Merge branch release/v6.1.0 into master
This commit is contained in:
commit
4cc63380f2
18
Dockerfile
18
Dockerfile
|
@ -1,7 +1,7 @@
|
||||||
FROM ubuntu:18.04
|
FROM ubuntu:20.04
|
||||||
LABEL maintainer Ascensio System SIA <support@onlyoffice.com>
|
LABEL maintainer Ascensio System SIA <support@onlyoffice.com>
|
||||||
|
|
||||||
ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 DEBIAN_FRONTEND=noninteractive
|
ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 DEBIAN_FRONTEND=noninteractive PG_VERSION=12
|
||||||
|
|
||||||
ARG ONLYOFFICE_VALUE=onlyoffice
|
ARG ONLYOFFICE_VALUE=onlyoffice
|
||||||
|
|
||||||
|
@ -10,17 +10,20 @@ RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \
|
||||||
apt-get -yq install wget apt-transport-https gnupg locales && \
|
apt-get -yq install wget apt-transport-https gnupg locales && \
|
||||||
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 0x8320ca65cb2de8e5 && \
|
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 0x8320ca65cb2de8e5 && \
|
||||||
locale-gen en_US.UTF-8 && \
|
locale-gen en_US.UTF-8 && \
|
||||||
|
echo ttf-mscorefonts-installer msttcorefonts/accepted-mscorefonts-eula select true | debconf-set-selections && \
|
||||||
apt-get -yq install \
|
apt-get -yq install \
|
||||||
adduser \
|
adduser \
|
||||||
apt-utils \
|
apt-utils \
|
||||||
bomstrip \
|
bomstrip \
|
||||||
|
certbot \
|
||||||
|
curl \
|
||||||
|
gconf-service \
|
||||||
htop \
|
htop \
|
||||||
libasound2 \
|
libasound2 \
|
||||||
libboost-regex-dev \
|
libboost-regex-dev \
|
||||||
libcairo2 \
|
libcairo2 \
|
||||||
libcurl3 \
|
|
||||||
libcurl3-gnutls \
|
libcurl3-gnutls \
|
||||||
libgconf2-4 \
|
libcurl4 \
|
||||||
libgtk-3-0 \
|
libgtk-3-0 \
|
||||||
libnspr4 \
|
libnspr4 \
|
||||||
libnss3 \
|
libnss3 \
|
||||||
|
@ -41,12 +44,15 @@ RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \
|
||||||
software-properties-common \
|
software-properties-common \
|
||||||
sudo \
|
sudo \
|
||||||
supervisor \
|
supervisor \
|
||||||
|
ttf-mscorefonts-installer \
|
||||||
xvfb \
|
xvfb \
|
||||||
zlib1g && \
|
zlib1g && \
|
||||||
|
if [ $(ls -l /usr/share/fonts/truetype/msttcorefonts | wc -l) -ne 61 ]; \
|
||||||
|
then echo 'msttcorefonts failed to download'; exit 1; fi && \
|
||||||
echo "SERVER_ADDITIONAL_ERL_ARGS=\"+S 1:1\"" | tee -a /etc/rabbitmq/rabbitmq-env.conf && \
|
echo "SERVER_ADDITIONAL_ERL_ARGS=\"+S 1:1\"" | tee -a /etc/rabbitmq/rabbitmq-env.conf && \
|
||||||
sed -i "s/bind .*/bind 127.0.0.1/g" /etc/redis/redis.conf && \
|
sed -i "s/bind .*/bind 127.0.0.1/g" /etc/redis/redis.conf && \
|
||||||
sed 's|\(application\/zip.*\)|\1\n application\/wasm wasm;|' -i /etc/nginx/mime.types && \
|
sed 's|\(application\/zip.*\)|\1\n application\/wasm wasm;|' -i /etc/nginx/mime.types && \
|
||||||
pg_conftool 10 main set listen_addresses 'localhost' && \
|
pg_conftool $PG_VERSION main set listen_addresses 'localhost' && \
|
||||||
service postgresql restart && \
|
service postgresql restart && \
|
||||||
sudo -u postgres psql -c "CREATE DATABASE $ONLYOFFICE_VALUE;" && \
|
sudo -u postgres psql -c "CREATE DATABASE $ONLYOFFICE_VALUE;" && \
|
||||||
sudo -u postgres psql -c "CREATE USER $ONLYOFFICE_VALUE WITH password '$ONLYOFFICE_VALUE';" && \
|
sudo -u postgres psql -c "CREATE USER $ONLYOFFICE_VALUE WITH password '$ONLYOFFICE_VALUE';" && \
|
||||||
|
@ -82,4 +88,4 @@ RUN echo "$REPO_URL" | tee /etc/apt/sources.list.d/ds.list && \
|
||||||
|
|
||||||
VOLUME /var/log/$COMPANY_NAME /var/lib/$COMPANY_NAME /var/www/$COMPANY_NAME/Data /var/lib/postgresql /var/lib/rabbitmq /var/lib/redis /usr/share/fonts/truetype/custom
|
VOLUME /var/log/$COMPANY_NAME /var/lib/$COMPANY_NAME /var/www/$COMPANY_NAME/Data /var/lib/postgresql /var/lib/rabbitmq /var/lib/redis /usr/share/fonts/truetype/custom
|
||||||
|
|
||||||
ENTRYPOINT /app/ds/run-document-server.sh
|
ENTRYPOINT ["/app/ds/run-document-server.sh"]
|
||||||
|
|
12
README.md
12
README.md
|
@ -103,7 +103,14 @@ So you need to create and install the following files:
|
||||||
/app/onlyoffice/DocumentServer/data/certs/tls.key
|
/app/onlyoffice/DocumentServer/data/certs/tls.key
|
||||||
/app/onlyoffice/DocumentServer/data/certs/tls.crt
|
/app/onlyoffice/DocumentServer/data/certs/tls.crt
|
||||||
|
|
||||||
When using CA certified certificates, these files are provided to you by the CA. When using self-signed certificates you need to generate these files yourself. Skip the following section if you have CA certified SSL certificates (e.g. [Let's Encrypt](https://letsencrypt.org)).
|
When using CA certified certificates (e.g [Let's encrypt](https://letsencrypt.org)), these files are provided to you by the CA. If you are using self-signed certificates you need to generate these files [yourself](#generation-of-self-signed-certificates).
|
||||||
|
|
||||||
|
#### Using the automatically generated Let's Encrypt SSL Certificates
|
||||||
|
|
||||||
|
sudo docker run -i -t -d -p 443:443 \
|
||||||
|
-e LETS_ENCRYPT_DOMAIN=your_domain -e LETS_ENCRYPT_MAIL=your_mail onlyoffice/documentserver
|
||||||
|
|
||||||
|
If you want to get and extend Let's Encrypt SSL Certificates automatically just set LETS_ENCRYPT_DOMAIN and LETS_ENCRYPT_MAIL variables.
|
||||||
|
|
||||||
#### Generation of Self Signed Certificates
|
#### Generation of Self Signed Certificates
|
||||||
|
|
||||||
|
@ -185,10 +192,13 @@ Below is the complete list of parameters that can be set using environment varia
|
||||||
- **JWT_HEADER**: Defines the http header that will be used to send the JSON Web Token. Defaults to `Authorization`.
|
- **JWT_HEADER**: Defines the http header that will be used to send the JSON Web Token. Defaults to `Authorization`.
|
||||||
- **JWT_IN_BODY**: Specifies the enabling the token validation in the request body to the ONLYOFFICE Document Server. Defaults to `false`.
|
- **JWT_IN_BODY**: Specifies the enabling the token validation in the request body to the ONLYOFFICE Document Server. Defaults to `false`.
|
||||||
- **USE_UNAUTHORIZED_STORAGE**: Set to `true`if using selfsigned certificates for your storage server e.g. Nextcloud. Defaults to `false`
|
- **USE_UNAUTHORIZED_STORAGE**: Set to `true`if using selfsigned certificates for your storage server e.g. Nextcloud. Defaults to `false`
|
||||||
|
- **GENERATE_FONTS**: When 'true' regenerates fonts list and the fonts thumbnails etc. at each start. Defaults to `true`
|
||||||
- **METRICS_ENABLED**: Specifies the enabling StatsD for ONLYOFFICE Document Server. Defaults to `false`.
|
- **METRICS_ENABLED**: Specifies the enabling StatsD for ONLYOFFICE Document Server. Defaults to `false`.
|
||||||
- **METRICS_HOST**: Defines StatsD listening host. Defaults to `localhost`.
|
- **METRICS_HOST**: Defines StatsD listening host. Defaults to `localhost`.
|
||||||
- **METRICS_PORT**: Defines StatsD listening port. Defaults to `8125`.
|
- **METRICS_PORT**: Defines StatsD listening port. Defaults to `8125`.
|
||||||
- **METRICS_PREFIX**: Defines StatsD metrics prefix for backend services. Defaults to `ds.`.
|
- **METRICS_PREFIX**: Defines StatsD metrics prefix for backend services. Defaults to `ds.`.
|
||||||
|
- **LETS_ENCRYPT_DOMAIN**: Defines the domain for Let's Encrypt certificate.
|
||||||
|
- **LETS_ENCRYPT_MAIL**: Defines the domain administator mail address for Let's Encrypt certificate.
|
||||||
|
|
||||||
## Installing ONLYOFFICE Document Server integrated with Community and Mail Servers
|
## Installing ONLYOFFICE Document Server integrated with Community and Mail Servers
|
||||||
|
|
||||||
|
|
|
@ -24,6 +24,7 @@ services:
|
||||||
- '443:443'
|
- '443:443'
|
||||||
stdin_open: true
|
stdin_open: true
|
||||||
restart: always
|
restart: always
|
||||||
|
stop_grace_period: 60s
|
||||||
volumes:
|
volumes:
|
||||||
- /var/www/onlyoffice/Data
|
- /var/www/onlyoffice/Data
|
||||||
- /var/log/onlyoffice
|
- /var/log/onlyoffice
|
||||||
|
|
|
@ -1,5 +1,11 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
|
function clean_exit {
|
||||||
|
/usr/bin/documentserver-prepare4shutdown.sh
|
||||||
|
}
|
||||||
|
|
||||||
|
trap clean_exit SIGTERM
|
||||||
|
|
||||||
# Define '**' behavior explicitly
|
# Define '**' behavior explicitly
|
||||||
shopt -s globstar
|
shopt -s globstar
|
||||||
|
|
||||||
|
@ -49,6 +55,8 @@ JWT_SECRET=${JWT_SECRET:-secret}
|
||||||
JWT_HEADER=${JWT_HEADER:-Authorization}
|
JWT_HEADER=${JWT_HEADER:-Authorization}
|
||||||
JWT_IN_BODY=${JWT_IN_BODY:-false}
|
JWT_IN_BODY=${JWT_IN_BODY:-false}
|
||||||
|
|
||||||
|
GENERATE_FONTS=${GENERATE_FONTS:-true}
|
||||||
|
|
||||||
if [[ ${PRODUCT_NAME} == "documentserver" ]]; then
|
if [[ ${PRODUCT_NAME} == "documentserver" ]]; then
|
||||||
REDIS_ENABLED=false
|
REDIS_ENABLED=false
|
||||||
else
|
else
|
||||||
|
@ -67,13 +75,18 @@ JSON_EXAMPLE="${JSON_BIN} -q -f ${ONLYOFFICE_EXAMPLE_CONFIG}"
|
||||||
LOCAL_SERVICES=()
|
LOCAL_SERVICES=()
|
||||||
|
|
||||||
PG_ROOT=/var/lib/postgresql
|
PG_ROOT=/var/lib/postgresql
|
||||||
PG_VERSION=10
|
|
||||||
PG_NAME=main
|
PG_NAME=main
|
||||||
PGDATA=${PG_ROOT}/${PG_VERSION}/${PG_NAME}
|
PGDATA=${PG_ROOT}/${PG_VERSION}/${PG_NAME}
|
||||||
PG_NEW_CLUSTER=false
|
PG_NEW_CLUSTER=false
|
||||||
RABBITMQ_DATA=/var/lib/rabbitmq
|
RABBITMQ_DATA=/var/lib/rabbitmq
|
||||||
REDIS_DATA=/var/lib/redis
|
REDIS_DATA=/var/lib/redis
|
||||||
|
|
||||||
|
if [ "${LETS_ENCRYPT_DOMAIN}" != "" -a "${LETS_ENCRYPT_MAIL}" != "" ]; then
|
||||||
|
LETSENCRYPT_ROOT_DIR="/etc/letsencrypt/live"
|
||||||
|
SSL_CERTIFICATE_PATH=${LETSENCRYPT_ROOT_DIR}/${LETS_ENCRYPT_DOMAIN}/fullchain.pem
|
||||||
|
SSL_KEY_PATH=${LETSENCRYPT_ROOT_DIR}/${LETS_ENCRYPT_DOMAIN}/privkey.pem
|
||||||
|
fi
|
||||||
|
|
||||||
read_setting(){
|
read_setting(){
|
||||||
deprecated_var POSTGRESQL_SERVER_HOST DB_HOST
|
deprecated_var POSTGRESQL_SERVER_HOST DB_HOST
|
||||||
deprecated_var POSTGRESQL_SERVER_PORT DB_PORT
|
deprecated_var POSTGRESQL_SERVER_PORT DB_PORT
|
||||||
|
@ -315,20 +328,12 @@ create_db_tbl() {
|
||||||
}
|
}
|
||||||
|
|
||||||
create_postgresql_tbl() {
|
create_postgresql_tbl() {
|
||||||
CONNECTION_PARAMS="-h$DB_HOST -p$DB_PORT -U$DB_USER -w"
|
|
||||||
if [ -n "$DB_PWD" ]; then
|
if [ -n "$DB_PWD" ]; then
|
||||||
export PGPASSWORD=$DB_PWD
|
export PGPASSWORD=$DB_PWD
|
||||||
fi
|
fi
|
||||||
|
|
||||||
PSQL="psql -q $CONNECTION_PARAMS"
|
PSQL="psql -q -h$DB_HOST -p$DB_PORT -d$DB_NAME -U$DB_USER -w"
|
||||||
CREATEDB="createdb $CONNECTION_PARAMS"
|
$PSQL -f "$APP_DIR/server/schema/postgresql/createdb.sql"
|
||||||
|
|
||||||
# Create db on remote server
|
|
||||||
if $PSQL -lt | cut -d\| -f 1 | grep -qw $DB_NAME | grep 0; then
|
|
||||||
$CREATEDB $DB_NAME
|
|
||||||
fi
|
|
||||||
|
|
||||||
$PSQL -d "$DB_NAME" -f "$APP_DIR/server/schema/postgresql/createdb.sql"
|
|
||||||
}
|
}
|
||||||
|
|
||||||
create_mysql_tbl() {
|
create_mysql_tbl() {
|
||||||
|
@ -536,8 +541,17 @@ fi
|
||||||
# it run in all cases.
|
# it run in all cases.
|
||||||
service nginx start
|
service nginx start
|
||||||
|
|
||||||
|
if [ "${LETS_ENCRYPT_DOMAIN}" != "" -a "${LETS_ENCRYPT_MAIL}" != "" ]; then
|
||||||
|
if [ ! -f "${SSL_CERTIFICATE_PATH}" -a ! -f "${SSL_KEY_PATH}" ]; then
|
||||||
|
documentserver-letsencrypt.sh ${LETS_ENCRYPT_MAIL} ${LETS_ENCRYPT_DOMAIN}
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
# Regenerate the fonts list and the fonts thumbnails
|
# Regenerate the fonts list and the fonts thumbnails
|
||||||
documentserver-generate-allfonts.sh ${ONLYOFFICE_DATA_CONTAINER}
|
if [ "${GENERATE_FONTS}" == "true" ]; then
|
||||||
|
documentserver-generate-allfonts.sh ${ONLYOFFICE_DATA_CONTAINER}
|
||||||
|
fi
|
||||||
documentserver-static-gzip.sh ${ONLYOFFICE_DATA_CONTAINER}
|
documentserver-static-gzip.sh ${ONLYOFFICE_DATA_CONTAINER}
|
||||||
|
|
||||||
tail -f /var/log/${COMPANY_NAME}/**/*.log
|
tail -f /var/log/${COMPANY_NAME}/**/*.log &
|
||||||
|
wait $!
|
||||||
|
|
|
@ -36,7 +36,7 @@ fi
|
||||||
# Run test environment
|
# Run test environment
|
||||||
docker-compose -p ds -f $config up -d
|
docker-compose -p ds -f $config up -d
|
||||||
|
|
||||||
wakeup_timeout=30
|
wakeup_timeout=90
|
||||||
|
|
||||||
# Get documentserver healthcheck status
|
# Get documentserver healthcheck status
|
||||||
echo "Wait for service wake up"
|
echo "Wait for service wake up"
|
||||||
|
|
Loading…
Reference in a new issue