Compare commits

...

427 Commits

Author SHA1 Message Date
adbba165a6
fix(ci/cd): Missing apt update, wrong exit code
Some checks failed
Build / build (push) Failing after 16m42s
2024-09-22 23:13:52 +02:00
d837b6f4ef
fix(ci/cd): Cache apt packages 2024-09-22 23:05:26 +02:00
c700df21c1
chore: Disaable jobs from upstream 2024-09-22 22:59:30 +02:00
9b6eabced0
fix(ci/cd): Wrong variable name when checking for existing builds 2024-09-22 22:52:58 +02:00
7d2df472a6
feat: Add files for nix 2024-09-22 22:23:41 +02:00
ff49aa4da3
feat: Add gitignore 2024-09-22 22:23:18 +02:00
d94706dd54
Merge remote-tracking branch 'upstream/master'
Some checks failed
Build / build (push) Failing after 38s
Trigger 4testing rebuild / trigget-rebuild (push) Failing after 1s
2024-04-09 01:57:21 +02:00
papacarlo
40efc5bea9 Merge branch release/v8.0.0 into master 2024-01-30 11:32:11 +00:00
3318b6d62f
fix: Forgot to delete cut command, bad if statement 2024-01-27 04:33:47 +01:00
abd8c8fc95
fix: Outputs not working
Some checks failed
Build / build (push) Has been cancelled
2024-01-27 04:19:39 +01:00
fd38c9a98b
fix: Wrong working directory, simplified to 1 command (+ shell output)
Some checks failed
Build / build (push) Failing after 44s
2024-01-27 03:25:34 +01:00
1123cc8e19
test: /var/run/act/workflow/meta.sh: line 5: : No such file or directory
Some checks failed
Build / build (push) Failing after 39s
https://gitea.stefka.eu/jiriks74/Docker-DocumentServer/actions/runs/44
2024-01-27 03:18:18 +01:00
47f07ad059
fix: bad substitution
Some checks failed
Build / build (push) Failing after 39s
https://gitea.stefka.eu/jiriks74/Docker-DocumentServer/actions/runs/43
2024-01-27 03:16:15 +01:00
6871cb70c8
fix: No such file or directory
Some checks failed
Build / build (push) Failing after 40s
https://gitea.stefka.eu/jiriks74/Docker-DocumentServer/actions/runs/40
https://gitea.stefka.eu/jiriks74/Docker-DocumentServer/actions/runs/41
2024-01-27 03:11:40 +01:00
57aa057198
fix: Docker meta action cannot get git tags
Some checks failed
Build / build (push) Failing after 39s
2024-01-27 03:05:57 +01:00
19d79af2db
fix: Invalid context source: upstream
Some checks failed
Build / build (push) Failing after 44s
2024-01-27 02:55:35 +01:00
a61e416bb5
fix: Move to manual git clone
Some checks failed
Build / build (push) Failing after 42s
the actions/checkout cannot pull from github
2024-01-27 02:48:52 +01:00
06da0b1e92
fix: Invalid repository, Expected format {owner}/{repo}.
Some checks failed
Build / build (push) Failing after 57s
2024-01-27 02:46:12 +01:00
c13261154f
fix: identation
Some checks failed
Build / build (push) Failing after 59s
2024-01-27 02:37:47 +01:00
77f4adf134
fix: Use docker meta action to get tags 2024-01-27 02:34:42 +01:00
Alexey Golubev
0a42ee66b0
Fix bug #60688 (#703) 2024-01-18 10:20:37 +03:00
Danil Titarenko
6416c2c32a
Action small fixes (#697) 2023-12-21 13:22:02 +03:00
Semyon Bezrukov
4ab054c502
Add DOCKER_ORG make variable (#696) 2023-12-20 19:54:56 +03:00
Danil Titarenko
016440fd4b
Disable issue creation from zap scanner (#695) 2023-12-20 11:22:37 +03:00
Danil Titarenko
cb06c6f6e1
Correct startup conditions for zap scanner (#694) 2023-12-20 11:21:34 +03:00
Danil Titarenko
276c5da9f5
Add the ability to manually launch the zap scanner (#691)
* Add zap scanning for DocumentServer

* Set branch name as ref for manual trigger

* Use master as default zap action branch

* Move zap action to master branch

* Fix token variable name

* Small cosmetic fix

* Modify zap action trigger condition

Run zap scanner only when documentserver edition hit community and branch hit in `release/` or `hotfix/`
2023-12-19 11:45:12 +03:00
Danil Titarenko
84a8191de9
Add DocumentServer zap scanner (#685)
* Add DocumentServer zap scanner

* Fix zap target url from `http` to `https`
2023-12-19 11:24:58 +03:00
Evgeniy Antonyuk
6fc2b27fcf
fix Bug 65188 - Upgrade to a current version of postgresql (#690) 2023-11-29 12:33:41 +03:00
c981844975
fix(cicd): gitea
Some checks failed
Build / build (push) Failing after 1m44s
2023-11-21 20:55:07 +01:00
fc505d7f85
fix(cicd): testing
Some checks failed
Build / build (push) Failing after 43s
2023-11-21 20:53:43 +01:00
5382012065
fix(cicd): outputh path
Some checks failed
Build / build (push) Failing after 47s
2023-11-21 20:51:41 +01:00
42bcd0adf1
fix(cicd): remove if statements
Some checks failed
Build / build (push) Failing after 1m6s
2023-11-21 20:46:36 +01:00
6910d565c7
fix(cicd): invert exit statements
All checks were successful
Build / build (push) Successful in 24s
2023-11-21 20:44:51 +01:00
8e3fff2ca1
fix(cicd): add exit command
Some checks failed
Build / build (push) Failing after 24s
2023-11-21 20:42:53 +01:00
5ebcce6742
fix(cicd): inverted if statements
All checks were successful
Build / build (push) Successful in 34s
2023-11-21 20:40:40 +01:00
35ade80ab1
fix(cicd): broken new line
All checks were successful
Build / build (push) Successful in 26s
2023-11-21 20:38:56 +01:00
c2e4633b6c
fix(cicd): bad exit codes
Some checks failed
Build / build (push) Failing after 20s
2023-11-21 20:36:43 +01:00
9e9f6d37d2
fix(cicd): wrong command placement
All checks were successful
Build / build (push) Successful in 19s
2023-11-21 20:34:41 +01:00
9a134fc2ba
fix(cicd): try different command
All checks were successful
Build / build (push) Successful in 21s
2023-11-21 20:31:19 +01:00
b104e22c7a
fix(cicd): try different quotes
Some checks failed
Build / build (push) Failing after 45s
2023-11-21 20:26:56 +01:00
1d22c1e9c1
debug(cicd): test output
Some checks failed
Build / build (push) Failing after 43s
2023-11-21 19:50:06 +01:00
82ee7b2a4c
fix(cicd): move tag extraction to it's own job
Some checks failed
Build / build (push) Failing after 45s
2023-11-21 19:46:00 +01:00
c091b8908a
fix(cicd): move output to the end of job
Some checks failed
Build / build (push) Failing after 49s
2023-11-21 19:39:00 +01:00
6d6a87fe5b
fix(cicd): wrong brackets
Some checks failed
Build / build (push) Failing after 1m5s
2023-11-21 19:29:38 +01:00
e1adffa72b
fix(cicd): broken tag extraction
Some checks failed
Build / build (push) Failing after 29s
2023-11-21 19:26:40 +01:00
Semyon Bezrukov
09ac8b5463
Fix build workflow runs names (#679) 2023-11-20 12:05:00 +03:00
papacarlo
cd8177e0ae Merge branch hotfix/v7.5.1 into release/v7.6.0 2023-11-15 12:57:43 +00:00
Dmitry Kireev
012b35d2f8
Cancel prepare4shutdown script during cluster installation (#673)
* Cancel prepare4shutdown script during cluster installation

* Fix line length
2023-10-27 15:08:30 +03:00
papacarlo
5ef86cd090 Merge branch release/v7.5.0 into develop 2023-10-25 10:32:34 +00:00
papacarlo
6e424a5541 Merge branch release/v7.5.0 into master 2023-10-17 12:14:14 +00:00
d800394eb9
feat(ci/cd): Automatically build image, archive upstream workflows
Some checks failed
Build / build (push) Failing after 46s
2023-10-17 13:46:52 +02:00
7e2a6604dd
docs: Remove obsolete badges 2023-10-17 13:46:30 +02:00
Evgeniy Antonyuk
709bfdd734
fix Bug 63804 - Remove gconf from dependencies since it's deprecated (#663) 2023-09-21 17:09:21 +03:00
Alexey Golubev
f42aed52ab
Merge pull request #662 from RealVishy/patch-1
Fix mistype
2023-09-12 10:38:14 +03:00
Vishwas P
c37270f61f
Update README.md
fix the spelling of docker engine
2023-09-12 15:02:02 +10:00
Danil Titarenko
24d737d5b4
Add instructions for ipv6 connection. Related to bug #63537 (#654)
* Update README.md - add the 'ONLYOFFICE Document Server ipv6 setup' section

* Fix README.md formatting

---------

Co-authored-by: svetlana maleeva <svetlana.maleeva@onlyoffice.com>
2023-08-11 10:40:34 +03:00
papacarlo
4bc4f62720 Merge branch hotfix/v7.4.1 into develop 2023-08-01 08:19:29 +00:00
papacarlo
0b60ccb92b Merge branch hotfix/v7.4.1 into master 2023-07-31 07:28:30 +00:00
Iskandar Kurbonov
c413936f1c
Fix Bug #63238 - Fix re-copying of configuration files in supervisor (#645) 2023-07-13 19:51:03 +05:00
Danil Titarenko
9400eedc06
Add auto rebuild previous releases
* Add the ability to rebuild images

Rebuilding images will be done manually (for now). The choice of the number of rebuilt releases is available (1 by default), the choice of repositories for pushing rebuilt images is available (4testing by default).

Principle of operation:
Through the api of the docker hub, we get the last launched tag that falls under the pattern x.x.x.1, after that the tag with the assembly of which the minor tag x.x will be sent will be calculated. Next, at one of the build steps, the number of the previous release will be received, for example x. x.x.4 which will mean that the current one will be x.x.x.5

* Add login to dockerhub

* Refactoring code

Set some variables for all rebuild-info job. Also set default values for repository and quantity variables

* Refactor: remove push trigger

* Refactoring code

* Refactor: Unlinking a version

* Submitting the latest tag for the latest release only
2023-06-29 14:50:17 +05:00
papacarlo
80b4014588 Merge branch release/v7.4.0 into develop 2023-06-28 07:25:32 +00:00
papacarlo
4ae34b4d02 Merge branch release/v7.4.0 into master 2023-06-13 11:25:57 +00:00
Evgeniy Antonyuk
48add9dc89
Add the ability to enable request filtering agent (#628) 2023-05-26 18:59:54 +05:00
Danil Titarenko
7d32cac40a
Add new stable images versioning principles (#633)
* Refactoring stable images release versioning

The new principle of stable docker images versioning: release numbering is now not by build number, but by serial number.

* Refactoring: fix non-example image pull tag
2023-05-25 18:36:33 +05:00
Semyon Bezrukov
989647852e
Fix deprecated set-output (#632) 2023-05-24 13:51:14 +05:00
Alexey Golubev
816b4823d2
Merge pull request #627 from ONLYOFFICE/release/v7.4.0
Merge release/v7.4.0 into develop
2023-05-17 14:44:26 +05:00
Alexey Golubev
a97a8f0aaf
Merge pull request #624 from ONLYOFFICE/hotfix/v7.3.3
Merge branch hotfix/v7.3.3 into release/v7.4.0
2023-05-15 12:01:29 +05:00
Evgeniy Antonyuk
e2080865b9 Merge branch 'release/v7.4.0' into hotfix/v7.3.3 2023-05-15 12:00:20 +05:00
papacarlo
ad7086886c Merge branch hotfix/v7.3.3 into develop 2023-05-15 06:52:33 +00:00
papacarlo
8e08fed4ee Merge branch hotfix/v7.3.3 into master 2023-05-15 06:52:28 +00:00
Alexey Golubev
4c5e5f20ee Revert "Trace build commands (#609)"
This reverts commit 708684ccc1096f4ef1131ec0d16ea5c1c635fcdf.
2023-05-02 13:25:36 +05:00
Semyon Bezrukov
708684ccc1
Trace build commands (#609)
* Trace build commands

* Small fix
2023-04-25 20:01:14 +05:00
Evgeniy Antonyuk
c61323257b
Use the default supervisord configuration (#608)
* Use a unix socket by default

* Use the default supervisord configuration

* Return the init.d supervisor file
2023-04-20 20:27:35 +05:00
Alexey Golubev
06fe4034f0
Merge master into hotfix/v7.3.3 2023-04-18 22:39:22 +05:00
Alexey Golubev
b011e73f64
Fix nginx secure link url (#604) 2023-04-18 22:34:02 +05:00
Semyon Bezrukov
44eb6c45f2
Fix deb package link (#602) 2023-04-14 22:32:04 +05:00
Semyon Bezrukov
4499ca1d34
Fix deb package link (#599) 2023-04-10 17:10:23 +05:00
Evgeniy Antonyuk
09b9a73637
fix Bug 61960 - Add authentication for supervisord (#598) 2023-04-10 13:16:23 +05:00
Evgeniy Antonyuk
f455bdf433
fix Bug 59826 - Fix database creation without onlyoffice owner (#597)
* fix Bug 59826 - Fix database creation without onlyoffice owner

* Fix an unnecessary space
2023-04-06 15:18:10 +05:00
Dmitry Kireev
f03bc7ec18
Add docker-compose with prometheus and grafana (#495)
* Add docker-compose with prometheus and grafana

* Add dashbord installation

* Fix path to config file
2023-03-21 15:06:05 +05:00
Evgeniy Antonyuk
648ff7322f
Fix the owner of the logrotate config (#591) 2023-03-17 14:25:33 +05:00
papacarlo
00b188d9ff Merge branch hotfix/v7.3.3 into master 2023-03-15 10:53:31 +00:00
db576c7add
Update README.md 2023-03-09 12:23:15 +01:00
3dc36ac0af
Update README.md 2023-03-09 12:23:04 +01:00
2e1e603daf Pull from upstream 2023-03-09 12:19:40 +01:00
Alexey Golubev
6f716134dd
Fix misprint
Instead  https://github.com/ONLYOFFICE/Docker-DocumentServer/pull/579
2023-02-22 17:41:59 +05:00
papacarlo
0fb195b958 Merge branch hotfix/v7.3.2 into develop 2023-02-14 07:59:59 +00:00
papacarlo
4636320e3b Merge branch hotfix/v7.3.2 into master 2023-02-14 07:59:56 +00:00
Alexey Golubev
4c05627d1f
Merge pull request #585 from ONLYOFFICE/bugfix/psql-owner
fix Bug 59826 - Fix database creation without onlyoffice owner
2023-02-07 18:53:11 +05:00
evgeniy-antonyuk
985bc4020a Fix database creation without onlyoffice owner 2023-02-07 16:08:40 +03:00
Alexey Golubev
46215d4372
Merge pull request #584 from ONLYOFFICE/hotfix/v7.3.2
Merger hotfix/v7.3.2 into hotfix/v7.3.3
2023-02-07 13:02:08 +05:00
Alexey Golubev
934d17b994
Fix bug #61002 (#583)
Removed unused code that was causing a build error
2023-02-07 13:00:29 +05:00
Thomas Gerbet
83825d26e9
Generated JWT secret is too small for HMAC SHA256 (#582)
The key that is automatically generated weaken the security strength.
As noted in RFC7518 section 3.2 [0]:
```
A key of the same size as the hash output (for instance, 256 bits for
"HS256") or larger MUST be used with this algorithm.  (This
requirement is based on Section 5.3.4 (Security Effect of the HMAC
Key) of NIST SP 800-117 [NIST.800-107], which states that the
effective security strength is the minimum of the security strength
of the key and two times the size of the internal hash value.)
```

Some JWT libraries are rejecting by default keys that are too small in
a attempt to prevent misusages so generating a key that does not respect
the minimal length can be problematic for OO integrations.

[0] https://www.rfc-editor.org/rfc/rfc7518.html#section-3.2
2023-02-07 11:02:40 +05:00
Danil Titarenko
a3d7ed7ceb Install rabbitmq-server from default ubuntu repo, fixed bug closes #575 (#578)
(cherry picked from commit cac79dea01b64793909ed505d28c9cc5667aac9b)
2023-02-03 20:23:17 +05:00
Danil Titarenko
cac79dea01
Install rabbitmq-server from default ubuntu repo, fixed bug closes #575 (#578) 2023-02-02 20:41:49 +05:00
papacarlo
22ab86d2d6 Merge branch release/v7.3.0 into develop 2023-02-02 13:38:11 +00:00
Danil Titarenko
f98d6a4ae3
Fix ucs build (#574)
Links on packages was update
2023-01-31 19:05:26 +05:00
Danil Titarenko
c017ed1680
Fix stable build (#573)
Remove image present checker, because its not work corractly
2023-01-31 17:18:39 +05:00
papacarlo
562b248198 Merge branch release/v7.3.0 into master 2023-01-31 08:03:28 +00:00
Danil Titarenko
611db1f4a9
Fix docker build by downgrading rabbit from 3.10 to 3.9 (#569) 2023-01-18 17:58:48 +03:00
Alexey Golubev
8bb2ab6321
Merge pull request #565 from ONLYOFFICE/master
Merge master into release/v7.3.0
2023-01-16 12:12:09 +03:00
Evgeniy Antonyuk
26f3d34ac3
Cosmetic changes README.md (#563) 2022-12-30 12:50:18 +03:00
Evgeniy Antonyuk
759bed5c14
Add obligatory use of JWT parameters (#562) 2022-12-30 12:40:54 +03:00
papacarlo
eb643e3adb
Merge pull request #561 from ONLYOFFICE/hotfix/v7.2.2
Merge branch hotfix/v7.2.2 into develop
2022-12-27 18:34:45 +03:00
Semyon Bezrukov
19debc5181
Merge branch 'develop' into hotfix/v7.2.2 2022-12-27 18:31:52 +03:00
Danil Titarenko
7fa2f598a1
Fix ucs build (#537)
* Fix ucs build

* Change rabbitmq version on lower

* Remove rabbimq version argument

* Rename variable
2022-12-20 14:54:23 +03:00
Alexey Golubev
01f8337dcb
Merge pull request #560 from ONLYOFFICE/feature/release-merge
Merge branch hotfix/v7.2.2 into release/v7.3.0
2022-12-20 14:16:52 +03:00
Semyon Bezrukov
edb6e9b044 Merge branch 'hotfix/v7.2.2' into feature/release-merge 2022-12-20 13:24:55 +03:00
papacarlo
3fb3b2f3de Merge branch hotfix/v7.2.2 into master 2022-12-20 09:55:28 +00:00
Semyon Bezrukov
b074535366
Fix makefile (#554) 2022-12-15 17:45:33 +03:00
Alexey Golubev
b59175d13f
Merge pull request #552 from ONLYOFFICE/release/v7.3.0
Merge branch release/v7.3.0 into develop
2022-12-12 15:32:25 +03:00
Semyon Bezrukov
e5f8e69d89
Fix package url (#551) 2022-12-01 15:53:43 +03:00
Semyon Bezrukov
574b3c92b4
Update build scripts (#550) 2022-12-01 14:46:31 +03:00
papacarlo
47503e6c98 Merge branch hotfix/v7.2.1 into develop 2022-11-11 11:12:56 +00:00
Danil Titarenko
c7090252ff Add base image and postgresql version build arguments (#524)
(cherry picked from commit e1d7cfd5e86bf143d25b019fd72ec2849df15a03)
2022-10-31 19:00:18 +03:00
Danil Titarenko
730dd71ac5 Add ucs build on older image version (#531)
(cherry picked from commit 92dd2833d1479ebe25afe3da85a78d308e6e06ff)
2022-10-31 19:00:03 +03:00
Evgeniy Antonyuk
452dd4996d
Correct the name of the docker installation variable (#536) 2022-10-31 17:52:20 +03:00
Pavel Lobashov
1957d38907
Actualize state of JWT variables (#535) 2022-10-31 17:38:53 +03:00
Evgeniy Antonyuk
6c0c7085c9
Feature/Add supervisor services (#517)
* Add supervisor services

* Add installation of the DOCKER_INSTALLATION variable
2022-10-31 17:19:10 +03:00
Evgeniy Antonyuk
cdc73fe379
Fix Bug 59481 - Fix errors when starting the container (#530)
* Update the rabbitmq version

* Fix incorrect replacement of worker_connections

* Limiting the maximum number of simultaneous connections due to possible memory shortage
2022-10-31 16:34:42 +03:00
Danil Titarenko
e1d7cfd5e8
Add base image and postgresql version build arguments (#524) 2022-10-31 15:24:17 +03:00
Danil Titarenko
92dd2833d1
Add ucs build on older image version (#531) 2022-10-31 11:53:24 +03:00
Evgeniy Antonyuk
d98eb758b5
Fix Bug 59483 - Fix port parsing from amqp_uri (#529)
* Fix port parsing from amqp_uri

* Correct regex for port parsing
2022-10-28 16:33:41 +03:00
papacarlo
a3973583f8 Merge branch hotfix/v7.2.1 into master 2022-10-27 08:23:10 +00:00
Pavel Lobashov
fcbbe2979f
Add note (#526) 2022-10-27 11:08:52 +03:00
Danil Titarenko
311db051fb
Disable non-example build (#525)
Co-authored-by: papacarlo <builder@onlyoffice.com>
2022-10-26 14:27:37 +03:00
papacarlo
46683cbc4e Merge branch hotfix/v7.2.1 into master 2022-10-20 13:12:18 +00:00
Alexey Golubev
784ecca724
Merge pull request #513 from ONLYOFFICE/hotfix/v7.2.1
Merge hotfix/v7.2.1 into develop
2022-10-13 15:58:13 +03:00
Semyon Bezrukov
1c72796657
Fix testing build tags (#512) 2022-10-13 15:50:39 +03:00
papacarlo
7b7e9bc66a Merge branch release/v7.2.0 into develop 2022-10-12 12:34:01 +00:00
Danil Titarenko
e32047ffcc
Fix bug #59310 / Fix users build (#508)
* Remove version for correct users build

* Assembly support without targetarch variable

* Remove targetarch variable

* Correcting a typo in a variable

* Small fix

Co-authored-by: Semyon Bezrukov <semen.bezrukov@onlyoffice.com>
2022-10-11 12:52:48 +03:00
fa24b10607
Update README.md 2022-10-02 01:32:45 +02:00
papacarlo
ad066be1c8 Merge branch release/v7.2.0 into master 2022-09-22 12:23:12 +00:00
20e8f4453c
Update README.md 2022-09-21 02:46:24 +02:00
f739252479
Update README.md 2022-09-21 02:36:05 +02:00
b27a88676d
Update README.md 2022-09-21 02:34:46 +02:00
e16d0d211b
Update README.md 2022-09-21 02:33:23 +02:00
38336fc566
Update README.md 2022-09-21 02:32:33 +02:00
1b9dc9b4ba
Update README.md 2022-09-21 02:31:17 +02:00
ccc2dc426c
Update README.md 2022-09-21 02:29:27 +02:00
Semyon Bezrukov
29bb07d2cb
Fix makefile docker image (#499) 2022-09-20 14:20:10 +03:00
Semyon Bezrukov
67fbd9d9c8
Fix makefile (#498) 2022-09-18 16:20:15 +03:00
Semyon Bezrukov
bac88530c1
Refactoring testing build (#496)
* Fix dockerfile args

* Refactoring testing build action

* Secret repo baseurl

* Fix package version
2022-09-16 12:28:44 +03:00
Evgeniy Antonyuk
b9bfa7b90c
fix Bug 58778 - Correct the display of container ID for 22.04 (#494) 2022-09-13 11:08:04 +03:00
Semyon Bezrukov
61a5a021cf
Refactoring stable build (#490)
* Refactoring stable build

* Build: setting up push 4enterprise images

* Cosmetic change

* Remove needless tag

* Rename dockerfile

* Small fix

* Rename dockerfile for nonexample

Co-authored-by: danilapog <danil.titarenko@onlyoffice.com>
2022-09-12 16:04:56 +03:00
Danil Titarenko
713a06e999
Add expected build arch (#489)
* Add fail status if build unexpected platforms

* Build: set exit code for action

* Build: Change expected platforms message
2022-09-08 15:56:49 +03:00
Roman Demidov
e44acbebf7
Fix KylinOS start error (#471)
* Fix KylinOS start error

* Small changes

* Small changes
2022-08-31 12:13:30 +03:00
Danil Titarenko
3626f8cc6c
Build: Set job fail status if some build failed (#488) 2022-08-30 14:33:23 +03:00
Danil Titarenko
207bd5dac7
Add build Documentserver without example (#473)
* Add dockerfile for non-example build

* Create new symlink for supervisor config

* Add ARG for dynamic images specification

* Update action version

* Add build nonexample after stable build success

* Add targets for nonexample build

* Cosmetic changes

* Update FROM instruction

* Add default tag

* Remove needless welcome nginx location

* Change nonexample image tags

* Set correct nonexample image tag

* Change tag for nonexample image

* Change dockerfile name

* Rename dockerfile for release images

* Move stable build to dockerfile

* Refactoring bake file
2022-08-29 11:40:25 +03:00
Alexey Golubev
3d7ac29ee1
Merge pull request #487 from ONLYOFFICE/release/v7.2.0
Merge release/v7.2.0 into develop
2022-08-24 12:49:04 +03:00
Danil Titarenko
2379128240
fix build (#486) 2022-08-24 12:47:47 +03:00
Alexey Golubev
bd4908d7c8
Merge pull request #485 from ONLYOFFICE/release/v7.2.0
Merge release/v7.2.0 into develop
2022-08-24 11:39:22 +03:00
Danil Titarenko
083ab2c6a6
Add latest tag for develop build (#484) 2022-08-24 11:14:59 +03:00
Evgeniy Antonyuk
34180710cf
Fix command to get container id (#483) 2022-08-22 20:56:45 +03:00
Evgeniy Antonyuk
8887cb7a26
Enable JWT by default and add a JWT status message (#482)
* Enable JWT by default and add a JWT status message

* Correct JWT message

* Add a condition for displaying a JWT message

* Minor correction

* Minor correction
2022-08-22 20:27:10 +03:00
Alexey Golubev
8a4525cb80
Merge pull request #478 from ONLYOFFICE/release/v7.2.0
Merge release/v7.2.0 into develop
2022-08-17 09:45:05 +03:00
Danil Titarenko
05c5042985
Add the missing variable (#467) 2022-07-22 09:44:59 +03:00
Danil Titarenko
2213fc70f5
Add another tags processing (#464)
* Add support for processing other tags

* Print build-info before build start

* Cosmetic changes

* Add architecture and URL processing

* Refactoring action code

* Refactoring code

* Refactoring code

* Cosmetic changes

* Remove some check package version

* Refactoring code

* Redefining url variable for dockerfile

* Cosmetic changes

* Changes platform conditions check

* Set to use default TARGETARCH in build
2022-07-21 18:44:06 +03:00
Danil Titarenko
06a05223b5
Fix bug #58032 / Fix moves certificates alarm messages (#461)
* Add some checks before replace certificates

* Change if check key

* Refactoring code

* Refactoring code

* Add checking exist files

* Refactor: refactoring code

* Remove check files conditions
2022-07-19 15:51:46 +03:00
Danil Titarenko
143e77fdfc
Fix Big #57286 / Add redis password config settings (#466)
* Add redis password settings

* Add variable description

* Change variable descriptions

* Change variable descriptions

* Change variable descriptions
2022-07-18 17:11:06 +03:00
papacarlo
8acbfdbeb7 Merge branch hotfix/v7.1.1 into release/v7.2.0 2022-07-18 10:02:02 +00:00
Alexey Golubev
73ec78a7da
Merge pull request #463 from ONLYOFFICE/release/v7.2.0
Mergre release/v7.2.0 into develop
2022-07-13 10:53:49 +03:00
Alexey Golubev
46cd6febae
Merge pull request #462 from ONLYOFFICE/hotfix/v7.1.1
Merge hotfix/v7.1.1 into develop
2022-07-13 10:52:43 +03:00
Danil Titarenko
c16635ea71
Fix supervisor socket messages (#459) 2022-07-12 12:37:48 +03:00
Danil Titarenko
29e4ec3027
Refactoring workflow (#448) 2022-07-11 13:27:43 +03:00
Evgeniy Antonyuk
c7a1fd04a4
fix Bug 50138 / Fix SSL key access error (#455)
* Fix SSL key access error

* Change name of directory
2022-07-05 14:56:42 +03:00
Danil Titarenko
c4ddb99710
Update base image version (#447) 2022-07-05 14:41:20 +03:00
Danil Titarenko
9494e08e8f
Fix for redis correct work (#449)
* Fix for redis correct work

* Refactoring code

* Refactoring code

* Refactoring code

* Refactor: refactoring code
2022-06-15 10:30:18 +03:00
Danil Titarenko
86cbb01bbf
Add short tags for released images (#446)
* Add short tags for images

* Edit workflow tags
2022-06-10 15:43:50 +03:00
Danil Titarenko
a6562f4017
Add multiarch build with action (#445)
* Update run-document-server.sh (#439)

* Revert "Update run-document-server.sh (#439)"

This reverts commit 5c17c711b1a14e39a2836bec0fee49044433c3a5.

* Add bake config

* Add targets for multiarch build

* Add multiarch workflows

* Cosmetic changes

* Refactoring

* Cosmetic changes

* Cosmetic changes

* Change URL for test repo

* Refactor: refactoring code

* Refactoring sed

* Remove -ie build

* Add special tag for package

* Cosmetic changes

Co-authored-by: papacarlo <builder@onlyoffice.com>
Co-authored-by: Roger Shieh <sh.rog@protonmail.ch>
Co-authored-by: Alexey Golubev <alexey.golubev@onlyoffice.com>
2022-06-09 13:27:39 +03:00
Evgeniy Antonyuk
01606746c1
Fix Bug 53170 / Add the ability to set secure_link_secret (#444)
* Add securelink generation

* Add ability to configure securelink_secret

* Add a description of SECURE_LINK_SECRET

* Update README.md
2022-06-07 16:16:05 +03:00
papacarlo
558353ee99 Merge branch hotfix/v7.1.1 into master 2022-06-01 16:22:20 +00:00
Alexey Golubev
19b66de202 Revert "Update run-document-server.sh (#439)"
This reverts commit 5c17c711b1a14e39a2836bec0fee49044433c3a5.
2022-05-26 17:03:57 +03:00
Roger Shieh
5c17c711b1
Update run-document-server.sh (#439) 2022-05-24 18:02:42 +03:00
papacarlo
61d388372b Merge branch release/v7.1.0 into develop 2022-05-16 12:57:21 +00:00
98ee9148fc
Update README.md 2022-05-16 03:16:07 +02:00
aaa77fce4e
Update README.md 2022-05-16 03:13:02 +02:00
cc7b5378e1
Update README.md 2022-05-15 21:32:29 +02:00
4a4fc6c25f Add default themes
Default themes (even the blank one) are missing if you enable the `slideThemes` volume in `docker-compose.yml`, so I added them here.
2022-05-15 21:26:35 +02:00
1cb1c932dc Fix larger files 2022-05-15 20:07:31 +02:00
jiriks74
9bcd24fbd6 Move COPY to the end of the file
For faster builds when changing only the scripts
2022-05-15 18:33:57 +02:00
12c8cb1982 Fix identation 2022-05-15 18:23:47 +02:00
67bda4f479
Setting larger file limits now works 2022-05-15 18:22:11 +02:00
f89a097732 Update docker-compose.yml 2022-05-15 17:11:17 +02:00
fb26b20a42
Update README.md 2022-05-15 15:43:25 +02:00
e0f402c25a
Update docker-compose.yml 2022-05-15 15:43:03 +02:00
b2bc4e81f3
Update README.md 2022-05-15 15:28:22 +02:00
5170ab1e8d
Update README.md 2022-05-15 15:27:22 +02:00
jiriks74
83dc4f3e07 Add volume for themes source directory 2022-05-15 15:25:08 +02:00
eb2e39acef
Update run-document-server.sh 2022-05-15 15:19:50 +02:00
jiriks74
b9f2fdaf9d Move largerFileLimits.sh to run-document-server.sh 2022-05-15 15:15:19 +02:00
26e178542a
Update README.md 2022-05-15 14:54:54 +02:00
jiriks74
3c33cedcca Add script to set larger file limits 2022-05-15 14:52:26 +02:00
6e4b6a4e6c
Update building for all platforms 2022-05-15 14:28:17 +02:00
70b846c733
Update maintainer 2022-05-15 14:25:45 +02:00
216cadc50f
Merge pull request #5 from ONLYOFFICE/master
Update to be in line with main repository
2022-05-15 14:24:56 +02:00
b0fe26d31b
Update README.md 2022-05-13 17:37:51 +02:00
jiriks74
f070cdbd1f Add script to build and push all images for all architectures automatically
This script automatically builds the newest version of the documentserver for all architectures with the correct tags and pushes everything to dockerhub automatically
2022-05-13 13:42:42 +02:00
8384d08c26
Update README to be inline with new images structure
Image structure was changed so that all architectures are included in one tag so docker pulls the correct architecture automatically
2022-05-13 12:21:18 +02:00
a94d5c0efa
Ensure build process won't break with new debian version 2022-05-13 11:21:07 +02:00
d84ddc9834
Update README.md 2022-05-13 04:42:01 +02:00
3b6095bcf5
Update README.md
Update README to use new repositories links
2022-05-12 21:32:54 +02:00
99180c44e4
Update README
Update README to be up to date with the architectures
2022-05-12 21:25:23 +02:00
32eda02f32 Fix typo (RUN RUN in Dockerfile) 2022-05-12 21:12:13 +02:00
37d6dd41fd Fix missing && \ 2022-05-12 21:11:05 +02:00
0ba22e894f Merge branch 'master' of github.com:jiriks74/Docker-DocumentServer-Arm64 2022-05-12 21:04:45 +02:00
5ce2129406 Use native version, add compatibility for both amd64 and arm64 2022-05-12 21:03:31 +02:00
papacarlo
95e27e2655 Merge branch release/v7.1.0 into master 2022-05-12 13:21:23 +00:00
Roman Demidov
452dfeb56d
Fix bug #56785 (#434)
* Fix bug #56785

* Changes for root
2022-04-29 14:57:14 +03:00
Roman Demidov
80acbe974d
Fix bug #53046 : sed error starting container on Arch (#433) 2022-04-29 14:55:25 +03:00
Alexey Golubev
4fb0a1e712
Improve SSL certificate detection (#431) 2022-04-25 17:25:19 +03:00
Alexey Golubev
39d2e303f1 Fix disabling JWT 2022-04-12 19:00:46 +03:00
papacarlo
decb1ed860 Merge branch hotfix/v7.0.2 into release/v7.1.0 2022-04-05 12:27:33 +00:00
papacarlo
a830c53218 Merge branch hotfix/v7.0.2 into develop 2022-04-05 12:27:30 +00:00
16d5eecd74
Add FAQ
This means frequent problems really...
2022-04-05 13:53:54 +02:00
f1849ef17f
Update README.md 2022-04-05 09:32:49 +02:00
bc9d3c9575
Update README.md 2022-04-05 09:21:32 +02:00
10f303bc63
Add pretty things 2022-04-05 09:10:04 +02:00
037eaea85b
Update README.md 2022-04-04 23:56:47 +02:00
101ac458f5
Update README.md 2022-04-04 23:13:52 +02:00
a4176e1dd6
Update README.md 2022-04-04 18:38:04 +02:00
a3813d64dc
Update README.md 2022-04-04 18:32:43 +02:00
papacarlo
bb160d345e Merge branch hotfix/v7.0.1 into release/v7.1.0 2022-03-23 10:29:52 +00:00
papacarlo
3cf36a79cc Merge branch hotfix/v7.0.1 into develop 2022-03-23 09:49:22 +00:00
01c3c74b9a Move copy command to the end of the file
Reason: faster builds when editing scripts
2022-03-13 23:57:50 +01:00
56011315db
Update README.md
Remove `--build` from the 3rd step. It shouldn't be there as we already built the image with `docker-compose build`
2022-03-11 09:55:35 +01:00
610d7b8e45
Delete .travis.yml 2022-03-10 00:06:31 +01:00
6f4eb40f91
Update docker-compose.yml 2022-03-10 00:05:54 +01:00
58334f6ab9
Update README.md 2022-03-10 00:05:11 +01:00
e50679fd0d
Update README.md 2022-03-09 20:17:41 +01:00
cee6f7b507
Update README.md 2022-03-09 19:50:04 +01:00
2514966acd
Update README.md 2022-03-09 19:48:28 +01:00
00a3164f4a
Update README.md 2022-03-09 19:48:13 +01:00
2a34984f86
Update README.md 2022-03-09 19:47:15 +01:00
33e7e8dfd0
Merge pull request #2 from jiriks74/arm64
Remove unnecessary files
2022-03-09 19:04:28 +01:00
a1aa8b21e2 Remove unnecessary files
To clarify, unnecessary for this usecase. To find all files with the modifications in `Dockerfile` for `arm64` look into the [arm64-full_repo](https://github.com/jiriks74/Docker-DocumentServer-Arm64/tree/arm64-full_repo)
2022-03-09 19:01:03 +01:00
d9b82fad23
Merge pull request #1 from jiriks74/arm64
Arm64
2022-03-09 18:59:08 +01:00
ba8a436cb4 Fix postgresql version, no line after \ 2022-03-09 16:55:45 +01:00
05aa933b9a Initial commit
Docker build process now adds debian bullseye repositories, downloads needed arm dependencies, downloads qemu and binfmt, downloads and modifies needed amd64 libraries
Change the install process of documentserver itself: Downloads package from official debian repositories, modifies dependencies, repackages it and resumes the normal install process. Package does not install from `/tmp` but from `/build` which is removed after instalation is completed

`docker-compose.yml` larger stop grace period - Raspberry Pis have slow storage, set to two minutes just to be sure it doesn't get killed because of that
2022-03-09 16:45:56 +01:00
papacarlo
e17831904d Merge branch hotfix/v7.0.1 into master 2022-02-22 08:17:41 +00:00
Stavros Kois
21f5019e1c
Initialliaze services.CoAuthoring.redis before attempting to set a child to a value (#404)
Co-authored-by: papacarlo <builder@onlyoffice.com>
2022-02-09 10:37:52 +03:00
Pavel Lobashov
b2e720e66c
Fix broken links to Docker-CommunityServer (#402)
Continue of #400

Those links became incorrect in
e7c8e59a37

I'm not sure that we REALLY need those links in this project, maybe just
give links to README page and that's it
But leaving it as it is
2022-01-31 11:18:50 +03:00
papacarlo
4c959d62b7 Merge branch release/v7.0.0 into release/v7.1.0 2022-01-17 14:34:38 +00:00
papacarlo
c5fb8f1fe0 Merge branch release/v7.0.0 into develop 2022-01-17 14:34:35 +00:00
papacarlo
973409cc8f Merge branch release/v7.0.0 into master 2022-01-17 14:34:33 +00:00
papacarlo
33faf622c8 Merge branch hotfix/v6.4.2 into release/v7.0.0 2021-10-28 07:33:57 +00:00
papacarlo
44a96b1fde Merge branch hotfix/v6.4.2 into develop 2021-10-28 07:33:55 +00:00
papacarlo
26ef312557 Merge branch hotfix/v6.4.1 into release/v6.5.0 2021-09-30 12:21:08 +00:00
papacarlo
2eb99ffb20 Merge branch hotfix/v6.4.1 into develop 2021-09-30 12:21:03 +00:00
papacarlo
ca39675055 Merge branch hotfix/v6.4.1 into master 2021-09-28 08:08:26 +00:00
Semyon Bezrukov
a31a579d24
Add WOPI_ENABLED variable (#379)
* Add WOPI_ENABLED variable

* Add var description
2021-09-14 17:53:37 +03:00
Svetlana Maleeva
32a8a24a0f
Update README.md (#377) 2021-09-14 17:42:55 +03:00
papacarlo
0613f8a0ca Merge branch release/v6.4.0 into develop 2021-08-26 13:55:56 +00:00
papacarlo
a23477301e Merge branch release/v6.4.0 into master 2021-08-26 11:40:24 +00:00
papacarlo
d654094671 Merge branch hotfix/v6.3.1 into release/v6.4.0 2021-07-15 13:14:47 +00:00
papacarlo
93a0526a7c Merge branch hotfix/v6.3.1 into develop 2021-07-15 13:14:43 +00:00
Roman Demidov
5bf1ff715f
Remove server version of spell checker (#365) 2021-06-22 09:59:50 +03:00
Semyon Bezrukov
c6e7d68016
Fix docker targets (#361)
* Fix docker targets

* Fix docker latest tag
2021-06-01 17:29:31 +03:00
papacarlo
13a01e7c56 Merge branch release/v6.3.0 into develop 2021-05-20 12:08:20 +00:00
papacarlo
3b830417a2 Merge branch release/v6.3.0 into master 2021-05-20 12:08:15 +00:00
papacarlo
245659807a Merge branch hotfix/v6.2.2 into release/v6.3.0 2021-05-07 13:27:20 +00:00
papacarlo
2f26419ac7 Merge branch hotfix/v6.2.2 into develop 2021-05-07 13:25:56 +00:00
Pavel Lobashov
67df644858
Precise info about table existance (#355) 2021-04-29 12:14:31 +03:00
papacarlo
ca6b3a67a3 Merge branch hotfix/v6.2.2 into master 2021-04-19 12:18:58 +00:00
Roman Demidov
f2c708cff2
Reset database tables on update (#351)
* Reset database tables on update

* Add changes

* Add changes

* Add changes

* Add changes

* Add changes

* Add changes
2021-04-14 17:10:38 +03:00
Alexey Golubev
2f26cea790
Fix #347 (#349) 2021-04-01 10:07:07 +03:00
papacarlo
30c5612cfb Merge branch hotfix/v6.2.1 into release/v6.3.0 2021-03-31 11:27:32 +00:00
papacarlo
cbb749d77c Merge branch hotfix/v6.2.1 into develop 2021-03-31 11:27:26 +00:00
jdoubleu
1cfe84b8b8
Fix automatic port detection for database (#341) 2021-03-19 16:20:52 +03:00
papacarlo
30ca844513 Merge branch release/v6.2.0 into release/v6.3.0 2021-03-19 07:54:45 +00:00
papacarlo
c611b2b080 Merge branch release/v6.2.0 into develop 2021-03-18 15:22:47 +00:00
papacarlo
9dc5f5d993 Merge branch release/v6.2.0 into master 2021-03-01 08:47:27 +00:00
Semyon Bezrukov
393006d306
Add pull ubuntu image (#334) 2021-02-24 18:34:03 +03:00
papacarlo
ea0fcf3951 Merge branch hotfix/v6.1.1 into develop 2021-01-28 08:28:05 +00:00
Alexey Golubev
cbff89bdea
Merge pull request #323 from ONLYOFFICE/hotfix/v6.1.1
Merge hotfix/v6.1.1 into release/v6.2.0
2020-12-25 11:31:19 +03:00
papacarlo
9676e7aac1 Merge branch release/v6.1.0 into develop 2020-12-24 07:52:11 +00:00
Semyon Bezrukov
e7d2cc2cd5
Edit s3 paths (#319)
* Edit s3 paths

* DocumentServer installed by url

* Fix install recommends
2020-12-16 11:39:05 +03:00
papacarlo
93740b7c37 Merge branch release/v6.1.0 into master 2020-12-08 07:07:57 +00:00
papacarlo
d26fd0d234 Merge branch hotfix/v6.0.2 into release/v6.1.0 2020-12-07 14:38:53 +00:00
papacarlo
fd7e1a926a Merge branch hotfix/v6.0.2 into develop 2020-12-07 14:38:43 +00:00
papacarlo
4cc63380f2 Merge branch release/v6.1.0 into master 2020-12-01 07:51:32 +00:00
Alexey Golubev
eddbbbf3eb
Fix unsupported rabbitmq ver. Use 20.04 as base. (#307)
* Fix unsupported rabbitmq ver. Use 20.04 as base.

* Extend timeout for test (#311)

* test01

* Timeout

* Small changes

* Change timeout to 90

Co-authored-by: Roman Demidov <roman.demidov@onlyoffice.com>
2020-11-20 10:53:36 +03:00
Roman Demidov
326a005ac7
Fix empty lets encrypt params error (#310) 2020-11-18 10:46:19 +03:00
Alexey Golubev
cd02cd6deb
Merge pull request #309 from zhaofengli/netcat-ipv6
Use netcat-openbsd for IPv6 support
2020-11-09 14:05:04 +03:00
Zhaofeng Li
94c64d3f6d Use netcat-openbsd for IPv6 support 2020-11-08 23:38:31 -08:00
papacarlo
f85ac8c510 Merge branch hotfix/v6.0.1 into release/v6.1.0 2020-10-28 14:31:41 +00:00
papacarlo
0ed3f8fbbf Merge branch hotfix/v6.0.1 into develop 2020-10-28 14:31:31 +00:00
evgeniy-antonyuk
9e63609c14
Fix custom db name bug (#304)
Co-authored-by: papacarlo <builder@onlyoffice.com>
2020-10-27 13:50:48 +03:00
Roman Demidov
bdef500858
Allow let's encrypte sertificates (#300)
* Allow let's encrypte sertificates

Co-authored-by: papacarlo <builder@onlyoffice.com>
Co-authored-by: Roman <demidov.roman@onlyoffice.com>
2020-10-22 13:47:51 +03:00
Roman Demidov
211ae50980
Fix #281: Add option to disable CPU-heavy tasks on startup (#293)
* Fix #281: Add option to disable CPU-heavy tasks on startup

* Update README.md

Co-authored-by: Sandro <sandro.jaeckel@gmail.com>

* Update README.md

Co-authored-by: Roman <demidov.roman@onlyoffice.com>
Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
2020-10-20 16:14:55 +03:00
hellonadya
a231d7992a
Update README.md (#301)
- add info on OO Docs & OO Workspace
2020-10-16 16:48:43 +03:00
Roman Demidov
26854106a3
Add consent to the fonts license (#297)
* Add concent to the fonts license

* Small changes

* Small changes

Co-authored-by: papacarlo <builder@onlyoffice.com>
Co-authored-by: Roman <demidov.roman@onlyoffice.com>
2020-10-08 15:58:07 +03:00
papacarlo
85158c3624 Merge branch release/v6.0.0 into develop 2020-09-30 15:15:35 +00:00
papacarlo
f24908eb7a Merge branch release/v6.0.0 into master 2020-09-30 15:15:26 +00:00
Pierre Ozoux
1956f98c1d
Fixes exit procedure. (#286) 2020-09-10 17:02:20 +03:00
Semyon Bezrukov
ecb77ddb56
Add more travis tests (#289)
* Add version variable for travis tests

* Fix typo

* Fix activemq variable

* Add travis tests

* Remove mysql latest

* Fixes & refactoring

* Add more travis tests

* Remove mysql 8 test

* Remove mysql 8 test [2]

* Add mysql 8 comment

* Fix mysql 8 auth plugin

Co-authored-by: Alexey Golubev <alexey.golubev@onlyoffice.com>
2020-09-10 16:57:21 +03:00
papacarlo
d3e5246e9a Merge branch hotfix/v5.6.4 into release/v6.0.0 2020-09-08 08:31:06 +00:00
papacarlo
380ac3e227 Merge branch hotfix/v5.6.4 into develop 2020-09-08 08:30:56 +00:00
Kim Brose
16107fd3ba
Update README.md (#283) 2020-08-17 16:08:52 +03:00
papacarlo
ee126870b2 Merge branch hotfix/v5.6.2 into release/v6.0.0 2020-08-07 08:17:06 +00:00
papacarlo
abe349dad9 Merge branch hotfix/v5.6.2 into develop 2020-08-07 08:16:55 +00:00
papacarlo
ac0c135ded Merge branch hotfix/v5.6.1 into release/v6.0.0 2020-08-05 09:39:37 +00:00
papacarlo
c5d15c3be7 Merge branch hotfix/v5.6.1 into develop 2020-08-05 09:39:26 +00:00
papacarlo
79e627e080 Merge branch hotfix/v5.6.1 into master 2020-08-05 09:39:15 +00:00
Semen Bezrukov
dd5cde1919 Fix unary operator expected (Bug 45985) 2020-07-31 18:09:51 +03:00
Semyon Bezrukov
c47a310683
Fix unary operator expected (Bug 45985) (#270) 2020-07-30 11:54:46 +03:00
papacarlo
0d974b9f2a Merge branch hotfix/v5.6.0 into release/v6.0.0 2020-07-28 13:48:40 +00:00
papacarlo
be27b2b4d6 Merge branch hotfix/v5.6.0 into develop 2020-07-28 13:48:30 +00:00
papacarlo
98f96d1795 Merge branch hotfix/v5.6.0 into master 2020-07-28 13:48:20 +00:00
Semyon Bezrukov
7bfe250035
Add Graphite (#265) 2020-07-23 15:42:17 +03:00
Semyon Bezrukov
e47d6d8c1a
Add several attempts for docker push (#258)
* Add several attempts for docker push

* Fix retries, add delay
2020-06-17 11:24:52 +03:00
Semyon Bezrukov
7193b651ec
Add test for Integration Edition (#256)
* Add test for Integration Edition

* Add test for Community Edition

* Fix tests for redis

* Fix edition test

* Rename test
2020-06-04 17:24:07 +03:00
Semyon Bezrukov
62424ea120
Disable redis server for Community Edition (#255)
* Disable redis server

* Add REDIS_ENABLED variable

* Fix Dockerfile

* Fix REDIS_ENABLED condition
2020-06-04 15:15:34 +03:00
Alexey Golubev
c2bcd00322 v5.5.3 2020-05-22 11:25:18 +03:00
Alexey Golubev
91815ac24a v5.5.3 2020-05-22 11:21:42 +03:00
Semyon Bezrukov
f6b5017b4a
Rename cert & key files (#245)
* New cert files default names

* Add certs travis test

* Add certificate generation

* Fix certs test

* Fix cert gen

* Fix directory mapping

* Fix https healthcheck

* Add test for old cert path

* Fix script & test

* Fix port number

* Code refactoring

* Fix old cert test

* Code refactoring

* Fix certs test names

* Remove unnecessary test
2020-04-29 19:48:33 +03:00
Semyon Bezrukov
ab5637a11f Update travis tests (#243)
* Remove docker .env file

* Add enviroment variables defaults

* Update docker-compose version

* Update travis tests variables

* Build document server image

* Fix mariadb

* Fix variable names

* Revert container name

(cherry picked from commit e721ca102d0b75b0f01099c2b9c10d73db140250)
2020-04-28 15:23:27 +03:00
Semyon Bezrukov
e721ca102d
Update travis tests (#243)
* Remove docker .env file

* Add enviroment variables defaults

* Update docker-compose version

* Update travis tests variables

* Build document server image

* Fix mariadb

* Fix variable names

* Revert container name
2020-04-28 15:05:35 +03:00
Alexey Golubev
4a38d6faeb v5.5.2 2020-04-27 17:01:52 +03:00
Alexey Golubev
96c0bc432d v5.5.1r2 2020-04-15 14:18:32 +03:00
Alexey Golubev
9d82bb8d1f v5.5.1 2020-04-09 12:40:20 +03:00
Alexey Golubev
048a888836 Add docker-compose cluster example 2020-04-01 18:54:11 +03:00
Alexey Golubev
a51dc61276 Fix db folder mapping for custom build 2020-04-01 12:11:57 +03:00
Alexey Golubev
95c59ed2cd Remake docker-compose file 2020-03-27 18:44:56 +03:00
Alexey Golubev
b72b401e67
Fix #234 (#235) 2020-03-25 12:19:47 +03:00
Alexey Golubev
37c058d281 Add mariadb test 2020-03-16 16:20:36 +03:00
Alexey Golubev
e361537d32 Fix postgres test
See details: https://github.com/docker-library/postgres/issues/681
2020-03-12 14:07:20 +03:00
Alexey Golubev
51b371ff3c
Merge pull request #228 from NorseGaud/create_postgresql_tbl-grep-fix
Fix for create_postgresql_tbl grep throwing a failure
2020-03-05 14:17:35 +03:00
Alexey Golubev
cc4b0f3b14
Merge branch 'hotfix/v5.5.1' into create_postgresql_tbl-grep-fix 2020-03-05 14:16:49 +03:00
Alexey Golubev
75b2232733
Merge pull request #229 from hoh/patch-1
Fix insecure http:// urls in README
2020-03-05 14:12:58 +03:00
Alexey Golubev
a553f2eafb
Merge branch 'master' into patch-1 2020-03-05 13:39:44 +03:00
Alexey Golubev
82c24e6b4c v5.5.0 2020-03-04 18:33:54 +03:00
Alexey Golubev
dbab7c36b5 v5.5.0 2020-03-04 18:09:03 +03:00
Alexey Golubev
438a41a933 Fix #44534 2020-02-25 13:54:23 +03:00
Hugo Herter
a21313bb39
Fix insecure http:// urls in README
Many links in the README are using `http://` instead of `https://`, including the link to download the `Community Edition Docker script file`, which is then meant to be executed using bash and could allows an adversary to make the user execute arbitrary code.
2020-02-23 14:07:27 +01:00
NorseGaud
43010e1bd2 fix for create_postgresql_tbl grep so it stops throwing a failure 2020-02-22 19:15:48 -05:00
Alexey Golubev
9a2d10ceea Fix build error
The following packages have unmet dependencies:
 curl : Depends: libcurl4 (= 7.58.0-2ubuntu3.8)
 but it is not going to be installed
2020-02-21 16:29:49 +03:00
Alexey Golubev
33d04dc4f4 Remove nodejs dependency 2020-02-21 14:58:20 +03:00
Alexey Golubev
4468a26a3e Change dependency gtk2->gtk3 2020-02-19 19:54:20 +03:00
Alexey Golubev
b639a8ef89
Fix build error 2020-02-17 12:25:38 +03:00
Alexey Golubev
efe1d8482f
Fix browser 'wasm' warning
Fix browser  warning:
 wasm streaming compile failed: TypeError: Failed to execute 'compile' on 'WebAssembly': Incorrect response MIME type. Expected 'application/wasm'.
2020-02-14 17:18:04 +03:00
Alexey Golubev
586d1078e6
Create folder for pkg example 2020-02-12 13:42:04 +03:00
Alexey Golubev
6b81686cf6
Fix deploy to docker hub 2020-01-31 17:27:31 +03:00
Alexey Golubev
f241f36893 Add abbility customize docker build 2020-01-31 13:33:25 +03:00
Alexey Golubev
9eff99f618 Remake fix #96 2019-12-26 13:14:51 +03:00
Alexey Golubev
df8e19ed90 Update postgersql version 2019-12-26 13:14:51 +03:00
Alexey Golubev
8988247232 Change base image to ubuntu 18.04 2019-12-26 13:14:51 +03:00
Alexey Golubev
3ff96e8b49
Fix 'JWT_IN_BODY' param parsing 2019-12-25 17:25:57 +03:00
Roman Demidov
a6cda6537b Add redis test (#206) 2019-12-23 18:45:37 +03:00
Roman Demidov
08bb07e2d0 Rename AMQP variables (#205) 2019-12-23 18:45:37 +03:00
Roman Demidov
be9f986578 Add redis test (#206) 2019-12-23 15:59:14 +03:00
Roman Demidov
d59136d477 Rename AMQP variables (#205) 2019-12-23 12:27:47 +03:00
Roman Demidov
ee8fa827e3 Add external volumes for rabbitmq and redis (#203) 2019-12-20 13:15:59 +03:00
Alexey Golubev
261232e10d
Move from unsupported node.js version 2019-12-16 18:28:50 +03:00
ReinerNippes
2b982778f3 fix issue #96 ; 'Download failed' after upgrade to onlyoffice (#191)
* fix issue #96 ; 'Download failed' after upgrade to onlyoffice - unable to verify the first certificate

* New variable name REJECT_UNAUTHORIZED_STORAGE

Shell variable rnamed to REJECT_UNAUTHORIZED_STORAGE.
2019-12-05 19:18:36 +03:00
Alexey Golubev
66a293e79d
Merge pull request #198 from ONLYOFFICE/hotfix/v5.4.2
v5.4.2
2019-11-29 15:17:45 +03:00
Alexey Golubev
f4c0bd13b2
Merge branch 'develop' into hotfix/v5.4.2 2019-11-29 15:16:41 +03:00
Semyon Bezrukov
f18d04f406 Fix commands on welcome page (#197) 2019-11-28 14:59:20 +03:00
Alexey Golubev
8e1a52566f v5.4.2 2019-11-27 12:23:13 +03:00
Semyon Bezrukov
b3055c362c Add support JWT_IN_BODY param (#194) 2019-11-27 11:35:08 +03:00
Semyon Bezrukov
18b8dbe4fe Fix RabbitMQ high CPU usage on idle VM (#193) 2019-11-26 17:08:29 +03:00
Semyon Bezrukov
7d1606bc95 Add support of MySQL DBMS (#188)
* Add support of MySQL database
2019-10-29 12:42:43 +03:00
Alexey Golubev
03a96d3765 Add target for deploy docker images to s3 2019-10-21 15:18:04 +03:00
Alexey Golubev
d7833f454b Enable ds path customization 2019-10-21 11:51:06 +03:00
Alexey Golubev
b590340a10 v5.4.1 2019-10-02 12:07:22 +03:00
Alexey Golubev
c2b6187926 v5.4.1 2019-10-02 12:02:37 +03:00
Alexey Golubev
db01421f8a Fix #183 2019-09-25 17:49:18 +03:00
Alexey Golubev
77d47eec3d
Fix #175 (#184) 2019-09-24 12:55:24 +03:00
Alexey Golubev
ba14b959ce v5.4.0 2019-09-03 14:37:37 +03:00
Alexey Golubev
acc4da29d5
Remove sudo 2019-08-19 14:04:56 +03:00
leo-lb
93a69e601d Specify POSTGRESQL_SERVER_PORT for new databases (#170) 2019-07-12 02:15:37 -07:00
Alexey Golubev
87aa987e36 v5.3.2 2019-06-21 18:15:04 +03:00
Alexey Golubev
9b51b1dd7a v5.3.1 2019-06-06 12:33:52 +03:00
Alexey Golubev
d34297b159 v5.3.1 2019-06-06 12:32:18 +03:00
Alexey Golubev
89c883646d Fix bug #164 2019-05-29 16:26:22 +03:00
Alexey Golubev
2a78e2f6fa Fix bug #163 2019-05-29 15:34:58 +03:00
Alexey Golubev
b752010202 v5.3.0 2019-05-27 17:21:45 +03:00
Alexey Golubev
3f7630c34c v5.3.0 2019-05-27 17:05:18 +03:00
Alexey Golubev
2d6a4e0908 Fix crash on system without ipv6 2019-05-21 16:26:10 +03:00
hellonadya
5031b7f983 Update Readme.md
- UTMs added to website links in Project information
- Link to solutions comparison added to Project information
2019-05-16 13:15:17 +03:00
Alexey Golubev
796fce01cd Fix setup amqp type 2019-03-22 12:46:11 +03:00
Alexey Golubev
2c44e3833d Change setup amqp server type 2019-03-22 12:46:11 +03:00
Alexey Golubev
f999dd4214 Cosmetic 2019-03-22 12:46:11 +03:00
Alexey Golubev
ad4b496181 Rename AMQP_SERVER_ENGINE->AMQP_SERVER_TYPE 2019-03-22 12:46:11 +03:00
Alexey Golubev
b47a70582a Fix setup amqp type 2019-03-07 15:21:52 +03:00
Alexey Golubev
2a96d3c5f0 Change setup amqp server type 2019-03-06 12:30:54 +03:00
Alexey Golubev
c22686d264 Cosmetic 2019-03-05 18:14:50 +03:00
Alexey Golubev
1fe33f849f Rename AMQP_SERVER_ENGINE->AMQP_SERVER_TYPE 2019-03-05 18:12:54 +03:00
Alexey Golubev
88f33c5d8f Add AMQP_ SERVER_ params descriptions 2019-02-25 19:51:34 +03:00
Alexey Golubev
f0af6fe971
Switch to local json 2019-02-15 15:10:19 +03:00
Alexey Golubev
3642403457 Rebranding config file name 2019-02-14 16:16:28 +03:00
Alexey Golubev
45ce3d40ab Add activemq sample 2019-02-14 13:03:31 +03:00
Alexey Golubev
f8180d1343 Add amqp server params 2019-01-28 15:51:20 +03:00
Alexey Golubev
fbc9f8d208 v5.2.6 2018-12-25 12:02:21 +03:00
Alexey Golubev
bb24a80deb v5.2.4 2018-12-11 16:10:23 +03:00
Alexey Golubev
10d54591de v5.2.4 2018-12-11 16:07:08 +03:00
Alexey Golubev
96c37d7312 Fix log rotation 2018-11-20 17:07:20 +03:00
Alexey Golubev
26f7126cb0 Fix #138 2018-11-15 12:11:35 +03:00
Alexey Golubev
e430c76d51 Fix #134 2018-11-06 17:18:02 +03:00
Alexey Golubev
1ff3e1def6
Fix #133 2018-11-02 11:53:06 +03:00
Alexey Golubev
c266215700 v5.2.3 2018-10-30 13:01:35 +03:00
Alexey Golubev
0154bb08e0 v5.2.3 2018-10-30 12:58:37 +03:00
Pavel Lobashov
2b2f409edf Fix issue #92
Thanks to @snorre-k
See:
https://github.com/ONLYOFFICE/Docker-DocumentServer/issues/92#issuecomment-431655508
In short - on some Linux system (Ubuntu at least)
it container stopped - /var/run/rabbitmq dir is not cleared up.
Need to manually clear it on start.
2018-10-22 14:20:40 +03:00
Alexey Golubev
23d320dc2a Fix minishift startup 2018-10-02 19:36:14 +03:00
Alexey Golubev
0effd2b6b8 Setup logrotate config rights 2018-10-02 15:16:50 +03:00
Alexey Golubev
cc055305c1 release/v5.2.0 2018-09-27 19:10:35 +03:00
Alexey Golubev
3696139db2 release/v5.2.0 2018-09-27 19:07:43 +03:00
Alexey Golubev
2c4668d9e3
Update nodejs to version 8.x 2018-08-27 15:47:16 +03:00
Alexey Golubev
9ad9bc8aca Use boolean type for JWT_ENABLED 2018-07-19 16:20:20 +03:00
Alexey Golubev
ae78df1e24 v5.1.5 2018-07-17 17:45:58 +03:00
Alexey Golubev
140931bb62 v5.1.5 2018-07-17 17:08:49 +03:00
Alexey Golubev
520352dec2 Add cron start up to enable log rotation 2018-06-25 14:58:40 +03:00
Pavel Lobashov
d5e18c29b7 Add issue templates 2018-06-21 17:43:15 +03:00
Alexey Golubev
9796bd62c6 v5.1.4 2018-05-24 15:34:46 +03:00
Alexey Golubev
4c8bac99c6 v5.1.4 2018-05-24 15:32:34 +03:00
Alexey Golubev
a30463822e Disable install unauth app 2018-05-17 16:22:43 +03:00
Alexey Golubev
cf923c57bc
Supress tail directory warnings 2018-05-04 19:31:10 +03:00
Alexey Golubev
01fbb9f231
Use local.json to read settings 2018-05-04 11:56:18 +03:00
Alexey Golubev
9a21a9ab27
Feature/fix package update (#102) 2018-04-26 19:33:42 +03:00
Alexey Golubev
d725cd42a2
Define '**' behavior explicitly (#100)
If globstar is set and  if the pattern '**' is followed by a ‘/’, only directories and subdirectories match.
2018-04-21 12:14:26 +03:00
Alexey Golubev
904b8ef165
Merge pull request #99 from mandusm/ugly-hack-#68
Fixes #68 in a hacky way
2018-04-13 12:58:55 +03:00
Mandus Momberg
670f1bdf68 Fixes #68 in a hacky way 2018-04-12 21:41:24 +00:00
Alexander Vnuchkov
96b98337a8
Added info about correct server restart 2018-04-12 15:06:23 +03:00
Alexey Golubev
d82b075ec3 v5.1.2 2018-04-11 14:28:00 +03:00
Alexey Golubev
d84f8a2fed v5.1.1 2018-04-05 15:56:58 +03:00
Alexey Golubev
edf8e51856 Prevent ds crash by wrong pg rights 2018-04-03 19:39:11 +03:00
Alexey Golubev
974fce146f v5.1.0 2018-03-28 12:09:00 +03:00
42 changed files with 4928 additions and 303 deletions

1
.envrc Normal file

@ -0,0 +1 @@
use nix

13
.gitea/ISSUE_TEMPLATE.md Normal file

@ -0,0 +1,13 @@
**Do you want to request a *feature* or report a *bug*?**
**What is the current behavior?**
**If the current behavior is a bug, please provide the steps to reproduce and if possible a minimal demo of the problem.**
**What is the expected behavior?**
**Did this work in previous versions of DocumentServer?**
**DocumentServer Docker tag:**
**Host Operating System:**

@ -0,0 +1,174 @@
### This workflow setup instance then build and push images ###
name: 4testing multiarch-build
run-name: >-
Build #${{ inputs.build }} [
${{ inputs.amd64 && 'AMD64' || '-' }}
${{ inputs.arm64 && 'ARM64' || '-' }}
] [
${{ inputs.community && 'CE' || '-' }}
${{ inputs.developer && 'DE' || '-' }}
${{ inputs.enterprise && 'EE' || '-' }}
]
on:
workflow_dispatch:
inputs:
build:
description: 'Build number (ex. 45)'
type: string
required: true
amd64:
type: boolean
description: 'Build AMD64'
default: true
arm64:
type: boolean
description: 'Build ARM64'
default: true
community:
type: boolean
description: 'Build Community Edition'
default: true
enterprise:
type: boolean
description: 'Build Enterprise Edition'
default: true
developer:
type: boolean
description: 'Build Developer Edition'
default: true
env:
COMPANY_NAME: "onlyoffice"
PRODUCT_NAME: "documentserver"
jobs:
prepare:
runs-on: ubuntu-latest
steps:
- id: matrix
run: |
set -ex
BRANCH_NAME=${GITHUB_REF#refs/heads/}
if ! [[ $BRANCH_NAME == develop || $BRANCH_NAME =~ hotfix || $BRANCH_NAME =~ release ]]; then
echo "Wrong branch."
exit 1
fi
[ ${{ github.event.inputs.amd64 }} = true ] && PLATFORMS+=("amd64")
[ ${{ github.event.inputs.arm64 }} = true ] && PLATFORMS+=("arm64")
if [ -z ${PLATFORMS} ]; then
echo "None of the platforms are selected."
exit 1
fi
[ ${{ github.event.inputs.community }} = true ] && EDITIONS+=("community")
[ ${{ github.event.inputs.enterprise }} = true ] && EDITIONS+=("enterprise")
[ ${{ github.event.inputs.developer }} = true ] && EDITIONS+=("developer")
if [ -z ${EDITIONS} ]; then
echo "None of the editions are selected."
exit 1
fi
echo "editions=$(jq -n -c --arg s "${EDITIONS[*]}" '($s|split(" "))')" >> $GITHUB_OUTPUT
outputs:
editions: ${{ steps.matrix.outputs.editions }}
build:
name: "Build ${{ matrix.image }}-${{ matrix.edition }}"
runs-on: ubuntu-latest
needs: prepare
strategy:
fail-fast: false
matrix:
image: ["documentserver"]
edition: ${{ fromJSON(needs.prepare.outputs.editions) }}
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v2
- name: Login to Docker Hub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
- name: Build 4testing
id: build-ds
run: |
set -eux
### ==>> At this step build variable declaration ###
case ${{ matrix.edition }} in
community)
PRODUCT_EDITION=""
;;
enterprise)
PRODUCT_EDITION="-ee"
;;
developer)
PRODUCT_EDITION="-de"
;;
esac
[ ${{ github.event.inputs.amd64 }} = true ] && PLATFORMS+=("amd64")
[ ${{ github.event.inputs.arm64 }} = true ] && PLATFORMS+=("arm64")
PLATFORM=$(echo ${PLATFORMS[*]/#/linux/} | tr ' ' ',')
BRANCH_NAME=${GITHUB_REF#refs/heads/}
if [ $BRANCH_NAME = develop ]; then
BUILD_CHANNEL=nightly
PRODUCT_VERSION=99.99.99
elif [[ $BRANCH_NAME =~ hotfix || $BRANCH_NAME =~ release ]]; then
BUILD_CHANNEL=test
PRODUCT_VERSION=${BRANCH_NAME#*/v}
fi
BUILD_NUMBER=${{ github.event.inputs.build }}
export PRODUCT_EDITION
export PACKAGE_VERSION=${PRODUCT_VERSION}-${BUILD_NUMBER}
export PACKAGE_BASEURL=${{ secrets.REPO_BASEURL }}
export BUILD_CHANNEL
export PLATFORM
export DOCKERFILE=Dockerfile
export PREFIX_NAME=4testing-
export TAG=${PRODUCT_VERSION}.${BUILD_NUMBER}
### ==>> Build and push images at this step ###
docker buildx bake -f docker-bake.hcl ${{ matrix.image }} --push
echo "DONE: Build success"
### Set output for Zap scanner
### NOTE: Output will be used only in release/hotfix branches
echo "version=${TAG}" >> "$GITHUB_OUTPUT"
echo "branch=${BRANCH_NAME}" >> "$GITHUB_OUTPUT"
shell: bash
# Run scanner only when edition is community
# and branch hit release/ or hotfix/
- name: Trigger zap manualy
if: >-
matrix.edition == 'community' &&
(startsWith(steps.build-ds.outputs.branch, 'release/') ||
startsWith(steps.build-ds.outputs.branch, 'hotfix/'))
env:
VERSION: ${{ steps.build-ds.outputs.version }}
BRANCH: ${{ steps.build-ds.outputs.branch }}
GITHUB_TOKEN: ${{ secrets.TOKEN }}
run: |
gh workflow run zap-ds.yaml \
--repo ${{ github.repository }} \
-f branch=${BRANCH} \
-f version=${VERSION}
shell: bash

@ -0,0 +1,66 @@
name: Build
on:
schedule:
- cron: "0 0 * * 1"
push:
tags:
- 'manual_build'
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Get upstream repository
run: |
git clone https://github.com/ONLYOFFICE/DocumentServer/ upstream
- name: Extract tags and labels for Docker
id: meta
run: |
export VERSION="$(cd upstream && git describe --tags --abbrev=0 | cut -d 'v' -f2-)"
echo "Version: ${VERSION}"
echo "tag=${VERSION}" >> $GITHUB_OUTPUT
shell: bash
- name: Check if the image was already built
id: check-build-status
run: |
echo ${{ steps.meta.outputs.tag }}
if curl --silent -f -lSL "https://hub.docker.com/v2/repositories/jiriks74/onlyoffice-documentserver/tags/$(echo ${{ steps.meta.outputs.tag }})" > /dev/null; then echo "Already exists" && exit 1; else echo "Desn't exist" && exit 0; fi
- name: Set tag in Dockerfile
run: |
sed -i "s/ARG PACKAGE_VERSION=/ARG PACKAGE_VERSION=$(echo ${{ steps.meta.outputs.tag }} | cut -d ':' -f2)/g" Dockerfile
- name: Update repositories
run: sudo apt update
- name: Install Docker
uses: awalsh128/cache-apt-pkgs-action@latest
with:
packages: docker.io
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
with:
platforms: linux/amd64,linux/arm64
- name: Login to DockerHub
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Build and push image
uses: docker/build-push-action@v2
with:
push: true
tags: jiriks74/onlyoffice-documentserver:${{ steps.meta.outputs.tag }},jiriks74/onlyoffice-documentserver:latest
platforms: linux/amd64,linux/arm64
context: .
file: ./Dockerfile

@ -0,0 +1,22 @@
---
name: Trigger 4testing rebuild
run-name: "Weekly 4testing rebuild trigger"
on:
schedule:
# Run every Saturday at 10 p.m.
- cron: '00 22 * * 6'
jobs:
trigger-rebuild:
name: "trigget-rebuild"
runs-on: "ubuntu-latest"
steps:
- name: Rebuild 4testing manualy
env:
GITHUB_TOKEN: ${{ secrets.TOKEN }}
run: |
gh workflow run rebuild.yml \
--repo ONLYOFFICE/Docker-DocumentServer \
-f repo=4test

@ -0,0 +1,224 @@
---
name: Rebuild Docker-Documentserver
run-name: >
Rebuild DocumentServer with secure updates for repo: ${{ github.event.inputs.repo }}
on:
workflow_dispatch:
inputs:
repo:
type: choice
description: Please, choose upload repo..
options:
- '4test'
- 'stable'
permissions:
# All other permissions are set to none
contents: read
# Technically read access while waiting for images should be more than enough. However,
# there is a bug in GitHub Actions/Packages and in case private repositories are used, you get a permission
# denied error when attempting to just pull private image, changing the token permission to write solves the
# issue. This is not dangerous, because if it is for "ONLYOFFICE/Docker-DocumentServer", only maintainers can use ds-rebuild.yaml
# If it is for a fork, then the token is read-only anyway.
packages: read
env:
COMPANY_NAME: "onlyoffice"
PRODUCT_NAME: "documentserver"
REGISTRY_URL: "https://hub.docker.com/v2/repositories"
jobs:
rebuild-info:
name: "Rebuild-info"
runs-on: "ubuntu-22.04"
env:
REPO_INPUTS: ${{ github.event.inputs.repo }}
EVENT: ${{ github.event_name }}
outputs:
stable-versions: ${{ steps.selective-checks.outputs.stable-versions }}
ucs-versions: ${{ steps.selective-checks.outputs.ucs-versions }}
minor-tags: ${{ steps.selective-checks.outputs.minor-tags }}
ucs-rebuild-condition: ${{ steps.selective-checks.outputs.ucs-rebuild-condition }}
prefix-name: ${{ steps.selective-checks.outputs.prefix-name }}
repo: ${{ steps.selective-checks.outputs.repo }}
steps:
- name: Selective checks
id: selective-checks
run: |
set -e
REPO=${REPO_INPUTS:-"4test"}
if [ "${REPO}" == "stable" ]; then
UCS_REBUILD=true
UCS_VERSIONS=($(curl -s -H -X ${REGISTRY_URL}/${COMPANY_NAME}/${PRODUCT_NAME}-ucs/tags/?page_size=100 | \
jq -r '.results|.[]|.name' | grep -oxE '[0-9]{1,}.[0-9]{1,}.[0-9]{1,}.1' || true))
echo "ucs-versions=$(jq -c -n '$ARGS.positional' --args "${UCS_VERSIONS[@]}")" >> "$GITHUB_OUTPUT"
elif
[ "${REPO}" == "4test" ]; then
UCS_REBUILD=false
PREFIX_NAME=4testing-
fi
STABLE_VERSIONS=($(curl -s -H -X ${REGISTRY_URL}/${COMPANY_NAME}/${PRODUCT_NAME}/tags/?page_size=100 | \
jq -r '.results|.[]|.name' | grep -oxE '[0-9]{1,}.[0-9]{1,}.[0-9]{1,}.1' || true))
# When rebuilding stable versions of the document server,
# it is necessary to determine the version from which the
# minor x.x tag will need to be pushed.
VERSIONS=(${STABLE_VERSIONS[@]})
for i in {1..10}; do
if [ -z "${VERSIONS}" ]; then
break
else
TEMPLATE=${VERSIONS[0]%.*.*}
TEMPLATE_MINOR=$(printf -- '%s\n' "${VERSIONS[@]}" | grep -o -m 1 "${VERSIONS[0]%.*.*}.[0-9].[0-9]")
MINOR_TAGS+=(${TEMPLATE_MINOR%.*})
for v in ${MINOR_TAGS[@]}; do
VERSIONS=(${VERSIONS[@]//${v%.*}.*.*})
done
fi
done
echo "Stable releases that will be rebuilded"
echo "--------------------------------------"
echo "${STABLE_VERSIONS[@]}"
echo
echo
echo "Ucs releases that will be rebuilded"
echo "-----------------------------------"
echo "${UCS_VERSIONS[@]}"
echo "stable-versions=$(jq -c -n '$ARGS.positional' --args "${STABLE_VERSIONS[@]}")" >> "$GITHUB_OUTPUT"
echo "minor-tags=${MINOR_TAGS[@]}" >> "$GITHUB_OUTPUT"
echo "ucs-rebuild-condition=${UCS_REBUILD}" >> "$GITHUB_OUTPUT"
echo "prefix-name=${PREFIX_NAME}" >> "$GITHUB_OUTPUT"
echo "repo=${REPO}" >> "$GITHUB_OUTPUT"
shell: bash
re-build-stable:
name: "Rebuild stable:${{ matrix.version }} ${{ matrix.edition }}"
needs: [rebuild-info]
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
type: ["stable"]
edition: ["", "-ee", "-de"]
version: ${{fromJSON(needs.rebuild-info.outputs.stable-versions)}}
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Login to Docker Hub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
# Determines the new build number based
# on data from the hub.docker registry
- name: Declare release number
id: release-number
env:
REBUILD_VERSION: ${{ matrix.version }}
run: |
MINOR_VERSION=${REBUILD_VERSION%.*}
LAST_RELEASE=$(curl -s -H -X ${REGISTRY_URL}/${COMPANY_NAME}/${PRODUCT_NAME}/tags/?page_size=100 \
| jq -r '.results|.[]|.name' | grep -Eo -m1 "${MINOR_VERSION}.[0-9]{1,}")
LAST_RELEASE=${LAST_RELEASE#*.*.*.}
echo "release-number=$((LAST_RELEASE+1))" >> "$GITHUB_OUTPUT"
shell: bash
# Note: Rebuilding images with an
# extra layer to update security and
# all dependencies. Update tags got +1 to previous release.
- name: Re-build documentserver-stable
env:
MINOR_TAGS_ST: ${{ needs.rebuild-info.outputs.minor-tags }}
VERSION: ${{ matrix.version }}
RELEASE_NUMBER: ${{ steps.release-number.outputs.release-number }}
PREFIX_NAME: ${{ needs.rebuild-info.outputs.prefix-name }}
REPO: ${{ needs.rebuild-info.outputs.repo }}
PRODUCT_EDITION: ${{ matrix.edition }}
run: |
set -eux
export PULL_TAG=${VERSION}
export TAG=${VERSION%.*}.${RELEASE_NUMBER}
export SHORTER_TAG=${VERSION%.*}
export SHORTEST_TAG=${VERSION%.*.*}
if [ "${REPO}" == "stable" ]; then
MINOR_TAGS=(${MINOR_TAGS_ST})
for v in ${MINOR_TAGS[@]}; do
if [ "${SHORTER_TAG}" == "${v}" ]; then
export PUSH_MAJOR="true"
fi
done
if [ "${SHORTER_TAG}" == "${MINOR_TAGS[0]}" ]; then
export LATEST="true"
fi
fi
docker buildx bake -f docker-bake.hcl documentserver-stable-rebuild --push
shell: bash
re-build-ucs:
name: "Rebuild ucs: ${{ matrix.version }} ${{ matrix.edition }}"
if: needs.rebuild-info.outputs.ucs-rebuild-condition == 'true'
needs: [rebuild-info]
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
type: ["ucs"]
edition: ["", "-ee"]
version: ${{fromJSON(needs.rebuild-info.outputs.ucs-versions)}}
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Login to Docker Hub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
# Determines the new build number based
# on data from the hub.docker registry
- name: Declare release number
id: release-number
env:
REBUILD_VERSION: ${{ matrix.version }}
run: |
MINOR_VERSION=${REBUILD_VERSION%.*}
LAST_RELEASE=$(curl -s -H -X ${REGISTRY_URL}/${COMPANY_NAME}/${PRODUCT_NAME}/tags/?page_size=100 \
| jq -r '.results|.[]|.name' | grep -Eo -m1 "${MINOR_VERSION}.[0-9]{1,}")
LAST_RELEASE=${LAST_RELEASE#*.*.*.}
echo "release-number=$((LAST_RELEASE+1))" >> "$GITHUB_OUTPUT"
shell: bash
# Note: Rebuilding images with an
# extra layer to update security and
# all dependencies. Update tags +1 to previous release.
- name: Re-build documentserver-ucs
env:
VERSION: ${{ matrix.version }}
RELEASE_NUMBER: ${{ steps.release-number.outputs.release-number }}
PRODUCT_EDITION: ${{ matrix.edition }}
run: |
set -eux
export PULL_TAG=${VERSION}
export TAG=${VERSION%.*}.${RELEASE_NUMBER}
export SHORTER_TAG=${VERSION%.*}
export SHORTEST_TAG=${VERSION%.*.*}
export UCS_REBUILD=true
export UCS_PREFIX=-ucs
docker buildx bake -f docker-bake.hcl documentserver-stable-rebuild --push
shell: bash

@ -0,0 +1,137 @@
### This workflow setup instance then build and push images ###
name: Multi-arch build stable
run-name: ${{ inputs.tag }} (${{ inputs.release_number }})
on:
workflow_dispatch:
inputs:
tag:
description: 'Tag for release (ex. 1.2.3.45)'
type: string
required: true
release_number:
description: 'Sequence number of the release (ex. x.x.x.<number>)'
type: string
required: true
default: '1'
env:
COMPANY_NAME: "onlyoffice"
PRODUCT_NAME: "documentserver"
jobs:
build:
name: "Release image: DocumentServer${{ matrix.edition }}"
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
images: ["documentserver-stable"]
edition: ["", "-ee", "-de"]
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Login to Docker Hub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
- name: Build documentserver-release
run: |
set -eux
VERSION=${{ github.event.inputs.tag }}
RELEASE_NUMBER=${{ github.event.inputs.release_number }}
PRODUCT_EDITION=${{ matrix.edition }}
TESTING_IMAGE=${COMPANY_NAME}/4testing-${PRODUCT_NAME}${PRODUCT_EDITION}
export PRODUCT_EDITION
export PULL_TAG=${VERSION}
export TAG=${VERSION%.*}.${RELEASE_NUMBER}
export SHORTER_TAG=${VERSION%.*}
export SHORTEST_TAG=${VERSION%.*.*}
docker buildx bake -f docker-bake.hcl ${{ matrix.images }} --push
echo "DONE: Build success >> exit with 0"
exit 0
shell: bash
build-nonexample:
name: "Release image: DocumentServer${{ matrix.edition }}-nonExample"
runs-on: ubuntu-latest
needs: [build]
if: ${{ false }}
strategy:
fail-fast: false
matrix:
images: ["documentserver-nonexample"]
edition: ["", "-ee", "-de"]
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Login to Docker Hub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
- name: build image
run: |
set -eux
VERSION=${{ github.event.inputs.tag }}
RELEASE_NUMBER=${{ github.event.inputs.release_number }}
export PULL_TAG=${VERSION%.*}.${RELEASE_NUMBER}
export PRODUCT_EDITION=${{ matrix.edition }}
export TAG=${VERSION%.*}.${RELEASE_NUMBER}
docker buildx bake -f docker-bake.hcl ${{ matrix.images }} --push
shell: bash
build-ucs-ubuntu20:
name: "Release image: DocumentServer${{ matrix.edition }}-ucs"
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
edition: ["", "-ee"]
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Login to Docker Hub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
- name: build UCS
run: |
set -eux
VERSION=${{ github.event.inputs.tag }}
RELEASE_NUMBER=${{ github.event.inputs.release_number }}
export PRODUCT_EDITION=${{ matrix.edition }}
export PACKAGE_BASEURL=${{ secrets.REPO_BASEURL }}
export DOCKERFILE=Dockerfile
export BASE_IMAGE=ubuntu:20.04
export PG_VERSION=12
export TAG=${VERSION%.*}.${RELEASE_NUMBER}
export PACKAGE_VERSION=$( echo ${VERSION} | sed -E 's/(.*)\./\1-/')
docker buildx bake -f docker-bake.hcl documentserver-ucs --push
shell: bash

@ -0,0 +1,70 @@
---
name: Scanning DocumentServer with ZAP
run-name: >
ZAP DocumentServer ver: ${{ github.event.inputs.version }} from branch: ${{ github.event.inputs.branch }}
on:
workflow_dispatch:
inputs:
version:
description: 'Set DocumentServer version that will be deployed'
type: string
required: true
branch:
description: 'The branch from which the scan will be performed'
type: string
required: true
jobs:
zap:
name: "Zap scanning DocumentServer"
runs-on: ubuntu-latest
permissions:
issues: write
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Run DS
id: run-ds
env:
TAG: ${{ github.event.inputs.version }}
run: |
# Create ssl certs
openssl genrsa -out tls.key 2048
openssl req -new -key tls.key -out tls.csr -subj "/C=RU/ST=NizhObl/L=NizhNov/O=RK-Tech/OU=TestUnit/CN=TestName"
openssl x509 -req -days 365 -in tls.csr -signkey tls.key -out tls.crt
openssl dhparam -out dhparam.pem 2048
sudo mkdir -p /app/onlyoffice/DocumentServer/data/certs
sudo cp ./tls.key /app/onlyoffice/DocumentServer/data/certs/
sudo cp ./tls.crt /app/onlyoffice/DocumentServer/data/certs/
sudo cp ./dhparam.pem /app/onlyoffice/DocumentServer/data/certs/
sudo chmod 400 /app/onlyoffice/DocumentServer/data/certs/tls.key
rm ./tls.key ./tls.crt ./dhparam.pem
# Run Ds with enabled ssl
export CONTAINER_NAME="documentserver"
sudo docker run -itd \
--name ${CONTAINER_NAME} \
-p 80:80 \
-p 443:443 \
-v /app/onlyoffice/DocumentServer/data:/var/www/onlyoffice/Data \
onlyoffice/4testing-documentserver:${TAG}
sleep 60
sudo docker exec ${CONTAINER_NAME} sudo supervisorctl start ds:example
LOCAL_IP=$(hostname -I | awk '{print $1}')
echo "local-ip=${LOCAL_IP}" >> "$GITHUB_OUTPUT"
# Scan DocumentServer with ZAP.
# NOTE: Full scan get a lot of time.
# If you want make scan more faster (but less accurate) remove `cmd options` field
# -j mean that scanning use AJAX Spider, with this spider the scan takes approximately an hour
# Without any cmd options will be used default spider and the scan takes approximately ~10-15 minutes
- name: ZAP Scan
uses: zaproxy/action-full-scan@v0.8.0
with:
token: ${{ secrets.GITHUB_TOKEN }}
docker_name: 'ghcr.io/zaproxy/zaproxy:stable'
target: 'https://${{ steps.run-ds.outputs.local-ip }}/'
allow_issue_writing: false
cmd_options: '-j'

2
.gitignore vendored Normal file

@ -0,0 +1,2 @@
# Nix, direnv
.direnv

131
.travis.yml Normal file

@ -0,0 +1,131 @@
language: generic
dist: trusty
env:
# community edition
- config: standalone.yml
# integration edition
- config: standalone.yml
PRODUCT_NAME: documentserver-ie
# certificates (default tls if onlyoffice not exists)
- config: certs.yml
ssl: true
# certificates (default onlyoffice if exists)
- config: certs.yml
ssl: true
private_key: onlyoffice.key
certificate_request: onlyoffice.csr
certificate: onlyoffice.crt
# custom certificates
- config: certs-customized.yml
ssl: true
private_key: mycert.key
certificate_request: mycert.csr
certificate: mycert.crt
SSL_CERTIFICATE_PATH: /var/www/onlyoffice/Data/certs/mycert.crt
SSL_KEY_PATH: /var/www/onlyoffice/Data/certs/mycert.key
# postgresql 16
- config: postgres.yml
POSTGRES_VERSION: 16
# postgresql 15
- config: postgres.yml
POSTGRES_VERSION: 15
# postgresql 14
- config: postgres.yml
POSTGRES_VERSION: 14
# postgresql 13
- config: postgres.yml
POSTGRES_VERSION: 13
# postgresql 12
- config: postgres.yml
# postgresql custom values
- config: postgres.yml
DB_NAME: mydb
DB_USER: myuser
DB_PWD: password
POSTGRES_DB: mydb
POSTGRES_USER: myuser
# postgresql deprecated variables
- config: postgres-old.yml
# mysql 8
- config: mysql.yml
MYSQL_VERSION: 8
# mysql 5
- config: mysql.yml
MYSQL_VERSION: 5
# mysql 5.7
- config: mysql.yml
# mariadb 10
- config: mariadb.yml
MARIADB_VERSION: 10
# mariadb 10.5
- config: mariadb.yml
- config: activemq.yml
ACTIVEMQ_VERSION: latest
# activemq 5.14.3
- config: activemq.yml
# rabbitmq latest
- config: rabbitmq.yml
# rabbitmq 3
- config: rabbitmq.yml
RABBITMQ_VERSION: 3
# rabbitmq old variables
- config: rabbitmq-old.yml
# redis latest with community edition
- config: redis.yml
# redis latest with integraion edition
- config: redis.yml
PRODUCT_NAME: documentserver-ie
# redis 6
- config: redis.yml
REDIS_VERSION: 6
# redis 5
- config: redis.yml
REDIS_VERSION: 5
# graphite
- config: graphite.yml
services:
- docker
script:
# Go to tests dir
- cd ${PWD}/tests
# Run test.
- ./test.sh

@ -1,37 +1,44 @@
FROM ubuntu:16.04 ARG BASE_IMAGE=ubuntu:22.04
LABEL maintainer Ascensio System SIA <support@onlyoffice.com>
ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 DEBIAN_FRONTEND=noninteractive FROM ${BASE_IMAGE} as documentserver
LABEL maintainer Jiří Štefka <jiri.stefka.js@gmail.com>
ARG PG_VERSION=14
ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 DEBIAN_FRONTEND=noninteractive PG_VERSION=${PG_VERSION}
ARG ONLYOFFICE_VALUE=onlyoffice
RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \ RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \
apt-get -y update && \ apt-get -y update && \
apt-get -yq install wget apt-transport-https curl locales && \ apt-get -yq install wget apt-transport-https gnupg locales lsb-release && \
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 0x8320ca65cb2de8e5 && \
locale-gen en_US.UTF-8 && \ locale-gen en_US.UTF-8 && \
curl -sL https://deb.nodesource.com/setup_6.x | bash - && \ echo ttf-mscorefonts-installer msttcorefonts/accepted-mscorefonts-eula select true | debconf-set-selections && \
apt-get -y update && \
apt-get -yq install \ apt-get -yq install \
adduser \ adduser \
apt-utils \
bomstrip \ bomstrip \
certbot \
cron \
curl \
htop \ htop \
libasound2 \ libasound2 \
libboost-regex-dev \ libboost-regex-dev \
libcairo2 \ libcairo2 \
libcurl3 \ libcurl3-gnutls \
libgconf2-4 \ libcurl4 \
libgtkglext1 \ libgtk-3-0 \
libnspr4 \ libnspr4 \
libnss3 \ libnss3 \
libnss3-nssdb \
libstdc++6 \ libstdc++6 \
libxml2 \ libxml2 \
libxss1 \ libxss1 \
libxtst6 \ libxtst6 \
mysql-client \
nano \ nano \
net-tools \ net-tools \
netcat \ netcat-openbsd \
nginx-extras \ nginx-extras \
nodejs \
postgresql \ postgresql \
postgresql-client \ postgresql-client \
pwgen \ pwgen \
@ -40,11 +47,18 @@ RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \
software-properties-common \ software-properties-common \
sudo \ sudo \
supervisor \ supervisor \
ttf-mscorefonts-installer \
xvfb \ xvfb \
zlib1g && \ zlib1g && \
sudo -u postgres psql -c "CREATE DATABASE onlyoffice;" && \ if [ $(ls -l /usr/share/fonts/truetype/msttcorefonts | wc -l) -ne 61 ]; \
sudo -u postgres psql -c "CREATE USER onlyoffice WITH password 'onlyoffice';" && \ then echo 'msttcorefonts failed to download'; exit 1; fi && \
sudo -u postgres psql -c "GRANT ALL privileges ON DATABASE onlyoffice TO onlyoffice;" && \ echo "SERVER_ADDITIONAL_ERL_ARGS=\"+S 1:1\"" | tee -a /etc/rabbitmq/rabbitmq-env.conf && \
sed -i "s/bind .*/bind 127.0.0.1/g" /etc/redis/redis.conf && \
sed 's|\(application\/zip.*\)|\1\n application\/wasm wasm;|' -i /etc/nginx/mime.types && \
pg_conftool $PG_VERSION main set listen_addresses 'localhost' && \
service postgresql restart && \
sudo -u postgres psql -c "CREATE USER $ONLYOFFICE_VALUE WITH password '$ONLYOFFICE_VALUE';" && \
sudo -u postgres psql -c "CREATE DATABASE $ONLYOFFICE_VALUE OWNER $ONLYOFFICE_VALUE;" && \
service postgresql stop && \ service postgresql stop && \
service redis-server stop && \ service redis-server stop && \
service rabbitmq-server stop && \ service rabbitmq-server stop && \
@ -52,24 +66,38 @@ RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \
service nginx stop && \ service nginx stop && \
rm -rf /var/lib/apt/lists/* rm -rf /var/lib/apt/lists/*
COPY config /app/onlyoffice/setup/config/ COPY config/supervisor/supervisor /etc/init.d/
COPY run-document-server.sh /app/onlyoffice/run-document-server.sh COPY config/supervisor/ds/*.conf /etc/supervisor/conf.d/
COPY run-document-server.sh /app/ds/run-document-server.sh
EXPOSE 80 443 EXPOSE 80 443
ARG REPO_URL="deb http://download.onlyoffice.com/repo/debian squeeze main" ARG COMPANY_NAME=onlyoffice
ARG PRODUCT_NAME=onlyoffice-documentserver ARG PRODUCT_NAME=documentserver
ARG PRODUCT_EDITION=
ARG PACKAGE_VERSION=
ARG TARGETARCH
ARG PACKAGE_BASEURL="http://download.onlyoffice.com/install/documentserver/linux"
RUN echo "$REPO_URL" | tee /etc/apt/sources.list.d/onlyoffice.list && \ ENV COMPANY_NAME=$COMPANY_NAME \
PRODUCT_NAME=$PRODUCT_NAME \
PRODUCT_EDITION=$PRODUCT_EDITION \
DS_DOCKER_INSTALLATION=true
RUN PACKAGE_FILE="${COMPANY_NAME}-${PRODUCT_NAME}${PRODUCT_EDITION}${PACKAGE_VERSION:+_$PACKAGE_VERSION}_${TARGETARCH:-$(dpkg --print-architecture)}.deb" && \
wget -q -P /tmp "$PACKAGE_BASEURL/$PACKAGE_FILE" && \
apt-get -y update && \ apt-get -y update && \
service postgresql start && \ service postgresql start && \
apt-get --allow-unauthenticated -yq install $PRODUCT_NAME && \ apt-get -yq install /tmp/$PACKAGE_FILE && \
service postgresql stop && \ service postgresql stop && \
chmod 755 /etc/init.d/supervisor && \
sed "s/COMPANY_NAME/${COMPANY_NAME}/g" -i /etc/supervisor/conf.d/*.conf && \
service supervisor stop && \ service supervisor stop && \
chmod 755 /app/onlyoffice/*.sh && \ chmod 755 /app/ds/*.sh && \
rm -rf /var/log/onlyoffice && \ rm -f /tmp/$PACKAGE_FILE && \
rm -rf /var/log/$COMPANY_NAME && \
rm -rf /var/lib/apt/lists/* rm -rf /var/lib/apt/lists/*
VOLUME /etc/onlyoffice /var/log/onlyoffice /var/lib/onlyoffice /var/www/onlyoffice/Data /var/lib/postgresql /usr/share/fonts/truetype/custom VOLUME /var/log/$COMPANY_NAME /var/lib/$COMPANY_NAME /var/www/$COMPANY_NAME/Data /var/lib/postgresql /var/lib/rabbitmq /var/lib/redis /usr/share/fonts/truetype/custom
CMD bash -C '/app/onlyoffice/run-document-server.sh';'bash' ENTRYPOINT ["/app/ds/run-document-server.sh"]

@ -1,46 +1,66 @@
COMPANY_NAME ?= onlyoffice COMPANY_NAME ?= ONLYOFFICE
GIT_BRANCH ?= origin/develop GIT_BRANCH ?= develop
PRODUCT_NAME ?= documentserver-ie PRODUCT_NAME ?= documentserver
PRODUCT_EDITION ?=
PRODUCT_VERSION ?= 0.0.0 PRODUCT_VERSION ?= 0.0.0
BUILD_NUMBER ?= 0 BUILD_NUMBER ?= 0
BUILD_CHANNEL ?= nightly
ONLYOFFICE_VALUE ?= onlyoffice
PACKAGE_VERSION := $(PRODUCT_VERSION)-$(BUILD_NUMBER) COMPANY_NAME_LOW = $(shell echo $(COMPANY_NAME) | tr A-Z a-z)
REPO_URL := "deb http://repo-doc-onlyoffice-com.s3.amazonaws.com/ubuntu/trusty/$(COMPANY_NAME)-$(PRODUCT_NAME)/$(GIT_BRANCH)/$(PACKAGE_VERSION)/ repo/" PACKAGE_NAME := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME)$(PRODUCT_EDITION)
PACKAGE_VERSION ?= $(PRODUCT_VERSION)-$(BUILD_NUMBER)~stretch
PACKAGE_BASEURL ?= https://s3.eu-west-1.amazonaws.com/repo-doc-onlyoffice-com/server/linux/debian
UPDATE_LATEST := false ifeq ($(BUILD_CHANNEL),$(filter $(BUILD_CHANNEL),nightly test))
DOCKER_TAG := $(PRODUCT_VERSION).$(BUILD_NUMBER)
ifneq (,$(findstring develop,$(GIT_BRANCH)))
DOCKER_TAGS += $(subst -,.,$(PACKAGE_VERSION))
DOCKER_TAGS += latest
else ifneq (,$(findstring release,$(GIT_BRANCH)))
DOCKER_TAGS += $(subst -,.,$(PACKAGE_VERSION))
else ifneq (,$(findstring hotfix,$(GIT_BRANCH)))
DOCKER_TAGS += $(subst -,.,$(PACKAGE_VERSION))
else else
DOCKER_TAGS += $(subst -,.,$(PACKAGE_VERSION))-$(subst /,-,$(GIT_BRANCH)) DOCKER_TAG := $(PRODUCT_VERSION).$(BUILD_NUMBER)-$(subst /,-,$(GIT_BRANCH))
endif endif
DOCKER_REPO = $(COMPANY_NAME)/4testing-$(PRODUCT_NAME) DOCKER_ORG ?= $(COMPANY_NAME_LOW)
DOCKER_IMAGE := $(DOCKER_ORG)/4testing-$(PRODUCT_NAME)$(PRODUCT_EDITION)
DOCKER_DUMMY := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME)$(PRODUCT_EDITION)__$(DOCKER_TAG).dummy
DOCKER_ARCH := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME)_$(DOCKER_TAG).tar.gz
COLON := __colon__ .PHONY: all clean clean-docker image deploy docker
DOCKER_TARGETS := $(foreach TAG,$(DOCKER_TAGS),$(DOCKER_REPO)$(COLON)$(TAG))
.PHONY: all clean clean-docker deploy docker $(DOCKER_DUMMY):
docker pull ubuntu:22.04
$(DOCKER_TARGETS): $(DEB_REPO_DATA) docker build \
--build-arg COMPANY_NAME=$(COMPANY_NAME_LOW) \
sudo docker build --build-arg REPO_URL=$(REPO_URL) --build-arg PRODUCT_NAME=$(COMPANY_NAME)-$(PRODUCT_NAME) -t $(subst $(COLON),:,$@) . &&\ --build-arg PRODUCT_NAME=$(PRODUCT_NAME) \
mkdir -p $$(dirname $@) &&\ --build-arg PRODUCT_EDITION=$(PRODUCT_EDITION) \
--build-arg PACKAGE_VERSION=$(PACKAGE_VERSION) \
--build-arg PACKAGE_BASEURL=$(PACKAGE_BASEURL) \
--build-arg TARGETARCH=amd64 \
--build-arg ONLYOFFICE_VALUE=$(ONLYOFFICE_VALUE) \
-t $(DOCKER_IMAGE):$(DOCKER_TAG) . && \
mkdir -p $$(dirname $@) && \
echo "Done" > $@ echo "Done" > $@
all: $(DOCKER_TARGETS) $(DOCKER_ARCH): $(DOCKER_DUMMY)
docker save $(DOCKER_IMAGE):$(DOCKER_TAG) | \
gzip > $@
all: image
clean: clean:
rm -rfv $(DOCKER_TARGETS) rm -rfv *.dummy *.tar.gz
clean-docker: clean-docker:
sudo docker rmi -f $$(sudo docker images -q $(COMPANY_NAME)/*) || exit 0 docker rmi -f $$(docker images -q $(COMPANY_NAME_LOW)/*) || exit 0
deploy: $(DOCKER_TARGETS) image: $(DOCKER_DUMMY)
$(foreach TARGET,$(DOCKER_TARGETS),sudo docker push $(subst $(COLON),:,$(TARGET));)
deploy: $(DOCKER_DUMMY)
for i in {1..3}; do \
docker push $(DOCKER_IMAGE):$(DOCKER_TAG) && break || sleep 1m; \
done
ifeq ($(BUILD_CHANNEL),nightly)
docker tag $(DOCKER_IMAGE):$(DOCKER_TAG) $(DOCKER_IMAGE):latest
for i in {1..3}; do \
docker push $(DOCKER_IMAGE):latest && break || sleep 1m; \
done
endif

351
README.md

@ -1,3 +1,190 @@
[![Docker Pulls](https://img.shields.io/docker/pulls/jiriks74/onlyoffice-documentserver.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=pulls&logo=docker)](https://hub.docker.com/r/jiriks74/onlyoffice-documentserver)
[![Docker Stars](https://img.shields.io/docker/stars/jiriks74/onlyoffice-documentserver.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=stars&logo=docker)](https://hub.docker.com/r/jiriks74/onlyoffice-documentserver)
[![Docker Size](https://img.shields.io/docker/image-size/jiriks74/onlyoffice-documentserver/latest.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=Size&logo=docker)](https://hub.docker.com/r/jiriks74/onlyoffice-documentserver)
#### This repository is based on the official `Dockerfile` and `docker-compose.yml` files with all the needed files as well
# Table of contents
- [Usage](#usage)
- [Setting up secret key with nextcloud](#setting-up-secret-key-with-nextcloud)
- [Larger file limits](#setting-up-larger-file-limits)
- [Generating custom presentation themes](#generating-custom-presentation-themes)
- [Tags on DockerHub](#tags-used-on-dockerhub)
- [Building the image from source](#building-the-image-yourself-not-recommended---may-take-a-lot-of-time)
- [Updating the image yourself](#updating-the-image-yourself)
## Usage
#### docker-compose with prebuilt image (recommended)
- Docker will pull the correct architecture automatically
- Below in `Details` you'll find a `docker-compose.yml` templete.
To use it, make a directory where data from the container will be saved, create
`docker-compose.yml` file in it and put the template from below in it.
Then modify the template to your needs.
<details>
```yml
version: '2'
services:
onlyoffice-documentserver:
image: jiriks74/onlyoffice-documentserver:latest
container_name: onlyoffice-documentserver
depends_on:
- onlyoffice-postgresql
- onlyoffice-rabbitmq
environment:
- DB_TYPE=postgres
- DB_HOST=onlyoffice-postgresql
- DB_PORT=5432
- DB_NAME=onlyoffice
- DB_USER=onlyoffice
- AMQP_URI=amqp://guest:guest@onlyoffice-rabbitmq
# Uncomment strings below to enable the JSON Web Token validation.
#- JWT_ENABLED=true
#- JWT_SECRET=secret
#- JWT_HEADER=AuthorizationJwt
#- JWT_IN_BODY=true
# Uncomment the line below to set larger file limits (about 1GB)
#- LARGER_FILE_LIMITS=true
ports:
- '80:80'
- '443:443'
stdin_open: true
restart: always
stop_grace_period: 120s
volumes:
# Uncomment the line below to get access to the slide themes directory.
# To use the themes, copy them to the slideThemes directory and run `docker exec -it <container-name> /usr/bin/documentserver-generate-allfonts.sh`
#- ./slideThemes:/var/www/onlyoffice/documentserver/sdkjs/slide/themes/src
- /var/www/onlyoffice/Data
- /var/log/onlyoffice
- /var/lib/onlyoffice/documentserver/App_Data/cache/files
- /var/www/onlyoffice/documentserver-example/public/files
- /usr/share/fonts
onlyoffice-rabbitmq:
container_name: onlyoffice-rabbitmq
image: rabbitmq
restart: always
expose:
- '5672'
onlyoffice-postgresql:
container_name: onlyoffice-postgresql
image: postgres:9.5
environment:
- POSTGRES_DB=onlyoffice
- POSTGRES_USER=onlyoffice
- POSTGRES_HOST_AUTH_METHOD=trust
restart: always
expose:
- '5432'
volumes:
- postgresql_data:/var/lib/postgresql
volumes:
postgresql_data:
```
</details>
### Setting up `Secret key` with Nextcloud
1. Uncomment four lines starting with `JWT` in `docker-compose`
2. Set your secret on line `JWT_SECRET=yourSecret`
3. Open Nexcloud's `config.php` (by default `/var/www/nextcloud/config/config.php`)
4. Add this to the 2nd last line (before the line with `);`) and paste in your secret (3rd last line)
```php
'onlyoffice' =>
array (
"jwt_secret" => "yourSecret",
"jwt_header" => "AuthorizationJwt"
)
```
5. Go to your Nextcloud settings, navigate to Onlyoffice settings
6. Add your server Address and Secret key
7. Save
### Setting up larger file limits
- Uncomment the `- LARGER_FILE_LIMITS=true` line in `docker-compose.yml`
### Generating custom presentation themes
1. Uncomment the
`- ./slideThemes:/var/www/onlyoffice/documentserver/sdkjs/slide/themes/src`
line in `docker-compose.yml`
2. Put your themes into the `slideThemes` directory
3. Run `docker exec -it <container-name> /usr/bin/documentserver-generate-allfonts.sh`
- (This will take some time. I have totally 35 themes and it took about 30 minutes to generate them on a Raspberry Pi 4 4GB on an external HDD - SSD may be faster)
4. If you want to add more themes later, repeat step 2 and 3.
## Tags used on DockerHub
- `latest` - the latest version of the Documentserver
- Version tags (eg. `7.0.1-37`) - these tags are equal to the Documentserver
version of the `onlyoffice-documentserver` debian package used in the image
## Building the image yourself (not recommended - may take a lot of time)
#### 1. Clone the repository (for example to your home directory `cd /home/$USER/`)
`git clone https://github.com/jiriks74/Docker-DocumentServer.git && cd Docker-DocumentServer`
#### 2. Build the docker image
##### Building only for the architecture you are building the image on (when building on Raspberry Pi result will be `arm64`, when on pc result will be `amd64`)
`docker-compose build`
##### Building for all supported architectures (you have to have your environment setup for emulation of arm64 with `qemu` and build it on `amd64`) - you have to push to DockerHub
`docker buildx build --push --platform linux/arm64,linux/amd64,linux/386 .`
#### 3. Create and start the container
`docker-compose up -d`
- This will start the server. It is set to be automatically started/restarted so as long you have docker running on startup this will start automatically
### Updating the image yourself
#### 1. Stop and delete the old container
`docker-compose down`
#### 2. (optional) Clear the docker cache
#### - ! This will remove all unused cache images ! (good for saving space, bad if you develop with and need cache, but you understand it at that point)
`docker rmi $(docker images -f "dangling=true" -q)`
#### 4. Rebuild the image without cache
##### Building only for the architecture you are building the image on (when building on Raspberry Pi result will be `arm64`, when on pc result will be `amd64`)
`docker-compose build`
##### Building for all supported architectures (you have to have your environment setup for emulation of arm64 with `qemu`) - you'll have to push to DockerHub, multiplatform images cannot be saved locally (for whatever reason)
`docker buildx build --push --platform linux/arm64,linux/amd64,linux/386 .`
#### 3. Create and start the new container
`docker-compose up -d`
---
## The rest of this file is the official [`README.md` from OnlyOffice-Documentserver repository](https://github.com/ONLYOFFICE/Docker-DocumentServer). I will not change anything in it, it may not work, but considering the changes I made, it should be fully compatible (beware that you must change the `docker-compose.yml` from building the image locally to using this repository). If you want to change something, make a issue on my repository and we'll figure it out.
<details>
* [Overview](#overview) * [Overview](#overview)
* [Functionality](#functionality) * [Functionality](#functionality)
* [Recommended System Requirements](#recommended-system-requirements) * [Recommended System Requirements](#recommended-system-requirements)
@ -11,8 +198,10 @@
+ [Installation of the SSL Certificates](#installation-of-the-ssl-certificates) + [Installation of the SSL Certificates](#installation-of-the-ssl-certificates)
+ [Available Configuration Parameters](#available-configuration-parameters) + [Available Configuration Parameters](#available-configuration-parameters)
* [Installing ONLYOFFICE Document Server integrated with Community and Mail Servers](#installing-onlyoffice-document-server-integrated-with-community-and-mail-servers) * [Installing ONLYOFFICE Document Server integrated with Community and Mail Servers](#installing-onlyoffice-document-server-integrated-with-community-and-mail-servers)
* [ONLYOFFICE Document Server ipv6 setup](#onlyoffice-document-server-ipv6-setup)
* [Issues](#issues) * [Issues](#issues)
- [Docker Issues](#docker-issues) - [Docker Issues](#docker-issues)
- [Document Server usage Issues](#document-server-usage-issues)
* [Project Information](#project-information) * [Project Information](#project-information)
* [User Feedback and Support](#user-feedback-and-support) * [User Feedback and Support](#user-feedback-and-support)
@ -20,6 +209,12 @@
ONLYOFFICE Document Server is an online office suite comprising viewers and editors for texts, spreadsheets and presentations, fully compatible with Office Open XML formats: .docx, .xlsx, .pptx and enabling collaborative editing in real time. ONLYOFFICE Document Server is an online office suite comprising viewers and editors for texts, spreadsheets and presentations, fully compatible with Office Open XML formats: .docx, .xlsx, .pptx and enabling collaborative editing in real time.
Starting from version 6.0, Document Server is distributed as ONLYOFFICE Docs. It has [three editions](https://github.com/ONLYOFFICE/DocumentServer#onlyoffice-document-server-editions). With this image, you will install the free Community version.
ONLYOFFICE Docs can be used as a part of ONLYOFFICE Workspace or with third-party sync&share solutions (e.g. Nextcloud, ownCloud, Seafile) to enable collaborative editing within their interface.
***Important*** Please update `docker-engine` to latest version (`20.10.21` as of writing this doc) before using it. We use `ubuntu:22.04` as base image and it older versions of docker have compatibility problems with it
## Functionality ## ## Functionality ##
* ONLYOFFICE Document Editor * ONLYOFFICE Document Editor
* ONLYOFFICE Spreadsheet Editor * ONLYOFFICE Spreadsheet Editor
@ -66,6 +261,8 @@ To get access to your data from outside the container, you need to mount the vol
-v /app/onlyoffice/DocumentServer/logs:/var/log/onlyoffice \ -v /app/onlyoffice/DocumentServer/logs:/var/log/onlyoffice \
-v /app/onlyoffice/DocumentServer/data:/var/www/onlyoffice/Data \ -v /app/onlyoffice/DocumentServer/data:/var/www/onlyoffice/Data \
-v /app/onlyoffice/DocumentServer/lib:/var/lib/onlyoffice \ -v /app/onlyoffice/DocumentServer/lib:/var/lib/onlyoffice \
-v /app/onlyoffice/DocumentServer/rabbitmq:/var/lib/rabbitmq \
-v /app/onlyoffice/DocumentServer/redis:/var/lib/redis \
-v /app/onlyoffice/DocumentServer/db:/var/lib/postgresql onlyoffice/documentserver -v /app/onlyoffice/DocumentServer/db:/var/lib/postgresql onlyoffice/documentserver
Normally, you do not need to store container data because the container's operation does not depend on its state. Saving data will be useful: Normally, you do not need to store container data because the container's operation does not depend on its state. Saving data will be useful:
@ -93,10 +290,17 @@ To secure the application via SSL basically two things are needed:
So you need to create and install the following files: So you need to create and install the following files:
/app/onlyoffice/DocumentServer/data/certs/onlyoffice.key /app/onlyoffice/DocumentServer/data/certs/tls.key
/app/onlyoffice/DocumentServer/data/certs/onlyoffice.crt /app/onlyoffice/DocumentServer/data/certs/tls.crt
When using CA certified certificates, these files are provided to you by the CA. When using self-signed certificates you need to generate these files yourself. Skip the following section if you are have CA certified SSL certificates. When using CA certified certificates (e.g [Let's encrypt](https://letsencrypt.org)), these files are provided to you by the CA. If you are using self-signed certificates you need to generate these files [yourself](#generation-of-self-signed-certificates).
#### Using the automatically generated Let's Encrypt SSL Certificates
sudo docker run -i -t -d -p 80:80 -p 443:443 \
-e LETS_ENCRYPT_DOMAIN=your_domain -e LETS_ENCRYPT_MAIL=your_mail onlyoffice/documentserver
If you want to get and extend Let's Encrypt SSL Certificates automatically just set LETS_ENCRYPT_DOMAIN and LETS_ENCRYPT_MAIL variables.
#### Generation of Self Signed Certificates #### Generation of Self Signed Certificates
@ -105,19 +309,19 @@ Generation of self-signed SSL certificates involves a simple 3 step procedure.
**STEP 1**: Create the server private key **STEP 1**: Create the server private key
```bash ```bash
openssl genrsa -out onlyoffice.key 2048 openssl genrsa -out tls.key 2048
``` ```
**STEP 2**: Create the certificate signing request (CSR) **STEP 2**: Create the certificate signing request (CSR)
```bash ```bash
openssl req -new -key onlyoffice.key -out onlyoffice.csr openssl req -new -key tls.key -out tls.csr
``` ```
**STEP 3**: Sign the certificate using the private key and CSR **STEP 3**: Sign the certificate using the private key and CSR
```bash ```bash
openssl x509 -req -days 365 -in onlyoffice.csr -signkey onlyoffice.key -out onlyoffice.crt openssl x509 -req -days 365 -in tls.csr -signkey tls.key -out tls.crt
``` ```
You have now generated an SSL certificate that's valid for 365 days. You have now generated an SSL certificate that's valid for 365 days.
@ -133,18 +337,18 @@ openssl dhparam -out dhparam.pem 2048
#### Installation of the SSL Certificates #### Installation of the SSL Certificates
Out of the four files generated above, you need to install the `onlyoffice.key`, `onlyoffice.crt` and `dhparam.pem` files at the onlyoffice server. The CSR file is not needed, but do make sure you safely backup the file (in case you ever need it again). Out of the four files generated above, you need to install the `tls.key`, `tls.crt` and `dhparam.pem` files at the onlyoffice server. The CSR file is not needed, but do make sure you safely backup the file (in case you ever need it again).
The default path that the onlyoffice application is configured to look for the SSL certificates is at `/var/www/onlyoffice/Data/certs`, this can however be changed using the `SSL_KEY_PATH`, `SSL_CERTIFICATE_PATH` and `SSL_DHPARAM_PATH` configuration options. The default path that the onlyoffice application is configured to look for the SSL certificates is at `/var/www/onlyoffice/Data/certs`, this can however be changed using the `SSL_KEY_PATH`, `SSL_CERTIFICATE_PATH` and `SSL_DHPARAM_PATH` configuration options.
The `/var/www/onlyoffice/Data/` path is the path of the data store, which means that you have to create a folder named certs inside `/app/onlyoffice/DocumentServer/data/` and copy the files into it and as a measure of security you will update the permission on the `onlyoffice.key` file to only be readable by the owner. The `/var/www/onlyoffice/Data/` path is the path of the data store, which means that you have to create a folder named certs inside `/app/onlyoffice/DocumentServer/data/` and copy the files into it and as a measure of security you will update the permission on the `tls.key` file to only be readable by the owner.
```bash ```bash
mkdir -p /app/onlyoffice/DocumentServer/data/certs mkdir -p /app/onlyoffice/DocumentServer/data/certs
cp onlyoffice.key /app/onlyoffice/DocumentServer/data/certs/ cp tls.key /app/onlyoffice/DocumentServer/data/certs/
cp onlyoffice.crt /app/onlyoffice/DocumentServer/data/certs/ cp tls.crt /app/onlyoffice/DocumentServer/data/certs/
cp dhparam.pem /app/onlyoffice/DocumentServer/data/certs/ cp dhparam.pem /app/onlyoffice/DocumentServer/data/certs/
chmod 400 /app/onlyoffice/DocumentServer/data/certs/onlyoffice.key chmod 400 /app/onlyoffice/DocumentServer/data/certs/tls.key
``` ```
You are now just one step away from having our application secured. You are now just one step away from having our application secured.
@ -157,23 +361,39 @@ Below is the complete list of parameters that can be set using environment varia
- **ONLYOFFICE_HTTPS_HSTS_ENABLED**: Advanced configuration option for turning off the HSTS configuration. Applicable only when SSL is in use. Defaults to `true`. - **ONLYOFFICE_HTTPS_HSTS_ENABLED**: Advanced configuration option for turning off the HSTS configuration. Applicable only when SSL is in use. Defaults to `true`.
- **ONLYOFFICE_HTTPS_HSTS_MAXAGE**: Advanced configuration option for setting the HSTS max-age in the onlyoffice nginx vHost configuration. Applicable only when SSL is in use. Defaults to `31536000`. - **ONLYOFFICE_HTTPS_HSTS_MAXAGE**: Advanced configuration option for setting the HSTS max-age in the onlyoffice nginx vHost configuration. Applicable only when SSL is in use. Defaults to `31536000`.
- **SSL_CERTIFICATE_PATH**: The path to the SSL certificate to use. Defaults to `/var/www/onlyoffice/Data/certs/onlyoffice.crt`. - **SSL_CERTIFICATE_PATH**: The path to the SSL certificate to use. Defaults to `/var/www/onlyoffice/Data/certs/tls.crt`.
- **SSL_KEY_PATH**: The path to the SSL certificate's private key. Defaults to `/var/www/onlyoffice/Data/certs/onlyoffice.key`. - **SSL_KEY_PATH**: The path to the SSL certificate's private key. Defaults to `/var/www/onlyoffice/Data/certs/tls.key`.
- **SSL_DHPARAM_PATH**: The path to the Diffie-Hellman parameter. Defaults to `/var/www/onlyoffice/Data/certs/dhparam.pem`. - **SSL_DHPARAM_PATH**: The path to the Diffie-Hellman parameter. Defaults to `/var/www/onlyoffice/Data/certs/dhparam.pem`.
- **SSL_VERIFY_CLIENT**: Enable verification of client certificates using the `CA_CERTIFICATES_PATH` file. Defaults to `false` - **SSL_VERIFY_CLIENT**: Enable verification of client certificates using the `CA_CERTIFICATES_PATH` file. Defaults to `false`
- **POSTGRESQL_SERVER_HOST**: The IP address or the name of the host where the PostgreSQL server is running. - **DB_TYPE**: The database type. Supported values are `postgres`, `mariadb` or `mysql`. Defaults to `postgres`.
- **POSTGRESQL_SERVER_PORT**: The PostgreSQL server port number. - **DB_HOST**: The IP address or the name of the host where the database server is running.
- **POSTGRESQL_SERVER_DB_NAME**: The name of a PostgreSQL database to be created on the image startup. - **DB_PORT**: The database server port number.
- **POSTGRESQL_SERVER_USER**: The new user name with superuser permissions for the PostgreSQL account. - **DB_NAME**: The name of a database to use. Should be existing on container startup.
- **POSTGRESQL_SERVER_PASS**: The password set for the PostgreSQL account. - **DB_USER**: The new user name with superuser permissions for the database account.
- **RABBITMQ_SERVER_URL**: The [AMQP URL](http://www.rabbitmq.com/uri-spec.html "RabbitMQ URI Specification") to connect to RabbitMQ server. - **DB_PWD**: The password set for the database account.
- **AMQP_URI**: The [AMQP URI](https://www.rabbitmq.com/uri-spec.html "RabbitMQ URI Specification") to connect to message broker server.
- **AMQP_TYPE**: The message broker type. Supported values are `rabbitmq` or `activemq`. Defaults to `rabbitmq`.
- **REDIS_SERVER_HOST**: The IP address or the name of the host where the Redis server is running. - **REDIS_SERVER_HOST**: The IP address or the name of the host where the Redis server is running.
- **REDIS_SERVER_PORT**: The Redis server port number. - **REDIS_SERVER_PORT**: The Redis server port number.
- **REDIS_SERVER_PASS**: The Redis server password. The password is not set by default.
- **NGINX_WORKER_PROCESSES**: Defines the number of nginx worker processes. - **NGINX_WORKER_PROCESSES**: Defines the number of nginx worker processes.
- **NGINX_WORKER_CONNECTIONS**: Sets the maximum number of simultaneous connections that can be opened by a nginx worker process. - **NGINX_WORKER_CONNECTIONS**: Sets the maximum number of simultaneous connections that can be opened by a nginx worker process.
- **JWT_ENABLED**: Specifies the enabling the JSON Web Token validation by the ONLYOFFICE Document Server. Defaults to `false`. - **SECURE_LINK_SECRET**: Defines secret for the nginx config directive [secure_link_md5](https://nginx.org/en/docs/http/ngx_http_secure_link_module.html#secure_link_md5). Defaults to `random string`.
- **JWT_SECRET**: Defines the secret key to validate the JSON Web Token in the request to the ONLYOFFICE Document Server. Defaults to `secret`. - **JWT_ENABLED**: Specifies the enabling the JSON Web Token validation by the ONLYOFFICE Document Server. Defaults to `true`.
- **JWT_SECRET**: Defines the secret key to validate the JSON Web Token in the request to the ONLYOFFICE Document Server. Defaults to random value.
- **JWT_HEADER**: Defines the http header that will be used to send the JSON Web Token. Defaults to `Authorization`. - **JWT_HEADER**: Defines the http header that will be used to send the JSON Web Token. Defaults to `Authorization`.
- **JWT_IN_BODY**: Specifies the enabling the token validation in the request body to the ONLYOFFICE Document Server. Defaults to `false`.
- **WOPI_ENABLED**: Specifies the enabling the wopi handlers. Defaults to `false`.
- **ALLOW_META_IP_ADDRESS**: Defines if it is allowed to connect meta IP address or not. Defaults to `false`.
- **ALLOW_PRIVATE_IP_ADDRESS**: Defines if it is allowed to connect private IP address or not. Defaults to `false`.
- **USE_UNAUTHORIZED_STORAGE**: Set to `true`if using selfsigned certificates for your storage server e.g. Nextcloud. Defaults to `false`
- **GENERATE_FONTS**: When 'true' regenerates fonts list and the fonts thumbnails etc. at each start. Defaults to `true`
- **METRICS_ENABLED**: Specifies the enabling StatsD for ONLYOFFICE Document Server. Defaults to `false`.
- **METRICS_HOST**: Defines StatsD listening host. Defaults to `localhost`.
- **METRICS_PORT**: Defines StatsD listening port. Defaults to `8125`.
- **METRICS_PREFIX**: Defines StatsD metrics prefix for backend services. Defaults to `ds.`.
- **LETS_ENCRYPT_DOMAIN**: Defines the domain for Let's Encrypt certificate.
- **LETS_ENCRYPT_MAIL**: Defines the domain administator mail address for Let's Encrypt certificate.
## Installing ONLYOFFICE Document Server integrated with Community and Mail Servers ## Installing ONLYOFFICE Document Server integrated with Community and Mail Servers
@ -190,18 +410,28 @@ Then launch containers on it using the 'docker run --net onlyoffice' option:
Follow [these steps](#installing-mysql) to install MySQL server. Follow [these steps](#installing-mysql) to install MySQL server.
**STEP 3**: Install ONLYOFFICE Document Server. **STEP 3**: Generate JWT Secret
JWT secret defines the secret key to validate the JSON Web Token in the request to the **ONLYOFFICE Document Server**. You can specify it yourself or easily get it using the command:
```
JWT_SECRET=$(cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 12);
```
**STEP 4**: Install ONLYOFFICE Document Server.
```bash ```bash
sudo docker run --net onlyoffice -i -t -d --restart=always --name onlyoffice-document-server \ sudo docker run --net onlyoffice -i -t -d --restart=always --name onlyoffice-document-server \
-v /app/onlyoffice/DocumentServer/logs:/var/log/onlyoffice \ -e JWT_ENABLED=true \
-v /app/onlyoffice/DocumentServer/data:/var/www/onlyoffice/Data \ -e JWT_SECRET=${JWT_SECRET} \
-v /app/onlyoffice/DocumentServer/lib:/var/lib/onlyoffice \ -e JWT_HEADER=AuthorizationJwt \
-v /app/onlyoffice/DocumentServer/db:/var/lib/postgresql \ -v /app/onlyoffice/DocumentServer/logs:/var/log/onlyoffice \
onlyoffice/documentserver -v /app/onlyoffice/DocumentServer/data:/var/www/onlyoffice/Data \
-v /app/onlyoffice/DocumentServer/lib:/var/lib/onlyoffice \
-v /app/onlyoffice/DocumentServer/db:/var/lib/postgresql \
onlyoffice/documentserver
``` ```
**STEP 4**: Install ONLYOFFICE Mail Server. **STEP 5**: Install ONLYOFFICE Mail Server.
For the mail server correct work you need to specify its hostname 'yourdomain.com'. For the mail server correct work you need to specify its hostname 'yourdomain.com'.
@ -219,14 +449,14 @@ sudo docker run --init --net onlyoffice --privileged -i -t -d --restart=always -
onlyoffice/mailserver onlyoffice/mailserver
``` ```
The additional parameters for mail server are available [here](https://github.com/ONLYOFFICE/Docker-CommunityServer/blob/master/docker-compose.yml#L75). The additional parameters for mail server are available [here](https://github.com/ONLYOFFICE/Docker-CommunityServer/blob/master/docker-compose.workspace_enterprise.yml#L87).
To learn more, refer to the [ONLYOFFICE Mail Server documentation](https://github.com/ONLYOFFICE/Docker-MailServer "ONLYOFFICE Mail Server documentation"). To learn more, refer to the [ONLYOFFICE Mail Server documentation](https://github.com/ONLYOFFICE/Docker-MailServer "ONLYOFFICE Mail Server documentation").
**STEP 5**: Install ONLYOFFICE Community Server **STEP 6**: Install ONLYOFFICE Community Server
```bash ```bash
sudo docker run --net onlyoffice -i -t -d --restart=always --name onlyoffice-community-server -p 80:80 -p 443:443 -p 5222:5222 \ sudo docker run --net onlyoffice -i -t -d --privileged --restart=always --name onlyoffice-community-server -p 80:80 -p 443:443 -p 5222:5222 --cgroupns=host \
-e MYSQL_SERVER_ROOT_PASSWORD=my-secret-pw \ -e MYSQL_SERVER_ROOT_PASSWORD=my-secret-pw \
-e MYSQL_SERVER_DB_NAME=onlyoffice \ -e MYSQL_SERVER_DB_NAME=onlyoffice \
-e MYSQL_SERVER_HOST=onlyoffice-mysql-server \ -e MYSQL_SERVER_HOST=onlyoffice-mysql-server \
@ -234,6 +464,9 @@ sudo docker run --net onlyoffice -i -t -d --restart=always --name onlyoffice-com
-e MYSQL_SERVER_PASS=onlyoffice_pass \ -e MYSQL_SERVER_PASS=onlyoffice_pass \
-e DOCUMENT_SERVER_PORT_80_TCP_ADDR=onlyoffice-document-server \ -e DOCUMENT_SERVER_PORT_80_TCP_ADDR=onlyoffice-document-server \
-e DOCUMENT_SERVER_JWT_ENABLED=true \
-e DOCUMENT_SERVER_JWT_SECRET=${JWT_SECRET} \
-e DOCUMENT_SERVER_JWT_HEADER=AuthorizationJwt \
-e MAIL_SERVER_API_HOST=${MAIL_SERVER_IP} \ -e MAIL_SERVER_API_HOST=${MAIL_SERVER_IP} \
-e MAIL_SERVER_DB_HOST=onlyoffice-mysql-server \ -e MAIL_SERVER_DB_HOST=onlyoffice-mysql-server \
@ -244,12 +477,14 @@ sudo docker run --net onlyoffice -i -t -d --restart=always --name onlyoffice-com
-v /app/onlyoffice/CommunityServer/data:/var/www/onlyoffice/Data \ -v /app/onlyoffice/CommunityServer/data:/var/www/onlyoffice/Data \
-v /app/onlyoffice/CommunityServer/logs:/var/log/onlyoffice \ -v /app/onlyoffice/CommunityServer/logs:/var/log/onlyoffice \
-v /app/onlyoffice/CommunityServer/letsencrypt:/etc/letsencrypt \
-v /sys/fs/cgroup:/sys/fs/cgroup:rw \
onlyoffice/communityserver onlyoffice/communityserver
``` ```
Where `${MAIL_SERVER_IP}` is the IP address for **ONLYOFFICE Mail Server**. You can easily get it using the command: Where `${MAIL_SERVER_IP}` is the IP address for **ONLYOFFICE Mail Server**. You can easily get it using the command:
``` ```
docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' onlyoffice-mail-server MAIL_SERVER_IP=$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' onlyoffice-mail-server)
``` ```
Alternatively, you can use an automatic installation script to install the whole ONLYOFFICE Community Edition at once. For the mail server correct work you need to specify its hostname 'yourdomain.com'. Alternatively, you can use an automatic installation script to install the whole ONLYOFFICE Community Edition at once. For the mail server correct work you need to specify its hostname 'yourdomain.com'.
@ -257,7 +492,7 @@ Alternatively, you can use an automatic installation script to install the whole
**STEP 1**: Download the Community Edition Docker script file **STEP 1**: Download the Community Edition Docker script file
```bash ```bash
wget http://download.onlyoffice.com/install/opensource-install.sh wget https://download.onlyoffice.com/install/opensource-install.sh
``` ```
**STEP 2**: Install ONLYOFFICE Community Edition executing the following command: **STEP 2**: Install ONLYOFFICE Community Edition executing the following command:
@ -269,10 +504,34 @@ bash opensource-install.sh -md yourdomain.com
Or, use [docker-compose](https://docs.docker.com/compose/install "docker-compose"). For the mail server correct work you need to specify its hostname 'yourdomain.com'. Assuming you have docker-compose installed, execute the following command: Or, use [docker-compose](https://docs.docker.com/compose/install "docker-compose"). For the mail server correct work you need to specify its hostname 'yourdomain.com'. Assuming you have docker-compose installed, execute the following command:
```bash ```bash
wget https://raw.githubusercontent.com/ONLYOFFICE/Docker-CommunityServer/master/docker-compose.yml wget https://raw.githubusercontent.com/ONLYOFFICE/Docker-CommunityServer/master/docker-compose.groups.yml
docker-compose up -d docker-compose up -d
``` ```
## ONLYOFFICE Document Server ipv6 setup
(Works and is supported only for Linux hosts)
Docker does not currently provide ipv6 addresses to containers by default. This function is experimental now.
To set up interaction via ipv6, you need to enable support for this feature in your Docker. For this you need:
- create the `/etc/docker/daemon.json` file with the following content:
```
{
"ipv6": true,
"fixed-cidr-v6": "2001:db8:abc1::/64"
}
```
- restart docker with the following command: `systemctl restart docker`
After that, all running containers receive an ipv6 address and have an inet6 interface.
You can check your default bridge network and see the field there
`EnableIPv6=true`. A new ipv6 subnet will also be added.
For more information, visit the official [Docker manual site](https://docs.docker.com/config/daemon/ipv6/)
## Issues ## Issues
### Docker Issues ### Docker Issues
@ -281,9 +540,19 @@ As a relatively new project Docker is being worked on and actively developed by
The known Docker issue with ONLYOFFICE Document Server with rpm-based distributives is that sometimes the processes fail to start inside Docker container. Fedora and RHEL/CentOS users should try disabling selinux with setenforce 0. If it fixes the issue then you can either stick with SELinux disabled which is not recommended by RedHat, or switch to using Ubuntu. The known Docker issue with ONLYOFFICE Document Server with rpm-based distributives is that sometimes the processes fail to start inside Docker container. Fedora and RHEL/CentOS users should try disabling selinux with setenforce 0. If it fixes the issue then you can either stick with SELinux disabled which is not recommended by RedHat, or switch to using Ubuntu.
### Document Server usage issues
Due to the operational characteristic, **Document Server** saves a document only after the document has been closed by all the users who edited it. To avoid data loss, you must forcefully disconnect the **Document Server** users when you need to stop **Document Server** in cases of the application update, server reboot etc. To do that, execute the following script on the server where **Document Server** is installed:
```
sudo docker exec <CONTAINER> documentserver-prepare4shutdown.sh
```
Please note, that both executing the script and disconnecting users may take a long time (up to 5 minutes).
## Project Information ## Project Information
Official website: [http://www.onlyoffice.org](http://onlyoffice.org "http://www.onlyoffice.org") Official website: [https://www.onlyoffice.com](https://www.onlyoffice.com/?utm_source=github&utm_medium=cpc&utm_campaign=GitHubDockerDS)
Code repository: [https://github.com/ONLYOFFICE/DocumentServer](https://github.com/ONLYOFFICE/DocumentServer "https://github.com/ONLYOFFICE/DocumentServer") Code repository: [https://github.com/ONLYOFFICE/DocumentServer](https://github.com/ONLYOFFICE/DocumentServer "https://github.com/ONLYOFFICE/DocumentServer")
@ -291,11 +560,15 @@ Docker Image: [https://github.com/ONLYOFFICE/Docker-DocumentServer](https://gith
License: [GNU AGPL v3.0](https://help.onlyoffice.com/products/files/doceditor.aspx?fileid=4358397&doc=K0ZUdlVuQzQ0RFhhMzhZRVN4ZFIvaHlhUjN2eS9XMXpKR1M5WEppUk1Gcz0_IjQzNTgzOTci0 "GNU AGPL v3.0") License: [GNU AGPL v3.0](https://help.onlyoffice.com/products/files/doceditor.aspx?fileid=4358397&doc=K0ZUdlVuQzQ0RFhhMzhZRVN4ZFIvaHlhUjN2eS9XMXpKR1M5WEppUk1Gcz0_IjQzNTgzOTci0 "GNU AGPL v3.0")
SaaS version: [http://www.onlyoffice.com](http://www.onlyoffice.com "http://www.onlyoffice.com") Free version vs commercial builds comparison: https://github.com/ONLYOFFICE/DocumentServer#onlyoffice-document-server-editions
SaaS version: [https://www.onlyoffice.com/cloud-office.aspx](https://www.onlyoffice.com/cloud-office.aspx?utm_source=github&utm_medium=cpc&utm_campaign=GitHubDockerDS)
## User Feedback and Support ## User Feedback and Support
If you have any problems with or questions about this image, please visit our official forum to find answers to your questions: [dev.onlyoffice.org][1] or you can ask and answer ONLYOFFICE development questions on [Stack Overflow][2]. If you have any problems with or questions about this image, please visit our official forum to find answers to your questions: [forum.onlyoffice.com][1] or you can ask and answer ONLYOFFICE development questions on [Stack Overflow][2].
[1]: http://dev.onlyoffice.org [1]: https://forum.onlyoffice.com
[2]: http://stackoverflow.com/questions/tagged/onlyoffice [2]: https://stackoverflow.com/questions/tagged/onlyoffice
</details>

@ -0,0 +1,18 @@
import requests
import os
response = requests.get("https://api.github.com/repos/ONLYOFFICE/DocumentServer/releases/latest")
print('docker buildx build --push --platform linux/arm64,linux/amd64 --tag jiriks74/onlyoffice-documentserver:latest .')
os.system(f'docker buildx build --push --platform linux/arm64,linux/amd64 --tag jiriks74/onlyoffice-documentserver:latest .')
print("///////////////////////////////////////////////////////////////////////////")
print('Build and push ":latest" .........................................finished')
print("///////////////////////////////////////////////////////////////////////////")
print()
print(f'docker buildx build --push --platform linux/arm64,linux/amd64 --tag jiriks74/onlyoffice-documentserver:{response.json()["name"].replace("ONLYOFFICE-DocumentServer-", "")} .')
os.system(f'docker buildx build --push --platform linux/arm64,linux/amd64 --tag jiriks74/onlyoffice-documentserver:{response.json()["name"].replace("ONLYOFFICE-DocumentServer-", "")} .')
print("///////////////////////////////////////////////////////////////////////////")
print(f'Build and push ":{response.json()["name"].replace("ONLYOFFICE-DocumentServer-", "")}".........................................finished')
print("///////////////////////////////////////////////////////////////////////////")

@ -0,0 +1,13 @@
[program:converter]
command=/var/www/COMPANY_NAME/documentserver/server/FileConverter/converter
directory=/var/www/COMPANY_NAME/documentserver/server/FileConverter
user=ds
environment=NODE_ENV=production-linux,NODE_CONFIG_DIR=/etc/COMPANY_NAME/documentserver,NODE_DISABLE_COLORS=1,APPLICATION_NAME=COMPANY_NAME
stdout_logfile=/var/log/COMPANY_NAME/documentserver/converter/out.log
stdout_logfile_backups=0
stdout_logfile_maxbytes=0
stderr_logfile=/var/log/COMPANY_NAME/documentserver/converter/err.log
stderr_logfile_backups=0
stderr_logfile_maxbytes=0
autostart=true
autorestart=true

@ -0,0 +1,13 @@
[program:docservice]
command=/var/www/COMPANY_NAME/documentserver/server/DocService/docservice
directory=/var/www/COMPANY_NAME/documentserver/server/DocService
user=ds
environment=NODE_ENV=production-linux,NODE_CONFIG_DIR=/etc/COMPANY_NAME/documentserver,NODE_DISABLE_COLORS=1
stdout_logfile=/var/log/COMPANY_NAME/documentserver/docservice/out.log
stdout_logfile_backups=0
stdout_logfile_maxbytes=0
stderr_logfile=/var/log/COMPANY_NAME/documentserver/docservice/err.log
stderr_logfile_backups=0
stderr_logfile_maxbytes=0
autostart=true
autorestart=true

@ -0,0 +1,14 @@
[program:example]
command=/var/www/COMPANY_NAME/documentserver-example/example
directory=/var/www/COMPANY_NAME/documentserver-example/
user=ds
environment=NODE_ENV=production-linux,NODE_CONFIG_DIR=/etc/COMPANY_NAME/documentserver-example,NODE_DISABLE_COLORS=1
stdout_logfile=/var/log/COMPANY_NAME/documentserver-example/out.log
stdout_logfile_backups=0
stdout_logfile_maxbytes=0
stderr_logfile=/var/log/COMPANY_NAME/documentserver-example/err.log
stderr_logfile_backups=0
stderr_logfile_maxbytes=0
autostart=false
autorestart=true
redirect_stderr=true

@ -0,0 +1,13 @@
[program:metrics]
command=/var/www/COMPANY_NAME/documentserver/server/Metrics/metrics ./config/config.js
directory=/var/www/COMPANY_NAME/documentserver/server/Metrics
user=ds
environment=NODE_DISABLE_COLORS=1
stdout_logfile=/var/log/COMPANY_NAME/documentserver/metrics/out.log
stdout_logfile_backups=0
stdout_logfile_maxbytes=0
stderr_logfile=/var/log/COMPANY_NAME/documentserver/metrics/err.log
stderr_logfile_backups=0
stderr_logfile_maxbytes=0
autostart=true
autorestart=true

@ -0,0 +1,2 @@
[group:ds]
programs=docservice,converter,metrics,example

@ -1,27 +0,0 @@
; supervisor config file
[inet_http_server]
port = 127.0.0.1:9001
[supervisord]
logfile=/var/log/supervisor/supervisord.log ; (main log file;default $CWD/supervisord.log)
pidfile=/var/run/supervisord.pid ; (supervisord pidfile;default supervisord.pid)
childlogdir=/var/log/supervisor ; ('AUTO' child log dir, default $TEMP)
; the below section must remain in the config file for RPC
; (supervisorctl/web interface) to work, additional interfaces may be
; added by defining them in separate rpcinterface: sections
[rpcinterface:supervisor]
supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
[supervisorctl]
serverurl = http://localhost:9001 ; use a unix:// URL for a unix socket
; The [include] section can just contain the "files" setting. This
; setting can list multiple files (separated by whitespace or
; newlines). It can also contain wildcards. The filenames are
; interpreted as relative to this file. Included files *cannot*
; include files themselves.
[include]
files = /etc/supervisor/conf.d/*.conf

11
default.nix Normal file

@ -0,0 +1,11 @@
{ pkgs ? (import <nixpkgs> {
config.allowUnfree = true;
}),
}:
pkgs.mkShell {
pure = true;
packages = with pkgs; [
# Choose the build tools that you need
act
];
}

169
docker-bake.hcl Normal file

@ -0,0 +1,169 @@
variable "TAG" {
default = ""
}
variable "SHORTER_TAG" {
default = ""
}
variable "SHORTEST_TAG" {
default = ""
}
variable "PULL_TAG" {
default = ""
}
variable "COMPANY_NAME" {
default = ""
}
variable "PREFIX_NAME" {
default = ""
}
variable "PRODUCT_EDITION" {
default = ""
}
variable "PRODUCT_NAME" {
default = ""
}
variable "PACKAGE_VERSION" {
default = ""
}
variable "DOCKERFILE" {
default = ""
}
variable "PLATFORM" {
default = ""
}
variable "PACKAGE_BASEURL" {
default = ""
}
variable "PACKAGE_FILE" {
default = ""
}
variable "BUILD_CHANNEL" {
default = ""
}
variable "PUSH_MAJOR" {
default = "false"
}
variable "LATEST" {
default = "false"
}
### Variables for UCS build
variable "BASE_IMAGE" {
default = ""
}
variable "PG_VERSION" {
default = ""
}
variable "UCS_REBUILD" {
default = ""
}
variable "UCS_PREFIX" {
default = ""
}
### Variables for UCS build
target "documentserver" {
target = "documentserver"
dockerfile = "${DOCKERFILE}"
tags = [
"docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}",
equal("nightly",BUILD_CHANNEL) ? "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:latest": "",
]
platforms = ["${PLATFORM}"]
args = {
"COMPANY_NAME": "${COMPANY_NAME}"
"PRODUCT_NAME": "${PRODUCT_NAME}"
"PRODUCT_EDITION": "${PRODUCT_EDITION}"
"PACKAGE_VERSION": "${PACKAGE_VERSION}"
"PACKAGE_BASEURL": "${PACKAGE_BASEURL}"
"PLATFORM": "${PLATFORM}"
}
}
target "documentserver-stable" {
target = "documentserver-stable"
dockerfile = "production.dockerfile"
tags = ["docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}",
"docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${SHORTER_TAG}",
"docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${SHORTEST_TAG}",
"docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:latest",
equal("-ee",PRODUCT_EDITION) ? "docker.io/${COMPANY_NAME}4enterprise/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}": "",]
platforms = ["linux/amd64", "linux/arm64"]
args = {
"PULL_TAG": "${PULL_TAG}"
"COMPANY_NAME": "${COMPANY_NAME}"
"PRODUCT_NAME": "${PRODUCT_NAME}"
"PRODUCT_EDITION": "${PRODUCT_EDITION}"
}
}
target "documentserver-ucs" {
target = "documentserver"
dockerfile = "${DOCKERFILE}"
tags = [
"docker.io/${COMPANY_NAME}/${PRODUCT_NAME}${PRODUCT_EDITION}-ucs:${TAG}"
]
platforms = ["linux/amd64", "linux/arm64"]
args = {
"PRODUCT_EDITION": "${PRODUCT_EDITION}"
"PRODUCT_NAME": "${PRODUCT_NAME}"
"COMPANY_NAME": "${COMPANY_NAME}"
"PACKAGE_VERSION": "${PACKAGE_VERSION}"
"PACKAGE_BASEURL": "${PACKAGE_BASEURL}"
"BASE_IMAGE": "${BASE_IMAGE}"
"PG_VERSION": "${PG_VERSION}"
}
}
target "documentserver-nonexample" {
target = "documentserver-nonexample"
dockerfile = "production.dockerfile"
tags = [ "docker.io/${COMPANY_NAME}/${PRODUCT_NAME}${PREFIX_NAME}${PRODUCT_EDITION}:${TAG}-nonexample" ]
platforms = ["linux/amd64", "linux/arm64"]
args = {
"PULL_TAG": "${PULL_TAG}"
"COMPANY_NAME": "${COMPANY_NAME}"
"PRODUCT_NAME": "${PRODUCT_NAME}"
"PRODUCT_EDITION": "${PRODUCT_EDITION}"
}
}
target "documentserver-stable-rebuild" {
target = "documentserver-stable-rebuild"
dockerfile = "production.dockerfile"
tags = equal("true",UCS_REBUILD) ? ["docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}-ucs:${TAG}",] : [
"docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}",
equal("",PREFIX_NAME) ? "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${SHORTER_TAG}": "",
equal("true",PUSH_MAJOR) ? "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${SHORTEST_TAG}": "",
equal("",PREFIX_NAME) && equal("true",LATEST) ? "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:latest": "",
equal("-ee",PRODUCT_EDITION) && equal("",PREFIX_NAME) ? "docker.io/${COMPANY_NAME}4enterprise/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}": "",
]
platforms = ["linux/amd64", "linux/arm64"]
args = {
"UCS_PREFIX": "${UCS_PREFIX}"
"PULL_TAG": "${PULL_TAG}"
"COMPANY_NAME": "${COMPANY_NAME}"
"PRODUCT_NAME": "${PRODUCT_NAME}"
"PRODUCT_EDITION": "${PRODUCT_EDITION}"
}
}

@ -1,112 +1,61 @@
version: '2' version: '2'
services: services:
onlyoffice-documentserver-data: onlyoffice-documentserver:
container_name: onlyoffice-documentserver-data build:
image: onlyoffice/documentserver:latest context: .
container_name: onlyoffice-documentserver
depends_on:
- onlyoffice-postgresql
- onlyoffice-rabbitmq
environment: environment:
- ONLYOFFICE_DATA_CONTAINER=true - DB_TYPE=postgres
- POSTGRESQL_SERVER_HOST=onlyoffice-postgresql - DB_HOST=onlyoffice-postgresql
- POSTGRESQL_SERVER_PORT=5432 - DB_PORT=5432
- POSTGRESQL_SERVER_DB_NAME=onlyoffice - DB_NAME=onlyoffice
- POSTGRESQL_SERVER_USER=onlyoffice - DB_USER=onlyoffice
- RABBITMQ_SERVER_URL=amqp://guest:guest@onlyoffice-rabbitmq - AMQP_URI=amqp://guest:guest@onlyoffice-rabbitmq
- REDIS_SERVER_HOST=onlyoffice-redis # Uncomment strings below to enable the JSON Web Token validation.
- REDIS_SERVER_PORT=6379 #- JWT_ENABLED=true
#- JWT_SECRET=secret
#- JWT_HEADER=AuthorizationJwt
#- JWT_IN_BODY=true
# Uncomment the line below to set larger file limits (about 1GB)
#- LARGER_FILE_LIMITS=true
ports:
- '80:80'
- '443:443'
stdin_open: true stdin_open: true
restart: always restart: always
networks: stop_grace_period: 120s
- onlyoffice
volumes: volumes:
# Uncomment the line below to get access to the slide themes directory.
# To use the themes, copy them to the slideThemes directory and run `docker exec -it <container-name> /usr/bin/documentserver-generate-allfonts.sh`
#- ./slideThemes:/var/www/onlyoffice/documentserver/sdkjs/slide/themes/src
- /var/www/onlyoffice/Data - /var/www/onlyoffice/Data
- /var/log/onlyoffice - /var/log/onlyoffice
- /var/lib/onlyoffice/documentserver/App_Data/cache/files - /var/lib/onlyoffice/documentserver/App_Data/cache/files
- /var/www/onlyoffice/documentserver-example/public/files - /var/www/onlyoffice/documentserver-example/public/files
- /usr/share/fonts - /usr/share/fonts
onlyoffice-documentserver:
image: onlyoffice/documentserver:latest
depends_on:
- onlyoffice-documentserver-data
- onlyoffice-postgresql
- onlyoffice-redis
- onlyoffice-rabbitmq
environment:
- ONLYOFFICE_DATA_CONTAINER_HOST=onlyoffice-documentserver-data
- BALANCE=uri depth 3
- EXCLUDE_PORTS=443
- HTTP_CHECK=GET /healthcheck
- EXTRA_SETTINGS=http-check expect string true
# Uncomment the string below to redirect HTTP request to HTTPS request.
#- FORCE_SSL=true
stdin_open: true
restart: always
networks:
- onlyoffice
expose:
- '80'
volumes_from:
- onlyoffice-documentserver-data
onlyoffice-haproxy:
container_name: onlyoffice-haproxy
image: dockercloud/haproxy:1.5.1
depends_on:
- onlyoffice-documentserver
environment:
- MODE=http
# Uncomment the string below to specify the path of ssl certificates
#- CERT_FOLDER=/certs/
stdin_open: true
links:
- onlyoffice-documentserver
volumes:
- /var/run/docker.sock:/var/run/docker.sock
# Uncomment the string below to map a ssl certificate from host
# to the proxy container
#- /app/onlyoffice/DocumentServer/data/certs/onlyoffice.pem:/certs/cert1.pem
restart: always
networks:
- onlyoffice
ports:
- '80:80'
- '443:443'
- '1936:1936'
onlyoffice-redis:
container_name: onlyoffice-redis
image: redis
restart: always
networks:
- onlyoffice
expose:
- '6379'
onlyoffice-rabbitmq: onlyoffice-rabbitmq:
container_name: onlyoffice-rabbitmq container_name: onlyoffice-rabbitmq
image: rabbitmq image: rabbitmq
restart: always restart: always
networks:
- onlyoffice
expose: expose:
- '5672' - '5672'
onlyoffice-postgresql: onlyoffice-postgresql:
container_name: onlyoffice-postgresql container_name: onlyoffice-postgresql
image: postgres:9.5 image: postgres:12
environment: environment:
- POSTGRES_DB=onlyoffice - POSTGRES_DB=onlyoffice
- POSTGRES_USER=onlyoffice - POSTGRES_USER=onlyoffice
networks: - POSTGRES_HOST_AUTH_METHOD=trust
- onlyoffice
restart: always restart: always
expose: expose:
- '5432' - '5432'
volumes: volumes:
- postgresql_data:/var/lib/postgresql - postgresql_data:/var/lib/postgresql
networks:
onlyoffice:
driver: 'bridge'
volumes: volumes:
postgresql_data: postgresql_data:

33
production.dockerfile Normal file

@ -0,0 +1,33 @@
### Arguments avavlivable only for FROM instruction ###
ARG PULL_TAG=latest
ARG COMPANY_NAME=onlyoffice
ARG PRODUCT_EDITION=
### Rebuild arguments
ARG UCS_PREFIX=
ARG IMAGE=${COMPANY_NAME}/documentserver${PRODUCT_EDITION}${UCS_PREFIX}:${PULL_TAG}
### Build main-release ###
FROM ${COMPANY_NAME}/4testing-documentserver${PRODUCT_EDITION}:${PULL_TAG} as documentserver-stable
### Rebuild stable images with secure updates
FROM ${IMAGE} as documentserver-stable-rebuild
RUN echo "This is rebuild" \
&& apt-get update -y \
&& apt-get upgrade -y
### Build nonexample ###
FROM ${COMPANY_NAME}/documentserver${PRODUCT_EDITION}:${PULL_TAG} as documentserver-nonexample
ARG COMPANY_NAME=onlyoffice
ARG PRODUCT_NAME=documentserver
ARG DS_SUPERVISOR_CONF=/etc/supervisor/conf.d/ds.conf
### Remove all documentserver-example data ###
RUN rm -rf /var/www/$COMPANY_NAME/$PRODUCT_NAME-example \
&& rm -rf /etc/$COMPANY_NAME/$PRODUCT_NAME-example \
&& rm -f $DS_SUPERVISOR_CONF \
&& rm -f /etc/nginx/includes/ds-example.conf \
&& ln -s /etc/$COMPANY_NAME/$PRODUCT_NAME/supervisor/ds.conf $DS_SUPERVISOR_CONF

547
run-document-server.sh Executable file → Normal file

@ -1,73 +1,190 @@
#!/bin/bash #!/bin/bash
APP_DIR="/var/www/onlyoffice/documentserver" umask 0022
DATA_DIR="/var/www/onlyoffice/Data"
LOG_DIR="/var/log/onlyoffice" function clean_exit {
if [ ${ONLYOFFICE_DATA_CONTAINER} == "false" ] && \
[ ${ONLYOFFICE_DATA_CONTAINER_HOST} == "localhost" ]; then
/usr/bin/documentserver-prepare4shutdown.sh
fi
}
trap clean_exit SIGTERM
# Define '**' behavior explicitly
shopt -s globstar
APP_DIR="/var/www/${COMPANY_NAME}/documentserver"
DATA_DIR="/var/www/${COMPANY_NAME}/Data"
PRIVATE_DATA_DIR="${DATA_DIR}/.private"
DS_RELEASE_DATE="${PRIVATE_DATA_DIR}/ds_release_date"
LOG_DIR="/var/log/${COMPANY_NAME}"
DS_LOG_DIR="${LOG_DIR}/documentserver" DS_LOG_DIR="${LOG_DIR}/documentserver"
LIB_DIR="/var/lib/onlyoffice" LIB_DIR="/var/lib/${COMPANY_NAME}"
CONF_DIR="/etc/onlyoffice/documentserver" DS_LIB_DIR="${LIB_DIR}/documentserver"
CONF_DIR="/etc/${COMPANY_NAME}/documentserver"
IS_UPGRADE="false"
ONLYOFFICE_DATA_CONTAINER=${ONLYOFFICE_DATA_CONTAINER:-false} ONLYOFFICE_DATA_CONTAINER=${ONLYOFFICE_DATA_CONTAINER:-false}
ONLYOFFICE_DATA_CONTAINER_HOST=${ONLYOFFICE_DATA_CONTAINER_HOST:-localhost} ONLYOFFICE_DATA_CONTAINER_HOST=${ONLYOFFICE_DATA_CONTAINER_HOST:-localhost}
ONLYOFFICE_DATA_CONTAINER_PORT=80 ONLYOFFICE_DATA_CONTAINER_PORT=80
SSL_CERTIFICATES_DIR="${DATA_DIR}/certs" RELEASE_DATE="$(stat -c="%y" ${APP_DIR}/server/DocService/docservice | sed -r 's/=([0-9]+)-([0-9]+)-([0-9]+) ([0-9:.+ ]+)/\1-\2-\3/')";
SSL_CERTIFICATE_PATH=${SSL_CERTIFICATE_PATH:-${SSL_CERTIFICATES_DIR}/onlyoffice.crt} if [ -f ${DS_RELEASE_DATE} ]; then
SSL_KEY_PATH=${SSL_KEY_PATH:-${SSL_CERTIFICATES_DIR}/onlyoffice.key} PREV_RELEASE_DATE=$(head -n 1 ${DS_RELEASE_DATE})
else
PREV_RELEASE_DATE="0"
fi
if [ "${RELEASE_DATE}" != "${PREV_RELEASE_DATE}" ]; then
if [ ${ONLYOFFICE_DATA_CONTAINER} != "true" ]; then
IS_UPGRADE="true";
fi
fi
SSL_CERTIFICATES_DIR="/usr/share/ca-certificates/ds"
mkdir -p ${SSL_CERTIFICATES_DIR}
if [[ -d ${DATA_DIR}/certs ]] && [ -e ${DATA_DIR}/certs/*.crt ]; then
cp -f ${DATA_DIR}/certs/* ${SSL_CERTIFICATES_DIR}
chmod 644 ${SSL_CERTIFICATES_DIR}/*.crt ${SSL_CERTIFICATES_DIR}/*.pem
chmod 400 ${SSL_CERTIFICATES_DIR}/*.key
fi
if [[ -z $SSL_CERTIFICATE_PATH ]] && [[ -f ${SSL_CERTIFICATES_DIR}/${COMPANY_NAME}.crt ]]; then
SSL_CERTIFICATE_PATH=${SSL_CERTIFICATES_DIR}/${COMPANY_NAME}.crt
else
SSL_CERTIFICATE_PATH=${SSL_CERTIFICATE_PATH:-${SSL_CERTIFICATES_DIR}/tls.crt}
fi
if [[ -z $SSL_KEY_PATH ]] && [[ -f ${SSL_CERTIFICATES_DIR}/${COMPANY_NAME}.key ]]; then
SSL_KEY_PATH=${SSL_CERTIFICATES_DIR}/${COMPANY_NAME}.key
else
SSL_KEY_PATH=${SSL_KEY_PATH:-${SSL_CERTIFICATES_DIR}/tls.key}
fi
CA_CERTIFICATES_PATH=${CA_CERTIFICATES_PATH:-${SSL_CERTIFICATES_DIR}/ca-certificates.pem} CA_CERTIFICATES_PATH=${CA_CERTIFICATES_PATH:-${SSL_CERTIFICATES_DIR}/ca-certificates.pem}
SSL_DHPARAM_PATH=${SSL_DHPARAM_PATH:-${SSL_CERTIFICATES_DIR}/dhparam.pem} SSL_DHPARAM_PATH=${SSL_DHPARAM_PATH:-${SSL_CERTIFICATES_DIR}/dhparam.pem}
SSL_VERIFY_CLIENT=${SSL_VERIFY_CLIENT:-off} SSL_VERIFY_CLIENT=${SSL_VERIFY_CLIENT:-off}
USE_UNAUTHORIZED_STORAGE=${USE_UNAUTHORIZED_STORAGE:-false}
ONLYOFFICE_HTTPS_HSTS_ENABLED=${ONLYOFFICE_HTTPS_HSTS_ENABLED:-true} ONLYOFFICE_HTTPS_HSTS_ENABLED=${ONLYOFFICE_HTTPS_HSTS_ENABLED:-true}
ONLYOFFICE_HTTPS_HSTS_MAXAGE=${ONLYOFFICE_HTTPS_HSTS_MAXAGE:-31536000} ONLYOFFICE_HTTPS_HSTS_MAXAGE=${ONLYOFFICE_HTTPS_HSTS_MAXAGE:-31536000}
SYSCONF_TEMPLATES_DIR="/app/onlyoffice/setup/config" SYSCONF_TEMPLATES_DIR="/app/ds/setup/config"
NGINX_CONFD_PATH="/etc/nginx/conf.d"; NGINX_CONFD_PATH="/etc/nginx/conf.d";
NGINX_ONLYOFFICE_CONF="${NGINX_CONFD_PATH}/onlyoffice-documentserver.conf"
NGINX_ONLYOFFICE_PATH="${CONF_DIR}/nginx" NGINX_ONLYOFFICE_PATH="${CONF_DIR}/nginx"
NGINX_ONLYOFFICE_CONF="${NGINX_ONLYOFFICE_PATH}/ds.conf"
NGINX_ONLYOFFICE_EXAMPLE_PATH="${CONF_DIR}-example/nginx" NGINX_ONLYOFFICE_EXAMPLE_PATH="${CONF_DIR}-example/nginx"
NGINX_ONLYOFFICE_EXAMPLE_CONF="${NGINX_ONLYOFFICE_EXAMPLE_PATH}/includes/onlyoffice-documentserver-example.conf" NGINX_ONLYOFFICE_EXAMPLE_CONF="${NGINX_ONLYOFFICE_EXAMPLE_PATH}/includes/ds-example.conf"
NGINX_CONFIG_PATH="/etc/nginx/nginx.conf" NGINX_CONFIG_PATH="/etc/nginx/nginx.conf"
NGINX_WORKER_PROCESSES=${NGINX_WORKER_PROCESSES:-1} NGINX_WORKER_PROCESSES=${NGINX_WORKER_PROCESSES:-1}
NGINX_WORKER_CONNECTIONS=${NGINX_WORKER_CONNECTIONS:-$(ulimit -n)} # Limiting the maximum number of simultaneous connections due to possible memory shortage
[ $(ulimit -n) -gt 1048576 ] && NGINX_WORKER_CONNECTIONS=${NGINX_WORKER_CONNECTIONS:-1048576} || NGINX_WORKER_CONNECTIONS=${NGINX_WORKER_CONNECTIONS:-$(ulimit -n)}
JWT_ENABLED=${JWT_ENABLED:-false} JWT_ENABLED=${JWT_ENABLED:-true}
JWT_SECRET=${JWT_SECRET:-secret}
# validate user's vars before usinig in json
if [ "${JWT_ENABLED}" == "true" ]; then
JWT_ENABLED="true"
else
JWT_ENABLED="false"
fi
[ -z $JWT_SECRET ] && JWT_MESSAGE='JWT is enabled by default. A random secret is generated automatically. Run the command "docker exec $(sudo docker ps -q) sudo documentserver-jwt-status.sh" to get information about JWT.'
JWT_SECRET=${JWT_SECRET:-$(pwgen -s 32)}
JWT_HEADER=${JWT_HEADER:-Authorization} JWT_HEADER=${JWT_HEADER:-Authorization}
JWT_IN_BODY=${JWT_IN_BODY:-false}
ONLYOFFICE_DEFAULT_CONFIG=${CONF_DIR}/default.json WOPI_ENABLED=${WOPI_ENABLED:-false}
ALLOW_META_IP_ADDRESS=${ALLOW_META_IP_ADDRESS:-false}
ALLOW_PRIVATE_IP_ADDRESS=${ALLOW_PRIVATE_IP_ADDRESS:-false}
GENERATE_FONTS=${GENERATE_FONTS:-true}
if [[ ${PRODUCT_NAME}${PRODUCT_EDITION} == "documentserver" ]]; then
REDIS_ENABLED=false
else
REDIS_ENABLED=true
fi
ONLYOFFICE_DEFAULT_CONFIG=${CONF_DIR}/local.json
ONLYOFFICE_LOG4JS_CONFIG=${CONF_DIR}/log4js/production.json ONLYOFFICE_LOG4JS_CONFIG=${CONF_DIR}/log4js/production.json
ONLYOFFICE_EXAMPLE_CONFIG=${CONF_DIR}-example/default.json ONLYOFFICE_EXAMPLE_CONFIG=${CONF_DIR}-example/local.json
JSON="json -q -f ${ONLYOFFICE_DEFAULT_CONFIG}" JSON_BIN=${APP_DIR}/npm/json
JSON_LOG="json -q -f ${ONLYOFFICE_LOG4JS_CONFIG}" JSON="${JSON_BIN} -q -f ${ONLYOFFICE_DEFAULT_CONFIG}"
JSON_EXAMPLE="json -q -f ${ONLYOFFICE_EXAMPLE_CONFIG}" JSON_LOG="${JSON_BIN} -q -f ${ONLYOFFICE_LOG4JS_CONFIG}"
JSON_EXAMPLE="${JSON_BIN} -q -f ${ONLYOFFICE_EXAMPLE_CONFIG}"
LOCAL_SERVICES=() LOCAL_SERVICES=()
PG_VERSION=9.5 PG_ROOT=/var/lib/postgresql
PG_NAME=main PG_NAME=main
PGDATA=/var/lib/postgresql/${PG_VERSION}/${PG_NAME} PGDATA=${PG_ROOT}/${PG_VERSION}/${PG_NAME}
PG_NEW_CLUSTER=false PG_NEW_CLUSTER=false
RABBITMQ_DATA=/var/lib/rabbitmq
REDIS_DATA=/var/lib/redis
if [ "${LETS_ENCRYPT_DOMAIN}" != "" -a "${LETS_ENCRYPT_MAIL}" != "" ]; then
LETSENCRYPT_ROOT_DIR="/etc/letsencrypt/live"
SSL_CERTIFICATE_PATH=${LETSENCRYPT_ROOT_DIR}/${LETS_ENCRYPT_DOMAIN}/fullchain.pem
SSL_KEY_PATH=${LETSENCRYPT_ROOT_DIR}/${LETS_ENCRYPT_DOMAIN}/privkey.pem
fi
read_setting(){ read_setting(){
POSTGRESQL_SERVER_HOST=${POSTGRESQL_SERVER_HOST:-$(${JSON} services.CoAuthoring.sql.dbHost)} deprecated_var POSTGRESQL_SERVER_HOST DB_HOST
POSTGRESQL_SERVER_PORT=${POSTGRESQL_SERVER_PORT:-$(${JSON} services.CoAuthoring.sql.dbPort)} deprecated_var POSTGRESQL_SERVER_PORT DB_PORT
POSTGRESQL_SERVER_DB_NAME=${POSTGRESQL_SERVER_DB_NAME:-$(${JSON} services.CoAuthoring.sql.dbName)} deprecated_var POSTGRESQL_SERVER_DB_NAME DB_NAME
POSTGRESQL_SERVER_USER=${POSTGRESQL_SERVER_USER:-$(${JSON} services.CoAuthoring.sql.dbUser)} deprecated_var POSTGRESQL_SERVER_USER DB_USER
POSTGRESQL_SERVER_PASS=${POSTGRESQL_SERVER_PASS:-$(${JSON} services.CoAuthoring.sql.dbPass)} deprecated_var POSTGRESQL_SERVER_PASS DB_PWD
deprecated_var RABBITMQ_SERVER_URL AMQP_URI
deprecated_var AMQP_SERVER_URL AMQP_URI
deprecated_var AMQP_SERVER_TYPE AMQP_TYPE
METRICS_ENABLED="${METRICS_ENABLED:-false}"
METRICS_HOST="${METRICS_HOST:-localhost}"
METRICS_PORT="${METRICS_PORT:-8125}"
METRICS_PREFIX="${METRICS_PREFIX:-.ds}"
DB_HOST=${DB_HOST:-${POSTGRESQL_SERVER_HOST:-$(${JSON} services.CoAuthoring.sql.dbHost)}}
DB_TYPE=${DB_TYPE:-$(${JSON} services.CoAuthoring.sql.type)}
case $DB_TYPE in
"postgres")
DB_PORT=${DB_PORT:-"5432"}
;;
"mariadb"|"mysql")
DB_PORT=${DB_PORT:-"3306"}
;;
"")
DB_PORT=${DB_PORT:-${POSTGRESQL_SERVER_PORT:-$(${JSON} services.CoAuthoring.sql.dbPort)}}
;;
*)
echo "ERROR: unknown database type"
exit 1
;;
esac
DB_NAME=${DB_NAME:-${POSTGRESQL_SERVER_DB_NAME:-$(${JSON} services.CoAuthoring.sql.dbName)}}
DB_USER=${DB_USER:-${POSTGRESQL_SERVER_USER:-$(${JSON} services.CoAuthoring.sql.dbUser)}}
DB_PWD=${DB_PWD:-${POSTGRESQL_SERVER_PASS:-$(${JSON} services.CoAuthoring.sql.dbPass)}}
RABBITMQ_SERVER_URL=${RABBITMQ_SERVER_URL:-$(${JSON} rabbitmq.url)} RABBITMQ_SERVER_URL=${RABBITMQ_SERVER_URL:-$(${JSON} rabbitmq.url)}
parse_rabbitmq_url AMQP_URI=${AMQP_URI:-${AMQP_SERVER_URL:-${RABBITMQ_SERVER_URL}}}
AMQP_TYPE=${AMQP_TYPE:-${AMQP_SERVER_TYPE:-rabbitmq}}
parse_rabbitmq_url ${AMQP_URI}
REDIS_SERVER_HOST=${REDIS_SERVER_HOST:-$(${JSON} services.CoAuthoring.redis.host)} REDIS_SERVER_HOST=${REDIS_SERVER_HOST:-$(${JSON} services.CoAuthoring.redis.host)}
REDIS_SERVER_PORT=${REDIS_SERVER_PORT:-$(${JSON} services.CoAuthoring.redis.port)} REDIS_SERVER_PORT=${REDIS_SERVER_PORT:-6379}
DS_LOG_LEVEL=${DS_LOG_LEVEL:-$(${JSON_LOG} levels.nodeJS)} DS_LOG_LEVEL=${DS_LOG_LEVEL:-$(${JSON_LOG} categories.default.level)}
}
deprecated_var() {
if [[ -n ${!1} ]]; then
echo "Variable $1 is deprecated. Use $2 instead."
fi
} }
parse_rabbitmq_url(){ parse_rabbitmq_url(){
local amqp=${RABBITMQ_SERVER_URL} local amqp=$1
# extract the protocol # extract the protocol
local proto="$(echo $amqp | grep :// | sed -e's,^\(.*://\).*,\1,g')" local proto="$(echo $amqp | grep :// | sed -e's,^\(.*://\).*,\1,g')"
@ -88,7 +205,7 @@ parse_rabbitmq_url(){
# extract the host # extract the host
local hostport="$(echo ${url/$userpass@/} | cut -d/ -f1)" local hostport="$(echo ${url/$userpass@/} | cut -d/ -f1)"
# by request - try to extract the port # by request - try to extract the port
local port="$(echo $hostport | sed -e 's,^.*:,:,g' -e 's,.*:\([0-9]*\).*,\1,g' -e 's,[^0-9],,g')" local port="$(echo $hostport | grep : | sed -r 's_^.*:+|/.*$__g')"
local host local host
if [ -n "$port" ]; then if [ -n "$port" ]; then
@ -101,10 +218,11 @@ parse_rabbitmq_url(){
# extract the path (if any) # extract the path (if any)
local path="$(echo $url | grep / | cut -d/ -f2-)" local path="$(echo $url | grep / | cut -d/ -f2-)"
RABBITMQ_SERVER_HOST=$host AMQP_SERVER_PROTO=${proto:0:-3}
RABBITMQ_SERVER_USER=$user AMQP_SERVER_HOST=$host
RABBITMQ_SERVER_PASS=$pass AMQP_SERVER_USER=$user
RABBITMQ_SERVER_PORT=$port AMQP_SERVER_PASS=$pass
AMQP_SERVER_PORT=$port
} }
waiting_for_connection(){ waiting_for_connection(){
@ -114,12 +232,12 @@ waiting_for_connection(){
done done
} }
waiting_for_postgresql(){ waiting_for_db(){
waiting_for_connection ${POSTGRESQL_SERVER_HOST} ${POSTGRESQL_SERVER_PORT} waiting_for_connection $DB_HOST $DB_PORT
} }
waiting_for_rabbitmq(){ waiting_for_amqp(){
waiting_for_connection ${RABBITMQ_SERVER_HOST} ${RABBITMQ_SERVER_PORT} waiting_for_connection ${AMQP_SERVER_HOST} ${AMQP_SERVER_PORT}
} }
waiting_for_redis(){ waiting_for_redis(){
@ -128,41 +246,114 @@ waiting_for_redis(){
waiting_for_datacontainer(){ waiting_for_datacontainer(){
waiting_for_connection ${ONLYOFFICE_DATA_CONTAINER_HOST} ${ONLYOFFICE_DATA_CONTAINER_PORT} waiting_for_connection ${ONLYOFFICE_DATA_CONTAINER_HOST} ${ONLYOFFICE_DATA_CONTAINER_PORT}
} }
update_postgresql_settings(){
${JSON} -I -e "this.services.CoAuthoring.sql.dbHost = '${POSTGRESQL_SERVER_HOST}'" update_statsd_settings(){
${JSON} -I -e "this.services.CoAuthoring.sql.dbPort = '${POSTGRESQL_SERVER_PORT}'" ${JSON} -I -e "if(this.statsd===undefined)this.statsd={};"
${JSON} -I -e "this.services.CoAuthoring.sql.dbName = '${POSTGRESQL_SERVER_DB_NAME}'" ${JSON} -I -e "this.statsd.useMetrics = '${METRICS_ENABLED}'"
${JSON} -I -e "this.services.CoAuthoring.sql.dbUser = '${POSTGRESQL_SERVER_USER}'" ${JSON} -I -e "this.statsd.host = '${METRICS_HOST}'"
${JSON} -I -e "this.services.CoAuthoring.sql.dbPass = '${POSTGRESQL_SERVER_PASS}'" ${JSON} -I -e "this.statsd.port = '${METRICS_PORT}'"
${JSON} -I -e "this.statsd.prefix = '${METRICS_PREFIX}'"
}
update_db_settings(){
${JSON} -I -e "this.services.CoAuthoring.sql.type = '${DB_TYPE}'"
${JSON} -I -e "this.services.CoAuthoring.sql.dbHost = '${DB_HOST}'"
${JSON} -I -e "this.services.CoAuthoring.sql.dbPort = '${DB_PORT}'"
${JSON} -I -e "this.services.CoAuthoring.sql.dbName = '${DB_NAME}'"
${JSON} -I -e "this.services.CoAuthoring.sql.dbUser = '${DB_USER}'"
${JSON} -I -e "this.services.CoAuthoring.sql.dbPass = '${DB_PWD}'"
} }
update_rabbitmq_setting(){ update_rabbitmq_setting(){
${JSON} -I -e "this.rabbitmq.url = '${RABBITMQ_SERVER_URL}'" if [ "${AMQP_TYPE}" == "rabbitmq" ]; then
${JSON} -I -e "if(this.queue===undefined)this.queue={};"
${JSON} -I -e "this.queue.type = 'rabbitmq'"
${JSON} -I -e "this.rabbitmq.url = '${AMQP_URI}'"
fi
if [ "${AMQP_TYPE}" == "activemq" ]; then
${JSON} -I -e "if(this.queue===undefined)this.queue={};"
${JSON} -I -e "this.queue.type = 'activemq'"
${JSON} -I -e "if(this.activemq===undefined)this.activemq={};"
${JSON} -I -e "if(this.activemq.connectOptions===undefined)this.activemq.connectOptions={};"
${JSON} -I -e "this.activemq.connectOptions.host = '${AMQP_SERVER_HOST}'"
if [ ! "${AMQP_SERVER_PORT}" == "" ]; then
${JSON} -I -e "this.activemq.connectOptions.port = '${AMQP_SERVER_PORT}'"
else
${JSON} -I -e "delete this.activemq.connectOptions.port"
fi
if [ ! "${AMQP_SERVER_USER}" == "" ]; then
${JSON} -I -e "this.activemq.connectOptions.username = '${AMQP_SERVER_USER}'"
else
${JSON} -I -e "delete this.activemq.connectOptions.username"
fi
if [ ! "${AMQP_SERVER_PASS}" == "" ]; then
${JSON} -I -e "this.activemq.connectOptions.password = '${AMQP_SERVER_PASS}'"
else
${JSON} -I -e "delete this.activemq.connectOptions.password"
fi
case "${AMQP_SERVER_PROTO}" in
amqp+ssl|amqps)
${JSON} -I -e "this.activemq.connectOptions.transport = 'tls'"
;;
*)
${JSON} -I -e "delete this.activemq.connectOptions.transport"
;;
esac
fi
} }
update_redis_settings(){ update_redis_settings(){
${JSON} -I -e "if(this.services.CoAuthoring.redis===undefined)this.services.CoAuthoring.redis={};"
${JSON} -I -e "this.services.CoAuthoring.redis.host = '${REDIS_SERVER_HOST}'" ${JSON} -I -e "this.services.CoAuthoring.redis.host = '${REDIS_SERVER_HOST}'"
${JSON} -I -e "this.services.CoAuthoring.redis.port = '${REDIS_SERVER_PORT}'" ${JSON} -I -e "this.services.CoAuthoring.redis.port = '${REDIS_SERVER_PORT}'"
if [ -n "${REDIS_SERVER_PASS}" ]; then
${JSON} -I -e "this.services.CoAuthoring.redis.options = {'password':'${REDIS_SERVER_PASS}'}"
fi
} }
update_jwt_settings(){ update_ds_settings(){
if [ "${JWT_ENABLED}" == "true" ]; then ${JSON} -I -e "this.services.CoAuthoring.token.enable.browser = ${JWT_ENABLED}"
${JSON} -I -e "this.services.CoAuthoring.token.enable.browser = '${JWT_ENABLED}'" ${JSON} -I -e "this.services.CoAuthoring.token.enable.request.inbox = ${JWT_ENABLED}"
${JSON} -I -e "this.services.CoAuthoring.token.enable.request.inbox = '${JWT_ENABLED}'" ${JSON} -I -e "this.services.CoAuthoring.token.enable.request.outbox = ${JWT_ENABLED}"
${JSON} -I -e "this.services.CoAuthoring.token.enable.request.outbox = '${JWT_ENABLED}'"
${JSON} -I -e "this.services.CoAuthoring.secret.inbox.string = '${JWT_SECRET}'" ${JSON} -I -e "this.services.CoAuthoring.secret.inbox.string = '${JWT_SECRET}'"
${JSON} -I -e "this.services.CoAuthoring.secret.outbox.string = '${JWT_SECRET}'" ${JSON} -I -e "this.services.CoAuthoring.secret.outbox.string = '${JWT_SECRET}'"
${JSON} -I -e "this.services.CoAuthoring.secret.session.string = '${JWT_SECRET}'" ${JSON} -I -e "this.services.CoAuthoring.secret.session.string = '${JWT_SECRET}'"
${JSON} -I -e "this.services.CoAuthoring.token.inbox.header = '${JWT_HEADER}'" ${JSON} -I -e "this.services.CoAuthoring.token.inbox.header = '${JWT_HEADER}'"
${JSON} -I -e "this.services.CoAuthoring.token.outbox.header = '${JWT_HEADER}'" ${JSON} -I -e "this.services.CoAuthoring.token.outbox.header = '${JWT_HEADER}'"
if [ -f "${ONLYOFFICE_EXAMPLE_CONFIG}" ]; then ${JSON} -I -e "this.services.CoAuthoring.token.inbox.inBody = ${JWT_IN_BODY}"
${JSON_EXAMPLE} -I -e "this.server.token.enable = '${JWT_ENABLED}'" ${JSON} -I -e "this.services.CoAuthoring.token.outbox.inBody = ${JWT_IN_BODY}"
${JSON_EXAMPLE} -I -e "this.server.token.secret = '${JWT_SECRET}'"
${JSON_EXAMPLE} -I -e "this.server.token.authorizationHeader = '${JWT_HEADER}'" if [ -f "${ONLYOFFICE_EXAMPLE_CONFIG}" ]; then
fi ${JSON_EXAMPLE} -I -e "this.server.token.enable = ${JWT_ENABLED}"
${JSON_EXAMPLE} -I -e "this.server.token.secret = '${JWT_SECRET}'"
${JSON_EXAMPLE} -I -e "this.server.token.authorizationHeader = '${JWT_HEADER}'"
fi
if [ "${USE_UNAUTHORIZED_STORAGE}" == "true" ]; then
${JSON} -I -e "if(this.services.CoAuthoring.requestDefaults===undefined)this.services.CoAuthoring.requestDefaults={}"
${JSON} -I -e "if(this.services.CoAuthoring.requestDefaults.rejectUnauthorized===undefined)this.services.CoAuthoring.requestDefaults.rejectUnauthorized=false"
fi
if [ "${WOPI_ENABLED}" == "true" ]; then
${JSON} -I -e "if(this.wopi===undefined)this.wopi={}"
${JSON} -I -e "this.wopi.enable = true"
fi
if [ "${ALLOW_META_IP_ADDRESS}" = "true" ] || [ "${ALLOW_PRIVATE_IP_ADDRESS}" = "true" ]; then
${JSON} -I -e "if(this.services.CoAuthoring['request-filtering-agent']===undefined)this.services.CoAuthoring['request-filtering-agent']={}"
[ "${ALLOW_META_IP_ADDRESS}" = "true" ] && ${JSON} -I -e "this.services.CoAuthoring['request-filtering-agent'].allowMetaIPAddress = true"
[ "${ALLOW_PRIVATE_IP_ADDRESS}" = "true" ] && ${JSON} -I -e "this.services.CoAuthoring['request-filtering-agent'].allowPrivateIPAddress = true"
fi fi
} }
@ -178,26 +369,86 @@ create_postgresql_cluster(){
} }
create_postgresql_db(){ create_postgresql_db(){
sudo -u postgres psql -c "CREATE DATABASE onlyoffice;" sudo -u postgres psql -c "CREATE USER $DB_USER WITH password '"$DB_PWD"';"
sudo -u postgres psql -c "CREATE USER onlyoffice WITH password 'onlyoffice';" sudo -u postgres psql -c "CREATE DATABASE $DB_NAME OWNER $DB_USER;"
sudo -u postgres psql -c "GRANT ALL privileges ON DATABASE onlyoffice TO onlyoffice;"
} }
create_postgresql_tbl(){ create_db_tbl() {
CONNECTION_PARAMS="-h${POSTGRESQL_SERVER_HOST} -U${POSTGRESQL_SERVER_USER} -w" case $DB_TYPE in
if [ -n "${POSTGRESQL_SERVER_PASS}" ]; then "postgres")
export PGPASSWORD=${POSTGRESQL_SERVER_PASS} create_postgresql_tbl
;;
"mariadb"|"mysql")
create_mysql_tbl
;;
esac
}
upgrade_db_tbl() {
case $DB_TYPE in
"postgres")
upgrade_postgresql_tbl
;;
"mariadb"|"mysql")
upgrade_mysql_tbl
;;
esac
}
upgrade_postgresql_tbl() {
if [ -n "$DB_PWD" ]; then
export PGPASSWORD=$DB_PWD
fi fi
PSQL="psql -q $CONNECTION_PARAMS" PSQL="psql -q -h$DB_HOST -p$DB_PORT -d$DB_NAME -U$DB_USER -w"
CREATEDB="createdb $CONNECTION_PARAMS"
$PSQL -f "$APP_DIR/server/schema/postgresql/removetbl.sql"
$PSQL -f "$APP_DIR/server/schema/postgresql/createdb.sql"
}
upgrade_mysql_tbl() {
CONNECTION_PARAMS="-h$DB_HOST -P$DB_PORT -u$DB_USER -p$DB_PWD -w"
MYSQL="mysql -q $CONNECTION_PARAMS"
$MYSQL $DB_NAME < "$APP_DIR/server/schema/mysql/removetbl.sql" >/dev/null 2>&1
$MYSQL $DB_NAME < "$APP_DIR/server/schema/mysql/createdb.sql" >/dev/null 2>&1
}
create_postgresql_tbl() {
if [ -n "$DB_PWD" ]; then
export PGPASSWORD=$DB_PWD
fi
PSQL="psql -q -h$DB_HOST -p$DB_PORT -d$DB_NAME -U$DB_USER -w"
$PSQL -f "$APP_DIR/server/schema/postgresql/createdb.sql"
}
create_mysql_tbl() {
CONNECTION_PARAMS="-h$DB_HOST -P$DB_PORT -u$DB_USER -p$DB_PWD -w"
MYSQL="mysql -q $CONNECTION_PARAMS"
# Create db on remote server # Create db on remote server
if $PSQL -lt | cut -d\| -f 1 | grep -qw | grep 0; then $MYSQL -e "CREATE DATABASE IF NOT EXISTS $DB_NAME DEFAULT CHARACTER SET utf8 DEFAULT COLLATE utf8_general_ci;" >/dev/null 2>&1
$CREATEDB $DB_NAME
fi
$PSQL -d "${POSTGRESQL_SERVER_DB_NAME}" -f "${APP_DIR}/server/schema/postgresql/createdb.sql" $MYSQL $DB_NAME < "$APP_DIR/server/schema/mysql/createdb.sql" >/dev/null 2>&1
}
update_welcome_page() {
WELCOME_PAGE="${APP_DIR}-example/welcome/docker.html"
if [[ -e $WELCOME_PAGE ]]; then
DOCKER_CONTAINER_ID=$(basename $(cat /proc/1/cpuset))
(( ${#DOCKER_CONTAINER_ID} < 12 )) && DOCKER_CONTAINER_ID=$(hostname)
if (( ${#DOCKER_CONTAINER_ID} >= 12 )); then
if [[ -x $(command -v docker) ]]; then
DOCKER_CONTAINER_NAME=$(docker inspect --format="{{.Name}}" $DOCKER_CONTAINER_ID)
sed 's/$(sudo docker ps -q)/'"${DOCKER_CONTAINER_NAME#/}"'/' -i $WELCOME_PAGE
JWT_MESSAGE=$(echo $JWT_MESSAGE | sed 's/$(sudo docker ps -q)/'"${DOCKER_CONTAINER_NAME#/}"'/')
else
sed 's/$(sudo docker ps -q)/'"${DOCKER_CONTAINER_ID::12}"'/' -i $WELCOME_PAGE
JWT_MESSAGE=$(echo $JWT_MESSAGE | sed 's/$(sudo docker ps -q)/'"${DOCKER_CONTAINER_ID::12}"'/')
fi
fi
fi
} }
update_nginx_settings(){ update_nginx_settings(){
@ -208,7 +459,7 @@ update_nginx_settings(){
# setup HTTPS # setup HTTPS
if [ -f "${SSL_CERTIFICATE_PATH}" -a -f "${SSL_KEY_PATH}" ]; then if [ -f "${SSL_CERTIFICATE_PATH}" -a -f "${SSL_KEY_PATH}" ]; then
ln -sf ${NGINX_ONLYOFFICE_PATH}/onlyoffice-documentserver-ssl.conf.template ${NGINX_ONLYOFFICE_CONF} cp -f ${NGINX_ONLYOFFICE_PATH}/ds-ssl.conf.tmpl ${NGINX_ONLYOFFICE_CONF}
# configure nginx # configure nginx
sed 's,{{SSL_CERTIFICATE_PATH}},'"${SSL_CERTIFICATE_PATH}"',' -i ${NGINX_ONLYOFFICE_CONF} sed 's,{{SSL_CERTIFICATE_PATH}},'"${SSL_CERTIFICATE_PATH}"',' -i ${NGINX_ONLYOFFICE_CONF}
@ -236,35 +487,49 @@ update_nginx_settings(){
sed '/max-age=/d' -i ${NGINX_ONLYOFFICE_CONF} sed '/max-age=/d' -i ${NGINX_ONLYOFFICE_CONF}
fi fi
else else
ln -sf ${NGINX_ONLYOFFICE_PATH}/onlyoffice-documentserver.conf.template ${NGINX_ONLYOFFICE_CONF} ln -sf ${NGINX_ONLYOFFICE_PATH}/ds.conf.tmpl ${NGINX_ONLYOFFICE_CONF}
fi
# check if ipv6 supported otherwise remove it from nginx config
if [ ! -f /proc/net/if_inet6 ]; then
sed '/listen\s\+\[::[0-9]*\].\+/d' -i $NGINX_ONLYOFFICE_CONF
fi fi
if [ -f "${NGINX_ONLYOFFICE_EXAMPLE_CONF}" ]; then if [ -f "${NGINX_ONLYOFFICE_EXAMPLE_CONF}" ]; then
sed 's/linux/docker/' -i ${NGINX_ONLYOFFICE_EXAMPLE_CONF} sed 's/linux/docker/' -i ${NGINX_ONLYOFFICE_EXAMPLE_CONF}
fi fi
}
update_supervisor_settings(){ documentserver-update-securelink.sh -s ${SECURE_LINK_SECRET:-$(pwgen -s 20)} -r false
# Copy modified supervisor start script
cp ${SYSCONF_TEMPLATES_DIR}/supervisor/supervisor /etc/init.d/
# Copy modified supervisor config
cp ${SYSCONF_TEMPLATES_DIR}/supervisor/supervisord.conf /etc/supervisor/supervisord.conf
} }
update_log_settings(){ update_log_settings(){
${JSON_LOG} -I -e "this.levels.nodeJS = '${DS_LOG_LEVEL}'" ${JSON_LOG} -I -e "this.categories.default.level = '${DS_LOG_LEVEL}'"
}
update_logrotate_settings(){
sed 's|\(^su\b\).*|\1 root root|' -i /etc/logrotate.conf
}
update_release_date(){
mkdir -p ${PRIVATE_DATA_DIR}
echo ${RELEASE_DATE} > ${DS_RELEASE_DATE}
} }
# create base folders # create base folders
for i in converter docservice spellchecker metrics gc; do for i in converter docservice metrics; do
mkdir -p "${DS_LOG_DIR}/$i" mkdir -p "${DS_LOG_DIR}/$i"
done done
mkdir -p ${DS_LOG_DIR}-example mkdir -p ${DS_LOG_DIR}-example
# create app folders
for i in ${DS_LIB_DIR}/App_Data/cache/files ${DS_LIB_DIR}/App_Data/docbuilder ${DS_LIB_DIR}-example/files; do
mkdir -p "$i"
done
# change folder rights # change folder rights
for i in ${LOG_DIR} ${LIB_DIR} ${DATA_DIR}; do for i in ${LOG_DIR} ${LIB_DIR}; do
chown -R onlyoffice:onlyoffice "$i" chown -R ds:ds "$i"
chmod -R 755 "$i" chmod -R 755 "$i"
done done
@ -272,16 +537,27 @@ if [ ${ONLYOFFICE_DATA_CONTAINER_HOST} = "localhost" ]; then
read_setting read_setting
if [ $METRICS_ENABLED = "true" ]; then
update_statsd_settings
fi
update_welcome_page
update_log_settings update_log_settings
update_jwt_settings update_ds_settings
# update settings by env variables # update settings by env variables
if [ ${POSTGRESQL_SERVER_HOST} != "localhost" ]; then if [ $DB_HOST != "localhost" ]; then
update_postgresql_settings update_db_settings
waiting_for_postgresql waiting_for_db
create_postgresql_tbl create_db_tbl
else else
# change rights for postgres directory
chown -R postgres:postgres ${PG_ROOT}
chmod -R 700 ${PG_ROOT}
# create new db if it isn't exist
if [ ! -d ${PGDATA} ]; then if [ ! -d ${PGDATA} ]; then
create_postgresql_cluster create_postgresql_cluster
PG_NEW_CLUSTER=true PG_NEW_CLUSTER=true
@ -289,16 +565,31 @@ if [ ${ONLYOFFICE_DATA_CONTAINER_HOST} = "localhost" ]; then
LOCAL_SERVICES+=("postgresql") LOCAL_SERVICES+=("postgresql")
fi fi
if [ ${RABBITMQ_SERVER_HOST} != "localhost" ]; then if [ ${AMQP_SERVER_HOST} != "localhost" ]; then
update_rabbitmq_setting update_rabbitmq_setting
else else
# change rights for rabbitmq directory
chown -R rabbitmq:rabbitmq ${RABBITMQ_DATA}
chmod -R go=rX,u=rwX ${RABBITMQ_DATA}
if [ -f ${RABBITMQ_DATA}/.erlang.cookie ]; then
chmod 400 ${RABBITMQ_DATA}/.erlang.cookie
fi
LOCAL_SERVICES+=("rabbitmq-server") LOCAL_SERVICES+=("rabbitmq-server")
# allow Rabbitmq startup after container kill
rm -rf /var/run/rabbitmq
fi fi
if [ ${REDIS_SERVER_HOST} != "localhost" ]; then if [ ${REDIS_ENABLED} = "true" ]; then
update_redis_settings if [ ${REDIS_SERVER_HOST} != "localhost" ]; then
else update_redis_settings
LOCAL_SERVICES+=("redis-server") else
# change rights for redis directory
chown -R redis:redis ${REDIS_DATA}
chmod -R 750 ${REDIS_DATA}
LOCAL_SERVICES+=("redis-server")
fi
fi fi
else else
# no need to update settings just wait for remote data # no need to update settings just wait for remote data
@ -307,8 +598,12 @@ else
# read settings after the data container in ready state # read settings after the data container in ready state
# to prevent get unconfigureted data # to prevent get unconfigureted data
read_setting read_setting
update_welcome_page
fi fi
find /etc/${COMPANY_NAME} ! -path '*logrotate*' -exec chown ds:ds {} \;
#start needed local services #start needed local services
for i in ${LOCAL_SERVICES[@]}; do for i in ${LOCAL_SERVICES[@]}; do
service $i start service $i start
@ -320,20 +615,68 @@ if [ ${PG_NEW_CLUSTER} = "true" ]; then
fi fi
if [ ${ONLYOFFICE_DATA_CONTAINER} != "true" ]; then if [ ${ONLYOFFICE_DATA_CONTAINER} != "true" ]; then
waiting_for_postgresql waiting_for_db
waiting_for_rabbitmq waiting_for_amqp
waiting_for_redis if [ ${REDIS_ENABLED} = "true" ]; then
waiting_for_redis
fi
if [ "${IS_UPGRADE}" = "true" ]; then
upgrade_db_tbl
update_release_date
fi
update_nginx_settings update_nginx_settings
update_supervisor_settings
service supervisor start service supervisor start
# start cron to enable log rotating
update_logrotate_settings
service cron start
fi fi
# nginx used as a proxy, and as data container status service. # nginx used as a proxy, and as data container status service.
# it run in all cases. # it run in all cases.
service nginx start service nginx start
if [ "${LETS_ENCRYPT_DOMAIN}" != "" -a "${LETS_ENCRYPT_MAIL}" != "" ]; then
if [ ! -f "${SSL_CERTIFICATE_PATH}" -a ! -f "${SSL_KEY_PATH}" ]; then
documentserver-letsencrypt.sh ${LETS_ENCRYPT_MAIL} ${LETS_ENCRYPT_DOMAIN}
fi
fi
# Regenerate the fonts list and the fonts thumbnails # Regenerate the fonts list and the fonts thumbnails
documentserver-generate-allfonts.sh ${ONLYOFFICE_DATA_CONTAINER} if [ "${GENERATE_FONTS}" == "true" ]; then
documentserver-generate-allfonts.sh ${ONLYOFFICE_DATA_CONTAINER}
fi
documentserver-static-gzip.sh ${ONLYOFFICE_DATA_CONTAINER} documentserver-static-gzip.sh ${ONLYOFFICE_DATA_CONTAINER}
echo "${JWT_MESSAGE}"
# Check if lager file limits should be set
if [ "$LARGER_FILE_LIMITS" = "true" ]; then
if [ -e /app/ds/file_limits_set ]; then
echo ""
else
touch /app/ds/file_limits_set
sed -i -e 's/104857600/10485760000/g' /etc/onlyoffice/documentserver-example/production-linux.json
sed -i '9iclient_max_body_size 1000M;' /etc/onlyoffice/documentserver-example/nginx/includes/ds-example.conf
sed -i '16iclient_max_body_size 1000M;' /etc/nginx/nginx.conf
sed -i -e 's/104857600/10485760000/g' /etc/onlyoffice/documentserver/default.json
sed -i -e 's/50MB/5000MB/g' /etc/onlyoffice/documentserver/default.json
sed -i -e 's/300MB/3000MB/g' /etc/onlyoffice/documentserver/default.json
sed -i 's/^client_max_body_size 100m;$/client_max_body_size 1000m;/' /etc/onlyoffice/documentserver/nginx/includes/ds-common.conf
service nginx restart
supervisorctl restart all
fi
fi
tail -f /var/log/${COMPANY_NAME}/**/*.log &
wait $!

BIN
slideThemes/01_blank.pptx Normal file

Binary file not shown.

BIN
slideThemes/02_basic.pptx Normal file

Binary file not shown.

BIN
slideThemes/03_classic.pptx Normal file

Binary file not shown.

Binary file not shown.

Binary file not shown.

BIN
slideThemes/06_lines.pptx Normal file

Binary file not shown.

BIN
slideThemes/07_office.pptx Normal file

Binary file not shown.

BIN
slideThemes/08_safari.pptx Normal file

Binary file not shown.

BIN
slideThemes/09_dotted.pptx Normal file

Binary file not shown.

BIN
slideThemes/10_corner.pptx Normal file

Binary file not shown.

BIN
slideThemes/11_tort.pptx Normal file

Binary file not shown.

35
tests/postgres.yml Normal file

@ -0,0 +1,35 @@
version: '2.1'
services:
onlyoffice-documentserver:
container_name: onlyoffice-documentserver
build:
context: ../.
depends_on:
- onlyoffice-postgresql
environment:
- DB_TYPE=${DB_TYPE:-postgres}
- DB_HOST=${DB_HOST:-onlyoffice-postgresql}
- DB_PORT=${DB_PORT:-5432}
- DB_NAME=${DB_NAME:-onlyoffice}
- DB_USER=${DB_USER:-onlyoffice}
- DB_PWD=${DB_PWD:-onlyoffice}
stdin_open: true
restart: always
ports:
- '80:80'
onlyoffice-postgresql:
container_name: onlyoffice-postgresql
image: postgres:${POSTGRES_VERSION:-12}
environment:
- POSTGRES_DB=${POSTGRES_DB:-onlyoffice}
- POSTGRES_USER=${POSTGRES_USER:-onlyoffice}
- POSTGRES_HOST_AUTH_METHOD=${POSTGRES_HOST_AUTH_METHOD:-trust}
restart: always
expose:
- '5432'
volumes:
- postgresql_data:/var/lib/postgresql
volumes:
postgresql_data:

46
tests/prometheus.yml Normal file

@ -0,0 +1,46 @@
version: '2.1'
services:
onlyoffice-documentserver:
container_name: onlyoffice-documentserver
build:
context: ../.
depends_on:
- onlyoffice-statsd-exporter
environment:
- METRICS_ENABLED=${METRICS_ENABLED:-true}
- METRICS_HOST=${METRICS_HOST:-onlyoffice-statsd-exporter}
- METRICS_PORT=${METRICS_PORT:-9125}
- METRICS_PREFIX=${METRICS_PREFIX:-ds.}
stdin_open: true
restart: always
ports:
- '80:80'
onlyoffice-statsd-exporter:
container_name: onlyoffice-statsd-exporter
image: prom/statsd-exporter
command: --statsd.event-flush-interval=30000ms
ports:
- '9102:9102'
- '9125:9125/tcp'
- '9125:9125/udp'
onlyoffice-prometheus:
container_name: onlyoffice-prometheus
image: prom/prometheus
ports:
- '9090:9090'
volumes:
- ./prometheus/prometheus-scrape/statsd-exporter.yml:/etc/prometheus/prometheus.yml
grafana:
container_name: onlyoffice-grafana
image: bitnami/grafana
ports:
- '3000:3000'
environment:
- 'GF_SECURITY_ADMIN_PASSWORD=G0pGE4'
volumes:
- ./prometheus/grafana/conf/prometheus.yml:/opt/bitnami/grafana/conf/provisioning/datasources/prometheus.yml
- ./prometheus/grafana/conf/default-provider.yaml:/opt/bitnami/grafana/conf/provisioning/dashboards/default-provider.yaml
- ./prometheus/grafana/dashboards:/opt/bitnami/grafana/dashboards

@ -0,0 +1,23 @@
apiVersion: 1
providers:
# <string> an unique provider name
- name: 'default-provider'
# <int> org id. will default to orgId 1 if not specified
orgId: 1
# <string, required> name of the dashboard folder. Required
folder: dashboards
# <string> folder UID. will be automatically generated if not specified
folderUid: ''
# <string, required> provider type. Required
type: file
# <bool> disable dashboard deletion
disableDeletion: false
# <bool> enable dashboard editing
editable: true
# <int> how often Grafana will scan for changed dashboards
updateIntervalSeconds: 10
options:
# <string, required> path to dashboard files on disk. Required
path: /opt/bitnami/grafana/dashboards
# <bool> enable folders creation for dashboards
#foldersFromFilesStructure: true

@ -0,0 +1,6 @@
apiVersion: 1
datasources:
- name: Prometheus
type: prometheus
url: http://onlyoffice-prometheus:9090
editable: true

File diff suppressed because it is too large Load Diff

@ -0,0 +1,6 @@
scrape_configs:
- job_name: 'statsd'
scrape_interval: 30s
static_configs:
- targets:
- onlyoffice-statsd-exporter:9102