LOG_COLOR: ${OCIS_LOG_COLOR:-false} + OCIS_RUNTIME_HOST: "ocis" + OCIS_CONFIG_DIR: /etc/ocis/ + volumes: + - ocis-config:/etc/ocis + - ocis-data:/var/lib/ocis + labels: + - "traefik.enable=true" + - "traefik.http.routers.collaboration.entrypoints=https" + - "traefik.http.routers.collaboration.rule=Host(`collaboration.${DOMAIN:-owncloud.test}`)" + - "traefik.http.routers.collaboration.tls.certresolver=http" + - "traefik.http.routers.collaboration.service=collaboration" + - "traefik.http.services.collaboration.loadbalancer.server.port=9300" + logging: + driver: "local" + restart: always + + collabora: + image: collabora/code:23.05.5.2.1 + networks: + ocis-net: + environment: + aliasgroup1: https://collaboration.owncloud.test:443 + DONT_GEN_SSL_CERT: "YES" + extra_params: --o:ssl.enable=false --o:ssl.termination=true --o:welcome.enable=false --o:net.frame_ancestors=${OCIS_DOMAIN:-ocis.owncloud.test} + username: ${COLLABORA_ADMIN_USER} + password: ${COLLABORA_ADMIN_PASSWORD} + cap_add: + - MKNOD + labels: + - "traefik.enable=true" + - "traefik.http.routers.collabora.entrypoints=https" + - "traefik.http.routers.collabora.rule=Host(`${COLLABORA_DOMAIN:-collabora.owncloud.test}`)" + - "traefik.http.routers.collabora.tls.certresolver=http" + - "traefik.http.routers.collabora.service=collabora" + - "traefik.http.services.collabora.loadbalancer.server.port=9980" + # websockets can't be opend when this is ommitted + - "traefik.http.middlewares.collabora.headers.customrequestheaders.X-Forwarded-Proto=https" + - "traefik.http.routers.collabora.middlewares=collabora" + logging: + driver: ${LOG_DRIVER:-local} + restart: always + healthcheck: + test: [ "CMD", "curl", "-f", "http://localhost:9980/hosting/discovery" ] + + companion: + image: ${COMPANION_IMAGE:-transloadit/companion:4.5.1} + networks: + ocis-net: + environment: + NODE_ENV: production + NODE_TLS_REJECT_UNAUTHORIZED: 0 + COMPANION_DATADIR: /tmp/companion/ + COMPANION_DOMAIN: ${COMPANION_DOMAIN:-companion.owncloud.test} + COMPANION_PROTOCOL: https + COMPANION_UPLOAD_URLS: "^https://${OCIS_DOMAIN:-ocis.owncloud.test}/" + COMPANION_ONEDRIVE_KEY: "${COMPANION_ONEDRIVE_KEY}" + COMPANION_ONEDRIVE_SECRET: "${COMPANION_ONEDRIVE_SECRET}" + volumes: + - companion-data:/tmp/companion/ + labels: + - "traefik.enable=true" + - "traefik.http.routers.companion.entrypoints=https" + - "traefik.http.routers.companion.rule=Host(`${COMPANION_DOMAIN:-companion.owncloud.test}`)" + - "traefik.http.routers.companion.tls.certresolver=http" + - "traefik.http.routers.companion.service=companion" + - "traefik.http.services.companion.loadbalancer.server.port=3020" + logging: + driver: ${LOG_DRIVER:-local} + restart: always + +volumes: + certs: + ocis-config: + ocis-data: + companion-data: + +networks: + ocis-net: diff --git a/deployments/examples/ocis_collaboraton/docker-compose.onlyoffice.yml b/deployments/examples/ocis_collaboraton/docker-compose.onlyoffice.yml new file mode 100644 index 00000000000..0acc5497f7b --- /dev/null +++ b/deployments/examples/ocis_collaboraton/docker-compose.onlyoffice.yml @@ -0,0 +1,205 @@ +--- +version: "3.7" + +services: + traefik: + image: traefik:v2.9.1 + networks: + ocis-net: + aliases: + - ${OCIS_DOMAIN:-ocis.owncloud.test} + - ${COLLABORATION_DOMAIN:-collaboration.owncloud.test} + - ${COLLABORA_DOMAIN:-collabora.owncloud.test} + - ${ONLYOFFICE_DOMAIN:-onlyoffice.owncloud.test} + - ${COMPANION_DOMAIN:-companion.owncloud.test} + command: + - "--log.level=${TRAEFIK_LOG_LEVEL:-ERROR}" + # letsencrypt configuration + - "--certificatesResolvers.http.acme.email=${TRAEFIK_ACME_MAIL:-example@example.org}" + - "--certificatesResolvers.http.acme.storage=/certs/acme.json" + - "--certificatesResolvers.http.acme.httpChallenge.entryPoint=http" + - "--certificatesresolvers.http.acme.caserver=${TRAEFIK_ACME_CASERVER:-https://acme-v02.api.letsencrypt.org/directory}" + # enable dashboard + - "--api.dashboard=true" + # define entrypoints + - "--entryPoints.http.address=:80" + - "--entryPoints.http.http.redirections.entryPoint.to=https" + - "--entryPoints.http.http.redirections.entryPoint.scheme=https" + - "--entryPoints.https.address=:443" + # docker provider (get configuration from container labels) + - "--providers.docker.endpoint=unix:///var/run/docker.sock" + - "--providers.docker.exposedByDefault=false" + # access log + - "--accessLog=true" + - "--accessLog.format=json" + - "--accessLog.fields.headers.names.X-Request-Id=keep" + ports: + - "80:80" + - "443:443" + volumes: + - "${DOCKER_SOCKET_PATH:-/var/run/docker.sock}:/var/run/docker.sock:ro" + - "certs:/certs" + labels: + - "traefik.enable=${TRAEFIK_DASHBOARD:-false}" + - "traefik.http.middlewares.traefik-auth.basicauth.users=${TRAEFIK_BASIC_AUTH_USERS:-admin:$$apr1$$4vqie50r$$YQAmQdtmz5n9rEALhxJ4l.}" # defaults to admin:admin + - "traefik.http.routers.traefik.entrypoints=https" + - "traefik.http.routers.traefik.rule=Host(`${TRAEFIK_DOMAIN:-traefik.owncloud.test}`)" + - "traefik.http.routers.traefik.middlewares=traefik-auth" + - "traefik.http.routers.traefik.tls.certresolver=http" + - "traefik.http.routers.traefik.service=api@internal" + logging: + driver: ${LOG_DRIVER:-local} + restart: always + + ocis: + image: owncloud/ocis:${OCIS_DOCKER_TAG:-latest} + networks: + ocis-net: + entrypoint: + - /bin/sh + # run ocis init to initialize a configuration file with random secrets + # it will fail on subsequent runs, because the config file already exists + # therefore we ignore the error and then start the ocis server + command: [ "-c", "ocis init || true; ocis server" ] + environment: + OCIS_URL: https://${OCIS_DOMAIN:-ocis.owncloud.test} + OCIS_LOG_LEVEL: ${OCIS_LOG_LEVEL:-info} + OCIS_LOG_COLOR: ${OCIS_LOG_COLOR:-false} + PROXY_TLS: "false" # do not use SSL between Traefik and oCIS + GATEWAY_GRPC_ADDR: 0.0.0.0:9142 # make the REVA gateway accessible to the app drivers + # INSECURE: needed if oCIS / Traefik is using self generated certificates + OCIS_INSECURE: ${INSECURE:-false} + # basic auth (not recommended, but needed for eg. WebDav clients that do not support OpenID Connect) + PROXY_ENABLE_BASIC_AUTH: "${PROXY_ENABLE_BASIC_AUTH:-false}" + # admin user password + IDM_ADMIN_PASSWORD: "${ADMIN_PASSWORD:-admin}" # this overrides the admin password from the configuration file + # demo users + IDM_CREATE_DEMO_USERS: "${DEMO_USERS:-false}" + MICRO_REGISTRY_ADDRESS: 127.0.0.1:9233 + NATS_NATS_HOST: 0.0.0.0 + NATS_NATS_PORT: 9233 + PROXY_CSP_CONFIG_FILE_LOCATION: /etc/ocis/csp.yaml + COLLABORA_DOMAIN: ${COLLABORA_DOMAIN:-collabora.owncloud.test} + ONLYOFFICE_DOMAIN: ${ONLYOFFICE_DOMAIN:-onlyoffice.owncloud.test} + # make collabora the secure view app + FRONTEND_APP_HANDLER_SECURE_VIEW_APP_ADDR: com.owncloud.api.app-provider-collabora + volumes: + - ./config/ocis/app-registry.yaml:/etc/ocis/app-registry.yaml + - ./config/ocis/csp.yaml:/etc/ocis/csp.yaml + - ./config/ocis/web.yaml:/etc/ocis/web.yaml + - ocis-config:/etc/ocis + - ocis-data:/var/lib/ocis + labels: + - "traefik.enable=true" + - "traefik.http.routers.ocis.entrypoints=https" + - "traefik.http.routers.ocis.rule=Host(`${OCIS_DOMAIN:-ocis.owncloud.test}`)" + - "traefik.http.routers.ocis.tls.certresolver=http" + - "traefik.http.routers.ocis.service=ocis" + - "traefik.http.services.ocis.loadbalancer.server.port=9200" + logging: + driver: ${LOG_DRIVER:-local} + restart: always + + collaboration: + image: owncloud/ocis:${OCIS_DOCKER_TAG:-latest} + networks: + ocis-net: + depends_on: + onlyoffice: + condition: service_healthy + entrypoint: + - /bin/sh + command: [ "-c", "ocis collaboration server" ] + environment: + COLLABORATION_GRPC_ADDR: 0.0.0.0:9301 + COLLABORATION_HTTP_ADDR: 0.0.0.0:9300 + MICRO_REGISTRY: "nats-js-kv" + MICRO_REGISTRY_ADDRESS: "ocis:9233" + COLLABORATION_WOPI_SRC: https://${COLLABORATION_DOMAIN:-collaboration.owncloud.test} + COLLABORATION_WOPI_SECRET: LoremIpsum567 + COLLABORATION_APP_NAME: "OnlyOffice" + COLLABORATION_APP_ADDR: https://${ONLYOFFICE_DOMAIN:-onlyoffice.owncloud.test} + COLLABORATION_APP_ICON: https://${ONLYOFFICE_DOMAIN:-onlyoffice.owncloud.test/favicon.ico} + COLLABORATION_APP_INSECURE: ${INSECURE:-false} + COLLABORATION_CS3API_DATAGATEWAY_INSECURE: ${INSECURE:-false} + COLLABORATION_LOG_LEVEL: ${OCIS_LOG_LEVEL:-info} + OCIS_LOG_COLOR: ${OCIS_LOG_COLOR:-false} + OCIS_RUNTIME_HOST: "ocis" + OCIS_CONFIG_DIR: /etc/ocis/ + volumes: + - ocis-config:/etc/ocis + - ocis-data:/var/lib/ocis + labels: + - "traefik.enable=true" + - "traefik.http.routers.collaboration.entrypoints=https" + - "traefik.http.routers.collaboration.rule=Host(`collaboration.${DOMAIN:-owncloud.test}`)" + - "traefik.http.routers.collaboration.tls.certresolver=http" + - "traefik.http.routers.collaboration.service=collaboration" + - "traefik.http.services.collaboration.loadbalancer.server.port=9300" + logging: + driver: "local" + restart: always + + onlyoffice: + image: onlyoffice/documentserver:7.5.0 + networks: + ocis-net: + entrypoint: + - /bin/sh + - /entrypoint-override.sh + environment: + WOPI_ENABLED: "true" + USE_UNAUTHORIZED_STORAGE: ${INSECURE:-false} # self signed certificates + volumes: + - ./config/onlyoffice/entrypoint-override.sh:/entrypoint-override.sh + - ./config/onlyoffice/local.json:/etc/onlyoffice/documentserver/local.dist.json + labels: + - "traefik.enable=true" + - "traefik.http.routers.onlyoffice.entrypoints=https" + - "traefik.http.routers.onlyoffice.rule=Host(`${ONLYOFFICE_DOMAIN:-onlyoffice.owncloud.test}`)" + - "traefik.http.routers.onlyoffice.tls.certresolver=http" + - "traefik.http.routers.onlyoffice.service=onlyoffice" + - "traefik.http.services.onlyoffice.loadbalancer.server.port=80" + # websockets can't be opend when this is ommitted + - "traefik.http.middlewares.onlyoffice.headers.customrequestheaders.X-Forwarded-Proto=https" + - "traefik.http.routers.onlyoffice.middlewares=onlyoffice" + logging: + driver: ${LOG_DRIVER:-local} + restart: always + healthcheck: + test: [ "CMD", "curl", "-f", "http://localhost/hosting/discovery" ] + + companion: + image: ${COMPANION_IMAGE:-transloadit/companion:4.5.1} + networks: + ocis-net: + environment: + NODE_ENV: production + NODE_TLS_REJECT_UNAUTHORIZED: 0 + COMPANION_DATADIR: /tmp/companion/ + COMPANION_DOMAIN: ${COMPANION_DOMAIN:-companion.owncloud.test} + COMPANION_PROTOCOL: https + COMPANION_UPLOAD_URLS: "^https://${OCIS_DOMAIN:-ocis.owncloud.test}/" + COMPANION_ONEDRIVE_KEY: "${COMPANION_ONEDRIVE_KEY}" + COMPANION_ONEDRIVE_SECRET: "${COMPANION_ONEDRIVE_SECRET}" + volumes: + - companion-data:/tmp/companion/ + labels: + - "traefik.enable=true" + - "traefik.http.routers.companion.entrypoints=https" + - "traefik.http.routers.companion.rule=Host(`${COMPANION_DOMAIN:-companion.owncloud.test}`)" + - "traefik.http.routers.companion.tls.certresolver=http" + - "traefik.http.routers.companion.service=companion" + - "traefik.http.services.companion.loadbalancer.server.port=3020" + logging: + driver: ${LOG_DRIVER:-local} + restart: always + +volumes: + certs: + ocis-config: + ocis-data: + companion-data: + +networks: + ocis-net: diff --git a/deployments/examples/ocis_collaboraton/monitoring_tracing/docker-compose-additions.yml b/deployments/examples/ocis_collaboraton/monitoring_tracing/docker-compose-additions.yml new file mode 100644 index 00000000000..47839287163 --- /dev/null +++ b/deployments/examples/ocis_collaboraton/monitoring_tracing/docker-compose-additions.yml @@ -0,0 +1,36 @@ +--- +version: "3.7" + +services: + ocis: + environment: + # tracing + OCIS_TRACING_ENABLED: "true" + OCIS_TRACING_TYPE: "jaeger" + OCIS_TRACING_ENDPOINT: jaeger-agent:6831 + # metrics + # if oCIS runs as a single process, all /metrics endpoints + # will expose the same metrics, so it's sufficient to query one endpoint + PROXY_DEBUG_ADDR: 0.0.0.0:9205 + + ocis-appprovider-collabora: + environment: + # tracing + OCIS_TRACING_ENABLED: "true" + OCIS_TRACING_TYPE: "jaeger" + OCIS_TRACING_ENDPOINT: jaeger-agent:6831 + # metrics + APP_PROVIDER_DEBUG_ADDR: 0.0.0.0:9165 + + ocis-appprovider-onlyoffice: + environment: + # tracing + OCIS_TRACING_ENABLED: "true" + OCIS_TRACING_TYPE: "jaeger" + OCIS_TRACING_ENDPOINT: jaeger-agent:6831 + # metrics + APP_PROVIDER_DEBUG_ADDR: 0.0.0.0:9165 + +networks: + ocis-net: + external: true diff --git a/docs/ocis/development/debugging.md b/docs/ocis/development/debugging.md index 21fd4b8ba6b..b597f1844ef 100644 --- a/docs/ocis/development/debugging.md +++ b/docs/ocis/development/debugging.md @@ -147,8 +147,8 @@ make debug-docker ```bash export OCIS_DOCKER_TAG=debug ``` -3. Change the docker-compose `ocis` or `ocis-appprovider-collabora` or `ocis-appprovider-onlyoffice` depends on what do you want to debug: -For example `deployments/examples/ocis_wopi/docker-compose.yml` +3. Change the docker-compose `ocis` or `ocis-appprovider-collabora` or `ocis-appprovider-onlyoffice` or `collaboration` depends on what do you want to debug: +Example for `ocis` `deployments/examples/ocis_wopi/docker-compose.yml` ```yaml ocis: image: owncloud/ocis:${OCIS_DOCKER_TAG:-latest} @@ -156,13 +156,34 @@ For example `deployments/examples/ocis_wopi/docker-compose.yml` ocis-net: entrypoint: - /bin/sh -# Comment out command +# Comment out the command # command: ["-c", "ocis init || true; ocis server"] # Replace the command and expose the port - command: [ "-c", "ocis init || true; dlv --listen=:40000 --headless=true --api-version=2 --accept-multiclient exec /usr/bin/ocis server" ] + command: [ "-c", "ocis init || true; dlv --listen=:40000 --headless=true --check-go-version=false --api-version=2 --accept-multiclient exec /usr/bin/ocis server" ] ports: - 40000:40000 ``` + +Example for `Collaboration server` `deployments/examples/ocis_collaboration/docker-compose.collabora.yml` +Please note: Against the stack that uses [cs3org/wopiserver](https://github.com/cs3org/wopiserver), we don't need the app_provider anymore. The new collaboration server now includes the wopiserver and app_provider. +```yaml + collaboration: + image: owncloud/ocis:${OCIS_DOCKER_TAG:-latest} + networks: + ocis-net: + depends_on: + collabora: + condition: service_healthy + entrypoint: + - /bin/sh +# Comment out the command +# command: [ "-c", "ocis collaboration server" ] +# Replace the command and expose the port + command: [ "-c", " dlv --listen=:40000 --headless=true --check-go-version=false --api-version=2 --accept-multiclient exec /usr/bin/ocis collaboration server" ] + ports: + - 40000:40000 +``` + 4. Run the docker-compose 5. Connect to remote `delve` * For the VS Code add the configuration to the `.vscode/launch.json` [https://github.com/golang/vscode-go/wiki/debugging#remote-debugging](https://github.com/golang/vscode-go/wiki/debugging#remote-debugging) @@ -179,167 +200,6 @@ For example `deployments/examples/ocis_wopi/docker-compose.yml` }, ``` -### Debugging the Collaboration Stack -Sometimes for debugging purposes, we want to run the WOPI stack with the collaboration service locally. -Let's focus on an example that uses the local runs of the ocis and collaboration together with the containerized traefik and collabora. -Please note: Against the stack that uses https://github.com/cs3org/wopiserver, we don't need the app_provider anymore. The new collaboration service now includes an app_provider. - - -1. Update the hosts file -```bash -127.0.0.1 ocis.owncloud.test -127.0.0.1 traefik.owncloud.test -127.0.0.1 collabora.owncloud.test -127.0.0.1 collaboration.owncloud.test -``` - -2. Update the ocis/services/proxy/pkg/config/csp.yaml -``` yaml - frame-src: - - '''self''' - - 'https://embed.diagrams.net/' - - 'https://collabora.owncloud.test/' - img-src: - - '''self''' - - 'data:' - - 'blob:' - - 'https://collabora.owncloud.test/' -``` - -3. Run dependencies in a docker -3.1 Set the OCIS_DOMAIN -```bash -export OCIS_DOMAIN=ocis.owncloud.test:9200 -``` -3.2 Create the docker-compose.yml -```yaml - ---- -version: "3.7" - -services: - traefik: - image: traefik:v2.9.1 - networks: - ocis-net: - aliases: - - ${OCIS_DOMAIN:-ocis.owncloud.test} - - ${WOPISERVER_DOMAIN:-wopiserver.owncloud.test} - - ${COLLABORA_DOMAIN:-collabora.owncloud.test} - - ${ONLYOFFICE_DOMAIN:-onlyoffice.owncloud.test} - - ${COMPANION_DOMAIN:-companion.owncloud.test} - command: - - "--log.level=${TRAEFIK_LOG_LEVEL:-ERROR}" - # letsencrypt configuration - - "--certificatesResolvers.http.acme.email=${TRAEFIK_ACME_MAIL:-example@example.org}" - - "--certificatesResolvers.http.acme.storage=/certs/acme.json" - - "--certificatesResolvers.http.acme.httpChallenge.entryPoint=http" - # enable dashboard - - "--api.dashboard=true" - # define entrypoints - - "--entryPoints.http.address=:80" - - "--entryPoints.http.http.redirections.entryPoint.to=https" - - "--entryPoints.http.http.redirections.entryPoint.scheme=https" - - "--entryPoints.https.address=:443" - # docker provider (get configuration from container labels) - - "--providers.docker.endpoint=unix:///var/run/docker.sock" - - "--providers.docker.exposedByDefault=false" - # access log - - "--accessLog=true" - - "--accessLog.format=json" - - "--accessLog.fields.headers.names.X-Request-Id=keep" - ports: - - "80:80" - - "443:443" - volumes: - - "${DOCKER_SOCKET_PATH:-/var/run/docker.sock}:/var/run/docker.sock:ro" - - "certs:/certs" - labels: - - "traefik.enable=${TRAEFIK_DASHBOARD:-false}" - - "traefik.http.middlewares.traefik-auth.basicauth.users=${TRAEFIK_BASIC_AUTH_USERS:-admin:$$apr1$$4vqie50r$$YQAmQdtmz5n9rEALhxJ4l.}" # defaults to admin:admin - - "traefik.http.routers.traefik.entrypoints=https" - - "traefik.http.routers.traefik.rule=Host(`${TRAEFIK_DOMAIN:-traefik.owncloud.test}`)" - - "traefik.http.routers.traefik.middlewares=traefik-auth" - - "traefik.http.routers.traefik.tls.certresolver=http" - - "traefik.http.routers.traefik.service=api@internal" - logging: - driver: ${LOG_DRIVER:-local} - restart: always - - collabora: - image: collabora/code:23.05.5.2.1 - networks: - ocis-net: - extra_hosts: - - "collaboration.owncloud.test:host-gateway" - environment: - aliasgroup1: https://collaboration.owncloud.test:9300 - DONT_GEN_SSL_CERT: "YES" - extra_params: --o:ssl.enable=false --o:ssl.termination=true --o:welcome.enable=false --o:net.frame_ancestors=${OCIS_DOMAIN:-ocis.owncloud.test:9200} - username: ${COLLABORA_ADMIN_USER} - password: ${COLLABORA_ADMIN_PASSWORD} - cap_add: - - MKNOD - labels: - - "traefik.enable=true" - - "traefik.http.routers.collabora.entrypoints=https" - - "traefik.http.routers.collabora.rule=Host(`${COLLABORA_DOMAIN:-collabora.owncloud.test}`)" - - "traefik.http.routers.collabora.tls.certresolver=http" - - "traefik.http.routers.collabora.service=collabora" - - "traefik.http.services.collabora.loadbalancer.server.port=9980" - # websockets can't be opened when this is ommitted - - "traefik.http.middlewares.collabora.headers.customrequestheaders.X-Forwarded-Proto=https" - - "traefik.http.routers.collabora.middlewares=collabora" - logging: - driver: ${LOG_DRIVER:-local} - restart: always - healthcheck: - test: ["CMD", "curl", "-f", "http://localhost:9980/hosting/discovery"] - -volumes: - certs: - companion-data: - -networks: - ocis-net: - -``` -3.3 Run the docker compose `docker compose up -d` - -4. Run ocis or configure you IDE for debugging an application on the host machine -``` bash -OCIS_URL=https://ocis.owncloud.test:9200 \ -PROXY_ENABLE_BASIC_AUTH=true \ -MICRO_REGISTRY=nats-js-kv \ -MICRO_REGISTRY_ADDRESS="127.0.0.1:9233" \ -NATS_NATS_HOST="0.0.0.0" \ -NATS_NATS_PORT=9233 \ -GATEWAY_GRPC_ADDR="0.0.0.0:9142" \ -PROXY_CSP_CONFIG_FILE_LOCATION=ocis/services/proxy/pkg/config/csp.yaml \ -PROXY_ENABLE_BASIC_AUTH=true \ -OCIS_EXCLUDE_RUN_SERVICES=app-provider \ -ocis/bin/ocis server -``` - -5. Run collaboration server or configure you IDE for debugging an application on the host machine -```bash -COLLABORATION_APP_NAME=Collabora \ -COLLABORATION_APP_ICON=https://collabora.owncloud.test/favicon.ico \ -COLLABORATION_CS3API_DATAGATEWAY_INSECURE=true \ -COLLABORATION_HTTP_ADDR=collaboration.owncloud.test:9300 \ -COLLABORATION_HTTP_SCHEME=http \ -COLLABORATION_LOG_LEVEL=debug \ -COLLABORATION_WOPIAPP_ADDR=https://collabora.owncloud.test \ -COLLABORATION_WOPIAPP_INSECURE=true \ -MICRO_REGISTRY=nats-js-kv \ -MICRO_REGISTRY_ADDRESS=localhost:9233 \ -OCIS_URL=https://ocis.owncloud.test:9200 \ -ocis/bin/ocis collaboration server -``` - -6. Open ocis in a browser https://ocis.owncloud.test:9200 - - ### Gather Error Messages We recommend you collect all related information in a single file or in a GitHub issue. Let us start with an error that pops up in the Web UI: diff --git a/ocis/docker/Dockerfile.linux.amd64 b/ocis/docker/Dockerfile.linux.amd64 index 6b00eda1a6b..99b044675af 100644 --- a/ocis/docker/Dockerfile.linux.amd64 +++ b/ocis/docker/Dockerfile.linux.amd64 @@ -3,7 +3,7 @@ FROM amd64/alpine:3.18 ARG VERSION="" ARG REVISION="" -RUN apk add --no-cache ca-certificates mailcap tree attr curl && \ +RUN apk add --no-cache ca-certificates mailcap tree attr curl libc6-compat && \ echo 'hosts: files dns' >| /etc/nsswitch.conf LABEL maintainer="ownCloud GmbH " \