diff --git a/.github/workflows/4testing-build.yml b/.github/workflows/4testing-build.yml new file mode 100644 index 0000000..4343507 --- /dev/null +++ b/.github/workflows/4testing-build.yml @@ -0,0 +1,139 @@ +### This workflow setup instance then build and push images ### +name: 4testing multiarch-build + +on: + workflow_dispatch: + inputs: + build: + description: 'Build number (ex. 45)' + type: string + required: true + amd64: + type: boolean + description: 'Build AMD64' + default: true + arm64: + type: boolean + description: 'Build ARM64' + default: true + community: + type: boolean + description: 'Build Community Edition' + default: true + enterprise: + type: boolean + description: 'Build Enterprise Edition' + default: true + developer: + type: boolean + description: 'Build Developer Edition' + default: true + +env: + COMPANY_NAME: "onlyoffice" + PRODUCT_NAME: "documentserver" + +jobs: + prepare: + runs-on: ubuntu-latest + steps: + - id: matrix + run: | + set -ex + + BRANCH_NAME=${GITHUB_REF#refs/heads/} + if ! [[ $BRANCH_NAME == develop || $BRANCH_NAME =~ hotfix || $BRANCH_NAME =~ release ]]; then + echo "Wrong branch." + exit 1 + fi + + [ ${{ github.event.inputs.amd64 }} = true ] && PLATFORMS+=("amd64") + [ ${{ github.event.inputs.arm64 }} = true ] && PLATFORMS+=("arm64") + if [ -z ${PLATFORMS} ]; then + echo "None of the platforms are selected." + exit 1 + fi + + [ ${{ github.event.inputs.community }} = true ] && EDITIONS+=("community") + [ ${{ github.event.inputs.enterprise }} = true ] && EDITIONS+=("enterprise") + [ ${{ github.event.inputs.developer }} = true ] && EDITIONS+=("developer") + if [ -z ${EDITIONS} ]; then + echo "None of the editions are selected." + exit 1 + fi + echo "::set-output name=editions::$(jq -n -c --arg s "${EDITIONS[*]}" '($s|split(" "))')" + outputs: + editions: ${{ steps.matrix.outputs.editions }} + + build: + name: "Build ${{ matrix.image }}-${{ matrix.edition }}" + runs-on: ubuntu-latest + needs: prepare + strategy: + fail-fast: false + matrix: + image: ["documentserver"] + edition: ${{ fromJSON(needs.prepare.outputs.editions) }} + steps: + - name: Checkout code + uses: actions/checkout@v3 + + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + + - name: Set up Docker Buildx + id: buildx + uses: docker/setup-buildx-action@v2 + + - name: Login to Docker Hub + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKER_HUB_USERNAME }} + password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} + + - name: Build 4testing + run: | + set -eux + + ### ==>> At this step build variable declaration ### + + case ${{ matrix.edition }} in + community) + PRODUCT_EDITION="" + ;; + enterprise) + PRODUCT_EDITION="-ee" + ;; + developer) + PRODUCT_EDITION="-de" + ;; + esac + + [ ${{ github.event.inputs.amd64 }} = true ] && PLATFORMS+=("amd64") + [ ${{ github.event.inputs.arm64 }} = true ] && PLATFORMS+=("arm64") + PLATFORM=$(echo ${PLATFORMS[*]/#/linux/} | tr ' ' ',') + + BRANCH_NAME=${GITHUB_REF#refs/heads/} + if [ $BRANCH_NAME = develop ]; then + RELEASE_BRANCH=unstable + PRODUCT_VERSION=99.99.99 + elif [[ $BRANCH_NAME =~ hotfix || $BRANCH_NAME =~ release ]]; then + RELEASE_BRANCH=testing + PRODUCT_VERSION=${BRANCH_NAME#*/v} + fi + BUILD_NUMBER=${{ github.event.inputs.build }} + + export PRODUCT_EDITION + export PACKAGE_VERSION=${PRODUCT_VERSION}-${BUILD_NUMBER} + export PACKAGE_BASEURL=${{ secrets.REPO_BASEURL }}/${RELEASE_BRANCH}/ubuntu + export RELEASE_BRANCH + export PLATFORM + export DOCKERFILE=Dockerfile + export PREFIX_NAME=4testing- + export TAG=${PRODUCT_VERSION}.${BUILD_NUMBER} + + ### ==>> Build and push images at this step ### + + docker buildx bake -f docker-bake.hcl ${{ matrix.image }} --push + echo "DONE: Build success" + shell: bash diff --git a/.github/workflows/stable-build.yml b/.github/workflows/stable-build.yml new file mode 100644 index 0000000..0b6918e --- /dev/null +++ b/.github/workflows/stable-build.yml @@ -0,0 +1,94 @@ +### This workflow setup instance then build and push images ### +name: Multi-arch build stable + +on: + workflow_dispatch: + inputs: + tag: + description: 'Tag for release (ex. 1.2.3.45)' + type: string + required: true + +env: + COMPANY_NAME: "onlyoffice" + PRODUCT_NAME: "documentserver" + +jobs: + build: + name: "Release image: DocumentServer${{ matrix.edition }}" + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + images: ["documentserver-stable"] + edition: ["", "-ee", "-de"] + steps: + - name: Checkout code + uses: actions/checkout@v3 + + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + + - name: Login to Docker Hub + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKER_HUB_USERNAME }} + password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} + + - name: Build documentserver-release + run: | + set -eux + VERSION=${{ github.event.inputs.tag }} + PRODUCT_EDITION=${{ matrix.edition }} + TESTING_IMAGE=${COMPANY_NAME}/4testing-${PRODUCT_NAME}${PRODUCT_EDITION} + if docker manifest inspect ${TESTING_IMAGE}:${VERSION} > /dev/null; then + echo "Image present on docker.hub >> start build stable version" + export PRODUCT_EDITION + export TAG=${VERSION} + export SHORTER_TAG=${VERSION%.*} + export SHORTEST_TAG=${VERSION%.*.*} + docker buildx bake -f docker-bake.hcl ${{ matrix.images }} --push + echo "DONE: Build success >> exit with 0" + exit 0 + else + echo "FAILED: Image with tag ${VERSION} do not presented on docker.hub >> build will not started >> exit with 1" + exit 1 + fi + shell: bash + + build-nonexample: + name: "Release image: DocumentServer${{ matrix.edition }}-nonExample" + runs-on: ubuntu-latest + needs: [build] + if: always() + strategy: + fail-fast: false + matrix: + images: ["documentserver-nonexample"] + edition: ["", "-ee", "-de"] + steps: + - name: Checkout code + uses: actions/checkout@v3 + + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + + - name: Login to Docker Hub + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKER_HUB_USERNAME }} + password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} + + - name: build image + run: | + set -eux + export PRODUCT_EDITION=${{ matrix.edition }} + export TAG=${{ github.event.inputs.tag }} + docker buildx bake -f docker-bake.hcl ${{ matrix.images }} --push + shell: bash diff --git a/Dockerfile b/Dockerfile index 9a3149e..ad2634f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,7 @@ -FROM ubuntu:20.04 +FROM ubuntu:22.04 as documentserver LABEL maintainer Ascensio System SIA -ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 DEBIAN_FRONTEND=noninteractive PG_VERSION=12 +ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 DEBIAN_FRONTEND=noninteractive PG_VERSION=14 ARG ONLYOFFICE_VALUE=onlyoffice @@ -77,19 +77,24 @@ EXPOSE 80 443 ARG COMPANY_NAME=onlyoffice ARG PRODUCT_NAME=documentserver -ARG PACKAGE_URL="http://download.onlyoffice.com/install/documentserver/linux/${COMPANY_NAME}-${PRODUCT_NAME}_amd64.deb" +ARG PRODUCT_EDITION= +ARG PACKAGE_VERSION=0.0.0-0 +ARG TARGETARCH +ARG PACKAGE_BASEURL="http://download.onlyoffice.com/install/documentserver/linux" +ARG PACKAGE_FILE="${COMPANY_NAME}-${PRODUCT_NAME}${PRODUCT_EDITION}_${PACKAGE_VERSION}_${TARGETARCH}.deb" ENV COMPANY_NAME=$COMPANY_NAME \ - PRODUCT_NAME=$PRODUCT_NAME + PRODUCT_NAME=$PRODUCT_NAME \ + PRODUCT_EDITION=$PRODUCT_EDITION -RUN wget -q -P /tmp "$PACKAGE_URL" && \ +RUN wget -q -P /tmp "$PACKAGE_BASEURL/$PACKAGE_FILE" && \ apt-get -y update && \ service postgresql start && \ - apt-get -yq install /tmp/$(basename "$PACKAGE_URL") && \ + apt-get -yq install /tmp/$PACKAGE_FILE && \ service postgresql stop && \ service supervisor stop && \ chmod 755 /app/ds/*.sh && \ - rm -f /tmp/$(basename "$PACKAGE_URL") && \ + rm -f /tmp/$PACKAGE_FILE && \ rm -rf /var/log/$COMPANY_NAME && \ rm -rf /var/lib/apt/lists/* diff --git a/Makefile b/Makefile index f840a15..e255521 100644 --- a/Makefile +++ b/Makefile @@ -1,6 +1,7 @@ COMPANY_NAME ?= ONLYOFFICE GIT_BRANCH ?= develop PRODUCT_NAME ?= DocumentServer +PRODUCT_EDITION ?= PRODUCT_VERSION ?= 0.0.0 BUILD_NUMBER ?= 0 ONLYOFFICE_VALUE ?= onlyoffice @@ -11,9 +12,9 @@ COMPANY_NAME_LOW = $(shell echo $(COMPANY_NAME) | tr A-Z a-z) PRODUCT_NAME_LOW = $(shell echo $(PRODUCT_NAME) | tr A-Z a-z) COMPANY_NAME_LOW_ESCAPED = $(subst -,,$(COMPANY_NAME_LOW)) -PACKAGE_NAME := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME_LOW) +PACKAGE_NAME := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME_LOW)$(PRODUCT_EDITION) PACKAGE_VERSION := $(PRODUCT_VERSION)-$(BUILD_NUMBER) -PACKAGE_URL := http://$(S3_BUCKET).s3.amazonaws.com/$(COMPANY_NAME_LOW)/$(RELEASE_BRANCH)/ubuntu/$(PACKAGE_NAME)_$(PACKAGE_VERSION)_amd64.deb +PACKAGE_BASEURL := https://s3.eu-west-1.amazonaws.com/$(S3_BUCKET)/$(COMPANY_NAME_LOW)/$(RELEASE_BRANCH)/ubuntu ifeq ($(RELEASE_BRANCH),$(filter $(RELEASE_BRANCH),unstable testing)) DOCKER_TAG := $(subst -,.,$(PACKAGE_VERSION)) @@ -21,8 +22,8 @@ else DOCKER_TAG := $(subst -,.,$(PACKAGE_VERSION))-$(subst /,-,$(GIT_BRANCH)) endif -DOCKER_IMAGE := $(subst -,,$(COMPANY_NAME_LOW))/4testing-$(PRODUCT_NAME_LOW) -DOCKER_DUMMY := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME_LOW)__$(DOCKER_TAG).dummy +DOCKER_IMAGE := $(subst -,,$(COMPANY_NAME_LOW))/4testing-$(PRODUCT_NAME_LOW)$(PRODUCT_EDITION) +DOCKER_DUMMY := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME_LOW)$(PRODUCT_EDITION)__$(DOCKER_TAG).dummy DOCKER_ARCH := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME_LOW)_$(PACKAGE_VERSION).tar.gz DOCKER_ARCH_URI := $(COMPANY_NAME_LOW)/$(RELEASE_BRANCH)/docker/$(notdir $(DOCKER_ARCH)) @@ -31,9 +32,12 @@ DOCKER_ARCH_URI := $(COMPANY_NAME_LOW)/$(RELEASE_BRANCH)/docker/$(notdir $(DOCKE $(DOCKER_DUMMY): docker pull ubuntu:20.04 docker build \ - --build-arg PACKAGE_URL=$(PACKAGE_URL) \ --build-arg COMPANY_NAME=$(COMPANY_NAME_LOW) \ --build-arg PRODUCT_NAME=$(PRODUCT_NAME_LOW) \ + --build-arg PRODUCT_EDITION=$(PRODUCT_EDITION) \ + --build-arg PACKAGE_VERSION=$(PACKAGE_VERSION) \ + --build-arg PACKAGE_BASEURL=$(PACKAGE_BASEURL) \ + --build-arg TARGETARCH=amd64 \ --build-arg ONLYOFFICE_VALUE=$(ONLYOFFICE_VALUE) \ -t $(DOCKER_IMAGE):$(DOCKER_TAG) . && \ mkdir -p $$(dirname $@) && \ diff --git a/README.md b/README.md index 18fb96e..5020dfd 100644 --- a/README.md +++ b/README.md @@ -185,8 +185,10 @@ Below is the complete list of parameters that can be set using environment varia - **AMQP_TYPE**: The message broker type. Supported values are `rabbitmq` or `activemq`. Defaults to `rabbitmq`. - **REDIS_SERVER_HOST**: The IP address or the name of the host where the Redis server is running. - **REDIS_SERVER_PORT**: The Redis server port number. +- **REDIS_SERVER_PASS**: The Redis server password. The password is not set by default. - **NGINX_WORKER_PROCESSES**: Defines the number of nginx worker processes. - **NGINX_WORKER_CONNECTIONS**: Sets the maximum number of simultaneous connections that can be opened by a nginx worker process. +- **SECURE_LINK_SECRET**: Defines secret for the nginx config directive [secure_link_md5](http://nginx.org/ru/docs/http/ngx_http_secure_link_module.html#secure_link_md5). Defaults to `random string`. - **JWT_ENABLED**: Specifies the enabling the JSON Web Token validation by the ONLYOFFICE Document Server. Defaults to `false`. - **JWT_SECRET**: Defines the secret key to validate the JSON Web Token in the request to the ONLYOFFICE Document Server. Defaults to `secret`. - **JWT_HEADER**: Defines the http header that will be used to send the JSON Web Token. Defaults to `Authorization`. diff --git a/docker-bake.hcl b/docker-bake.hcl new file mode 100644 index 0000000..b797d46 --- /dev/null +++ b/docker-bake.hcl @@ -0,0 +1,99 @@ +variable "TAG" { + default = "" +} + +variable "SHORTER_TAG" { + default = "" +} + +variable "SHORTEST_TAG" { + default = "" +} + +variable "COMPANY_NAME" { + default = "" +} + +variable "PREFIX_NAME" { + default = "" +} + +variable "PRODUCT_EDITION" { + default = "" +} + +variable "PRODUCT_NAME" { + default = "" +} + +variable "PACKAGE_VERSION" { + default = "" +} + +variable "DOCKERFILE" { + default = "" +} + +variable "PLATFORM" { + default = "" +} + +variable "PACKAGE_BASEURL" { + default = "" +} + +variable "PACKAGE_FILE" { + default = "" +} + +variable "RELEASE_BRANCH" { + default = "" +} + +target "documentserver" { + target = "documentserver" + dockerfile = "${DOCKERFILE}" + tags = [ + "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}", + equal("testing",RELEASE_BRANCH) ? "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:latest": "", + ] + platforms = ["${PLATFORM}"] + args = { + "COMPANY_NAME": "${COMPANY_NAME}" + "PRODUCT_NAME": "${PRODUCT_NAME}" + "PRODUCT_EDITION": "${PRODUCT_EDITION}" + "PACKAGE_VERSION": "${PACKAGE_VERSION}" + "PACKAGE_BASEURL": "${PACKAGE_BASEURL}" + "PLATFORM": "${PLATFORM}" + } +} + +target "documentserver-stable" { + target = "documentserver-stable" + dockerfile = "production.dockerfile" + tags = ["docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}", + "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${SHORTER_TAG}", + "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${SHORTEST_TAG}", + "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:latest", + equal("-ee",PRODUCT_EDITION) ? "docker.io/${COMPANY_NAME}4enterprise/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}": "",] + platforms = ["linux/amd64", "linux/arm64"] + args = { + "TAG": "${TAG}" + "COMPANY_NAME": "${COMPANY_NAME}" + "PRODUCT_NAME": "${PRODUCT_NAME}" + "PRODUCT_EDITION": "${PRODUCT_EDITION}" + } +} + +target "documentserver-nonexample" { + target = "documentserver-nonexample" + dockerfile = "production.dockerfile" + tags = [ "docker.io/${COMPANY_NAME}/${PRODUCT_NAME}${PREFIX_NAME}${PRODUCT_EDITION}:${TAG}-nonexample" ] + platforms = ["linux/amd64", "linux/arm64"] + args = { + "TAG": "${TAG}" + "COMPANY_NAME": "${COMPANY_NAME}" + "PRODUCT_NAME": "${PRODUCT_NAME}" + "PRODUCT_EDITION": "${PRODUCT_EDITION}" + } +} diff --git a/production.dockerfile b/production.dockerfile new file mode 100644 index 0000000..3c7b3bd --- /dev/null +++ b/production.dockerfile @@ -0,0 +1,24 @@ +### Arguments avavlivable only for FROM instruction ### +ARG TAG=latest +ARG COMPANY_NAME=onlyoffice +ARG PRODUCT_EDITION= + +### Build main-release ### + +FROM ${COMPANY_NAME}/4testing-documentserver${PRODUCT_EDITION}:${TAG} as documentserver-stable + +### Build nonexample ### + +FROM ${COMPANY_NAME}/documentserver${PRODUCT_EDITION}:${TAG} as documentserver-nonexample + +ARG COMPANY_NAME=onlyoffice +ARG PRODUCT_NAME=documentserver +ARG DS_SUPERVISOR_CONF=/etc/supervisor/conf.d/ds.conf + +### Remove all documentserver-example data ### + +RUN rm -rf /var/www/$COMPANY_NAME/$PRODUCT_NAME-example \ + && rm -rf /etc/$COMPANY_NAME/$PRODUCT_NAME-example \ + && rm -f $DS_SUPERVISOR_CONF \ + && rm -f /etc/nginx/includes/ds-example.conf \ + && ln -s /etc/$COMPANY_NAME/$PRODUCT_NAME/supervisor/ds.conf $DS_SUPERVISOR_CONF diff --git a/run-document-server.sh b/run-document-server.sh index d89f139..802ce31 100755 --- a/run-document-server.sh +++ b/run-document-server.sh @@ -1,5 +1,7 @@ #!/bin/bash +umask 0022 + function clean_exit { /usr/bin/documentserver-prepare4shutdown.sh } @@ -37,7 +39,14 @@ if [ "${RELEASE_DATE}" != "${PREV_RELEASE_DATE}" ]; then fi fi -SSL_CERTIFICATES_DIR="${DATA_DIR}/certs" +SSL_CERTIFICATES_DIR="/usr/share/ca-certificates/ds" +mkdir -p ${SSL_CERTIFICATES_DIR} +if [[ -d ${DATA_DIR}/certs ]] && [ -e ${DATA_DIR}/certs/*.crt ]; then + cp -f ${DATA_DIR}/certs/* ${SSL_CERTIFICATES_DIR} + chmod 644 ${SSL_CERTIFICATES_DIR}/*.crt ${SSL_CERTIFICATES_DIR}/*.pem + chmod 400 ${SSL_CERTIFICATES_DIR}/*.key +fi + if [[ -z $SSL_CERTIFICATE_PATH ]] && [[ -f ${SSL_CERTIFICATES_DIR}/${COMPANY_NAME}.crt ]]; then SSL_CERTIFICATE_PATH=${SSL_CERTIFICATES_DIR}/${COMPANY_NAME}.crt else @@ -66,7 +75,7 @@ NGINX_CONFIG_PATH="/etc/nginx/nginx.conf" NGINX_WORKER_PROCESSES=${NGINX_WORKER_PROCESSES:-1} NGINX_WORKER_CONNECTIONS=${NGINX_WORKER_CONNECTIONS:-$(ulimit -n)} -JWT_ENABLED=${JWT_ENABLED:-false} +JWT_ENABLED=${JWT_ENABLED:-true} # validate user's vars before usinig in json if [ "${JWT_ENABLED}" == "true" ]; then @@ -75,7 +84,9 @@ else JWT_ENABLED="false" fi -JWT_SECRET=${JWT_SECRET:-secret} +[ -z $JWT_SECRET ] && JWT_MESSAGE='JWT is enabled by default. A random secret is generated automatically. Run the command "docker exec $(sudo docker ps -q) sudo documentserver-jwt-status.sh" to get information about JWT.' + +JWT_SECRET=${JWT_SECRET:-$(pwgen -s 20)} JWT_HEADER=${JWT_HEADER:-Authorization} JWT_IN_BODY=${JWT_IN_BODY:-false} @@ -83,7 +94,7 @@ WOPI_ENABLED=${WOPI_ENABLED:-false} GENERATE_FONTS=${GENERATE_FONTS:-true} -if [[ ${PRODUCT_NAME} == "documentserver" ]]; then +if [[ ${PRODUCT_NAME}${PRODUCT_EDITION} == "documentserver" ]]; then REDIS_ENABLED=false else REDIS_ENABLED=true @@ -295,6 +306,11 @@ update_redis_settings(){ ${JSON} -I -e "if(this.services.CoAuthoring.redis===undefined)this.services.CoAuthoring.redis={};" ${JSON} -I -e "this.services.CoAuthoring.redis.host = '${REDIS_SERVER_HOST}'" ${JSON} -I -e "this.services.CoAuthoring.redis.port = '${REDIS_SERVER_PORT}'" + + if [ -n "${REDIS_SERVER_PASS}" ]; then + ${JSON} -I -e "this.services.CoAuthoring.redis.options = {'password':'${REDIS_SERVER_PASS}'}" + fi + } update_ds_settings(){ @@ -410,12 +426,15 @@ update_welcome_page() { WELCOME_PAGE="${APP_DIR}-example/welcome/docker.html" if [[ -e $WELCOME_PAGE ]]; then DOCKER_CONTAINER_ID=$(basename $(cat /proc/1/cpuset)) + (( ${#DOCKER_CONTAINER_ID} < 12 )) && DOCKER_CONTAINER_ID=$(hostname) if (( ${#DOCKER_CONTAINER_ID} >= 12 )); then if [[ -x $(command -v docker) ]]; then DOCKER_CONTAINER_NAME=$(docker inspect --format="{{.Name}}" $DOCKER_CONTAINER_ID) sed 's/$(sudo docker ps -q)/'"${DOCKER_CONTAINER_NAME#/}"'/' -i $WELCOME_PAGE + JWT_MESSAGE=$(echo $JWT_MESSAGE | sed 's/$(sudo docker ps -q)/'"${DOCKER_CONTAINER_NAME#/}"'/') else sed 's/$(sudo docker ps -q)/'"${DOCKER_CONTAINER_ID::12}"'/' -i $WELCOME_PAGE + JWT_MESSAGE=$(echo $JWT_MESSAGE | sed 's/$(sudo docker ps -q)/'"${DOCKER_CONTAINER_ID::12}"'/') fi fi fi @@ -468,6 +487,8 @@ update_nginx_settings(){ if [ -f "${NGINX_ONLYOFFICE_EXAMPLE_CONF}" ]; then sed 's/linux/docker/' -i ${NGINX_ONLYOFFICE_EXAMPLE_CONF} fi + + documentserver-update-securelink.sh -s ${SECURE_LINK_SECRET:-$(pwgen -s 20)} -r false } update_supervisor_settings(){ @@ -503,7 +524,7 @@ for i in ${DS_LIB_DIR}/App_Data/cache/files ${DS_LIB_DIR}/App_Data/docbuilder ${ done # change folder rights -for i in ${LOG_DIR} ${LIB_DIR} ${DATA_DIR}; do +for i in ${LOG_DIR} ${LIB_DIR}; do chown -R ds:ds "$i" chmod -R 755 "$i" done @@ -587,6 +608,8 @@ else update_welcome_page fi +find /etc/${COMPANY_NAME} -exec chown ds:ds {} \; + #start needed local services for i in ${LOCAL_SERVICES[@]}; do service $i start @@ -635,5 +658,7 @@ if [ "${GENERATE_FONTS}" == "true" ]; then fi documentserver-static-gzip.sh ${ONLYOFFICE_DATA_CONTAINER} +echo "${JWT_MESSAGE}" + tail -f /var/log/${COMPANY_NAME}/**/*.log & wait $!