diff --git a/Dockerfile b/Dockerfile index b760ed6..a59c52c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -8,7 +8,7 @@ RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \ apt-get -yq install wget apt-transport-https curl locales && \ apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 0x8320ca65cb2de8e5 && \ locale-gen en_US.UTF-8 && \ - curl -sL https://deb.nodesource.com/setup_6.x | bash - && \ + curl -sL https://deb.nodesource.com/setup_8.x | bash - && \ apt-get -y update && \ apt-get -yq install \ adduser \ @@ -72,4 +72,4 @@ RUN echo "$REPO_URL" | tee /etc/apt/sources.list.d/onlyoffice.list && \ VOLUME /etc/onlyoffice /var/log/onlyoffice /var/lib/onlyoffice /var/www/onlyoffice/Data /var/lib/postgresql /usr/share/fonts/truetype/custom -CMD bash -C '/app/onlyoffice/run-document-server.sh';'bash' +ENTRYPOINT /app/onlyoffice/run-document-server.sh diff --git a/README.md b/README.md index b421d55..3d01edf 100644 --- a/README.md +++ b/README.md @@ -13,6 +13,7 @@ * [Installing ONLYOFFICE Document Server integrated with Community and Mail Servers](#installing-onlyoffice-document-server-integrated-with-community-and-mail-servers) * [Issues](#issues) - [Docker Issues](#docker-issues) + - [Document Server usage Issues](#document-server-usage-issues) * [Project Information](#project-information) * [User Feedback and Support](#user-feedback-and-support) @@ -281,6 +282,16 @@ As a relatively new project Docker is being worked on and actively developed by The known Docker issue with ONLYOFFICE Document Server with rpm-based distributives is that sometimes the processes fail to start inside Docker container. Fedora and RHEL/CentOS users should try disabling selinux with setenforce 0. If it fixes the issue then you can either stick with SELinux disabled which is not recommended by RedHat, or switch to using Ubuntu. +### Document Server usage issues + +Due to the operational characteristic, **Document Server** saves a document only after the document has been closed by all the users who edited it. To avoid data loss, you must forcefully disconnect the **Document Server** users when you need to stop **Document Server** in cases of the application update, server reboot etc. To do that, execute the following script on the server where **Document Server** is installed: + +``` +sudo docker exec documentserver-prepare4shutdown.sh +``` + +Please note, that both executing the script and disconnecting users may take a long time (up to 5 minutes). + ## Project Information Official website: [http://www.onlyoffice.org](http://onlyoffice.org "http://www.onlyoffice.org") diff --git a/run-document-server.sh b/run-document-server.sh index d95673e..c4ad86f 100755 --- a/run-document-server.sh +++ b/run-document-server.sh @@ -1,5 +1,8 @@ #!/bin/bash +# Define '**' behavior explicitly +shopt -s globstar + APP_DIR="/var/www/onlyoffice/documentserver" DATA_DIR="/var/www/onlyoffice/Data" LOG_DIR="/var/log/onlyoffice" @@ -22,8 +25,8 @@ ONLYOFFICE_HTTPS_HSTS_MAXAGE=${ONLYOFFICE_HTTPS_HSTS_MAXAGE:-31536000} SYSCONF_TEMPLATES_DIR="/app/onlyoffice/setup/config" NGINX_CONFD_PATH="/etc/nginx/conf.d"; -NGINX_ONLYOFFICE_CONF="${NGINX_CONFD_PATH}/onlyoffice-documentserver.conf" NGINX_ONLYOFFICE_PATH="${CONF_DIR}/nginx" +NGINX_ONLYOFFICE_CONF="${NGINX_ONLYOFFICE_PATH}/onlyoffice-documentserver.conf" NGINX_ONLYOFFICE_EXAMPLE_PATH="${CONF_DIR}-example/nginx" NGINX_ONLYOFFICE_EXAMPLE_CONF="${NGINX_ONLYOFFICE_EXAMPLE_PATH}/includes/onlyoffice-documentserver-example.conf" @@ -35,9 +38,9 @@ JWT_ENABLED=${JWT_ENABLED:-false} JWT_SECRET=${JWT_SECRET:-secret} JWT_HEADER=${JWT_HEADER:-Authorization} -ONLYOFFICE_DEFAULT_CONFIG=${CONF_DIR}/default.json +ONLYOFFICE_DEFAULT_CONFIG=${CONF_DIR}/local.json ONLYOFFICE_LOG4JS_CONFIG=${CONF_DIR}/log4js/production.json -ONLYOFFICE_EXAMPLE_CONFIG=${CONF_DIR}-example/default.json +ONLYOFFICE_EXAMPLE_CONFIG=${CONF_DIR}-example/local.json JSON="json -q -f ${ONLYOFFICE_DEFAULT_CONFIG}" JSON_LOG="json -q -f ${ONLYOFFICE_LOG4JS_CONFIG}" @@ -45,14 +48,15 @@ JSON_EXAMPLE="json -q -f ${ONLYOFFICE_EXAMPLE_CONFIG}" LOCAL_SERVICES=() +PG_ROOT=/var/lib/postgresql PG_VERSION=9.5 PG_NAME=main -PGDATA=/var/lib/postgresql/${PG_VERSION}/${PG_NAME} +PGDATA=${PG_ROOT}/${PG_VERSION}/${PG_NAME} PG_NEW_CLUSTER=false read_setting(){ POSTGRESQL_SERVER_HOST=${POSTGRESQL_SERVER_HOST:-$(${JSON} services.CoAuthoring.sql.dbHost)} - POSTGRESQL_SERVER_PORT=${POSTGRESQL_SERVER_PORT:-$(${JSON} services.CoAuthoring.sql.dbPort)} + POSTGRESQL_SERVER_PORT=${POSTGRESQL_SERVER_PORT:-5432} POSTGRESQL_SERVER_DB_NAME=${POSTGRESQL_SERVER_DB_NAME:-$(${JSON} services.CoAuthoring.sql.dbName)} POSTGRESQL_SERVER_USER=${POSTGRESQL_SERVER_USER:-$(${JSON} services.CoAuthoring.sql.dbUser)} POSTGRESQL_SERVER_PASS=${POSTGRESQL_SERVER_PASS:-$(${JSON} services.CoAuthoring.sql.dbPass)} @@ -61,7 +65,7 @@ read_setting(){ parse_rabbitmq_url REDIS_SERVER_HOST=${REDIS_SERVER_HOST:-$(${JSON} services.CoAuthoring.redis.host)} - REDIS_SERVER_PORT=${REDIS_SERVER_PORT:-$(${JSON} services.CoAuthoring.redis.port)} + REDIS_SERVER_PORT=${REDIS_SERVER_PORT:-6379} DS_LOG_LEVEL=${DS_LOG_LEVEL:-$(${JSON_LOG} levels.nodeJS)} } @@ -147,9 +151,9 @@ update_redis_settings(){ update_jwt_settings(){ if [ "${JWT_ENABLED}" == "true" ]; then - ${JSON} -I -e "this.services.CoAuthoring.token.enable.browser = '${JWT_ENABLED}'" - ${JSON} -I -e "this.services.CoAuthoring.token.enable.request.inbox = '${JWT_ENABLED}'" - ${JSON} -I -e "this.services.CoAuthoring.token.enable.request.outbox = '${JWT_ENABLED}'" + ${JSON} -I -e "this.services.CoAuthoring.token.enable.browser = ${JWT_ENABLED}" + ${JSON} -I -e "this.services.CoAuthoring.token.enable.request.inbox = ${JWT_ENABLED}" + ${JSON} -I -e "this.services.CoAuthoring.token.enable.request.outbox = ${JWT_ENABLED}" ${JSON} -I -e "this.services.CoAuthoring.secret.inbox.string = '${JWT_SECRET}'" ${JSON} -I -e "this.services.CoAuthoring.secret.outbox.string = '${JWT_SECRET}'" @@ -158,8 +162,8 @@ update_jwt_settings(){ ${JSON} -I -e "this.services.CoAuthoring.token.inbox.header = '${JWT_HEADER}'" ${JSON} -I -e "this.services.CoAuthoring.token.outbox.header = '${JWT_HEADER}'" - if [ -f "${ONLYOFFICE_EXAMPLE_CONFIG}" ]; then - ${JSON_EXAMPLE} -I -e "this.server.token.enable = '${JWT_ENABLED}'" + if [ -f "${ONLYOFFICE_EXAMPLE_CONFIG}" ] && [ "${JWT_ENABLED}" == "true" ]; then + ${JSON_EXAMPLE} -I -e "this.server.token.enable = ${JWT_ENABLED}" ${JSON_EXAMPLE} -I -e "this.server.token.secret = '${JWT_SECRET}'" ${JSON_EXAMPLE} -I -e "this.server.token.authorizationHeader = '${JWT_HEADER}'" fi @@ -208,7 +212,7 @@ update_nginx_settings(){ # setup HTTPS if [ -f "${SSL_CERTIFICATE_PATH}" -a -f "${SSL_KEY_PATH}" ]; then - ln -sf ${NGINX_ONLYOFFICE_PATH}/onlyoffice-documentserver-ssl.conf.template ${NGINX_ONLYOFFICE_CONF} + cp -f ${NGINX_ONLYOFFICE_PATH}/onlyoffice-documentserver-ssl.conf.template ${NGINX_ONLYOFFICE_CONF} # configure nginx sed 's,{{SSL_CERTIFICATE_PATH}},'"${SSL_CERTIFICATE_PATH}"',' -i ${NGINX_ONLYOFFICE_CONF} @@ -263,7 +267,7 @@ done mkdir -p ${DS_LOG_DIR}-example # change folder rights -for i in ${LOG_DIR} ${LIB_DIR} ${DATA_DIR}; do +for i in ${CONF_DIR} ${LOG_DIR} ${LIB_DIR} ${DATA_DIR}; do chown -R onlyoffice:onlyoffice "$i" chmod -R 755 "$i" done @@ -282,6 +286,11 @@ if [ ${ONLYOFFICE_DATA_CONTAINER_HOST} = "localhost" ]; then waiting_for_postgresql create_postgresql_tbl else + # change rights for postgres directory + chown -R postgres:postgres ${PG_ROOT} + chmod -R 700 ${PG_ROOT} + + # create new db if it isn't exist if [ ! -d ${PGDATA} ]; then create_postgresql_cluster PG_NEW_CLUSTER=true @@ -328,6 +337,9 @@ if [ ${ONLYOFFICE_DATA_CONTAINER} != "true" ]; then update_supervisor_settings service supervisor start + + # start cron to enable log rotating + service cron start fi # nginx used as a proxy, and as data container status service. @@ -337,3 +349,5 @@ service nginx start # Regenerate the fonts list and the fonts thumbnails documentserver-generate-allfonts.sh ${ONLYOFFICE_DATA_CONTAINER} documentserver-static-gzip.sh ${ONLYOFFICE_DATA_CONTAINER} + +tail -f /var/log/onlyoffice/**/*.log