76 lines
2.3 KiB
Markdown
76 lines
2.3 KiB
Markdown
= Nextcoloud Appliance
|
|
|
|
== Server setup
|
|
|
|
Copy your ssh key to the server for the root user
|
|
|
|
```
|
|
workstation $ ssh-copy-id root@server_ip
|
|
```
|
|
|
|
== Ansible Playbooks
|
|
|
|
Use the ansible playbooks to setup the nextcloud appliance
|
|
|
|
```
|
|
workstation $ ansible-playbook -i inventory_source, ansible/nextcloud_bootstrap.yaml
|
|
|
|
```
|
|
|
|
Debian 10 needs the Python interpreter setup by setting `-e ansible_python_interpreter=/usr/bin/python3` or in the inventory file.
|
|
|
|
This example runs the playbook with debugging information, for a specific host, and the Python interpreter.
|
|
|
|
```
|
|
workstation $ ansible-playbook -vvv -u root -i 192.168.1.112, -e ansible_python_interpreter=/usr/bin/python3 nextcloud_appliance.yaml
|
|
```
|
|
|
|
|
|
|
|
=== Parameters
|
|
|
|
There are multiple variables that can be set to customize the nextcloud installation.
|
|
|
|
* *To set the Nextcloud instance domain name set the `nextcloud_domain_name` variable*
|
|
|
|
```
|
|
workstation $ ansible-playbook -vvv -u root -i 192.168.1.112, -e nextcloud_domain_name="nextcloud.example.com" nextcloud_appliance.yaml
|
|
```
|
|
|
|
== Collabora Office Load Balance
|
|
|
|
Collabora uses the WOPI procotol. This protocol can be balanced by using the `WOPISrc` to send the traffic to the proper loolwsd
|
|
server.
|
|
|
|
Disable SSL of the loolwsd web service.
|
|
|
|
==== loolwsd.xml
|
|
|
|
```
|
|
<enable default="true" desc="Controls whether SSL encryption between browser and loolwsd is enabled (do not disable for production deployment). If default is false, must first be compiled with SSL support to enable." type="bool">false</enable>
|
|
|
|
<termination default="false" desc="Connection via proxy where loolwsd acts as working via https, but actually uses http." type="bool">true</termination>
|
|
```
|
|
|
|
==== HAProxy
|
|
|
|
Configure HAProxy to extract the `WOPISrc` URL parameter and use it to send always the traffic to the same `loolwsd` backend.
|
|
|
|
```
|
|
Frontend loolwsdbind \*:443 ssl crt /Path to your certificate_and_key.pem
|
|
http-request set-header X-HAProxy-loolwsd %[url_param(WOPISrc)]
|
|
mode http
|
|
default_backend loolwsd
|
|
|
|
backend loolwsd timeout tunnel 3600s
|
|
mode http
|
|
balance hdr(X-HAProxy-loolwsd)
|
|
server lool1 <CE Server 1 IP>:9980
|
|
server lool2 <CE Server 2 IP>:9980
|
|
server lool3 <CE Server 3 IP>:99
|
|
```
|
|
|
|
|
|
References:
|
|
* https://www.microfocus.com/documentation/filr/filr-4/filr-inst/t4duiofh1cz7.html
|
|
|