🦈🏠🐜❗ Initial Commit ❗🐜🦈🏠

2026-06-24 02:01:05 -04:00 · 2025-11-21 16:44:17 -05:00
commit 5104ba3910
52 changed files with 8581 additions and 0 deletions
@@ -0,0 +1,310 @@
+# OpenCloud All-in-One Docker Container
+
+## Overview
+
+This is a comprehensive all-in-one Docker container for OpenCloud, a Go-based file sync and share platform (successor to ownCloud). The container includes all integrated services required for a full-featured deployment.
+
+## Included Services
+
+| Service | Port | Purpose |
+|---------|------|---------|
+| ClamAV | Socket | Antivirus scanning for uploaded files |
+| Apache Tika | 9998 | Full-text search and document extraction |
+| Radicale | 5232 | CalDAV/CardDAV for Calendar and Contacts |
+| Collabora CODE | 9980 | Document collaboration (LibreOffice Online) |
+| OpenCloud | 9200 | Core file sync/share platform |
+| Nginx | 80 | Reverse proxy (external-facing) |
+
+## Architecture
+
+```
+                    +------------------+
+                    |      Nginx       |
+                    |     (Port 80)    |
+                    +--------+---------+
+                             |
+        +--------------------+--------------------+
+        |          |         |         |          |
+   +----v----+ +---v---+ +---v---+ +---v---+ +---v---+
+   |OpenCloud| |Collabora| |Radicale| | Tika | |ClamAV |
+   | (9200)  | | (9980)  | | (5232) | |(9998)| |(sock) |
+   +---------+ +---------+ +--------+ +------+ +-------+
+```
+
+## Service Startup Order
+
+Services start in this order to ensure dependencies are available:
+
+1. **01-clamav.sh** - Antivirus daemon (other services depend on scanning)
+2. **02-tika.sh** - Search indexing service
+3. **03-radicale.sh** - Calendar/Contacts (CalDAV/CardDAV)
+4. **04-collabora.sh** - Document collaboration
+5. **05-opencloud.sh** - Main OpenCloud server
+6. **06-nginx.sh** - Reverse proxy (last, needs all backends)
+
+## Environment Variables
+
+### Domain Configuration
+
+| Variable | Default | Description |
+|----------|---------|-------------|
+| `DOMAIN` | `$HOSTNAME` | Primary domain for all services |
+| `OC_DOMAIN` | `${DOMAIN:-$HOSTNAME}` | OpenCloud domain (for URL generation) |
+| `COLLABORA_SERVER_NAME` | `collabora.${DOMAIN:-$HOSTNAME}` | Collabora server identifier for WOPI |
+
+### URL Structure
+
+Services are accessed via subdomains:
+- `${DOMAIN}` → OpenCloud (main application)
+- `collabora.${DOMAIN}` → Collabora CODE (document editing)
+- `radicale.${DOMAIN}` → Radicale (CalDAV/CardDAV)
+
+### OpenCloud Configuration
+
+| Variable | Default | Description |
+|----------|---------|-------------|
+| `ADMIN_PASSWORD` | (auto-generated) | Admin user password |
+| `OC_CONFIG_DIR` | `/config/opencloud` | Configuration directory |
+| `OC_DATA_DIR` | `/data/opencloud` | Data storage directory |
+| `OC_LOG_LEVEL` | `info` | Logging verbosity |
+| `OC_INSECURE` | `true` | Allow insecure connections |
+| `PROXY_HTTP_ADDR` | `0.0.0.0:9200` | HTTP listen address |
+| `PROXY_TLS` | `false` | Disable TLS (behind reverse proxy) |
+
+### Service Integration
+
+| Variable | Default | Description |
+|----------|---------|-------------|
+| `COLLABORATION_WOPI_SRC` | `http://localhost:9980` | Collabora WOPI endpoint |
+| `COLLABORATION_APP_ADDR` | `http://localhost:9980` | Collabora app address |
+| `SEARCH_EXTRACTOR_TYPE` | `tika` | Search extraction engine |
+| `SEARCH_EXTRACTOR_TIKA_TIKA_URL` | `http://localhost:9998` | Tika server URL |
+| `ANTIVIRUS_SCANNER_TYPE` | `clamav` | Antivirus scanner type |
+| `ANTIVIRUS_CLAMAV_SOCKET` | `/run/clamav/clamd.sock` | ClamAV socket path |
+
+### User Configuration
+
+| Variable | Default | Description |
+|----------|---------|-------------|
+| `OPENCLOUD_USER` | `opencloud` | System user for OpenCloud |
+| `OPENCLOUD_UID` | `1000` | User ID |
+| `OPENCLOUD_GID` | `1000` | Group ID |
+
+## Directory Structure
+
+```
+/config/
+├── opencloud/          # OpenCloud configuration
+├── radicale/           # Radicale CalDAV/CardDAV config
+├── clamav/             # ClamAV configuration
+├── collabora/          # Collabora configuration
+└── nginx/              # Nginx reverse proxy config
+
+/data/
+├── opencloud/          # User files and data
+├── radicale/           # Calendar/Contact collections
+├── clamav/             # ClamAV data
+├── collabora/          # Collabora data
+└── logs/               # All service logs
+    ├── opencloud/
+    ├── radicale/
+    ├── clamav/
+    ├── tika/
+    ├── collabora/
+    └── nginx/
+```
+
+## Usage
+
+### Basic Run
+
+```bash
+docker run -d \
+  --name opencloud \
+  -p 80:80 \
+  -v opencloud-config:/config \
+  -v opencloud-data:/data \
+  casjaysdevdocker/opencloud:latest start
+```
+
+### With Custom Admin Password
+
+```bash
+docker run -d \
+  --name opencloud \
+  -p 80:80 \
+  -e ADMIN_PASSWORD=mysecurepassword \
+  -v opencloud-config:/config \
+  -v opencloud-data:/data \
+  casjaysdevdocker/opencloud:latest start
+```
+
+### Docker Compose
+
+```yaml
+version: '3.8'
+
+services:
+  opencloud:
+    image: casjaysdevdocker/opencloud:latest
+    container_name: opencloud
+    command: start
+    ports:
+      - "80:80"
+    environment:
+      - ADMIN_PASSWORD=changeme
+      - OC_LOG_LEVEL=info
+    volumes:
+      - opencloud-config:/config
+      - opencloud-data:/data
+    restart: unless-stopped
+
+volumes:
+  opencloud-config:
+  opencloud-data:
+```
+
+## Nginx Proxy Configuration
+
+The built-in Nginx proxies requests to all services:
+
+- `/` → OpenCloud (port 9200)
+- `/cool/` → Collabora WebSocket
+- `/hosting/discovery` → Collabora discovery
+- `/hosting/capabilities` → Collabora capabilities
+- `/radicale/` → Radicale CalDAV/CardDAV
+
+## Building
+
+```bash
+# Generate Dockerfile from template
+gen-dockerfile
+
+# Build for current platform
+buildx
+
+# Build for specific platform
+buildx --platform linux/amd64
+```
+
+## Technical Notes
+
+### Base Image
+
+Uses Debian-based image (not Alpine) because Collabora CODE requires glibc.
+
+### SSL/TLS
+
+SSL is disabled by default (`PROXY_TLS=false`) as the container is designed to run behind a reverse proxy that handles TLS termination.
+
+### ClamAV Virus Definitions
+
+Virus definitions are downloaded during image build to reduce container startup time. Updates can be performed by restarting the container or running `freshclam` manually.
+
+### Collabora User
+
+Collabora CODE must run as the `cool` user (not root) for security reasons.
+
+### Admin Password
+
+If `ADMIN_PASSWORD` is not set, a random 16-character password is generated and saved to `/config/secure/auth/root/opencloud_admin_pass`.
+
+## Troubleshooting
+
+### Check Service Status
+
+```bash
+docker logs opencloud-test 2>&1 | grep -E "completed|Error|Starting"
+```
+
+### Access Container Shell
+
+```bash
+docker exec -it opencloud /bin/bash
+```
+
+### Check Running Processes
+
+```bash
+docker exec opencloud ps aux
+```
+
+### View Service Logs
+
+```bash
+# OpenCloud
+docker exec opencloud cat /data/logs/opencloud/opencloud.log
+
+# Nginx
+docker exec opencloud cat /data/logs/nginx/access.log
+
+# Collabora
+docker exec opencloud cat /data/logs/collabora/collabora.log
+```
+
+## Files Structure
+
+### Setup Scripts (`/root/docker/setup/`)
+
+- `02-packages.sh` - Base package installation info (actual packages in ENV_PACKAGES)
+- `03-files.sh` - Downloads OpenCloud binary, Tika JAR, ClamAV definitions
+- `04-users.sh` - Creates opencloud user and group
+
+### Init Scripts (`/usr/local/etc/docker/init.d/`)
+
+- `01-clamav.sh` - ClamAV antivirus daemon
+- `02-tika.sh` - Apache Tika search service
+- `03-radicale.sh` - Radicale CalDAV/CardDAV
+- `04-collabora.sh` - Collabora CODE
+- `05-opencloud.sh` - OpenCloud server
+- `06-nginx.sh` - Nginx reverse proxy
+
+### Configuration Templates
+
+- `/usr/local/share/template-files/config/` - Default configurations
+- `/etc/radicale/config` - Radicale default config
+
+## Package List
+
+Packages installed via `ENV_PACKAGES`:
+
+- Core: ca-certificates, curl, wget, bash, tini, gnupg, apt-transport-https, tzdata, procps, netcat-openbsd, nginx
+- Java: default-jre-headless (for Tika)
+- Python: python3, python3-pip, python3-venv (for Radicale)
+- Antivirus: clamav, clamav-daemon, clamav-freshclam
+
+Additional packages installed in `03-files.sh`:
+- Collabora: coolwsd, code-brand (from Collabora repository)
+- Radicale: installed via pip
+
+## Version Information
+
+- OpenCloud: Latest from GitHub releases (auto-detected)
+- Apache Tika: 2.9.1
+- Radicale: Latest from pip
+- Collabora CODE: Latest from official repository
+
+## Known Limitations
+
+1. Single container deployment - not suitable for high-availability setups
+2. ClamAV definitions are from build time - consider periodic updates
+3. No built-in SSL - requires external reverse proxy for HTTPS
+4. Memory intensive due to Java (Tika) and Collabora
+5. Collabora CODE may require additional configuration for production use - check `/usr/bin/discovery.xml`
+
+## Current Service Status
+
+- **ClamAV**: Working
+- **Apache Tika**: Working
+- **Radicale**: Working
+- **Collabora CODE**: Requires additional configuration (may fail on first run)
+- **OpenCloud**: Dependent on Collabora for document editing features
+- **Nginx**: Working (serves as reverse proxy)
+
+## Related Links
+
+- [OpenCloud GitHub](https://github.com/opencloud-eu/opencloud)
+- [Collabora CODE](https://www.collaboraoffice.com/code/)
+- [Apache Tika](https://tika.apache.org/)
+- [Radicale](https://radicale.org/)
+- [ClamAV](https://www.clamav.net/)