Collabora sans https

11 months ago · 55ad3ccf75
3 changed files with 26 additions and 16 deletions
--- a/config/orgaTmpl/docker-compose.yml
+++ b/config/orgaTmpl/docker-compose.yml
@ -86,6 +86,9 @@ services:
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.${orga}${officeServName}.rule=Host(`${orga}${officeHost}.${domain}`)"
+      #- "traefik.http.routers.${orga}${officeServName}-admin.rule=Host(`${orga}${officeHost}.${domain}`) && PathPrefix(`/(c|l)ool/adminws`)"
+      #- "traefik.http.routers.${orga}${officeServName}-admin.middlewares=test-adminipwhitelist@file"
+      #- "traefik.http.routers.${orga}${officeServName}.rule=Host(`${orga}${officeHost}.${domain}`) && ! PathPrefix(`/(c|l)ool/adminws`)"
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /etc/timezone:/etc/timezone:ro
@ -108,6 +111,8 @@ services:
    networks:
      - orgaNet
 #      - postfixNet
+    expose: 
+      - ${matterPort}
    depends_on:
      - db
    links:
@ -131,6 +136,10 @@ services:
      - VIRTUAL_HOST=${orga}${matterHost}.${domain}
      # in case your config is not in default location
      #- MM_CONFIG=/mattermost/config/config.json
+
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.${orga}${mattermostServName}.rule=Host(`${orga}${matterHost}.${domain}`)"
 #}}
 #{{wp
  wordpress:
--- a/dockers/collabora/docker-compose.yml
+++ b/dockers/collabora/docker-compose.yml
@ -22,6 +22,7 @@ services:
      - VIRTUAL_HOST=${officeHost}.${domain}
      - VIRTUAL_PORT=9980
      - VIRTUAL_PROTO=https
+      - extra_params=--o:ssl.enable=false --o:ssl.termination=true
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /etc/timezone:/etc/timezone:ro
--- a/dockers/proxy/config/nginx.tmpl.conf
+++ b/dockers/proxy/config/nginx.tmpl.conf
@ -368,26 +368,26 @@ server {
    # static files
    location ^~ /loleaflet {
      include includes/allow_ip;
-      proxy_pass https://__OFFICE_HOST__.__DOMAIN__:9980;
+      proxy_pass http://__OFFICE_HOST__.__DOMAIN__:9980;
    }
    location ^~ /browser {
      include includes/allow_ip;
-      proxy_pass https://__OFFICE_HOST__.__DOMAIN__:9980;
+      proxy_pass http://__OFFICE_HOST__.__DOMAIN__:9980;
    }
    # WOPI discovery URL
    location ^~ /hosting/discovery {
      include includes/allow_ip;
-      proxy_pass https://__OFFICE_HOST__.__DOMAIN__:9980;
+      proxy_pass http://__OFFICE_HOST__.__DOMAIN__:9980;
    }
    # Capabilities
    location ^~ /hosting/capabilities {
      include includes/allow_ip;
-      proxy_pass https://__OFFICE_HOST__.__DOMAIN__:9980;
+      proxy_pass http://__OFFICE_HOST__.__DOMAIN__:9980;
    }
    # main websocket
    location ~ ^/(.|l)ool/(.*)/ws$ {
      include includes/allow_ip;
-      proxy_pass https://__OFFICE_HOST__.__DOMAIN__:9980;
+      proxy_pass http://__OFFICE_HOST__.__DOMAIN__:9980;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection "Upgrade";
      proxy_read_timeout 36000s;
@ -395,19 +395,19 @@ server {
    # download, presentation and image upload
    location ~ ^/(c|l)ool {
      include includes/allow_ip;
-      proxy_pass https://__OFFICE_HOST__.__DOMAIN__:9980;
+      proxy_pass http://__OFFICE_HOST__.__DOMAIN__:9980;
    }
    # Admin Console websocket
    location ^~ /(c|l)ool/adminws {
      include allow_admin_ip;
-      proxy_pass https://__OFFICE_HOST__.__DOMAIN__:9980;
+      proxy_pass http://__OFFICE_HOST__.__DOMAIN__:9980;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection "Upgrade";
      proxy_read_timeout 36000s;
    }
    location / {
      include includes/allow_ip;
-      proxy_pass https://__OFFICE_HOST__.__DOMAIN__:9980;
+      proxy_pass http://__OFFICE_HOST__.__DOMAIN__:9980;
    }
  }
 }}
@ -460,26 +460,26 @@ server {
    # static files
    location ^~ /loleaflet {
      include includes/allow_ip;
-      proxy_pass https://$asso-__OFFICE_HOST__.__DOMAIN__:9980;
+      proxy_pass http://$asso-__OFFICE_HOST__.__DOMAIN__:9980;
    }
    location ^~ /browser {
      include includes/allow_ip;
-      proxy_pass https://$asso-__OFFICE_HOST__.__DOMAIN__:9980;
+      proxy_pass http://$asso-__OFFICE_HOST__.__DOMAIN__:9980;
    }
    # WOPI discovery URL
    location ^~ /hosting/discovery {
      include includes/allow_ip;
-      proxy_pass https://$asso-__OFFICE_HOST__.__DOMAIN__:9980;
+      proxy_pass http://$asso-__OFFICE_HOST__.__DOMAIN__:9980;
    }
    # Capabilities
    location ^~ /hosting/capabilities {
      include includes/allow_ip;
-      proxy_pass https://$asso-__OFFICE_HOST__.__DOMAIN__:9980;
+      proxy_pass http://$asso-__OFFICE_HOST__.__DOMAIN__:9980;
    }
    # main websocket
    location ~ ^/(c|l)ool/(.*)/ws$ {
      include includes/allow_ip;
-      proxy_pass https://$asso-__OFFICE_HOST__.__DOMAIN__:9980;
+      proxy_pass http://$asso-__OFFICE_HOST__.__DOMAIN__:9980;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection "Upgrade";
      proxy_read_timeout 36000s;
@ -487,19 +487,19 @@ server {
    # download, presentation and image upload
    location ~ ^/(c|l)ool {
      include includes/allow_ip;
-      proxy_pass https://$asso-__OFFICE_HOST__.__DOMAIN__:9980;
+      proxy_pass http://$asso-__OFFICE_HOST__.__DOMAIN__:9980;
    }
    # Admin Console websocket
    location ^~ /(c|l)ool/adminws {
      include allow_admin_ip;
-      proxy_pass https://$asso-__OFFICE_HOST__.__DOMAIN__:9980;
+      proxy_pass http://$asso-__OFFICE_HOST__.__DOMAIN__:9980;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection "Upgrade";
      proxy_read_timeout 36000s;
    }
    location / {
      include includes/allow_ip;
-      proxy_pass https://$asso-__OFFICE_HOST__.__DOMAIN__:9980;
+      proxy_pass http://$asso-__OFFICE_HOST__.__DOMAIN__:9980;
    }
  }