Compare commits

..

31 commits

Author SHA1 Message Date
Danil Titarenko 7fa2f598a1
Fix ucs build (#537)
* Fix ucs build

* Change rabbitmq version on lower

* Remove rabbimq version argument

* Rename variable
2022-12-20 14:54:23 +03:00
papacarlo 3fb3b2f3de Merge branch hotfix/v7.2.2 into master 2022-12-20 09:55:28 +00:00
Semyon Bezrukov e5f8e69d89
Fix package url (#551) 2022-12-01 15:53:43 +03:00
Danil Titarenko c7090252ff Add base image and postgresql version build arguments (#524)
(cherry picked from commit e1d7cfd5e8)
2022-10-31 19:00:18 +03:00
Danil Titarenko 730dd71ac5 Add ucs build on older image version (#531)
(cherry picked from commit 92dd2833d1)
2022-10-31 19:00:03 +03:00
Pavel Lobashov 1957d38907
Actualize state of JWT variables (#535) 2022-10-31 17:38:53 +03:00
Evgeniy Antonyuk cdc73fe379
Fix Bug 59481 - Fix errors when starting the container (#530)
* Update the rabbitmq version

* Fix incorrect replacement of worker_connections

* Limiting the maximum number of simultaneous connections due to possible memory shortage
2022-10-31 16:34:42 +03:00
Danil Titarenko e1d7cfd5e8
Add base image and postgresql version build arguments (#524) 2022-10-31 15:24:17 +03:00
Danil Titarenko 92dd2833d1
Add ucs build on older image version (#531) 2022-10-31 11:53:24 +03:00
Evgeniy Antonyuk d98eb758b5
Fix Bug 59483 - Fix port parsing from amqp_uri (#529)
* Fix port parsing from amqp_uri

* Correct regex for port parsing
2022-10-28 16:33:41 +03:00
papacarlo a3973583f8 Merge branch hotfix/v7.2.1 into master 2022-10-27 08:23:10 +00:00
Pavel Lobashov fcbbe2979f
Add note (#526) 2022-10-27 11:08:52 +03:00
Danil Titarenko 311db051fb
Disable non-example build (#525)
Co-authored-by: papacarlo <builder@onlyoffice.com>
2022-10-26 14:27:37 +03:00
papacarlo 46683cbc4e Merge branch hotfix/v7.2.1 into master 2022-10-20 13:12:18 +00:00
Semyon Bezrukov 1c72796657
Fix testing build tags (#512) 2022-10-13 15:50:39 +03:00
Danil Titarenko e32047ffcc
Fix bug #59310 / Fix users build (#508)
* Remove version for correct users build

* Assembly support without targetarch variable

* Remove targetarch variable

* Correcting a typo in a variable

* Small fix

Co-authored-by: Semyon Bezrukov <semen.bezrukov@onlyoffice.com>
2022-10-11 12:52:48 +03:00
papacarlo ad066be1c8 Merge branch release/v7.2.0 into master 2022-09-22 12:23:12 +00:00
Semyon Bezrukov 29bb07d2cb
Fix makefile docker image (#499) 2022-09-20 14:20:10 +03:00
Semyon Bezrukov 67fbd9d9c8
Fix makefile (#498) 2022-09-18 16:20:15 +03:00
Semyon Bezrukov bac88530c1
Refactoring testing build (#496)
* Fix dockerfile args

* Refactoring testing build action

* Secret repo baseurl

* Fix package version
2022-09-16 12:28:44 +03:00
Evgeniy Antonyuk b9bfa7b90c
fix Bug 58778 - Correct the display of container ID for 22.04 (#494) 2022-09-13 11:08:04 +03:00
Semyon Bezrukov 61a5a021cf
Refactoring stable build (#490)
* Refactoring stable build

* Build: setting up push 4enterprise images

* Cosmetic change

* Remove needless tag

* Rename dockerfile

* Small fix

* Rename dockerfile for nonexample

Co-authored-by: danilapog <danil.titarenko@onlyoffice.com>
2022-09-12 16:04:56 +03:00
Danil Titarenko 713a06e999
Add expected build arch (#489)
* Add fail status if build unexpected platforms

* Build: set exit code for action

* Build: Change expected platforms message
2022-09-08 15:56:49 +03:00
Roman Demidov e44acbebf7
Fix KylinOS start error (#471)
* Fix KylinOS start error

* Small changes

* Small changes
2022-08-31 12:13:30 +03:00
Danil Titarenko 3626f8cc6c
Build: Set job fail status if some build failed (#488) 2022-08-30 14:33:23 +03:00
Danil Titarenko 207bd5dac7
Add build Documentserver without example (#473)
* Add dockerfile for non-example build

* Create new symlink for supervisor config

* Add ARG for dynamic images specification

* Update action version

* Add build nonexample after stable build success

* Add targets for nonexample build

* Cosmetic changes

* Update FROM instruction

* Add default tag

* Remove needless welcome nginx location

* Change nonexample image tags

* Set correct nonexample image tag

* Change tag for nonexample image

* Change dockerfile name

* Rename dockerfile for release images

* Move stable build to dockerfile

* Refactoring bake file
2022-08-29 11:40:25 +03:00
Danil Titarenko 2379128240
fix build (#486) 2022-08-24 12:47:47 +03:00
Danil Titarenko 083ab2c6a6
Add latest tag for develop build (#484) 2022-08-24 11:14:59 +03:00
Evgeniy Antonyuk 34180710cf
Fix command to get container id (#483) 2022-08-22 20:56:45 +03:00
Evgeniy Antonyuk 8887cb7a26
Enable JWT by default and add a JWT status message (#482)
* Enable JWT by default and add a JWT status message

* Correct JWT message

* Add a condition for displaying a JWT message

* Minor correction

* Minor correction
2022-08-22 20:27:10 +03:00
papacarlo 558353ee99 Merge branch hotfix/v7.1.1 into master 2022-06-01 16:22:20 +00:00
9 changed files with 340 additions and 231 deletions

View file

@ -2,25 +2,78 @@
name: 4testing multiarch-build name: 4testing multiarch-build
on: on:
push: workflow_dispatch:
tags: inputs:
- "v*" build:
- "!v*-stable" description: 'Build number (ex. 45)'
type: string
required: true
amd64:
type: boolean
description: 'Build AMD64'
default: true
arm64:
type: boolean
description: 'Build ARM64'
default: true
community:
type: boolean
description: 'Build Community Edition'
default: true
enterprise:
type: boolean
description: 'Build Enterprise Edition'
default: true
developer:
type: boolean
description: 'Build Developer Edition'
default: true
env: env:
COMPANY_NAME: "onlyoffice" COMPANY_NAME: "onlyoffice"
PRODUCT_NAME: "documentserver" PRODUCT_NAME: "documentserver"
jobs: jobs:
build: prepare:
name: Build
runs-on: ubuntu-latest runs-on: ubuntu-latest
continue-on-error: ${{ matrix.condition }} steps:
- id: matrix
run: |
set -ex
BRANCH_NAME=${GITHUB_REF#refs/heads/}
if ! [[ $BRANCH_NAME == develop || $BRANCH_NAME =~ hotfix || $BRANCH_NAME =~ release ]]; then
echo "Wrong branch."
exit 1
fi
[ ${{ github.event.inputs.amd64 }} = true ] && PLATFORMS+=("amd64")
[ ${{ github.event.inputs.arm64 }} = true ] && PLATFORMS+=("arm64")
if [ -z ${PLATFORMS} ]; then
echo "None of the platforms are selected."
exit 1
fi
[ ${{ github.event.inputs.community }} = true ] && EDITIONS+=("community")
[ ${{ github.event.inputs.enterprise }} = true ] && EDITIONS+=("enterprise")
[ ${{ github.event.inputs.developer }} = true ] && EDITIONS+=("developer")
if [ -z ${EDITIONS} ]; then
echo "None of the editions are selected."
exit 1
fi
echo "::set-output name=editions::$(jq -n -c --arg s "${EDITIONS[*]}" '($s|split(" "))')"
outputs:
editions: ${{ steps.matrix.outputs.editions }}
build:
name: "Build ${{ matrix.image }}-${{ matrix.edition }}"
runs-on: ubuntu-latest
needs: prepare
strategy: strategy:
fail-fast: false
matrix: matrix:
images: ["documentserver"] image: ["documentserver"]
edition: ["", "-ee", "-de"] edition: ${{ fromJSON(needs.prepare.outputs.editions) }}
condition: [true]
steps: steps:
- name: Checkout code - name: Checkout code
uses: actions/checkout@v3 uses: actions/checkout@v3
@ -33,61 +86,54 @@ jobs:
uses: docker/setup-buildx-action@v2 uses: docker/setup-buildx-action@v2
- name: Login to Docker Hub - name: Login to Docker Hub
uses: docker/login-action@v1 uses: docker/login-action@v2
with: with:
username: ${{ secrets.DOCKER_HUB_USERNAME }} username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
- name: Get Tag Name
run: |
echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV
- name: Build 4testing - name: Build 4testing
run: | run: |
set -eux
### ==>> At this step build variable declaration ### ### ==>> At this step build variable declaration ###
DOCKER_TAG=$( echo ${{ env.RELEASE_VERSION }} | sed 's/^.//' )
PACKAGE_VERSION=$( echo $DOCKER_TAG | sed -E 's/(.*)\./\1-/' )
NODE_PLATFORMS=$( echo ${{ steps.buildx.outputs.platforms }} | sed 's/linux\///g' | sed 's/,/ /g' )
echo "Start check avalivable build platforms >>"
### ==>> In this loop we will check all avalivable documentserver architectures. After that all accessed arch will be added to build-platforms list. ### case ${{ matrix.edition }} in
for ARCH in ${NODE_PLATFORMS}; do community)
REPO_URL=${{ secrets.REPO_URL }} PRODUCT_EDITION=""
if [[ ${{ env.RELEASE_VERSION }} == v99.* ]]; then ;;
REPO_URL=${{ secrets.UNSTABLE_REPO_URL }} enterprise)
fi PRODUCT_EDITION="-ee"
PACKAGE_URL_CHECK=${REPO_URL}${{ matrix.edition }}_"$PACKAGE_VERSION"_${ARCH}.deb ;;
STATUS=$(curl -s -o /dev/null -w "%{http_code}\n" "${PACKAGE_URL_CHECK}") developer)
if [[ "$STATUS" = "200" ]]; then PRODUCT_EDITION="-de"
echo "✔ ${ARCH} is avalivable >> set like one of build platforms" ;;
PLATFORMS+=(linux/${ARCH},) esac
BUILD_PLATFORMS=$( echo ${PLATFORMS[@]} | sed 's/ //g' | sed 's/\(.*\),/\1/' )
else
echo "${ARCH} in not avalivable"
fi
done
PACKAGE_URL_BUILD=$( echo ${PACKAGE_URL_CHECK} | sed -e "s/${PACKAGE_VERSION}_.*.deb/${PACKAGE_VERSION}_TARGETARCH.deb/g" )
### ==>> At this step if there is no access to any platform and platform list is empty, build will exit with 1. ### [ ${{ github.event.inputs.amd64 }} = true ] && PLATFORMS+=("amd64")
if [[ -z ${BUILD_PLATFORMS} ]]; then [ ${{ github.event.inputs.arm64 }} = true ] && PLATFORMS+=("arm64")
echo "Have no access to any platform >> exit with 1" PLATFORM=$(echo ${PLATFORMS[*]/#/linux/} | tr ' ' ',')
exit 1
BRANCH_NAME=${GITHUB_REF#refs/heads/}
if [ $BRANCH_NAME = develop ]; then
RELEASE_BRANCH=unstable
PRODUCT_VERSION=99.99.99
elif [[ $BRANCH_NAME =~ hotfix || $BRANCH_NAME =~ release ]]; then
RELEASE_BRANCH=testing
PRODUCT_VERSION=${BRANCH_NAME#*/v}
fi fi
echo "DONE: Check passed >> Build for platforms: ${BUILD_PLATFORMS}" BUILD_NUMBER=${{ github.event.inputs.build }}
echo "Build is starting ... >>"
### ==>> Build and push images at this step ### export PRODUCT_EDITION
PRODUCT_EDITION=${{ matrix.edition }} \ export PACKAGE_VERSION=${PRODUCT_VERSION}-${BUILD_NUMBER}
PACKAGE_URL=$PACKAGE_URL_BUILD \ export PACKAGE_BASEURL=${{ secrets.REPO_BASEURL_OLD }}/${RELEASE_BRANCH}/ubuntu
PRODUCT_NAME=${{ env.PRODUCT_NAME }} \ export RELEASE_BRANCH
DOCKERFILE=Dockerfile \ export PLATFORM
PREFIX_NAME=4testing- \ export DOCKERFILE=Dockerfile
TAG=$DOCKER_TAG \ export PREFIX_NAME=4testing-
PLATFORM=$BUILD_PLATFORMS \ export TAG=${PRODUCT_VERSION}.${BUILD_NUMBER}
COMPANY_NAME=${{ env.COMPANY_NAME }} \
docker buildx bake \ ### ==>> Build and push images at this step ###
-f docker-bake.hcl ${{ matrix.images }} \
--push docker buildx bake -f docker-bake.hcl ${{ matrix.image }} --push
echo "DONE: Build success >> exit with 0" echo "DONE: Build success"
exit 0
shell: bash shell: bash

View file

@ -2,9 +2,12 @@
name: Multi-arch build stable name: Multi-arch build stable
on: on:
push: workflow_dispatch:
tags: inputs:
- "v*-stable" tag:
description: 'Tag for release (ex. 1.2.3.45)'
type: string
required: true
env: env:
COMPANY_NAME: "onlyoffice" COMPANY_NAME: "onlyoffice"
@ -12,14 +15,13 @@ env:
jobs: jobs:
build: build:
name: Build name: "Release image: DocumentServer${{ matrix.edition }}"
runs-on: ubuntu-latest runs-on: ubuntu-latest
continue-on-error: ${{ matrix.condition }}
strategy: strategy:
fail-fast: false
matrix: matrix:
images: ["documentserver-stable"] images: ["documentserver-stable"]
edition: ["", "-ee", "-de"] edition: ["", "-ee", "-de"]
condition: [true]
steps: steps:
- name: Checkout code - name: Checkout code
uses: actions/checkout@v3 uses: actions/checkout@v3
@ -31,37 +33,98 @@ jobs:
uses: docker/setup-buildx-action@v2 uses: docker/setup-buildx-action@v2
- name: Login to Docker Hub - name: Login to Docker Hub
uses: docker/login-action@v1 uses: docker/login-action@v2
with: with:
username: ${{ secrets.DOCKER_HUB_USERNAME }} username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
- name: Get Tag Name
id: tag_name
run: |
echo ::set-output name=SOURCE_TAG::${GITHUB_REF#refs/tags/}
- name: Build documentserver-release - name: Build documentserver-release
run: | run: |
TAG=$(echo ${{ steps.tag_name.outputs.SOURCE_TAG }} | sed 's/^.//; s/-stable//') set -eux
SHORTER_TAG=$(echo ${TAG} | grep -o -P '^[\d]+\.[\d]+\.[\d]+') VERSION=${{ github.event.inputs.tag }}
SHORTEST_TAG=$(echo ${TAG} | grep -o -P '^[\d]+\.[\d]+') PRODUCT_EDITION=${{ matrix.edition }}
IMAGE_STATUS=$(docker manifest inspect ${{ env.COMPANY_NAME }}/4testing-${{ env.PRODUCT_NAME }}${{ matrix.edition }}:$TAG > /dev/null ; echo $?) TESTING_IMAGE=${COMPANY_NAME}/4testing-${PRODUCT_NAME}${PRODUCT_EDITION}
if [[ "$IMAGE_STATUS" = "0" ]]; then if docker manifest inspect ${TESTING_IMAGE}:${VERSION} > /dev/null; then
echo "Image present on docker.hub >> start build stable version" echo "Image present on docker.hub >> start build stable version"
echo "FROM ${{ env.COMPANY_NAME }}/4testing-${{ env.PRODUCT_NAME }}${{ matrix.edition }}:$TAG as ${{ env.PRODUCT_NAME }}-stable" >> Dockerfile.stable export PRODUCT_EDITION
PRODUCT_EDITION=${{ matrix.edition }} PRODUCT_NAME=${{ env.PRODUCT_NAME }} \ export TAG=${VERSION}
COMPANY_NAME=${{ env.COMPANY_NAME}} DOCKERFILE=Dockerfile.stable \ export SHORTER_TAG=${VERSION%.*}
TAG=$TAG \ export SHORTEST_TAG=${VERSION%.*.*}
SHORTER_TAG=$SHORTER_TAG \ docker buildx bake -f docker-bake.hcl ${{ matrix.images }} --push
SHORTEST_TAG=$SHORTEST_TAG \ echo "DONE: Build success >> exit with 0"
docker buildx bake \ exit 0
-f docker-bake.hcl ${{ matrix.images }} \ else
--push echo "FAILED: Image with tag ${VERSION} do not presented on docker.hub >> build will not started >> exit with 1"
echo "DONE: Build success >> exit with 0" exit 1
exit 0 fi
else shell: bash
echo "FAILED: Image with tag $TAG do not presented on docker.hub >> build will not started >> exit with 1"
exit 1 build-nonexample:
fi name: "Release image: DocumentServer${{ matrix.edition }}-nonExample"
runs-on: ubuntu-latest
needs: [build]
if: ${{ false }}
strategy:
fail-fast: false
matrix:
images: ["documentserver-nonexample"]
edition: ["", "-ee", "-de"]
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Login to Docker Hub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
- name: build image
run: |
set -eux
export PRODUCT_EDITION=${{ matrix.edition }}
export TAG=${{ github.event.inputs.tag }}
docker buildx bake -f docker-bake.hcl ${{ matrix.images }} --push
shell: bash
build-ucs-ubuntu20:
name: "Release image: DocumentServer${{ matrix.edition }}-ucs"
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
edition: ["", "-ee"]
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Login to Docker Hub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
- name: build UCS
run: |
set -eux
export PRODUCT_EDITION=${{ matrix.edition }}
export PACKAGE_BASEURL=${{ secrets.REPO_BASEURL_OLD }}/testing/ubuntu
export DOCKERFILE=Dockerfile
export BASE_IMAGE=ubuntu:20.04
export PG_VERSION=12
export TAG=${{ github.event.inputs.tag }}
export PACKAGE_VERSION=$( echo ${TAG} | sed -E 's/(.*)\./\1-/')
docker buildx bake -f docker-bake.hcl documentserver-ucs --push
shell: bash shell: bash

View file

@ -1,18 +1,24 @@
FROM ubuntu:22.04 as documentserver ARG BASE_IMAGE=ubuntu:22.04
FROM ${BASE_IMAGE} as documentserver
LABEL maintainer Ascensio System SIA <support@onlyoffice.com> LABEL maintainer Ascensio System SIA <support@onlyoffice.com>
ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 DEBIAN_FRONTEND=noninteractive PG_VERSION=14 ARG PG_VERSION=14
ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 DEBIAN_FRONTEND=noninteractive PG_VERSION=${PG_VERSION}
ARG ONLYOFFICE_VALUE=onlyoffice ARG ONLYOFFICE_VALUE=onlyoffice
RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \ RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \
apt-get -y update && \ apt-get -y update && \
apt-get -yq install wget apt-transport-https gnupg locales && \ apt-get -yq install wget apt-transport-https gnupg locales lsb-release && \
mkdir -p $HOME/.gnupg && \ mkdir -p $HOME/.gnupg && \
gpg --no-default-keyring --keyring gnupg-ring:/etc/apt/trusted.gpg.d/onlyoffice.gpg --keyserver keyserver.ubuntu.com --recv-keys 0x8320ca65cb2de8e5 && \ gpg --no-default-keyring --keyring gnupg-ring:/etc/apt/trusted.gpg.d/onlyoffice.gpg --keyserver keyserver.ubuntu.com --recv-keys 0x8320ca65cb2de8e5 && \
chmod 644 /etc/apt/trusted.gpg.d/onlyoffice.gpg && \ chmod 644 /etc/apt/trusted.gpg.d/onlyoffice.gpg && \
locale-gen en_US.UTF-8 && \ locale-gen en_US.UTF-8 && \
echo ttf-mscorefonts-installer msttcorefonts/accepted-mscorefonts-eula select true | debconf-set-selections && \ echo ttf-mscorefonts-installer msttcorefonts/accepted-mscorefonts-eula select true | debconf-set-selections && \
wget -O - https://packagecloud.io/install/repositories/rabbitmq/rabbitmq-server/script.deb.sh | bash && \
if [ $(lsb_release -cs) = focal ]; then RABBITMQ_VERSION=3.8.11-1; else RABBITMQ_VERSION=3.10 ; fi && \
apt-get -yq install \ apt-get -yq install \
adduser \ adduser \
apt-utils \ apt-utils \
@ -41,7 +47,7 @@ RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \
postgresql \ postgresql \
postgresql-client \ postgresql-client \
pwgen \ pwgen \
rabbitmq-server \ rabbitmq-server=${RABBITMQ_VERSION}* \
redis-server \ redis-server \
software-properties-common \ software-properties-common \
sudo \ sudo \
@ -71,25 +77,26 @@ COPY run-document-server.sh /app/ds/run-document-server.sh
EXPOSE 80 443 EXPOSE 80 443
ARG TARGETARCH
ARG PRODUCT_EDITION=
ARG COMPANY_NAME=onlyoffice ARG COMPANY_NAME=onlyoffice
ARG PRODUCT_NAME=documentserver ARG PRODUCT_NAME=documentserver
ARG PACKAGE_URL="http://download.onlyoffice.com/install/documentserver/linux/${COMPANY_NAME}-${PRODUCT_NAME}${PRODUCT_EDITION}_$TARGETARCH.deb" ARG PRODUCT_EDITION=
ARG PACKAGE_VERSION=
ARG TARGETARCH
ARG PACKAGE_BASEURL="http://download.onlyoffice.com/install/documentserver/linux"
ENV COMPANY_NAME=$COMPANY_NAME \ ENV COMPANY_NAME=$COMPANY_NAME \
PRODUCT_NAME=$PRODUCT_NAME \ PRODUCT_NAME=$PRODUCT_NAME \
PRODUCT_EDITION=$PRODUCT_EDITION PRODUCT_EDITION=$PRODUCT_EDITION
RUN PACKAGE_URL=$( echo ${PACKAGE_URL} | sed "s/TARGETARCH/"${TARGETARCH}"/g") && \ RUN PACKAGE_FILE="${COMPANY_NAME}-${PRODUCT_NAME}${PRODUCT_EDITION}${PACKAGE_VERSION:+_$PACKAGE_VERSION}_${TARGETARCH:-$(dpkg --print-architecture)}.deb" && \
wget -q -P /tmp "$PACKAGE_URL" && \ wget -q -P /tmp "$PACKAGE_BASEURL/$PACKAGE_FILE" && \
apt-get -y update && \ apt-get -y update && \
service postgresql start && \ service postgresql start && \
apt-get -yq install /tmp/$(basename "$PACKAGE_URL") && \ apt-get -yq install /tmp/$PACKAGE_FILE && \
service postgresql stop && \ service postgresql stop && \
service supervisor stop && \ service supervisor stop && \
chmod 755 /app/ds/*.sh && \ chmod 755 /app/ds/*.sh && \
rm -f /tmp/$(basename "$PACKAGE_URL") && \ rm -f /tmp/$PACKAGE_FILE && \
rm -rf /var/log/$COMPANY_NAME && \ rm -rf /var/log/$COMPANY_NAME && \
rm -rf /var/lib/apt/lists/* rm -rf /var/lib/apt/lists/*

View file

@ -1,6 +1,7 @@
COMPANY_NAME ?= ONLYOFFICE COMPANY_NAME ?= ONLYOFFICE
GIT_BRANCH ?= develop GIT_BRANCH ?= develop
PRODUCT_NAME ?= DocumentServer PRODUCT_NAME ?= DocumentServer
PRODUCT_EDITION ?=
PRODUCT_VERSION ?= 0.0.0 PRODUCT_VERSION ?= 0.0.0
BUILD_NUMBER ?= 0 BUILD_NUMBER ?= 0
ONLYOFFICE_VALUE ?= onlyoffice ONLYOFFICE_VALUE ?= onlyoffice
@ -11,9 +12,9 @@ COMPANY_NAME_LOW = $(shell echo $(COMPANY_NAME) | tr A-Z a-z)
PRODUCT_NAME_LOW = $(shell echo $(PRODUCT_NAME) | tr A-Z a-z) PRODUCT_NAME_LOW = $(shell echo $(PRODUCT_NAME) | tr A-Z a-z)
COMPANY_NAME_LOW_ESCAPED = $(subst -,,$(COMPANY_NAME_LOW)) COMPANY_NAME_LOW_ESCAPED = $(subst -,,$(COMPANY_NAME_LOW))
PACKAGE_NAME := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME_LOW) PACKAGE_NAME := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME_LOW)$(PRODUCT_EDITION)
PACKAGE_VERSION := $(PRODUCT_VERSION)-$(BUILD_NUMBER) PACKAGE_VERSION := $(PRODUCT_VERSION)-$(BUILD_NUMBER)
PACKAGE_URL := http://$(S3_BUCKET).s3.amazonaws.com/$(COMPANY_NAME_LOW)/$(RELEASE_BRANCH)/ubuntu/$(PACKAGE_NAME)_$(PACKAGE_VERSION)_amd64.deb PACKAGE_BASEURL := https://s3.eu-west-1.amazonaws.com/$(S3_BUCKET)/$(COMPANY_NAME_LOW)/$(RELEASE_BRANCH)/ubuntu
ifeq ($(RELEASE_BRANCH),$(filter $(RELEASE_BRANCH),unstable testing)) ifeq ($(RELEASE_BRANCH),$(filter $(RELEASE_BRANCH),unstable testing))
DOCKER_TAG := $(subst -,.,$(PACKAGE_VERSION)) DOCKER_TAG := $(subst -,.,$(PACKAGE_VERSION))
@ -21,8 +22,8 @@ else
DOCKER_TAG := $(subst -,.,$(PACKAGE_VERSION))-$(subst /,-,$(GIT_BRANCH)) DOCKER_TAG := $(subst -,.,$(PACKAGE_VERSION))-$(subst /,-,$(GIT_BRANCH))
endif endif
DOCKER_IMAGE := $(subst -,,$(COMPANY_NAME_LOW))/4testing-$(PRODUCT_NAME_LOW) DOCKER_IMAGE := $(subst -,,$(COMPANY_NAME_LOW))/4testing-$(PRODUCT_NAME_LOW)$(PRODUCT_EDITION)
DOCKER_DUMMY := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME_LOW)__$(DOCKER_TAG).dummy DOCKER_DUMMY := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME_LOW)$(PRODUCT_EDITION)__$(DOCKER_TAG).dummy
DOCKER_ARCH := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME_LOW)_$(PACKAGE_VERSION).tar.gz DOCKER_ARCH := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME_LOW)_$(PACKAGE_VERSION).tar.gz
DOCKER_ARCH_URI := $(COMPANY_NAME_LOW)/$(RELEASE_BRANCH)/docker/$(notdir $(DOCKER_ARCH)) DOCKER_ARCH_URI := $(COMPANY_NAME_LOW)/$(RELEASE_BRANCH)/docker/$(notdir $(DOCKER_ARCH))
@ -31,9 +32,12 @@ DOCKER_ARCH_URI := $(COMPANY_NAME_LOW)/$(RELEASE_BRANCH)/docker/$(notdir $(DOCKE
$(DOCKER_DUMMY): $(DOCKER_DUMMY):
docker pull ubuntu:20.04 docker pull ubuntu:20.04
docker build \ docker build \
--build-arg PACKAGE_URL=$(PACKAGE_URL) \
--build-arg COMPANY_NAME=$(COMPANY_NAME_LOW) \ --build-arg COMPANY_NAME=$(COMPANY_NAME_LOW) \
--build-arg PRODUCT_NAME=$(PRODUCT_NAME_LOW) \ --build-arg PRODUCT_NAME=$(PRODUCT_NAME_LOW) \
--build-arg PRODUCT_EDITION=$(PRODUCT_EDITION) \
--build-arg PACKAGE_VERSION=$(PACKAGE_VERSION) \
--build-arg PACKAGE_BASEURL=$(PACKAGE_BASEURL) \
--build-arg TARGETARCH=amd64 \
--build-arg ONLYOFFICE_VALUE=$(ONLYOFFICE_VALUE) \ --build-arg ONLYOFFICE_VALUE=$(ONLYOFFICE_VALUE) \
-t $(DOCKER_IMAGE):$(DOCKER_TAG) . && \ -t $(DOCKER_IMAGE):$(DOCKER_TAG) . && \
mkdir -p $$(dirname $@) && \ mkdir -p $$(dirname $@) && \

View file

@ -10,7 +10,6 @@
+ [Strengthening the Server Security](#strengthening-the-server-security) + [Strengthening the Server Security](#strengthening-the-server-security)
+ [Installation of the SSL Certificates](#installation-of-the-ssl-certificates) + [Installation of the SSL Certificates](#installation-of-the-ssl-certificates)
+ [Available Configuration Parameters](#available-configuration-parameters) + [Available Configuration Parameters](#available-configuration-parameters)
- [Running ONLYOFFICE Document Server using docker secrets](#running-onlyoffice-document-server-using-docker-secrets)
* [Installing ONLYOFFICE Document Server integrated with Community and Mail Servers](#installing-onlyoffice-document-server-integrated-with-community-and-mail-servers) * [Installing ONLYOFFICE Document Server integrated with Community and Mail Servers](#installing-onlyoffice-document-server-integrated-with-community-and-mail-servers)
* [Issues](#issues) * [Issues](#issues)
- [Docker Issues](#docker-issues) - [Docker Issues](#docker-issues)
@ -26,6 +25,8 @@ Starting from version 6.0, Document Server is distributed as ONLYOFFICE Docs. It
ONLYOFFICE Docs can be used as a part of ONLYOFFICE Workspace or with third-party sync&share solutions (e.g. Nextcloud, ownCloud, Seafile) to enable collaborative editing within their interface. ONLYOFFICE Docs can be used as a part of ONLYOFFICE Workspace or with third-party sync&share solutions (e.g. Nextcloud, ownCloud, Seafile) to enable collaborative editing within their interface.
***Important*** Please update `docker-enginge` to latest version (`20.10.21` as of writing this doc) before using it. We use `ubuntu:22.04` as base image and it older versions of docker have compatibility problems with it
## Functionality ## ## Functionality ##
* ONLYOFFICE Document Editor * ONLYOFFICE Document Editor
* ONLYOFFICE Spreadsheet Editor * ONLYOFFICE Spreadsheet Editor
@ -164,58 +165,6 @@ chmod 400 /app/onlyoffice/DocumentServer/data/certs/tls.key
You are now just one step away from having our application secured. You are now just one step away from having our application secured.
### Running ONLYOFFICE Document Server using docker secrets
For manage sensitive data like database password/username you can use Docker secrets. If you want use secrets, you must start the Document Server like service with docker compose or docker swarm. According to [official docker documentation](https://docs.docker.com/engine/swarm/secrets/) secrets did not avalivable to standalone containers. To start using the secrets you need to go through a few simple steps:
**STEP 1**:
At first you need to iniciate docker swarm with command:
```bash
sudo docker swarm init
```
**STEP 2**:
On the next step you need to make the secrets. DocumentServer support username/password for postgresql access and jwt header/secret.
If you want to use secrets for database access create secrets with command:
```bash
sudo printf "your_pass" | docker secret create dbPass -
sudo printf "your_user" | docker secret create dbUser -
```
NOTE: After secrets dbPass and dbUser was created, DocumentServer will be configured automaticly for use the same secrets for postgres access.
If you want to use JSON Web Token values from secrets create secrets with command:
```bash
sudo printf "secret_value" | docker secret create jwtSecret -
sudo printf "header_value" | docker secret create jwtHeader -
```
**STEP 3**:
After secrets was created you need to build the DocumentServer with command:
```bash
sudo docker compose build
```
**STEP 4**:
After all when images was builded and secrets was created very important uncomment in docker-compose.yml file strings with secrets thats you want to use. For more information refer to the comments in docker-compose.yml
**STEP 5**:
Now Document Server is ready to deploy with secrets. For that run:
```bash
sudo docker stack deploy --compose-file=docker-compose.yml documentserver-secrets
```
Also you can run Document Server in docker-compose mode with the same config
```bash
sudo docker compose up -d
```
#### Available Configuration Parameters #### Available Configuration Parameters
*Please refer the docker run command options for the `--env-file` flag where you can specify all required environment variables in a single file. This will save you from writing a potentially long docker run command.* *Please refer the docker run command options for the `--env-file` flag where you can specify all required environment variables in a single file. This will save you from writing a potentially long docker run command.*
@ -242,8 +191,8 @@ Below is the complete list of parameters that can be set using environment varia
- **NGINX_WORKER_PROCESSES**: Defines the number of nginx worker processes. - **NGINX_WORKER_PROCESSES**: Defines the number of nginx worker processes.
- **NGINX_WORKER_CONNECTIONS**: Sets the maximum number of simultaneous connections that can be opened by a nginx worker process. - **NGINX_WORKER_CONNECTIONS**: Sets the maximum number of simultaneous connections that can be opened by a nginx worker process.
- **SECURE_LINK_SECRET**: Defines secret for the nginx config directive [secure_link_md5](http://nginx.org/ru/docs/http/ngx_http_secure_link_module.html#secure_link_md5). Defaults to `random string`. - **SECURE_LINK_SECRET**: Defines secret for the nginx config directive [secure_link_md5](http://nginx.org/ru/docs/http/ngx_http_secure_link_module.html#secure_link_md5). Defaults to `random string`.
- **JWT_ENABLED**: Specifies the enabling the JSON Web Token validation by the ONLYOFFICE Document Server. Defaults to `false`. - **JWT_ENABLED**: Specifies the enabling the JSON Web Token validation by the ONLYOFFICE Document Server. Defaults to `true`.
- **JWT_SECRET**: Defines the secret key to validate the JSON Web Token in the request to the ONLYOFFICE Document Server. Defaults to `secret`. - **JWT_SECRET**: Defines the secret key to validate the JSON Web Token in the request to the ONLYOFFICE Document Server. Defaults to random value.
- **JWT_HEADER**: Defines the http header that will be used to send the JSON Web Token. Defaults to `Authorization`. - **JWT_HEADER**: Defines the http header that will be used to send the JSON Web Token. Defaults to `Authorization`.
- **JWT_IN_BODY**: Specifies the enabling the token validation in the request body to the ONLYOFFICE Document Server. Defaults to `false`. - **JWT_IN_BODY**: Specifies the enabling the token validation in the request body to the ONLYOFFICE Document Server. Defaults to `false`.
- **WOPI_ENABLED**: Specifies the enabling the wopi handlers. Defaults to `false`. - **WOPI_ENABLED**: Specifies the enabling the wopi handlers. Defaults to `false`.
@ -256,13 +205,6 @@ Below is the complete list of parameters that can be set using environment varia
- **LETS_ENCRYPT_DOMAIN**: Defines the domain for Let's Encrypt certificate. - **LETS_ENCRYPT_DOMAIN**: Defines the domain for Let's Encrypt certificate.
- **LETS_ENCRYPT_MAIL**: Defines the domain administator mail address for Let's Encrypt certificate. - **LETS_ENCRYPT_MAIL**: Defines the domain administator mail address for Let's Encrypt certificate.
Below list values avalivable only for compose/swarm mode.
- **JWT_SECRET_FILE**: Specifies the path to the mounted file, the value from which will be used like JWT_Secret value. Default path that docker mounted secrets: `/run/secrets/jwtSecret`
- **JWT_HEADER_FILE**: Specifies the path to the mounted file, the value from which will be used like JWT_Header value. Default path that docker mounted secrets: `/run/secrets/jwtHeader`
- **POSTGRES_USER_FILE**: Default postgresql container value. Tells the database where to get the username value by set to db access. Default path: `run/secrets/dbUser`
- **POSTGRES_PASSWORD_FILE**: Default postgresql container value. Tells the database where to get the password value by set to db access. Default path: `run/secrets/dbPass`
## Installing ONLYOFFICE Document Server integrated with Community and Mail Servers ## Installing ONLYOFFICE Document Server integrated with Community and Mail Servers
ONLYOFFICE Document Server is a part of ONLYOFFICE Community Edition that comprises also Community Server and Mail Server. To install them, follow these easy steps: ONLYOFFICE Document Server is a part of ONLYOFFICE Community Edition that comprises also Community Server and Mail Server. To install them, follow these easy steps:

View file

@ -26,6 +26,10 @@ variable "PRODUCT_NAME" {
default = "" default = ""
} }
variable "PACKAGE_VERSION" {
default = ""
}
variable "DOCKERFILE" { variable "DOCKERFILE" {
default = "" default = ""
} }
@ -34,35 +38,92 @@ variable "PLATFORM" {
default = "" default = ""
} }
variable "PACKAGE_URL" { variable "PACKAGE_BASEURL" {
default = "" default = ""
} }
variable "PACKAGE_FILE" {
default = ""
}
variable "RELEASE_BRANCH" {
default = ""
}
### Variables for UCS build
variable "BASE_IMAGE" {
default = ""
}
variable "PG_VERSION" {
default = ""
}
### Variables for UCS build
target "documentserver" { target "documentserver" {
target = "documentserver" target = "documentserver"
dockerfile= "${DOCKERFILE}" dockerfile = "${DOCKERFILE}"
tags = ["docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}"] tags = [
"docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}",
equal("unstable",RELEASE_BRANCH) ? "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:latest": "",
]
platforms = ["${PLATFORM}"] platforms = ["${PLATFORM}"]
args = { args = {
"PRODUCT_EDITION": "${PRODUCT_EDITION}"
"PRODUCT_NAME": "${PRODUCT_NAME}"
"COMPANY_NAME": "${COMPANY_NAME}" "COMPANY_NAME": "${COMPANY_NAME}"
"PACKAGE_URL": "${PACKAGE_URL}" "PRODUCT_NAME": "${PRODUCT_NAME}"
"PRODUCT_EDITION": "${PRODUCT_EDITION}"
"PACKAGE_VERSION": "${PACKAGE_VERSION}"
"PACKAGE_BASEURL": "${PACKAGE_BASEURL}"
"PLATFORM": "${PLATFORM}" "PLATFORM": "${PLATFORM}"
} }
} }
target "documentserver-stable" { target "documentserver-stable" {
target = "documentserver-stable" target = "documentserver-stable"
dockerfile= "${DOCKERFILE}" dockerfile = "production.dockerfile"
tags = ["docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}", tags = ["docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}",
"docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${SHORTER_TAG}", "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${SHORTER_TAG}",
"docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${SHORTEST_TAG}", "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${SHORTEST_TAG}",
"docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:latest"] "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:latest",
equal("-ee",PRODUCT_EDITION) ? "docker.io/${COMPANY_NAME}4enterprise/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}": "",]
platforms = ["linux/amd64", "linux/arm64"]
args = {
"TAG": "${TAG}"
"COMPANY_NAME": "${COMPANY_NAME}"
"PRODUCT_NAME": "${PRODUCT_NAME}"
"PRODUCT_EDITION": "${PRODUCT_EDITION}"
}
}
target "documentserver-ucs" {
target = "documentserver"
dockerfile = "${DOCKERFILE}"
tags = [
"docker.io/${COMPANY_NAME}/${PRODUCT_NAME}${PRODUCT_EDITION}-ucs:${TAG}"
]
platforms = ["linux/amd64", "linux/arm64"] platforms = ["linux/amd64", "linux/arm64"]
args = { args = {
"PRODUCT_EDITION": "${PRODUCT_EDITION}" "PRODUCT_EDITION": "${PRODUCT_EDITION}"
"PRODUCT_NAME": "${PRODUCT_NAME}" "PRODUCT_NAME": "${PRODUCT_NAME}"
"COMPANY_NAME": "${COMPANY_NAME}" "COMPANY_NAME": "${COMPANY_NAME}"
"PACKAGE_VERSION": "${PACKAGE_VERSION}"
"PACKAGE_BASEURL": "${PACKAGE_BASEURL}"
"BASE_IMAGE": "${BASE_IMAGE}"
"PG_VERSION": "${PG_VERSION}"
} }
} }
target "documentserver-nonexample" {
target = "documentserver-nonexample"
dockerfile = "production.dockerfile"
tags = [ "docker.io/${COMPANY_NAME}/${PRODUCT_NAME}${PREFIX_NAME}${PRODUCT_EDITION}:${TAG}-nonexample" ]
platforms = ["linux/amd64", "linux/arm64"]
args = {
"TAG": "${TAG}"
"COMPANY_NAME": "${COMPANY_NAME}"
"PRODUCT_NAME": "${PRODUCT_NAME}"
"PRODUCT_EDITION": "${PRODUCT_EDITION}"
}
}

View file

@ -1,4 +1,4 @@
version: "3.9" version: '2'
services: services:
onlyoffice-documentserver: onlyoffice-documentserver:
build: build:
@ -8,7 +8,6 @@ services:
- onlyoffice-postgresql - onlyoffice-postgresql
- onlyoffice-rabbitmq - onlyoffice-rabbitmq
environment: environment:
- USE_SECRETS=false # ← Set on "true" if you plan use secrets.
- DB_TYPE=postgres - DB_TYPE=postgres
- DB_HOST=onlyoffice-postgresql - DB_HOST=onlyoffice-postgresql
- DB_PORT=5432 - DB_PORT=5432
@ -17,13 +16,9 @@ services:
- AMQP_URI=amqp://guest:guest@onlyoffice-rabbitmq - AMQP_URI=amqp://guest:guest@onlyoffice-rabbitmq
# Uncomment strings below to enable the JSON Web Token validation. # Uncomment strings below to enable the JSON Web Token validation.
#- JWT_ENABLED=true #- JWT_ENABLED=true
#- JWT_IN_BODY=true
#- JWT_SECRET=secret #- JWT_SECRET=secret
#- JWT_HEADER=Authorization #- JWT_HEADER=Authorization
# ↑ Uncomment two upper strings to use jwt_secret and jwt_header values by default without docker secrets. #- JWT_IN_BODY=true
# ↓ Or uncomment two strings below to use jwt_secret and jwt_header values from docker secrets that you create.
#- JWT_SECTER_FILE=/run/secrets/jwtSecret
#- JWT_HEADER_FILE=/run/secrets/jwtHeader
ports: ports:
- '80:80' - '80:80'
- '443:443' - '443:443'
@ -36,12 +31,6 @@ services:
- /var/lib/onlyoffice/documentserver/App_Data/cache/files - /var/lib/onlyoffice/documentserver/App_Data/cache/files
- /var/www/onlyoffice/documentserver-example/public/files - /var/www/onlyoffice/documentserver-example/public/files
- /usr/share/fonts - /usr/share/fonts
# ↓ If you use docker secrets, uncomment srtings below only with secrets that you will use in your installtion
#secrets:
# - dbUser
# - dbPass
# - jwtSecret
# - jwtHeader
onlyoffice-rabbitmq: onlyoffice-rabbitmq:
container_name: onlyoffice-rabbitmq container_name: onlyoffice-rabbitmq
@ -57,30 +46,11 @@ services:
- POSTGRES_DB=onlyoffice - POSTGRES_DB=onlyoffice
- POSTGRES_USER=onlyoffice - POSTGRES_USER=onlyoffice
- POSTGRES_HOST_AUTH_METHOD=trust - POSTGRES_HOST_AUTH_METHOD=trust
# ↑ Comment two lines upper: POSTGRES_HOST_AUTH_METHOD and POSTGRES_USER and
# ↓ Uncomment two strings below for use database access values from secrets that you create.
#- POSTGRES_USER_FILE=/run/secrets/dbUser
#- POSTGRES_PASSWORD_FILE=/run/secrets/dbPass
restart: always restart: always
expose: expose:
- '5432' - '5432'
volumes: volumes:
- postgresql_data:/var/lib/postgresql - postgresql_data:/var/lib/postgresql
# ↓ If you use docker secrets, uncomment srtings below only with secrets that you will use in your installtion
#secrets:
# - dbUser
# - dbPass
# ↓ If you use docker secrets, uncomment srtings below only with secrets that you will use in your installtion
#secrets:
# dbUser:
# external: true
# dbPass:
# external: true
# jwtSecret:
# external: true
# jwtHeader:
# external: true
volumes: volumes:
postgresql_data: postgresql_data:

24
production.dockerfile Normal file
View file

@ -0,0 +1,24 @@
### Arguments avavlivable only for FROM instruction ###
ARG TAG=latest
ARG COMPANY_NAME=onlyoffice
ARG PRODUCT_EDITION=
### Build main-release ###
FROM ${COMPANY_NAME}/4testing-documentserver${PRODUCT_EDITION}:${TAG} as documentserver-stable
### Build nonexample ###
FROM ${COMPANY_NAME}/documentserver${PRODUCT_EDITION}:${TAG} as documentserver-nonexample
ARG COMPANY_NAME=onlyoffice
ARG PRODUCT_NAME=documentserver
ARG DS_SUPERVISOR_CONF=/etc/supervisor/conf.d/ds.conf
### Remove all documentserver-example data ###
RUN rm -rf /var/www/$COMPANY_NAME/$PRODUCT_NAME-example \
&& rm -rf /etc/$COMPANY_NAME/$PRODUCT_NAME-example \
&& rm -f $DS_SUPERVISOR_CONF \
&& rm -f /etc/nginx/includes/ds-example.conf \
&& ln -s /etc/$COMPANY_NAME/$PRODUCT_NAME/supervisor/ds.conf $DS_SUPERVISOR_CONF

View file

@ -1,5 +1,7 @@
#!/bin/bash #!/bin/bash
umask 0022
function clean_exit { function clean_exit {
/usr/bin/documentserver-prepare4shutdown.sh /usr/bin/documentserver-prepare4shutdown.sh
} }
@ -19,7 +21,6 @@ LIB_DIR="/var/lib/${COMPANY_NAME}"
DS_LIB_DIR="${LIB_DIR}/documentserver" DS_LIB_DIR="${LIB_DIR}/documentserver"
CONF_DIR="/etc/${COMPANY_NAME}/documentserver" CONF_DIR="/etc/${COMPANY_NAME}/documentserver"
IS_UPGRADE="false" IS_UPGRADE="false"
SECRETS_PATH="/run/secrets/"
ONLYOFFICE_DATA_CONTAINER=${ONLYOFFICE_DATA_CONTAINER:-false} ONLYOFFICE_DATA_CONTAINER=${ONLYOFFICE_DATA_CONTAINER:-false}
ONLYOFFICE_DATA_CONTAINER_HOST=${ONLYOFFICE_DATA_CONTAINER_HOST:-localhost} ONLYOFFICE_DATA_CONTAINER_HOST=${ONLYOFFICE_DATA_CONTAINER_HOST:-localhost}
@ -72,9 +73,10 @@ NGINX_ONLYOFFICE_EXAMPLE_CONF="${NGINX_ONLYOFFICE_EXAMPLE_PATH}/includes/ds-exam
NGINX_CONFIG_PATH="/etc/nginx/nginx.conf" NGINX_CONFIG_PATH="/etc/nginx/nginx.conf"
NGINX_WORKER_PROCESSES=${NGINX_WORKER_PROCESSES:-1} NGINX_WORKER_PROCESSES=${NGINX_WORKER_PROCESSES:-1}
NGINX_WORKER_CONNECTIONS=${NGINX_WORKER_CONNECTIONS:-$(ulimit -n)} # Limiting the maximum number of simultaneous connections due to possible memory shortage
[ $(ulimit -n) -gt 1048576 ] && NGINX_WORKER_CONNECTIONS=${NGINX_WORKER_CONNECTIONS:-1048576} || NGINX_WORKER_CONNECTIONS=${NGINX_WORKER_CONNECTIONS:-$(ulimit -n)}
JWT_ENABLED=${JWT_ENABLED:-false} JWT_ENABLED=${JWT_ENABLED:-true}
# validate user's vars before usinig in json # validate user's vars before usinig in json
if [ "${JWT_ENABLED}" == "true" ]; then if [ "${JWT_ENABLED}" == "true" ]; then
@ -83,18 +85,12 @@ else
JWT_ENABLED="false" JWT_ENABLED="false"
fi fi
JWT_SECRET=${JWT_SECRET:-secret} [ -z $JWT_SECRET ] && JWT_MESSAGE='JWT is enabled by default. A random secret is generated automatically. Run the command "docker exec $(sudo docker ps -q) sudo documentserver-jwt-status.sh" to get information about JWT.'
JWT_SECRET=${JWT_SECRET:-$(pwgen -s 20)}
JWT_HEADER=${JWT_HEADER:-Authorization} JWT_HEADER=${JWT_HEADER:-Authorization}
JWT_IN_BODY=${JWT_IN_BODY:-false} JWT_IN_BODY=${JWT_IN_BODY:-false}
if [ ${USE_SECRETS} == "true" ] && [ -s ${SECRETS_PATH}/jwtSecret ]; then
JWT_SECRET=$( cat ${SECRETS_PATH}/jwtSecret )
fi
if [ ${USE_SECRETS} == "true" ] && [ -s ${SECRETS_PATH}/jwtHeader ]; then
JWT_HEADER=$( cat ${SECRETS_PATH}/jwtHeader )
fi
WOPI_ENABLED=${WOPI_ENABLED:-false} WOPI_ENABLED=${WOPI_ENABLED:-false}
GENERATE_FONTS=${GENERATE_FONTS:-true} GENERATE_FONTS=${GENERATE_FONTS:-true}
@ -129,17 +125,6 @@ if [ "${LETS_ENCRYPT_DOMAIN}" != "" -a "${LETS_ENCRYPT_MAIL}" != "" ]; then
SSL_KEY_PATH=${LETSENCRYPT_ROOT_DIR}/${LETS_ENCRYPT_DOMAIN}/privkey.pem SSL_KEY_PATH=${LETSENCRYPT_ROOT_DIR}/${LETS_ENCRYPT_DOMAIN}/privkey.pem
fi fi
# update db credentials if secrets was configure
if [ "${USE_SECRETS}" == "true" ]; then
if [ -s ${SECRETS_PATH}/dbUser ]; then
DB_USER=$( cat ${SECRETS_PATH}/dbUser )
fi
if [ -s ${SECRETS_PATH}/dbPass ]; then
DB_PWD=$( cat ${SECRETS_PATH}/dbPass )
fi
fi
read_setting(){ read_setting(){
deprecated_var POSTGRESQL_SERVER_HOST DB_HOST deprecated_var POSTGRESQL_SERVER_HOST DB_HOST
deprecated_var POSTGRESQL_SERVER_PORT DB_PORT deprecated_var POSTGRESQL_SERVER_PORT DB_PORT
@ -215,7 +200,7 @@ parse_rabbitmq_url(){
# extract the host # extract the host
local hostport="$(echo ${url/$userpass@/} | cut -d/ -f1)" local hostport="$(echo ${url/$userpass@/} | cut -d/ -f1)"
# by request - try to extract the port # by request - try to extract the port
local port="$(echo $hostport | sed -e 's,^.*:,:,g' -e 's,.*:\([0-9]*\).*,\1,g' -e 's,[^0-9],,g')" local port="$(echo $hostport | grep : | sed -r 's_^.*:+|/.*$__g')"
local host local host
if [ -n "$port" ]; then if [ -n "$port" ]; then
@ -442,12 +427,15 @@ update_welcome_page() {
WELCOME_PAGE="${APP_DIR}-example/welcome/docker.html" WELCOME_PAGE="${APP_DIR}-example/welcome/docker.html"
if [[ -e $WELCOME_PAGE ]]; then if [[ -e $WELCOME_PAGE ]]; then
DOCKER_CONTAINER_ID=$(basename $(cat /proc/1/cpuset)) DOCKER_CONTAINER_ID=$(basename $(cat /proc/1/cpuset))
(( ${#DOCKER_CONTAINER_ID} < 12 )) && DOCKER_CONTAINER_ID=$(hostname)
if (( ${#DOCKER_CONTAINER_ID} >= 12 )); then if (( ${#DOCKER_CONTAINER_ID} >= 12 )); then
if [[ -x $(command -v docker) ]]; then if [[ -x $(command -v docker) ]]; then
DOCKER_CONTAINER_NAME=$(docker inspect --format="{{.Name}}" $DOCKER_CONTAINER_ID) DOCKER_CONTAINER_NAME=$(docker inspect --format="{{.Name}}" $DOCKER_CONTAINER_ID)
sed 's/$(sudo docker ps -q)/'"${DOCKER_CONTAINER_NAME#/}"'/' -i $WELCOME_PAGE sed 's/$(sudo docker ps -q)/'"${DOCKER_CONTAINER_NAME#/}"'/' -i $WELCOME_PAGE
JWT_MESSAGE=$(echo $JWT_MESSAGE | sed 's/$(sudo docker ps -q)/'"${DOCKER_CONTAINER_NAME#/}"'/')
else else
sed 's/$(sudo docker ps -q)/'"${DOCKER_CONTAINER_ID::12}"'/' -i $WELCOME_PAGE sed 's/$(sudo docker ps -q)/'"${DOCKER_CONTAINER_ID::12}"'/' -i $WELCOME_PAGE
JWT_MESSAGE=$(echo $JWT_MESSAGE | sed 's/$(sudo docker ps -q)/'"${DOCKER_CONTAINER_ID::12}"'/')
fi fi
fi fi
fi fi
@ -611,6 +599,8 @@ else
update_welcome_page update_welcome_page
fi fi
find /etc/${COMPANY_NAME} -exec chown ds:ds {} \;
#start needed local services #start needed local services
for i in ${LOCAL_SERVICES[@]}; do for i in ${LOCAL_SERVICES[@]}; do
service $i start service $i start
@ -659,5 +649,7 @@ if [ "${GENERATE_FONTS}" == "true" ]; then
fi fi
documentserver-static-gzip.sh ${ONLYOFFICE_DATA_CONTAINER} documentserver-static-gzip.sh ${ONLYOFFICE_DATA_CONTAINER}
echo "${JWT_MESSAGE}"
tail -f /var/log/${COMPANY_NAME}/**/*.log & tail -f /var/log/${COMPANY_NAME}/**/*.log &
wait $! wait $!