Merge branch hotfix/v7.3.3 into develop

This commit is contained in:
papacarlo 2023-05-15 06:52:33 +00:00
commit ad7086886c
9 changed files with 2888 additions and 7 deletions

@ -57,9 +57,8 @@ RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \
sed 's|\(application\/zip.*\)|\1\n application\/wasm wasm;|' -i /etc/nginx/mime.types && \ sed 's|\(application\/zip.*\)|\1\n application\/wasm wasm;|' -i /etc/nginx/mime.types && \
pg_conftool $PG_VERSION main set listen_addresses 'localhost' && \ pg_conftool $PG_VERSION main set listen_addresses 'localhost' && \
service postgresql restart && \ service postgresql restart && \
sudo -u postgres psql -c "CREATE DATABASE $ONLYOFFICE_VALUE;" && \
sudo -u postgres psql -c "CREATE USER $ONLYOFFICE_VALUE WITH password '$ONLYOFFICE_VALUE';" && \ sudo -u postgres psql -c "CREATE USER $ONLYOFFICE_VALUE WITH password '$ONLYOFFICE_VALUE';" && \
sudo -u postgres psql -c "GRANT ALL privileges ON DATABASE $ONLYOFFICE_VALUE TO $ONLYOFFICE_VALUE;" && \ sudo -u postgres psql -c "CREATE DATABASE $ONLYOFFICE_VALUE OWNER $ONLYOFFICE_VALUE;" && \
service postgresql stop && \ service postgresql stop && \
service redis-server stop && \ service redis-server stop && \
service rabbitmq-server stop && \ service rabbitmq-server stop && \

@ -190,7 +190,7 @@ Below is the complete list of parameters that can be set using environment varia
- **REDIS_SERVER_PASS**: The Redis server password. The password is not set by default. - **REDIS_SERVER_PASS**: The Redis server password. The password is not set by default.
- **NGINX_WORKER_PROCESSES**: Defines the number of nginx worker processes. - **NGINX_WORKER_PROCESSES**: Defines the number of nginx worker processes.
- **NGINX_WORKER_CONNECTIONS**: Sets the maximum number of simultaneous connections that can be opened by a nginx worker process. - **NGINX_WORKER_CONNECTIONS**: Sets the maximum number of simultaneous connections that can be opened by a nginx worker process.
- **SECURE_LINK_SECRET**: Defines secret for the nginx config directive [secure_link_md5](http://nginx.org/ru/docs/http/ngx_http_secure_link_module.html#secure_link_md5). Defaults to `random string`. - **SECURE_LINK_SECRET**: Defines secret for the nginx config directive [secure_link_md5](https://nginx.org/en/docs/http/ngx_http_secure_link_module.html#secure_link_md5). Defaults to `random string`.
- **JWT_ENABLED**: Specifies the enabling the JSON Web Token validation by the ONLYOFFICE Document Server. Defaults to `true`. - **JWT_ENABLED**: Specifies the enabling the JSON Web Token validation by the ONLYOFFICE Document Server. Defaults to `true`.
- **JWT_SECRET**: Defines the secret key to validate the JSON Web Token in the request to the ONLYOFFICE Document Server. Defaults to random value. - **JWT_SECRET**: Defines the secret key to validate the JSON Web Token in the request to the ONLYOFFICE Document Server. Defaults to random value.
- **JWT_HEADER**: Defines the http header that will be used to send the JSON Web Token. Defaults to `Authorization`. - **JWT_HEADER**: Defines the http header that will be used to send the JSON Web Token. Defaults to `Authorization`.

@ -2,6 +2,8 @@
[inet_http_server] [inet_http_server]
port = 127.0.0.1:9001 port = 127.0.0.1:9001
username = ds
password = supervisorpassword
[supervisord] [supervisord]
logfile=/var/log/supervisor/supervisord.log ; (main log file;default $CWD/supervisord.log) logfile=/var/log/supervisor/supervisord.log ; (main log file;default $CWD/supervisord.log)
@ -16,6 +18,8 @@ supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
[supervisorctl] [supervisorctl]
serverurl = http://localhost:9001 ; use a unix:// URL for a unix socket serverurl = http://localhost:9001 ; use a unix:// URL for a unix socket
username = ds
password = supervisorpassword
; The [include] section can just contain the "files" setting. This ; The [include] section can just contain the "files" setting. This
; setting can list multiple files (separated by whitespace or ; setting can list multiple files (separated by whitespace or

@ -87,7 +87,7 @@ fi
[ -z $JWT_SECRET ] && JWT_MESSAGE='JWT is enabled by default. A random secret is generated automatically. Run the command "docker exec $(sudo docker ps -q) sudo documentserver-jwt-status.sh" to get information about JWT.' [ -z $JWT_SECRET ] && JWT_MESSAGE='JWT is enabled by default. A random secret is generated automatically. Run the command "docker exec $(sudo docker ps -q) sudo documentserver-jwt-status.sh" to get information about JWT.'
JWT_SECRET=${JWT_SECRET:-$(pwgen -s 20)} JWT_SECRET=${JWT_SECRET:-$(pwgen -s 32)}
JWT_HEADER=${JWT_HEADER:-Authorization} JWT_HEADER=${JWT_HEADER:-Authorization}
JWT_IN_BODY=${JWT_IN_BODY:-false} JWT_IN_BODY=${JWT_IN_BODY:-false}
@ -358,9 +358,8 @@ create_postgresql_cluster(){
} }
create_postgresql_db(){ create_postgresql_db(){
sudo -u postgres psql -c "CREATE DATABASE $DB_NAME;"
sudo -u postgres psql -c "CREATE USER $DB_USER WITH password '"$DB_PWD"';" sudo -u postgres psql -c "CREATE USER $DB_USER WITH password '"$DB_PWD"';"
sudo -u postgres psql -c "GRANT ALL privileges ON DATABASE $DB_NAME TO $DB_USER;" sudo -u postgres psql -c "CREATE DATABASE $DB_NAME OWNER $DB_USER;"
} }
create_db_tbl() { create_db_tbl() {
@ -497,8 +496,9 @@ update_supervisor_settings(){
cp ${SYSCONF_TEMPLATES_DIR}/supervisor/supervisor /etc/init.d/ cp ${SYSCONF_TEMPLATES_DIR}/supervisor/supervisor /etc/init.d/
# Copy modified supervisor config # Copy modified supervisor config
cp ${SYSCONF_TEMPLATES_DIR}/supervisor/supervisord.conf /etc/supervisor/supervisord.conf cp ${SYSCONF_TEMPLATES_DIR}/supervisor/supervisord.conf /etc/supervisor/supervisord.conf
sed "s_\(password =\).*_\1 $(pwgen -s 20)_" -i /etc/supervisor/supervisord.conf
sed "s/COMPANY_NAME/${COMPANY_NAME}/g" -i ${SYSCONF_TEMPLATES_DIR}/supervisor/ds/*.conf sed "s/COMPANY_NAME/${COMPANY_NAME}/g" -i ${SYSCONF_TEMPLATES_DIR}/supervisor/ds/*.conf
cp ${SYSCONF_TEMPLATES_DIR}/supervisor/ds/*.conf etc/supervisor/conf.d/ cp ${SYSCONF_TEMPLATES_DIR}/supervisor/ds/*.conf /etc/supervisor/conf.d/
} }
update_log_settings(){ update_log_settings(){

46
tests/prometheus.yml Normal file

@ -0,0 +1,46 @@
version: '2.1'
services:
onlyoffice-documentserver:
container_name: onlyoffice-documentserver
build:
context: ../.
depends_on:
- onlyoffice-statsd-exporter
environment:
- METRICS_ENABLED=${METRICS_ENABLED:-true}
- METRICS_HOST=${METRICS_HOST:-onlyoffice-statsd-exporter}
- METRICS_PORT=${METRICS_PORT:-9125}
- METRICS_PREFIX=${METRICS_PREFIX:-ds.}
stdin_open: true
restart: always
ports:
- '80:80'
onlyoffice-statsd-exporter:
container_name: onlyoffice-statsd-exporter
image: prom/statsd-exporter
command: --statsd.event-flush-interval=30000ms
ports:
- '9102:9102'
- '9125:9125/tcp'
- '9125:9125/udp'
onlyoffice-prometheus:
container_name: onlyoffice-prometheus
image: prom/prometheus
ports:
- '9090:9090'
volumes:
- ./prometheus/prometheus-scrape/statsd-exporter.yml:/etc/prometheus/prometheus.yml
grafana:
container_name: onlyoffice-grafana
image: bitnami/grafana
ports:
- '3000:3000'
environment:
- 'GF_SECURITY_ADMIN_PASSWORD=G0pGE4'
volumes:
- ./prometheus/grafana/conf/prometheus.yml:/opt/bitnami/grafana/conf/provisioning/datasources/prometheus.yml
- ./prometheus/grafana/conf/default-provider.yaml:/opt/bitnami/grafana/conf/provisioning/dashboards/default-provider.yaml
- ./prometheus/grafana/dashboards:/opt/bitnami/grafana/dashboards

@ -0,0 +1,23 @@
apiVersion: 1
providers:
# <string> an unique provider name
- name: 'default-provider'
# <int> org id. will default to orgId 1 if not specified
orgId: 1
# <string, required> name of the dashboard folder. Required
folder: dashboards
# <string> folder UID. will be automatically generated if not specified
folderUid: ''
# <string, required> provider type. Required
type: file
# <bool> disable dashboard deletion
disableDeletion: false
# <bool> enable dashboard editing
editable: true
# <int> how often Grafana will scan for changed dashboards
updateIntervalSeconds: 10
options:
# <string, required> path to dashboard files on disk. Required
path: /opt/bitnami/grafana/dashboards
# <bool> enable folders creation for dashboards
#foldersFromFilesStructure: true

@ -0,0 +1,6 @@
apiVersion: 1
datasources:
- name: Prometheus
type: prometheus
url: http://onlyoffice-prometheus:9090
editable: true

File diff suppressed because it is too large Load Diff

@ -0,0 +1,6 @@
scrape_configs:
- job_name: 'statsd'
scrape_interval: 30s
static_configs:
- targets:
- onlyoffice-statsd-exporter:9102