Add support for installing/configuring the Office (Collabora) app

defaults/main.yml

@@ -254,3 +254,8 @@ nextcloud_floc_optout_enabled: true
 # - https://hstspreload.org/#opt-in
 # See: `nextcloud_http_header_strict_transport_security`
 nextcloud_hsts_preload_enabled: false
+
+# Collabora Online integration.
+# See the `collabora-online` role.
+nextcloud_collabora_app_wopi_url: ''
+nextcloud_collabora_app_wopi_allowlist: '10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16'

tasks/adjust_config.yml

@@ -12,7 +12,7 @@
     - name: Adjust Nextcloud configuration (set trusted_proxies)
       ansible.builtin.command:
         cmd: |-
-          docker exec --user={{ nextcloud_uid }}:{{ nextcloud_gid }} {{ nextcloud_identifier }}-server php /var/www/html/occ --no-warnings config:system:set trusted_proxies 1 --type=string --value={{ nextcloud_reverse_proxy_container_network_subnet_result.stdout }}
+          docker exec --user={{ nextcloud_uid }}:{{ nextcloud_gid }} {{ nextcloud_identifier }}-server php /var/www/html/occ --no-warnings config:system:set trusted_proxies 0 --type=string --value={{ nextcloud_reverse_proxy_container_network_subnet_result.stdout }}
 
 - name: Adjust Nextcloud configuration (disable bruteforce protection)
   ansible.builtin.command:

tasks/app_install_collabora.yml

@@ -0,0 +1,48 @@
+---
+
+- name: Fail if required Collabora App settings not defined
+  when: "vars[item] == ''"
+  ansible.builtin.fail:
+    msg: |
+      A required setting (`{{ item }}`) hasn't been defined.
+  with_items:
+    - nextcloud_collabora_app_wopi_url
+    - nextcloud_collabora_app_wopi_allowlist
+
+- name: Ensure Nextcloud is started
+  ansible.builtin.service:
+    name: "{{ nextcloud_identifier }}-server"
+    state: started
+    daemon_reload: true
+  register: nextcloud_start
+
+- name: Wait a while, so that Nextcloud can manage to start
+  ansible.builtin.pause:
+    seconds: 7
+  when: nextcloud_start.changed | bool
+
+- name: Install Nextcloud office (Collabora app)
+  ansible.builtin.shell:
+    cmd: "docker exec --user={{ nextcloud_uid }}:{{ nextcloud_gid }} {{ nextcloud_identifier }}-server php /var/www/html/occ --no-warnings app:install richdocuments"
+  failed_when: false
+  register: collabora_install_result
+
+- name: Fail if Nextcloud office (Collabora app) failed to install
+  ansible.builtin.fail:
+    msg: "Nextcloud Office failed to install. Full error: {{ collabora_install_result }}"
+  when: "collabora_install_result.rc != 0 and collabora_install_result.stdout != 'richdocuments already installed'"
+
+- name: Check existence of Collabora network in Docker
+  ansible.builtin.command:
+    cmd: "{{ devture_systemd_docker_base_host_command_docker }} network inspect {{ collabora_online_container_network }} --format {%raw%}'{{ (index .IPAM.Config 0).Subnet }}'{%endraw%}"
+  register: collabora_online_container_network_subnet
+  changed_when: false
+
+- name: Configure Collabora app
+  ansible.builtin.shell:
+    cmd: "docker exec --user={{ nextcloud_uid }}:{{ nextcloud_gid }} {{ nextcloud_identifier }}-server php /var/www/html/occ --no-warnings config:app:set richdocuments {{ item.key }} --value=\"{{ item.value }}\""
+  with_items:
+    - key: wopi_url
+      value: "{{ nextcloud_collabora_app_wopi_url }}"
+    - key: wopi_allowlist
+      value: "{{ nextcloud_collabora_app_wopi_allowlist }}"

tasks/main.yml

@@ -24,6 +24,12 @@
     - when: nextcloud_enabled | bool
       ansible.builtin.include_tasks: "{{ role_path }}/tasks/print_db_credentials.yml"
 
+- tags:
+    - install-nextcloud-app-collabora
+  block:
+    - when: nextcloud_enabled | bool
+      ansible.builtin.include_tasks: "{{ role_path }}/tasks/app_install_collabora.yml"
+
 - tags:
     - setup-all
     - setup-nextcloud