commit d2b0cb8

Merge: 15f7c00 6e3752b
Author: Jörn Friedrich Dreyer <jfd@owncloud.com>
Date:   Thu May 5 12:31:41 2022 +0000

    Merge pull request #3690 from wkloucek/fix-deployment-examples

    fix deployment examples

extensions/_includes/adoc/app-provider_configvars.adoc

@@ -79,6 +79,14 @@ APP_PROVIDER_JWT_SECRET`
 | string
 | 127.0.0.1:9142
 | 
+| `APP_PROVIDER_EXTERNAL_ADDR`
+| string
+| 
+| 
+| `APP_PROVIDER_DRIVER`
+| string
+| 
+| 
 | `APP_PROVIDER_WOPI_APP_API_KEY`
 | string
 | 

extensions/_includes/adoc/frontend_configvars.adoc

@@ -125,6 +125,11 @@ FRONTEND_PUBLIC_URL`
 | string
 | https://localhost:9200
 | 
+| `OCIS_INSECURE +
+FRONTEND_APP_HANDLER_INSECURE`
+| bool
+| false
+| 
 | `FRONTEND_ARCHIVER_MAX_NUM_FILES`
 | int64
 | 10000

extensions/_includes/app-provider_configvars.md

@@ -18,6 +18,8 @@
 | APP_PROVIDER_GRPC_PROTOCOL | string | tcp | The transport protocol of the grpc service.|
 | OCIS_JWT_SECRET<br/>APP_PROVIDER_JWT_SECRET | string |  | |
 | REVA_GATEWAY | string | 127.0.0.1:9142 | |
+| APP_PROVIDER_EXTERNAL_ADDR | string |  | |
+| APP_PROVIDER_DRIVER | string |  | |
 | APP_PROVIDER_WOPI_APP_API_KEY | string |  | api key for the wopi app|
 | APP_PROVIDER_WOPI_APP_DESKTOP_ONLY | bool | false | offer this app only on desktop|
 | APP_PROVIDER_WOPI_APP_ICON_URI | string |  | uri to an app icon to be used by clients|

extensions/_includes/frontend-config-example.yaml

@@ -34,6 +34,8 @@ upload_max_chunk_size: 100000000
 upload_http_method_override: ""
 default_upload_protocol: tus
 public_url: https://localhost:9200
+app_handler:
+  insecure: false
 archiver:
   max_num_files: 10000
   max_size: 1073741824

extensions/_includes/frontend_configvars.md

@@ -29,6 +29,7 @@
 | FRONTEND_UPLOAD_HTTP_METHOD_OVERRIDE | string |  | |
 | FRONTEND_DEFAULT_UPLOAD_PROTOCOL | string | tus | |
 | OCIS_URL<br/>FRONTEND_PUBLIC_URL | string | https://localhost:9200 | |
+| OCIS_INSECURE<br/>FRONTEND_APP_HANDLER_INSECURE | bool | false | |
 | FRONTEND_ARCHIVER_MAX_NUM_FILES | int64 | 10000 | |
 | FRONTEND_ARCHIVER_MAX_SIZE | int64 | 1073741824 | |
 | OCIS_INSECURE<br/>FRONTEND_ARCHIVER_INSECURE | bool | false | |

extensions/app-registry/apps.md

@@ -439,7 +439,7 @@ services:
     ...
     environment:
       ...
-      STORAGE_GATEWAY_GRPC_ADDR: 0.0.0.0:9142 # make the REVA gateway accessible to the app drivers
+      GATEWAY_GRPC_ADDR: 0.0.0.0:9142 # make the REVA gateway accessible to the app drivers
 
   ocis-appdriver-collabora:
     image: owncloud/ocis:latest

grpc_apis/ocis/messages/accounts/v0/grpc.md

@@ -1,7 +1,7 @@
 ---
 title: "ocis.messages.accounts.v0"
 url: /grpc_apis/ocis_messages_accounts_v0
-date: 2022-05-05T11:47:01Z
+date: 2022-05-05T12:33:30Z
 weight: 50
 geekdocRepo: https://github.com/owncloud/ocis
 ---

grpc_apis/ocis/messages/search/v0/grpc.md

@@ -1,7 +1,7 @@
 ---
 title: "ocis.messages.search.v0"
 url: /grpc_apis/ocis_messages_search_v0
-date: 2022-05-05T11:47:01Z
+date: 2022-05-05T12:33:30Z
 weight: 50
 geekdocRepo: https://github.com/owncloud/ocis
 ---

grpc_apis/ocis/messages/settings/v0/grpc.md

@@ -1,7 +1,7 @@
 ---
 title: "ocis.messages.settings.v0"
 url: /grpc_apis/ocis_messages_settings_v0
-date: 2022-05-05T11:47:01Z
+date: 2022-05-05T12:33:30Z
 weight: 50
 geekdocRepo: https://github.com/owncloud/ocis
 ---

grpc_apis/ocis/messages/store/v0/grpc.md

@@ -1,7 +1,7 @@
 ---
 title: "ocis.messages.store.v0"
 url: /grpc_apis/ocis_messages_store_v0
-date: 2022-05-05T11:47:01Z
+date: 2022-05-05T12:33:30Z
 weight: 50
 geekdocRepo: https://github.com/owncloud/ocis
 ---

grpc_apis/ocis/messages/thumbnails/v0/grpc.md

@@ -1,7 +1,7 @@
 ---
 title: "ocis.messages.thumbnails.v0"
 url: /grpc_apis/ocis_messages_thumbnails_v0
-date: 2022-05-05T11:47:01Z
+date: 2022-05-05T12:33:30Z
 weight: 50
 geekdocRepo: https://github.com/owncloud/ocis
 ---

grpc_apis/ocis/services/accounts/v0/grpc.md

@@ -1,7 +1,7 @@
 ---
 title: "ocis.services.accounts.v0"
 url: /grpc_apis/ocis_services_accounts_v0
-date: 2022-05-05T11:47:01Z
+date: 2022-05-05T12:33:30Z
 weight: 50
 geekdocRepo: https://github.com/owncloud/ocis
 ---

grpc_apis/ocis/services/search/v0/grpc.md

@@ -1,7 +1,7 @@
 ---
 title: "ocis.services.search.v0"
 url: /grpc_apis/ocis_services_search_v0
-date: 2022-05-05T11:47:01Z
+date: 2022-05-05T12:33:30Z
 weight: 50
 geekdocRepo: https://github.com/owncloud/ocis
 ---

grpc_apis/ocis/services/settings/v0/grpc.md

@@ -1,7 +1,7 @@
 ---
 title: "ocis.services.settings.v0"
 url: /grpc_apis/ocis_services_settings_v0
-date: 2022-05-05T11:47:01Z
+date: 2022-05-05T12:33:30Z
 weight: 50
 geekdocRepo: https://github.com/owncloud/ocis
 ---

grpc_apis/ocis/services/store/v0/grpc.md

@@ -1,7 +1,7 @@
 ---
 title: "ocis.services.store.v0"
 url: /grpc_apis/ocis_services_store_v0
-date: 2022-05-05T11:47:01Z
+date: 2022-05-05T12:33:30Z
 weight: 50
 geekdocRepo: https://github.com/owncloud/ocis
 ---

grpc_apis/ocis/services/thumbnails/v0/grpc.md

@@ -1,7 +1,7 @@
 ---
 title: "ocis.services.thumbnails.v0"
 url: /grpc_apis/ocis_services_thumbnails_v0
-date: 2022-05-05T11:47:01Z
+date: 2022-05-05T12:33:30Z
 weight: 50
 geekdocRepo: https://github.com/owncloud/ocis
 ---

ocis/deployment/oc10_ocis_parallel.md

@@ -54,60 +54,60 @@ See also [example server setup]({{< ref "preparing_server" >}})
   The file by default looks like this:
 
   ```bash
-      # If you're on a internet facing server please comment out following line.
-      # It skips certificate validation for various parts of oCIS and is needed if you use self signed certificates.
-      INSECURE=true
-
-      ### Traefik settings ###
-      TRAEFIK_LOG_LEVEL=
-      # Serve Traefik dashboard. Defaults to "false".
-      TRAEFIK_DASHBOARD=
-      # Domain of Traefik, where you can find the dashboard. Defaults to "traefik.owncloud.test"
-      TRAEFIK_DOMAIN=
-      # Basic authentication for the dashboard. Defaults to user "admin" and password "admin"
-      TRAEFIK_BASIC_AUTH_USERS=
-      # Email address for obtaining LetsEncrypt certificates, needs only be changed if this is a public facing server
-      TRAEFIK_ACME_MAIL=
-
-      ### shared oCIS / oC10 settings ###
-      # Domain of oCIS / oC10, where you can find the frontend. Defaults to "cloud.owncloud.test"
-      CLOUD_DOMAIN=
-
-      ### oCIS settings ###
-      # oCIS version. Defaults to "latest"
-      OCIS_DOCKER_TAG=
-      # JWT secret which is used for the storage provider. Must be changed in order to have a secure oCIS. Defaults to "Pive-Fumkiu4"
-      OCIS_JWT_SECRET=
-      # JWT secret which is used for uploads to create transfer tokens. Must be changed in order to have a secure oCIS. Defaults to "replace-me-with-a-transfer-secret"
-      STORAGE_TRANSFER_SECRET=
-      # Machine auth api key secret. Must be changed in order to have a secure oCIS. Defaults to "change-me-please"
-      OCIS_MACHINE_AUTH_API_KEY=
-
-      ### oCIS settings ###
-      # oC10 version. Defaults to "latest"
-      OC10_DOCKER_TAG=
-      # client secret which the openidconnect app uses to authenticate to Keycloak. Defaults to "oc10-oidc-secret"
-      OC10_OIDC_CLIENT_SECRET=
-      # app which will be shown when opening the ownCloud 10 UI. Defaults to "files" but also could be set to "web"
-      OWNCLOUD_DEFAULT_APP=
-      # if set to "false" (default) links will be opened in the classic UI, if set to "true" ownCloud Web is used
-      OWNCLOUD_WEB_REWRITE_LINKS=
-
-      ### LDAP settings ###
-      # password for the LDAP admin user "cn=admin,dc=owncloud,dc=com", defaults to "admin"
-      LDAP_ADMIN_PASSWORD=
-      # Domain of the LDAP management frontend. Defaults to "ldap.owncloud.test"
-      LDAP_MANAGER_DOMAIN=
-
-      ### Keycloak ###
-      # Domain of Keycloak, where you can find the management and authentication frontend. Defaults to "keycloak.owncloud.test"
-      KEYCLOAK_DOMAIN=
-      # Realm which to be used with oC10 and oCIS. Defaults to "owncloud"
-      KEYCLOAK_REALM=
-      # Admin user login name. Defaults to "admin"
-      KEYCLOAK_ADMIN_USER=
-      # Admin user login password. Defaults to "admin"
-      KEYCLOAK_ADMIN_PASSWORD=
+  # If you're on a internet facing server please comment out following line.
+  # It skips certificate validation for various parts of oCIS and is needed if you use self signed certificates.
+  INSECURE=true
+
+  ### Traefik settings ###
+  TRAEFIK_LOG_LEVEL=
+  # Serve Traefik dashboard. Defaults to "false".
+  TRAEFIK_DASHBOARD=
+  # Domain of Traefik, where you can find the dashboard. Defaults to "traefik.owncloud.test"
+  TRAEFIK_DOMAIN=
+  # Basic authentication for the dashboard. Defaults to user "admin" and password "admin"
+  TRAEFIK_BASIC_AUTH_USERS=
+  # Email address for obtaining LetsEncrypt certificates, needs only be changed if this is a public facing server
+  TRAEFIK_ACME_MAIL=
+
+  ### shared oCIS / oC10 settings ###
+  # Domain of oCIS / oC10, where you can find the frontend. Defaults to "cloud.owncloud.test"
+  CLOUD_DOMAIN=
+
+  ### oCIS settings ###
+  # oCIS version. Defaults to "latest"
+  OCIS_DOCKER_TAG=
+  # JWT secret which is used for the storage provider. Must be changed in order to have a secure oCIS. Defaults to "Pive-Fumkiu4"
+  OCIS_JWT_SECRET=
+  # JWT secret which is used for uploads to create transfer tokens. Must be changed in order to have a secure oCIS. Defaults to "replace-me-with-a-transfer-secret"
+  STORAGE_TRANSFER_SECRET=
+  # Machine auth api key secret. Must be changed in order to have a secure oCIS. Defaults to "change-me-please"
+  OCIS_MACHINE_AUTH_API_KEY=
+
+  ### oCIS settings ###
+  # oC10 version. Defaults to "latest"
+  OC10_DOCKER_TAG=
+  # client secret which the openidconnect app uses to authenticate to Keycloak. Defaults to "oc10-oidc-secret"
+  OC10_OIDC_CLIENT_SECRET=
+  # app which will be shown when opening the ownCloud 10 UI. Defaults to "files" but also could be set to "web"
+  OWNCLOUD_DEFAULT_APP=
+  # if set to "false" (default) links will be opened in the classic UI, if set to "true" ownCloud Web is used
+  OWNCLOUD_WEB_REWRITE_LINKS=
+
+  ### LDAP settings ###
+  # password for the LDAP admin user "cn=admin,dc=owncloud,dc=com", defaults to "admin"
+  LDAP_ADMIN_PASSWORD=
+  # Domain of the LDAP management frontend. Defaults to "ldap.owncloud.test"
+  LDAP_MANAGER_DOMAIN=
+
+  ### Keycloak ###
+  # Domain of Keycloak, where you can find the management and authentication frontend. Defaults to "keycloak.owncloud.test"
+  KEYCLOAK_DOMAIN=
+  # Realm which to be used with oC10 and oCIS. Defaults to "owncloud"
+  KEYCLOAK_REALM=
+  # Admin user login name. Defaults to "admin"
+  KEYCLOAK_ADMIN_USER=
+  # Admin user login password. Defaults to "admin"
+  KEYCLOAK_ADMIN_PASSWORD=
   ```
 
   You are installing oCIS on a server and Traefik will obtain valid certificates for you so please remove `INSECURE=true` or set it to `false`.

ocis/deployment/ocis_hello.md

@@ -48,39 +48,34 @@ See also [example server setup]({{< ref "preparing_server" >}})
   The file by default looks like this:
 
   ```bash
-      # If you're on a internet facing server please comment out following line.
-      # It skips certificate validation for various parts of oCIS and is needed if you use self signed certificates.
-      INSECURE=true
-
-      ### Traefik settings ###
-      # Serve Traefik dashboard. Defaults to "false".
-      TRAEFIK_DASHBOARD=
-      # Domain of Traefik, where you can find the dashboard. Defaults to "traefik.owncloud.test"
-      TRAEFIK_DOMAIN=
-      # Basic authentication for the dashboard. Defaults to user "admin" and password "admin"
-      TRAEFIK_BASIC_AUTH_USERS=
-      # Email address for obtaining LetsEncrypt certificates, needs only be changed if this is a public facing server
-      TRAEFIK_ACME_MAIL=
-
-      ### oCIS settings ###
-      # oCIS version. Defaults to "latest"
-      OCIS_DOCKER_TAG=
-      # Domain of oCIS, where you can find the frontend. Defaults to "ocis.owncloud.test"
-      OCIS_DOMAIN=
-      # IDP LDAP bind password. Must be changed in order to have a secure oCIS. Defaults to "idp".
-      IDP_LDAP_BIND_PASSWORD=
-      # Storage LDAP bind password. Must be changed in order to have a secure oCIS. Defaults to "reva".
-      STORAGE_LDAP_BIND_PASSWORD=
-      # JWT secret which is used for the storage provider. Must be changed in order to have a secure oCIS. Defaults to "Pive-Fumkiu4"
-      OCIS_JWT_SECRET=
-      # JWT secret which is used for uploads to create transfer tokens. Must be changed in order to have a secure oCIS. Defaults to "replace-me-with-a-transfer-secret"
-      STORAGE_TRANSFER_SECRET=
-      # Machine auth api key secret. Must be changed in order to have a secure oCIS. Defaults to "change-me-please"
-      OCIS_MACHINE_AUTH_API_KEY=
-
-      ### oCIS Hello settings ###
-      # oCIS Hello version. Defaults to "latest"
-      OCIS_HELLO_DOCKER_TAG=
+  # If you're on a internet facing server please comment out following line.
+  # It skips certificate validation for various parts of oCIS and is needed if you use self signed certificates.
+  INSECURE=true
+
+  ### Traefik settings ###
+  # Serve Traefik dashboard. Defaults to "false".
+  TRAEFIK_DASHBOARD=
+  # Domain of Traefik, where you can find the dashboard. Defaults to "traefik.owncloud.test"
+  TRAEFIK_DOMAIN=
+  # Basic authentication for the dashboard. Defaults to user "admin" and password "admin"
+  TRAEFIK_BASIC_AUTH_USERS=
+  # Email address for obtaining LetsEncrypt certificates, needs only be changed if this is a public facing server
+  TRAEFIK_ACME_MAIL=
+
+  ### oCIS settings ###
+  # oCIS version. Defaults to "latest"
+  OCIS_DOCKER_TAG=
+  # Domain of oCIS, where you can find the frontend. Defaults to "ocis.owncloud.test"
+  OCIS_DOMAIN=
+  # oCIS admin user password. Defaults to "admin".
+  ADMIN_PASSWORD=
+  # The demo users should not be created on a production instance
+  # because their passwords are public. Defaults to "false".
+  DEMO_USERS=
+
+  ### oCIS Hello settings ###
+  # oCIS Hello version. Defaults to "latest"
+  OCIS_HELLO_DOCKER_TAG=
   ```
 
   You are installing oCIS on a server and Traefik will obtain valid certificates for you so please remove `INSECURE=true` or set it to `false`.
@@ -95,6 +90,8 @@ See also [example server setup]({{< ref "preparing_server" >}})
 
   Set your domain for the oCIS frontend in `OCIS_DOMAIN=`, e.g. `OCIS_DOMAIN=ocis.owncloud.test`.
 
+  Set the initial admin user password in `ADMIN_PASSWORD=`, it defaults to `admin`.
+
   By default the oCIS Hello extension will be started in the `latest` version. If you want to start a specific version of oCIS Hello set the version to `OCIS_HELLO_DOCKER_TAG=`. Available versions can be found on [Docker Hub](https://hub.docker.com/r/owncloud/ocis-hello/tags?page=1&ordering=last_updated).
 
   Now you have configured everything and can save the file.

ocis/deployment/ocis_individual_services.md

@@ -45,6 +45,7 @@ See also [example server setup]({{< ref "preparing_server" >}})
 
 * Open the `.env` file in a text editor
   The file by default looks like this:
+
   ```bash
   # If you're on a internet facing server please comment out following line.
   # It skips certificate validation for various parts of oCIS and is needed if you use self signed certificates.

ocis/deployment/ocis_keycloak.md

@@ -49,6 +49,7 @@ See also [example server setup]({{< ref "preparing_server" >}})
 
 * Open the `.env` file in a text editor
   The file by default looks like this:
+
   ```bash
   # If you're on a internet facing server please comment out following line.
   # It skips certificate validation for various parts of oCIS and is needed if you use self signed certificates.