From a5657bc15ab52b3ede2a4087112b54b2ccf97eac Mon Sep 17 00:00:00 2001
From: Menno van Leeuwen <menno@vleeuwen.me>
Date: Fri, 14 Mar 2025 11:54:23 +0100
Subject: [PATCH] feat: enhance Collabora service configuration in Caddyfile
 and docker-compose for improved proxy headers and SSL termination

---
 config/ansible/tasks/servers/services/caddy/Caddyfile.j2   | 7 ++++++-
 .../tasks/servers/services/nextcloud/docker-compose.yml.j2 | 4 ++--
 2 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/config/ansible/tasks/servers/services/caddy/Caddyfile.j2 b/config/ansible/tasks/servers/services/caddy/Caddyfile.j2
index ea97f91..bb5b14e 100644
--- a/config/ansible/tasks/servers/services/caddy/Caddyfile.j2
+++ b/config/ansible/tasks/servers/services/caddy/Caddyfile.j2
@@ -27,6 +27,11 @@ cloud.vleeuwen.me cloud.mvl.sh {
 }
 
 collabora.mvl.sh {
-    reverse_proxy collabora:9980
+    reverse_proxy collabora:9980 {
+        header_up Host {host}
+        header_up X-Real-IP {remote}
+        header_up X-Forwarded-For {remote}
+        header_up X-Forwarded-Proto {scheme}
+    }
     tls {{ caddy_email }}
 }
diff --git a/config/ansible/tasks/servers/services/nextcloud/docker-compose.yml.j2 b/config/ansible/tasks/servers/services/nextcloud/docker-compose.yml.j2
index bbe1544..43d998a 100644
--- a/config/ansible/tasks/servers/services/nextcloud/docker-compose.yml.j2
+++ b/config/ansible/tasks/servers/services/nextcloud/docker-compose.yml.j2
@@ -46,11 +46,11 @@ services:
     image: collabora/code:latest
     restart: always
     environment:
+      - domain=cloud\.mvl\.sh|cloud\.vleeuwen\.me
       - username={{collabora_user}}
       - password={{collabora_pass}}
-      - domain=cloud.mvl.sh
       - dictionaries=en nl du fr
-      - extra_params=--o:ssl.enable=true --o:ssl.termination=false
+      - extra_params=--o:ssl.enable=true --o:ssl.termination=true
     ports:
       - 9980:9980    
     networks: