Initial import

Containers/apache/Caddyfile

@@ -0,0 +1,53 @@
+{
+    auto_https disable_redirects
+
+    storage file_system {
+        root /mnt/data/caddy
+    }
+}
+
+{$NC_DOMAIN}:443 {
+
+    # Notify Push
+    route /push/* {
+        uri strip_prefix /push
+        reverse_proxy {$NEXTCLOUD_HOST}:7867
+    }
+
+    # Talk
+    route /standalone-signaling/* {
+        uri strip_prefix /standalone-signaling
+        reverse_proxy {$TALK_HOST}:8081
+    }
+
+    # Collabora
+    route /browser/* {
+        reverse_proxy https://{$COLLABORA_HOST}:9980 {
+            transport http {
+                tls_insecure_skip_verify
+            }
+        }
+    }
+    route /hosting/* {
+        reverse_proxy https://{$COLLABORA_HOST}:9980 {
+            transport http {
+                tls_insecure_skip_verify
+            }
+        }
+    }
+    route /cool/* {
+        reverse_proxy https://{$COLLABORA_HOST}:9980 {
+            transport http {
+                tls_insecure_skip_verify
+            }
+        }
+    }
+
+    # Nextcloud
+    route {
+        rewrite /.well-known/carddav /remote.php/dav
+        rewrite /.well-known/caldav /remote.php/dav
+        header Strict-Transport-Security max-age=31536000;
+        reverse_proxy localhost:80
+    }
+}

Containers/apache/Dockerfile

@@ -0,0 +1,68 @@
+FROM debian:bullseye
+
+EXPOSE 80
+
+RUN mkdir -p /mnt/data; \
+    chown www-data:www-data /mnt/data;
+
+VOLUME /mnt/data
+
+RUN set -ex; \
+    \
+    apt-get update; \
+    apt-get install -y --no-install-recommends \
+        apache2 \
+        supervisor \
+        wget \
+        ca-certificates \
+        openssl \
+        netcat \
+    ; \
+    rm -rf /var/lib/apt/lists/*
+
+RUN wget "https://caddyserver.com/api/download?os=linux&arch=amd64" -O "/usr/bin/caddy" \
+    && chmod +x /usr/bin/caddy \
+    && /usr/bin/caddy version
+
+RUN a2enmod rewrite \
+    headers \
+    proxy \
+    proxy_fcgi \
+    setenvif \
+    env \
+    mime \
+    dir \
+    authz_core \
+    alias
+
+COPY nextcloud.conf /etc/apache2/sites-available/
+
+RUN a2dissite 000-default && \
+    a2dissite default-ssl && \
+    a2ensite nextcloud.conf && \
+    rm -rf /var/www/html/* && \
+    service apache2 restart; \
+    chown www-data:www-data -R /var/log/apache2; \
+    chown -R www-data:www-data /var/run/apache2; \
+    chown -R www-data:www-data /var/www;
+
+RUN mkdir /var/log/supervisord; \
+    mkdir /var/run/supervisord; \
+    chown www-data:www-data /var/run/supervisord; \
+    chown www-data:www-data /var/log/supervisord;
+
+COPY Caddyfile /
+
+COPY start.sh /usr/bin/
+COPY supervisord.conf /
+RUN chmod +x /usr/bin/start.sh; \
+    chmod +r /supervisord.conf; \
+    chmod +r /Caddyfile;
+
+# Give root a random password
+RUN echo "root:$(openssl rand -base64 12)" | chpasswd
+
+USER www-data
+
+ENTRYPOINT ["start.sh"]
+CMD ["/usr/bin/supervisord", "-c", "/supervisord.conf"]

Containers/apache/nextcloud.conf

@@ -0,0 +1,22 @@
+<VirtualHost *:80>
+    # PHP match
+    <FilesMatch "\.php$">
+        SetHandler "proxy:fcgi://nextcloud-aio-nextcloud:9000"
+    </FilesMatch>
+    # Nextcloud dir
+    DocumentRoot /var/www/html/
+    <Directory /var/www/html/>
+        Options Indexes FollowSymLinks
+        Require all granted
+        AllowOverride All
+        Options FollowSymLinks MultiViews
+        Satisfy Any
+        <IfModule mod_dav.c>
+            Dav off
+        </IfModule>
+    </Directory>
+    # Deny access to .ht files
+    <Files ".ht*">
+        Require all denied
+    </Files>
+</VirtualHost>

Containers/apache/start.sh

@@ -0,0 +1,32 @@
+#!/bin/bash
+
+if [ -z "$NC_DOMAIN" ]; then
+    echo "NC_DOMAIN and NEXTCLOUD_HOST need to be provided. Exiting!"
+    exit 1
+fi
+
+# Need write access to /mnt/data
+if ! [ -w /mnt/data ]; then
+    echo "Cannot write to /mnt/data"
+    exit 1
+fi
+
+# Only start container if nextcloud is accessible
+while ! nc -z "$NEXTCLOUD_HOST" 9000; do
+    echo "Waiting for Nextcloud to start..."
+    sleep 5
+done
+
+# Only start container if collabora is started
+while ! nc -z "$COLLABORA_HOST" 9980; do
+    echo "Waiting for Collabora to start..."
+    sleep 5
+done
+
+# Add caddy path
+mkdir -p /mnt/data/caddy/
+
+# Fix apache sturtup
+rm -f /var/run/apache2/apache2.pid
+
+exec "$@"

Containers/apache/supervisord.conf

@@ -0,0 +1,23 @@
+[supervisord]
+nodaemon=true
+nodaemon=true
+logfile=/var/log/supervisord/supervisord.log
+pidfile=/var/run/supervisord/supervisord.pid
+childlogdir=/var/log/supervisord/
+logfile_maxbytes=50MB                           
+logfile_backups=10                              
+loglevel=error
+
+[program:apache]
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/stderr
+stderr_logfile_maxbytes=0
+command=apachectl -DFOREGROUND
+
+[program:caddy]
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/stderr
+stderr_logfile_maxbytes=0
+command=/usr/bin/caddy run -config /Caddyfile