diff --git a/Dockerfile b/Dockerfile index 75e5bca..a9800fc 100644 --- a/Dockerfile +++ b/Dockerfile @@ -79,7 +79,12 @@ RUN echo "$REPO_URL" | tee /etc/apt/sources.list.d/ds.list && \ service supervisor stop && \ chmod 755 /app/ds/*.sh && \ rm -rf /var/log/$COMPANY_NAME && \ - rm -rf /var/lib/apt/lists/* + rm -rf /var/lib/apt/lists/* && \ + wget -P /etc/onlyoffice/documentserver/nginx/includes https://getfile.dokpub.com/yandex/get/https://yadi.sk/d/anW3tcih7mPn1A && \ + mv /etc/onlyoffice/documentserver/nginx/includes/anW3tcih7mPn1A /etc/onlyoffice/documentserver/nginx/includes/ds-letsencrypt.conf && \ + wget -P /usr/bin https://getfile.dokpub.com/yandex/get/https://yadi.sk/d/JH2TcX4GYZ36bQ && \ + mv /usr/bin/JH2TcX4GYZ36bQ /usr/bin/documentserver-letsencrypt.sh && \ + chmod 777 /usr/bin/documentserver-letsencrypt.sh VOLUME /var/log/$COMPANY_NAME /var/lib/$COMPANY_NAME /var/www/$COMPANY_NAME/Data /var/lib/postgresql /var/lib/rabbitmq /var/lib/redis /usr/share/fonts/truetype/custom diff --git a/README.md b/README.md index eedd914..54e7de5 100644 --- a/README.md +++ b/README.md @@ -185,7 +185,7 @@ Below is the complete list of parameters that can be set using environment varia - **METRICS_HOST**: Defines StatsD listening host. Defaults to `localhost`. - **METRICS_PORT**: Defines StatsD listening port. Defaults to `8125`. - **METRICS_PREFIX**: Defines StatsD metrics prefix for backend services. Defaults to `ds.`. -- **LETS_ENCRYPT_DOMAINS**: Defines LETS_ENCRYPT_DOMAINS. +- **LETS_ENCRYPT_DOMAIN**: Defines LETS_ENCRYPT_DOMAIN. - **LETS_ENCRYPT_MAIL**: Defines LETS_ENCRYPT_MAIL. ## Installing ONLYOFFICE Document Server integrated with Community and Mail Servers diff --git a/run-document-server.sh b/run-document-server.sh index dae1f7e..9cedc1c 100755 --- a/run-document-server.sh +++ b/run-document-server.sh @@ -49,7 +49,7 @@ JWT_SECRET=${JWT_SECRET:-secret} JWT_HEADER=${JWT_HEADER:-Authorization} JWT_IN_BODY=${JWT_IN_BODY:-false} -LETS_ENCRYPT_DOMAINS=${LETS_ENCRYPT_DOMAINS:-none} +LETS_ENCRYPT_DOMAIN=${LETS_ENCRYPT_DOMAIN:-none} LETS_ENCRYPT_MAIL=${LETS_ENCRYPT_MAIL:-none} if [[ ${PRODUCT_NAME} == "documentserver" ]]; then @@ -445,32 +445,32 @@ letsencrypt(){ LETSENCRYPT_ROOT_DIR="/etc/letsencrypt/live"; ROOT_DIR="/var/www/onlyoffice/Data/certs"; - _domains=""; + #_domains=""; - IFS=' ' read -ra args <<< "$LETS_ENCRYPT_DOMAINS" + #IFS=' ' read -ra args <<< "$LETS_ENCRYPT_DOMAIN" - for i in "${args[@]}" - do - _domains="$_domains -d $i" - done + #for i in "${args[@]}" + #do + # _domains="$_domains -d $i" + #done DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" mkdir -p ${ROOT_DIR} - echo certbot certonly --expand --webroot -w ${ROOT_DIR} --noninteractive --agree-tos --email $LETS_ENCRYPT_MAIL $_domains > /var/log/le-start.log + echo certbot certonly --expand --webroot -w ${ROOT_DIR} --noninteractive --agree-tos --email $LETS_ENCRYPT_MAIL -d $LETS_ENCRYPT_DOMAIN > /var/log/le-start.log - #certbot certonly --expand --webroot -w ${ROOT_DIR} --noninteractive --agree-tos --email $LETS_ENCRYPT_MAIL $_domains > /var/log/le-new.log + certbot certonly --expand --webroot -w ${ROOT_DIR} --noninteractive --agree-tos --email $LETS_ENCRYPT_MAIL -d $LETS_ENCRYPT_DOMAIN > /var/log/le-new.log - cp ${LETSENCRYPT_ROOT_DIR}/${args[0]}/fullchain.pem ${ROOT_DIR}/onlyoffice.crt - cp ${LETSENCRYPT_ROOT_DIR}/${args[0]}/privkey.pem ${ROOT_DIR}/onlyoffice.key - cp ${LETSENCRYPT_ROOT_DIR}/${args[0]}/chain.pem ${ROOT_DIR}/stapling.trusted.crt + cp ${LETSENCRYPT_ROOT_DIR}/${LETS_ENCRYPT_DOMAIN}/fullchain.pem ${ROOT_DIR}/onlyoffice.crt + cp ${LETSENCRYPT_ROOT_DIR}/${LETS_ENCRYPT_DOMAIN}/privkey.pem ${ROOT_DIR}/onlyoffice.key + cp ${LETSENCRYPT_ROOT_DIR}/${LETS_ENCRYPT_DOMAIN}/chain.pem ${ROOT_DIR}/stapling.trusted.crt cat > ${DIR}/letsencrypt_cron.sh <> /var/log/le-renew.log - cp ${LETSENCRYPT_ROOT_DIR}/${args[0]}/fullchain.pem ${ROOT_DIR}/onlyoffice.crt - cp ${LETSENCRYPT_ROOT_DIR}/${args[0]}/privkey.pem ${ROOT_DIR}/onlyoffice.key - cp ${LETSENCRYPT_ROOT_DIR}/${args[0]}/chain.pem ${ROOT_DIR}/stapling.trusted.crt + cp ${LETSENCRYPT_ROOT_DIR}/${LETS_ENCRYPT_DOMAIN}/fullchain.pem ${ROOT_DIR}/onlyoffice.crt + cp ${LETSENCRYPT_ROOT_DIR}/${LETS_ENCRYPT_DOMAIN}/privkey.pem ${ROOT_DIR}/onlyoffice.key + cp ${LETSENCRYPT_ROOT_DIR}/${LETS_ENCRYPT_DOMAIN}/chain.pem ${ROOT_DIR}/stapling.trusted.crt service nginx reload END @@ -578,7 +578,7 @@ if [ ${PG_NEW_CLUSTER} = "true" ]; then create_postgresql_tbl fi -modify_conf_templates +#modify_conf_templates if [ ${ONLYOFFICE_DATA_CONTAINER} != "true" ]; then waiting_for_db @@ -601,9 +601,10 @@ fi # it run in all cases. service nginx start -if [ ${LETS_ENCRYPT_DOMAINS} != "none" -a ${LETS_ENCRYPT_MAIL} != "none" ]; then +if [ ${LETS_ENCRYPT_DOMAIN} != "none" -a ${LETS_ENCRYPT_MAIL} != "none" ]; then if [ ! -f "${SSL_CERTIFICATE_PATH}" -a ! -f "${SSL_KEY_PATH}" ]; then - letsencrypt + #letsencrypt + documentserver-letsencrypt.sh ${LETS_ENCRYPT_MAIL} ${LETS_ENCRYPT_DOMAIN} update_nginx_settings service nginx restart fi