Compare commits

..

No commits in common. "master" and "feature/onlypass" have entirely different histories.

26 changed files with 257 additions and 1689 deletions

View file

@ -1,13 +0,0 @@
**Do you want to request a *feature* or report a *bug*?**
**What is the current behavior?**
**If the current behavior is a bug, please provide the steps to reproduce and if possible a minimal demo of the problem.**
**What is the expected behavior?**
**Did this work in previous versions of DocumentServer?**
**DocumentServer Docker tag:**
**Host Operating System:**

View file

@ -1,139 +0,0 @@
### This workflow setup instance then build and push images ###
name: 4testing multiarch-build
on:
workflow_dispatch:
inputs:
build:
description: 'Build number (ex. 45)'
type: string
required: true
amd64:
type: boolean
description: 'Build AMD64'
default: true
arm64:
type: boolean
description: 'Build ARM64'
default: true
community:
type: boolean
description: 'Build Community Edition'
default: true
enterprise:
type: boolean
description: 'Build Enterprise Edition'
default: true
developer:
type: boolean
description: 'Build Developer Edition'
default: true
env:
COMPANY_NAME: "onlyoffice"
PRODUCT_NAME: "documentserver"
jobs:
prepare:
runs-on: ubuntu-latest
steps:
- id: matrix
run: |
set -ex
BRANCH_NAME=${GITHUB_REF#refs/heads/}
if ! [[ $BRANCH_NAME == develop || $BRANCH_NAME =~ hotfix || $BRANCH_NAME =~ release ]]; then
echo "Wrong branch."
exit 1
fi
[ ${{ github.event.inputs.amd64 }} = true ] && PLATFORMS+=("amd64")
[ ${{ github.event.inputs.arm64 }} = true ] && PLATFORMS+=("arm64")
if [ -z ${PLATFORMS} ]; then
echo "None of the platforms are selected."
exit 1
fi
[ ${{ github.event.inputs.community }} = true ] && EDITIONS+=("community")
[ ${{ github.event.inputs.enterprise }} = true ] && EDITIONS+=("enterprise")
[ ${{ github.event.inputs.developer }} = true ] && EDITIONS+=("developer")
if [ -z ${EDITIONS} ]; then
echo "None of the editions are selected."
exit 1
fi
echo "::set-output name=editions::$(jq -n -c --arg s "${EDITIONS[*]}" '($s|split(" "))')"
outputs:
editions: ${{ steps.matrix.outputs.editions }}
build:
name: "Build ${{ matrix.image }}-${{ matrix.edition }}"
runs-on: ubuntu-latest
needs: prepare
strategy:
fail-fast: false
matrix:
image: ["documentserver"]
edition: ${{ fromJSON(needs.prepare.outputs.editions) }}
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v2
- name: Login to Docker Hub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
- name: Build 4testing
run: |
set -eux
### ==>> At this step build variable declaration ###
case ${{ matrix.edition }} in
community)
PRODUCT_EDITION=""
;;
enterprise)
PRODUCT_EDITION="-ee"
;;
developer)
PRODUCT_EDITION="-de"
;;
esac
[ ${{ github.event.inputs.amd64 }} = true ] && PLATFORMS+=("amd64")
[ ${{ github.event.inputs.arm64 }} = true ] && PLATFORMS+=("arm64")
PLATFORM=$(echo ${PLATFORMS[*]/#/linux/} | tr ' ' ',')
BRANCH_NAME=${GITHUB_REF#refs/heads/}
if [ $BRANCH_NAME = develop ]; then
RELEASE_BRANCH=unstable
PRODUCT_VERSION=99.99.99
elif [[ $BRANCH_NAME =~ hotfix || $BRANCH_NAME =~ release ]]; then
RELEASE_BRANCH=testing
PRODUCT_VERSION=${BRANCH_NAME#*/v}
fi
BUILD_NUMBER=${{ github.event.inputs.build }}
export PRODUCT_EDITION
export PACKAGE_VERSION=${PRODUCT_VERSION}-${BUILD_NUMBER}
export PACKAGE_BASEURL=${{ secrets.REPO_BASEURL_OLD }}/${RELEASE_BRANCH}/ubuntu
export RELEASE_BRANCH
export PLATFORM
export DOCKERFILE=Dockerfile
export PREFIX_NAME=4testing-
export TAG=${PRODUCT_VERSION}.${BUILD_NUMBER}
### ==>> Build and push images at this step ###
docker buildx bake -f docker-bake.hcl ${{ matrix.image }} --push
echo "DONE: Build success"
shell: bash

View file

@ -1,130 +0,0 @@
### This workflow setup instance then build and push images ###
name: Multi-arch build stable
on:
workflow_dispatch:
inputs:
tag:
description: 'Tag for release (ex. 1.2.3.45)'
type: string
required: true
env:
COMPANY_NAME: "onlyoffice"
PRODUCT_NAME: "documentserver"
jobs:
build:
name: "Release image: DocumentServer${{ matrix.edition }}"
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
images: ["documentserver-stable"]
edition: ["", "-ee", "-de"]
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Login to Docker Hub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
- name: Build documentserver-release
run: |
set -eux
VERSION=${{ github.event.inputs.tag }}
PRODUCT_EDITION=${{ matrix.edition }}
TESTING_IMAGE=${COMPANY_NAME}/4testing-${PRODUCT_NAME}${PRODUCT_EDITION}
if docker manifest inspect ${TESTING_IMAGE}:${VERSION} > /dev/null; then
echo "Image present on docker.hub >> start build stable version"
export PRODUCT_EDITION
export TAG=${VERSION}
export SHORTER_TAG=${VERSION%.*}
export SHORTEST_TAG=${VERSION%.*.*}
docker buildx bake -f docker-bake.hcl ${{ matrix.images }} --push
echo "DONE: Build success >> exit with 0"
exit 0
else
echo "FAILED: Image with tag ${VERSION} do not presented on docker.hub >> build will not started >> exit with 1"
exit 1
fi
shell: bash
build-nonexample:
name: "Release image: DocumentServer${{ matrix.edition }}-nonExample"
runs-on: ubuntu-latest
needs: [build]
if: ${{ false }}
strategy:
fail-fast: false
matrix:
images: ["documentserver-nonexample"]
edition: ["", "-ee", "-de"]
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Login to Docker Hub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
- name: build image
run: |
set -eux
export PRODUCT_EDITION=${{ matrix.edition }}
export TAG=${{ github.event.inputs.tag }}
docker buildx bake -f docker-bake.hcl ${{ matrix.images }} --push
shell: bash
build-ucs-ubuntu20:
name: "Release image: DocumentServer${{ matrix.edition }}-ucs"
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
edition: ["", "-ee"]
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Login to Docker Hub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
- name: build UCS
run: |
set -eux
export PRODUCT_EDITION=${{ matrix.edition }}
export PACKAGE_BASEURL=${{ secrets.REPO_BASEURL_OLD }}/testing/ubuntu
export DOCKERFILE=Dockerfile
export BASE_IMAGE=ubuntu:20.04
export PG_VERSION=12
export TAG=${{ github.event.inputs.tag }}
export PACKAGE_VERSION=$( echo ${TAG} | sed -E 's/(.*)\./\1-/')
docker buildx bake -f docker-bake.hcl documentserver-ucs --push
shell: bash

View file

@ -1,131 +0,0 @@
language: generic
dist: trusty
env:
# community edition
- config: standalone.yml
# integration edition
- config: standalone.yml
PRODUCT_NAME: documentserver-ie
# certificates (default tls if onlyoffice not exists)
- config: certs.yml
ssl: true
# certificates (default onlyoffice if exists)
- config: certs.yml
ssl: true
private_key: onlyoffice.key
certificate_request: onlyoffice.csr
certificate: onlyoffice.crt
# custom certificates
- config: certs-customized.yml
ssl: true
private_key: mycert.key
certificate_request: mycert.csr
certificate: mycert.crt
SSL_CERTIFICATE_PATH: /var/www/onlyoffice/Data/certs/mycert.crt
SSL_KEY_PATH: /var/www/onlyoffice/Data/certs/mycert.key
# postgresql 12
- config: postgres.yml
POSTGRES_VERSION: 12
# postgresql 11
- config: postgres.yml
POSTGRES_VERSION: 11
# postgresql 10
- config: postgres.yml
POSTGRES_VERSION: 10
# postgresql 9
- config: postgres.yml
POSTGRES_VERSION: 9
# postgresql 9.5
- config: postgres.yml
# postgresql custom values
- config: postgres.yml
DB_NAME: mydb
DB_USER: myuser
DB_PWD: password
POSTGRES_DB: mydb
POSTGRES_USER: myuser
# postgresql deprecated variables
- config: postgres-old.yml
# mysql 8
- config: mysql.yml
MYSQL_VERSION: 8
# mysql 5
- config: mysql.yml
MYSQL_VERSION: 5
# mysql 5.7
- config: mysql.yml
# mariadb 10
- config: mariadb.yml
MARIADB_VERSION: 10
# mariadb 10.5
- config: mariadb.yml
- config: activemq.yml
ACTIVEMQ_VERSION: latest
# activemq 5.14.3
- config: activemq.yml
# rabbitmq latest
- config: rabbitmq.yml
# rabbitmq 3
- config: rabbitmq.yml
RABBITMQ_VERSION: 3
# rabbitmq old variables
- config: rabbitmq-old.yml
# redis latest with community edition
- config: redis.yml
# redis latest with integraion edition
- config: redis.yml
PRODUCT_NAME: documentserver-ie
# redis 6
- config: redis.yml
REDIS_VERSION: 6
# redis 5
- config: redis.yml
REDIS_VERSION: 5
# graphite
- config: graphite.yml
services:
- docker
script:
# Go to tests dir
- cd ${PWD}/tests
# Run test.
- ./test.sh

View file

@ -1,70 +1,50 @@
ARG BASE_IMAGE=ubuntu:22.04
FROM ${BASE_IMAGE} as documentserver
FROM ubuntu:16.04
LABEL maintainer Ascensio System SIA <support@onlyoffice.com>
ARG PG_VERSION=14
ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 DEBIAN_FRONTEND=noninteractive PG_VERSION=${PG_VERSION}
ARG ONLYOFFICE_VALUE=onlyoffice
ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 DEBIAN_FRONTEND=noninteractive
RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \
apt-get -y update && \
apt-get -yq install wget apt-transport-https gnupg locales lsb-release && \
mkdir -p $HOME/.gnupg && \
gpg --no-default-keyring --keyring gnupg-ring:/etc/apt/trusted.gpg.d/onlyoffice.gpg --keyserver keyserver.ubuntu.com --recv-keys 0x8320ca65cb2de8e5 && \
chmod 644 /etc/apt/trusted.gpg.d/onlyoffice.gpg && \
apt-get -yq install wget apt-transport-https curl locales && \
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 0x8320ca65cb2de8e5 && \
locale-gen en_US.UTF-8 && \
echo ttf-mscorefonts-installer msttcorefonts/accepted-mscorefonts-eula select true | debconf-set-selections && \
wget -O - https://packagecloud.io/install/repositories/rabbitmq/rabbitmq-server/script.deb.sh | bash && \
if [ $(lsb_release -cs) = focal ]; then RABBITMQ_VERSION=3.8.11-1; else RABBITMQ_VERSION=3.10 ; fi && \
curl -sL https://deb.nodesource.com/setup_6.x | bash - && \
apt-get -y update && \
apt-get -yq install \
adduser \
apt-utils \
bomstrip \
certbot \
curl \
gconf-service \
htop \
libasound2 \
libboost-regex-dev \
libcairo2 \
libcurl3-gnutls \
libcurl4 \
libgtk-3-0 \
libcurl3 \
libgconf2-4 \
libgtkglext1 \
libnspr4 \
libnss3 \
libnss3-nssdb \
libstdc++6 \
libxml2 \
libxss1 \
libxtst6 \
mysql-client \
nano \
net-tools \
netcat-openbsd \
netcat \
nginx-extras \
nodejs \
postgresql \
postgresql-client \
pwgen \
rabbitmq-server=${RABBITMQ_VERSION}* \
rabbitmq-server \
redis-server \
software-properties-common \
sudo \
supervisor \
ttf-mscorefonts-installer \
xvfb \
zlib1g && \
if [ $(ls -l /usr/share/fonts/truetype/msttcorefonts | wc -l) -ne 61 ]; \
then echo 'msttcorefonts failed to download'; exit 1; fi && \
echo "SERVER_ADDITIONAL_ERL_ARGS=\"+S 1:1\"" | tee -a /etc/rabbitmq/rabbitmq-env.conf && \
sed -i "s/bind .*/bind 127.0.0.1/g" /etc/redis/redis.conf && \
sed 's|\(application\/zip.*\)|\1\n application\/wasm wasm;|' -i /etc/nginx/mime.types && \
pg_conftool $PG_VERSION main set listen_addresses 'localhost' && \
service postgresql restart && \
sudo -u postgres psql -c "CREATE DATABASE $ONLYOFFICE_VALUE;" && \
sudo -u postgres psql -c "CREATE USER $ONLYOFFICE_VALUE WITH password '$ONLYOFFICE_VALUE';" && \
sudo -u postgres psql -c "GRANT ALL privileges ON DATABASE $ONLYOFFICE_VALUE TO $ONLYOFFICE_VALUE;" && \
sudo -u postgres psql -c "CREATE DATABASE onlyoffice;" && \
sudo -u postgres psql -c "CREATE USER onlyoffice WITH password 'onlyoffice';" && \
sudo -u postgres psql -c "GRANT ALL privileges ON DATABASE onlyoffice TO onlyoffice;" && \
service postgresql stop && \
service redis-server stop && \
service rabbitmq-server stop && \
@ -72,34 +52,24 @@ RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \
service nginx stop && \
rm -rf /var/lib/apt/lists/*
COPY config /app/ds/setup/config/
COPY run-document-server.sh /app/ds/run-document-server.sh
COPY config /app/onlyoffice/setup/config/
COPY run-document-server.sh /app/onlyoffice/run-document-server.sh
EXPOSE 80 443
ARG COMPANY_NAME=onlyoffice
ARG PRODUCT_NAME=documentserver
ARG PRODUCT_EDITION=
ARG PACKAGE_VERSION=
ARG TARGETARCH
ARG PACKAGE_BASEURL="http://download.onlyoffice.com/install/documentserver/linux"
ARG REPO_URL="deb http://download.onlyoffice.com/repo/debian squeeze main"
ARG PRODUCT_NAME=onlyoffice-documentserver
ENV COMPANY_NAME=$COMPANY_NAME \
PRODUCT_NAME=$PRODUCT_NAME \
PRODUCT_EDITION=$PRODUCT_EDITION
RUN PACKAGE_FILE="${COMPANY_NAME}-${PRODUCT_NAME}${PRODUCT_EDITION}${PACKAGE_VERSION:+_$PACKAGE_VERSION}_${TARGETARCH:-$(dpkg --print-architecture)}.deb" && \
wget -q -P /tmp "$PACKAGE_BASEURL/$PACKAGE_FILE" && \
RUN echo "$REPO_URL" | tee /etc/apt/sources.list.d/onlyoffice.list && \
apt-get -y update && \
service postgresql start && \
apt-get -yq install /tmp/$PACKAGE_FILE && \
apt-get --allow-unauthenticated -yq install $PRODUCT_NAME && \
service postgresql stop && \
service supervisor stop && \
chmod 755 /app/ds/*.sh && \
rm -f /tmp/$PACKAGE_FILE && \
rm -rf /var/log/$COMPANY_NAME && \
chmod 755 /app/onlyoffice/*.sh && \
rm -rf /var/log/onlyoffice && \
rm -rf /var/lib/apt/lists/*
VOLUME /var/log/$COMPANY_NAME /var/lib/$COMPANY_NAME /var/www/$COMPANY_NAME/Data /var/lib/postgresql /var/lib/rabbitmq /var/lib/redis /usr/share/fonts/truetype/custom
VOLUME /etc/onlyoffice /var/log/onlyoffice /var/lib/onlyoffice /var/www/onlyoffice/Data /var/lib/postgresql /usr/share/fonts/truetype/custom
ENTRYPOINT ["/app/ds/run-document-server.sh"]
CMD bash -C '/app/onlyoffice/run-document-server.sh';'bash'

View file

@ -1,73 +1,46 @@
COMPANY_NAME ?= ONLYOFFICE
GIT_BRANCH ?= develop
PRODUCT_NAME ?= DocumentServer
PRODUCT_EDITION ?=
COMPANY_NAME ?= onlyoffice
GIT_BRANCH ?= origin/develop
PRODUCT_NAME ?= documentserver-ie
PRODUCT_VERSION ?= 0.0.0
BUILD_NUMBER ?= 0
ONLYOFFICE_VALUE ?= onlyoffice
S3_BUCKET ?= repo-doc-onlyoffice-com
RELEASE_BRANCH ?= unstable
COMPANY_NAME_LOW = $(shell echo $(COMPANY_NAME) | tr A-Z a-z)
PRODUCT_NAME_LOW = $(shell echo $(PRODUCT_NAME) | tr A-Z a-z)
COMPANY_NAME_LOW_ESCAPED = $(subst -,,$(COMPANY_NAME_LOW))
PACKAGE_NAME := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME_LOW)$(PRODUCT_EDITION)
PACKAGE_VERSION := $(PRODUCT_VERSION)-$(BUILD_NUMBER)
PACKAGE_BASEURL := https://s3.eu-west-1.amazonaws.com/$(S3_BUCKET)/$(COMPANY_NAME_LOW)/$(RELEASE_BRANCH)/ubuntu
ifeq ($(RELEASE_BRANCH),$(filter $(RELEASE_BRANCH),unstable testing))
DOCKER_TAG := $(subst -,.,$(PACKAGE_VERSION))
REPO_URL := "deb http://repo-doc-onlyoffice-com.s3.amazonaws.com/ubuntu/trusty/$(COMPANY_NAME)-$(PRODUCT_NAME)/$(GIT_BRANCH)/$(PACKAGE_VERSION)/ repo/"
UPDATE_LATEST := false
ifneq (,$(findstring develop,$(GIT_BRANCH)))
DOCKER_TAGS += $(subst -,.,$(PACKAGE_VERSION))
DOCKER_TAGS += latest
else ifneq (,$(findstring release,$(GIT_BRANCH)))
DOCKER_TAGS += $(subst -,.,$(PACKAGE_VERSION))
else ifneq (,$(findstring hotfix,$(GIT_BRANCH)))
DOCKER_TAGS += $(subst -,.,$(PACKAGE_VERSION))
else
DOCKER_TAG := $(subst -,.,$(PACKAGE_VERSION))-$(subst /,-,$(GIT_BRANCH))
DOCKER_TAGS += $(subst -,.,$(PACKAGE_VERSION))-$(subst /,-,$(GIT_BRANCH))
endif
DOCKER_IMAGE := $(subst -,,$(COMPANY_NAME_LOW))/4testing-$(PRODUCT_NAME_LOW)$(PRODUCT_EDITION)
DOCKER_DUMMY := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME_LOW)$(PRODUCT_EDITION)__$(DOCKER_TAG).dummy
DOCKER_ARCH := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME_LOW)_$(PACKAGE_VERSION).tar.gz
DOCKER_ARCH_URI := $(COMPANY_NAME_LOW)/$(RELEASE_BRANCH)/docker/$(notdir $(DOCKER_ARCH))
DOCKER_REPO = $(COMPANY_NAME)/4testing-$(PRODUCT_NAME)
.PHONY: all clean clean-docker image deploy docker publish
COLON := __colon__
DOCKER_TARGETS := $(foreach TAG,$(DOCKER_TAGS),$(DOCKER_REPO)$(COLON)$(TAG))
$(DOCKER_DUMMY):
docker pull ubuntu:20.04
docker build \
--build-arg COMPANY_NAME=$(COMPANY_NAME_LOW) \
--build-arg PRODUCT_NAME=$(PRODUCT_NAME_LOW) \
--build-arg PRODUCT_EDITION=$(PRODUCT_EDITION) \
--build-arg PACKAGE_VERSION=$(PACKAGE_VERSION) \
--build-arg PACKAGE_BASEURL=$(PACKAGE_BASEURL) \
--build-arg TARGETARCH=amd64 \
--build-arg ONLYOFFICE_VALUE=$(ONLYOFFICE_VALUE) \
-t $(DOCKER_IMAGE):$(DOCKER_TAG) . && \
.PHONY: all clean clean-docker deploy docker
$(DOCKER_TARGETS): $(DEB_REPO_DATA)
sudo docker build --build-arg REPO_URL=$(REPO_URL) --build-arg PRODUCT_NAME=$(COMPANY_NAME)-$(PRODUCT_NAME) -t $(subst $(COLON),:,$@) . &&\
mkdir -p $$(dirname $@) &&\
echo "Done" > $@
$(DOCKER_ARCH): $(DOCKER_DUMMY)
docker save $(DOCKER_IMAGE):$(DOCKER_TAG) | \
gzip > $@
all: image
all: $(DOCKER_TARGETS)
clean:
rm -rfv *.dummy *.tar.gz
rm -rfv $(DOCKER_TARGETS)
clean-docker:
docker rmi -f $$(docker images -q $(COMPANY_NAME_LOW)/*) || exit 0
sudo docker rmi -f $$(sudo docker images -q $(COMPANY_NAME)/*) || exit 0
image: $(DOCKER_DUMMY)
deploy: $(DOCKER_DUMMY)
for i in {1..3}; do \
docker push $(DOCKER_IMAGE):$(DOCKER_TAG) && break || sleep 1m; \
done
ifeq ($(RELEASE_BRANCH),unstable)
docker tag $(DOCKER_IMAGE):$(DOCKER_TAG) $(DOCKER_IMAGE):latest
for i in {1..3}; do \
docker push $(DOCKER_IMAGE):latest && break || sleep 1m; \
done
endif
publish: $(DOCKER_ARCH)
aws s3 cp --no-progress --acl public-read \
$(DOCKER_ARCH) s3://$(S3_BUCKET)/$(DOCKER_ARCH_URI)
deploy: $(DOCKER_TARGETS)
$(foreach TARGET,$(DOCKER_TARGETS),sudo docker push $(subst $(COLON),:,$(TARGET));)

100
README.md
View file

@ -13,7 +13,6 @@
* [Installing ONLYOFFICE Document Server integrated with Community and Mail Servers](#installing-onlyoffice-document-server-integrated-with-community-and-mail-servers)
* [Issues](#issues)
- [Docker Issues](#docker-issues)
- [Document Server usage Issues](#document-server-usage-issues)
* [Project Information](#project-information)
* [User Feedback and Support](#user-feedback-and-support)
@ -21,12 +20,6 @@
ONLYOFFICE Document Server is an online office suite comprising viewers and editors for texts, spreadsheets and presentations, fully compatible with Office Open XML formats: .docx, .xlsx, .pptx and enabling collaborative editing in real time.
Starting from version 6.0, Document Server is distributed as ONLYOFFICE Docs. It has [three editions](https://github.com/ONLYOFFICE/DocumentServer#onlyoffice-document-server-editions). With this image, you will install the free Community version.
ONLYOFFICE Docs can be used as a part of ONLYOFFICE Workspace or with third-party sync&share solutions (e.g. Nextcloud, ownCloud, Seafile) to enable collaborative editing within their interface.
***Important*** Please update `docker-enginge` to latest version (`20.10.21` as of writing this doc) before using it. We use `ubuntu:22.04` as base image and it older versions of docker have compatibility problems with it
## Functionality ##
* ONLYOFFICE Document Editor
* ONLYOFFICE Spreadsheet Editor
@ -73,8 +66,6 @@ To get access to your data from outside the container, you need to mount the vol
-v /app/onlyoffice/DocumentServer/logs:/var/log/onlyoffice \
-v /app/onlyoffice/DocumentServer/data:/var/www/onlyoffice/Data \
-v /app/onlyoffice/DocumentServer/lib:/var/lib/onlyoffice \
-v /app/onlyoffice/DocumentServer/rabbitmq:/var/lib/rabbitmq \
-v /app/onlyoffice/DocumentServer/redis:/var/lib/redis \
-v /app/onlyoffice/DocumentServer/db:/var/lib/postgresql onlyoffice/documentserver
Normally, you do not need to store container data because the container's operation does not depend on its state. Saving data will be useful:
@ -102,17 +93,10 @@ To secure the application via SSL basically two things are needed:
So you need to create and install the following files:
/app/onlyoffice/DocumentServer/data/certs/tls.key
/app/onlyoffice/DocumentServer/data/certs/tls.crt
/app/onlyoffice/DocumentServer/data/certs/onlyoffice.key
/app/onlyoffice/DocumentServer/data/certs/onlyoffice.crt
When using CA certified certificates (e.g [Let's encrypt](https://letsencrypt.org)), these files are provided to you by the CA. If you are using self-signed certificates you need to generate these files [yourself](#generation-of-self-signed-certificates).
#### Using the automatically generated Let's Encrypt SSL Certificates
sudo docker run -i -t -d -p 80:80 -p 443:443 \
-e LETS_ENCRYPT_DOMAIN=your_domain -e LETS_ENCRYPT_MAIL=your_mail onlyoffice/documentserver
If you want to get and extend Let's Encrypt SSL Certificates automatically just set LETS_ENCRYPT_DOMAIN and LETS_ENCRYPT_MAIL variables.
When using CA certified certificates, these files are provided to you by the CA. When using self-signed certificates you need to generate these files yourself. Skip the following section if you are have CA certified SSL certificates.
#### Generation of Self Signed Certificates
@ -121,19 +105,19 @@ Generation of self-signed SSL certificates involves a simple 3 step procedure.
**STEP 1**: Create the server private key
```bash
openssl genrsa -out tls.key 2048
openssl genrsa -out onlyoffice.key 2048
```
**STEP 2**: Create the certificate signing request (CSR)
```bash
openssl req -new -key tls.key -out tls.csr
openssl req -new -key onlyoffice.key -out onlyoffice.csr
```
**STEP 3**: Sign the certificate using the private key and CSR
```bash
openssl x509 -req -days 365 -in tls.csr -signkey tls.key -out tls.crt
openssl x509 -req -days 365 -in onlyoffice.csr -signkey onlyoffice.key -out onlyoffice.crt
```
You have now generated an SSL certificate that's valid for 365 days.
@ -149,18 +133,18 @@ openssl dhparam -out dhparam.pem 2048
#### Installation of the SSL Certificates
Out of the four files generated above, you need to install the `tls.key`, `tls.crt` and `dhparam.pem` files at the onlyoffice server. The CSR file is not needed, but do make sure you safely backup the file (in case you ever need it again).
Out of the four files generated above, you need to install the `onlyoffice.key`, `onlyoffice.crt` and `dhparam.pem` files at the onlyoffice server. The CSR file is not needed, but do make sure you safely backup the file (in case you ever need it again).
The default path that the onlyoffice application is configured to look for the SSL certificates is at `/var/www/onlyoffice/Data/certs`, this can however be changed using the `SSL_KEY_PATH`, `SSL_CERTIFICATE_PATH` and `SSL_DHPARAM_PATH` configuration options.
The `/var/www/onlyoffice/Data/` path is the path of the data store, which means that you have to create a folder named certs inside `/app/onlyoffice/DocumentServer/data/` and copy the files into it and as a measure of security you will update the permission on the `tls.key` file to only be readable by the owner.
The `/var/www/onlyoffice/Data/` path is the path of the data store, which means that you have to create a folder named certs inside `/app/onlyoffice/DocumentServer/data/` and copy the files into it and as a measure of security you will update the permission on the `onlyoffice.key` file to only be readable by the owner.
```bash
mkdir -p /app/onlyoffice/DocumentServer/data/certs
cp tls.key /app/onlyoffice/DocumentServer/data/certs/
cp tls.crt /app/onlyoffice/DocumentServer/data/certs/
cp onlyoffice.key /app/onlyoffice/DocumentServer/data/certs/
cp onlyoffice.crt /app/onlyoffice/DocumentServer/data/certs/
cp dhparam.pem /app/onlyoffice/DocumentServer/data/certs/
chmod 400 /app/onlyoffice/DocumentServer/data/certs/tls.key
chmod 400 /app/onlyoffice/DocumentServer/data/certs/onlyoffice.key
```
You are now just one step away from having our application secured.
@ -173,37 +157,23 @@ Below is the complete list of parameters that can be set using environment varia
- **ONLYOFFICE_HTTPS_HSTS_ENABLED**: Advanced configuration option for turning off the HSTS configuration. Applicable only when SSL is in use. Defaults to `true`.
- **ONLYOFFICE_HTTPS_HSTS_MAXAGE**: Advanced configuration option for setting the HSTS max-age in the onlyoffice nginx vHost configuration. Applicable only when SSL is in use. Defaults to `31536000`.
- **SSL_CERTIFICATE_PATH**: The path to the SSL certificate to use. Defaults to `/var/www/onlyoffice/Data/certs/tls.crt`.
- **SSL_KEY_PATH**: The path to the SSL certificate's private key. Defaults to `/var/www/onlyoffice/Data/certs/tls.key`.
- **SSL_CERTIFICATE_PATH**: The path to the SSL certificate to use. Defaults to `/var/www/onlyoffice/Data/certs/onlyoffice.crt`.
- **SSL_KEY_PATH**: The path to the SSL certificate's private key. Defaults to `/var/www/onlyoffice/Data/certs/onlyoffice.key`.
- **SSL_DHPARAM_PATH**: The path to the Diffie-Hellman parameter. Defaults to `/var/www/onlyoffice/Data/certs/dhparam.pem`.
- **SSL_VERIFY_CLIENT**: Enable verification of client certificates using the `CA_CERTIFICATES_PATH` file. Defaults to `false`
- **DB_TYPE**: The database type. Supported values are `postgres`, `mariadb` or `mysql`. Defaults to `postgres`.
- **DB_HOST**: The IP address or the name of the host where the database server is running.
- **DB_PORT**: The database server port number.
- **DB_NAME**: The name of a database to use. Should be existing on container startup.
- **DB_USER**: The new user name with superuser permissions for the database account.
- **DB_PWD**: The password set for the database account.
- **AMQP_URI**: The [AMQP URI](https://www.rabbitmq.com/uri-spec.html "RabbitMQ URI Specification") to connect to message broker server.
- **AMQP_TYPE**: The message broker type. Supported values are `rabbitmq` or `activemq`. Defaults to `rabbitmq`.
- **POSTGRESQL_SERVER_HOST**: The IP address or the name of the host where the PostgreSQL server is running.
- **POSTGRESQL_SERVER_PORT**: The PostgreSQL server port number.
- **POSTGRESQL_SERVER_DB_NAME**: The name of a PostgreSQL database to be created on the image startup.
- **POSTGRESQL_SERVER_USER**: The new user name with superuser permissions for the PostgreSQL account.
- **POSTGRESQL_SERVER_PASS**: The password set for the PostgreSQL account.
- **RABBITMQ_SERVER_URL**: The [AMQP URL](http://www.rabbitmq.com/uri-spec.html "RabbitMQ URI Specification") to connect to RabbitMQ server.
- **REDIS_SERVER_HOST**: The IP address or the name of the host where the Redis server is running.
- **REDIS_SERVER_PORT**: The Redis server port number.
- **REDIS_SERVER_PASS**: The Redis server password. The password is not set by default.
- **NGINX_WORKER_PROCESSES**: Defines the number of nginx worker processes.
- **NGINX_WORKER_CONNECTIONS**: Sets the maximum number of simultaneous connections that can be opened by a nginx worker process.
- **SECURE_LINK_SECRET**: Defines secret for the nginx config directive [secure_link_md5](http://nginx.org/ru/docs/http/ngx_http_secure_link_module.html#secure_link_md5). Defaults to `random string`.
- **JWT_ENABLED**: Specifies the enabling the JSON Web Token validation by the ONLYOFFICE Document Server. Defaults to `true`.
- **JWT_SECRET**: Defines the secret key to validate the JSON Web Token in the request to the ONLYOFFICE Document Server. Defaults to random value.
- **JWT_ENABLED**: Specifies the enabling the JSON Web Token validation by the ONLYOFFICE Document Server. Defaults to `false`.
- **JWT_SECRET**: Defines the secret key to validate the JSON Web Token in the request to the ONLYOFFICE Document Server. Defaults to `secret`.
- **JWT_HEADER**: Defines the http header that will be used to send the JSON Web Token. Defaults to `Authorization`.
- **JWT_IN_BODY**: Specifies the enabling the token validation in the request body to the ONLYOFFICE Document Server. Defaults to `false`.
- **WOPI_ENABLED**: Specifies the enabling the wopi handlers. Defaults to `false`.
- **USE_UNAUTHORIZED_STORAGE**: Set to `true`if using selfsigned certificates for your storage server e.g. Nextcloud. Defaults to `false`
- **GENERATE_FONTS**: When 'true' regenerates fonts list and the fonts thumbnails etc. at each start. Defaults to `true`
- **METRICS_ENABLED**: Specifies the enabling StatsD for ONLYOFFICE Document Server. Defaults to `false`.
- **METRICS_HOST**: Defines StatsD listening host. Defaults to `localhost`.
- **METRICS_PORT**: Defines StatsD listening port. Defaults to `8125`.
- **METRICS_PREFIX**: Defines StatsD metrics prefix for backend services. Defaults to `ds.`.
- **LETS_ENCRYPT_DOMAIN**: Defines the domain for Let's Encrypt certificate.
- **LETS_ENCRYPT_MAIL**: Defines the domain administator mail address for Let's Encrypt certificate.
## Installing ONLYOFFICE Document Server integrated with Community and Mail Servers
@ -249,7 +219,7 @@ sudo docker run --init --net onlyoffice --privileged -i -t -d --restart=always -
onlyoffice/mailserver
```
The additional parameters for mail server are available [here](https://github.com/ONLYOFFICE/Docker-CommunityServer/blob/master/docker-compose.workspace_enterprise.yml#L87).
The additional parameters for mail server are available [here](https://github.com/ONLYOFFICE/Docker-CommunityServer/blob/master/docker-compose.yml#L75).
To learn more, refer to the [ONLYOFFICE Mail Server documentation](https://github.com/ONLYOFFICE/Docker-MailServer "ONLYOFFICE Mail Server documentation").
@ -287,7 +257,7 @@ Alternatively, you can use an automatic installation script to install the whole
**STEP 1**: Download the Community Edition Docker script file
```bash
wget https://download.onlyoffice.com/install/opensource-install.sh
wget http://download.onlyoffice.com/install/opensource-install.sh
```
**STEP 2**: Install ONLYOFFICE Community Edition executing the following command:
@ -299,7 +269,7 @@ bash opensource-install.sh -md yourdomain.com
Or, use [docker-compose](https://docs.docker.com/compose/install "docker-compose"). For the mail server correct work you need to specify its hostname 'yourdomain.com'. Assuming you have docker-compose installed, execute the following command:
```bash
wget https://raw.githubusercontent.com/ONLYOFFICE/Docker-CommunityServer/master/docker-compose.groups.yml
wget https://raw.githubusercontent.com/ONLYOFFICE/Docker-CommunityServer/master/docker-compose.yml
docker-compose up -d
```
@ -311,19 +281,9 @@ As a relatively new project Docker is being worked on and actively developed by
The known Docker issue with ONLYOFFICE Document Server with rpm-based distributives is that sometimes the processes fail to start inside Docker container. Fedora and RHEL/CentOS users should try disabling selinux with setenforce 0. If it fixes the issue then you can either stick with SELinux disabled which is not recommended by RedHat, or switch to using Ubuntu.
### Document Server usage issues
Due to the operational characteristic, **Document Server** saves a document only after the document has been closed by all the users who edited it. To avoid data loss, you must forcefully disconnect the **Document Server** users when you need to stop **Document Server** in cases of the application update, server reboot etc. To do that, execute the following script on the server where **Document Server** is installed:
```
sudo docker exec <CONTAINER> documentserver-prepare4shutdown.sh
```
Please note, that both executing the script and disconnecting users may take a long time (up to 5 minutes).
## Project Information
Official website: [https://www.onlyoffice.com](https://www.onlyoffice.com/?utm_source=github&utm_medium=cpc&utm_campaign=GitHubDockerDS)
Official website: [http://www.onlyoffice.org](http://onlyoffice.org "http://www.onlyoffice.org")
Code repository: [https://github.com/ONLYOFFICE/DocumentServer](https://github.com/ONLYOFFICE/DocumentServer "https://github.com/ONLYOFFICE/DocumentServer")
@ -331,13 +291,11 @@ Docker Image: [https://github.com/ONLYOFFICE/Docker-DocumentServer](https://gith
License: [GNU AGPL v3.0](https://help.onlyoffice.com/products/files/doceditor.aspx?fileid=4358397&doc=K0ZUdlVuQzQ0RFhhMzhZRVN4ZFIvaHlhUjN2eS9XMXpKR1M5WEppUk1Gcz0_IjQzNTgzOTci0 "GNU AGPL v3.0")
Free version vs commercial builds comparison: https://github.com/ONLYOFFICE/DocumentServer#onlyoffice-document-server-editions
SaaS version: [https://www.onlyoffice.com/cloud-office.aspx](https://www.onlyoffice.com/cloud-office.aspx?utm_source=github&utm_medium=cpc&utm_campaign=GitHubDockerDS)
SaaS version: [http://www.onlyoffice.com](http://www.onlyoffice.com "http://www.onlyoffice.com")
## User Feedback and Support
If you have any problems with or questions about this image, please visit our official forum to find answers to your questions: [forum.onlyoffice.com][1] or you can ask and answer ONLYOFFICE development questions on [Stack Overflow][2].
If you have any problems with or questions about this image, please visit our official forum to find answers to your questions: [dev.onlyoffice.org][1] or you can ask and answer ONLYOFFICE development questions on [Stack Overflow][2].
[1]: https://forum.onlyoffice.com
[2]: https://stackoverflow.com/questions/tagged/onlyoffice
[1]: http://dev.onlyoffice.org
[2]: http://stackoverflow.com/questions/tagged/onlyoffice

View file

@ -1,108 +0,0 @@
version: '2.1'
x-ds-image:
&ds-image
${COMPANY_NAME:-onlyoffice}/${PRODUCT_NAME:-documentserver-de}:${PRODUCT_VERSION:-latest}
services:
onlyoffice-documentserver-data:
container_name: onlyoffice-documentserver-data
image: *ds-image
environment:
- ONLYOFFICE_DATA_CONTAINER=true
- DB_HOST=onlyoffice-postgresql
- DB_PORT=5432
- DB_NAME=onlyoffice
- DB_USER=onlyoffice
- AMQP_URI=amqp://guest:guest@onlyoffice-rabbitmq
- REDIS_SERVER_HOST=onlyoffice-redis
- REDIS_SERVER_PORT=6379
# Uncomment strings below to enable the JSON Web Token validation.
#- JWT_ENABLED=true
#- JWT_SECRET=secret
#- JWT_HEADER=Authorization
#- JWT_IN_BODY=true
stdin_open: true
restart: always
volumes:
- /etc/onlyoffice
- /var/www/onlyoffice/Data
- /var/log/onlyoffice
- /var/lib/onlyoffice/documentserver/App_Data/cache/files
- /var/www/onlyoffice/documentserver-example/public/files
- /usr/share/fonts
onlyoffice-documentserver:
image: *ds-image
depends_on:
- onlyoffice-documentserver-data
- onlyoffice-postgresql
- onlyoffice-redis
- onlyoffice-rabbitmq
environment:
- ONLYOFFICE_DATA_CONTAINER_HOST=onlyoffice-documentserver-data
- BALANCE=uri depth 3
- EXCLUDE_PORTS=443
- HTTP_CHECK=GET /healthcheck
- EXTRA_SETTINGS=http-check expect string true
# Uncomment the string below to redirect HTTP request to HTTPS request.
#- FORCE_SSL=true
stdin_open: true
restart: always
expose:
- '80'
volumes_from:
- onlyoffice-documentserver-data
onlyoffice-haproxy:
container_name: onlyoffice-haproxy
image: dockercloud/haproxy:1.5.1
depends_on:
- onlyoffice-documentserver
environment:
- MODE=http
# Uncomment the string below to specify the path of ssl certificates
#- CERT_FOLDER=/certs/
stdin_open: true
links:
- onlyoffice-documentserver
volumes:
- /var/run/docker.sock:/var/run/docker.sock
# Uncomment the string below to map a ssl certificate from host
# to the proxy container
#- /app/onlyoffice/DocumentServer/data/certs/onlyoffice.pem:/certs/cert1.pem
restart: always
ports:
- '80:80'
- '443:443'
- '1936:1936'
onlyoffice-redis:
container_name: onlyoffice-redis
image: redis
restart: always
expose:
- '6379'
onlyoffice-rabbitmq:
container_name: onlyoffice-rabbitmq
image: rabbitmq
restart: always
expose:
- '5672'
onlyoffice-postgresql:
container_name: onlyoffice-postgresql
image: postgres:9.5
environment:
- POSTGRES_DB=onlyoffice
- POSTGRES_USER=onlyoffice
- POSTGRES_HOST_AUTH_METHOD=trust
restart: always
expose:
- '5432'
volumes:
- postgresql_data:/var/lib/postgresql
volumes:
postgresql_data:

View file

@ -1,129 +0,0 @@
variable "TAG" {
default = ""
}
variable "SHORTER_TAG" {
default = ""
}
variable "SHORTEST_TAG" {
default = ""
}
variable "COMPANY_NAME" {
default = ""
}
variable "PREFIX_NAME" {
default = ""
}
variable "PRODUCT_EDITION" {
default = ""
}
variable "PRODUCT_NAME" {
default = ""
}
variable "PACKAGE_VERSION" {
default = ""
}
variable "DOCKERFILE" {
default = ""
}
variable "PLATFORM" {
default = ""
}
variable "PACKAGE_BASEURL" {
default = ""
}
variable "PACKAGE_FILE" {
default = ""
}
variable "RELEASE_BRANCH" {
default = ""
}
### Variables for UCS build
variable "BASE_IMAGE" {
default = ""
}
variable "PG_VERSION" {
default = ""
}
### Variables for UCS build
target "documentserver" {
target = "documentserver"
dockerfile = "${DOCKERFILE}"
tags = [
"docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}",
equal("unstable",RELEASE_BRANCH) ? "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:latest": "",
]
platforms = ["${PLATFORM}"]
args = {
"COMPANY_NAME": "${COMPANY_NAME}"
"PRODUCT_NAME": "${PRODUCT_NAME}"
"PRODUCT_EDITION": "${PRODUCT_EDITION}"
"PACKAGE_VERSION": "${PACKAGE_VERSION}"
"PACKAGE_BASEURL": "${PACKAGE_BASEURL}"
"PLATFORM": "${PLATFORM}"
}
}
target "documentserver-stable" {
target = "documentserver-stable"
dockerfile = "production.dockerfile"
tags = ["docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}",
"docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${SHORTER_TAG}",
"docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${SHORTEST_TAG}",
"docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:latest",
equal("-ee",PRODUCT_EDITION) ? "docker.io/${COMPANY_NAME}4enterprise/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}": "",]
platforms = ["linux/amd64", "linux/arm64"]
args = {
"TAG": "${TAG}"
"COMPANY_NAME": "${COMPANY_NAME}"
"PRODUCT_NAME": "${PRODUCT_NAME}"
"PRODUCT_EDITION": "${PRODUCT_EDITION}"
}
}
target "documentserver-ucs" {
target = "documentserver"
dockerfile = "${DOCKERFILE}"
tags = [
"docker.io/${COMPANY_NAME}/${PRODUCT_NAME}${PRODUCT_EDITION}-ucs:${TAG}"
]
platforms = ["linux/amd64", "linux/arm64"]
args = {
"PRODUCT_EDITION": "${PRODUCT_EDITION}"
"PRODUCT_NAME": "${PRODUCT_NAME}"
"COMPANY_NAME": "${COMPANY_NAME}"
"PACKAGE_VERSION": "${PACKAGE_VERSION}"
"PACKAGE_BASEURL": "${PACKAGE_BASEURL}"
"BASE_IMAGE": "${BASE_IMAGE}"
"PG_VERSION": "${PG_VERSION}"
}
}
target "documentserver-nonexample" {
target = "documentserver-nonexample"
dockerfile = "production.dockerfile"
tags = [ "docker.io/${COMPANY_NAME}/${PRODUCT_NAME}${PREFIX_NAME}${PRODUCT_EDITION}:${TAG}-nonexample" ]
platforms = ["linux/amd64", "linux/arm64"]
args = {
"TAG": "${TAG}"
"COMPANY_NAME": "${COMPANY_NAME}"
"PRODUCT_NAME": "${PRODUCT_NAME}"
"PRODUCT_EDITION": "${PRODUCT_EDITION}"
}
}

View file

@ -1,30 +1,21 @@
version: '2'
services:
onlyoffice-documentserver:
build:
context: .
container_name: onlyoffice-documentserver
depends_on:
- onlyoffice-postgresql
- onlyoffice-rabbitmq
onlyoffice-documentserver-data:
container_name: onlyoffice-documentserver-data
image: onlyoffice/documentserver:latest
environment:
- DB_TYPE=postgres
- DB_HOST=onlyoffice-postgresql
- DB_PORT=5432
- DB_NAME=onlyoffice
- DB_USER=onlyoffice
- AMQP_URI=amqp://guest:guest@onlyoffice-rabbitmq
# Uncomment strings below to enable the JSON Web Token validation.
#- JWT_ENABLED=true
#- JWT_SECRET=secret
#- JWT_HEADER=Authorization
#- JWT_IN_BODY=true
ports:
- '80:80'
- '443:443'
- ONLYOFFICE_DATA_CONTAINER=true
- POSTGRESQL_SERVER_HOST=onlyoffice-postgresql
- POSTGRESQL_SERVER_PORT=5432
- POSTGRESQL_SERVER_DB_NAME=onlyoffice
- POSTGRESQL_SERVER_USER=onlyoffice
- RABBITMQ_SERVER_URL=amqp://guest:guest@onlyoffice-rabbitmq
- REDIS_SERVER_HOST=onlyoffice-redis
- REDIS_SERVER_PORT=6379
stdin_open: true
restart: always
stop_grace_period: 60s
networks:
- onlyoffice
volumes:
- /var/www/onlyoffice/Data
- /var/log/onlyoffice
@ -32,10 +23,70 @@ services:
- /var/www/onlyoffice/documentserver-example/public/files
- /usr/share/fonts
onlyoffice-documentserver:
image: onlyoffice/documentserver:latest
depends_on:
- onlyoffice-documentserver-data
- onlyoffice-postgresql
- onlyoffice-redis
- onlyoffice-rabbitmq
environment:
- ONLYOFFICE_DATA_CONTAINER_HOST=onlyoffice-documentserver-data
- BALANCE=uri depth 3
- EXCLUDE_PORTS=443
- HTTP_CHECK=GET /healthcheck
- EXTRA_SETTINGS=http-check expect string true
# Uncomment the string below to redirect HTTP request to HTTPS request.
#- FORCE_SSL=true
stdin_open: true
restart: always
networks:
- onlyoffice
expose:
- '80'
volumes_from:
- onlyoffice-documentserver-data
onlyoffice-haproxy:
container_name: onlyoffice-haproxy
image: dockercloud/haproxy:1.5.1
depends_on:
- onlyoffice-documentserver
environment:
- MODE=http
# Uncomment the string below to specify the path of ssl certificates
#- CERT_FOLDER=/certs/
stdin_open: true
links:
- onlyoffice-documentserver
volumes:
- /var/run/docker.sock:/var/run/docker.sock
# Uncomment the string below to map a ssl certificate from host
# to the proxy container
#- /app/onlyoffice/DocumentServer/data/certs/onlyoffice.pem:/certs/cert1.pem
restart: always
networks:
- onlyoffice
ports:
- '80:80'
- '443:443'
- '1936:1936'
onlyoffice-redis:
container_name: onlyoffice-redis
image: redis
restart: always
networks:
- onlyoffice
expose:
- '6379'
onlyoffice-rabbitmq:
container_name: onlyoffice-rabbitmq
image: rabbitmq
restart: always
networks:
- onlyoffice
expose:
- '5672'
@ -45,12 +96,17 @@ services:
environment:
- POSTGRES_DB=onlyoffice
- POSTGRES_USER=onlyoffice
- POSTGRES_HOST_AUTH_METHOD=trust
networks:
- onlyoffice
restart: always
expose:
- '5432'
volumes:
- postgresql_data:/var/lib/postgresql
networks:
onlyoffice:
driver: 'bridge'
volumes:
postgresql_data:

View file

@ -1,24 +0,0 @@
### Arguments avavlivable only for FROM instruction ###
ARG TAG=latest
ARG COMPANY_NAME=onlyoffice
ARG PRODUCT_EDITION=
### Build main-release ###
FROM ${COMPANY_NAME}/4testing-documentserver${PRODUCT_EDITION}:${TAG} as documentserver-stable
### Build nonexample ###
FROM ${COMPANY_NAME}/documentserver${PRODUCT_EDITION}:${TAG} as documentserver-nonexample
ARG COMPANY_NAME=onlyoffice
ARG PRODUCT_NAME=documentserver
ARG DS_SUPERVISOR_CONF=/etc/supervisor/conf.d/ds.conf
### Remove all documentserver-example data ###
RUN rm -rf /var/www/$COMPANY_NAME/$PRODUCT_NAME-example \
&& rm -rf /etc/$COMPANY_NAME/$PRODUCT_NAME-example \
&& rm -f $DS_SUPERVISOR_CONF \
&& rm -f /etc/nginx/includes/ds-example.conf \
&& ln -s /etc/$COMPANY_NAME/$PRODUCT_NAME/supervisor/ds.conf $DS_SUPERVISOR_CONF

View file

@ -1,185 +1,73 @@
#!/bin/bash
umask 0022
function clean_exit {
/usr/bin/documentserver-prepare4shutdown.sh
}
trap clean_exit SIGTERM
# Define '**' behavior explicitly
shopt -s globstar
APP_DIR="/var/www/${COMPANY_NAME}/documentserver"
DATA_DIR="/var/www/${COMPANY_NAME}/Data"
PRIVATE_DATA_DIR="${DATA_DIR}/.private"
DS_RELEASE_DATE="${PRIVATE_DATA_DIR}/ds_release_date"
LOG_DIR="/var/log/${COMPANY_NAME}"
APP_DIR="/var/www/onlyoffice/documentserver"
DATA_DIR="/var/www/onlyoffice/Data"
LOG_DIR="/var/log/onlyoffice"
DS_LOG_DIR="${LOG_DIR}/documentserver"
LIB_DIR="/var/lib/${COMPANY_NAME}"
DS_LIB_DIR="${LIB_DIR}/documentserver"
CONF_DIR="/etc/${COMPANY_NAME}/documentserver"
IS_UPGRADE="false"
LIB_DIR="/var/lib/onlyoffice"
CONF_DIR="/etc/onlyoffice/documentserver"
ONLYOFFICE_DATA_CONTAINER=${ONLYOFFICE_DATA_CONTAINER:-false}
ONLYOFFICE_DATA_CONTAINER_HOST=${ONLYOFFICE_DATA_CONTAINER_HOST:-localhost}
ONLYOFFICE_DATA_CONTAINER_PORT=80
RELEASE_DATE="$(stat -c="%y" ${APP_DIR}/server/DocService/docservice | sed -r 's/=([0-9]+)-([0-9]+)-([0-9]+) ([0-9:.+ ]+)/\1-\2-\3/')";
if [ -f ${DS_RELEASE_DATE} ]; then
PREV_RELEASE_DATE=$(head -n 1 ${DS_RELEASE_DATE})
else
PREV_RELEASE_DATE="0"
fi
if [ "${RELEASE_DATE}" != "${PREV_RELEASE_DATE}" ]; then
if [ ${ONLYOFFICE_DATA_CONTAINER} != "true" ]; then
IS_UPGRADE="true";
fi
fi
SSL_CERTIFICATES_DIR="/usr/share/ca-certificates/ds"
mkdir -p ${SSL_CERTIFICATES_DIR}
if [[ -d ${DATA_DIR}/certs ]] && [ -e ${DATA_DIR}/certs/*.crt ]; then
cp -f ${DATA_DIR}/certs/* ${SSL_CERTIFICATES_DIR}
chmod 644 ${SSL_CERTIFICATES_DIR}/*.crt ${SSL_CERTIFICATES_DIR}/*.pem
chmod 400 ${SSL_CERTIFICATES_DIR}/*.key
fi
if [[ -z $SSL_CERTIFICATE_PATH ]] && [[ -f ${SSL_CERTIFICATES_DIR}/${COMPANY_NAME}.crt ]]; then
SSL_CERTIFICATE_PATH=${SSL_CERTIFICATES_DIR}/${COMPANY_NAME}.crt
else
SSL_CERTIFICATE_PATH=${SSL_CERTIFICATE_PATH:-${SSL_CERTIFICATES_DIR}/tls.crt}
fi
if [[ -z $SSL_KEY_PATH ]] && [[ -f ${SSL_CERTIFICATES_DIR}/${COMPANY_NAME}.key ]]; then
SSL_KEY_PATH=${SSL_CERTIFICATES_DIR}/${COMPANY_NAME}.key
else
SSL_KEY_PATH=${SSL_KEY_PATH:-${SSL_CERTIFICATES_DIR}/tls.key}
fi
SSL_CERTIFICATES_DIR="${DATA_DIR}/certs"
SSL_CERTIFICATE_PATH=${SSL_CERTIFICATE_PATH:-${SSL_CERTIFICATES_DIR}/onlyoffice.crt}
SSL_KEY_PATH=${SSL_KEY_PATH:-${SSL_CERTIFICATES_DIR}/onlyoffice.key}
CA_CERTIFICATES_PATH=${CA_CERTIFICATES_PATH:-${SSL_CERTIFICATES_DIR}/ca-certificates.pem}
SSL_DHPARAM_PATH=${SSL_DHPARAM_PATH:-${SSL_CERTIFICATES_DIR}/dhparam.pem}
SSL_VERIFY_CLIENT=${SSL_VERIFY_CLIENT:-off}
USE_UNAUTHORIZED_STORAGE=${USE_UNAUTHORIZED_STORAGE:-false}
ONLYOFFICE_HTTPS_HSTS_ENABLED=${ONLYOFFICE_HTTPS_HSTS_ENABLED:-true}
ONLYOFFICE_HTTPS_HSTS_MAXAGE=${ONLYOFFICE_HTTPS_HSTS_MAXAGE:-31536000}
SYSCONF_TEMPLATES_DIR="/app/ds/setup/config"
SYSCONF_TEMPLATES_DIR="/app/onlyoffice/setup/config"
NGINX_CONFD_PATH="/etc/nginx/conf.d";
NGINX_ONLYOFFICE_CONF="${NGINX_CONFD_PATH}/onlyoffice-documentserver.conf"
NGINX_ONLYOFFICE_PATH="${CONF_DIR}/nginx"
NGINX_ONLYOFFICE_CONF="${NGINX_ONLYOFFICE_PATH}/ds.conf"
NGINX_ONLYOFFICE_EXAMPLE_PATH="${CONF_DIR}-example/nginx"
NGINX_ONLYOFFICE_EXAMPLE_CONF="${NGINX_ONLYOFFICE_EXAMPLE_PATH}/includes/ds-example.conf"
NGINX_ONLYOFFICE_EXAMPLE_CONF="${NGINX_ONLYOFFICE_EXAMPLE_PATH}/includes/onlyoffice-documentserver-example.conf"
NGINX_CONFIG_PATH="/etc/nginx/nginx.conf"
NGINX_WORKER_PROCESSES=${NGINX_WORKER_PROCESSES:-1}
# Limiting the maximum number of simultaneous connections due to possible memory shortage
[ $(ulimit -n) -gt 1048576 ] && NGINX_WORKER_CONNECTIONS=${NGINX_WORKER_CONNECTIONS:-1048576} || NGINX_WORKER_CONNECTIONS=${NGINX_WORKER_CONNECTIONS:-$(ulimit -n)}
NGINX_WORKER_CONNECTIONS=${NGINX_WORKER_CONNECTIONS:-$(ulimit -n)}
JWT_ENABLED=${JWT_ENABLED:-true}
# validate user's vars before usinig in json
if [ "${JWT_ENABLED}" == "true" ]; then
JWT_ENABLED="true"
else
JWT_ENABLED="false"
fi
[ -z $JWT_SECRET ] && JWT_MESSAGE='JWT is enabled by default. A random secret is generated automatically. Run the command "docker exec $(sudo docker ps -q) sudo documentserver-jwt-status.sh" to get information about JWT.'
JWT_SECRET=${JWT_SECRET:-$(pwgen -s 20)}
JWT_ENABLED=${JWT_ENABLED:-false}
JWT_SECRET=${JWT_SECRET:-secret}
JWT_HEADER=${JWT_HEADER:-Authorization}
JWT_IN_BODY=${JWT_IN_BODY:-false}
WOPI_ENABLED=${WOPI_ENABLED:-false}
GENERATE_FONTS=${GENERATE_FONTS:-true}
if [[ ${PRODUCT_NAME}${PRODUCT_EDITION} == "documentserver" ]]; then
REDIS_ENABLED=false
else
REDIS_ENABLED=true
fi
ONLYOFFICE_DEFAULT_CONFIG=${CONF_DIR}/local.json
ONLYOFFICE_DEFAULT_CONFIG=${CONF_DIR}/default.json
ONLYOFFICE_LOG4JS_CONFIG=${CONF_DIR}/log4js/production.json
ONLYOFFICE_EXAMPLE_CONFIG=${CONF_DIR}-example/local.json
ONLYOFFICE_EXAMPLE_CONFIG=${CONF_DIR}-example/default.json
JSON_BIN=${APP_DIR}/npm/json
JSON="${JSON_BIN} -q -f ${ONLYOFFICE_DEFAULT_CONFIG}"
JSON_LOG="${JSON_BIN} -q -f ${ONLYOFFICE_LOG4JS_CONFIG}"
JSON_EXAMPLE="${JSON_BIN} -q -f ${ONLYOFFICE_EXAMPLE_CONFIG}"
JSON="json -q -f ${ONLYOFFICE_DEFAULT_CONFIG}"
JSON_LOG="json -q -f ${ONLYOFFICE_LOG4JS_CONFIG}"
JSON_EXAMPLE="json -q -f ${ONLYOFFICE_EXAMPLE_CONFIG}"
LOCAL_SERVICES=()
PG_ROOT=/var/lib/postgresql
PG_VERSION=9.5
PG_NAME=main
PGDATA=${PG_ROOT}/${PG_VERSION}/${PG_NAME}
PGDATA=/var/lib/postgresql/${PG_VERSION}/${PG_NAME}
PG_NEW_CLUSTER=false
RABBITMQ_DATA=/var/lib/rabbitmq
REDIS_DATA=/var/lib/redis
if [ "${LETS_ENCRYPT_DOMAIN}" != "" -a "${LETS_ENCRYPT_MAIL}" != "" ]; then
LETSENCRYPT_ROOT_DIR="/etc/letsencrypt/live"
SSL_CERTIFICATE_PATH=${LETSENCRYPT_ROOT_DIR}/${LETS_ENCRYPT_DOMAIN}/fullchain.pem
SSL_KEY_PATH=${LETSENCRYPT_ROOT_DIR}/${LETS_ENCRYPT_DOMAIN}/privkey.pem
fi
read_setting(){
deprecated_var POSTGRESQL_SERVER_HOST DB_HOST
deprecated_var POSTGRESQL_SERVER_PORT DB_PORT
deprecated_var POSTGRESQL_SERVER_DB_NAME DB_NAME
deprecated_var POSTGRESQL_SERVER_USER DB_USER
deprecated_var POSTGRESQL_SERVER_PASS DB_PWD
deprecated_var RABBITMQ_SERVER_URL AMQP_URI
deprecated_var AMQP_SERVER_URL AMQP_URI
deprecated_var AMQP_SERVER_TYPE AMQP_TYPE
METRICS_ENABLED="${METRICS_ENABLED:-false}"
METRICS_HOST="${METRICS_HOST:-localhost}"
METRICS_PORT="${METRICS_PORT:-8125}"
METRICS_PREFIX="${METRICS_PREFIX:-.ds}"
DB_HOST=${DB_HOST:-${POSTGRESQL_SERVER_HOST:-$(${JSON} services.CoAuthoring.sql.dbHost)}}
DB_TYPE=${DB_TYPE:-$(${JSON} services.CoAuthoring.sql.type)}
case $DB_TYPE in
"postgres")
DB_PORT=${DB_PORT:-"5432"}
;;
"mariadb"|"mysql")
DB_PORT=${DB_PORT:-"3306"}
;;
"")
DB_PORT=${DB_PORT:-${POSTGRESQL_SERVER_PORT:-$(${JSON} services.CoAuthoring.sql.dbPort)}}
;;
*)
echo "ERROR: unknown database type"
exit 1
;;
esac
DB_NAME=${DB_NAME:-${POSTGRESQL_SERVER_DB_NAME:-$(${JSON} services.CoAuthoring.sql.dbName)}}
DB_USER=${DB_USER:-${POSTGRESQL_SERVER_USER:-$(${JSON} services.CoAuthoring.sql.dbUser)}}
DB_PWD=${DB_PWD:-${POSTGRESQL_SERVER_PASS:-$(${JSON} services.CoAuthoring.sql.dbPass)}}
POSTGRESQL_SERVER_HOST=${POSTGRESQL_SERVER_HOST:-$(${JSON} services.CoAuthoring.sql.dbHost)}
POSTGRESQL_SERVER_PORT=${POSTGRESQL_SERVER_PORT:-$(${JSON} services.CoAuthoring.sql.dbPort)}
POSTGRESQL_SERVER_DB_NAME=${POSTGRESQL_SERVER_DB_NAME:-$(${JSON} services.CoAuthoring.sql.dbName)}
POSTGRESQL_SERVER_USER=${POSTGRESQL_SERVER_USER:-$(${JSON} services.CoAuthoring.sql.dbUser)}
POSTGRESQL_SERVER_PASS=${POSTGRESQL_SERVER_PASS:-$(${JSON} services.CoAuthoring.sql.dbPass)}
RABBITMQ_SERVER_URL=${RABBITMQ_SERVER_URL:-$(${JSON} rabbitmq.url)}
AMQP_URI=${AMQP_URI:-${AMQP_SERVER_URL:-${RABBITMQ_SERVER_URL}}}
AMQP_TYPE=${AMQP_TYPE:-${AMQP_SERVER_TYPE:-rabbitmq}}
parse_rabbitmq_url ${AMQP_URI}
parse_rabbitmq_url
REDIS_SERVER_HOST=${REDIS_SERVER_HOST:-$(${JSON} services.CoAuthoring.redis.host)}
REDIS_SERVER_PORT=${REDIS_SERVER_PORT:-6379}
REDIS_SERVER_PORT=${REDIS_SERVER_PORT:-$(${JSON} services.CoAuthoring.redis.port)}
DS_LOG_LEVEL=${DS_LOG_LEVEL:-$(${JSON_LOG} categories.default.level)}
}
deprecated_var() {
if [[ -n ${!1} ]]; then
echo "Variable $1 is deprecated. Use $2 instead."
fi
DS_LOG_LEVEL=${DS_LOG_LEVEL:-$(${JSON_LOG} levels.nodeJS)}
}
parse_rabbitmq_url(){
local amqp=$1
local amqp=${RABBITMQ_SERVER_URL}
# extract the protocol
local proto="$(echo $amqp | grep :// | sed -e's,^\(.*://\).*,\1,g')"
@ -200,7 +88,7 @@ parse_rabbitmq_url(){
# extract the host
local hostport="$(echo ${url/$userpass@/} | cut -d/ -f1)"
# by request - try to extract the port
local port="$(echo $hostport | grep : | sed -r 's_^.*:+|/.*$__g')"
local port="$(echo $hostport | sed -e 's,^.*:,:,g' -e 's,.*:\([0-9]*\).*,\1,g' -e 's,[^0-9],,g')"
local host
if [ -n "$port" ]; then
@ -213,11 +101,10 @@ parse_rabbitmq_url(){
# extract the path (if any)
local path="$(echo $url | grep / | cut -d/ -f2-)"
AMQP_SERVER_PROTO=${proto:0:-3}
AMQP_SERVER_HOST=$host
AMQP_SERVER_USER=$user
AMQP_SERVER_PASS=$pass
AMQP_SERVER_PORT=$port
RABBITMQ_SERVER_HOST=$host
RABBITMQ_SERVER_USER=$user
RABBITMQ_SERVER_PASS=$pass
RABBITMQ_SERVER_PORT=$port
}
waiting_for_connection(){
@ -227,12 +114,12 @@ waiting_for_connection(){
done
}
waiting_for_db(){
waiting_for_connection $DB_HOST $DB_PORT
waiting_for_postgresql(){
waiting_for_connection ${POSTGRESQL_SERVER_HOST} ${POSTGRESQL_SERVER_PORT}
}
waiting_for_amqp(){
waiting_for_connection ${AMQP_SERVER_HOST} ${AMQP_SERVER_PORT}
waiting_for_rabbitmq(){
waiting_for_connection ${RABBITMQ_SERVER_HOST} ${RABBITMQ_SERVER_PORT}
}
waiting_for_redis(){
@ -241,83 +128,28 @@ waiting_for_redis(){
waiting_for_datacontainer(){
waiting_for_connection ${ONLYOFFICE_DATA_CONTAINER_HOST} ${ONLYOFFICE_DATA_CONTAINER_PORT}
}
update_statsd_settings(){
${JSON} -I -e "if(this.statsd===undefined)this.statsd={};"
${JSON} -I -e "this.statsd.useMetrics = '${METRICS_ENABLED}'"
${JSON} -I -e "this.statsd.host = '${METRICS_HOST}'"
${JSON} -I -e "this.statsd.port = '${METRICS_PORT}'"
${JSON} -I -e "this.statsd.prefix = '${METRICS_PREFIX}'"
}
update_db_settings(){
${JSON} -I -e "this.services.CoAuthoring.sql.type = '${DB_TYPE}'"
${JSON} -I -e "this.services.CoAuthoring.sql.dbHost = '${DB_HOST}'"
${JSON} -I -e "this.services.CoAuthoring.sql.dbPort = '${DB_PORT}'"
${JSON} -I -e "this.services.CoAuthoring.sql.dbName = '${DB_NAME}'"
${JSON} -I -e "this.services.CoAuthoring.sql.dbUser = '${DB_USER}'"
${JSON} -I -e "this.services.CoAuthoring.sql.dbPass = '${DB_PWD}'"
update_postgresql_settings(){
${JSON} -I -e "this.services.CoAuthoring.sql.dbHost = '${POSTGRESQL_SERVER_HOST}'"
${JSON} -I -e "this.services.CoAuthoring.sql.dbPort = '${POSTGRESQL_SERVER_PORT}'"
${JSON} -I -e "this.services.CoAuthoring.sql.dbName = '${POSTGRESQL_SERVER_DB_NAME}'"
${JSON} -I -e "this.services.CoAuthoring.sql.dbUser = '${POSTGRESQL_SERVER_USER}'"
${JSON} -I -e "this.services.CoAuthoring.sql.dbPass = '${POSTGRESQL_SERVER_PASS}'"
}
update_rabbitmq_setting(){
if [ "${AMQP_TYPE}" == "rabbitmq" ]; then
${JSON} -I -e "if(this.queue===undefined)this.queue={};"
${JSON} -I -e "this.queue.type = 'rabbitmq'"
${JSON} -I -e "this.rabbitmq.url = '${AMQP_URI}'"
fi
if [ "${AMQP_TYPE}" == "activemq" ]; then
${JSON} -I -e "if(this.queue===undefined)this.queue={};"
${JSON} -I -e "this.queue.type = 'activemq'"
${JSON} -I -e "if(this.activemq===undefined)this.activemq={};"
${JSON} -I -e "if(this.activemq.connectOptions===undefined)this.activemq.connectOptions={};"
${JSON} -I -e "this.activemq.connectOptions.host = '${AMQP_SERVER_HOST}'"
if [ ! "${AMQP_SERVER_PORT}" == "" ]; then
${JSON} -I -e "this.activemq.connectOptions.port = '${AMQP_SERVER_PORT}'"
else
${JSON} -I -e "delete this.activemq.connectOptions.port"
fi
if [ ! "${AMQP_SERVER_USER}" == "" ]; then
${JSON} -I -e "this.activemq.connectOptions.username = '${AMQP_SERVER_USER}'"
else
${JSON} -I -e "delete this.activemq.connectOptions.username"
fi
if [ ! "${AMQP_SERVER_PASS}" == "" ]; then
${JSON} -I -e "this.activemq.connectOptions.password = '${AMQP_SERVER_PASS}'"
else
${JSON} -I -e "delete this.activemq.connectOptions.password"
fi
case "${AMQP_SERVER_PROTO}" in
amqp+ssl|amqps)
${JSON} -I -e "this.activemq.connectOptions.transport = 'tls'"
;;
*)
${JSON} -I -e "delete this.activemq.connectOptions.transport"
;;
esac
fi
${JSON} -I -e "this.rabbitmq.url = '${RABBITMQ_SERVER_URL}'"
}
update_redis_settings(){
${JSON} -I -e "if(this.services.CoAuthoring.redis===undefined)this.services.CoAuthoring.redis={};"
${JSON} -I -e "this.services.CoAuthoring.redis.host = '${REDIS_SERVER_HOST}'"
${JSON} -I -e "this.services.CoAuthoring.redis.port = '${REDIS_SERVER_PORT}'"
if [ -n "${REDIS_SERVER_PASS}" ]; then
${JSON} -I -e "this.services.CoAuthoring.redis.options = {'password':'${REDIS_SERVER_PASS}'}"
fi
}
update_ds_settings(){
${JSON} -I -e "this.services.CoAuthoring.token.enable.browser = ${JWT_ENABLED}"
${JSON} -I -e "this.services.CoAuthoring.token.enable.request.inbox = ${JWT_ENABLED}"
${JSON} -I -e "this.services.CoAuthoring.token.enable.request.outbox = ${JWT_ENABLED}"
update_jwt_settings(){
if [ "${JWT_ENABLED}" == "true" ]; then
${JSON} -I -e "this.services.CoAuthoring.token.enable.browser = '${JWT_ENABLED}'"
${JSON} -I -e "this.services.CoAuthoring.token.enable.request.inbox = '${JWT_ENABLED}'"
${JSON} -I -e "this.services.CoAuthoring.token.enable.request.outbox = '${JWT_ENABLED}'"
${JSON} -I -e "this.services.CoAuthoring.secret.inbox.string = '${JWT_SECRET}'"
${JSON} -I -e "this.services.CoAuthoring.secret.outbox.string = '${JWT_SECRET}'"
@ -326,23 +158,11 @@ update_ds_settings(){
${JSON} -I -e "this.services.CoAuthoring.token.inbox.header = '${JWT_HEADER}'"
${JSON} -I -e "this.services.CoAuthoring.token.outbox.header = '${JWT_HEADER}'"
${JSON} -I -e "this.services.CoAuthoring.token.inbox.inBody = ${JWT_IN_BODY}"
${JSON} -I -e "this.services.CoAuthoring.token.outbox.inBody = ${JWT_IN_BODY}"
if [ -f "${ONLYOFFICE_EXAMPLE_CONFIG}" ]; then
${JSON_EXAMPLE} -I -e "this.server.token.enable = ${JWT_ENABLED}"
${JSON_EXAMPLE} -I -e "this.server.token.enable = '${JWT_ENABLED}'"
${JSON_EXAMPLE} -I -e "this.server.token.secret = '${JWT_SECRET}'"
${JSON_EXAMPLE} -I -e "this.server.token.authorizationHeader = '${JWT_HEADER}'"
fi
if [ "${USE_UNAUTHORIZED_STORAGE}" == "true" ]; then
${JSON} -I -e "if(this.services.CoAuthoring.requestDefaults===undefined)this.services.CoAuthoring.requestDefaults={}"
${JSON} -I -e "if(this.services.CoAuthoring.requestDefaults.rejectUnauthorized===undefined)this.services.CoAuthoring.requestDefaults.rejectUnauthorized=false"
fi
if [ "${WOPI_ENABLED}" == "true" ]; then
${JSON} -I -e "if(this.wopi===undefined)this.wopi={}"
${JSON} -I -e "this.wopi.enable = true"
fi
}
@ -358,87 +178,26 @@ create_postgresql_cluster(){
}
create_postgresql_db(){
sudo -u postgres psql -c "CREATE DATABASE $DB_NAME;"
sudo -u postgres psql -c "CREATE USER $DB_USER WITH password '"$DB_PWD"';"
sudo -u postgres psql -c "GRANT ALL privileges ON DATABASE $DB_NAME TO $DB_USER;"
}
create_db_tbl() {
case $DB_TYPE in
"postgres")
create_postgresql_tbl
;;
"mariadb"|"mysql")
create_mysql_tbl
;;
esac
}
upgrade_db_tbl() {
case $DB_TYPE in
"postgres")
upgrade_postgresql_tbl
;;
"mariadb"|"mysql")
upgrade_mysql_tbl
;;
esac
}
upgrade_postgresql_tbl() {
if [ -n "$DB_PWD" ]; then
export PGPASSWORD=$DB_PWD
fi
PSQL="psql -q -h$DB_HOST -p$DB_PORT -d$DB_NAME -U$DB_USER -w"
$PSQL -f "$APP_DIR/server/schema/postgresql/removetbl.sql"
$PSQL -f "$APP_DIR/server/schema/postgresql/createdb.sql"
}
upgrade_mysql_tbl() {
CONNECTION_PARAMS="-h$DB_HOST -P$DB_PORT -u$DB_USER -p$DB_PWD -w"
MYSQL="mysql -q $CONNECTION_PARAMS"
$MYSQL $DB_NAME < "$APP_DIR/server/schema/mysql/removetbl.sql" >/dev/null 2>&1
$MYSQL $DB_NAME < "$APP_DIR/server/schema/mysql/createdb.sql" >/dev/null 2>&1
sudo -u postgres psql -c "CREATE DATABASE onlyoffice;"
sudo -u postgres psql -c "CREATE USER onlyoffice WITH password 'onlyoffice';"
sudo -u postgres psql -c "GRANT ALL privileges ON DATABASE onlyoffice TO onlyoffice;"
}
create_postgresql_tbl(){
if [ -n "$DB_PWD" ]; then
export PGPASSWORD=$DB_PWD
CONNECTION_PARAMS="-h${POSTGRESQL_SERVER_HOST} -U${POSTGRESQL_SERVER_USER} -w"
if [ -n "${POSTGRESQL_SERVER_PASS}" ]; then
export PGPASSWORD=${POSTGRESQL_SERVER_PASS}
fi
PSQL="psql -q -h$DB_HOST -p$DB_PORT -d$DB_NAME -U$DB_USER -w"
$PSQL -f "$APP_DIR/server/schema/postgresql/createdb.sql"
}
create_mysql_tbl() {
CONNECTION_PARAMS="-h$DB_HOST -P$DB_PORT -u$DB_USER -p$DB_PWD -w"
MYSQL="mysql -q $CONNECTION_PARAMS"
PSQL="psql -q $CONNECTION_PARAMS"
CREATEDB="createdb $CONNECTION_PARAMS"
# Create db on remote server
$MYSQL -e "CREATE DATABASE IF NOT EXISTS $DB_NAME DEFAULT CHARACTER SET utf8 DEFAULT COLLATE utf8_general_ci;" >/dev/null 2>&1
if $PSQL -lt | cut -d\| -f 1 | grep -qw | grep 0; then
$CREATEDB $DB_NAME
fi
$MYSQL $DB_NAME < "$APP_DIR/server/schema/mysql/createdb.sql" >/dev/null 2>&1
}
update_welcome_page() {
WELCOME_PAGE="${APP_DIR}-example/welcome/docker.html"
if [[ -e $WELCOME_PAGE ]]; then
DOCKER_CONTAINER_ID=$(basename $(cat /proc/1/cpuset))
(( ${#DOCKER_CONTAINER_ID} < 12 )) && DOCKER_CONTAINER_ID=$(hostname)
if (( ${#DOCKER_CONTAINER_ID} >= 12 )); then
if [[ -x $(command -v docker) ]]; then
DOCKER_CONTAINER_NAME=$(docker inspect --format="{{.Name}}" $DOCKER_CONTAINER_ID)
sed 's/$(sudo docker ps -q)/'"${DOCKER_CONTAINER_NAME#/}"'/' -i $WELCOME_PAGE
JWT_MESSAGE=$(echo $JWT_MESSAGE | sed 's/$(sudo docker ps -q)/'"${DOCKER_CONTAINER_NAME#/}"'/')
else
sed 's/$(sudo docker ps -q)/'"${DOCKER_CONTAINER_ID::12}"'/' -i $WELCOME_PAGE
JWT_MESSAGE=$(echo $JWT_MESSAGE | sed 's/$(sudo docker ps -q)/'"${DOCKER_CONTAINER_ID::12}"'/')
fi
fi
fi
$PSQL -d "${POSTGRESQL_SERVER_DB_NAME}" -f "${APP_DIR}/server/schema/postgresql/createdb.sql"
}
update_nginx_settings(){
@ -449,7 +208,7 @@ update_nginx_settings(){
# setup HTTPS
if [ -f "${SSL_CERTIFICATE_PATH}" -a -f "${SSL_KEY_PATH}" ]; then
cp -f ${NGINX_ONLYOFFICE_PATH}/ds-ssl.conf.tmpl ${NGINX_ONLYOFFICE_CONF}
ln -sf ${NGINX_ONLYOFFICE_PATH}/onlyoffice-documentserver-ssl.conf.template ${NGINX_ONLYOFFICE_CONF}
# configure nginx
sed 's,{{SSL_CERTIFICATE_PATH}},'"${SSL_CERTIFICATE_PATH}"',' -i ${NGINX_ONLYOFFICE_CONF}
@ -477,19 +236,12 @@ update_nginx_settings(){
sed '/max-age=/d' -i ${NGINX_ONLYOFFICE_CONF}
fi
else
ln -sf ${NGINX_ONLYOFFICE_PATH}/ds.conf.tmpl ${NGINX_ONLYOFFICE_CONF}
fi
# check if ipv6 supported otherwise remove it from nginx config
if [ ! -f /proc/net/if_inet6 ]; then
sed '/listen\s\+\[::[0-9]*\].\+/d' -i $NGINX_ONLYOFFICE_CONF
ln -sf ${NGINX_ONLYOFFICE_PATH}/onlyoffice-documentserver.conf.template ${NGINX_ONLYOFFICE_CONF}
fi
if [ -f "${NGINX_ONLYOFFICE_EXAMPLE_CONF}" ]; then
sed 's/linux/docker/' -i ${NGINX_ONLYOFFICE_EXAMPLE_CONF}
fi
documentserver-update-securelink.sh -s ${SECURE_LINK_SECRET:-$(pwgen -s 20)} -r false
}
update_supervisor_settings(){
@ -500,33 +252,19 @@ update_supervisor_settings(){
}
update_log_settings(){
${JSON_LOG} -I -e "this.categories.default.level = '${DS_LOG_LEVEL}'"
}
update_logrotate_settings(){
sed 's|\(^su\b\).*|\1 root root|' -i /etc/logrotate.conf
}
update_release_date(){
mkdir -p ${PRIVATE_DATA_DIR}
echo ${RELEASE_DATE} > ${DS_RELEASE_DATE}
${JSON_LOG} -I -e "this.levels.nodeJS = '${DS_LOG_LEVEL}'"
}
# create base folders
for i in converter docservice metrics; do
for i in converter docservice spellchecker metrics gc; do
mkdir -p "${DS_LOG_DIR}/$i"
done
mkdir -p ${DS_LOG_DIR}-example
# create app folders
for i in ${DS_LIB_DIR}/App_Data/cache/files ${DS_LIB_DIR}/App_Data/docbuilder ${DS_LIB_DIR}-example/files; do
mkdir -p "$i"
done
# change folder rights
for i in ${LOG_DIR} ${LIB_DIR}; do
chown -R ds:ds "$i"
for i in ${LOG_DIR} ${LIB_DIR} ${DATA_DIR}; do
chown -R onlyoffice:onlyoffice "$i"
chmod -R 755 "$i"
done
@ -534,27 +272,16 @@ if [ ${ONLYOFFICE_DATA_CONTAINER_HOST} = "localhost" ]; then
read_setting
if [ $METRICS_ENABLED = "true" ]; then
update_statsd_settings
fi
update_welcome_page
update_log_settings
update_ds_settings
update_jwt_settings
# update settings by env variables
if [ $DB_HOST != "localhost" ]; then
update_db_settings
waiting_for_db
create_db_tbl
if [ ${POSTGRESQL_SERVER_HOST} != "localhost" ]; then
update_postgresql_settings
waiting_for_postgresql
create_postgresql_tbl
else
# change rights for postgres directory
chown -R postgres:postgres ${PG_ROOT}
chmod -R 700 ${PG_ROOT}
# create new db if it isn't exist
if [ ! -d ${PGDATA} ]; then
create_postgresql_cluster
PG_NEW_CLUSTER=true
@ -562,32 +289,17 @@ if [ ${ONLYOFFICE_DATA_CONTAINER_HOST} = "localhost" ]; then
LOCAL_SERVICES+=("postgresql")
fi
if [ ${AMQP_SERVER_HOST} != "localhost" ]; then
if [ ${RABBITMQ_SERVER_HOST} != "localhost" ]; then
update_rabbitmq_setting
else
# change rights for rabbitmq directory
chown -R rabbitmq:rabbitmq ${RABBITMQ_DATA}
chmod -R go=rX,u=rwX ${RABBITMQ_DATA}
if [ -f ${RABBITMQ_DATA}/.erlang.cookie ]; then
chmod 400 ${RABBITMQ_DATA}/.erlang.cookie
fi
LOCAL_SERVICES+=("rabbitmq-server")
# allow Rabbitmq startup after container kill
rm -rf /var/run/rabbitmq
fi
if [ ${REDIS_ENABLED} = "true" ]; then
if [ ${REDIS_SERVER_HOST} != "localhost" ]; then
update_redis_settings
else
# change rights for redis directory
chown -R redis:redis ${REDIS_DATA}
chmod -R 750 ${REDIS_DATA}
LOCAL_SERVICES+=("redis-server")
fi
fi
else
# no need to update settings just wait for remote data
waiting_for_datacontainer
@ -595,12 +307,8 @@ else
# read settings after the data container in ready state
# to prevent get unconfigureted data
read_setting
update_welcome_page
fi
find /etc/${COMPANY_NAME} -exec chown ds:ds {} \;
#start needed local services
for i in ${LOCAL_SERVICES[@]}; do
service $i start
@ -612,44 +320,20 @@ if [ ${PG_NEW_CLUSTER} = "true" ]; then
fi
if [ ${ONLYOFFICE_DATA_CONTAINER} != "true" ]; then
waiting_for_db
waiting_for_amqp
if [ ${REDIS_ENABLED} = "true" ]; then
waiting_for_postgresql
waiting_for_rabbitmq
waiting_for_redis
fi
if [ "${IS_UPGRADE}" = "true" ]; then
upgrade_db_tbl
update_release_date
fi
update_nginx_settings
update_supervisor_settings
service supervisor start
# start cron to enable log rotating
update_logrotate_settings
service cron start
fi
# nginx used as a proxy, and as data container status service.
# it run in all cases.
service nginx start
if [ "${LETS_ENCRYPT_DOMAIN}" != "" -a "${LETS_ENCRYPT_MAIL}" != "" ]; then
if [ ! -f "${SSL_CERTIFICATE_PATH}" -a ! -f "${SSL_KEY_PATH}" ]; then
documentserver-letsencrypt.sh ${LETS_ENCRYPT_MAIL} ${LETS_ENCRYPT_DOMAIN}
fi
fi
# Regenerate the fonts list and the fonts thumbnails
if [ "${GENERATE_FONTS}" == "true" ]; then
documentserver-generate-allfonts.sh ${ONLYOFFICE_DATA_CONTAINER}
fi
documentserver-static-gzip.sh ${ONLYOFFICE_DATA_CONTAINER}
echo "${JWT_MESSAGE}"
tail -f /var/log/${COMPANY_NAME}/**/*.log &
wait $!

View file

@ -1,32 +0,0 @@
version: '2.1'
services:
onlyoffice-documentserver:
container_name: onlyoffice-documentserver
build:
context: ../.
environment:
- AMQP_TYPE=${AMQP_TYPE:-activemq}
- AMQP_URI=${AMQP_URI:-amqp://guest:guest@onlyoffice-activemq}
stdin_open: true
restart: always
ports:
- '80:80'
- '443:443'
networks:
- onlyoffice
onlyoffice-activemq:
container_name: onlyoffice-activemq
image: webcenter/activemq:${ACTIVEMQ_VERSION:-5.14.3}
environment:
- ACTIVEMQ_USERS_guest=${ACTIVEMQ_USERS_guest:-guest}
- ACTIVEMQ_GROUPS_owners=${ACTIVEMQ_GROUPS_owners:-guest}
restart: always
networks:
- onlyoffice
expose:
- '5672'
networks:
onlyoffice:
driver: 'bridge'

View file

@ -1,18 +0,0 @@
version: '2.1'
services:
onlyoffice-documentserver:
container_name: onlyoffice-documentserver
build:
context: ../.
environment:
- SSL_CERTIFICATE_PATH=${SSL_CERTIFICATE_PATH:-/var/www/onlyoffice/Data/certs/tls.crt}
- SSL_KEY_PATH=${SSL_KEY_PATH:-/var/www/onlyoffice/Data/certs/tls.key}
- CA_CERTIFICATES_PATH=${CA_CERTIFICATES_PATH:-/var/www/onlyoffice/Data/certs/ca-certificates.pem}
- SSL_DHPARAM_PATH=${SSL_DHPARAM_PATH:-/var/www/onlyoffice/Data/certs/dhparam.pem}
stdin_open: true
restart: always
ports:
- '80:80'
- '443:443'
volumes:
- ./data:/var/www/onlyoffice/Data

View file

@ -1,13 +0,0 @@
version: '2.1'
services:
onlyoffice-documentserver:
container_name: onlyoffice-documentserver
build:
context: ../.
stdin_open: true
restart: always
ports:
- '80:80'
- '443:443'
volumes:
- ./data:/var/www/onlyoffice/Data

View file

@ -1,32 +0,0 @@
version: '2.1'
services:
onlyoffice-documentserver:
container_name: onlyoffice-documentserver
build:
context: ../.
depends_on:
- onlyoffice-graphite
environment:
- METRICS_ENABLED=${METRICS_ENABLED:-true}
- METRICS_HOST=${METRICS_HOST:-localhost}
- METRICS_PORT=${METRICS_PORT:-8125}
- METRICS_PREFIX=${METRICS_PREFIX:-ds.}
stdin_open: true
restart: always
expose:
- '2003'
ports:
- '80:80'
volumes:
- ./graphite/statsd:/var/www/onlyoffice/documentserver/server/Metrics/config
onlyoffice-graphite:
container_name: onlyoffice-graphite
image: graphiteapp/graphite-statsd
environment:
- GRAPHITE_STATSD_HOST=${GRAPHITE_STATSD_HOST:-onlyoffice-documentserver}
- GRAPHITE_TIME_ZONE=${GRAPHITE_TIME_ZONE:-Etc/UTC}
ports:
- '8888:80'
stdin_open: true
restart: always

View file

@ -1,7 +0,0 @@
{
"graphiteHost": "onlyoffice-graphite",
"graphitePort": 2003,
"port": 8125,
"flushInterval": 60000,
"backends": [ "./backends/graphite.js" ]
}

View file

@ -1,36 +0,0 @@
version: '2.1'
services:
ds:
container_name: ds
build:
context: ../.
depends_on:
- onlyoffice-mariadb
environment:
- DB_TYPE=${DB_TYPE:-mysql}
- DB_HOST=${DB_HOST:-onlyoffice-mariadb}
- DB_PORT=${DB_PORT:-3306}
- DB_NAME=${DB_NAME:-onlyoffice}
- DB_USER=${DB_USER:-onlyoffice}
- DB_PWD=${DB_PWD:-onlyoffice}
stdin_open: true
restart: always
ports:
- '80:80'
onlyoffice-mariadb:
container_name: onlyoffice-mariadb
image: mariadb:${MARIADB_VERSION:-10.5}
environment:
- MYSQL_DATABASE=${MYSQL_DATABASE:-onlyoffice}
- MYSQL_USER=${MYSQL_USER:-onlyoffice}
- MYSQL_PASSWORD=${MYSQL_PASSWORD:-onlyoffice}
- MYSQL_ALLOW_EMPTY_PASSWORD=${MYSQL_ALLOW_EMPTY_PASSWORD:-yes}
restart: always
volumes:
- mysql_data:/var/lib/mysql
expose:
- '3306'
volumes:
mysql_data:

View file

@ -1,37 +0,0 @@
version: '2.1'
services:
onlyoffice-documentserver:
container_name: onlyoffice-documentserver
build:
context: ../.
depends_on:
- onlyoffice-mysql
environment:
- DB_TYPE=${DB_TYPE:-mysql}
- DB_HOST=${DB_HOST:-onlyoffice-mysql}
- DB_PORT=${DB_PORT:-3306}
- DB_NAME=${DB_NAME:-onlyoffice}
- DB_USER=${DB_USER:-onlyoffice}
- DB_PWD=${DB_PWD:-onlyoffice}
stdin_open: true
restart: always
ports:
- '80:80'
onlyoffice-mysql:
container_name: onlyoffice-mysql
image: mysql:${MYSQL_VERSION:-5.7}
command: --default-authentication-plugin=mysql_native_password
environment:
- MYSQL_DATABASE=${MYSQL_DATABASE:-onlyoffice}
- MYSQL_USER=${MYSQL_USER:-onlyoffice}
- MYSQL_PASSWORD=${MYSQL_PASSWORD:-onlyoffice}
- MYSQL_ALLOW_EMPTY_PASSWORD=${MYSQL_ALLOW_EMPTY_PASSWORD:-yes}
restart: always
volumes:
- mysql_data:/var/lib/mysql
expose:
- '3306'
volumes:
mysql_data:

View file

@ -1,34 +0,0 @@
version: '2.1'
services:
onlyoffice-documentserver:
container_name: onlyoffice-documentserver
build:
context: ../.
depends_on:
- onlyoffice-postgresql
environment:
- POSTGRESQL_SERVER_HOST=${DB_HOST:-onlyoffice-postgresql}
- POSTGRESQL_SERVER_PORT=${DB_PORT:-5432}
- POSTGRESQL_SERVER_DB_NAME=${DB_NAME:-onlyoffice}
- POSTGRESQL_SERVER_USER=${DB_USER:-onlyoffice}
- POSTGRESQL_SERVER_PASS=${DB_PWD:-onlyoffice}
stdin_open: true
restart: always
ports:
- '80:80'
onlyoffice-postgresql:
container_name: onlyoffice-postgresql
image: postgres:9.5
environment:
- POSTGRES_DB=${POSTGRES_DB:-onlyoffice}
- POSTGRES_USER=${POSTGRES_USER:-onlyoffice}
- POSTGRES_HOST_AUTH_METHOD=${POSTGRES_HOST_AUTH_METHOD:-trust}
restart: always
expose:
- '5432'
volumes:
- postgresql_data:/var/lib/postgresql
volumes:
postgresql_data:

View file

@ -1,35 +0,0 @@
version: '2.1'
services:
onlyoffice-documentserver:
container_name: onlyoffice-documentserver
build:
context: ../.
depends_on:
- onlyoffice-postgresql
environment:
- DB_TYPE=${DB_TYPE:-postgres}
- DB_HOST=${DB_HOST:-onlyoffice-postgresql}
- DB_PORT=${DB_PORT:-5432}
- DB_NAME=${DB_NAME:-onlyoffice}
- DB_USER=${DB_USER:-onlyoffice}
- DB_PWD=${DB_PWD:-onlyoffice}
stdin_open: true
restart: always
ports:
- '80:80'
onlyoffice-postgresql:
container_name: onlyoffice-postgresql
image: postgres:${POSTGRES_VERSION:-9.5}
environment:
- POSTGRES_DB=${POSTGRES_DB:-onlyoffice}
- POSTGRES_USER=${POSTGRES_USER:-onlyoffice}
- POSTGRES_HOST_AUTH_METHOD=${POSTGRES_HOST_AUTH_METHOD:-trust}
restart: always
expose:
- '5432'
volumes:
- postgresql_data:/var/lib/postgresql
volumes:
postgresql_data:

View file

@ -1,29 +0,0 @@
version: '2.1'
services:
onlyoffice-documentserver:
container_name: onlyoffice-documentserver
build:
context: ../.
environment:
- AMQP_SERVER_TYPE=${AMQP_SERVER_TYPE:-rabbitmq}
- AMQP_SERVER_URL=${AMQP_SERVER_URL:-amqp://guest:guest@onlyoffice-rabbitmq}
stdin_open: true
restart: always
ports:
- '80:80'
- '443:443'
networks:
- onlyoffice
onlyoffice-rabbitmq:
container_name: onlyoffice-rabbitmq
image: rabbitmq
restart: always
networks:
- onlyoffice
expose:
- '5672'
networks:
onlyoffice:
driver: 'bridge'

View file

@ -1,29 +0,0 @@
version: '2.1'
services:
onlyoffice-documentserver:
container_name: onlyoffice-documentserver
build:
context: ../.
environment:
- AMQP_TYPE=${AMQP_TYPE:-rabbitmq}
- AMQP_URI=${AMQP_URI:-amqp://guest:guest@onlyoffice-rabbitmq}
stdin_open: true
restart: always
ports:
- '80:80'
- '443:443'
networks:
- onlyoffice
onlyoffice-rabbitmq:
container_name: onlyoffice-rabbitmq
image: rabbitmq:${RABBITMQ_VERSION:-latest}
restart: always
networks:
- onlyoffice
expose:
- '5672'
networks:
onlyoffice:
driver: 'bridge'

View file

@ -1,31 +0,0 @@
version: '2.1'
services:
onlyoffice-documentserver:
container_name: onlyoffice-documentserver
build:
context: ../.
args:
- PRODUCT_NAME=${PRODUCT_NAME:-documentserver}
environment:
- REDIS_SERVER_HOST=${REDIS_SERVER_HOST:-onlyoffice-redis}
- REDIS_SERVER_PORT=${REDIS_SERVER_PORT:-6379}
stdin_open: true
restart: always
ports:
- '80:80'
- '443:443'
networks:
- onlyoffice
onlyoffice-redis:
container_name: onlyoffice-redis
image: redis:${REDIS_VERSION:-latest}
restart: always
networks:
- onlyoffice
expose:
- '6379'
networks:
onlyoffice:
driver: 'bridge'

View file

@ -1,12 +0,0 @@
version: '2.1'
services:
onlyoffice-documentserver:
container_name: onlyoffice-documentserver
build:
context: ../.
args:
- PRODUCT_NAME=${PRODUCT_NAME:-documentserver}
stdin_open: true
restart: always
ports:
- '80:80'

View file

@ -1,54 +0,0 @@
#!/bin/bash
ssl=${ssl:-false}
private_key=${private_key:-tls.key}
certificate_request=${certificate_request:-tls.csr}
certificate=${certificate:-tls.crt}
# Generate certificate
if [[ $ssl == "true" ]]; then
url=${url:-"https://localhost"}
mkdir -p data/certs
pushd data/certs
openssl genrsa -out ${private_key} 2048
openssl req \
-new \
-subj "/C=US/ST=Denial/L=Springfield/O=Dis/CN=www.example.com" \
-key ${private_key} \
-out ${certificate_request}
openssl x509 -req -days 365 -in ${certificate_request} -signkey ${private_key} -out ${certificate}
openssl dhparam -out dhparam.pem 2048
chmod 400 ${private_key}
popd
else
url=${url:-"http://localhost"}
fi
# Check if the yml exists
if [[ ! -f $config ]]; then
echo "File $config doesn't exist!"
exit 1
fi
# Run test environment
docker-compose -p ds -f $config up -d
wakeup_timeout=90
# Get documentserver healthcheck status
echo "Wait for service wake up"
sleep $wakeup_timeout
healthcheck_res=$(wget --no-check-certificate -qO - ${url}/healthcheck)
# Fail if it isn't true
if [[ $healthcheck_res == "true" ]]; then
echo "Healthcheck passed."
else
echo "Healthcheck failed!"
exit 1
fi
docker-compose -p ds -f $config down