From 3dd788f7ecf180f4153dfefdf3c69609b35cb548 Mon Sep 17 00:00:00 2001
From: BhasherBEL <git.it@bhasher.com>
Date: Fri, 22 Dec 2023 01:33:29 +0100
Subject: [PATCH] Onlyoffice to seafile

---
 bxl-shp/apps/docker-compose.file.yaml         |  76 ++++++++++++
 bxl-shp/apps/docker-compose.miniflux.yaml     |   2 +-
 bxl-shp/apps/docker-compose.onlyoffice.yaml   | 115 ------------------
 .../config/idp/authelia.configuration.yaml    |  14 +++
 4 files changed, 91 insertions(+), 116 deletions(-)
 create mode 100644 bxl-shp/apps/docker-compose.file.yaml
 delete mode 100644 bxl-shp/apps/docker-compose.onlyoffice.yaml

diff --git a/bxl-shp/apps/docker-compose.file.yaml b/bxl-shp/apps/docker-compose.file.yaml
new file mode 100644
index 0000000..97eed19
--- /dev/null
+++ b/bxl-shp/apps/docker-compose.file.yaml
@@ -0,0 +1,76 @@
+services: 
+  onlyoffice-documentserver:
+    container_name: onlyoffice-documentserver
+    image: onlyoffice/documentserver:latest
+    restart: unless-stopped
+    environment:
+    - JWT_SECRET=${ONLYOFFICE_JWT}
+    - WOPI_ENABLED=true
+    - JWT_ENABLED=true
+    volumes:
+    - $DATA/onlyoffice/DocumentServer/logs:/var/log/onlyoffice 
+    - $DATA/onlyoffice/DocumentServer/data:/var/www/onlyoffice/Data
+    - $DATA/onlyoffice/DocumentServer/lib:/var/lib/onlyoffice
+    - $DATA/onlyoffice/DocumentServer/db:/var/lib/postgresql
+    - $DATA/onlyoffice/DocumentServer/rabbitmq:/var/lib/rabbitmq
+    labels:
+    - "traefik.enable=true"
+    - "traefik.http.routers.onlyoffice-editor.rule=Host(`onlyoffice-editor.bhasher.com`)"
+    - "traefik.http.services.onlyoffice-editor.loadbalancer.server.port=80"
+    - "traefik.http.routers.onlyoffice-editor.tls=true"
+    - "traefik.http.routers.onlyoffice-editor.tls.certresolver=http"
+    - "traefik.http.routers.onlyoffice-editor.entrypoints=internalsecure,externalsecure"
+    - "traefik.http.routers.onlyoffice-editor.middlewares=httpsupgrade"
+    networks:
+    - external
+    - file
+
+  seafile-storage:
+    container_name: seafile-storage
+    image: mariadb:10.11
+    environment:
+    - MYSQL_ROOT_PASSWORD=${MARIADB_ROOT}
+    volumes:
+    - $DATA/file/db:/var/lib/mysql
+    networks:
+    - file
+
+  seafile-memcached:
+    container_name: seafile-memcached
+    image: memcached:1.6.18
+    entrypoint: memcached -m 256
+    networks:
+    - file
+
+  seafile:
+    container_name: seafile
+    image: seafileltd/seafile-mc:latest
+    volumes:
+    - $DATA/file/data:/shared   
+    environment:
+    - DB_HOST=seafile-storage
+    - DB_ROOT_PASSWD=${MARIADB_ROOT}
+    - TIME_ZONE=Europe/Paris
+    - SEAFILE_ADMIN_EMAIL=seafile.lan@bhasher.com
+    - SEAFILE_ADMIN_PASSWORD=${SEAFILE_PASSWORD}
+    - SEAFILE_SERVER_LETSENCRYPT=false
+    - SEAFILE_SERVER_HOSTNAME=file.bhasher.com
+    - DEBUG=true
+    depends_on:
+    - seafile-storage
+    - seafile-memcached
+    labels:
+    - "traefik.enable=true"
+    - "traefik.http.routers.seafile.rule=Host(`file.bhasher.com`)"
+    - "traefik.http.services.seafile.loadbalancer.server.port=80"
+    - "traefik.http.routers.seafile.tls=true"
+    - "traefik.http.routers.seafile.tls.certresolver=http"
+    - "traefik.http.routers.seafile.entrypoints=internalsecure"
+    networks:
+    - file
+    - external
+
+networks:
+  file:
+  external:
+    external: true
diff --git a/bxl-shp/apps/docker-compose.miniflux.yaml b/bxl-shp/apps/docker-compose.miniflux.yaml
index 1a390d5..aa4ff1d 100644
--- a/bxl-shp/apps/docker-compose.miniflux.yaml
+++ b/bxl-shp/apps/docker-compose.miniflux.yaml
@@ -20,7 +20,7 @@ services:
     - "traefik.http.routers.miniflux.tls=true"
     - "traefik.http.routers.miniflux.tls.certresolver=http"
     - "traefik.http.routers.miniflux.entrypoints=internalsecure"
-    - "traefik.http.routers.minifluxshare.rule=Host(`miniflux.bhasher.com`) && PathPrefix(`/share`)"
+    - "traefik.http.routers.minifluxshare.rule=Host(`miniflux.bhasher.com`) && (PathPrefix(`/share/`) || PathPrefix(`/stylesheets/`) || PathPrefix(`/icon/`))"
     - "traefik.http.routers.minifluxshare.service=minifluxshare-service"
     - "traefik.http.services.minifluxshare-service.loadbalancer.server.port=8080"
     - "traefik.http.routers.minifluxshare.tls=true"
diff --git a/bxl-shp/apps/docker-compose.onlyoffice.yaml b/bxl-shp/apps/docker-compose.onlyoffice.yaml
deleted file mode 100644
index 57bf770..0000000
--- a/bxl-shp/apps/docker-compose.onlyoffice.yaml
+++ /dev/null
@@ -1,115 +0,0 @@
-services: 
-  onlyoffice-documentserver:
-    container_name: onlyoffice-documentserver
-    image: onlyoffice/documentserver:latest
-    restart: unless-stopped
-    environment:
-    - JWT_SECRET=${ONLYOFFICE_JWT}
-    - WOPI_ENABLED=true
-    - JWT_ENABLED=false
-    volumes:
-    - $DATA/onlyoffice/DocumentServer/logs:/var/log/onlyoffice 
-    - $DATA/onlyoffice/DocumentServer/data:/var/www/onlyoffice/Data
-    - $DATA/onlyoffice/DocumentServer/lib:/var/lib/onlyoffice
-    - $DATA/onlyoffice/DocumentServer/db:/var/lib/postgresql
-    - $DATA/onlyoffice/DocumentServer/rabbitmq:/var/lib/rabbitmq
-    labels:
-    - "traefik.enable=true"
-    - "traefik.http.routers.onlyoffice-editor.rule=Host(`onlyoffice-editor.bhasher.com`)"
-    - "traefik.http.services.onlyoffice-editor.loadbalancer.server.port=80"
-    - "traefik.http.routers.onlyoffice-editor.tls=true"
-    - "traefik.http.routers.onlyoffice-editor.tls.certresolver=http"
-    - "traefik.http.routers.onlyoffice-editor.entrypoints=internalsecure,externalsecure"
-    - "traefik.http.routers.onlyoffice-editor.middlewares=httpsupgrade"
-    networks:
-    - external
-    - onlyoffice
-
-  onlyoffice-db:
-    container_name: onlyoffice-db
-    #image: mariadb:11
-    image: mysql:8.0.29
-    restart: unless-stopped
-    environment:
-    - MYSQL_ROOT_PASSWORD=${ONLYOFFICE_DB_PASS}
-    volumes:
-    - $CONFIG/onlyoffice/db/conf.d:/etc/mysql/conf.d
-    - $CONFIG/onlyoffice/db/docker-entrypoint-initdb.d:/docker-entrypoint-initdb.d
-    - $DATA/onlyoffice/CommunityServer/db:/var/lib/mysql
-    networks:
-    - onlyoffice
-
-  onlyoffice-community-server:
-    container_name: onlyoffice-community-server
-    image: onlyoffice/communityserver:12.0.1.1748
-    restart: unless-stopped
-    environment:
-    - ONLYOFFICE_CORE_MACHINEKEY=${ONLYOFFICE_COMMUNITY_KEY}
-    - CONTROL_PANEL_PORT_80_TCP=80
-    - CONTROL_PANEL_PORT_80_TCP_ADDR=onlyoffice-control-panel
-    - MYSQL_SERVER_ROOT_PASSWORD=${ONLYOFFICE_DB_PASS}
-    - MYSQL_SERVER_DB_NAME=onlyoffice
-    - MYSQL_SERVER_HOST=onlyoffice-db
-    - MYSQL_SERVER_USER=onlyoffice_user
-    - MYSQL_SERVER_PASS=onlyoffice_pass
-    - ELASTICSEARCH_SERVER_HOST=onlyoffice-elasticsearch
-    - ELASTICSEARCH_SERVER_HTTPPORT=9200
-    - NGINX_WORKER_PROCESSES=1
-    - NGINX_WORKER_CONNECTIONS=20
-    - CPU_PROCESSOR_COUNT=20
-    volumes:
-    - $DATA/onlyoffice/CommunityServer/data:/var/www/onlyoffice/Data
-    - $DATA/onlyoffice/CommunityServer/log:/var/log/onlyoffice
-    - /sys/fs/cgroup:/sys/fs/cgroup:rw
-    privileged: true
-    cgroup: host
-    labels:
-    - "traefik.enable=true"
-    - "traefik.http.routers.onlyoffice.rule=Host(`onlyoffice.bhasher.com`)"
-    - "traefik.http.services.onlyoffice.loadbalancer.server.port=80"
-    - "traefik.http.routers.onlyoffice.tls=true"
-    - "traefik.http.routers.onlyoffice.tls.certresolver=http"
-    - "traefik.http.routers.onlyoffice.entrypoints=internalsecure,externalsecure"
-    depends_on:
-    - onlyoffice-db
-    - onlyoffice-elasticsearch
-    networks:
-    - onlyoffice
-    - external
-    - auth
-
-  onlyoffice-elasticsearch:
-    container_name: onlyoffice-elasticsearch
-    image: onlyoffice/elasticsearch:7.16.3
-    restart: unless-stopped
-    environment:
-    - discovery.type=single-node
-    - bootstrap.memory_lock=true
-    - "ES_JAVA_OPTS=-Xms250m -Xmx250m -Dlog4j2.formatMsgNoLookups=true"
-    - "indices.fielddata.cache.size=15%"
-    - "indices.memory.index_buffer_size=15%" 
-    - "ingest.geoip.downloader.enabled=false"
-    volumes:
-    - $DATA/onlyoffice/CommunityServer/elasticsearch:/usr/share/elasticsearch/data
-    networks:
-    - onlyoffice    
-
-  onlyoffice-control-panel:
-    container_name: onlyoffice-control-panel
-    image: onlyoffice/controlpanel:3.1.1.467
-    restart: unless-stopped
-    environment:
-     - ONLYOFFICE_CORE_MACHINEKEY=${ONLYOFFICE_COMMUNITY_KEY}
-    volumes:
-    - /var/run/docker.sock:/var/run/docker.sock
-    - $DATA/onlyoffice/CommunityServer/cp-data:/var/www/onlyoffice/Data
-    - $DATA/onlyoffice/CommunityServer/cp-log:/var/log/onlyoffice
-    depends_on:
-     - onlyoffice-community-server
-    networks:
-    - onlyoffice
-
-networks:
-  onlyoffice:
-  external:
-    external: true
diff --git a/bxl-shp/config/idp/authelia.configuration.yaml b/bxl-shp/config/idp/authelia.configuration.yaml
index 7f20439..2d6b4a9 100644
--- a/bxl-shp/config/idp/authelia.configuration.yaml
+++ b/bxl-shp/config/idp/authelia.configuration.yaml
@@ -207,3 +207,17 @@ identity_providers:
       - groups
       - email
       userinfo_signing_algorithm: none
+    - id: seafile
+      description: Seafile
+      secret: '$argon2id$v=19$m=65536,t=3,p=4$vZ7/eiJGrPeuEWwllkN7zw$IhspEFbyQe/rBzchVs8iigsQKbYsXPfBBhR2Loo0afI'
+      public: false
+      authorization_policy: one_factor
+      redirect_uris:
+        - https://file.bhasher.com/oauth/callback/
+      consent_mode: implicit
+      scopes:
+        - openid
+        - profile
+        - email
+      userinfo_signing_algorithm: none
+