diff --git a/README.md b/README.md index 7ecaf9c..12beef5 100644 --- a/README.md +++ b/README.md @@ -180,7 +180,7 @@ Below is the complete list of parameters that can be set using environment varia - **JWT_SECRET**: Defines the secret key to validate the JSON Web Token in the request to the ONLYOFFICE Document Server. Defaults to `secret`. - **JWT_HEADER**: Defines the http header that will be used to send the JSON Web Token. Defaults to `Authorization`. - **JWT_IN_BODY**: Specifies the enabling the token validation in the request body to the ONLYOFFICE Document Server. Defaults to `false`. -- **REJECT_UNAUTHORIZED_STORAGE**: Set to `true`if using selfsigned certificates for your storage server e.g. Nextcloud. Defaults to `false` +- **USE_UNAUTHORIZED_STORAGE**: Set to `true`if using selfsigned certificates for your storage server e.g. Nextcloud. Defaults to `false` ## Installing ONLYOFFICE Document Server integrated with Community and Mail Servers diff --git a/run-document-server.sh b/run-document-server.sh index 81f59f1..673808d 100755 --- a/run-document-server.sh +++ b/run-document-server.sh @@ -21,7 +21,7 @@ SSL_KEY_PATH=${SSL_KEY_PATH:-${SSL_CERTIFICATES_DIR}/onlyoffice.key} CA_CERTIFICATES_PATH=${CA_CERTIFICATES_PATH:-${SSL_CERTIFICATES_DIR}/ca-certificates.pem} SSL_DHPARAM_PATH=${SSL_DHPARAM_PATH:-${SSL_CERTIFICATES_DIR}/dhparam.pem} SSL_VERIFY_CLIENT=${SSL_VERIFY_CLIENT:-off} -REJECT_UNAUTHORIZED_STORAGE=${REJECT_UNAUTHORIZED_STORAGE:-false} +USE_UNAUTHORIZED_STORAGE=${USE_UNAUTHORIZED_STORAGE:-false} ONLYOFFICE_HTTPS_HSTS_ENABLED=${ONLYOFFICE_HTTPS_HSTS_ENABLED:-true} ONLYOFFICE_HTTPS_HSTS_MAXAGE=${ONLYOFFICE_HTTPS_HSTS_MAXAGE:-31536000} SYSCONF_TEMPLATES_DIR="/app/ds/setup/config" @@ -229,7 +229,7 @@ update_redis_settings(){ ${JSON} -I -e "this.services.CoAuthoring.redis.port = '${REDIS_SERVER_PORT}'" } -update_jwt_settings(){ +update_ds_settings(){ if [ "${JWT_ENABLED}" == "true" ]; then ${JSON} -I -e "this.services.CoAuthoring.token.enable.browser = ${JWT_ENABLED}" ${JSON} -I -e "this.services.CoAuthoring.token.enable.request.inbox = ${JWT_ENABLED}" @@ -251,6 +251,11 @@ update_jwt_settings(){ ${JSON_EXAMPLE} -I -e "this.server.token.authorizationHeader = '${JWT_HEADER}'" fi fi + + if [ "${USE_UNAUTHORIZED_STORAGE}" == "true" ]; then + ${JSON} -I -e "if(this.services.CoAuthoring.requestDefaults===undefined)this.services.CoAuthoring.requestDefaults={}" + ${JSON} -I -e "if(this.services.CoAuthoring.requestDefaults.rejectUnauthorized===undefined)this.services.CoAuthoring.requestDefaults.rejectUnauthorized=false" + fi } create_postgresql_cluster(){ @@ -356,11 +361,6 @@ update_nginx_settings(){ else sed '/max-age=/d' -i ${NGINX_ONLYOFFICE_CONF} fi - - if [ "${REJECT_UNAUTHORIZED_STORAGE}" == "true" ]; then - ${JSON} -I -e "if(this.services.CoAuthoring.requestDefaults===undefined)this.services.CoAuthoring.requestDefaults={}" - ${JSON} -I -e "if(this.services.CoAuthoring.requestDefaults.rejectUnauthorized===undefined)this.services.CoAuthoring.requestDefaults.rejectUnauthorized=false" - fi else ln -sf ${NGINX_ONLYOFFICE_PATH}/ds.conf.tmpl ${NGINX_ONLYOFFICE_CONF} fi @@ -416,7 +416,7 @@ if [ ${ONLYOFFICE_DATA_CONTAINER_HOST} = "localhost" ]; then update_log_settings - update_jwt_settings + update_ds_settings # update settings by env variables if [ $DB_HOST != "localhost" ]; then