Merge pull request #463 from ONLYOFFICE/release/v7.2.0
Mergre release/v7.2.0 into develop
This commit is contained in:
commit
73ec78a7da
75
.github/workflows/4testing-build.yml
vendored
Normal file
75
.github/workflows/4testing-build.yml
vendored
Normal file
|
@ -0,0 +1,75 @@
|
|||
### This workflow setup instance then build and push images ###
|
||||
name: 4testing multiarch-build
|
||||
|
||||
on:
|
||||
push:
|
||||
tags:
|
||||
- "v*"
|
||||
- "!v*-stable"
|
||||
|
||||
env:
|
||||
COMPANY_NAME: "onlyoffice"
|
||||
PRODUCT_NAME: "documentserver"
|
||||
|
||||
jobs:
|
||||
build:
|
||||
name: Build
|
||||
runs-on: ubuntu-latest
|
||||
continue-on-error: ${{ matrix.condition }}
|
||||
strategy:
|
||||
matrix:
|
||||
images: ["documentserver"]
|
||||
edition: ["", "-ee", "-de"]
|
||||
condition: [true]
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@v2
|
||||
|
||||
- name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v2
|
||||
|
||||
- name: Login to Docker Hub
|
||||
uses: docker/login-action@v1
|
||||
with:
|
||||
username: ${{ secrets.DOCKER_HUB_USERNAME }}
|
||||
password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
|
||||
|
||||
- name: Get Tag Name
|
||||
id: tag_name
|
||||
run: |
|
||||
echo ::set-output name=SOURCE_TAG::${GITHUB_REF#refs/tags/}
|
||||
|
||||
- name: Build 4testing
|
||||
run: |
|
||||
DOCKER_TAG=$(echo ${{ steps.tag_name.outputs.SOURCE_TAG }} | sed 's/^.//' )
|
||||
PACKAGE_VERSION=$(echo $DOCKER_TAG | sed 's/\./-/3')
|
||||
PACKAGE_URL=${{ secrets.REPO_URL }}${{ matrix.edition }}_"$PACKAGE_VERSION"_amd64.deb
|
||||
STATUS=$(curl -s -o /dev/null -w "%{http_code}\n" "$PACKAGE_URL")
|
||||
if [[ "$STATUS" = "200" ]]; then
|
||||
echo "Have access to documentserver${{ matrix.edition }} amd64 arch >> check arm64 access"
|
||||
else
|
||||
echo "FAILED: Have no access to documentserver${{ matrix.edition }} amd64 arch"
|
||||
exit 1
|
||||
fi
|
||||
PACKAGE_URL=${{ secrets.REPO_URL }}${{ matrix.edition }}_"$PACKAGE_VERSION"_arm64.deb
|
||||
STATUS=$(curl -s -o /dev/null -w "%{http_code}\n" "$PACKAGE_URL")
|
||||
if [[ "$STATUS" = "200" ]]; then
|
||||
echo "Have access to documentserver${{ matrix.edition }} arm64 arch"
|
||||
echo "All architecture are available >> build is starting."
|
||||
sed -i "s|http://download.onlyoffice.com/install/documentserver/linux/\${COMPANY_NAME}-\${PRODUCT_NAME}\${PRODUCT_EDITION}|${{ secrets.REPO_URL }}${{ matrix.edition }}_$PACKAGE_VERSION|g" Dockerfile
|
||||
PRODUCT_EDITION=${{ matrix.edition }} COMPANY_NAME=${{ env.COMPANY_NAME }} \
|
||||
PRODUCT_NAME=${{ env.PRODUCT_NAME }} DOCKERFILE=Dockerfile \
|
||||
PREFIX_NAME=4testing- TAG=$DOCKER_TAG \
|
||||
docker buildx bake \
|
||||
-f docker-bake.hcl ${{ matrix.images }} \
|
||||
--push
|
||||
echo "DONE: Build success >> exit with 0"
|
||||
exit 0
|
||||
else
|
||||
echo "FAILED: Have no access to some required architecture documentserver${{ matrix.edition }} >> Exit with 0."
|
||||
exit 1
|
||||
fi
|
||||
shell: bash
|
67
.github/workflows/stable-build.yml
vendored
Normal file
67
.github/workflows/stable-build.yml
vendored
Normal file
|
@ -0,0 +1,67 @@
|
|||
### This workflow setup instance then build and push images ###
|
||||
name: Multi-arch build stable
|
||||
|
||||
on:
|
||||
push:
|
||||
tags:
|
||||
- "v*-stable"
|
||||
|
||||
env:
|
||||
COMPANY_NAME: "onlyoffice"
|
||||
PRODUCT_NAME: "documentserver"
|
||||
|
||||
jobs:
|
||||
build:
|
||||
name: Build
|
||||
runs-on: ubuntu-latest
|
||||
continue-on-error: ${{ matrix.condition }}
|
||||
strategy:
|
||||
matrix:
|
||||
images: ["documentserver-stable"]
|
||||
edition: ["", "-ee", "-de"]
|
||||
condition: [true]
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@v2
|
||||
|
||||
- name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v2
|
||||
|
||||
- name: Login to Docker Hub
|
||||
uses: docker/login-action@v1
|
||||
with:
|
||||
username: ${{ secrets.DOCKER_HUB_USERNAME }}
|
||||
password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
|
||||
|
||||
- name: Get Tag Name
|
||||
id: tag_name
|
||||
run: |
|
||||
echo ::set-output name=SOURCE_TAG::${GITHUB_REF#refs/tags/}
|
||||
|
||||
- name: Build documentserver-release
|
||||
run: |
|
||||
TAG=$(echo ${{ steps.tag_name.outputs.SOURCE_TAG }} | sed 's/^.//; s/-stable//')
|
||||
SHORTER_TAG=$(echo ${TAG} | grep -o -P '^[\d]+\.[\d]+\.[\d]+')
|
||||
SHORTEST_TAG=$(echo ${TAG} | grep -o -P '^[\d]+\.[\d]+')
|
||||
IMAGE_STATUS=$(docker manifest inspect ${{ env.COMPANY_NAME }}/4testing-${{ env.PRODUCT_NAME }}${{ matrix.edition }}:$TAG > /dev/null ; echo $?)
|
||||
if [[ "$IMAGE_STATUS" = "0" ]]; then
|
||||
echo "Image present on docker.hub >> start build stable version"
|
||||
echo "FROM ${{ env.COMPANY_NAME }}/4testing-${{ env.PRODUCT_NAME }}${{ matrix.edition }}:$TAG as ${{ env.PRODUCT_NAME }}-stable" >> Dockerfile.stable
|
||||
PRODUCT_EDITION=${{ matrix.edition }} PRODUCT_NAME=${{ env.PRODUCT_NAME }} \
|
||||
COMPANY_NAME=${{ env.COMPANY_NAME}} DOCKERFILE=Dockerfile.stable \
|
||||
TAG=$TAG \
|
||||
SHORTER_TAG=$SHORTER_TAG \
|
||||
SHORTEST_TAG=$SHORTEST_TAG \
|
||||
docker buildx bake \
|
||||
-f docker-bake.hcl ${{ matrix.images }} \
|
||||
--push
|
||||
echo "DONE: Build success >> exit with 0"
|
||||
exit 0
|
||||
else
|
||||
echo "FAILED: Image with tag $TAG do not presented on docker.hub >> build will not started >> exit with 1"
|
||||
exit 1
|
||||
fi
|
||||
shell: bash
|
11
Dockerfile
11
Dockerfile
|
@ -1,7 +1,7 @@
|
|||
FROM ubuntu:20.04
|
||||
FROM ubuntu:22.04 as documentserver
|
||||
LABEL maintainer Ascensio System SIA <support@onlyoffice.com>
|
||||
|
||||
ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 DEBIAN_FRONTEND=noninteractive PG_VERSION=12
|
||||
ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 DEBIAN_FRONTEND=noninteractive PG_VERSION=14
|
||||
|
||||
ARG ONLYOFFICE_VALUE=onlyoffice
|
||||
|
||||
|
@ -71,12 +71,15 @@ COPY run-document-server.sh /app/ds/run-document-server.sh
|
|||
|
||||
EXPOSE 80 443
|
||||
|
||||
ARG TARGETARCH
|
||||
ARG PRODUCT_EDITION=
|
||||
ARG COMPANY_NAME=onlyoffice
|
||||
ARG PRODUCT_NAME=documentserver
|
||||
ARG PACKAGE_URL="http://download.onlyoffice.com/install/documentserver/linux/${COMPANY_NAME}-${PRODUCT_NAME}_amd64.deb"
|
||||
ARG PACKAGE_URL="http://download.onlyoffice.com/install/documentserver/linux/${COMPANY_NAME}-${PRODUCT_NAME}${PRODUCT_EDITION}_$TARGETARCH.deb"
|
||||
|
||||
ENV COMPANY_NAME=$COMPANY_NAME \
|
||||
PRODUCT_NAME=$PRODUCT_NAME
|
||||
PRODUCT_NAME=$PRODUCT_NAME \
|
||||
PRODUCT_EDITION=$PRODUCT_EDITION
|
||||
|
||||
RUN wget -q -P /tmp "$PACKAGE_URL" && \
|
||||
apt-get -y update && \
|
||||
|
|
|
@ -187,6 +187,7 @@ Below is the complete list of parameters that can be set using environment varia
|
|||
- **REDIS_SERVER_PORT**: The Redis server port number.
|
||||
- **NGINX_WORKER_PROCESSES**: Defines the number of nginx worker processes.
|
||||
- **NGINX_WORKER_CONNECTIONS**: Sets the maximum number of simultaneous connections that can be opened by a nginx worker process.
|
||||
- **SECURE_LINK_SECRET**: Defines secret for the nginx config directive [secure_link_md5](http://nginx.org/ru/docs/http/ngx_http_secure_link_module.html#secure_link_md5). Defaults to `random string`.
|
||||
- **JWT_ENABLED**: Specifies the enabling the JSON Web Token validation by the ONLYOFFICE Document Server. Defaults to `false`.
|
||||
- **JWT_SECRET**: Defines the secret key to validate the JSON Web Token in the request to the ONLYOFFICE Document Server. Defaults to `secret`.
|
||||
- **JWT_HEADER**: Defines the http header that will be used to send the JSON Web Token. Defaults to `Authorization`.
|
||||
|
|
58
docker-bake.hcl
Normal file
58
docker-bake.hcl
Normal file
|
@ -0,0 +1,58 @@
|
|||
variable "TAG" {
|
||||
default = ""
|
||||
}
|
||||
|
||||
variable "SHORTER_TAG" {
|
||||
default = ""
|
||||
}
|
||||
|
||||
variable "SHORTEST_TAG" {
|
||||
default = ""
|
||||
}
|
||||
|
||||
variable "COMPANY_NAME" {
|
||||
default = ""
|
||||
}
|
||||
|
||||
variable "PREFIX_NAME" {
|
||||
default = ""
|
||||
}
|
||||
|
||||
variable "PRODUCT_EDITION" {
|
||||
default = ""
|
||||
}
|
||||
|
||||
variable "PRODUCT_NAME" {
|
||||
default = ""
|
||||
}
|
||||
|
||||
variable "DOCKERFILE" {
|
||||
default = ""
|
||||
}
|
||||
|
||||
target "documentserver" {
|
||||
target = "documentserver"
|
||||
dockerfile= "${DOCKERFILE}"
|
||||
tags = ["docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}"]
|
||||
platforms = ["linux/amd64", "linux/arm64"]
|
||||
args = {
|
||||
"PRODUCT_EDITION": "${PRODUCT_EDITION}"
|
||||
"PRODUCT_NAME": "${PRODUCT_NAME}"
|
||||
"COMPANY_NAME": "${COMPANY_NAME}"
|
||||
}
|
||||
}
|
||||
|
||||
target "documentserver-stable" {
|
||||
target = "documentserver-stable"
|
||||
dockerfile= "${DOCKERFILE}"
|
||||
tags = ["docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}",
|
||||
"docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${SHORTER_TAG}",
|
||||
"docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${SHORTEST_TAG}",
|
||||
"docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:latest"]
|
||||
platforms = ["linux/amd64", "linux/arm64"]
|
||||
args = {
|
||||
"PRODUCT_EDITION": "${PRODUCT_EDITION}"
|
||||
"PRODUCT_NAME": "${PRODUCT_NAME}"
|
||||
"COMPANY_NAME": "${COMPANY_NAME}"
|
||||
}
|
||||
}
|
|
@ -37,7 +37,12 @@ if [ "${RELEASE_DATE}" != "${PREV_RELEASE_DATE}" ]; then
|
|||
fi
|
||||
fi
|
||||
|
||||
SSL_CERTIFICATES_DIR="${DATA_DIR}/certs"
|
||||
SSL_CERTIFICATES_DIR="/usr/share/ca-certificates/ds"
|
||||
mkdir -p ${SSL_CERTIFICATES_DIR}
|
||||
cp -f ${DATA_DIR}/certs/* ${SSL_CERTIFICATES_DIR}
|
||||
chmod 644 ${SSL_CERTIFICATES_DIR}/*.crt ${SSL_CERTIFICATES_DIR}/*.pem
|
||||
chmod 400 ${SSL_CERTIFICATES_DIR}/*.key
|
||||
|
||||
if [[ -z $SSL_CERTIFICATE_PATH ]] && [[ -f ${SSL_CERTIFICATES_DIR}/${COMPANY_NAME}.crt ]]; then
|
||||
SSL_CERTIFICATE_PATH=${SSL_CERTIFICATES_DIR}/${COMPANY_NAME}.crt
|
||||
else
|
||||
|
@ -83,7 +88,7 @@ WOPI_ENABLED=${WOPI_ENABLED:-false}
|
|||
|
||||
GENERATE_FONTS=${GENERATE_FONTS:-true}
|
||||
|
||||
if [[ ${PRODUCT_NAME} == "documentserver" ]]; then
|
||||
if [[ ${PRODUCT_NAME}${PRODUCT_EDITION} == "documentserver" ]]; then
|
||||
REDIS_ENABLED=false
|
||||
else
|
||||
REDIS_ENABLED=true
|
||||
|
@ -468,6 +473,8 @@ update_nginx_settings(){
|
|||
if [ -f "${NGINX_ONLYOFFICE_EXAMPLE_CONF}" ]; then
|
||||
sed 's/linux/docker/' -i ${NGINX_ONLYOFFICE_EXAMPLE_CONF}
|
||||
fi
|
||||
|
||||
documentserver-update-securelink.sh -s ${SECURE_LINK_SECRET:-$(pwgen -s 20)} -r false
|
||||
}
|
||||
|
||||
update_supervisor_settings(){
|
||||
|
@ -503,7 +510,7 @@ for i in ${DS_LIB_DIR}/App_Data/cache/files ${DS_LIB_DIR}/App_Data/docbuilder ${
|
|||
done
|
||||
|
||||
# change folder rights
|
||||
for i in ${LOG_DIR} ${LIB_DIR} ${DATA_DIR}; do
|
||||
for i in ${LOG_DIR} ${LIB_DIR}; do
|
||||
chown -R ds:ds "$i"
|
||||
chmod -R 755 "$i"
|
||||
done
|
||||
|
|
Loading…
Reference in a new issue