From 26854106a35c18df6b1c4c83b4062553ced6250b Mon Sep 17 00:00:00 2001 From: Roman Demidov <58073444+romandemidov@users.noreply.github.com> Date: Thu, 8 Oct 2020 15:58:07 +0300 Subject: [PATCH 1/6] Add consent to the fonts license (#297) * Add concent to the fonts license * Small changes * Small changes Co-authored-by: papacarlo Co-authored-by: Roman --- Dockerfile | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/Dockerfile b/Dockerfile index 672bc47..8171538 100644 --- a/Dockerfile +++ b/Dockerfile @@ -10,6 +10,7 @@ RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \ apt-get -yq install wget apt-transport-https gnupg locales && \ apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 0x8320ca65cb2de8e5 && \ locale-gen en_US.UTF-8 && \ + echo ttf-mscorefonts-installer msttcorefonts/accepted-mscorefonts-eula select true | debconf-set-selections && \ apt-get -yq install \ adduser \ apt-utils \ @@ -41,8 +42,11 @@ RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \ software-properties-common \ sudo \ supervisor \ + ttf-mscorefonts-installer \ xvfb \ zlib1g && \ + if [ $(ls -l /usr/share/fonts/truetype/msttcorefonts | wc -l) -ne 61 ]; \ + then echo 'msttcorefonts failed to download'; exit 1; fi && \ echo "SERVER_ADDITIONAL_ERL_ARGS=\"+S 1:1\"" | tee -a /etc/rabbitmq/rabbitmq-env.conf && \ sed -i "s/bind .*/bind 127.0.0.1/g" /etc/redis/redis.conf && \ sed 's|\(application\/zip.*\)|\1\n application\/wasm wasm;|' -i /etc/nginx/mime.types && \ From 211ae509801d464da559745c370a1e42e90a2621 Mon Sep 17 00:00:00 2001 From: Roman Demidov <58073444+romandemidov@users.noreply.github.com> Date: Tue, 20 Oct 2020 16:14:55 +0300 Subject: [PATCH 2/6] Fix #281: Add option to disable CPU-heavy tasks on startup (#293) * Fix #281: Add option to disable CPU-heavy tasks on startup * Update README.md Co-authored-by: Sandro * Update README.md Co-authored-by: Roman Co-authored-by: Sandro --- README.md | 1 + run-document-server.sh | 6 +++++- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 6b36a16..d3342a9 100644 --- a/README.md +++ b/README.md @@ -181,6 +181,7 @@ Below is the complete list of parameters that can be set using environment varia - **JWT_HEADER**: Defines the http header that will be used to send the JSON Web Token. Defaults to `Authorization`. - **JWT_IN_BODY**: Specifies the enabling the token validation in the request body to the ONLYOFFICE Document Server. Defaults to `false`. - **USE_UNAUTHORIZED_STORAGE**: Set to `true`if using selfsigned certificates for your storage server e.g. Nextcloud. Defaults to `false` +- **GENERATE_FONTS**: When 'true' regenerates fonts list and the fonts thumbnails etc. at each start. Defaults to `true` - **METRICS_ENABLED**: Specifies the enabling StatsD for ONLYOFFICE Document Server. Defaults to `false`. - **METRICS_HOST**: Defines StatsD listening host. Defaults to `localhost`. - **METRICS_PORT**: Defines StatsD listening port. Defaults to `8125`. diff --git a/run-document-server.sh b/run-document-server.sh index 6adcc65..0d97c29 100755 --- a/run-document-server.sh +++ b/run-document-server.sh @@ -55,6 +55,8 @@ JWT_SECRET=${JWT_SECRET:-secret} JWT_HEADER=${JWT_HEADER:-Authorization} JWT_IN_BODY=${JWT_IN_BODY:-false} +GENERATE_FONTS=${GENERATE_FONTS:-true} + if [[ ${PRODUCT_NAME} == "documentserver" ]]; then REDIS_ENABLED=false else @@ -543,7 +545,9 @@ fi service nginx start # Regenerate the fonts list and the fonts thumbnails -documentserver-generate-allfonts.sh ${ONLYOFFICE_DATA_CONTAINER} +if [ "${GENERATE_FONTS}" == "true" ]; then + documentserver-generate-allfonts.sh ${ONLYOFFICE_DATA_CONTAINER} +fi documentserver-static-gzip.sh ${ONLYOFFICE_DATA_CONTAINER} tail -f /var/log/${COMPANY_NAME}/**/*.log & From bdef500858ca0ea88f3b6801e24d384e41f25797 Mon Sep 17 00:00:00 2001 From: Roman Demidov Date: Thu, 22 Oct 2020 13:47:51 +0300 Subject: [PATCH 3/6] Allow let's encrypte sertificates (#300) * Allow let's encrypte sertificates Co-authored-by: papacarlo Co-authored-by: Roman --- Dockerfile | 1 + README.md | 11 ++++++++++- run-document-server.sh | 12 ++++++++++++ 3 files changed, 23 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 8171538..1661f53 100644 --- a/Dockerfile +++ b/Dockerfile @@ -15,6 +15,7 @@ RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \ adduser \ apt-utils \ bomstrip \ + certbot \ htop \ libasound2 \ libboost-regex-dev \ diff --git a/README.md b/README.md index d3342a9..bd22231 100644 --- a/README.md +++ b/README.md @@ -99,7 +99,14 @@ So you need to create and install the following files: /app/onlyoffice/DocumentServer/data/certs/tls.key /app/onlyoffice/DocumentServer/data/certs/tls.crt -When using CA certified certificates, these files are provided to you by the CA. When using self-signed certificates you need to generate these files yourself. Skip the following section if you have CA certified SSL certificates (e.g. [Let's Encrypt](https://letsencrypt.org)). +When using CA certified certificates (e.g [Let's encrypt](https://letsencrypt.org)), these files are provided to you by the CA. If you are using self-signed certificates you need to generate these files [yourself](#generation-of-self-signed-certificates). + +#### Using the automatically generated Let's Encrypt SSL Certificates + + sudo docker run -i -t -d -p 443:443 \ + -e LETS_ENCRYPT_DOMAIN=your_domain -e LETS_ENCRYPT_MAIL=your_mail onlyoffice/documentserver + +If you want to get and extend Let's Encrypt SSL Certificates automatically just set LETS_ENCRYPT_DOMAIN and LETS_ENCRYPT_MAIL variables. #### Generation of Self Signed Certificates @@ -186,6 +193,8 @@ Below is the complete list of parameters that can be set using environment varia - **METRICS_HOST**: Defines StatsD listening host. Defaults to `localhost`. - **METRICS_PORT**: Defines StatsD listening port. Defaults to `8125`. - **METRICS_PREFIX**: Defines StatsD metrics prefix for backend services. Defaults to `ds.`. +- **LETS_ENCRYPT_DOMAIN**: Defines the domain for Let's Encrypt certificate. +- **LETS_ENCRYPT_MAIL**: Defines the domain administator mail address for Let's Encrypt certificate. ## Installing ONLYOFFICE Document Server integrated with Community and Mail Servers diff --git a/run-document-server.sh b/run-document-server.sh index 0d97c29..e1b32c4 100755 --- a/run-document-server.sh +++ b/run-document-server.sh @@ -82,6 +82,12 @@ PG_NEW_CLUSTER=false RABBITMQ_DATA=/var/lib/rabbitmq REDIS_DATA=/var/lib/redis +if [ ${LETS_ENCRYPT_DOMAIN} != "" -a ${LETS_ENCRYPT_MAIL} != "" ]; then + LETSENCRYPT_ROOT_DIR="/etc/letsencrypt/live" + SSL_CERTIFICATE_PATH=${LETSENCRYPT_ROOT_DIR}/${LETS_ENCRYPT_DOMAIN}/fullchain.pem + SSL_KEY_PATH=${LETSENCRYPT_ROOT_DIR}/${LETS_ENCRYPT_DOMAIN}/privkey.pem +fi + read_setting(){ deprecated_var POSTGRESQL_SERVER_HOST DB_HOST deprecated_var POSTGRESQL_SERVER_PORT DB_PORT @@ -544,6 +550,12 @@ fi # it run in all cases. service nginx start +if [ ${LETS_ENCRYPT_DOMAIN} != "" -a ${LETS_ENCRYPT_MAIL} != "" ]; then + if [ ! -f "${SSL_CERTIFICATE_PATH}" -a ! -f "${SSL_KEY_PATH}" ]; then + documentserver-letsencrypt.sh ${LETS_ENCRYPT_MAIL} ${LETS_ENCRYPT_DOMAIN} + fi +fi + # Regenerate the fonts list and the fonts thumbnails if [ "${GENERATE_FONTS}" == "true" ]; then documentserver-generate-allfonts.sh ${ONLYOFFICE_DATA_CONTAINER} From 9e63609c14fe2f023629b268ea7e8d3d591afe9f Mon Sep 17 00:00:00 2001 From: evgeniy-antonyuk Date: Tue, 27 Oct 2020 13:50:48 +0300 Subject: [PATCH 4/6] Fix custom db name bug (#304) Co-authored-by: papacarlo --- run-document-server.sh | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-) diff --git a/run-document-server.sh b/run-document-server.sh index e1b32c4..6196295 100755 --- a/run-document-server.sh +++ b/run-document-server.sh @@ -329,20 +329,12 @@ create_db_tbl() { } create_postgresql_tbl() { - CONNECTION_PARAMS="-h$DB_HOST -p$DB_PORT -U$DB_USER -w" if [ -n "$DB_PWD" ]; then export PGPASSWORD=$DB_PWD fi - PSQL="psql -q $CONNECTION_PARAMS" - CREATEDB="createdb $CONNECTION_PARAMS" - - # Create db on remote server - if $PSQL -lt | cut -d\| -f 1 | grep -qw $DB_NAME | grep 0; then - $CREATEDB $DB_NAME - fi - - $PSQL -d "$DB_NAME" -f "$APP_DIR/server/schema/postgresql/createdb.sql" + PSQL="psql -q -h$DB_HOST -p$DB_PORT -d$DB_NAME -U$DB_USER -w" + $PSQL -f "$APP_DIR/server/schema/postgresql/createdb.sql" } create_mysql_tbl() { From 326a005ac7b30e7512ba4188010a4ff9f1b60b6e Mon Sep 17 00:00:00 2001 From: Roman Demidov Date: Wed, 18 Nov 2020 10:46:19 +0300 Subject: [PATCH 5/6] Fix empty lets encrypt params error (#310) --- run-document-server.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/run-document-server.sh b/run-document-server.sh index 6196295..1962b7a 100755 --- a/run-document-server.sh +++ b/run-document-server.sh @@ -82,7 +82,7 @@ PG_NEW_CLUSTER=false RABBITMQ_DATA=/var/lib/rabbitmq REDIS_DATA=/var/lib/redis -if [ ${LETS_ENCRYPT_DOMAIN} != "" -a ${LETS_ENCRYPT_MAIL} != "" ]; then +if [ "${LETS_ENCRYPT_DOMAIN}" != "" -a "${LETS_ENCRYPT_MAIL}" != "" ]; then LETSENCRYPT_ROOT_DIR="/etc/letsencrypt/live" SSL_CERTIFICATE_PATH=${LETSENCRYPT_ROOT_DIR}/${LETS_ENCRYPT_DOMAIN}/fullchain.pem SSL_KEY_PATH=${LETSENCRYPT_ROOT_DIR}/${LETS_ENCRYPT_DOMAIN}/privkey.pem @@ -542,7 +542,7 @@ fi # it run in all cases. service nginx start -if [ ${LETS_ENCRYPT_DOMAIN} != "" -a ${LETS_ENCRYPT_MAIL} != "" ]; then +if [ "${LETS_ENCRYPT_DOMAIN}" != "" -a "${LETS_ENCRYPT_MAIL}" != "" ]; then if [ ! -f "${SSL_CERTIFICATE_PATH}" -a ! -f "${SSL_KEY_PATH}" ]; then documentserver-letsencrypt.sh ${LETS_ENCRYPT_MAIL} ${LETS_ENCRYPT_DOMAIN} fi From eddbbbf3eb212df18278b35b44b814743c996bec Mon Sep 17 00:00:00 2001 From: Alexey Golubev Date: Fri, 20 Nov 2020 10:53:36 +0300 Subject: [PATCH 6/6] Fix unsupported rabbitmq ver. Use 20.04 as base. (#307) * Fix unsupported rabbitmq ver. Use 20.04 as base. * Extend timeout for test (#311) * test01 * Timeout * Small changes * Change timeout to 90 Co-authored-by: Roman Demidov --- Dockerfile | 11 ++++++----- run-document-server.sh | 1 - tests/test.sh | 2 +- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/Dockerfile b/Dockerfile index 1661f53..52525a3 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,7 @@ -FROM ubuntu:18.04 +FROM ubuntu:20.04 LABEL maintainer Ascensio System SIA -ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 DEBIAN_FRONTEND=noninteractive +ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 DEBIAN_FRONTEND=noninteractive PG_VERSION=12 ARG ONLYOFFICE_VALUE=onlyoffice @@ -16,13 +16,14 @@ RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \ apt-utils \ bomstrip \ certbot \ + curl \ + gconf-service \ htop \ libasound2 \ libboost-regex-dev \ libcairo2 \ - libcurl3 \ libcurl3-gnutls \ - libgconf2-4 \ + libcurl4 \ libgtk-3-0 \ libnspr4 \ libnss3 \ @@ -51,7 +52,7 @@ RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \ echo "SERVER_ADDITIONAL_ERL_ARGS=\"+S 1:1\"" | tee -a /etc/rabbitmq/rabbitmq-env.conf && \ sed -i "s/bind .*/bind 127.0.0.1/g" /etc/redis/redis.conf && \ sed 's|\(application\/zip.*\)|\1\n application\/wasm wasm;|' -i /etc/nginx/mime.types && \ - pg_conftool 10 main set listen_addresses 'localhost' && \ + pg_conftool $PG_VERSION main set listen_addresses 'localhost' && \ service postgresql restart && \ sudo -u postgres psql -c "CREATE DATABASE $ONLYOFFICE_VALUE;" && \ sudo -u postgres psql -c "CREATE USER $ONLYOFFICE_VALUE WITH password '$ONLYOFFICE_VALUE';" && \ diff --git a/run-document-server.sh b/run-document-server.sh index 1962b7a..626b72a 100755 --- a/run-document-server.sh +++ b/run-document-server.sh @@ -75,7 +75,6 @@ JSON_EXAMPLE="${JSON_BIN} -q -f ${ONLYOFFICE_EXAMPLE_CONFIG}" LOCAL_SERVICES=() PG_ROOT=/var/lib/postgresql -PG_VERSION=10 PG_NAME=main PGDATA=${PG_ROOT}/${PG_VERSION}/${PG_NAME} PG_NEW_CLUSTER=false diff --git a/tests/test.sh b/tests/test.sh index 6028584..535003a 100755 --- a/tests/test.sh +++ b/tests/test.sh @@ -36,7 +36,7 @@ fi # Run test environment docker-compose -p ds -f $config up -d -wakeup_timeout=30 +wakeup_timeout=90 # Get documentserver healthcheck status echo "Wait for service wake up"