Merge branch release/v7.3.0 into develop

Dockerfile

@@ -11,13 +11,14 @@ ARG ONLYOFFICE_VALUE=onlyoffice
 
 RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \
     apt-get -y update && \
-    apt-get -yq install wget apt-transport-https gnupg locales && \
+    apt-get -yq install wget apt-transport-https gnupg locales lsb-release && \
     mkdir -p $HOME/.gnupg && \
     gpg --no-default-keyring --keyring gnupg-ring:/etc/apt/trusted.gpg.d/onlyoffice.gpg --keyserver keyserver.ubuntu.com --recv-keys 0x8320ca65cb2de8e5 && \
     chmod 644 /etc/apt/trusted.gpg.d/onlyoffice.gpg && \
     locale-gen en_US.UTF-8 && \
     echo ttf-mscorefonts-installer msttcorefonts/accepted-mscorefonts-eula select true | debconf-set-selections && \
     wget -O - https://packagecloud.io/install/repositories/rabbitmq/rabbitmq-server/script.deb.sh | bash && \
+    if [ $(lsb_release -cs) = focal ]; then RABBITMQ_VERSION=3.8.11-1; else RABBITMQ_VERSION=3.9 ; fi && \
     apt-get -yq install \
         adduser \
         apt-utils \
@@ -46,7 +47,7 @@ RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \
         postgresql \
         postgresql-client \
         pwgen \
-        rabbitmq-server=3.10* \
+        rabbitmq-server=${RABBITMQ_VERSION}* \
         redis-server \
         software-properties-common \
         sudo \

Makefile

@@ -1,21 +1,18 @@
 COMPANY_NAME ?= ONLYOFFICE
 GIT_BRANCH ?= develop
-PRODUCT_NAME ?= DocumentServer
+PRODUCT_NAME ?= documentserver
 PRODUCT_EDITION ?= 
 PRODUCT_VERSION ?= 0.0.0
 BUILD_NUMBER ?= 0
 BUILD_CHANNEL ?= nightly
 ONLYOFFICE_VALUE ?= onlyoffice
-S3_BUCKET ?= repo-doc-onlyoffice-com
-S3_REGION ?= eu-west-1
 
 COMPANY_NAME_LOW = $(shell echo $(COMPANY_NAME) | tr A-Z a-z)
-PRODUCT_NAME_LOW = $(shell echo $(PRODUCT_NAME) | tr A-Z a-z)
+COMPANY_NAME_ESC = $(subst -,,$(COMPANY_NAME_LOW))
-COMPANY_NAME_LOW_ESCAPED = $(subst -,,$(COMPANY_NAME_LOW))
 
-PACKAGE_NAME := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME_LOW)$(PRODUCT_EDITION)
+PACKAGE_NAME := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME)$(PRODUCT_EDITION)
-PACKAGE_VERSION := $(PRODUCT_VERSION)-$(BUILD_NUMBER)~stretch
+PACKAGE_VERSION ?= $(PRODUCT_VERSION)-$(BUILD_NUMBER)~stretch
-PACKAGE_BASEURL := https://s3.$(S3_REGION).amazonaws.com/$(S3_BUCKET)/server/linux/debian/$(BUILD_CHANNEL)
+PACKAGE_BASEURL ?= https://s3.eu-west-1.amazonaws.com/repo-doc-onlyoffice-com/server/linux/debian/$(BUILD_CHANNEL)
 
 ifeq ($(BUILD_CHANNEL),$(filter $(BUILD_CHANNEL),nightly test))
 	DOCKER_TAG := $(PRODUCT_VERSION).$(BUILD_NUMBER)
@@ -23,18 +20,17 @@ else
 	DOCKER_TAG := $(PRODUCT_VERSION).$(BUILD_NUMBER)-$(subst /,-,$(GIT_BRANCH))
 endif
 
-DOCKER_IMAGE := $(subst -,,$(COMPANY_NAME_LOW))/4testing-$(PRODUCT_NAME_LOW)$(PRODUCT_EDITION)
+DOCKER_IMAGE := $(COMPANY_NAME_ESC)/4testing-$(PRODUCT_NAME)$(PRODUCT_EDITION)
-DOCKER_DUMMY := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME_LOW)$(PRODUCT_EDITION)__$(DOCKER_TAG).dummy
+DOCKER_DUMMY := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME)$(PRODUCT_EDITION)__$(DOCKER_TAG).dummy
-DOCKER_ARCH := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME_LOW)_$(DOCKER_TAG).tar.gz
+DOCKER_ARCH := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME)_$(DOCKER_TAG).tar.gz
-DOCKER_ARCH_URI := server/linux/docker/$(BUILD_CHANNEL)/$(notdir $(DOCKER_ARCH))
 
-.PHONY: all clean clean-docker image deploy docker publish
+.PHONY: all clean clean-docker image deploy docker
 
 $(DOCKER_DUMMY):
-	docker pull ubuntu:20.04
+	docker pull ubuntu:22.04
 	docker build \
 		--build-arg COMPANY_NAME=$(COMPANY_NAME_LOW) \
-		--build-arg PRODUCT_NAME=$(PRODUCT_NAME_LOW) \
+		--build-arg PRODUCT_NAME=$(PRODUCT_NAME) \
 		--build-arg PRODUCT_EDITION=$(PRODUCT_EDITION) \
 		--build-arg PACKAGE_VERSION=$(PACKAGE_VERSION) \
 		--build-arg PACKAGE_BASEURL=$(PACKAGE_BASEURL) \
@@ -68,7 +64,3 @@ ifeq ($(BUILD_CHANNEL),nightly)
 		docker push $(DOCKER_IMAGE):latest && break || sleep 1m; \
 	done
 endif
-
-publish: $(DOCKER_ARCH)
-	aws s3 cp --no-progress --acl public-read \
-		$(DOCKER_ARCH) s3://$(S3_BUCKET)/$(DOCKER_ARCH_URI)

README.md

@@ -191,8 +191,8 @@ Below is the complete list of parameters that can be set using environment varia
 - **NGINX_WORKER_PROCESSES**: Defines the number of nginx worker processes.
 - **NGINX_WORKER_CONNECTIONS**: Sets the maximum number of simultaneous connections that can be opened by a nginx worker process.
 - **SECURE_LINK_SECRET**: Defines secret for the nginx config directive [secure_link_md5](http://nginx.org/ru/docs/http/ngx_http_secure_link_module.html#secure_link_md5). Defaults to `random string`.
-- **JWT_ENABLED**: Specifies the enabling the JSON Web Token validation by the ONLYOFFICE Document Server. Defaults to `false`.
+- **JWT_ENABLED**: Specifies the enabling the JSON Web Token validation by the ONLYOFFICE Document Server. Defaults to `true`.
-- **JWT_SECRET**: Defines the secret key to validate the JSON Web Token in the request to the ONLYOFFICE Document Server. Defaults to `secret`.
+- **JWT_SECRET**: Defines the secret key to validate the JSON Web Token in the request to the ONLYOFFICE Document Server. Defaults to random value.
 - **JWT_HEADER**: Defines the http header that will be used to send the JSON Web Token. Defaults to `Authorization`.
 - **JWT_IN_BODY**: Specifies the enabling the token validation in the request body to the ONLYOFFICE Document Server. Defaults to `false`.
 - **WOPI_ENABLED**: Specifies the enabling the wopi handlers. Defaults to `false`.
@@ -220,18 +220,28 @@ Then launch containers on it using the 'docker run --net onlyoffice' option:
 
 Follow [these steps](#installing-mysql) to install MySQL server.
 
-**STEP 3**: Install ONLYOFFICE Document Server.
+**STEP 3**: Generate JWT Secret
+
+JWT secret defines the secret key to validate the JSON Web Token in the request to the **ONLYOFFICE Document Server**. You can specify it yourself or easily get it using the command:
+```
+JWT_SECRET=$(cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 12);
+```
+
+**STEP 4**: Install ONLYOFFICE Document Server.
 
 ```bash
 sudo docker run --net onlyoffice -i -t -d --restart=always --name onlyoffice-document-server \
-	-v /app/onlyoffice/DocumentServer/logs:/var/log/onlyoffice  \
+ -e JWT_ENABLED=true \
-	-v /app/onlyoffice/DocumentServer/data:/var/www/onlyoffice/Data  \
+ -e JWT_SECRET=${JWT_SECRET} \
-	-v /app/onlyoffice/DocumentServer/lib:/var/lib/onlyoffice \
+ -e JWT_HEADER=AuthorizationJwt \
-	-v /app/onlyoffice/DocumentServer/db:/var/lib/postgresql \
+ -v /app/onlyoffice/DocumentServer/logs:/var/log/onlyoffice  \
-	onlyoffice/documentserver
+ -v /app/onlyoffice/DocumentServer/data:/var/www/onlyoffice/Data  \
+ -v /app/onlyoffice/DocumentServer/lib:/var/lib/onlyoffice \
+ -v /app/onlyoffice/DocumentServer/db:/var/lib/postgresql \
+ onlyoffice/documentserver
 ```
 
-**STEP 4**: Install ONLYOFFICE Mail Server. 
+**STEP 5**: Install ONLYOFFICE Mail Server. 
 
 For the mail server correct work you need to specify its hostname 'yourdomain.com'.
 
@@ -253,10 +263,10 @@ The additional parameters for mail server are available [here](https://github.co
 
 To learn more, refer to the [ONLYOFFICE Mail Server documentation](https://github.com/ONLYOFFICE/Docker-MailServer "ONLYOFFICE Mail Server documentation").
 
-**STEP 5**: Install ONLYOFFICE Community Server
+**STEP 6**: Install ONLYOFFICE Community Server
 
 ```bash
-sudo docker run --net onlyoffice -i -t -d --restart=always --name onlyoffice-community-server -p 80:80 -p 443:443 -p 5222:5222 \
+sudo docker run --net onlyoffice -i -t -d --privileged --restart=always --name onlyoffice-community-server -p 80:80 -p 443:443 -p 5222:5222 --cgroupns=host \
  -e MYSQL_SERVER_ROOT_PASSWORD=my-secret-pw \
  -e MYSQL_SERVER_DB_NAME=onlyoffice \
  -e MYSQL_SERVER_HOST=onlyoffice-mysql-server \
@@ -264,6 +274,9 @@ sudo docker run --net onlyoffice -i -t -d --restart=always --name onlyoffice-com
  -e MYSQL_SERVER_PASS=onlyoffice_pass \
  
  -e DOCUMENT_SERVER_PORT_80_TCP_ADDR=onlyoffice-document-server \
+ -e DOCUMENT_SERVER_JWT_ENABLED=true \
+ -e DOCUMENT_SERVER_JWT_SECRET=${JWT_SECRET} \
+ -e DOCUMENT_SERVER_JWT_HEADER=AuthorizationJwt \
  
  -e MAIL_SERVER_API_HOST=${MAIL_SERVER_IP} \
  -e MAIL_SERVER_DB_HOST=onlyoffice-mysql-server \
@@ -274,12 +287,14 @@ sudo docker run --net onlyoffice -i -t -d --restart=always --name onlyoffice-com
  
  -v /app/onlyoffice/CommunityServer/data:/var/www/onlyoffice/Data \
  -v /app/onlyoffice/CommunityServer/logs:/var/log/onlyoffice \
+ -v /app/onlyoffice/CommunityServer/letsencrypt:/etc/letsencrypt \
+ -v /sys/fs/cgroup:/sys/fs/cgroup:rw \
  onlyoffice/communityserver
 ```
 
 Where `${MAIL_SERVER_IP}` is the IP address for **ONLYOFFICE Mail Server**. You can easily get it using the command:
 ```
-docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' onlyoffice-mail-server
+MAIL_SERVER_IP=$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' onlyoffice-mail-server)
 ```
 
 Alternatively, you can use an automatic installation script to install the whole ONLYOFFICE Community Edition at once. For the mail server correct work you need to specify its hostname 'yourdomain.com'.