community-scripts/ProxmoxVED
5
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity

Refactor OpenCloud installer to simplify Collabora handling

Browse Source 
Reworks opencloud-install.sh to remove localhost mode, always require FQDNs, and streamline Collabora and WOPI configuration. The script now always installs Collabora and WOPI, sets up environment variables accordingly, and simplifies service management. The previous localhost/IP-based mode is preserved in opencloud-install.sh.bak for reference.
This commit is contained in:
CanbiZ (MickLesk) 2026-01-29 11:22:49 +01:00
parent 025d688be3
commit 9d77145a7e
2 changed files with 155 additions and 139 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

107
install/opencloud-install.sh
View File

@ -13,29 +13,30 @@ setting_up_container
network_check network_check
update_os update_os
echo -e "${TAB3}${INFO}${YW} Leave empty to use IP-based localhost mode (no Collabora)${CL}"
read -r -p "${TAB3}Enter the hostname of your OpenCloud server (eg cloud.domain.tld): " oc_host read -r -p "${TAB3}Enter the hostname of your OpenCloud server (eg cloud.domain.tld): " oc_host
if [[ "$oc_host" ]]; then
if [[ -z "$oc_host" ]]; then
# Localhost/IP mode - no TLS, no Collabora
OC_HOST="${LOCAL_IP}"
LOCALHOST_MODE=true
msg_info "Using localhost mode with IP: ${LOCAL_IP}"
msg_warn "Collabora requires TLS and will be skipped in localhost mode"
else
OC_HOST="$oc_host" OC_HOST="$oc_host"
LOCALHOST_MODE=false fi
read -r -p "${TAB3}Enter the hostname of your Collabora server [collabora.${OC_HOST#*.}]: " collabora_host read -r -p "${TAB3}Enter the hostname of your Collabora server (eg collabora.domain.tld): " collabora_host
COLLABORA_HOST="${collabora_host:-collabora.${OC_HOST#*.}}" if [[ "$collabora_host" ]]; then
read -r -p "${TAB3}Enter the hostname of your WOPI server [wopiserver.${OC_HOST#*.}]: " wopi_host COLLABORA_HOST="$collabora_host"
WOPI_HOST="${wopi_host:-wopiserver.${OC_HOST#*.}}" fi
read -r -p "${TAB3}Enter the hostname of your WOPI server (eg wopiserver.domain.tld): " wopi_host
if [[ "$wopi_host" ]]; then
WOPI_HOST="$wopi_host"
fi fi
# Collabora Online - only install if not in localhost mode (requires TLS) # Collabora online - this is broken because it adds the Component and apt doesn't like that
if [[ "$LOCALHOST_MODE" != true ]]; then # setup_deb822_repo \
# "collaboraonline" \
# "https://collaboraoffice.com/downloads/gpg/collaboraonline-release-keyring.gpg" \
# "https://www.collaboraoffice.com/repos/CollaboraOnline/CODE-deb/Release" \
# "./" \
# "main"
msg_info "Installing Collabora Online" msg_info "Installing Collabora Online"
curl -fsSL https://collaboraoffice.com/downloads/gpg/collaboraonline-release-keyring.gpg -o /etc/apt/keyrings/collaboraonline-release-keyring.gpg curl -fsSL https://collaboraoffice.com/downloads/gpg/collaboraonline-release-keyring.gpg -o /etc/apt/keyrings/collaboraonline-release-keyring.gpg
cat <<EOF >/etc/apt/sources.list.d/collaboraonline.sources cat <<EOF >/etc/apt/sources.list.d/colloboraonline.sources
Types: deb Types: deb
URIs: https://www.collaboraoffice.com/repos/CollaboraOnline/CODE-deb URIs: https://www.collaboraoffice.com/repos/CollaboraOnline/CODE-deb
Suites: ./ Suites: ./
@ -51,10 +52,9 @@ Before=opencloud-wopi.service
EOF EOF
systemctl daemon-reload systemctl daemon-reload
COOLPASS="$(openssl rand -base64 36)" COOLPASS="$(openssl rand -base64 36)"
$STD runuser -u cool -- coolconfig set-admin-password --user=admin --password="$COOLPASS" $STD sudo -u cool coolconfig set-admin-password --user=admin --password="$COOLPASS"
echo "$COOLPASS" >~/.coolpass echo "$COOLPASS" >~/.coolpass
msg_ok "Installed Collabora Online" msg_ok "Installed Collabora Online"
fi
# OpenCloud # OpenCloud
fetch_and_deploy_gh_release "opencloud" "opencloud-eu/opencloud" "singlefile" "v5.0.1" "/usr/bin" "opencloud-*-linux-amd64" fetch_and_deploy_gh_release "opencloud" "opencloud-eu/opencloud" "singlefile" "v5.0.1" "/usr/bin" "opencloud-*-linux-amd64"
@ -68,17 +68,9 @@ mkdir -p "$DATA_DIR" "$CONFIG_DIR"/assets/apps
curl -fsSL https://raw.githubusercontent.com/opencloud-eu/opencloud-compose/refs/heads/main/config/opencloud/csp.yaml -o "$CONFIG_DIR"/csp.yaml curl -fsSL https://raw.githubusercontent.com/opencloud-eu/opencloud-compose/refs/heads/main/config/opencloud/csp.yaml -o "$CONFIG_DIR"/csp.yaml
curl -fsSL https://raw.githubusercontent.com/opencloud-eu/opencloud-compose/refs/heads/main/config/opencloud/proxy.yaml -o "$CONFIG_DIR"/proxy.yaml.bak curl -fsSL https://raw.githubusercontent.com/opencloud-eu/opencloud-compose/refs/heads/main/config/opencloud/proxy.yaml -o "$CONFIG_DIR"/proxy.yaml.bak
if [[ "$LOCALHOST_MODE" == true ]]; then
OC_URL="http://${OC_HOST}:9200"
OC_INSECURE="true"
else
OC_URL="https://${OC_HOST}"
OC_INSECURE="false"
fi
cat <<EOF >"$ENV_FILE" cat <<EOF >"$ENV_FILE"
OC_URL=${OC_URL} OC_URL=https://${OC_HOST}
OC_INSECURE=${OC_INSECURE} OC_INSECURE=false
IDM_CREATE_DEMO_USERS=false IDM_CREATE_DEMO_USERS=false
OC_LOG_LEVEL=warning OC_LOG_LEVEL=warning
OC_CONFIG_DIR=${CONFIG_DIR} OC_CONFIG_DIR=${CONFIG_DIR}
@ -101,15 +93,15 @@ GRAPH_INCLUDE_OCM_SHAREES=true
PROXY_TLS=false PROXY_TLS=false
PROXY_CSP_CONFIG_FILE_LOCATION=${CONFIG_DIR}/csp.yaml PROXY_CSP_CONFIG_FILE_LOCATION=${CONFIG_DIR}/csp.yaml
## Collaboration - requires VALID TLS (disabled in localhost mode) ## Collaboration - requires VALID TLS
# COLLABORA_DOMAIN= COLLABORA_DOMAIN=${COLLABORA_HOST}
# COLLABORATION_APP_NAME="CollaboraOnline" COLLABORATION_APP_NAME="CollaboraOnline"
# COLLABORATION_APP_PRODUCT="Collabora" COLLABORATION_APP_PRODUCT="Collabora"
# COLLABORATION_APP_ADDR= COLLABORATION_APP_ADDR=https://${COLLABORA_HOST}
# COLLABORATION_APP_INSECURE=false COLLABORATION_APP_INSECURE=false
# COLLABORATION_HTTP_ADDR=0.0.0.0:9300 COLLABORATION_HTTP_ADDR=0.0.0.0:9300
# COLLABORATION_WOPI_SRC= COLLABORATION_WOPI_SRC=https://${WOPI_HOST}
# COLLABORATION_JWT_SECRET= COLLABORATION_JWT_SECRET=
## Notifications - Email settings ## Notifications - Email settings
# NOTIFICATIONS_SMTP_HOST= # NOTIFICATIONS_SMTP_HOST=
@ -174,7 +166,6 @@ Restart=always
WantedBy=multi-user.target WantedBy=multi-user.target
EOF EOF
if [[ "$LOCALHOST_MODE" != true ]]; then
cat <<EOF >/etc/systemd/system/opencloud-wopi.service cat <<EOF >/etc/systemd/system/opencloud-wopi.service
[Unit] [Unit]
Description=OpenCloud WOPI Server Description=OpenCloud WOPI Server
@ -197,49 +188,21 @@ TimeoutStopSec=10
WantedBy=multi-user.target WantedBy=multi-user.target
EOF EOF
# Append active Collabora config to env file $STD sudo -u cool coolconfig set ssl.enable false
cat <<EOF >>"$ENV_FILE" $STD sudo -u cool coolconfig set ssl.termination true
$STD sudo -u cool coolconfig set ssl.ssl_verification true
## Collaboration - active configuration
COLLABORA_DOMAIN=${COLLABORA_HOST}
COLLABORATION_APP_NAME="CollaboraOnline"
COLLABORATION_APP_PRODUCT="Collabora"
COLLABORATION_APP_ADDR=https://${COLLABORA_HOST}
COLLABORATION_APP_INSECURE=false
COLLABORATION_HTTP_ADDR=0.0.0.0:9300
COLLABORATION_WOPI_SRC=https://${WOPI_HOST}
COLLABORATION_JWT_SECRET=
EOF
$STD runuser -u cool -- coolconfig set ssl.enable false
$STD runuser -u cool -- coolconfig set ssl.termination true
$STD runuser -u cool -- coolconfig set ssl.ssl_verification true
sed -i "s|CSP2\"/>|CSP2\">frame-ancestors https://${OC_HOST}</content_security_policy>|" /etc/coolwsd/coolwsd.xml sed -i "s|CSP2\"/>|CSP2\">frame-ancestors https://${OC_HOST}</content_security_policy>|" /etc/coolwsd/coolwsd.xml
fi
useradd -r -M -s /usr/sbin/nologin opencloud useradd -r -M -s /usr/sbin/nologin opencloud
chown -R opencloud:opencloud "$CONFIG_DIR" "$DATA_DIR" chown -R opencloud:opencloud "$CONFIG_DIR" "$DATA_DIR"
sudo -u opencloud opencloud init --config-path "$CONFIG_DIR" --insecure no
if [[ "$LOCALHOST_MODE" == true ]]; then
$STD runuser -u opencloud -- opencloud init --config-path "$CONFIG_DIR" --insecure yes
else
$STD runuser -u opencloud -- opencloud init --config-path "$CONFIG_DIR" --insecure no
fi
OPENCLOUD_SECRET="$(sed -n '/jwt/p' "$CONFIG_DIR"/opencloud.yaml | awk '{print $2}')" OPENCLOUD_SECRET="$(sed -n '/jwt/p' "$CONFIG_DIR"/opencloud.yaml | awk '{print $2}')"
if [[ "$LOCALHOST_MODE" != true ]]; then sed -i "s/JWT_SECRET=/&${OPENCLOUD_SECRET//&/\\&}/" "$ENV_FILE"
sed -i "s/COLLABORATION_JWT_SECRET=/&${OPENCLOUD_SECRET//&/\\&}/" "$ENV_FILE"
fi
msg_ok "Configured OpenCloud" msg_ok "Configured OpenCloud"
msg_info "Starting services" msg_info "Starting services"
if [[ "$LOCALHOST_MODE" == true ]]; then
systemctl enable -q --now opencloud
else
systemctl enable -q --now coolwsd opencloud systemctl enable -q --now coolwsd opencloud
sleep 5 sleep 5
systemctl enable -q --now opencloud-wopi systemctl enable -q --now opencloud-wopi
fi
msg_ok "Started services" msg_ok "Started services"
motd_ssh motd_ssh

123
install/opencloud-install copy.sh → install/opencloud-install.sh.bak
View File

@ -13,30 +13,29 @@ setting_up_container
network_check network_check
update_os update_os
echo -e "${TAB3}${INFO}${YW} Leave empty to use IP-based localhost mode (no Collabora)${CL}"
read -r -p "${TAB3}Enter the hostname of your OpenCloud server (eg cloud.domain.tld): " oc_host read -r -p "${TAB3}Enter the hostname of your OpenCloud server (eg cloud.domain.tld): " oc_host
if [[ "$oc_host" ]]; then
if [[ -z "$oc_host" ]]; then
# Localhost/IP mode - no TLS, no Collabora
OC_HOST="${LOCAL_IP}"
LOCALHOST_MODE=true
msg_info "Using localhost mode with IP: ${LOCAL_IP}"
msg_warn "Collabora requires TLS and will be skipped in localhost mode"
else
OC_HOST="$oc_host" OC_HOST="$oc_host"
fi LOCALHOST_MODE=false
read -r -p "${TAB3}Enter the hostname of your Collabora server (eg collabora.domain.tld): " collabora_host read -r -p "${TAB3}Enter the hostname of your Collabora server [collabora.${OC_HOST#*.}]: " collabora_host
if [[ "$collabora_host" ]]; then COLLABORA_HOST="${collabora_host:-collabora.${OC_HOST#*.}}"
COLLABORA_HOST="$collabora_host" read -r -p "${TAB3}Enter the hostname of your WOPI server [wopiserver.${OC_HOST#*.}]: " wopi_host
fi WOPI_HOST="${wopi_host:-wopiserver.${OC_HOST#*.}}"
read -r -p "${TAB3}Enter the hostname of your WOPI server (eg wopiserver.domain.tld): " wopi_host
if [[ "$wopi_host" ]]; then
WOPI_HOST="$wopi_host"
fi fi
# Collabora online - this is broken because it adds the Component and apt doesn't like that # Collabora Online - only install if not in localhost mode (requires TLS)
# setup_deb822_repo \ if [[ "$LOCALHOST_MODE" != true ]]; then
# "collaboraonline" \
# "https://collaboraoffice.com/downloads/gpg/collaboraonline-release-keyring.gpg" \
# "https://www.collaboraoffice.com/repos/CollaboraOnline/CODE-deb/Release" \
# "./" \
# "main"
msg_info "Installing Collabora Online" msg_info "Installing Collabora Online"
curl -fsSL https://collaboraoffice.com/downloads/gpg/collaboraonline-release-keyring.gpg -o /etc/apt/keyrings/collaboraonline-release-keyring.gpg curl -fsSL https://collaboraoffice.com/downloads/gpg/collaboraonline-release-keyring.gpg -o /etc/apt/keyrings/collaboraonline-release-keyring.gpg
cat <<EOF >/etc/apt/sources.list.d/colloboraonline.sources cat <<EOF >/etc/apt/sources.list.d/collaboraonline.sources
Types: deb Types: deb
URIs: https://www.collaboraoffice.com/repos/CollaboraOnline/CODE-deb URIs: https://www.collaboraoffice.com/repos/CollaboraOnline/CODE-deb
Suites: ./ Suites: ./
@ -52,9 +51,10 @@ Before=opencloud-wopi.service
EOF EOF
systemctl daemon-reload systemctl daemon-reload
COOLPASS="$(openssl rand -base64 36)" COOLPASS="$(openssl rand -base64 36)"
$STD sudo -u cool coolconfig set-admin-password --user=admin --password="$COOLPASS" $STD runuser -u cool -- coolconfig set-admin-password --user=admin --password="$COOLPASS"
echo "$COOLPASS" >~/.coolpass echo "$COOLPASS" >~/.coolpass
msg_ok "Installed Collabora Online" msg_ok "Installed Collabora Online"
fi
# OpenCloud # OpenCloud
fetch_and_deploy_gh_release "opencloud" "opencloud-eu/opencloud" "singlefile" "v5.0.1" "/usr/bin" "opencloud-*-linux-amd64" fetch_and_deploy_gh_release "opencloud" "opencloud-eu/opencloud" "singlefile" "v5.0.1" "/usr/bin" "opencloud-*-linux-amd64"
@ -68,9 +68,33 @@ mkdir -p "$DATA_DIR" "$CONFIG_DIR"/assets/apps
curl -fsSL https://raw.githubusercontent.com/opencloud-eu/opencloud-compose/refs/heads/main/config/opencloud/csp.yaml -o "$CONFIG_DIR"/csp.yaml curl -fsSL https://raw.githubusercontent.com/opencloud-eu/opencloud-compose/refs/heads/main/config/opencloud/csp.yaml -o "$CONFIG_DIR"/csp.yaml
curl -fsSL https://raw.githubusercontent.com/opencloud-eu/opencloud-compose/refs/heads/main/config/opencloud/proxy.yaml -o "$CONFIG_DIR"/proxy.yaml.bak curl -fsSL https://raw.githubusercontent.com/opencloud-eu/opencloud-compose/refs/heads/main/config/opencloud/proxy.yaml -o "$CONFIG_DIR"/proxy.yaml.bak
if [[ "$LOCALHOST_MODE" == true ]]; then
OC_URL="http://${OC_HOST}:9200"
OC_INSECURE="true"
else
OC_URL="https://${OC_HOST}"
OC_INSECURE="false"
fi
# Create web config directory and config.json
mkdir -p "$CONFIG_DIR"/web
cat <<EOF >"$CONFIG_DIR"/web/config.json
{
"server": "${OC_URL}",
"theme": "https://raw.githubusercontent.com/opencloud-eu/opencloud-compose/refs/heads/main/config/opencloud/web/themes/opencloud/theme.json",
"openIdConnect": {
"metadata_url": "${OC_URL}/.well-known/openid-configuration",
"authority": "${OC_URL}",
"client_id": "web",
"response_type": "code",
"scope": "openid profile email"
}
}
EOF
cat <<EOF >"$ENV_FILE" cat <<EOF >"$ENV_FILE"
OC_URL=https://${OC_HOST} OC_URL=${OC_URL}
OC_INSECURE=false OC_INSECURE=${OC_INSECURE}
IDM_CREATE_DEMO_USERS=false IDM_CREATE_DEMO_USERS=false
OC_LOG_LEVEL=warning OC_LOG_LEVEL=warning
OC_CONFIG_DIR=${CONFIG_DIR} OC_CONFIG_DIR=${CONFIG_DIR}
@ -93,15 +117,15 @@ GRAPH_INCLUDE_OCM_SHAREES=true
PROXY_TLS=false PROXY_TLS=false
PROXY_CSP_CONFIG_FILE_LOCATION=${CONFIG_DIR}/csp.yaml PROXY_CSP_CONFIG_FILE_LOCATION=${CONFIG_DIR}/csp.yaml
## Collaboration - requires VALID TLS ## Collaboration - requires VALID TLS (disabled in localhost mode)
COLLABORA_DOMAIN=${COLLABORA_HOST} # COLLABORA_DOMAIN=
COLLABORATION_APP_NAME="CollaboraOnline" # COLLABORATION_APP_NAME="CollaboraOnline"
COLLABORATION_APP_PRODUCT="Collabora" # COLLABORATION_APP_PRODUCT="Collabora"
COLLABORATION_APP_ADDR=https://${COLLABORA_HOST} # COLLABORATION_APP_ADDR=
COLLABORATION_APP_INSECURE=false # COLLABORATION_APP_INSECURE=false
COLLABORATION_HTTP_ADDR=0.0.0.0:9300 # COLLABORATION_HTTP_ADDR=0.0.0.0:9300
COLLABORATION_WOPI_SRC=https://${WOPI_HOST} # COLLABORATION_WOPI_SRC=
COLLABORATION_JWT_SECRET= # COLLABORATION_JWT_SECRET=
## Notifications - Email settings ## Notifications - Email settings
# NOTIFICATIONS_SMTP_HOST= # NOTIFICATIONS_SMTP_HOST=
@ -166,6 +190,7 @@ Restart=always
WantedBy=multi-user.target WantedBy=multi-user.target
EOF EOF
if [[ "$LOCALHOST_MODE" != true ]]; then
cat <<EOF >/etc/systemd/system/opencloud-wopi.service cat <<EOF >/etc/systemd/system/opencloud-wopi.service
[Unit] [Unit]
Description=OpenCloud WOPI Server Description=OpenCloud WOPI Server
@ -188,21 +213,49 @@ TimeoutStopSec=10
WantedBy=multi-user.target WantedBy=multi-user.target
EOF EOF
$STD sudo -u cool coolconfig set ssl.enable false # Append active Collabora config to env file
$STD sudo -u cool coolconfig set ssl.termination true cat <<EOF >>"$ENV_FILE"
$STD sudo -u cool coolconfig set ssl.ssl_verification true
## Collaboration - active configuration
COLLABORA_DOMAIN=${COLLABORA_HOST}
COLLABORATION_APP_NAME="CollaboraOnline"
COLLABORATION_APP_PRODUCT="Collabora"
COLLABORATION_APP_ADDR=https://${COLLABORA_HOST}
COLLABORATION_APP_INSECURE=false
COLLABORATION_HTTP_ADDR=0.0.0.0:9300
COLLABORATION_WOPI_SRC=https://${WOPI_HOST}
COLLABORATION_JWT_SECRET=
EOF
$STD runuser -u cool -- coolconfig set ssl.enable false
$STD runuser -u cool -- coolconfig set ssl.termination true
$STD runuser -u cool -- coolconfig set ssl.ssl_verification true
sed -i "s|CSP2\"/>|CSP2\">frame-ancestors https://${OC_HOST}</content_security_policy>|" /etc/coolwsd/coolwsd.xml sed -i "s|CSP2\"/>|CSP2\">frame-ancestors https://${OC_HOST}</content_security_policy>|" /etc/coolwsd/coolwsd.xml
fi
useradd -r -M -s /usr/sbin/nologin opencloud useradd -r -M -s /usr/sbin/nologin opencloud
chown -R opencloud:opencloud "$CONFIG_DIR" "$DATA_DIR" chown -R opencloud:opencloud "$CONFIG_DIR" "$DATA_DIR"
sudo -u opencloud opencloud init --config-path "$CONFIG_DIR" --insecure no
if [[ "$LOCALHOST_MODE" == true ]]; then
$STD runuser -u opencloud -- opencloud init --config-path "$CONFIG_DIR" --insecure yes
else
$STD runuser -u opencloud -- opencloud init --config-path "$CONFIG_DIR" --insecure no
fi
OPENCLOUD_SECRET="$(sed -n '/jwt/p' "$CONFIG_DIR"/opencloud.yaml | awk '{print $2}')" OPENCLOUD_SECRET="$(sed -n '/jwt/p' "$CONFIG_DIR"/opencloud.yaml | awk '{print $2}')"
sed -i "s/JWT_SECRET=/&${OPENCLOUD_SECRET//&/\\&}/" "$ENV_FILE" if [[ "$LOCALHOST_MODE" != true ]]; then
sed -i "s/COLLABORATION_JWT_SECRET=/&${OPENCLOUD_SECRET//&/\\&}/" "$ENV_FILE"
fi
msg_ok "Configured OpenCloud" msg_ok "Configured OpenCloud"
msg_info "Starting services" msg_info "Starting services"
if [[ "$LOCALHOST_MODE" == true ]]; then
systemctl enable -q --now opencloud
else
systemctl enable -q --now coolwsd opencloud systemctl enable -q --now coolwsd opencloud
sleep 5 sleep 5
systemctl enable -q --now opencloud-wopi systemctl enable -q --now opencloud-wopi
fi
msg_ok "Started services" msg_ok "Started services"
motd_ssh motd_ssh