From 5c17c711b1a14e39a2836bec0fee49044433c3a5 Mon Sep 17 00:00:00 2001 From: Roger Shieh Date: Tue, 24 May 2022 23:02:42 +0800 Subject: [PATCH 01/51] Update run-document-server.sh (#439) --- run-document-server.sh | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/run-document-server.sh b/run-document-server.sh index c8dcf39..e16dca2 100755 --- a/run-document-server.sh +++ b/run-document-server.sh @@ -298,9 +298,9 @@ update_redis_settings(){ } update_ds_settings(){ - ${JSON} -I -e "this.services.CoAuthoring.token.enable.browser = ${JWT_ENABLED}" - ${JSON} -I -e "this.services.CoAuthoring.token.enable.request.inbox = ${JWT_ENABLED}" - ${JSON} -I -e "this.services.CoAuthoring.token.enable.request.outbox = ${JWT_ENABLED}" + ${JSON} -I -e "this.services.CoAuthoring.token.enable.browser = '${JWT_ENABLED}'" + ${JSON} -I -e "this.services.CoAuthoring.token.enable.request.inbox = '${JWT_ENABLED}'" + ${JSON} -I -e "this.services.CoAuthoring.token.enable.request.outbox = '${JWT_ENABLED}'" ${JSON} -I -e "this.services.CoAuthoring.secret.inbox.string = '${JWT_SECRET}'" ${JSON} -I -e "this.services.CoAuthoring.secret.outbox.string = '${JWT_SECRET}'" @@ -309,11 +309,11 @@ update_ds_settings(){ ${JSON} -I -e "this.services.CoAuthoring.token.inbox.header = '${JWT_HEADER}'" ${JSON} -I -e "this.services.CoAuthoring.token.outbox.header = '${JWT_HEADER}'" - ${JSON} -I -e "this.services.CoAuthoring.token.inbox.inBody = ${JWT_IN_BODY}" - ${JSON} -I -e "this.services.CoAuthoring.token.outbox.inBody = ${JWT_IN_BODY}" + ${JSON} -I -e "this.services.CoAuthoring.token.inbox.inBody = '${JWT_IN_BODY}'" + ${JSON} -I -e "this.services.CoAuthoring.token.outbox.inBody = '${JWT_IN_BODY}'" if [ -f "${ONLYOFFICE_EXAMPLE_CONFIG}" ]; then - ${JSON_EXAMPLE} -I -e "this.server.token.enable = ${JWT_ENABLED}" + ${JSON_EXAMPLE} -I -e "this.server.token.enable = '${JWT_ENABLED}'" ${JSON_EXAMPLE} -I -e "this.server.token.secret = '${JWT_SECRET}'" ${JSON_EXAMPLE} -I -e "this.server.token.authorizationHeader = '${JWT_HEADER}'" fi From 19b66de202981bf3fef4c4d59b26edd143beab94 Mon Sep 17 00:00:00 2001 From: Alexey Golubev Date: Thu, 26 May 2022 17:03:57 +0300 Subject: [PATCH 02/51] Revert "Update run-document-server.sh (#439)" This reverts commit 5c17c711b1a14e39a2836bec0fee49044433c3a5. --- run-document-server.sh | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/run-document-server.sh b/run-document-server.sh index e16dca2..c8dcf39 100755 --- a/run-document-server.sh +++ b/run-document-server.sh @@ -298,9 +298,9 @@ update_redis_settings(){ } update_ds_settings(){ - ${JSON} -I -e "this.services.CoAuthoring.token.enable.browser = '${JWT_ENABLED}'" - ${JSON} -I -e "this.services.CoAuthoring.token.enable.request.inbox = '${JWT_ENABLED}'" - ${JSON} -I -e "this.services.CoAuthoring.token.enable.request.outbox = '${JWT_ENABLED}'" + ${JSON} -I -e "this.services.CoAuthoring.token.enable.browser = ${JWT_ENABLED}" + ${JSON} -I -e "this.services.CoAuthoring.token.enable.request.inbox = ${JWT_ENABLED}" + ${JSON} -I -e "this.services.CoAuthoring.token.enable.request.outbox = ${JWT_ENABLED}" ${JSON} -I -e "this.services.CoAuthoring.secret.inbox.string = '${JWT_SECRET}'" ${JSON} -I -e "this.services.CoAuthoring.secret.outbox.string = '${JWT_SECRET}'" @@ -309,11 +309,11 @@ update_ds_settings(){ ${JSON} -I -e "this.services.CoAuthoring.token.inbox.header = '${JWT_HEADER}'" ${JSON} -I -e "this.services.CoAuthoring.token.outbox.header = '${JWT_HEADER}'" - ${JSON} -I -e "this.services.CoAuthoring.token.inbox.inBody = '${JWT_IN_BODY}'" - ${JSON} -I -e "this.services.CoAuthoring.token.outbox.inBody = '${JWT_IN_BODY}'" + ${JSON} -I -e "this.services.CoAuthoring.token.inbox.inBody = ${JWT_IN_BODY}" + ${JSON} -I -e "this.services.CoAuthoring.token.outbox.inBody = ${JWT_IN_BODY}" if [ -f "${ONLYOFFICE_EXAMPLE_CONFIG}" ]; then - ${JSON_EXAMPLE} -I -e "this.server.token.enable = '${JWT_ENABLED}'" + ${JSON_EXAMPLE} -I -e "this.server.token.enable = ${JWT_ENABLED}" ${JSON_EXAMPLE} -I -e "this.server.token.secret = '${JWT_SECRET}'" ${JSON_EXAMPLE} -I -e "this.server.token.authorizationHeader = '${JWT_HEADER}'" fi From 01606746c146b298a39f7f57ced85c23bea834a7 Mon Sep 17 00:00:00 2001 From: Evgeniy Antonyuk Date: Tue, 7 Jun 2022 16:16:05 +0300 Subject: [PATCH 03/51] Fix Bug 53170 / Add the ability to set secure_link_secret (#444) * Add securelink generation * Add ability to configure securelink_secret * Add a description of SECURE_LINK_SECRET * Update README.md --- README.md | 1 + run-document-server.sh | 2 ++ 2 files changed, 3 insertions(+) diff --git a/README.md b/README.md index 18fb96e..a7bc84d 100644 --- a/README.md +++ b/README.md @@ -187,6 +187,7 @@ Below is the complete list of parameters that can be set using environment varia - **REDIS_SERVER_PORT**: The Redis server port number. - **NGINX_WORKER_PROCESSES**: Defines the number of nginx worker processes. - **NGINX_WORKER_CONNECTIONS**: Sets the maximum number of simultaneous connections that can be opened by a nginx worker process. +- **SECURE_LINK_SECRET**: Defines secret for the nginx config directive [secure_link_md5](http://nginx.org/ru/docs/http/ngx_http_secure_link_module.html#secure_link_md5). Defaults to `random string`. - **JWT_ENABLED**: Specifies the enabling the JSON Web Token validation by the ONLYOFFICE Document Server. Defaults to `false`. - **JWT_SECRET**: Defines the secret key to validate the JSON Web Token in the request to the ONLYOFFICE Document Server. Defaults to `secret`. - **JWT_HEADER**: Defines the http header that will be used to send the JSON Web Token. Defaults to `Authorization`. diff --git a/run-document-server.sh b/run-document-server.sh index c8dcf39..8011b54 100755 --- a/run-document-server.sh +++ b/run-document-server.sh @@ -468,6 +468,8 @@ update_nginx_settings(){ if [ -f "${NGINX_ONLYOFFICE_EXAMPLE_CONF}" ]; then sed 's/linux/docker/' -i ${NGINX_ONLYOFFICE_EXAMPLE_CONF} fi + + documentserver-update-securelink.sh -s ${SECURE_LINK_SECRET:-$(pwgen -s 20)} } update_supervisor_settings(){ From a6562f4017a8e199904493e7010554f2b93dd38c Mon Sep 17 00:00:00 2001 From: Danil Titarenko <77471369+danilapog@users.noreply.github.com> Date: Thu, 9 Jun 2022 13:27:39 +0300 Subject: [PATCH 04/51] Add multiarch build with action (#445) * Update run-document-server.sh (#439) * Revert "Update run-document-server.sh (#439)" This reverts commit 5c17c711b1a14e39a2836bec0fee49044433c3a5. * Add bake config * Add targets for multiarch build * Add multiarch workflows * Cosmetic changes * Refactoring * Cosmetic changes * Cosmetic changes * Change URL for test repo * Refactor: refactoring code * Refactoring sed * Remove -ie build * Add special tag for package * Cosmetic changes Co-authored-by: papacarlo Co-authored-by: Roger Shieh Co-authored-by: Alexey Golubev --- .github/workflows/build-4testing.yml | 70 ++++++++++++++++++++++++++++ .github/workflows/build-stable.yml | 58 +++++++++++++++++++++++ Dockerfile | 6 ++- docker-bake.hcl | 47 +++++++++++++++++++ 4 files changed, 179 insertions(+), 2 deletions(-) create mode 100644 .github/workflows/build-4testing.yml create mode 100644 .github/workflows/build-stable.yml create mode 100644 docker-bake.hcl diff --git a/.github/workflows/build-4testing.yml b/.github/workflows/build-4testing.yml new file mode 100644 index 0000000..215fe8d --- /dev/null +++ b/.github/workflows/build-4testing.yml @@ -0,0 +1,70 @@ +### This workflow setup instance then build and push images ### +name: Multi-arch build 4testing + +on: + push: + tags: + - "v*" + - "!v*-stable" + +env: + COMPANY_NAME: "onlyoffice" + PRODUCT_NAME: "documentserver" + +jobs: + build: + name: Build + runs-on: ubuntu-latest + strategy: + matrix: + edition: ["", "-ee", "-de"] + images: ["documentserver"] + steps: + - name: Checkout code + uses: actions/checkout@v3 + + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + + - name: Login to Docker Hub + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKER_HUB_USERNAME }} + password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} + + - name: Get Tag Name + id: tag_name + run: | + echo ::set-output name=SOURCE_TAG::${GITHUB_REF#refs/tags/} + + - name: Build documentserver-4testing + run: | + DOCKER_TAG=$(echo ${{ steps.tag_name.outputs.SOURCE_TAG }} | sed 's/^.//' ) + PACKAGE_VERSION=$(echo $DOCKER_TAG | sed 's/\./-/3') + PACKAGE_URL=${{ secrets.REPO_URL }}${{ matrix.edition }}_"$PACKAGE_VERSION"_amd64.deb + STATUS=$(curl -s -o /dev/null -w "%{http_code}\n" "$PACKAGE_URL") + if [[ "$STATUS" = "200" ]]; then + echo "Have access to documentserver${{ matrix.edition }} amd64 arch >> check arm64 access" + PACKAGE_URL=${{ secrets.REPO_URL }}${{ matrix.edition }}_"$PACKAGE_VERSION"_arm64.deb + STATUS=$(curl -s -o /dev/null -w "%{http_code}\n" "$PACKAGE_URL") + if [[ "$STATUS" = "200" ]]; then + echo "Have access to documentserver${{ matrix.edition }} arm64 arch" + echo "All architecture are available >> Build is starting." + sed -i "s|http://download.onlyoffice.com/install/documentserver/linux/\${COMPANY_NAME}-\${PRODUCT_NAME}\${PRODUCT_EDITION}|${{ secrets.REPO_URL }}${{ matrix.edition }}_$PACKAGE_VERSION|g" Dockerfile + PRODUCT_EDITION=${{ matrix.edition }} COMPANY_NAME=${{ env.COMPANY_NAME }} \ + PRODUCT_NAME=${{ env.PRODUCT_NAME }} DOCKERFILE=Dockerfile \ + PREFIX_NAME=4testing- TAG=$DOCKER_TAG \ + docker buildx bake \ + -f docker-bake.hcl ${{ matrix.images }} \ + --push + echo "DONE: Build success >> exit with 0" + exit 0 + else + echo "FAILED: Have no access to some required architecture documentserver${{ matrix.edition }} >> Build did't started >> Exit with 0." + exit 0 + fi + fi + shell: bash diff --git a/.github/workflows/build-stable.yml b/.github/workflows/build-stable.yml new file mode 100644 index 0000000..bb5b1d1 --- /dev/null +++ b/.github/workflows/build-stable.yml @@ -0,0 +1,58 @@ +### This workflow setup instance then build and push images ### +name: Multi-arch build stable + +on: + push: + tags: + - "v*-stable" + +env: + COMPANY_NAME: "onlyoffice" + PRODUCT_NAME: "documentserver" + +jobs: + build: + name: Build + runs-on: ubuntu-latest + strategy: + matrix: + edition: ["", "-ee", "-de"] + images: ["documentserver-stable"] + steps: + - name: Checkout code + uses: actions/checkout@v3 + + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + + - name: Login to Docker Hub + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKER_HUB_USERNAME }} + password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} + + - name: Get Tag Name + id: tag_name + run: | + echo ::set-output name=SOURCE_TAG::${GITHUB_REF#refs/tags/} + + - name: Build documentserver-stable + run: | + DOCKER_TAG=$(echo ${{ steps.tag_name.outputs.SOURCE_TAG }} | sed 's/^.//; s/-stable//') + IMAGE_STATUS=$(docker manifest inspect ${{ env.COMPANY_NAME }}/4testing-${{ env.PRODUCT_NAME }}${{ matrix.edition }}:$DOCKER_TAG > /dev/null ; echo $?) + if [[ "$IMAGE_STATUS" = "0" ]]; then + echo "Image present on docker.hub >> start build stable version" + echo "FROM ${{ env.COMPANY_NAME }}/4testing-${{ env.PRODUCT_NAME }}${{ matrix.edition }}:$DOCKER_TAG as ${{ env.PRODUCT_NAME }}-stable" >> Dockerfile.stable + PRODUCT_EDITION=${{ matrix.edition }} PRODUCT_NAME=${{ env.PRODUCT_NAME }} \ + COMPANY_NAME=${{ env.COMPANY_NAME}} DOCKERFILE=Dockerfile.stable TAG=$DOCKER_TAG \ + docker buildx bake \ + -f docker-bake.hcl ${{ matrix.images }} \ + --push ; + else + echo "FAILED: Image with tag $DOCKER_TAG do not presented on docker.hub >> build will not started >> exit with 0" + exit 0 + fi + shell: bash diff --git a/Dockerfile b/Dockerfile index 69e2e2a..5f1bf17 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM ubuntu:20.04 +FROM ubuntu:20.04 as documentserver LABEL maintainer Ascensio System SIA ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 DEBIAN_FRONTEND=noninteractive PG_VERSION=12 @@ -71,9 +71,11 @@ COPY run-document-server.sh /app/ds/run-document-server.sh EXPOSE 80 443 +ARG TARGETARCH +ARG PRODUCT_EDITION= ARG COMPANY_NAME=onlyoffice ARG PRODUCT_NAME=documentserver -ARG PACKAGE_URL="http://download.onlyoffice.com/install/documentserver/linux/${COMPANY_NAME}-${PRODUCT_NAME}_amd64.deb" +ARG PACKAGE_URL="http://download.onlyoffice.com/install/documentserver/linux/${COMPANY_NAME}-${PRODUCT_NAME}${PRODUCT_EDITION}_$TARGETARCH.deb" ENV COMPANY_NAME=$COMPANY_NAME \ PRODUCT_NAME=$PRODUCT_NAME diff --git a/docker-bake.hcl b/docker-bake.hcl new file mode 100644 index 0000000..9e89642 --- /dev/null +++ b/docker-bake.hcl @@ -0,0 +1,47 @@ +variable "TAG" { + default = "" +} + +variable "COMPANY_NAME" { + default = "" +} + +variable "PREFIX_NAME" { + default = "" +} + +variable "PRODUCT_EDITION" { + default = "" +} + +variable "PRODUCT_NAME" { + default = "" +} + +variable "DOCKERFILE" { + default = "" +} + +target "documentserver" { + target = "documentserver" + dockerfile= "${DOCKERFILE}" + tags = ["docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}"] + platforms = ["linux/amd64", "linux/arm64"] + args = { + "PRODUCT_EDITION": "${PRODUCT_EDITION}" + "PRODUCT_NAME": "${PRODUCT_NAME}" + "COMPANY_NAME": "${COMPANY_NAME}" + } +} + +target "documentserver-stable" { + target = "documentserver-stable" + dockerfile= "${DOCKERFILE}" + tags = ["docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}", "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:latest"] + platforms = ["linux/amd64", "linux/arm64"] + args = { + "PRODUCT_EDITION": "${PRODUCT_EDITION}" + "PRODUCT_NAME": "${PRODUCT_NAME}" + "COMPANY_NAME": "${COMPANY_NAME}" + } +} From 86cbb01bbfbc6d4d49ec34af4628f102e0380535 Mon Sep 17 00:00:00 2001 From: Danil Titarenko <77471369+danilapog@users.noreply.github.com> Date: Fri, 10 Jun 2022 15:43:50 +0300 Subject: [PATCH 05/51] Add short tags for released images (#446) * Add short tags for images * Edit workflow tags --- .github/workflows/build-stable.yml | 17 +++++++++++------ docker-bake.hcl | 13 ++++++++++++- 2 files changed, 23 insertions(+), 7 deletions(-) diff --git a/.github/workflows/build-stable.yml b/.github/workflows/build-stable.yml index bb5b1d1..f1bbe5e 100644 --- a/.github/workflows/build-stable.yml +++ b/.github/workflows/build-stable.yml @@ -16,8 +16,8 @@ jobs: runs-on: ubuntu-latest strategy: matrix: - edition: ["", "-ee", "-de"] images: ["documentserver-stable"] + edition: ["", "-ee", "-de"] steps: - name: Checkout code uses: actions/checkout@v3 @@ -41,18 +41,23 @@ jobs: - name: Build documentserver-stable run: | - DOCKER_TAG=$(echo ${{ steps.tag_name.outputs.SOURCE_TAG }} | sed 's/^.//; s/-stable//') - IMAGE_STATUS=$(docker manifest inspect ${{ env.COMPANY_NAME }}/4testing-${{ env.PRODUCT_NAME }}${{ matrix.edition }}:$DOCKER_TAG > /dev/null ; echo $?) + TAG=$(echo ${{ steps.tag_name.outputs.SOURCE_TAG }} | sed 's/^.//; s/-stable//') + SHORTER_TAG=$(echo ${TAG} | grep -o -P '^[\d]+\.[\d]+\.[\d]+') + SHORTEST_TAG=$(echo ${TAG} | grep -o -P '^[\d]+\.[\d]+') + IMAGE_STATUS=$(docker manifest inspect ${{ env.COMPANY_NAME }}/4testing-${{ env.PRODUCT_NAME }}${{ matrix.edition }}:$TAG > /dev/null ; echo $?) if [[ "$IMAGE_STATUS" = "0" ]]; then echo "Image present on docker.hub >> start build stable version" - echo "FROM ${{ env.COMPANY_NAME }}/4testing-${{ env.PRODUCT_NAME }}${{ matrix.edition }}:$DOCKER_TAG as ${{ env.PRODUCT_NAME }}-stable" >> Dockerfile.stable + echo "FROM ${{ env.COMPANY_NAME }}/4testing-${{ env.PRODUCT_NAME }}${{ matrix.edition }}:$TAG as ${{ env.PRODUCT_NAME }}-stable" >> Dockerfile.stable PRODUCT_EDITION=${{ matrix.edition }} PRODUCT_NAME=${{ env.PRODUCT_NAME }} \ - COMPANY_NAME=${{ env.COMPANY_NAME}} DOCKERFILE=Dockerfile.stable TAG=$DOCKER_TAG \ + COMPANY_NAME=${{ env.COMPANY_NAME}} DOCKERFILE=Dockerfile.stable \ + TAG=$TAG \ + SHORTER_TAG=$SHORTER_TAG \ + SHORTEST_TAG=$SHORTEST_TAG \ docker buildx bake \ -f docker-bake.hcl ${{ matrix.images }} \ --push ; else - echo "FAILED: Image with tag $DOCKER_TAG do not presented on docker.hub >> build will not started >> exit with 0" + echo "FAILED: Image with tag $TAG do not presented on docker.hub >> build will not started >> exit with 0" exit 0 fi shell: bash diff --git a/docker-bake.hcl b/docker-bake.hcl index 9e89642..04ed4a0 100644 --- a/docker-bake.hcl +++ b/docker-bake.hcl @@ -2,6 +2,14 @@ variable "TAG" { default = "" } +variable "SHORTER_TAG" { + default = "" +} + +variable "SHORTEST_TAG" { + default = "" +} + variable "COMPANY_NAME" { default = "" } @@ -37,7 +45,10 @@ target "documentserver" { target "documentserver-stable" { target = "documentserver-stable" dockerfile= "${DOCKERFILE}" - tags = ["docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}", "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:latest"] + tags = ["docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}", + "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${SHORTER_TAG}", + "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${SHORTEST_TAG}", + "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:latest"] platforms = ["linux/amd64", "linux/arm64"] args = { "PRODUCT_EDITION": "${PRODUCT_EDITION}" From 9494e08e8f4b3a1808cf528265e997d9b9d7bae1 Mon Sep 17 00:00:00 2001 From: Danil Titarenko <77471369+danilapog@users.noreply.github.com> Date: Wed, 15 Jun 2022 10:30:18 +0300 Subject: [PATCH 06/51] Fix for redis correct work (#449) * Fix for redis correct work * Refactoring code * Refactoring code * Refactoring code * Refactor: refactoring code --- Dockerfile | 3 ++- run-document-server.sh | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 5f1bf17..708b4a6 100644 --- a/Dockerfile +++ b/Dockerfile @@ -78,7 +78,8 @@ ARG PRODUCT_NAME=documentserver ARG PACKAGE_URL="http://download.onlyoffice.com/install/documentserver/linux/${COMPANY_NAME}-${PRODUCT_NAME}${PRODUCT_EDITION}_$TARGETARCH.deb" ENV COMPANY_NAME=$COMPANY_NAME \ - PRODUCT_NAME=$PRODUCT_NAME + PRODUCT_NAME=$PRODUCT_NAME \ + PRODUCT_EDITION=$PRODUCT_EDITION RUN wget -q -P /tmp "$PACKAGE_URL" && \ apt-get -y update && \ diff --git a/run-document-server.sh b/run-document-server.sh index 8011b54..c9747f8 100755 --- a/run-document-server.sh +++ b/run-document-server.sh @@ -83,7 +83,7 @@ WOPI_ENABLED=${WOPI_ENABLED:-false} GENERATE_FONTS=${GENERATE_FONTS:-true} -if [[ ${PRODUCT_NAME} == "documentserver" ]]; then +if [[ ${PRODUCT_NAME}${PRODUCT_EDITION} == "documentserver" ]]; then REDIS_ENABLED=false else REDIS_ENABLED=true From c4ddb9971045784c880b1963a46ab1816daebe79 Mon Sep 17 00:00:00 2001 From: Danil Titarenko <77471369+danilapog@users.noreply.github.com> Date: Tue, 5 Jul 2022 14:41:20 +0300 Subject: [PATCH 07/51] Update base image version (#447) --- Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 708b4a6..7405b2b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,7 @@ -FROM ubuntu:20.04 as documentserver +FROM ubuntu:22.04 as documentserver LABEL maintainer Ascensio System SIA -ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 DEBIAN_FRONTEND=noninteractive PG_VERSION=12 +ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 DEBIAN_FRONTEND=noninteractive PG_VERSION=14 ARG ONLYOFFICE_VALUE=onlyoffice From c7a1fd04a436bc563b63d961b09dc30e9e8db8fc Mon Sep 17 00:00:00 2001 From: Evgeniy Antonyuk Date: Tue, 5 Jul 2022 14:56:42 +0300 Subject: [PATCH 08/51] fix Bug 50138 / Fix SSL key access error (#455) * Fix SSL key access error * Change name of directory --- run-document-server.sh | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/run-document-server.sh b/run-document-server.sh index c9747f8..aca2d89 100755 --- a/run-document-server.sh +++ b/run-document-server.sh @@ -37,7 +37,12 @@ if [ "${RELEASE_DATE}" != "${PREV_RELEASE_DATE}" ]; then fi fi -SSL_CERTIFICATES_DIR="${DATA_DIR}/certs" +SSL_CERTIFICATES_DIR="/usr/share/ca-certificates/ds" +mkdir -p ${SSL_CERTIFICATES_DIR} +cp -f ${DATA_DIR}/certs/* ${SSL_CERTIFICATES_DIR} +chmod 644 ${SSL_CERTIFICATES_DIR}/*.crt ${SSL_CERTIFICATES_DIR}/*.pem +chmod 400 ${SSL_CERTIFICATES_DIR}/*.key + if [[ -z $SSL_CERTIFICATE_PATH ]] && [[ -f ${SSL_CERTIFICATES_DIR}/${COMPANY_NAME}.crt ]]; then SSL_CERTIFICATE_PATH=${SSL_CERTIFICATES_DIR}/${COMPANY_NAME}.crt else @@ -505,7 +510,7 @@ for i in ${DS_LIB_DIR}/App_Data/cache/files ${DS_LIB_DIR}/App_Data/docbuilder ${ done # change folder rights -for i in ${LOG_DIR} ${LIB_DIR} ${DATA_DIR}; do +for i in ${LOG_DIR} ${LIB_DIR}; do chown -R ds:ds "$i" chmod -R 755 "$i" done From 29e4ec3027128fc45530639b868d1a05786c51b1 Mon Sep 17 00:00:00 2001 From: Danil Titarenko <77471369+danilapog@users.noreply.github.com> Date: Mon, 11 Jul 2022 13:27:43 +0300 Subject: [PATCH 09/51] Refactoring workflow (#448) --- ...{build-4testing.yml => 4testing-build.yml} | 45 ++++++++++--------- .../{build-stable.yml => stable-build.yml} | 12 +++-- 2 files changed, 33 insertions(+), 24 deletions(-) rename .github/workflows/{build-4testing.yml => 4testing-build.yml} (53%) rename .github/workflows/{build-stable.yml => stable-build.yml} (88%) diff --git a/.github/workflows/build-4testing.yml b/.github/workflows/4testing-build.yml similarity index 53% rename from .github/workflows/build-4testing.yml rename to .github/workflows/4testing-build.yml index 215fe8d..0716979 100644 --- a/.github/workflows/build-4testing.yml +++ b/.github/workflows/4testing-build.yml @@ -1,5 +1,5 @@ ### This workflow setup instance then build and push images ### -name: Multi-arch build 4testing +name: 4testing multiarch-build on: push: @@ -15,10 +15,12 @@ jobs: build: name: Build runs-on: ubuntu-latest + continue-on-error: ${{ matrix.condition }} strategy: matrix: - edition: ["", "-ee", "-de"] images: ["documentserver"] + edition: ["", "-ee", "-de"] + condition: [true] steps: - name: Checkout code uses: actions/checkout@v3 @@ -40,7 +42,7 @@ jobs: run: | echo ::set-output name=SOURCE_TAG::${GITHUB_REF#refs/tags/} - - name: Build documentserver-4testing + - name: Build 4testing run: | DOCKER_TAG=$(echo ${{ steps.tag_name.outputs.SOURCE_TAG }} | sed 's/^.//' ) PACKAGE_VERSION=$(echo $DOCKER_TAG | sed 's/\./-/3') @@ -48,23 +50,26 @@ jobs: STATUS=$(curl -s -o /dev/null -w "%{http_code}\n" "$PACKAGE_URL") if [[ "$STATUS" = "200" ]]; then echo "Have access to documentserver${{ matrix.edition }} amd64 arch >> check arm64 access" - PACKAGE_URL=${{ secrets.REPO_URL }}${{ matrix.edition }}_"$PACKAGE_VERSION"_arm64.deb - STATUS=$(curl -s -o /dev/null -w "%{http_code}\n" "$PACKAGE_URL") - if [[ "$STATUS" = "200" ]]; then - echo "Have access to documentserver${{ matrix.edition }} arm64 arch" - echo "All architecture are available >> Build is starting." - sed -i "s|http://download.onlyoffice.com/install/documentserver/linux/\${COMPANY_NAME}-\${PRODUCT_NAME}\${PRODUCT_EDITION}|${{ secrets.REPO_URL }}${{ matrix.edition }}_$PACKAGE_VERSION|g" Dockerfile - PRODUCT_EDITION=${{ matrix.edition }} COMPANY_NAME=${{ env.COMPANY_NAME }} \ - PRODUCT_NAME=${{ env.PRODUCT_NAME }} DOCKERFILE=Dockerfile \ - PREFIX_NAME=4testing- TAG=$DOCKER_TAG \ - docker buildx bake \ - -f docker-bake.hcl ${{ matrix.images }} \ - --push - echo "DONE: Build success >> exit with 0" - exit 0 - else - echo "FAILED: Have no access to some required architecture documentserver${{ matrix.edition }} >> Build did't started >> Exit with 0." - exit 0 + else + echo "FAILED: Have no access to documentserver${{ matrix.edition }} amd64 arch" + exit 1 fi + PACKAGE_URL=${{ secrets.REPO_URL }}${{ matrix.edition }}_"$PACKAGE_VERSION"_arm64.deb + STATUS=$(curl -s -o /dev/null -w "%{http_code}\n" "$PACKAGE_URL") + if [[ "$STATUS" = "200" ]]; then + echo "Have access to documentserver${{ matrix.edition }} arm64 arch" + echo "All architecture are available >> build is starting." + sed -i "s|http://download.onlyoffice.com/install/documentserver/linux/\${COMPANY_NAME}-\${PRODUCT_NAME}\${PRODUCT_EDITION}|${{ secrets.REPO_URL }}${{ matrix.edition }}_$PACKAGE_VERSION|g" Dockerfile + PRODUCT_EDITION=${{ matrix.edition }} COMPANY_NAME=${{ env.COMPANY_NAME }} \ + PRODUCT_NAME=${{ env.PRODUCT_NAME }} DOCKERFILE=Dockerfile \ + PREFIX_NAME=4testing- TAG=$DOCKER_TAG \ + docker buildx bake \ + -f docker-bake.hcl ${{ matrix.images }} \ + --push + echo "DONE: Build success >> exit with 0" + exit 0 + else + echo "FAILED: Have no access to some required architecture documentserver${{ matrix.edition }} >> Exit with 0." + exit 1 fi shell: bash diff --git a/.github/workflows/build-stable.yml b/.github/workflows/stable-build.yml similarity index 88% rename from .github/workflows/build-stable.yml rename to .github/workflows/stable-build.yml index f1bbe5e..7fd434a 100644 --- a/.github/workflows/build-stable.yml +++ b/.github/workflows/stable-build.yml @@ -14,10 +14,12 @@ jobs: build: name: Build runs-on: ubuntu-latest + continue-on-error: ${{ matrix.condition }} strategy: matrix: images: ["documentserver-stable"] edition: ["", "-ee", "-de"] + condition: [true] steps: - name: Checkout code uses: actions/checkout@v3 @@ -39,7 +41,7 @@ jobs: run: | echo ::set-output name=SOURCE_TAG::${GITHUB_REF#refs/tags/} - - name: Build documentserver-stable + - name: Build documentserver-release run: | TAG=$(echo ${{ steps.tag_name.outputs.SOURCE_TAG }} | sed 's/^.//; s/-stable//') SHORTER_TAG=$(echo ${TAG} | grep -o -P '^[\d]+\.[\d]+\.[\d]+') @@ -55,9 +57,11 @@ jobs: SHORTEST_TAG=$SHORTEST_TAG \ docker buildx bake \ -f docker-bake.hcl ${{ matrix.images }} \ - --push ; - else - echo "FAILED: Image with tag $TAG do not presented on docker.hub >> build will not started >> exit with 0" + --push + echo "DONE: Build success >> exit with 0" exit 0 + else + echo "FAILED: Image with tag $TAG do not presented on docker.hub >> build will not started >> exit with 1" + exit 1 fi shell: bash From c16635ea71e3df248fd58efd2182aa8eb5769bae Mon Sep 17 00:00:00 2001 From: Danil Titarenko <77471369+danilapog@users.noreply.github.com> Date: Tue, 12 Jul 2022 12:37:48 +0300 Subject: [PATCH 10/51] Fix supervisor socket messages (#459) --- run-document-server.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/run-document-server.sh b/run-document-server.sh index aca2d89..2b2e386 100755 --- a/run-document-server.sh +++ b/run-document-server.sh @@ -474,7 +474,7 @@ update_nginx_settings(){ sed 's/linux/docker/' -i ${NGINX_ONLYOFFICE_EXAMPLE_CONF} fi - documentserver-update-securelink.sh -s ${SECURE_LINK_SECRET:-$(pwgen -s 20)} + documentserver-update-securelink.sh -s ${SECURE_LINK_SECRET:-$(pwgen -s 20)} -r false } update_supervisor_settings(){ From 143e77fdfcc3b6e462ca62b19fb8edfb81c37b49 Mon Sep 17 00:00:00 2001 From: Danil Titarenko <77471369+danilapog@users.noreply.github.com> Date: Mon, 18 Jul 2022 17:11:06 +0300 Subject: [PATCH 11/51] Fix Big #57286 / Add redis password config settings (#466) * Add redis password settings * Add variable description * Change variable descriptions * Change variable descriptions * Change variable descriptions --- README.md | 1 + run-document-server.sh | 5 +++++ 2 files changed, 6 insertions(+) diff --git a/README.md b/README.md index a7bc84d..5020dfd 100644 --- a/README.md +++ b/README.md @@ -185,6 +185,7 @@ Below is the complete list of parameters that can be set using environment varia - **AMQP_TYPE**: The message broker type. Supported values are `rabbitmq` or `activemq`. Defaults to `rabbitmq`. - **REDIS_SERVER_HOST**: The IP address or the name of the host where the Redis server is running. - **REDIS_SERVER_PORT**: The Redis server port number. +- **REDIS_SERVER_PASS**: The Redis server password. The password is not set by default. - **NGINX_WORKER_PROCESSES**: Defines the number of nginx worker processes. - **NGINX_WORKER_CONNECTIONS**: Sets the maximum number of simultaneous connections that can be opened by a nginx worker process. - **SECURE_LINK_SECRET**: Defines secret for the nginx config directive [secure_link_md5](http://nginx.org/ru/docs/http/ngx_http_secure_link_module.html#secure_link_md5). Defaults to `random string`. diff --git a/run-document-server.sh b/run-document-server.sh index 2b2e386..0ae0764 100755 --- a/run-document-server.sh +++ b/run-document-server.sh @@ -300,6 +300,11 @@ update_redis_settings(){ ${JSON} -I -e "if(this.services.CoAuthoring.redis===undefined)this.services.CoAuthoring.redis={};" ${JSON} -I -e "this.services.CoAuthoring.redis.host = '${REDIS_SERVER_HOST}'" ${JSON} -I -e "this.services.CoAuthoring.redis.port = '${REDIS_SERVER_PORT}'" + + if [ -n "${REDIS_SERVER_PASS}" ]; then + ${JSON} -I -e "this.services.CoAuthoring.redis.options = {'password':'${REDIS_SERVER_PASS}'}" + fi + } update_ds_settings(){ From 06a05223b5faea3491298aef5716b7c88d22791f Mon Sep 17 00:00:00 2001 From: Danil Titarenko <77471369+danilapog@users.noreply.github.com> Date: Tue, 19 Jul 2022 15:51:46 +0300 Subject: [PATCH 12/51] Fix bug #58032 / Fix moves certificates alarm messages (#461) * Add some checks before replace certificates * Change if check key * Refactoring code * Refactoring code * Add checking exist files * Refactor: refactoring code * Remove check files conditions --- run-document-server.sh | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/run-document-server.sh b/run-document-server.sh index 0ae0764..cfba7a0 100755 --- a/run-document-server.sh +++ b/run-document-server.sh @@ -39,9 +39,11 @@ fi SSL_CERTIFICATES_DIR="/usr/share/ca-certificates/ds" mkdir -p ${SSL_CERTIFICATES_DIR} -cp -f ${DATA_DIR}/certs/* ${SSL_CERTIFICATES_DIR} -chmod 644 ${SSL_CERTIFICATES_DIR}/*.crt ${SSL_CERTIFICATES_DIR}/*.pem -chmod 400 ${SSL_CERTIFICATES_DIR}/*.key +if [[ -d ${DATA_DIR}/certs ]] && [ -e ${DATA_DIR}/certs/*.crt ]; then + cp -f ${DATA_DIR}/certs/* ${SSL_CERTIFICATES_DIR} + chmod 644 ${SSL_CERTIFICATES_DIR}/*.crt ${SSL_CERTIFICATES_DIR}/*.pem + chmod 400 ${SSL_CERTIFICATES_DIR}/*.key +fi if [[ -z $SSL_CERTIFICATE_PATH ]] && [[ -f ${SSL_CERTIFICATES_DIR}/${COMPANY_NAME}.crt ]]; then SSL_CERTIFICATE_PATH=${SSL_CERTIFICATES_DIR}/${COMPANY_NAME}.crt From 2213fc70f5ab693e0f6b0292d22900799440ef68 Mon Sep 17 00:00:00 2001 From: Danil Titarenko <77471369+danilapog@users.noreply.github.com> Date: Thu, 21 Jul 2022 18:44:06 +0300 Subject: [PATCH 13/51] Add another tags processing (#464) * Add support for processing other tags * Print build-info before build start * Cosmetic changes * Add architecture and URL processing * Refactoring action code * Refactoring code * Refactoring code * Cosmetic changes * Remove some check package version * Refactoring code * Redefining url variable for dockerfile * Cosmetic changes * Changes platform conditions check * Set to use default TARGETARCH in build --- .github/workflows/4testing-build.yml | 76 +++++++++++++++++----------- Dockerfile | 3 +- docker-bake.hcl | 12 ++++- 3 files changed, 60 insertions(+), 31 deletions(-) diff --git a/.github/workflows/4testing-build.yml b/.github/workflows/4testing-build.yml index 0716979..306b6e1 100644 --- a/.github/workflows/4testing-build.yml +++ b/.github/workflows/4testing-build.yml @@ -29,6 +29,7 @@ jobs: uses: docker/setup-qemu-action@v2 - name: Set up Docker Buildx + id: buildx uses: docker/setup-buildx-action@v2 - name: Login to Docker Hub @@ -38,38 +39,55 @@ jobs: password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} - name: Get Tag Name - id: tag_name run: | - echo ::set-output name=SOURCE_TAG::${GITHUB_REF#refs/tags/} + echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV - name: Build 4testing run: | - DOCKER_TAG=$(echo ${{ steps.tag_name.outputs.SOURCE_TAG }} | sed 's/^.//' ) - PACKAGE_VERSION=$(echo $DOCKER_TAG | sed 's/\./-/3') - PACKAGE_URL=${{ secrets.REPO_URL }}${{ matrix.edition }}_"$PACKAGE_VERSION"_amd64.deb - STATUS=$(curl -s -o /dev/null -w "%{http_code}\n" "$PACKAGE_URL") - if [[ "$STATUS" = "200" ]]; then - echo "Have access to documentserver${{ matrix.edition }} amd64 arch >> check arm64 access" - else - echo "FAILED: Have no access to documentserver${{ matrix.edition }} amd64 arch" - exit 1 - fi - PACKAGE_URL=${{ secrets.REPO_URL }}${{ matrix.edition }}_"$PACKAGE_VERSION"_arm64.deb - STATUS=$(curl -s -o /dev/null -w "%{http_code}\n" "$PACKAGE_URL") - if [[ "$STATUS" = "200" ]]; then - echo "Have access to documentserver${{ matrix.edition }} arm64 arch" - echo "All architecture are available >> build is starting." - sed -i "s|http://download.onlyoffice.com/install/documentserver/linux/\${COMPANY_NAME}-\${PRODUCT_NAME}\${PRODUCT_EDITION}|${{ secrets.REPO_URL }}${{ matrix.edition }}_$PACKAGE_VERSION|g" Dockerfile - PRODUCT_EDITION=${{ matrix.edition }} COMPANY_NAME=${{ env.COMPANY_NAME }} \ - PRODUCT_NAME=${{ env.PRODUCT_NAME }} DOCKERFILE=Dockerfile \ - PREFIX_NAME=4testing- TAG=$DOCKER_TAG \ - docker buildx bake \ - -f docker-bake.hcl ${{ matrix.images }} \ - --push - echo "DONE: Build success >> exit with 0" - exit 0 - else - echo "FAILED: Have no access to some required architecture documentserver${{ matrix.edition }} >> Exit with 0." - exit 1 + ### ==>> At this step build variable declaration ### + DOCKER_TAG=$( echo ${{ env.RELEASE_VERSION }} | sed 's/^.//' ) + PACKAGE_VERSION=$( echo $DOCKER_TAG | sed -E 's/(.*)\./\1-/' ) + NODE_PLATFORMS=$( echo ${{ steps.buildx.outputs.platforms }} | sed 's/linux\///g' | sed 's/,/ /g' ) + echo "Start check avalivable build platforms >>" + + ### ==>> In this loop we will check all avalivable documentserver architectures. After that all accessed arch will be added to build-platforms list. ### + for ARCH in ${NODE_PLATFORMS}; do + REPO_URL=${{ secrets.REPO_URL }} + if [[ ${{ env.RELEASE_VERSION }} == v99.* ]]; then + REPO_URL=${{ secrets.UNSTABLE_REPO_URL }} + fi + PACKAGE_URL_CHECK=${REPO_URL}${{ matrix.edition }}_"$PACKAGE_VERSION"_${ARCH}.deb + STATUS=$(curl -s -o /dev/null -w "%{http_code}\n" "${PACKAGE_URL_CHECK}") + if [[ "$STATUS" = "200" ]]; then + echo "✔ ${ARCH} is avalivable >> set like one of build platforms" + PLATFORMS+=(linux/${ARCH},) + BUILD_PLATFORMS=$( echo ${PLATFORMS[@]} | sed 's/ //g' | sed 's/\(.*\),/\1/' ) + else + echo "${ARCH} in not avalivable" + fi + done + PACKAGE_URL_BUILD=$( echo ${PACKAGE_URL_CHECK} | sed -e "s/${PACKAGE_VERSION}_.*.deb/${PACKAGE_VERSION}_TARGETARCH.deb/g" ) + + ### ==>> At this step if there is no access to any platform and platform list is empty, build will exit with 1. ### + if [[ -z ${BUILD_PLATFORMS} ]]; then + echo "Have no access to any platform >> exit with 1" + exit 1 fi + echo "DONE: Check passed >> Build for platforms: ${BUILD_PLATFORMS}" + echo "Build is starting ... >>" + + ### ==>> Build and push images at this step ### + PRODUCT_EDITION=${{ matrix.edition }} \ + PACKAGE_URL=$PACKAGE_URL_BUILD \ + PRODUCT_NAME=${{ env.PRODUCT_NAME }} \ + DOCKERFILE=Dockerfile \ + PREFIX_NAME=4testing- \ + TAG=$DOCKER_TAG \ + PLATFORM=$BUILD_PLATFORMS \ + COMPANY_NAME=${{ env.COMPANY_NAME }} \ + docker buildx bake \ + -f docker-bake.hcl ${{ matrix.images }} \ + --push + echo "DONE: Build success >> exit with 0" + exit 0 shell: bash diff --git a/Dockerfile b/Dockerfile index 7405b2b..dc73ab6 100644 --- a/Dockerfile +++ b/Dockerfile @@ -81,7 +81,8 @@ ENV COMPANY_NAME=$COMPANY_NAME \ PRODUCT_NAME=$PRODUCT_NAME \ PRODUCT_EDITION=$PRODUCT_EDITION -RUN wget -q -P /tmp "$PACKAGE_URL" && \ +RUN PACKAGE_URL=$( echo ${PACKAGE_URL} | sed "s/TARGETARCH/"${TARGETARCH}"/g") && \ + wget -q -P /tmp "$PACKAGE_URL" && \ apt-get -y update && \ service postgresql start && \ apt-get -yq install /tmp/$(basename "$PACKAGE_URL") && \ diff --git a/docker-bake.hcl b/docker-bake.hcl index 04ed4a0..6932d4b 100644 --- a/docker-bake.hcl +++ b/docker-bake.hcl @@ -30,15 +30,25 @@ variable "DOCKERFILE" { default = "" } +variable "PLATFORM" { + default = "" +} + +variable "PACKAGE_URL" { + default = "" +} + target "documentserver" { target = "documentserver" dockerfile= "${DOCKERFILE}" tags = ["docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}"] - platforms = ["linux/amd64", "linux/arm64"] + platforms = ["${PLATFORM}"] args = { "PRODUCT_EDITION": "${PRODUCT_EDITION}" "PRODUCT_NAME": "${PRODUCT_NAME}" "COMPANY_NAME": "${COMPANY_NAME}" + "PACKAGE_URL": "{PACKAGE_URL}" + "PLATFORM": "${PLATFORM}" } } From 05c50429856343439a277a9218bbc2c421334ab6 Mon Sep 17 00:00:00 2001 From: Danil Titarenko <77471369+danilapog@users.noreply.github.com> Date: Fri, 22 Jul 2022 09:44:59 +0300 Subject: [PATCH 14/51] Add the missing variable (#467) --- docker-bake.hcl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-bake.hcl b/docker-bake.hcl index 6932d4b..b03711e 100644 --- a/docker-bake.hcl +++ b/docker-bake.hcl @@ -47,7 +47,7 @@ target "documentserver" { "PRODUCT_EDITION": "${PRODUCT_EDITION}" "PRODUCT_NAME": "${PRODUCT_NAME}" "COMPANY_NAME": "${COMPANY_NAME}" - "PACKAGE_URL": "{PACKAGE_URL}" + "PACKAGE_URL": "${PACKAGE_URL}" "PLATFORM": "${PLATFORM}" } } From 8887cb7a2650f02d186f119f94d830efa1a634b6 Mon Sep 17 00:00:00 2001 From: Evgeniy Antonyuk Date: Mon, 22 Aug 2022 20:27:10 +0300 Subject: [PATCH 15/51] Enable JWT by default and add a JWT status message (#482) * Enable JWT by default and add a JWT status message * Correct JWT message * Add a condition for displaying a JWT message * Minor correction * Minor correction --- run-document-server.sh | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/run-document-server.sh b/run-document-server.sh index cfba7a0..f18aa1c 100755 --- a/run-document-server.sh +++ b/run-document-server.sh @@ -73,7 +73,7 @@ NGINX_CONFIG_PATH="/etc/nginx/nginx.conf" NGINX_WORKER_PROCESSES=${NGINX_WORKER_PROCESSES:-1} NGINX_WORKER_CONNECTIONS=${NGINX_WORKER_CONNECTIONS:-$(ulimit -n)} -JWT_ENABLED=${JWT_ENABLED:-false} +JWT_ENABLED=${JWT_ENABLED:-true} # validate user's vars before usinig in json if [ "${JWT_ENABLED}" == "true" ]; then @@ -82,7 +82,9 @@ else JWT_ENABLED="false" fi -JWT_SECRET=${JWT_SECRET:-secret} +[ -z $JWT_SECRET ] && JWT_MESSAGE="JWT is enabled by default. A random secret is generated automatically. Run the command 'docker exec $(sudo docker ps -q) sudo documentserver-jwt-status.sh' to get information about JWT." + +JWT_SECRET=${JWT_SECRET:-$(pwgen -s 20)} JWT_HEADER=${JWT_HEADER:-Authorization} JWT_IN_BODY=${JWT_IN_BODY:-false} @@ -641,3 +643,5 @@ documentserver-static-gzip.sh ${ONLYOFFICE_DATA_CONTAINER} tail -f /var/log/${COMPANY_NAME}/**/*.log & wait $! + +echo "${JWT_MESSAGE}" From 34180710cf4278cb58a0ebf59d331dc439408b2c Mon Sep 17 00:00:00 2001 From: Evgeniy Antonyuk Date: Mon, 22 Aug 2022 20:56:45 +0300 Subject: [PATCH 16/51] Fix command to get container id (#483) --- run-document-server.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/run-document-server.sh b/run-document-server.sh index f18aa1c..83aeb00 100755 --- a/run-document-server.sh +++ b/run-document-server.sh @@ -82,7 +82,7 @@ else JWT_ENABLED="false" fi -[ -z $JWT_SECRET ] && JWT_MESSAGE="JWT is enabled by default. A random secret is generated automatically. Run the command 'docker exec $(sudo docker ps -q) sudo documentserver-jwt-status.sh' to get information about JWT." +[ -z $JWT_SECRET ] && JWT_MESSAGE="JWT is enabled by default. A random secret is generated automatically. Run the command 'docker exec $(cut -c9-20 < /proc/1/cpuset) sudo documentserver-jwt-status.sh' to get information about JWT." JWT_SECRET=${JWT_SECRET:-$(pwgen -s 20)} JWT_HEADER=${JWT_HEADER:-Authorization} @@ -641,7 +641,7 @@ if [ "${GENERATE_FONTS}" == "true" ]; then fi documentserver-static-gzip.sh ${ONLYOFFICE_DATA_CONTAINER} +echo "${JWT_MESSAGE}" + tail -f /var/log/${COMPANY_NAME}/**/*.log & wait $! - -echo "${JWT_MESSAGE}" From 083ab2c6a66b34050ef975c20b373f7cf7a46a3d Mon Sep 17 00:00:00 2001 From: Danil Titarenko <77471369+danilapog@users.noreply.github.com> Date: Wed, 24 Aug 2022 11:14:59 +0300 Subject: [PATCH 17/51] Add latest tag for develop build (#484) --- .github/workflows/4testing-build.yml | 4 +++- docker-bake.hcl | 9 ++++++++- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/.github/workflows/4testing-build.yml b/.github/workflows/4testing-build.yml index 306b6e1..4532411 100644 --- a/.github/workflows/4testing-build.yml +++ b/.github/workflows/4testing-build.yml @@ -55,6 +55,7 @@ jobs: REPO_URL=${{ secrets.REPO_URL }} if [[ ${{ env.RELEASE_VERSION }} == v99.* ]]; then REPO_URL=${{ secrets.UNSTABLE_REPO_URL }} + DEVELOP_BUILD=true fi PACKAGE_URL_CHECK=${REPO_URL}${{ matrix.edition }}_"$PACKAGE_VERSION"_${ARCH}.deb STATUS=$(curl -s -o /dev/null -w "%{http_code}\n" "${PACKAGE_URL_CHECK}") @@ -63,7 +64,7 @@ jobs: PLATFORMS+=(linux/${ARCH},) BUILD_PLATFORMS=$( echo ${PLATFORMS[@]} | sed 's/ //g' | sed 's/\(.*\),/\1/' ) else - echo "${ARCH} in not avalivable" + echo "Х ${ARCH} in not avalivable" fi done PACKAGE_URL_BUILD=$( echo ${PACKAGE_URL_CHECK} | sed -e "s/${PACKAGE_VERSION}_.*.deb/${PACKAGE_VERSION}_TARGETARCH.deb/g" ) @@ -85,6 +86,7 @@ jobs: TAG=$DOCKER_TAG \ PLATFORM=$BUILD_PLATFORMS \ COMPANY_NAME=${{ env.COMPANY_NAME }} \ + DEVELOP_BUILD=$DEVELOP_BUILD \ ### If value $DEVELOP_BUILD is present add another tag for develop build docker buildx bake \ -f docker-bake.hcl ${{ matrix.images }} \ --push diff --git a/docker-bake.hcl b/docker-bake.hcl index b03711e..0302790 100644 --- a/docker-bake.hcl +++ b/docker-bake.hcl @@ -38,10 +38,17 @@ variable "PACKAGE_URL" { default = "" } +variable "DEVELOP_BUILD" { + default = "" +} + target "documentserver" { target = "documentserver" dockerfile= "${DOCKERFILE}" - tags = ["docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}"] + tags = [ + "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}", + notequal("",DEVELOP_BUILD) ? "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:latest": "", + ] platforms = ["${PLATFORM}"] args = { "PRODUCT_EDITION": "${PRODUCT_EDITION}" From 2379128240d28048b7a5d6aac295369388e31a10 Mon Sep 17 00:00:00 2001 From: Danil Titarenko <77471369+danilapog@users.noreply.github.com> Date: Wed, 24 Aug 2022 12:47:47 +0300 Subject: [PATCH 18/51] fix build (#486) --- .github/workflows/4testing-build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/4testing-build.yml b/.github/workflows/4testing-build.yml index 4532411..1a985db 100644 --- a/.github/workflows/4testing-build.yml +++ b/.github/workflows/4testing-build.yml @@ -86,7 +86,7 @@ jobs: TAG=$DOCKER_TAG \ PLATFORM=$BUILD_PLATFORMS \ COMPANY_NAME=${{ env.COMPANY_NAME }} \ - DEVELOP_BUILD=$DEVELOP_BUILD \ ### If value $DEVELOP_BUILD is present add another tag for develop build + DEVELOP_BUILD=$DEVELOP_BUILD \ docker buildx bake \ -f docker-bake.hcl ${{ matrix.images }} \ --push From 207bd5dac709a7313689e83d260500a9bf244577 Mon Sep 17 00:00:00 2001 From: Danil Titarenko <77471369+danilapog@users.noreply.github.com> Date: Mon, 29 Aug 2022 11:40:25 +0300 Subject: [PATCH 19/51] Add build Documentserver without example (#473) * Add dockerfile for non-example build * Create new symlink for supervisor config * Add ARG for dynamic images specification * Update action version * Add build nonexample after stable build success * Add targets for nonexample build * Cosmetic changes * Update FROM instruction * Add default tag * Remove needless welcome nginx location * Change nonexample image tags * Set correct nonexample image tag * Change tag for nonexample image * Change dockerfile name * Rename dockerfile for release images * Move stable build to dockerfile * Refactoring bake file --- .github/workflows/4testing-build.yml | 4 +-- .github/workflows/stable-build.yml | 53 +++++++++++++++++++++++++--- Dockerfile.production | 24 +++++++++++++ docker-bake.hcl | 20 +++++++++-- 4 files changed, 91 insertions(+), 10 deletions(-) create mode 100644 Dockerfile.production diff --git a/.github/workflows/4testing-build.yml b/.github/workflows/4testing-build.yml index 1a985db..b5a9956 100644 --- a/.github/workflows/4testing-build.yml +++ b/.github/workflows/4testing-build.yml @@ -13,7 +13,7 @@ env: jobs: build: - name: Build + name: "Build image: DocumentServer${{ matrix.edition }}" runs-on: ubuntu-latest continue-on-error: ${{ matrix.condition }} strategy: @@ -33,7 +33,7 @@ jobs: uses: docker/setup-buildx-action@v2 - name: Login to Docker Hub - uses: docker/login-action@v1 + uses: docker/login-action@v2 with: username: ${{ secrets.DOCKER_HUB_USERNAME }} password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} diff --git a/.github/workflows/stable-build.yml b/.github/workflows/stable-build.yml index 7fd434a..9d7f6df 100644 --- a/.github/workflows/stable-build.yml +++ b/.github/workflows/stable-build.yml @@ -12,7 +12,7 @@ env: jobs: build: - name: Build + name: "Release image: DocumentServer${{ matrix.edition }}" runs-on: ubuntu-latest continue-on-error: ${{ matrix.condition }} strategy: @@ -31,7 +31,7 @@ jobs: uses: docker/setup-buildx-action@v2 - name: Login to Docker Hub - uses: docker/login-action@v1 + uses: docker/login-action@v2 with: username: ${{ secrets.DOCKER_HUB_USERNAME }} password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} @@ -49,9 +49,9 @@ jobs: IMAGE_STATUS=$(docker manifest inspect ${{ env.COMPANY_NAME }}/4testing-${{ env.PRODUCT_NAME }}${{ matrix.edition }}:$TAG > /dev/null ; echo $?) if [[ "$IMAGE_STATUS" = "0" ]]; then echo "Image present on docker.hub >> start build stable version" - echo "FROM ${{ env.COMPANY_NAME }}/4testing-${{ env.PRODUCT_NAME }}${{ matrix.edition }}:$TAG as ${{ env.PRODUCT_NAME }}-stable" >> Dockerfile.stable - PRODUCT_EDITION=${{ matrix.edition }} PRODUCT_NAME=${{ env.PRODUCT_NAME }} \ - COMPANY_NAME=${{ env.COMPANY_NAME}} DOCKERFILE=Dockerfile.stable \ + PRODUCT_EDITION=${{ matrix.edition }} \ + PRODUCT_NAME=${{ env.PRODUCT_NAME }} \ + COMPANY_NAME=${{ env.COMPANY_NAME}} \ TAG=$TAG \ SHORTER_TAG=$SHORTER_TAG \ SHORTEST_TAG=$SHORTEST_TAG \ @@ -65,3 +65,46 @@ jobs: exit 1 fi shell: bash + + build-nonExample: + name: "Release image: DocumentServer${{ matrix.edition }}-nonExample" + runs-on: ubuntu-latest + needs: [build] + continue-on-error: ${{ matrix.condition }} + strategy: + matrix: + images: ["documentserver-nonexample"] + edition: ["", "-ee", "-de"] + condition: [true] + steps: + - name: Checkout code + uses: actions/checkout@v3 + + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + + - name: Login to Docker Hub + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKER_HUB_USERNAME }} + password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} + + - name: Get Tag Name + id: tag_name + run: | + echo ::set-output name=SOURCE_TAG::${GITHUB_REF#refs/tags/} + + - name: build image + run: | + TAG=$(echo ${{ steps.tag_name.outputs.SOURCE_TAG }} | sed 's/^.//; s/-stable//') + PRODUCT_EDITION=${{ matrix.edition }} \ + PRODUCT_NAME=${{ env.PRODUCT_NAME }} \ + COMPANY_NAME=${{ env.COMPANY_NAME }} \ + TAG=$TAG \ + docker buildx bake \ + -f docker-bake.hcl ${{ matrix.images }} \ + --push + shell: bash diff --git a/Dockerfile.production b/Dockerfile.production new file mode 100644 index 0000000..3c7b3bd --- /dev/null +++ b/Dockerfile.production @@ -0,0 +1,24 @@ +### Arguments avavlivable only for FROM instruction ### +ARG TAG=latest +ARG COMPANY_NAME=onlyoffice +ARG PRODUCT_EDITION= + +### Build main-release ### + +FROM ${COMPANY_NAME}/4testing-documentserver${PRODUCT_EDITION}:${TAG} as documentserver-stable + +### Build nonexample ### + +FROM ${COMPANY_NAME}/documentserver${PRODUCT_EDITION}:${TAG} as documentserver-nonexample + +ARG COMPANY_NAME=onlyoffice +ARG PRODUCT_NAME=documentserver +ARG DS_SUPERVISOR_CONF=/etc/supervisor/conf.d/ds.conf + +### Remove all documentserver-example data ### + +RUN rm -rf /var/www/$COMPANY_NAME/$PRODUCT_NAME-example \ + && rm -rf /etc/$COMPANY_NAME/$PRODUCT_NAME-example \ + && rm -f $DS_SUPERVISOR_CONF \ + && rm -f /etc/nginx/includes/ds-example.conf \ + && ln -s /etc/$COMPANY_NAME/$PRODUCT_NAME/supervisor/ds.conf $DS_SUPERVISOR_CONF diff --git a/docker-bake.hcl b/docker-bake.hcl index 0302790..e7827f8 100644 --- a/docker-bake.hcl +++ b/docker-bake.hcl @@ -61,15 +61,29 @@ target "documentserver" { target "documentserver-stable" { target = "documentserver-stable" - dockerfile= "${DOCKERFILE}" + dockerfile= "Dockerfile.production" tags = ["docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}", "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${SHORTER_TAG}", "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${SHORTEST_TAG}", "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:latest"] platforms = ["linux/amd64", "linux/arm64"] args = { - "PRODUCT_EDITION": "${PRODUCT_EDITION}" - "PRODUCT_NAME": "${PRODUCT_NAME}" + "TAG": "${TAG}" "COMPANY_NAME": "${COMPANY_NAME}" + "PRODUCT_NAME": "${PRODUCT_NAME}" + "PRODUCT_EDITION": "${PRODUCT_EDITION}" } } + +target "documentserver-nonexample" { + target = "documentserver-nonexample" + dockerfile = "Dockerfile.production" + tags = [ "docker.io/${COMPANY_NAME}/${PRODUCT_NAME}${PREFIX_NAME}${PRODUCT_EDITION}:${TAG}-nonexample" ] + platforms = ["linux/amd64", "linux/arm64"] + args = { + "TAG": "${TAG}" + "COMPANY_NAME": "${COMPANY_NAME}" + "PRODUCT_NAME": "${PRODUCT_NAME}" + "PRODUCT_EDITION": "${PRODUCT_EDITION}" + } +} From 3626f8cc6c697bc3a84a2c9b4b895d67f0c37a85 Mon Sep 17 00:00:00 2001 From: Danil Titarenko <77471369+danilapog@users.noreply.github.com> Date: Tue, 30 Aug 2022 14:33:23 +0300 Subject: [PATCH 20/51] Build: Set job fail status if some build failed (#488) --- .github/workflows/4testing-build.yml | 3 +-- .github/workflows/stable-build.yml | 7 +++---- 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/.github/workflows/4testing-build.yml b/.github/workflows/4testing-build.yml index b5a9956..cd420b9 100644 --- a/.github/workflows/4testing-build.yml +++ b/.github/workflows/4testing-build.yml @@ -15,12 +15,11 @@ jobs: build: name: "Build image: DocumentServer${{ matrix.edition }}" runs-on: ubuntu-latest - continue-on-error: ${{ matrix.condition }} strategy: + fail-fast: false matrix: images: ["documentserver"] edition: ["", "-ee", "-de"] - condition: [true] steps: - name: Checkout code uses: actions/checkout@v3 diff --git a/.github/workflows/stable-build.yml b/.github/workflows/stable-build.yml index 9d7f6df..34d27ad 100644 --- a/.github/workflows/stable-build.yml +++ b/.github/workflows/stable-build.yml @@ -14,12 +14,11 @@ jobs: build: name: "Release image: DocumentServer${{ matrix.edition }}" runs-on: ubuntu-latest - continue-on-error: ${{ matrix.condition }} strategy: + fail-fast: false matrix: images: ["documentserver-stable"] edition: ["", "-ee", "-de"] - condition: [true] steps: - name: Checkout code uses: actions/checkout@v3 @@ -70,12 +69,12 @@ jobs: name: "Release image: DocumentServer${{ matrix.edition }}-nonExample" runs-on: ubuntu-latest needs: [build] - continue-on-error: ${{ matrix.condition }} + if: always() strategy: + fail-fast: false matrix: images: ["documentserver-nonexample"] edition: ["", "-ee", "-de"] - condition: [true] steps: - name: Checkout code uses: actions/checkout@v3 From e44acbebf7a1be2cccda7a912d1f761310d865bc Mon Sep 17 00:00:00 2001 From: Roman Demidov Date: Wed, 31 Aug 2022 12:13:30 +0300 Subject: [PATCH 21/51] Fix KylinOS start error (#471) * Fix KylinOS start error * Small changes * Small changes --- run-document-server.sh | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/run-document-server.sh b/run-document-server.sh index 83aeb00..f0fbd87 100755 --- a/run-document-server.sh +++ b/run-document-server.sh @@ -1,5 +1,7 @@ #!/bin/bash +umask 0022 + function clean_exit { /usr/bin/documentserver-prepare4shutdown.sh } @@ -593,6 +595,8 @@ else update_welcome_page fi +find /etc/${COMPANY_NAME} -exec chown ds:ds {} \; + #start needed local services for i in ${LOCAL_SERVICES[@]}; do service $i start From 713a06e999569e1e94b6973e3de32dd6a585d1a2 Mon Sep 17 00:00:00 2001 From: Danil Titarenko <77471369+danilapog@users.noreply.github.com> Date: Thu, 8 Sep 2022 15:56:49 +0300 Subject: [PATCH 22/51] Add expected build arch (#489) * Add fail status if build unexpected platforms * Build: set exit code for action * Build: Change expected platforms message --- .github/workflows/4testing-build.yml | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/.github/workflows/4testing-build.yml b/.github/workflows/4testing-build.yml index cd420b9..0753466 100644 --- a/.github/workflows/4testing-build.yml +++ b/.github/workflows/4testing-build.yml @@ -47,6 +47,7 @@ jobs: DOCKER_TAG=$( echo ${{ env.RELEASE_VERSION }} | sed 's/^.//' ) PACKAGE_VERSION=$( echo $DOCKER_TAG | sed -E 's/(.*)\./\1-/' ) NODE_PLATFORMS=$( echo ${{ steps.buildx.outputs.platforms }} | sed 's/linux\///g' | sed 's/,/ /g' ) + EXPECTED_PLATFORMS="linux/amd64,linux/arm64" echo "Start check avalivable build platforms >>" ### ==>> In this loop we will check all avalivable documentserver architectures. After that all accessed arch will be added to build-platforms list. ### @@ -76,6 +77,15 @@ jobs: echo "DONE: Check passed >> Build for platforms: ${BUILD_PLATFORMS}" echo "Build is starting ... >>" + ### == >> Set exit code for action + if [ ${BUILD_PLATFORMS} == ${EXPECTED_PLATFORMS} ]; then + EXIT_CODE=0 + echo "OK: Build platforms is expected" + else + EXIT_CODE=1 + echo "WARNING: Build platforms is unexpected action is gonna be marked as Failed" + fi + ### ==>> Build and push images at this step ### PRODUCT_EDITION=${{ matrix.edition }} \ PACKAGE_URL=$PACKAGE_URL_BUILD \ @@ -89,6 +99,6 @@ jobs: docker buildx bake \ -f docker-bake.hcl ${{ matrix.images }} \ --push - echo "DONE: Build success >> exit with 0" - exit 0 + echo "DONE: Build success >> exit with ${EXIT_CODE}" + exit ${EXIT_CODE} shell: bash From 61a5a021cf8ce03bb5b2d83758f8f1750ca4c9eb Mon Sep 17 00:00:00 2001 From: Semyon Bezrukov Date: Mon, 12 Sep 2022 16:04:56 +0300 Subject: [PATCH 23/51] Refactoring stable build (#490) * Refactoring stable build * Build: setting up push 4enterprise images * Cosmetic change * Remove needless tag * Rename dockerfile * Small fix * Rename dockerfile for nonexample Co-authored-by: danilapog --- .github/workflows/4testing-build.yml | 1 - .github/workflows/stable-build.yml | 71 ++++++++----------- docker-bake.hcl | 9 +-- ...erfile.production => production.dockerfile | 0 4 files changed, 33 insertions(+), 48 deletions(-) rename Dockerfile.production => production.dockerfile (100%) diff --git a/.github/workflows/4testing-build.yml b/.github/workflows/4testing-build.yml index 0753466..3d70142 100644 --- a/.github/workflows/4testing-build.yml +++ b/.github/workflows/4testing-build.yml @@ -5,7 +5,6 @@ on: push: tags: - "v*" - - "!v*-stable" env: COMPANY_NAME: "onlyoffice" diff --git a/.github/workflows/stable-build.yml b/.github/workflows/stable-build.yml index 34d27ad..0b6918e 100644 --- a/.github/workflows/stable-build.yml +++ b/.github/workflows/stable-build.yml @@ -2,9 +2,12 @@ name: Multi-arch build stable on: - push: - tags: - - "v*-stable" + workflow_dispatch: + inputs: + tag: + description: 'Tag for release (ex. 1.2.3.45)' + type: string + required: true env: COMPANY_NAME: "onlyoffice" @@ -35,37 +38,28 @@ jobs: username: ${{ secrets.DOCKER_HUB_USERNAME }} password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} - - name: Get Tag Name - id: tag_name - run: | - echo ::set-output name=SOURCE_TAG::${GITHUB_REF#refs/tags/} - - name: Build documentserver-release run: | - TAG=$(echo ${{ steps.tag_name.outputs.SOURCE_TAG }} | sed 's/^.//; s/-stable//') - SHORTER_TAG=$(echo ${TAG} | grep -o -P '^[\d]+\.[\d]+\.[\d]+') - SHORTEST_TAG=$(echo ${TAG} | grep -o -P '^[\d]+\.[\d]+') - IMAGE_STATUS=$(docker manifest inspect ${{ env.COMPANY_NAME }}/4testing-${{ env.PRODUCT_NAME }}${{ matrix.edition }}:$TAG > /dev/null ; echo $?) - if [[ "$IMAGE_STATUS" = "0" ]]; then - echo "Image present on docker.hub >> start build stable version" - PRODUCT_EDITION=${{ matrix.edition }} \ - PRODUCT_NAME=${{ env.PRODUCT_NAME }} \ - COMPANY_NAME=${{ env.COMPANY_NAME}} \ - TAG=$TAG \ - SHORTER_TAG=$SHORTER_TAG \ - SHORTEST_TAG=$SHORTEST_TAG \ - docker buildx bake \ - -f docker-bake.hcl ${{ matrix.images }} \ - --push - echo "DONE: Build success >> exit with 0" - exit 0 - else - echo "FAILED: Image with tag $TAG do not presented on docker.hub >> build will not started >> exit with 1" - exit 1 - fi + set -eux + VERSION=${{ github.event.inputs.tag }} + PRODUCT_EDITION=${{ matrix.edition }} + TESTING_IMAGE=${COMPANY_NAME}/4testing-${PRODUCT_NAME}${PRODUCT_EDITION} + if docker manifest inspect ${TESTING_IMAGE}:${VERSION} > /dev/null; then + echo "Image present on docker.hub >> start build stable version" + export PRODUCT_EDITION + export TAG=${VERSION} + export SHORTER_TAG=${VERSION%.*} + export SHORTEST_TAG=${VERSION%.*.*} + docker buildx bake -f docker-bake.hcl ${{ matrix.images }} --push + echo "DONE: Build success >> exit with 0" + exit 0 + else + echo "FAILED: Image with tag ${VERSION} do not presented on docker.hub >> build will not started >> exit with 1" + exit 1 + fi shell: bash - build-nonExample: + build-nonexample: name: "Release image: DocumentServer${{ matrix.edition }}-nonExample" runs-on: ubuntu-latest needs: [build] @@ -91,19 +85,10 @@ jobs: username: ${{ secrets.DOCKER_HUB_USERNAME }} password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} - - name: Get Tag Name - id: tag_name - run: | - echo ::set-output name=SOURCE_TAG::${GITHUB_REF#refs/tags/} - - name: build image run: | - TAG=$(echo ${{ steps.tag_name.outputs.SOURCE_TAG }} | sed 's/^.//; s/-stable//') - PRODUCT_EDITION=${{ matrix.edition }} \ - PRODUCT_NAME=${{ env.PRODUCT_NAME }} \ - COMPANY_NAME=${{ env.COMPANY_NAME }} \ - TAG=$TAG \ - docker buildx bake \ - -f docker-bake.hcl ${{ matrix.images }} \ - --push + set -eux + export PRODUCT_EDITION=${{ matrix.edition }} + export TAG=${{ github.event.inputs.tag }} + docker buildx bake -f docker-bake.hcl ${{ matrix.images }} --push shell: bash diff --git a/docker-bake.hcl b/docker-bake.hcl index e7827f8..a7ee963 100644 --- a/docker-bake.hcl +++ b/docker-bake.hcl @@ -44,7 +44,7 @@ variable "DEVELOP_BUILD" { target "documentserver" { target = "documentserver" - dockerfile= "${DOCKERFILE}" + dockerfile = "${DOCKERFILE}" tags = [ "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}", notequal("",DEVELOP_BUILD) ? "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:latest": "", @@ -61,11 +61,12 @@ target "documentserver" { target "documentserver-stable" { target = "documentserver-stable" - dockerfile= "Dockerfile.production" + dockerfile = "production.dockerfile" tags = ["docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}", "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${SHORTER_TAG}", "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${SHORTEST_TAG}", - "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:latest"] + "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:latest", + equal("-ee",PRODUCT_EDITION) ? "docker.io/${COMPANY_NAME}4enterprise/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}": "",] platforms = ["linux/amd64", "linux/arm64"] args = { "TAG": "${TAG}" @@ -77,7 +78,7 @@ target "documentserver-stable" { target "documentserver-nonexample" { target = "documentserver-nonexample" - dockerfile = "Dockerfile.production" + dockerfile = "production.dockerfile" tags = [ "docker.io/${COMPANY_NAME}/${PRODUCT_NAME}${PREFIX_NAME}${PRODUCT_EDITION}:${TAG}-nonexample" ] platforms = ["linux/amd64", "linux/arm64"] args = { diff --git a/Dockerfile.production b/production.dockerfile similarity index 100% rename from Dockerfile.production rename to production.dockerfile From b9bfa7b90c34545b1ca2a7f626be99211213ece5 Mon Sep 17 00:00:00 2001 From: Evgeniy Antonyuk Date: Tue, 13 Sep 2022 11:08:04 +0300 Subject: [PATCH 24/51] fix Bug 58778 - Correct the display of container ID for 22.04 (#494) --- run-document-server.sh | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/run-document-server.sh b/run-document-server.sh index f0fbd87..fd183a3 100755 --- a/run-document-server.sh +++ b/run-document-server.sh @@ -84,7 +84,7 @@ else JWT_ENABLED="false" fi -[ -z $JWT_SECRET ] && JWT_MESSAGE="JWT is enabled by default. A random secret is generated automatically. Run the command 'docker exec $(cut -c9-20 < /proc/1/cpuset) sudo documentserver-jwt-status.sh' to get information about JWT." +[ -z $JWT_SECRET ] && JWT_MESSAGE='JWT is enabled by default. A random secret is generated automatically. Run the command "docker exec $(sudo docker ps -q) sudo documentserver-jwt-status.sh" to get information about JWT.' JWT_SECRET=${JWT_SECRET:-$(pwgen -s 20)} JWT_HEADER=${JWT_HEADER:-Authorization} @@ -426,12 +426,15 @@ update_welcome_page() { WELCOME_PAGE="${APP_DIR}-example/welcome/docker.html" if [[ -e $WELCOME_PAGE ]]; then DOCKER_CONTAINER_ID=$(basename $(cat /proc/1/cpuset)) + (( ${#DOCKER_CONTAINER_ID} < 12 )) && DOCKER_CONTAINER_ID=$(hostname) if (( ${#DOCKER_CONTAINER_ID} >= 12 )); then if [[ -x $(command -v docker) ]]; then DOCKER_CONTAINER_NAME=$(docker inspect --format="{{.Name}}" $DOCKER_CONTAINER_ID) sed 's/$(sudo docker ps -q)/'"${DOCKER_CONTAINER_NAME#/}"'/' -i $WELCOME_PAGE + JWT_MESSAGE=$(echo $JWT_MESSAGE | sed 's/$(sudo docker ps -q)/'"${DOCKER_CONTAINER_NAME#/}"'/') else sed 's/$(sudo docker ps -q)/'"${DOCKER_CONTAINER_ID::12}"'/' -i $WELCOME_PAGE + JWT_MESSAGE=$(echo $JWT_MESSAGE | sed 's/$(sudo docker ps -q)/'"${DOCKER_CONTAINER_ID::12}"'/') fi fi fi From bac88530c1c1a187e0eadf8b1074dcdda74d9cfc Mon Sep 17 00:00:00 2001 From: Semyon Bezrukov Date: Fri, 16 Sep 2022 12:28:44 +0300 Subject: [PATCH 25/51] Refactoring testing build (#496) * Fix dockerfile args * Refactoring testing build action * Secret repo baseurl * Fix package version --- .github/workflows/4testing-build.yml | 162 ++++++++++++++++----------- Dockerfile | 15 +-- docker-bake.hcl | 21 +++- 3 files changed, 122 insertions(+), 76 deletions(-) diff --git a/.github/workflows/4testing-build.yml b/.github/workflows/4testing-build.yml index 3d70142..4343507 100644 --- a/.github/workflows/4testing-build.yml +++ b/.github/workflows/4testing-build.yml @@ -2,23 +2,78 @@ name: 4testing multiarch-build on: - push: - tags: - - "v*" + workflow_dispatch: + inputs: + build: + description: 'Build number (ex. 45)' + type: string + required: true + amd64: + type: boolean + description: 'Build AMD64' + default: true + arm64: + type: boolean + description: 'Build ARM64' + default: true + community: + type: boolean + description: 'Build Community Edition' + default: true + enterprise: + type: boolean + description: 'Build Enterprise Edition' + default: true + developer: + type: boolean + description: 'Build Developer Edition' + default: true env: COMPANY_NAME: "onlyoffice" PRODUCT_NAME: "documentserver" jobs: - build: - name: "Build image: DocumentServer${{ matrix.edition }}" + prepare: runs-on: ubuntu-latest + steps: + - id: matrix + run: | + set -ex + + BRANCH_NAME=${GITHUB_REF#refs/heads/} + if ! [[ $BRANCH_NAME == develop || $BRANCH_NAME =~ hotfix || $BRANCH_NAME =~ release ]]; then + echo "Wrong branch." + exit 1 + fi + + [ ${{ github.event.inputs.amd64 }} = true ] && PLATFORMS+=("amd64") + [ ${{ github.event.inputs.arm64 }} = true ] && PLATFORMS+=("arm64") + if [ -z ${PLATFORMS} ]; then + echo "None of the platforms are selected." + exit 1 + fi + + [ ${{ github.event.inputs.community }} = true ] && EDITIONS+=("community") + [ ${{ github.event.inputs.enterprise }} = true ] && EDITIONS+=("enterprise") + [ ${{ github.event.inputs.developer }} = true ] && EDITIONS+=("developer") + if [ -z ${EDITIONS} ]; then + echo "None of the editions are selected." + exit 1 + fi + echo "::set-output name=editions::$(jq -n -c --arg s "${EDITIONS[*]}" '($s|split(" "))')" + outputs: + editions: ${{ steps.matrix.outputs.editions }} + + build: + name: "Build ${{ matrix.image }}-${{ matrix.edition }}" + runs-on: ubuntu-latest + needs: prepare strategy: fail-fast: false matrix: - images: ["documentserver"] - edition: ["", "-ee", "-de"] + image: ["documentserver"] + edition: ${{ fromJSON(needs.prepare.outputs.editions) }} steps: - name: Checkout code uses: actions/checkout@v3 @@ -36,68 +91,49 @@ jobs: username: ${{ secrets.DOCKER_HUB_USERNAME }} password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} - - name: Get Tag Name - run: | - echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV - - name: Build 4testing run: | + set -eux + ### ==>> At this step build variable declaration ### - DOCKER_TAG=$( echo ${{ env.RELEASE_VERSION }} | sed 's/^.//' ) - PACKAGE_VERSION=$( echo $DOCKER_TAG | sed -E 's/(.*)\./\1-/' ) - NODE_PLATFORMS=$( echo ${{ steps.buildx.outputs.platforms }} | sed 's/linux\///g' | sed 's/,/ /g' ) - EXPECTED_PLATFORMS="linux/amd64,linux/arm64" - echo "Start check avalivable build platforms >>" - ### ==>> In this loop we will check all avalivable documentserver architectures. After that all accessed arch will be added to build-platforms list. ### - for ARCH in ${NODE_PLATFORMS}; do - REPO_URL=${{ secrets.REPO_URL }} - if [[ ${{ env.RELEASE_VERSION }} == v99.* ]]; then - REPO_URL=${{ secrets.UNSTABLE_REPO_URL }} - DEVELOP_BUILD=true - fi - PACKAGE_URL_CHECK=${REPO_URL}${{ matrix.edition }}_"$PACKAGE_VERSION"_${ARCH}.deb - STATUS=$(curl -s -o /dev/null -w "%{http_code}\n" "${PACKAGE_URL_CHECK}") - if [[ "$STATUS" = "200" ]]; then - echo "✔ ${ARCH} is avalivable >> set like one of build platforms" - PLATFORMS+=(linux/${ARCH},) - BUILD_PLATFORMS=$( echo ${PLATFORMS[@]} | sed 's/ //g' | sed 's/\(.*\),/\1/' ) - else - echo "Х ${ARCH} in not avalivable" - fi - done - PACKAGE_URL_BUILD=$( echo ${PACKAGE_URL_CHECK} | sed -e "s/${PACKAGE_VERSION}_.*.deb/${PACKAGE_VERSION}_TARGETARCH.deb/g" ) + case ${{ matrix.edition }} in + community) + PRODUCT_EDITION="" + ;; + enterprise) + PRODUCT_EDITION="-ee" + ;; + developer) + PRODUCT_EDITION="-de" + ;; + esac - ### ==>> At this step if there is no access to any platform and platform list is empty, build will exit with 1. ### - if [[ -z ${BUILD_PLATFORMS} ]]; then - echo "Have no access to any platform >> exit with 1" - exit 1 + [ ${{ github.event.inputs.amd64 }} = true ] && PLATFORMS+=("amd64") + [ ${{ github.event.inputs.arm64 }} = true ] && PLATFORMS+=("arm64") + PLATFORM=$(echo ${PLATFORMS[*]/#/linux/} | tr ' ' ',') + + BRANCH_NAME=${GITHUB_REF#refs/heads/} + if [ $BRANCH_NAME = develop ]; then + RELEASE_BRANCH=unstable + PRODUCT_VERSION=99.99.99 + elif [[ $BRANCH_NAME =~ hotfix || $BRANCH_NAME =~ release ]]; then + RELEASE_BRANCH=testing + PRODUCT_VERSION=${BRANCH_NAME#*/v} fi - echo "DONE: Check passed >> Build for platforms: ${BUILD_PLATFORMS}" - echo "Build is starting ... >>" + BUILD_NUMBER=${{ github.event.inputs.build }} - ### == >> Set exit code for action - if [ ${BUILD_PLATFORMS} == ${EXPECTED_PLATFORMS} ]; then - EXIT_CODE=0 - echo "OK: Build platforms is expected" - else - EXIT_CODE=1 - echo "WARNING: Build platforms is unexpected action is gonna be marked as Failed" - fi + export PRODUCT_EDITION + export PACKAGE_VERSION=${PRODUCT_VERSION}-${BUILD_NUMBER} + export PACKAGE_BASEURL=${{ secrets.REPO_BASEURL }}/${RELEASE_BRANCH}/ubuntu + export RELEASE_BRANCH + export PLATFORM + export DOCKERFILE=Dockerfile + export PREFIX_NAME=4testing- + export TAG=${PRODUCT_VERSION}.${BUILD_NUMBER} - ### ==>> Build and push images at this step ### - PRODUCT_EDITION=${{ matrix.edition }} \ - PACKAGE_URL=$PACKAGE_URL_BUILD \ - PRODUCT_NAME=${{ env.PRODUCT_NAME }} \ - DOCKERFILE=Dockerfile \ - PREFIX_NAME=4testing- \ - TAG=$DOCKER_TAG \ - PLATFORM=$BUILD_PLATFORMS \ - COMPANY_NAME=${{ env.COMPANY_NAME }} \ - DEVELOP_BUILD=$DEVELOP_BUILD \ - docker buildx bake \ - -f docker-bake.hcl ${{ matrix.images }} \ - --push - echo "DONE: Build success >> exit with ${EXIT_CODE}" - exit ${EXIT_CODE} + ### ==>> Build and push images at this step ### + + docker buildx bake -f docker-bake.hcl ${{ matrix.image }} --push + echo "DONE: Build success" shell: bash diff --git a/Dockerfile b/Dockerfile index dc73ab6..66a9137 100644 --- a/Dockerfile +++ b/Dockerfile @@ -71,25 +71,26 @@ COPY run-document-server.sh /app/ds/run-document-server.sh EXPOSE 80 443 -ARG TARGETARCH -ARG PRODUCT_EDITION= ARG COMPANY_NAME=onlyoffice ARG PRODUCT_NAME=documentserver -ARG PACKAGE_URL="http://download.onlyoffice.com/install/documentserver/linux/${COMPANY_NAME}-${PRODUCT_NAME}${PRODUCT_EDITION}_$TARGETARCH.deb" +ARG PRODUCT_EDITION= +ARG PACKAGE_VERSION=0.0.0-0 +ARG TARGETARCH +ARG PACKAGE_BASEURL="http://download.onlyoffice.com/install/documentserver/linux" +ARG PACKAGE_FILE="${COMPANY_NAME}-${PRODUCT_NAME}${PRODUCT_EDITION}_${PACKAGE_VERSION}_${TARGETARCH}.deb" ENV COMPANY_NAME=$COMPANY_NAME \ PRODUCT_NAME=$PRODUCT_NAME \ PRODUCT_EDITION=$PRODUCT_EDITION -RUN PACKAGE_URL=$( echo ${PACKAGE_URL} | sed "s/TARGETARCH/"${TARGETARCH}"/g") && \ - wget -q -P /tmp "$PACKAGE_URL" && \ +RUN wget -q -P /tmp "$PACKAGE_BASEURL/$PACKAGE_FILE" && \ apt-get -y update && \ service postgresql start && \ - apt-get -yq install /tmp/$(basename "$PACKAGE_URL") && \ + apt-get -yq install /tmp/$PACKAGE_FILE && \ service postgresql stop && \ service supervisor stop && \ chmod 755 /app/ds/*.sh && \ - rm -f /tmp/$(basename "$PACKAGE_URL") && \ + rm -f /tmp/$PACKAGE_FILE && \ rm -rf /var/log/$COMPANY_NAME && \ rm -rf /var/lib/apt/lists/* diff --git a/docker-bake.hcl b/docker-bake.hcl index a7ee963..b797d46 100644 --- a/docker-bake.hcl +++ b/docker-bake.hcl @@ -26,6 +26,10 @@ variable "PRODUCT_NAME" { default = "" } +variable "PACKAGE_VERSION" { + default = "" +} + variable "DOCKERFILE" { default = "" } @@ -34,11 +38,15 @@ variable "PLATFORM" { default = "" } -variable "PACKAGE_URL" { +variable "PACKAGE_BASEURL" { default = "" } -variable "DEVELOP_BUILD" { +variable "PACKAGE_FILE" { + default = "" +} + +variable "RELEASE_BRANCH" { default = "" } @@ -47,14 +55,15 @@ target "documentserver" { dockerfile = "${DOCKERFILE}" tags = [ "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}", - notequal("",DEVELOP_BUILD) ? "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:latest": "", + equal("testing",RELEASE_BRANCH) ? "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:latest": "", ] platforms = ["${PLATFORM}"] args = { - "PRODUCT_EDITION": "${PRODUCT_EDITION}" - "PRODUCT_NAME": "${PRODUCT_NAME}" "COMPANY_NAME": "${COMPANY_NAME}" - "PACKAGE_URL": "${PACKAGE_URL}" + "PRODUCT_NAME": "${PRODUCT_NAME}" + "PRODUCT_EDITION": "${PRODUCT_EDITION}" + "PACKAGE_VERSION": "${PACKAGE_VERSION}" + "PACKAGE_BASEURL": "${PACKAGE_BASEURL}" "PLATFORM": "${PLATFORM}" } } From 67fbd9d9c80fb2108c143d509b0e61c4ef612e15 Mon Sep 17 00:00:00 2001 From: Semyon Bezrukov Date: Sun, 18 Sep 2022 16:20:15 +0300 Subject: [PATCH 26/51] Fix makefile (#498) --- Makefile | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/Makefile b/Makefile index f840a15..ab7f2c2 100644 --- a/Makefile +++ b/Makefile @@ -1,6 +1,7 @@ COMPANY_NAME ?= ONLYOFFICE GIT_BRANCH ?= develop PRODUCT_NAME ?= DocumentServer +PRODUCT_EDITION ?= PRODUCT_VERSION ?= 0.0.0 BUILD_NUMBER ?= 0 ONLYOFFICE_VALUE ?= onlyoffice @@ -11,9 +12,9 @@ COMPANY_NAME_LOW = $(shell echo $(COMPANY_NAME) | tr A-Z a-z) PRODUCT_NAME_LOW = $(shell echo $(PRODUCT_NAME) | tr A-Z a-z) COMPANY_NAME_LOW_ESCAPED = $(subst -,,$(COMPANY_NAME_LOW)) -PACKAGE_NAME := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME_LOW) +PACKAGE_NAME := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME_LOW)$(PRODUCT_EDITION) PACKAGE_VERSION := $(PRODUCT_VERSION)-$(BUILD_NUMBER) -PACKAGE_URL := http://$(S3_BUCKET).s3.amazonaws.com/$(COMPANY_NAME_LOW)/$(RELEASE_BRANCH)/ubuntu/$(PACKAGE_NAME)_$(PACKAGE_VERSION)_amd64.deb +PACKAGE_BASEURL := https://s3.eu-west-1.amazonaws.com/$(S3_BUCKET)/$(COMPANY_NAME_LOW)/$(RELEASE_BRANCH)/ubuntu ifeq ($(RELEASE_BRANCH),$(filter $(RELEASE_BRANCH),unstable testing)) DOCKER_TAG := $(subst -,.,$(PACKAGE_VERSION)) @@ -22,7 +23,7 @@ else endif DOCKER_IMAGE := $(subst -,,$(COMPANY_NAME_LOW))/4testing-$(PRODUCT_NAME_LOW) -DOCKER_DUMMY := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME_LOW)__$(DOCKER_TAG).dummy +DOCKER_DUMMY := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME_LOW)$(PRODUCT_EDITION)__$(DOCKER_TAG).dummy DOCKER_ARCH := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME_LOW)_$(PACKAGE_VERSION).tar.gz DOCKER_ARCH_URI := $(COMPANY_NAME_LOW)/$(RELEASE_BRANCH)/docker/$(notdir $(DOCKER_ARCH)) @@ -31,9 +32,12 @@ DOCKER_ARCH_URI := $(COMPANY_NAME_LOW)/$(RELEASE_BRANCH)/docker/$(notdir $(DOCKE $(DOCKER_DUMMY): docker pull ubuntu:20.04 docker build \ - --build-arg PACKAGE_URL=$(PACKAGE_URL) \ --build-arg COMPANY_NAME=$(COMPANY_NAME_LOW) \ --build-arg PRODUCT_NAME=$(PRODUCT_NAME_LOW) \ + --build-arg PRODUCT_EDITION=$(PRODUCT_EDITION) \ + --build-arg PACKAGE_VERSION=$(PACKAGE_VERSION) \ + --build-arg PACKAGE_BASEURL=$(PACKAGE_BASEURL) \ + --build-arg TARGETARCH=amd64 \ --build-arg ONLYOFFICE_VALUE=$(ONLYOFFICE_VALUE) \ -t $(DOCKER_IMAGE):$(DOCKER_TAG) . && \ mkdir -p $$(dirname $@) && \ From 29bb07d2cb53b832c2e4bc200bd292168ab9487a Mon Sep 17 00:00:00 2001 From: Semyon Bezrukov Date: Tue, 20 Sep 2022 14:20:10 +0300 Subject: [PATCH 27/51] Fix makefile docker image (#499) --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index ab7f2c2..e255521 100644 --- a/Makefile +++ b/Makefile @@ -22,7 +22,7 @@ else DOCKER_TAG := $(subst -,.,$(PACKAGE_VERSION))-$(subst /,-,$(GIT_BRANCH)) endif -DOCKER_IMAGE := $(subst -,,$(COMPANY_NAME_LOW))/4testing-$(PRODUCT_NAME_LOW) +DOCKER_IMAGE := $(subst -,,$(COMPANY_NAME_LOW))/4testing-$(PRODUCT_NAME_LOW)$(PRODUCT_EDITION) DOCKER_DUMMY := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME_LOW)$(PRODUCT_EDITION)__$(DOCKER_TAG).dummy DOCKER_ARCH := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME_LOW)_$(PACKAGE_VERSION).tar.gz DOCKER_ARCH_URI := $(COMPANY_NAME_LOW)/$(RELEASE_BRANCH)/docker/$(notdir $(DOCKER_ARCH)) From e32047ffcce7b89c7456f61f846b88d2b4cd6eba Mon Sep 17 00:00:00 2001 From: Danil Titarenko <77471369+danilapog@users.noreply.github.com> Date: Tue, 11 Oct 2022 12:52:48 +0300 Subject: [PATCH 28/51] Fix bug #59310 / Fix users build (#508) * Remove version for correct users build * Assembly support without targetarch variable * Remove targetarch variable * Correcting a typo in a variable * Small fix Co-authored-by: Semyon Bezrukov --- Dockerfile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index 66a9137..7aa158a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -74,16 +74,16 @@ EXPOSE 80 443 ARG COMPANY_NAME=onlyoffice ARG PRODUCT_NAME=documentserver ARG PRODUCT_EDITION= -ARG PACKAGE_VERSION=0.0.0-0 +ARG PACKAGE_VERSION= ARG TARGETARCH ARG PACKAGE_BASEURL="http://download.onlyoffice.com/install/documentserver/linux" -ARG PACKAGE_FILE="${COMPANY_NAME}-${PRODUCT_NAME}${PRODUCT_EDITION}_${PACKAGE_VERSION}_${TARGETARCH}.deb" ENV COMPANY_NAME=$COMPANY_NAME \ PRODUCT_NAME=$PRODUCT_NAME \ PRODUCT_EDITION=$PRODUCT_EDITION -RUN wget -q -P /tmp "$PACKAGE_BASEURL/$PACKAGE_FILE" && \ +RUN PACKAGE_FILE="${COMPANY_NAME}-${PRODUCT_NAME}${PRODUCT_EDITION}${PACKAGE_VERSION:+_$PACKAGE_VERSION}_${TARGETARCH:-$(dpkg --print-architecture)}.deb" && \ + wget -q -P /tmp "$PACKAGE_BASEURL/$PACKAGE_FILE" && \ apt-get -y update && \ service postgresql start && \ apt-get -yq install /tmp/$PACKAGE_FILE && \ From 1c7279665794ab85616012ac56a5a98a7dd34164 Mon Sep 17 00:00:00 2001 From: Semyon Bezrukov Date: Thu, 13 Oct 2022 15:50:39 +0300 Subject: [PATCH 29/51] Fix testing build tags (#512) --- docker-bake.hcl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-bake.hcl b/docker-bake.hcl index b797d46..ee9175e 100644 --- a/docker-bake.hcl +++ b/docker-bake.hcl @@ -55,7 +55,7 @@ target "documentserver" { dockerfile = "${DOCKERFILE}" tags = [ "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}", - equal("testing",RELEASE_BRANCH) ? "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:latest": "", + equal("unstable",RELEASE_BRANCH) ? "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:latest": "", ] platforms = ["${PLATFORM}"] args = { From 311db051fb800cb1a66027faf8baf3e46dfcf7b5 Mon Sep 17 00:00:00 2001 From: Danil Titarenko <77471369+danilapog@users.noreply.github.com> Date: Wed, 26 Oct 2022 14:27:37 +0300 Subject: [PATCH 30/51] Disable non-example build (#525) Co-authored-by: papacarlo --- .github/workflows/stable-build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/stable-build.yml b/.github/workflows/stable-build.yml index 0b6918e..a15f551 100644 --- a/.github/workflows/stable-build.yml +++ b/.github/workflows/stable-build.yml @@ -63,7 +63,7 @@ jobs: name: "Release image: DocumentServer${{ matrix.edition }}-nonExample" runs-on: ubuntu-latest needs: [build] - if: always() + if: ${{ false }} strategy: fail-fast: false matrix: From fcbbe2979fb49af0167698ec0c2d8522e69b960d Mon Sep 17 00:00:00 2001 From: Pavel Lobashov Date: Thu, 27 Oct 2022 11:08:52 +0300 Subject: [PATCH 31/51] Add note (#526) --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 5020dfd..4c384e3 100644 --- a/README.md +++ b/README.md @@ -25,6 +25,8 @@ Starting from version 6.0, Document Server is distributed as ONLYOFFICE Docs. It ONLYOFFICE Docs can be used as a part of ONLYOFFICE Workspace or with third-party sync&share solutions (e.g. Nextcloud, ownCloud, Seafile) to enable collaborative editing within their interface. +***Important*** Please update `docker-enginge` to latest version (`20.10.21` as of writing this doc) before using it. We use `ubuntu:22.04` as base image and it older versions of docker have compatibility problems with it + ## Functionality ## * ONLYOFFICE Document Editor * ONLYOFFICE Spreadsheet Editor From d98eb758b55ee990cf81978b6ef8b0b2b5a13f20 Mon Sep 17 00:00:00 2001 From: Evgeniy Antonyuk Date: Fri, 28 Oct 2022 16:33:41 +0300 Subject: [PATCH 32/51] Fix Bug 59483 - Fix port parsing from amqp_uri (#529) * Fix port parsing from amqp_uri * Correct regex for port parsing --- run-document-server.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/run-document-server.sh b/run-document-server.sh index fd183a3..f290e8d 100755 --- a/run-document-server.sh +++ b/run-document-server.sh @@ -199,7 +199,7 @@ parse_rabbitmq_url(){ # extract the host local hostport="$(echo ${url/$userpass@/} | cut -d/ -f1)" # by request - try to extract the port - local port="$(echo $hostport | sed -e 's,^.*:,:,g' -e 's,.*:\([0-9]*\).*,\1,g' -e 's,[^0-9],,g')" + local port="$(echo $hostport | grep : | sed -r 's_^.*:+|/.*$__g')" local host if [ -n "$port" ]; then From 92dd2833d1479ebe25afe3da85a78d308e6e06ff Mon Sep 17 00:00:00 2001 From: Danil Titarenko <77471369+danilapog@users.noreply.github.com> Date: Mon, 31 Oct 2022 11:53:24 +0300 Subject: [PATCH 33/51] Add ucs build on older image version (#531) --- .github/workflows/stable-build.yml | 36 ++++++++++++++++++++++++++++++ docker-bake.hcl | 30 +++++++++++++++++++++++++ 2 files changed, 66 insertions(+) diff --git a/.github/workflows/stable-build.yml b/.github/workflows/stable-build.yml index a15f551..d8278f2 100644 --- a/.github/workflows/stable-build.yml +++ b/.github/workflows/stable-build.yml @@ -92,3 +92,39 @@ jobs: export TAG=${{ github.event.inputs.tag }} docker buildx bake -f docker-bake.hcl ${{ matrix.images }} --push shell: bash + + build-ucs-ubuntu20: + name: "Release image: DocumentServer${{ matrix.edition }}-ucs" + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + edition: ["", "-ee"] + steps: + - name: Checkout code + uses: actions/checkout@v3 + + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + + - name: Login to Docker Hub + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKER_HUB_USERNAME }} + password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} + + - name: build UCS + run: | + set -eux + export PRODUCT_EDITION=${{ matrix.edition }} + export PACKAGE_BASEURL=${{ secrets.REPO_BASEURL }}/testing/ubuntu + export DOCKERFILE=Dockerfile + export BASE_IMAGE=ubuntu:20.04 + export PG_VERSION=12 + export TAG=${{ github.event.inputs.tag }} + export PACKAGE_VERSION=$( echo ${TAG} | sed -E 's/(.*)\./\1-/') + docker buildx bake -f docker-bake.hcl documentserver-ucs --push + shell: bash diff --git a/docker-bake.hcl b/docker-bake.hcl index ee9175e..529a8fd 100644 --- a/docker-bake.hcl +++ b/docker-bake.hcl @@ -50,6 +50,18 @@ variable "RELEASE_BRANCH" { default = "" } +### ↓ Variables for UCS build ↓ + +variable "BASE_IMAGE" { + default = "" +} + +variable "PG_VERSION" { + default = "" +} + +### ↑ Variables for UCS build ↑ + target "documentserver" { target = "documentserver" dockerfile = "${DOCKERFILE}" @@ -85,6 +97,24 @@ target "documentserver-stable" { } } +target "documentserver-ucs" { + target = "documentserver" + dockerfile = "${DOCKERFILE}" + tags = [ + "docker.io/${COMPANY_NAME}/${PRODUCT_NAME}${PRODUCT_EDITION}-ucs:${TAG}" + ] + platforms = ["linux/amd64", "linux/arm64"] + args = { + "PRODUCT_EDITION": "${PRODUCT_EDITION}" + "PRODUCT_NAME": "${PRODUCT_NAME}" + "COMPANY_NAME": "${COMPANY_NAME}" + "PACKAGE_VERSION": "${PACKAGE_VERSION}" + "PACKAGE_BASEURL": "${PACKAGE_BASEURL}" + "BASE_IMAGE": "${BASE_IMAGE}" + "PG_VERSION": "${PG_VERSION}" + } +} + target "documentserver-nonexample" { target = "documentserver-nonexample" dockerfile = "production.dockerfile" From e1d7cfd5e86bf143d25b019fd72ec2849df15a03 Mon Sep 17 00:00:00 2001 From: Danil Titarenko <77471369+danilapog@users.noreply.github.com> Date: Mon, 31 Oct 2022 15:24:17 +0300 Subject: [PATCH 34/51] Add base image and postgresql version build arguments (#524) --- Dockerfile | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 7aa158a..5ebd56d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,11 @@ -FROM ubuntu:22.04 as documentserver +ARG BASE_IMAGE=ubuntu:22.04 + +FROM ${BASE_IMAGE} as documentserver LABEL maintainer Ascensio System SIA -ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 DEBIAN_FRONTEND=noninteractive PG_VERSION=14 +ARG PG_VERSION=14 + +ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 DEBIAN_FRONTEND=noninteractive PG_VERSION=${PG_VERSION} ARG ONLYOFFICE_VALUE=onlyoffice From cdc73fe379512f2f889759d88b230559c4065c21 Mon Sep 17 00:00:00 2001 From: Evgeniy Antonyuk Date: Mon, 31 Oct 2022 16:34:42 +0300 Subject: [PATCH 35/51] Fix Bug 59481 - Fix errors when starting the container (#530) * Update the rabbitmq version * Fix incorrect replacement of worker_connections * Limiting the maximum number of simultaneous connections due to possible memory shortage --- Dockerfile | 3 ++- run-document-server.sh | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 5ebd56d..55e4b6e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -17,6 +17,7 @@ RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \ chmod 644 /etc/apt/trusted.gpg.d/onlyoffice.gpg && \ locale-gen en_US.UTF-8 && \ echo ttf-mscorefonts-installer msttcorefonts/accepted-mscorefonts-eula select true | debconf-set-selections && \ + wget -O - https://packagecloud.io/install/repositories/rabbitmq/rabbitmq-server/script.deb.sh | bash && \ apt-get -yq install \ adduser \ apt-utils \ @@ -45,7 +46,7 @@ RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \ postgresql \ postgresql-client \ pwgen \ - rabbitmq-server \ + rabbitmq-server=3.10* \ redis-server \ software-properties-common \ sudo \ diff --git a/run-document-server.sh b/run-document-server.sh index f290e8d..79404e6 100755 --- a/run-document-server.sh +++ b/run-document-server.sh @@ -73,7 +73,8 @@ NGINX_ONLYOFFICE_EXAMPLE_CONF="${NGINX_ONLYOFFICE_EXAMPLE_PATH}/includes/ds-exam NGINX_CONFIG_PATH="/etc/nginx/nginx.conf" NGINX_WORKER_PROCESSES=${NGINX_WORKER_PROCESSES:-1} -NGINX_WORKER_CONNECTIONS=${NGINX_WORKER_CONNECTIONS:-$(ulimit -n)} +# Limiting the maximum number of simultaneous connections due to possible memory shortage +[ $(ulimit -n) -gt 1048576 ] && NGINX_WORKER_CONNECTIONS=${NGINX_WORKER_CONNECTIONS:-1048576} || NGINX_WORKER_CONNECTIONS=${NGINX_WORKER_CONNECTIONS:-$(ulimit -n)} JWT_ENABLED=${JWT_ENABLED:-true} From 6c0c7085c91f76d4cc2e36d05741870d86da5d55 Mon Sep 17 00:00:00 2001 From: Evgeniy Antonyuk Date: Mon, 31 Oct 2022 17:19:10 +0300 Subject: [PATCH 36/51] Feature/Add supervisor services (#517) * Add supervisor services * Add installation of the DOCKER_INSTALLATION variable --- Dockerfile | 1 + config/supervisor/ds/ds-converter.conf | 13 +++++++++++++ config/supervisor/ds/ds-docservice.conf | 13 +++++++++++++ config/supervisor/ds/ds-example.conf | 14 ++++++++++++++ config/supervisor/ds/ds-metrics.conf | 13 +++++++++++++ config/supervisor/ds/ds.conf | 2 ++ run-document-server.sh | 2 ++ 7 files changed, 58 insertions(+) create mode 100644 config/supervisor/ds/ds-converter.conf create mode 100644 config/supervisor/ds/ds-docservice.conf create mode 100644 config/supervisor/ds/ds-example.conf create mode 100644 config/supervisor/ds/ds-metrics.conf create mode 100644 config/supervisor/ds/ds.conf diff --git a/Dockerfile b/Dockerfile index 7aa158a..8788f78 100644 --- a/Dockerfile +++ b/Dockerfile @@ -86,6 +86,7 @@ RUN PACKAGE_FILE="${COMPANY_NAME}-${PRODUCT_NAME}${PRODUCT_EDITION}${PACKAGE_VER wget -q -P /tmp "$PACKAGE_BASEURL/$PACKAGE_FILE" && \ apt-get -y update && \ service postgresql start && \ + export DOCKER_INSTALLATION=1 && \ apt-get -yq install /tmp/$PACKAGE_FILE && \ service postgresql stop && \ service supervisor stop && \ diff --git a/config/supervisor/ds/ds-converter.conf b/config/supervisor/ds/ds-converter.conf new file mode 100644 index 0000000..69285cd --- /dev/null +++ b/config/supervisor/ds/ds-converter.conf @@ -0,0 +1,13 @@ +[program:converter] +command=/var/www/COMPANY_NAME/documentserver/server/FileConverter/converter +directory=/var/www/COMPANY_NAME/documentserver/server/FileConverter +user=ds +environment=NODE_ENV=production-linux,NODE_CONFIG_DIR=/etc/COMPANY_NAME/documentserver,NODE_DISABLE_COLORS=1,APPLICATION_NAME=COMPANY_NAME +stdout_logfile=/var/log/COMPANY_NAME/documentserver/converter/out.log +stdout_logfile_backups=0 +stdout_logfile_maxbytes=0 +stderr_logfile=/var/log/COMPANY_NAME/documentserver/converter/err.log +stderr_logfile_backups=0 +stderr_logfile_maxbytes=0 +autostart=true +autorestart=true diff --git a/config/supervisor/ds/ds-docservice.conf b/config/supervisor/ds/ds-docservice.conf new file mode 100644 index 0000000..4afbc1b --- /dev/null +++ b/config/supervisor/ds/ds-docservice.conf @@ -0,0 +1,13 @@ +[program:docservice] +command=/var/www/COMPANY_NAME/documentserver/server/DocService/docservice +directory=/var/www/COMPANY_NAME/documentserver/server/DocService +user=ds +environment=NODE_ENV=production-linux,NODE_CONFIG_DIR=/etc/COMPANY_NAME/documentserver,NODE_DISABLE_COLORS=1 +stdout_logfile=/var/log/COMPANY_NAME/documentserver/docservice/out.log +stdout_logfile_backups=0 +stdout_logfile_maxbytes=0 +stderr_logfile=/var/log/COMPANY_NAME/documentserver/docservice/err.log +stderr_logfile_backups=0 +stderr_logfile_maxbytes=0 +autostart=true +autorestart=true diff --git a/config/supervisor/ds/ds-example.conf b/config/supervisor/ds/ds-example.conf new file mode 100644 index 0000000..44fa688 --- /dev/null +++ b/config/supervisor/ds/ds-example.conf @@ -0,0 +1,14 @@ +[program:example] +command=/var/www/COMPANY_NAME/documentserver-example/example +directory=/var/www/COMPANY_NAME/documentserver-example/ +user=ds +environment=NODE_ENV=production-linux,NODE_CONFIG_DIR=/etc/COMPANY_NAME/documentserver-example,NODE_DISABLE_COLORS=1 +stdout_logfile=/var/log/COMPANY_NAME/documentserver-example/out.log +stdout_logfile_backups=0 +stdout_logfile_maxbytes=0 +stderr_logfile=/var/log/COMPANY_NAME/documentserver-example/err.log +stderr_logfile_backups=0 +stderr_logfile_maxbytes=0 +autostart=false +autorestart=true +redirect_stderr=true diff --git a/config/supervisor/ds/ds-metrics.conf b/config/supervisor/ds/ds-metrics.conf new file mode 100644 index 0000000..1eb858a --- /dev/null +++ b/config/supervisor/ds/ds-metrics.conf @@ -0,0 +1,13 @@ +[program:metrics] +command=/var/www/COMPANY_NAME/documentserver/server/Metrics/metrics ./config/config.js +directory=/var/www/COMPANY_NAME/documentserver/server/Metrics +user=ds +environment=NODE_DISABLE_COLORS=1 +stdout_logfile=/var/log/COMPANY_NAME/documentserver/metrics/out.log +stdout_logfile_backups=0 +stdout_logfile_maxbytes=0 +stderr_logfile=/var/log/COMPANY_NAME/documentserver/metrics/err.log +stderr_logfile_backups=0 +stderr_logfile_maxbytes=0 +autostart=true +autorestart=true diff --git a/config/supervisor/ds/ds.conf b/config/supervisor/ds/ds.conf new file mode 100644 index 0000000..c9179df --- /dev/null +++ b/config/supervisor/ds/ds.conf @@ -0,0 +1,2 @@ +[group:ds] +programs=docservice,converter,metrics,example diff --git a/run-document-server.sh b/run-document-server.sh index fd183a3..482be89 100755 --- a/run-document-server.sh +++ b/run-document-server.sh @@ -496,6 +496,8 @@ update_supervisor_settings(){ cp ${SYSCONF_TEMPLATES_DIR}/supervisor/supervisor /etc/init.d/ # Copy modified supervisor config cp ${SYSCONF_TEMPLATES_DIR}/supervisor/supervisord.conf /etc/supervisor/supervisord.conf + sed "s/COMPANY_NAME/${COMPANY_NAME}/g" -i ${SYSCONF_TEMPLATES_DIR}/supervisor/ds/*.conf + cp ${SYSCONF_TEMPLATES_DIR}/supervisor/ds/*.conf etc/supervisor/conf.d/ } update_log_settings(){ From 1957d38907f8aba9da7a9ddf4213c3213d8e4f02 Mon Sep 17 00:00:00 2001 From: Pavel Lobashov Date: Mon, 31 Oct 2022 16:38:53 +0200 Subject: [PATCH 37/51] Actualize state of JWT variables (#535) --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 4c384e3..39e3a71 100644 --- a/README.md +++ b/README.md @@ -191,8 +191,8 @@ Below is the complete list of parameters that can be set using environment varia - **NGINX_WORKER_PROCESSES**: Defines the number of nginx worker processes. - **NGINX_WORKER_CONNECTIONS**: Sets the maximum number of simultaneous connections that can be opened by a nginx worker process. - **SECURE_LINK_SECRET**: Defines secret for the nginx config directive [secure_link_md5](http://nginx.org/ru/docs/http/ngx_http_secure_link_module.html#secure_link_md5). Defaults to `random string`. -- **JWT_ENABLED**: Specifies the enabling the JSON Web Token validation by the ONLYOFFICE Document Server. Defaults to `false`. -- **JWT_SECRET**: Defines the secret key to validate the JSON Web Token in the request to the ONLYOFFICE Document Server. Defaults to `secret`. +- **JWT_ENABLED**: Specifies the enabling the JSON Web Token validation by the ONLYOFFICE Document Server. Defaults to `true`. +- **JWT_SECRET**: Defines the secret key to validate the JSON Web Token in the request to the ONLYOFFICE Document Server. Defaults to random value. - **JWT_HEADER**: Defines the http header that will be used to send the JSON Web Token. Defaults to `Authorization`. - **JWT_IN_BODY**: Specifies the enabling the token validation in the request body to the ONLYOFFICE Document Server. Defaults to `false`. - **WOPI_ENABLED**: Specifies the enabling the wopi handlers. Defaults to `false`. From 452dd4996d77673c533488981f6f8fa9f7cb519a Mon Sep 17 00:00:00 2001 From: Evgeniy Antonyuk Date: Mon, 31 Oct 2022 17:52:20 +0300 Subject: [PATCH 38/51] Correct the name of the docker installation variable (#536) --- Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 8788f78..8470c59 100644 --- a/Dockerfile +++ b/Dockerfile @@ -80,13 +80,13 @@ ARG PACKAGE_BASEURL="http://download.onlyoffice.com/install/documentserver/linux ENV COMPANY_NAME=$COMPANY_NAME \ PRODUCT_NAME=$PRODUCT_NAME \ - PRODUCT_EDITION=$PRODUCT_EDITION + PRODUCT_EDITION=$PRODUCT_EDITION \ + DS_DOCKER_INSTALLATION=true RUN PACKAGE_FILE="${COMPANY_NAME}-${PRODUCT_NAME}${PRODUCT_EDITION}${PACKAGE_VERSION:+_$PACKAGE_VERSION}_${TARGETARCH:-$(dpkg --print-architecture)}.deb" && \ wget -q -P /tmp "$PACKAGE_BASEURL/$PACKAGE_FILE" && \ apt-get -y update && \ service postgresql start && \ - export DOCKER_INSTALLATION=1 && \ apt-get -yq install /tmp/$PACKAGE_FILE && \ service postgresql stop && \ service supervisor stop && \ From 730dd71ac572d523bd93e1ef423f15fa907f5206 Mon Sep 17 00:00:00 2001 From: Danil Titarenko <77471369+danilapog@users.noreply.github.com> Date: Mon, 31 Oct 2022 11:53:24 +0300 Subject: [PATCH 39/51] Add ucs build on older image version (#531) (cherry picked from commit 92dd2833d1479ebe25afe3da85a78d308e6e06ff) --- .github/workflows/stable-build.yml | 36 ++++++++++++++++++++++++++++++ docker-bake.hcl | 30 +++++++++++++++++++++++++ 2 files changed, 66 insertions(+) diff --git a/.github/workflows/stable-build.yml b/.github/workflows/stable-build.yml index a15f551..d8278f2 100644 --- a/.github/workflows/stable-build.yml +++ b/.github/workflows/stable-build.yml @@ -92,3 +92,39 @@ jobs: export TAG=${{ github.event.inputs.tag }} docker buildx bake -f docker-bake.hcl ${{ matrix.images }} --push shell: bash + + build-ucs-ubuntu20: + name: "Release image: DocumentServer${{ matrix.edition }}-ucs" + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + edition: ["", "-ee"] + steps: + - name: Checkout code + uses: actions/checkout@v3 + + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + + - name: Login to Docker Hub + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKER_HUB_USERNAME }} + password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} + + - name: build UCS + run: | + set -eux + export PRODUCT_EDITION=${{ matrix.edition }} + export PACKAGE_BASEURL=${{ secrets.REPO_BASEURL }}/testing/ubuntu + export DOCKERFILE=Dockerfile + export BASE_IMAGE=ubuntu:20.04 + export PG_VERSION=12 + export TAG=${{ github.event.inputs.tag }} + export PACKAGE_VERSION=$( echo ${TAG} | sed -E 's/(.*)\./\1-/') + docker buildx bake -f docker-bake.hcl documentserver-ucs --push + shell: bash diff --git a/docker-bake.hcl b/docker-bake.hcl index ee9175e..529a8fd 100644 --- a/docker-bake.hcl +++ b/docker-bake.hcl @@ -50,6 +50,18 @@ variable "RELEASE_BRANCH" { default = "" } +### ↓ Variables for UCS build ↓ + +variable "BASE_IMAGE" { + default = "" +} + +variable "PG_VERSION" { + default = "" +} + +### ↑ Variables for UCS build ↑ + target "documentserver" { target = "documentserver" dockerfile = "${DOCKERFILE}" @@ -85,6 +97,24 @@ target "documentserver-stable" { } } +target "documentserver-ucs" { + target = "documentserver" + dockerfile = "${DOCKERFILE}" + tags = [ + "docker.io/${COMPANY_NAME}/${PRODUCT_NAME}${PRODUCT_EDITION}-ucs:${TAG}" + ] + platforms = ["linux/amd64", "linux/arm64"] + args = { + "PRODUCT_EDITION": "${PRODUCT_EDITION}" + "PRODUCT_NAME": "${PRODUCT_NAME}" + "COMPANY_NAME": "${COMPANY_NAME}" + "PACKAGE_VERSION": "${PACKAGE_VERSION}" + "PACKAGE_BASEURL": "${PACKAGE_BASEURL}" + "BASE_IMAGE": "${BASE_IMAGE}" + "PG_VERSION": "${PG_VERSION}" + } +} + target "documentserver-nonexample" { target = "documentserver-nonexample" dockerfile = "production.dockerfile" From c7090252ff6470a57fd0ed4881bd70ff3df0b4f9 Mon Sep 17 00:00:00 2001 From: Danil Titarenko <77471369+danilapog@users.noreply.github.com> Date: Mon, 31 Oct 2022 15:24:17 +0300 Subject: [PATCH 40/51] Add base image and postgresql version build arguments (#524) (cherry picked from commit e1d7cfd5e86bf143d25b019fd72ec2849df15a03) --- Dockerfile | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 7aa158a..5ebd56d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,11 @@ -FROM ubuntu:22.04 as documentserver +ARG BASE_IMAGE=ubuntu:22.04 + +FROM ${BASE_IMAGE} as documentserver LABEL maintainer Ascensio System SIA -ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 DEBIAN_FRONTEND=noninteractive PG_VERSION=14 +ARG PG_VERSION=14 + +ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 DEBIAN_FRONTEND=noninteractive PG_VERSION=${PG_VERSION} ARG ONLYOFFICE_VALUE=onlyoffice From 574b3c92b4d6517a8d4b33fbde0c1868765e7740 Mon Sep 17 00:00:00 2001 From: Semyon Bezrukov Date: Thu, 1 Dec 2022 14:46:31 +0300 Subject: [PATCH 41/51] Update build scripts (#550) --- .github/workflows/4testing-build.yml | 10 +++++----- Makefile | 19 ++++++++++--------- docker-bake.hcl | 4 ++-- 3 files changed, 17 insertions(+), 16 deletions(-) diff --git a/.github/workflows/4testing-build.yml b/.github/workflows/4testing-build.yml index 4343507..683bb80 100644 --- a/.github/workflows/4testing-build.yml +++ b/.github/workflows/4testing-build.yml @@ -115,18 +115,18 @@ jobs: BRANCH_NAME=${GITHUB_REF#refs/heads/} if [ $BRANCH_NAME = develop ]; then - RELEASE_BRANCH=unstable + BUILD_CHANNEL=nightly PRODUCT_VERSION=99.99.99 elif [[ $BRANCH_NAME =~ hotfix || $BRANCH_NAME =~ release ]]; then - RELEASE_BRANCH=testing + BUILD_CHANNEL=test PRODUCT_VERSION=${BRANCH_NAME#*/v} fi BUILD_NUMBER=${{ github.event.inputs.build }} export PRODUCT_EDITION - export PACKAGE_VERSION=${PRODUCT_VERSION}-${BUILD_NUMBER} - export PACKAGE_BASEURL=${{ secrets.REPO_BASEURL }}/${RELEASE_BRANCH}/ubuntu - export RELEASE_BRANCH + export PACKAGE_VERSION=${PRODUCT_VERSION}-${BUILD_NUMBER}~stretch + export PACKAGE_BASEURL=${{ secrets.REPO_BASEURL }}/${BUILD_CHANNEL} + export BUILD_CHANNEL export PLATFORM export DOCKERFILE=Dockerfile export PREFIX_NAME=4testing- diff --git a/Makefile b/Makefile index e255521..5ef925e 100644 --- a/Makefile +++ b/Makefile @@ -4,28 +4,29 @@ PRODUCT_NAME ?= DocumentServer PRODUCT_EDITION ?= PRODUCT_VERSION ?= 0.0.0 BUILD_NUMBER ?= 0 +BUILD_CHANNEL ?= nightly ONLYOFFICE_VALUE ?= onlyoffice S3_BUCKET ?= repo-doc-onlyoffice-com -RELEASE_BRANCH ?= unstable +S3_REGION ?= eu-west-1 COMPANY_NAME_LOW = $(shell echo $(COMPANY_NAME) | tr A-Z a-z) PRODUCT_NAME_LOW = $(shell echo $(PRODUCT_NAME) | tr A-Z a-z) COMPANY_NAME_LOW_ESCAPED = $(subst -,,$(COMPANY_NAME_LOW)) PACKAGE_NAME := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME_LOW)$(PRODUCT_EDITION) -PACKAGE_VERSION := $(PRODUCT_VERSION)-$(BUILD_NUMBER) -PACKAGE_BASEURL := https://s3.eu-west-1.amazonaws.com/$(S3_BUCKET)/$(COMPANY_NAME_LOW)/$(RELEASE_BRANCH)/ubuntu +PACKAGE_VERSION := $(PRODUCT_VERSION)-$(BUILD_NUMBER)~stretch +PACKAGE_BASEURL := https://s3.$(S3_REGION).amazonaws.com/$(S3_BUCKET)/server/linux/debian/$(BUILD_CHANNEL) -ifeq ($(RELEASE_BRANCH),$(filter $(RELEASE_BRANCH),unstable testing)) - DOCKER_TAG := $(subst -,.,$(PACKAGE_VERSION)) +ifeq ($(BUILD_CHANNEL),$(filter $(BUILD_CHANNEL),nightly test)) + DOCKER_TAG := $(PRODUCT_VERSION).$(BUILD_NUMBER) else - DOCKER_TAG := $(subst -,.,$(PACKAGE_VERSION))-$(subst /,-,$(GIT_BRANCH)) + DOCKER_TAG := $(PRODUCT_VERSION).$(BUILD_NUMBER)-$(subst /,-,$(GIT_BRANCH)) endif DOCKER_IMAGE := $(subst -,,$(COMPANY_NAME_LOW))/4testing-$(PRODUCT_NAME_LOW)$(PRODUCT_EDITION) DOCKER_DUMMY := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME_LOW)$(PRODUCT_EDITION)__$(DOCKER_TAG).dummy -DOCKER_ARCH := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME_LOW)_$(PACKAGE_VERSION).tar.gz -DOCKER_ARCH_URI := $(COMPANY_NAME_LOW)/$(RELEASE_BRANCH)/docker/$(notdir $(DOCKER_ARCH)) +DOCKER_ARCH := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME_LOW)_$(DOCKER_TAG).tar.gz +DOCKER_ARCH_URI := server/linux/docker/$(BUILD_CHANNEL)/$(notdir $(DOCKER_ARCH)) .PHONY: all clean clean-docker image deploy docker publish @@ -61,7 +62,7 @@ deploy: $(DOCKER_DUMMY) for i in {1..3}; do \ docker push $(DOCKER_IMAGE):$(DOCKER_TAG) && break || sleep 1m; \ done -ifeq ($(RELEASE_BRANCH),unstable) +ifeq ($(BUILD_CHANNEL),nightly) docker tag $(DOCKER_IMAGE):$(DOCKER_TAG) $(DOCKER_IMAGE):latest for i in {1..3}; do \ docker push $(DOCKER_IMAGE):latest && break || sleep 1m; \ diff --git a/docker-bake.hcl b/docker-bake.hcl index ee9175e..0e25c8b 100644 --- a/docker-bake.hcl +++ b/docker-bake.hcl @@ -46,7 +46,7 @@ variable "PACKAGE_FILE" { default = "" } -variable "RELEASE_BRANCH" { +variable "BUILD_CHANNEL" { default = "" } @@ -55,7 +55,7 @@ target "documentserver" { dockerfile = "${DOCKERFILE}" tags = [ "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}", - equal("unstable",RELEASE_BRANCH) ? "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:latest": "", + equal("nightly",BUILD_CHANNEL) ? "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:latest": "", ] platforms = ["${PLATFORM}"] args = { From e5f8e69d89713289a3473b36a96522c40dd0fe66 Mon Sep 17 00:00:00 2001 From: Semyon Bezrukov Date: Thu, 1 Dec 2022 15:53:43 +0300 Subject: [PATCH 42/51] Fix package url (#551) --- .github/workflows/4testing-build.yml | 2 +- .github/workflows/stable-build.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/4testing-build.yml b/.github/workflows/4testing-build.yml index 4343507..4216777 100644 --- a/.github/workflows/4testing-build.yml +++ b/.github/workflows/4testing-build.yml @@ -125,7 +125,7 @@ jobs: export PRODUCT_EDITION export PACKAGE_VERSION=${PRODUCT_VERSION}-${BUILD_NUMBER} - export PACKAGE_BASEURL=${{ secrets.REPO_BASEURL }}/${RELEASE_BRANCH}/ubuntu + export PACKAGE_BASEURL=${{ secrets.REPO_BASEURL_OLD }}/${RELEASE_BRANCH}/ubuntu export RELEASE_BRANCH export PLATFORM export DOCKERFILE=Dockerfile diff --git a/.github/workflows/stable-build.yml b/.github/workflows/stable-build.yml index d8278f2..26eff41 100644 --- a/.github/workflows/stable-build.yml +++ b/.github/workflows/stable-build.yml @@ -120,7 +120,7 @@ jobs: run: | set -eux export PRODUCT_EDITION=${{ matrix.edition }} - export PACKAGE_BASEURL=${{ secrets.REPO_BASEURL }}/testing/ubuntu + export PACKAGE_BASEURL=${{ secrets.REPO_BASEURL_OLD }}/testing/ubuntu export DOCKERFILE=Dockerfile export BASE_IMAGE=ubuntu:20.04 export PG_VERSION=12 From b0745353666d0f4e17254f302b47de5f76362b76 Mon Sep 17 00:00:00 2001 From: Semyon Bezrukov Date: Thu, 15 Dec 2022 17:45:33 +0300 Subject: [PATCH 43/51] Fix makefile (#554) --- Makefile | 30 +++++++++++------------------- 1 file changed, 11 insertions(+), 19 deletions(-) diff --git a/Makefile b/Makefile index 5ef925e..99b749b 100644 --- a/Makefile +++ b/Makefile @@ -1,21 +1,18 @@ COMPANY_NAME ?= ONLYOFFICE GIT_BRANCH ?= develop -PRODUCT_NAME ?= DocumentServer +PRODUCT_NAME ?= documentserver PRODUCT_EDITION ?= PRODUCT_VERSION ?= 0.0.0 BUILD_NUMBER ?= 0 BUILD_CHANNEL ?= nightly ONLYOFFICE_VALUE ?= onlyoffice -S3_BUCKET ?= repo-doc-onlyoffice-com -S3_REGION ?= eu-west-1 COMPANY_NAME_LOW = $(shell echo $(COMPANY_NAME) | tr A-Z a-z) -PRODUCT_NAME_LOW = $(shell echo $(PRODUCT_NAME) | tr A-Z a-z) -COMPANY_NAME_LOW_ESCAPED = $(subst -,,$(COMPANY_NAME_LOW)) +COMPANY_NAME_ESC = $(subst -,,$(COMPANY_NAME_LOW)) -PACKAGE_NAME := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME_LOW)$(PRODUCT_EDITION) -PACKAGE_VERSION := $(PRODUCT_VERSION)-$(BUILD_NUMBER)~stretch -PACKAGE_BASEURL := https://s3.$(S3_REGION).amazonaws.com/$(S3_BUCKET)/server/linux/debian/$(BUILD_CHANNEL) +PACKAGE_NAME := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME)$(PRODUCT_EDITION) +PACKAGE_VERSION ?= $(PRODUCT_VERSION)-$(BUILD_NUMBER)~stretch +PACKAGE_BASEURL ?= https://s3.eu-west-1.amazonaws.com/repo-doc-onlyoffice-com/server/linux/debian/$(BUILD_CHANNEL) ifeq ($(BUILD_CHANNEL),$(filter $(BUILD_CHANNEL),nightly test)) DOCKER_TAG := $(PRODUCT_VERSION).$(BUILD_NUMBER) @@ -23,18 +20,17 @@ else DOCKER_TAG := $(PRODUCT_VERSION).$(BUILD_NUMBER)-$(subst /,-,$(GIT_BRANCH)) endif -DOCKER_IMAGE := $(subst -,,$(COMPANY_NAME_LOW))/4testing-$(PRODUCT_NAME_LOW)$(PRODUCT_EDITION) -DOCKER_DUMMY := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME_LOW)$(PRODUCT_EDITION)__$(DOCKER_TAG).dummy -DOCKER_ARCH := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME_LOW)_$(DOCKER_TAG).tar.gz -DOCKER_ARCH_URI := server/linux/docker/$(BUILD_CHANNEL)/$(notdir $(DOCKER_ARCH)) +DOCKER_IMAGE := $(COMPANY_NAME_ESC)/4testing-$(PRODUCT_NAME)$(PRODUCT_EDITION) +DOCKER_DUMMY := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME)$(PRODUCT_EDITION)__$(DOCKER_TAG).dummy +DOCKER_ARCH := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME)_$(DOCKER_TAG).tar.gz -.PHONY: all clean clean-docker image deploy docker publish +.PHONY: all clean clean-docker image deploy docker $(DOCKER_DUMMY): - docker pull ubuntu:20.04 + docker pull ubuntu:22.04 docker build \ --build-arg COMPANY_NAME=$(COMPANY_NAME_LOW) \ - --build-arg PRODUCT_NAME=$(PRODUCT_NAME_LOW) \ + --build-arg PRODUCT_NAME=$(PRODUCT_NAME) \ --build-arg PRODUCT_EDITION=$(PRODUCT_EDITION) \ --build-arg PACKAGE_VERSION=$(PACKAGE_VERSION) \ --build-arg PACKAGE_BASEURL=$(PACKAGE_BASEURL) \ @@ -68,7 +64,3 @@ ifeq ($(BUILD_CHANNEL),nightly) docker push $(DOCKER_IMAGE):latest && break || sleep 1m; \ done endif - -publish: $(DOCKER_ARCH) - aws s3 cp --no-progress --acl public-read \ - $(DOCKER_ARCH) s3://$(S3_BUCKET)/$(DOCKER_ARCH_URI) From 7fa2f598a19a56d06b234c46f94748a81b7e4313 Mon Sep 17 00:00:00 2001 From: Danil Titarenko <77471369+danilapog@users.noreply.github.com> Date: Tue, 20 Dec 2022 14:54:23 +0300 Subject: [PATCH 44/51] Fix ucs build (#537) * Fix ucs build * Change rabbitmq version on lower * Remove rabbimq version argument * Rename variable --- Dockerfile | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 55e4b6e..eeab60d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -11,13 +11,14 @@ ARG ONLYOFFICE_VALUE=onlyoffice RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \ apt-get -y update && \ - apt-get -yq install wget apt-transport-https gnupg locales && \ + apt-get -yq install wget apt-transport-https gnupg locales lsb-release && \ mkdir -p $HOME/.gnupg && \ gpg --no-default-keyring --keyring gnupg-ring:/etc/apt/trusted.gpg.d/onlyoffice.gpg --keyserver keyserver.ubuntu.com --recv-keys 0x8320ca65cb2de8e5 && \ chmod 644 /etc/apt/trusted.gpg.d/onlyoffice.gpg && \ locale-gen en_US.UTF-8 && \ echo ttf-mscorefonts-installer msttcorefonts/accepted-mscorefonts-eula select true | debconf-set-selections && \ wget -O - https://packagecloud.io/install/repositories/rabbitmq/rabbitmq-server/script.deb.sh | bash && \ + if [ $(lsb_release -cs) = focal ]; then RABBITMQ_VERSION=3.8.11-1; else RABBITMQ_VERSION=3.10 ; fi && \ apt-get -yq install \ adduser \ apt-utils \ @@ -46,7 +47,7 @@ RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \ postgresql \ postgresql-client \ pwgen \ - rabbitmq-server=3.10* \ + rabbitmq-server=${RABBITMQ_VERSION}* \ redis-server \ software-properties-common \ sudo \ From 759bed5c14ed97a32a2790091bac6e918216c423 Mon Sep 17 00:00:00 2001 From: Evgeniy Antonyuk Date: Fri, 30 Dec 2022 12:40:54 +0300 Subject: [PATCH 45/51] Add obligatory use of JWT parameters (#562) --- README.md | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 4c384e3..9e40e91 100644 --- a/README.md +++ b/README.md @@ -220,10 +220,20 @@ Then launch containers on it using the 'docker run --net onlyoffice' option: Follow [these steps](#installing-mysql) to install MySQL server. -**STEP 3**: Install ONLYOFFICE Document Server. +**STEP 3**: Generate JWT Secret + +JWT secret defines the secret key to validate the JSON Web Token in the request to the **ONLYOFFICE Document Server**. You can specify it yourself or easily get it using the command: +``` +JWT_SECRET=$(cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 12); +``` + +**STEP 4**: Install ONLYOFFICE Document Server. ```bash sudo docker run --net onlyoffice -i -t -d --restart=always --name onlyoffice-document-server \ + -e JWT_ENABLED=true \ + -e JWT_SECRET=${JWT_SECRET} \ + -e JWT_HEADER=AuthorizationJwt \ -v /app/onlyoffice/DocumentServer/logs:/var/log/onlyoffice \ -v /app/onlyoffice/DocumentServer/data:/var/www/onlyoffice/Data \ -v /app/onlyoffice/DocumentServer/lib:/var/lib/onlyoffice \ @@ -231,7 +241,7 @@ sudo docker run --net onlyoffice -i -t -d --restart=always --name onlyoffice-doc onlyoffice/documentserver ``` -**STEP 4**: Install ONLYOFFICE Mail Server. +**STEP 5**: Install ONLYOFFICE Mail Server. For the mail server correct work you need to specify its hostname 'yourdomain.com'. @@ -253,7 +263,7 @@ The additional parameters for mail server are available [here](https://github.co To learn more, refer to the [ONLYOFFICE Mail Server documentation](https://github.com/ONLYOFFICE/Docker-MailServer "ONLYOFFICE Mail Server documentation"). -**STEP 5**: Install ONLYOFFICE Community Server +**STEP 6**: Install ONLYOFFICE Community Server ```bash sudo docker run --net onlyoffice -i -t -d --restart=always --name onlyoffice-community-server -p 80:80 -p 443:443 -p 5222:5222 \ @@ -264,6 +274,9 @@ sudo docker run --net onlyoffice -i -t -d --restart=always --name onlyoffice-com -e MYSQL_SERVER_PASS=onlyoffice_pass \ -e DOCUMENT_SERVER_PORT_80_TCP_ADDR=onlyoffice-document-server \ + -e DOCUMENT_SERVER_JWT_ENABLED=true \ + -e DOCUMENT_SERVER_JWT_SECRET=${JWT_SECRET} \ + -e DOCUMENT_SERVER_JWT_HEADER=AuthorizationJwt \ -e MAIL_SERVER_API_HOST=${MAIL_SERVER_IP} \ -e MAIL_SERVER_DB_HOST=onlyoffice-mysql-server \ From 26f3d34ac3cdb048623caac54d494b74aeb3ea79 Mon Sep 17 00:00:00 2001 From: Evgeniy Antonyuk Date: Fri, 30 Dec 2022 12:50:18 +0300 Subject: [PATCH 46/51] Cosmetic changes README.md (#563) --- README.md | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/README.md b/README.md index 9e40e91..9797860 100644 --- a/README.md +++ b/README.md @@ -231,14 +231,14 @@ JWT_SECRET=$(cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 12); ```bash sudo docker run --net onlyoffice -i -t -d --restart=always --name onlyoffice-document-server \ - -e JWT_ENABLED=true \ - -e JWT_SECRET=${JWT_SECRET} \ - -e JWT_HEADER=AuthorizationJwt \ - -v /app/onlyoffice/DocumentServer/logs:/var/log/onlyoffice \ - -v /app/onlyoffice/DocumentServer/data:/var/www/onlyoffice/Data \ - -v /app/onlyoffice/DocumentServer/lib:/var/lib/onlyoffice \ - -v /app/onlyoffice/DocumentServer/db:/var/lib/postgresql \ - onlyoffice/documentserver + -e JWT_ENABLED=true \ + -e JWT_SECRET=${JWT_SECRET} \ + -e JWT_HEADER=AuthorizationJwt \ + -v /app/onlyoffice/DocumentServer/logs:/var/log/onlyoffice \ + -v /app/onlyoffice/DocumentServer/data:/var/www/onlyoffice/Data \ + -v /app/onlyoffice/DocumentServer/lib:/var/lib/onlyoffice \ + -v /app/onlyoffice/DocumentServer/db:/var/lib/postgresql \ + onlyoffice/documentserver ``` **STEP 5**: Install ONLYOFFICE Mail Server. @@ -266,7 +266,7 @@ To learn more, refer to the [ONLYOFFICE Mail Server documentation](https://githu **STEP 6**: Install ONLYOFFICE Community Server ```bash -sudo docker run --net onlyoffice -i -t -d --restart=always --name onlyoffice-community-server -p 80:80 -p 443:443 -p 5222:5222 \ +sudo docker run --net onlyoffice -i -t -d --privileged --restart=always --name onlyoffice-community-server -p 80:80 -p 443:443 -p 5222:5222 --cgroupns=host \ -e MYSQL_SERVER_ROOT_PASSWORD=my-secret-pw \ -e MYSQL_SERVER_DB_NAME=onlyoffice \ -e MYSQL_SERVER_HOST=onlyoffice-mysql-server \ @@ -287,12 +287,14 @@ sudo docker run --net onlyoffice -i -t -d --restart=always --name onlyoffice-com -v /app/onlyoffice/CommunityServer/data:/var/www/onlyoffice/Data \ -v /app/onlyoffice/CommunityServer/logs:/var/log/onlyoffice \ + -v /app/onlyoffice/CommunityServer/letsencrypt:/etc/letsencrypt \ + -v /sys/fs/cgroup:/sys/fs/cgroup:rw \ onlyoffice/communityserver ``` Where `${MAIL_SERVER_IP}` is the IP address for **ONLYOFFICE Mail Server**. You can easily get it using the command: ``` -docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' onlyoffice-mail-server +MAIL_SERVER_IP=$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' onlyoffice-mail-server) ``` Alternatively, you can use an automatic installation script to install the whole ONLYOFFICE Community Edition at once. For the mail server correct work you need to specify its hostname 'yourdomain.com'. From 611db1f4a9a8b13ce1f1c456b7cb06e2eac03795 Mon Sep 17 00:00:00 2001 From: Danil Titarenko <77471369+danilapog@users.noreply.github.com> Date: Wed, 18 Jan 2023 17:58:48 +0300 Subject: [PATCH 47/51] Fix docker build by downgrading rabbit from 3.10 to 3.9 (#569) --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index c4fb454..a0e2156 100644 --- a/Dockerfile +++ b/Dockerfile @@ -18,7 +18,7 @@ RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \ locale-gen en_US.UTF-8 && \ echo ttf-mscorefonts-installer msttcorefonts/accepted-mscorefonts-eula select true | debconf-set-selections && \ wget -O - https://packagecloud.io/install/repositories/rabbitmq/rabbitmq-server/script.deb.sh | bash && \ - if [ $(lsb_release -cs) = focal ]; then RABBITMQ_VERSION=3.8.11-1; else RABBITMQ_VERSION=3.10 ; fi && \ + if [ $(lsb_release -cs) = focal ]; then RABBITMQ_VERSION=3.8.11-1; else RABBITMQ_VERSION=3.9 ; fi && \ apt-get -yq install \ adduser \ apt-utils \ From c017ed168090564fb90672e535159b00e7f83eab Mon Sep 17 00:00:00 2001 From: Danil Titarenko <77471369+danilapog@users.noreply.github.com> Date: Tue, 31 Jan 2023 15:18:39 +0300 Subject: [PATCH 48/51] Fix stable build (#573) Remove image present checker, because its not work corractly --- .github/workflows/stable-build.yml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/.github/workflows/stable-build.yml b/.github/workflows/stable-build.yml index 26eff41..f9ccdb7 100644 --- a/.github/workflows/stable-build.yml +++ b/.github/workflows/stable-build.yml @@ -44,8 +44,6 @@ jobs: VERSION=${{ github.event.inputs.tag }} PRODUCT_EDITION=${{ matrix.edition }} TESTING_IMAGE=${COMPANY_NAME}/4testing-${PRODUCT_NAME}${PRODUCT_EDITION} - if docker manifest inspect ${TESTING_IMAGE}:${VERSION} > /dev/null; then - echo "Image present on docker.hub >> start build stable version" export PRODUCT_EDITION export TAG=${VERSION} export SHORTER_TAG=${VERSION%.*} @@ -53,10 +51,6 @@ jobs: docker buildx bake -f docker-bake.hcl ${{ matrix.images }} --push echo "DONE: Build success >> exit with 0" exit 0 - else - echo "FAILED: Image with tag ${VERSION} do not presented on docker.hub >> build will not started >> exit with 1" - exit 1 - fi shell: bash build-nonexample: From f98d6a4ae3f0ef9bc8b8c46d60a27989857f69b4 Mon Sep 17 00:00:00 2001 From: Danil Titarenko <77471369+danilapog@users.noreply.github.com> Date: Tue, 31 Jan 2023 17:05:26 +0300 Subject: [PATCH 49/51] Fix ucs build (#574) Links on packages was update --- .github/workflows/stable-build.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/stable-build.yml b/.github/workflows/stable-build.yml index f9ccdb7..d0cc970 100644 --- a/.github/workflows/stable-build.yml +++ b/.github/workflows/stable-build.yml @@ -114,11 +114,11 @@ jobs: run: | set -eux export PRODUCT_EDITION=${{ matrix.edition }} - export PACKAGE_BASEURL=${{ secrets.REPO_BASEURL_OLD }}/testing/ubuntu + export PACKAGE_BASEURL=${{ secrets.REPO_BASEURL }}/test export DOCKERFILE=Dockerfile export BASE_IMAGE=ubuntu:20.04 export PG_VERSION=12 export TAG=${{ github.event.inputs.tag }} - export PACKAGE_VERSION=$( echo ${TAG} | sed -E 's/(.*)\./\1-/') + export PACKAGE_VERSION=$( echo ${TAG} | sed -E 's/(.*)\./\1-/')~stretch docker buildx bake -f docker-bake.hcl documentserver-ucs --push shell: bash From a3d7ed7ceb2a1f94ea4e86d35cd2bddd61d12847 Mon Sep 17 00:00:00 2001 From: Danil Titarenko <77471369+danilapog@users.noreply.github.com> Date: Thu, 2 Feb 2023 18:41:49 +0300 Subject: [PATCH 50/51] Install rabbitmq-server from default ubuntu repo, fixed bug closes #575 (#578) (cherry picked from commit cac79dea01b64793909ed505d28c9cc5667aac9b) --- Dockerfile | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index a0e2156..8bba423 100644 --- a/Dockerfile +++ b/Dockerfile @@ -17,8 +17,6 @@ RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \ chmod 644 /etc/apt/trusted.gpg.d/onlyoffice.gpg && \ locale-gen en_US.UTF-8 && \ echo ttf-mscorefonts-installer msttcorefonts/accepted-mscorefonts-eula select true | debconf-set-selections && \ - wget -O - https://packagecloud.io/install/repositories/rabbitmq/rabbitmq-server/script.deb.sh | bash && \ - if [ $(lsb_release -cs) = focal ]; then RABBITMQ_VERSION=3.8.11-1; else RABBITMQ_VERSION=3.9 ; fi && \ apt-get -yq install \ adduser \ apt-utils \ @@ -47,7 +45,7 @@ RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \ postgresql \ postgresql-client \ pwgen \ - rabbitmq-server=${RABBITMQ_VERSION}* \ + rabbitmq-server \ redis-server \ software-properties-common \ sudo \ From 934d17b994c739d0b418db6212d05426933f0462 Mon Sep 17 00:00:00 2001 From: Alexey Golubev Date: Tue, 7 Feb 2023 13:00:29 +0500 Subject: [PATCH 51/51] Fix bug #61002 (#583) Removed unused code that was causing a build error --- Dockerfile | 3 --- 1 file changed, 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index 8bba423..b798712 100644 --- a/Dockerfile +++ b/Dockerfile @@ -12,9 +12,6 @@ ARG ONLYOFFICE_VALUE=onlyoffice RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \ apt-get -y update && \ apt-get -yq install wget apt-transport-https gnupg locales lsb-release && \ - mkdir -p $HOME/.gnupg && \ - gpg --no-default-keyring --keyring gnupg-ring:/etc/apt/trusted.gpg.d/onlyoffice.gpg --keyserver keyserver.ubuntu.com --recv-keys 0x8320ca65cb2de8e5 && \ - chmod 644 /etc/apt/trusted.gpg.d/onlyoffice.gpg && \ locale-gen en_US.UTF-8 && \ echo ttf-mscorefonts-installer msttcorefonts/accepted-mscorefonts-eula select true | debconf-set-selections && \ apt-get -yq install \