Role that installs the onlyoffice document server.
This commit is contained in:
Andrea Dell'Amico
parent
78cb5df2d4
commit
148c098f9f
|
|
@ -0,0 +1,25 @@
|
||||||
|
---
|
||||||
|
onlyoffice_docserver_deb_repo_key: CB2DE8E5
|
||||||
|
onlyoffice_docserver_deb_repo_key_server: 'keyserver.ubuntu.com'
|
||||||
|
onlyoffice_docserver_deb_repo: 'deb http://download.onlyoffice.com/repo/debian squeeze main'
|
||||||
|
onlyoffice_docserver_deb_packages: onlyoffice-communityserver
|
||||||
|
onlyoffice_docserver_letsencrypt_managed: True
|
||||||
|
|
||||||
|
onlyoffice_docserver_use_nginx_role: True
|
||||||
|
|
||||||
|
onlyoffice_docserver_deb_packages_dependencies:
|
||||||
|
- libcurl3
|
||||||
|
- libxml2
|
||||||
|
- supervisor
|
||||||
|
- fonts-dejavu
|
||||||
|
- fonts-liberation
|
||||||
|
- ttf-mscorefonts-installer
|
||||||
|
- fonts-crosextra-carlito
|
||||||
|
- fonts-takao-gothic
|
||||||
|
- fonts-opensymbol
|
||||||
|
- npm
|
||||||
|
- nginx-extras
|
||||||
|
|
||||||
|
onlyoffice_docserver_packages:
|
||||||
|
- onlyoffice-documentserver
|
||||||
|
|
||||||
|
|
@ -0,0 +1,6 @@
|
||||||
|
---
|
||||||
|
- name: Reload nginx
|
||||||
|
service:
|
||||||
|
name: nginx
|
||||||
|
enabled: yes
|
||||||
|
state: reloaded
|
||||||
|
|
@ -0,0 +1,6 @@
|
||||||
|
---
|
||||||
|
dependencies:
|
||||||
|
- { role: '../../library/roles/postgresql', when: psql_postgresql_install }
|
||||||
|
- { role: '../../library/roles/redis' }
|
||||||
|
- { role: '../../library/roles/rabbitmq' }
|
||||||
|
- { role: '../../library/roles/nginx', when: onlyoffice_docserver_use_nginx_role }
|
||||||
|
|
@ -0,0 +1,34 @@
|
||||||
|
---
|
||||||
|
- block:
|
||||||
|
- name: Install the deb OnlyOffice repository key
|
||||||
|
apt_key:
|
||||||
|
keyserver: '{{ onlyoffice_docserver_deb_repo_key_server }}'
|
||||||
|
id: '{{ onlyoffice_docserver_deb_repo_key }}'
|
||||||
|
|
||||||
|
- name: Install the deb OnlyOffice repository
|
||||||
|
apt_repository:
|
||||||
|
repo: '{{ onlyoffice_docserver_deb_repo }}'
|
||||||
|
state: present
|
||||||
|
update_cache: yes
|
||||||
|
|
||||||
|
- name: Install the OnlyOffice document server deb dependencies
|
||||||
|
apt: name={{ onlyoffice_docserver_deb_packages_dependencies }} state=present cache_valid_time=1800
|
||||||
|
|
||||||
|
- name: The OnlyOffice document server packages must be done manually, because it is interactive
|
||||||
|
debug:
|
||||||
|
msg: "Manually install the onlyoffice-documentserver package with 'apt-get install -y onlyoffice-documentserver'"
|
||||||
|
|
||||||
|
# - name: Install the OnlyOffice document server package
|
||||||
|
# apt: name={{ onlyoffice_docserver_packages }} state=present cache_valid_time=1800
|
||||||
|
|
||||||
|
when: ansible_distribution_file_variety == "Debian"
|
||||||
|
tags: onlyoffice
|
||||||
|
|
||||||
|
- block:
|
||||||
|
- name: Install the OnlyOffice document server configuration that enables SSL
|
||||||
|
template: src=onlyoffice-documentserver-ssl.conf dest=/etc/onlyoffice/documentserver/nginx/onlyoffice-documentserver.conf
|
||||||
|
when: onlyoffice_docserver_use_nginx_role
|
||||||
|
notify: Reload nginx
|
||||||
|
|
||||||
|
when: ansible_distribution_file_variety == "Debian"
|
||||||
|
tags: [ 'onlyoffice', 'letsencrypt' ]
|
||||||
|
|
@ -0,0 +1,43 @@
|
||||||
|
include /etc/nginx/includes/onlyoffice-http.conf;
|
||||||
|
|
||||||
|
## Normal HTTP host
|
||||||
|
server {
|
||||||
|
listen 0.0.0.0:80;
|
||||||
|
listen [::]:80 default_server;
|
||||||
|
server_name _;
|
||||||
|
server_tokens off;
|
||||||
|
|
||||||
|
include /etc/nginx/snippets/letsencrypt-proxy.conf;
|
||||||
|
## Redirects all traffic to the HTTPS host
|
||||||
|
root /nowhere; ## root doesn't have to be a valid path since we are redirecting
|
||||||
|
rewrite ^ https://$host$request_uri? permanent;
|
||||||
|
}
|
||||||
|
|
||||||
|
#HTTP host for internal services
|
||||||
|
server {
|
||||||
|
listen 127.0.0.1:80;
|
||||||
|
listen [::1]:80;
|
||||||
|
server_name localhost;
|
||||||
|
server_tokens off;
|
||||||
|
|
||||||
|
include /etc/nginx/snippets/letsencrypt-proxy.conf;
|
||||||
|
include /etc/nginx/includes/onlyoffice-documentserver-common.conf;
|
||||||
|
include /etc/nginx/includes/onlyoffice-documentserver-docservice.conf;
|
||||||
|
}
|
||||||
|
|
||||||
|
## HTTPS host
|
||||||
|
server {
|
||||||
|
listen 0.0.0.0:443 ssl http2;
|
||||||
|
listen [::]:443 ssl http2 default_server;
|
||||||
|
server_tokens off;
|
||||||
|
root /usr/share/nginx/html;
|
||||||
|
|
||||||
|
## Strong SSL Security
|
||||||
|
## https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html
|
||||||
|
ssl on;
|
||||||
|
include /etc/nginx/snippets/nginx-server-ssl.conf;
|
||||||
|
# add_header X-Frame-Options SAMEORIGIN;
|
||||||
|
add_header X-Content-Type-Options nosniff;
|
||||||
|
include /etc/nginx/includes/onlyoffice-documentserver-*.conf;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
@ -0,0 +1,12 @@
|
||||||
|
---
|
||||||
|
http_port: 80
|
||||||
|
https_port: 443
|
||||||
|
redis_install: True
|
||||||
|
|
||||||
|
psql_postgresql_install: True
|
||||||
|
pg_use_postgresql_org_repo: True
|
||||||
|
psql_version: 11
|
||||||
|
pg_backup_retain_copies: 2
|
||||||
|
|
||||||
|
psql_db_data:
|
||||||
|
- { name: 'onlyoffice', encoding: 'UTF8', user: 'onlyoffice', roles: 'NOCREATEDB,NOSUPERUSER', pwd: '{{ onlyoffice_docserver_db_pwd }}', managedb: True, allowed_hosts: [ '127.0.0.1' ] }
|
||||||
Loading…
Reference in New Issue