flywithu/kopano-docker
1
0
Fork 0
mirror of https://github.com/zokradonh/kopano-docker synced 2025-06-05 23:16:12 +00:00
Code Issues Releases Wiki Activity
kopano-docker/web
History
Felix Bartels 29f06f906c
Enable separately hosted kwmbridge (#471) 
* block access to internal endpoints
* add dedicated vhost for kwmserver mcu api
* update docker-compose.yml
2020-12-08 13:38:32 +01:00
..
Dockerfile
Prepare update of kopano-meet for Univention (#466)
2020-10-02 15:13:35 +02:00
kweb.cfg
Enable separately hosted kwmbridge (#471)
2020-12-08 13:38:32 +01:00
README.md
fallback to a hardcoded value in case FQDNCLEANED is not set (#443)
2020-09-15 11:29:41 +02:00
tls_auto
add a switch to allow usage of specific ssl cert (#389)
2020-05-01 14:32:37 +02:00
tls_custom
add a switch to allow usage of specific ssl cert (#389)
2020-05-01 14:32:37 +02:00
tls_off
add a switch to allow usage of specific ssl cert (#389)
2020-05-01 14:32:37 +02:00
tls_selfsigned
add a switch to allow usage of specific ssl cert (#389)
2020-05-01 14:32:37 +02:00
wrapper.sh
fallback to a hardcoded value in case FQDNCLEANED is not set (#443)
2020-09-15 11:29:41 +02:00

README.md

Kopano Web image

Reverse Proxy to securely and with as less configuration effort as possible expose Kopano to the public internet.

In its default configuration this container will redirect requests to the root of the domain (so for example when opening https://kopano.demo/ in a browser) to https://kopano.demo/webapp. To redirect to a different path the environment variable DEFAULTREDIRECT needs to be configured.

Example:

# the following value needs to be added to .env
DEFAULTREDIRECT=/meet

Serving additional files

Kweb in the Web container can easily be extended to serve static content. By default it will serve all content that has been copied into /var/www/. To extend the built in configuration file just add an additional file into /etc/kweb-extras/. Kweb is using the Caddyfile syntax.

Using existing ssl certificates

By default this container will use automatic tls certificates provided by Let's Encrypt. This can be influenced through the following environment variables:

# 1. Automatic certificate from Let's Encrypt
TLS_MODE=tls_auto
EMAIL=example@example.com

# 2. Custom certificate and key
TLS_MODE=tls_custom
TLS_CERT=/src/ssl/cert.pem
TLS_KEY=/src/ssl/key.pem

# 3. Self signed certificate (FOR DEBUGGING)
TLS_MODE=tls_selfsigned

# 4. Disable TLS entirely
TLS_MODE=tls_off

Using a reverse proxy in front of this container

In case there is already an ssl terminating proxy in the network this container can be switched to plain http by either setting EMAIL=off or TLS_MODE=tls_off.

In addition to this the default docker-compose.yml has a tweak to route all traffic for the configured domain through this container. This route needs to be changed when this container is only offering http access by removing FQDNCLEANED from .env.

When using an external reverse proxy it is recommended to proxy connections to port 2015 of this container. Additionally connections to /api/kwm/v2/rtm/websocket need to be upgraded to websocket connections.

Information needed when not running your own reverse proxy

The kopano_webapp container is accessible on port 9080 and serves the WebApp on /webapp.