Skip to content

Latest commit

 

History

History
351 lines (291 loc) · 27.4 KB

README.md

File metadata and controls

351 lines (291 loc) · 27.4 KB

github.com/tiredofit/docker-collabora-online

GitHub release Docker Stars Docker Pulls Become a sponsor Paypal Donate Docker Stars Docker Pulls


About

This will build a Docker image for Collabora Online for editing documents in a browser from supported applications.

  • Configurable Concurrent User and Document Limit (set to generarous values by default)
  • Custom Font Support
  • Set features to support autogeneration of TLS certificates/activate reverse proxy support
  • Zabbix Monitoring of Active Documents, Users, Memory Consumed

Maintainer

Table of Contents

Prerequisites and Assumptions

  • Assumes you are using some sort of SSL terminating reverse proxy such as:

Installation

Build from Source

  • Clone this repository and build the image with docker build <arguments> (imagename) .

  • If you decide to compile this, it will take quite a few hours even on the fastest computer due to the amount of data required to download to compile. At some stages this image will grow to 30GB before shedding most of it for it's final size.

Prebuilt Images

Builds of the image are available on Docker Hub and is the recommended method of installation.

docker pull tiredofit/collabora-online:(imagetag)

The following image tags are available along with their tagged release based on what's written in the Changelog:

LibreOffice version Collabora Online version Tag
2022 22.05.x latest
2022 22.05.x 2.4.0
2021 21.11.0 2.3.0
6.4.x 6.4.x 2.1
6.4.x 6.4.x 2.0
6.0.x 4.0.x 1.6
5.3.x 3.4.x 1.1

Multi Architecture

Images are built primarily for amd64 architecture, and may also include builds for arm/v7, arm64 and others. These variants are all unsupported. Consider sponsoring my work so that I can work with various hardware. To see if this image supports multiple architecures, type docker manifest (image):(tag)

Configuration

Quick Start

  • The quickest way to get started is using docker-compose. See the examples folder for a working docker-compose.yml that can be modified for development or production use.
  • Set various environment variables to understand the capabilities of this image. A Sample docker-compose.yml is provided that will work right out of the box for most people without any fancy optimizations.
  • Map persistent storage for access to configuration and data files for backup.
  • Make sure you set your hostname e.g. online.example.com when starting your container to make sure the administration console urls are correct.

Persistent Storage

The following directories should be mapped for persistent storage in order to utilize the container effectively.

Folder Description
/logs/ Log files
/assets/custom If you want to update the theme of Collabora online, dropping files in here will overwrite /opt/cool/share on startup
/assets/custom-fonts (Optional) If you want to include custom truetype fonts, place them in this folder
/assets/custom-scripts (Optional) If you want to execute a bash script before the application starts, drop your files here
/etc/coolwsd/certs (Optional) If you would like to use your own certificates, map this volume and set appropriate variables

Environment Variables

Base Images used

This image relies on a Debian Linux base image that relies on an init system for added capabilities. Outgoing SMTP capabilities are handlded via msmtp. Individual container performance monitoring is performed by zabbix-agent. Additional tools include: bash,curl,less,logrotate,nano,vim.

Be sure to view the following repositories to understand all the customizable options:

Image Description
OS Base Customized Image based on Debian Linux

General Usage

Parameter Description Default
SETUP_TYPE Automatically generate configuration with defaults. Set to MANUAL and map the configuration file to use your own AUTO
ALLOWED_HOSTS Set which domains which can access service Seperate Multiple with , - Example: https://www.example\.org (no wildcards) ``
EXTRA_OPTIONS If you want to pass additional arguments upon startup, add it here ``
INTERFACE Web interface type classic or notebookbar notebookbar
WATERMARK_OPACITY Watermark Opacity 0.2
WATERMARK_TEXT Text to display for watermark ``
ENABLE_MACROS Enable Macros FALSE
MACRO_SECURITY_LEVEL Macro Security Level 1 Medium 0 Low 1
ENABLE_METRICS_UNAUTHENTICATED Enable Unauthenticated Metrics FALSE
ENABLE_HOME_MODE Enable more features with home mode FALSE

Administration

Parameter Description Default
ENABLE_ADMIN_CONSOLE Enable Administration Console TRUE
ADMIN_USER User for accessing Administration Console admin
ADMIN_PASS Password for accessing Administration Console collaboraonline
ADMIN_JWT_EXPIRY Admin JWT Expiry in seconds 1800

Logging

Parameter Description Default
LOG_TYPE Write Logs to CONSOLE or to FILE CONSOLE
LOG_LEVEL Log Level - Available none, fatal, critical, error, warning, notice, information, debug, trace warning
LOG_PATH Log Path /var/log/cool
LOG_FILE Log File cool.log
ENABLE_DOCUMENT_STATISTICS Enable Collecting statistics about documents FALSE
ENABLE_USER_STATISTICS Enable collecting statistics about the user working on document FALSE
LOG_ANONYMIZE_SALT Salt for anonymizing log data 8 char random
LOG_ANONYMIZE Anonymize File+User information in Logs TRUE or FALSE FALSE
LOG_CLIENT_CONSOLE Log in users browser console false
LOG_COLOURIZE Colourize the log entries in console true
LOG_FILE_FLUSH Flush Entries on each line to log file false
LOG_LEVEL_CLIENT_LEAST_VERBOSE Least verbose log level to ever send to client FATAL
LOG_LEVEL_CLIENT_MOST_VERBOSE Most verbose log level to ever send to client NOTICE
LOG_LIBREOFFICE Log filter what Libreoffice entries -INFO-WARN

Spell Check

The image comes with English (US, GB, Canada variants) baked into the image, however upon container startup you can add more spell check variants via environment variables. Add multiple dictionaries by seperating with a comma.

Parameter Value Description
DICTIONARIES af Afrikaans
an Aragonese
ar Arabic
be Belarusian
bg Bulgarian
bn Bengali
br Breton
bs Bosnian
ca Catalan
cs Czech
da Danish
de German
el Greek
en-au English (Australia)
en-za English (South Africa)
es Spanish
fr French
gd Gaelic
he Hebrew
hi Hindi
hu Hungarian
id Indonesian
is Icelandic
it Italian
ko Korean
lo Laotian
lt Lithuanian
lv Latvian
ne Nepalese
nl Dutch
no Norwegian
pl Polish
pt-br Portugese (Brazil)
pt-pt Portugese
ro Romanian
ru Russian
sk Slovak
sr Serbian
sv Swedish
sw Kiswahili
th Thai
tr Turkish
uk Ukranian
vi Vietnamese

TLS Settings

Parameter Description Default
ENABLE_TLS Enable TLS FALSE
ENABLE_TLS_CERT_GENERATE Enable Self Signed Certificate Generation TRUE
ENABLE_TLS_REVERSE_PROXY If using a Reverse SSL terminating proxy in front of this container TRUE
TLS_CA_FILENAME TLS CA Cert filename with extension ca-chain-cert.pem
TLS_CERT_FILENAME TLS Certificate filename with extension cert.pem
TLS_CERT_PATH TLS certificates path /etc/coolwsd/certs
TLS_KEY_FILENAME TLS Private Key filename with extension key.pem

Performance and Limits

Parameter Description Default
AUTO_SAVE The number of seconds after which document, if modified, should be saved 300
BATCH_PRIORITY A (lower) priority for use by batch convert to processes to avoid starving interactive ones 5
CONNECTION_TIMEOUT Connection, Send, Receeive timeout in seconds for connections initiated by coolwsd 30
ENABLE_TILES_CACHE Enable caching of tiles should document be opened up twice TRUE
FILE_SIZE_LIMIT The maximum file size allowed to each document process to write 0 (unlimited)
IDLE_SAVE The number of idle seconds after which document, if modified, should be saved 30
IDLE_UNLOAD_TIMEOUT The maximum number of seconds before unloading an idle documen 3600
MAX_CONVERT_LIMIT Maximum time in seconds to wait for a convert process to complete 30
MAX_FILE_LOAD_LIMIT Maximum number of seconds to wait for a document load to succeed 100
MAX_OPEN_FILES The maximum number of files allowed to each document process to open 0 (unlimited)
MAX_THREADS_DOCUMENT How many threads to use when opening a document 4
MEMORY_DATA_LIMIT The maximum memory data segment allowed to each document process 0 (unlimited)
MEMORY_STACK_LIMIT The maximum stack size allowed to each document process 0 (unlimited)
MEMORY_USAGE_MAX Maximum percentage of system memory to be used 80.0
MEMORY_VIRT_LIMIT Maximum virtual memory allowed to each document process 0
PRESPAWN_CHILD_PROCESSES Amount of Child processes to start upon container init 1
USER_IDLE_TIMEOUT The maximum number of seconds before dimming and stopping updates when the user is no longer active (even if the browser is in focus) 900
USER_OUT_OF_FOCUS_TIMEOUT The maximum number of seconds before dimming and stopping updates when the browser tab is no longer in focus 60

Files Quarantine

Parameter Description Default
ENABLE_FILES_QUARANTINE Alllow file quaranting for review of crashed/bad files FALSE
FILES_QUARANTINE_DIRECTORY_SIZE_LIMIT Directory size limit in MB 250
FILES_QUARANTINE_MAX_VERSIONS Hold this many versions in quarantime 2
FILES_QUARANTINE_PATH Relative path for storing files quarantine
FILES_QUARANTINE_EXPIRY Files expiry in minutes 30

Language Tool

Parameter Description Default
ENABLE_LANGUAGE_TOOL Enable Language Tool Grammar checking integration FALSE
LANGUAGE_TOOL_BASE_URL Base URL for Language Tool
LANGUAGE_TOOL_USER_NAME Language Tool User Name
LANGUAGE_TOOL_API_KEY Language Tool provided API Key

Cleanup

Parameter Description Default
ENABLE_CLEANUP Enable Cleanup of documents and processes false
CLEANUP_INTERVAL Interval between cleanup checks 10000
CLEANUP_BAD_BEHAVIOUR_TIME Minimum time period for a document to be in bad state before killing in seconds 60
CLEANUP_IDLE_TIME Minimum idle time for a document to be candidate for bad state in seconds 300
CLEANUP_LIMIT_DIRTY_MEMORY Minimum memory usage in MB for a document to be candidate for bad state 3072
CLEANUP_LIMIT_CPU_PER Minimum CPU usage in percent for a document to be candidate for bad state 85

Other Settings

Parameter Description Default
CHILD_ROOT_PATH Child root path child-roots
DOCUMENT_SIGNING_URL Endpoint URL of signing server ``
ENABLE_CAPABILITIES Enable Capabilities TRUE
ENABLE_CONFIG_RELOAD Enable Reload of coolwsd if config changed in container TRUE
ENABLE_EXPERIMENTAL_FEATURES Enable experimental features FALSE
ENABLE_MOUNT_JAIL Enable mounting jails true
ENABLE_SECCOMP Enable Seccomp TRUE
ENABLE_WEBDAV Enable WebDav Storage FALSE
FILE_SERVER_ROOT_PATH Path to directory considered as root browser/../
FRAME_ANCESTORS Hosts where interface can be hosted in Iframe ``
HEXIFY_EMBEDDED_URLS Hexify Embedded URLS (useful for Azure deployments) FALSE
LOLEAFLET_HTML Name of browser.html to use loleafet.html
NETWORK_PROTOCOL Network Protocol ipv4 ipv6 all ipv4
REDLINING_AS_COMMENTS Show red-lines as comments false
REMOTE_FONT_URL URL to json font lists to load
SYS_TEMPLATE_PATH System Template Path systemplate
USE_INTEGRATOR_THEME Use the remote integrators theme TRUE
VERSION_SUFFIX Append this value onto version to break cache when developing. Generates random uuid when using value of random

Adding Custom Fonts

This image comes with some highly opninionated default fonts by the LibreOffice team, and also includes the Microsoft TTF fonts from the late 90s. To add custom fonts into this image, cxport a volume and place them in /assets/custom-fonts and they will be inserted upon next container restart.

Networking

The following ports are exposed.

Port Description
9980 Collabora Web Services

Maintenance

Shell Access

For debugging and maintenance purposes you may want access the containers shell.

bash docker exec -it (whatever your container name is) bash

Support

These images were built to serve a specific need in a production environment and gradually have had more functionality added based on requests from the community.

Usage

  • The Discussions board is a great place for working with the community on tips and tricks of using this image.
  • Consider sponsoring me personalized support.

Bugfixes

  • Please, submit a Bug Report if something isn't working as expected. I'll do my best to issue a fix in short order.

Feature Requests

  • Feel free to submit a feature request, however there is no guarantee that it will be added, or at what timeline.
  • Consider sponsoring me regarding development of features.

Updates

  • Best effort to track upstream changes, More priority if I am actively using the image in a production environment.
  • Consider sponsoring me for up to date releases.

License

MIT. See LICENSE for more details.

References