Merge branch release/v6.1.0 into master

This commit is contained in:
papacarlo 2020-12-01 07:51:32 +00:00
commit 4cc63380f2
5 changed files with 52 additions and 21 deletions

View file

@ -1,7 +1,7 @@
FROM ubuntu:18.04 FROM ubuntu:20.04
LABEL maintainer Ascensio System SIA <support@onlyoffice.com> LABEL maintainer Ascensio System SIA <support@onlyoffice.com>
ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 DEBIAN_FRONTEND=noninteractive ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 DEBIAN_FRONTEND=noninteractive PG_VERSION=12
ARG ONLYOFFICE_VALUE=onlyoffice ARG ONLYOFFICE_VALUE=onlyoffice
@ -10,17 +10,20 @@ RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \
apt-get -yq install wget apt-transport-https gnupg locales && \ apt-get -yq install wget apt-transport-https gnupg locales && \
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 0x8320ca65cb2de8e5 && \ apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 0x8320ca65cb2de8e5 && \
locale-gen en_US.UTF-8 && \ locale-gen en_US.UTF-8 && \
echo ttf-mscorefonts-installer msttcorefonts/accepted-mscorefonts-eula select true | debconf-set-selections && \
apt-get -yq install \ apt-get -yq install \
adduser \ adduser \
apt-utils \ apt-utils \
bomstrip \ bomstrip \
certbot \
curl \
gconf-service \
htop \ htop \
libasound2 \ libasound2 \
libboost-regex-dev \ libboost-regex-dev \
libcairo2 \ libcairo2 \
libcurl3 \
libcurl3-gnutls \ libcurl3-gnutls \
libgconf2-4 \ libcurl4 \
libgtk-3-0 \ libgtk-3-0 \
libnspr4 \ libnspr4 \
libnss3 \ libnss3 \
@ -41,12 +44,15 @@ RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \
software-properties-common \ software-properties-common \
sudo \ sudo \
supervisor \ supervisor \
ttf-mscorefonts-installer \
xvfb \ xvfb \
zlib1g && \ zlib1g && \
if [ $(ls -l /usr/share/fonts/truetype/msttcorefonts | wc -l) -ne 61 ]; \
then echo 'msttcorefonts failed to download'; exit 1; fi && \
echo "SERVER_ADDITIONAL_ERL_ARGS=\"+S 1:1\"" | tee -a /etc/rabbitmq/rabbitmq-env.conf && \ echo "SERVER_ADDITIONAL_ERL_ARGS=\"+S 1:1\"" | tee -a /etc/rabbitmq/rabbitmq-env.conf && \
sed -i "s/bind .*/bind 127.0.0.1/g" /etc/redis/redis.conf && \ sed -i "s/bind .*/bind 127.0.0.1/g" /etc/redis/redis.conf && \
sed 's|\(application\/zip.*\)|\1\n application\/wasm wasm;|' -i /etc/nginx/mime.types && \ sed 's|\(application\/zip.*\)|\1\n application\/wasm wasm;|' -i /etc/nginx/mime.types && \
pg_conftool 10 main set listen_addresses 'localhost' && \ pg_conftool $PG_VERSION main set listen_addresses 'localhost' && \
service postgresql restart && \ service postgresql restart && \
sudo -u postgres psql -c "CREATE DATABASE $ONLYOFFICE_VALUE;" && \ sudo -u postgres psql -c "CREATE DATABASE $ONLYOFFICE_VALUE;" && \
sudo -u postgres psql -c "CREATE USER $ONLYOFFICE_VALUE WITH password '$ONLYOFFICE_VALUE';" && \ sudo -u postgres psql -c "CREATE USER $ONLYOFFICE_VALUE WITH password '$ONLYOFFICE_VALUE';" && \
@ -82,4 +88,4 @@ RUN echo "$REPO_URL" | tee /etc/apt/sources.list.d/ds.list && \
VOLUME /var/log/$COMPANY_NAME /var/lib/$COMPANY_NAME /var/www/$COMPANY_NAME/Data /var/lib/postgresql /var/lib/rabbitmq /var/lib/redis /usr/share/fonts/truetype/custom VOLUME /var/log/$COMPANY_NAME /var/lib/$COMPANY_NAME /var/www/$COMPANY_NAME/Data /var/lib/postgresql /var/lib/rabbitmq /var/lib/redis /usr/share/fonts/truetype/custom
ENTRYPOINT /app/ds/run-document-server.sh ENTRYPOINT ["/app/ds/run-document-server.sh"]

View file

@ -103,7 +103,14 @@ So you need to create and install the following files:
/app/onlyoffice/DocumentServer/data/certs/tls.key /app/onlyoffice/DocumentServer/data/certs/tls.key
/app/onlyoffice/DocumentServer/data/certs/tls.crt /app/onlyoffice/DocumentServer/data/certs/tls.crt
When using CA certified certificates, these files are provided to you by the CA. When using self-signed certificates you need to generate these files yourself. Skip the following section if you have CA certified SSL certificates (e.g. [Let's Encrypt](https://letsencrypt.org)). When using CA certified certificates (e.g [Let's encrypt](https://letsencrypt.org)), these files are provided to you by the CA. If you are using self-signed certificates you need to generate these files [yourself](#generation-of-self-signed-certificates).
#### Using the automatically generated Let's Encrypt SSL Certificates
sudo docker run -i -t -d -p 443:443 \
-e LETS_ENCRYPT_DOMAIN=your_domain -e LETS_ENCRYPT_MAIL=your_mail onlyoffice/documentserver
If you want to get and extend Let's Encrypt SSL Certificates automatically just set LETS_ENCRYPT_DOMAIN and LETS_ENCRYPT_MAIL variables.
#### Generation of Self Signed Certificates #### Generation of Self Signed Certificates
@ -185,10 +192,13 @@ Below is the complete list of parameters that can be set using environment varia
- **JWT_HEADER**: Defines the http header that will be used to send the JSON Web Token. Defaults to `Authorization`. - **JWT_HEADER**: Defines the http header that will be used to send the JSON Web Token. Defaults to `Authorization`.
- **JWT_IN_BODY**: Specifies the enabling the token validation in the request body to the ONLYOFFICE Document Server. Defaults to `false`. - **JWT_IN_BODY**: Specifies the enabling the token validation in the request body to the ONLYOFFICE Document Server. Defaults to `false`.
- **USE_UNAUTHORIZED_STORAGE**: Set to `true`if using selfsigned certificates for your storage server e.g. Nextcloud. Defaults to `false` - **USE_UNAUTHORIZED_STORAGE**: Set to `true`if using selfsigned certificates for your storage server e.g. Nextcloud. Defaults to `false`
- **GENERATE_FONTS**: When 'true' regenerates fonts list and the fonts thumbnails etc. at each start. Defaults to `true`
- **METRICS_ENABLED**: Specifies the enabling StatsD for ONLYOFFICE Document Server. Defaults to `false`. - **METRICS_ENABLED**: Specifies the enabling StatsD for ONLYOFFICE Document Server. Defaults to `false`.
- **METRICS_HOST**: Defines StatsD listening host. Defaults to `localhost`. - **METRICS_HOST**: Defines StatsD listening host. Defaults to `localhost`.
- **METRICS_PORT**: Defines StatsD listening port. Defaults to `8125`. - **METRICS_PORT**: Defines StatsD listening port. Defaults to `8125`.
- **METRICS_PREFIX**: Defines StatsD metrics prefix for backend services. Defaults to `ds.`. - **METRICS_PREFIX**: Defines StatsD metrics prefix for backend services. Defaults to `ds.`.
- **LETS_ENCRYPT_DOMAIN**: Defines the domain for Let's Encrypt certificate.
- **LETS_ENCRYPT_MAIL**: Defines the domain administator mail address for Let's Encrypt certificate.
## Installing ONLYOFFICE Document Server integrated with Community and Mail Servers ## Installing ONLYOFFICE Document Server integrated with Community and Mail Servers

View file

@ -24,6 +24,7 @@ services:
- '443:443' - '443:443'
stdin_open: true stdin_open: true
restart: always restart: always
stop_grace_period: 60s
volumes: volumes:
- /var/www/onlyoffice/Data - /var/www/onlyoffice/Data
- /var/log/onlyoffice - /var/log/onlyoffice

View file

@ -1,5 +1,11 @@
#!/bin/bash #!/bin/bash
function clean_exit {
/usr/bin/documentserver-prepare4shutdown.sh
}
trap clean_exit SIGTERM
# Define '**' behavior explicitly # Define '**' behavior explicitly
shopt -s globstar shopt -s globstar
@ -49,6 +55,8 @@ JWT_SECRET=${JWT_SECRET:-secret}
JWT_HEADER=${JWT_HEADER:-Authorization} JWT_HEADER=${JWT_HEADER:-Authorization}
JWT_IN_BODY=${JWT_IN_BODY:-false} JWT_IN_BODY=${JWT_IN_BODY:-false}
GENERATE_FONTS=${GENERATE_FONTS:-true}
if [[ ${PRODUCT_NAME} == "documentserver" ]]; then if [[ ${PRODUCT_NAME} == "documentserver" ]]; then
REDIS_ENABLED=false REDIS_ENABLED=false
else else
@ -67,13 +75,18 @@ JSON_EXAMPLE="${JSON_BIN} -q -f ${ONLYOFFICE_EXAMPLE_CONFIG}"
LOCAL_SERVICES=() LOCAL_SERVICES=()
PG_ROOT=/var/lib/postgresql PG_ROOT=/var/lib/postgresql
PG_VERSION=10
PG_NAME=main PG_NAME=main
PGDATA=${PG_ROOT}/${PG_VERSION}/${PG_NAME} PGDATA=${PG_ROOT}/${PG_VERSION}/${PG_NAME}
PG_NEW_CLUSTER=false PG_NEW_CLUSTER=false
RABBITMQ_DATA=/var/lib/rabbitmq RABBITMQ_DATA=/var/lib/rabbitmq
REDIS_DATA=/var/lib/redis REDIS_DATA=/var/lib/redis
if [ "${LETS_ENCRYPT_DOMAIN}" != "" -a "${LETS_ENCRYPT_MAIL}" != "" ]; then
LETSENCRYPT_ROOT_DIR="/etc/letsencrypt/live"
SSL_CERTIFICATE_PATH=${LETSENCRYPT_ROOT_DIR}/${LETS_ENCRYPT_DOMAIN}/fullchain.pem
SSL_KEY_PATH=${LETSENCRYPT_ROOT_DIR}/${LETS_ENCRYPT_DOMAIN}/privkey.pem
fi
read_setting(){ read_setting(){
deprecated_var POSTGRESQL_SERVER_HOST DB_HOST deprecated_var POSTGRESQL_SERVER_HOST DB_HOST
deprecated_var POSTGRESQL_SERVER_PORT DB_PORT deprecated_var POSTGRESQL_SERVER_PORT DB_PORT
@ -315,20 +328,12 @@ create_db_tbl() {
} }
create_postgresql_tbl() { create_postgresql_tbl() {
CONNECTION_PARAMS="-h$DB_HOST -p$DB_PORT -U$DB_USER -w"
if [ -n "$DB_PWD" ]; then if [ -n "$DB_PWD" ]; then
export PGPASSWORD=$DB_PWD export PGPASSWORD=$DB_PWD
fi fi
PSQL="psql -q $CONNECTION_PARAMS" PSQL="psql -q -h$DB_HOST -p$DB_PORT -d$DB_NAME -U$DB_USER -w"
CREATEDB="createdb $CONNECTION_PARAMS" $PSQL -f "$APP_DIR/server/schema/postgresql/createdb.sql"
# Create db on remote server
if $PSQL -lt | cut -d\| -f 1 | grep -qw $DB_NAME | grep 0; then
$CREATEDB $DB_NAME
fi
$PSQL -d "$DB_NAME" -f "$APP_DIR/server/schema/postgresql/createdb.sql"
} }
create_mysql_tbl() { create_mysql_tbl() {
@ -536,8 +541,17 @@ fi
# it run in all cases. # it run in all cases.
service nginx start service nginx start
if [ "${LETS_ENCRYPT_DOMAIN}" != "" -a "${LETS_ENCRYPT_MAIL}" != "" ]; then
if [ ! -f "${SSL_CERTIFICATE_PATH}" -a ! -f "${SSL_KEY_PATH}" ]; then
documentserver-letsencrypt.sh ${LETS_ENCRYPT_MAIL} ${LETS_ENCRYPT_DOMAIN}
fi
fi
# Regenerate the fonts list and the fonts thumbnails # Regenerate the fonts list and the fonts thumbnails
documentserver-generate-allfonts.sh ${ONLYOFFICE_DATA_CONTAINER} if [ "${GENERATE_FONTS}" == "true" ]; then
documentserver-generate-allfonts.sh ${ONLYOFFICE_DATA_CONTAINER}
fi
documentserver-static-gzip.sh ${ONLYOFFICE_DATA_CONTAINER} documentserver-static-gzip.sh ${ONLYOFFICE_DATA_CONTAINER}
tail -f /var/log/${COMPANY_NAME}/**/*.log tail -f /var/log/${COMPANY_NAME}/**/*.log &
wait $!

View file

@ -36,7 +36,7 @@ fi
# Run test environment # Run test environment
docker-compose -p ds -f $config up -d docker-compose -p ds -f $config up -d
wakeup_timeout=30 wakeup_timeout=90
# Get documentserver healthcheck status # Get documentserver healthcheck status
echo "Wait for service wake up" echo "Wait for service wake up"