Compare commits
1 Commits
master
...
jiriks74-l
Author | SHA1 | Date | |
---|---|---|---|
b15ad03153 |
1
.envrc
1
.envrc
@ -1 +0,0 @@
|
|||||||
use nix
|
|
@ -1,66 +0,0 @@
|
|||||||
name: Build
|
|
||||||
|
|
||||||
on:
|
|
||||||
schedule:
|
|
||||||
- cron: "0 0 * * 1"
|
|
||||||
push:
|
|
||||||
tags:
|
|
||||||
- 'manual_build'
|
|
||||||
|
|
||||||
jobs:
|
|
||||||
build:
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
steps:
|
|
||||||
- name: Checkout
|
|
||||||
uses: actions/checkout@v4
|
|
||||||
|
|
||||||
- name: Get upstream repository
|
|
||||||
run: |
|
|
||||||
git clone https://github.com/ONLYOFFICE/DocumentServer/ upstream
|
|
||||||
|
|
||||||
- name: Extract tags and labels for Docker
|
|
||||||
id: meta
|
|
||||||
run: |
|
|
||||||
export VERSION="$(cd upstream && git describe --tags --abbrev=0 | cut -d 'v' -f2-)"
|
|
||||||
echo "Version: ${VERSION}"
|
|
||||||
echo "tag=${VERSION}" >> $GITHUB_OUTPUT
|
|
||||||
shell: bash
|
|
||||||
|
|
||||||
- name: Check if the image was already built
|
|
||||||
id: check-build-status
|
|
||||||
run: |
|
|
||||||
echo ${{ steps.meta.outputs.tag }}
|
|
||||||
if curl --silent -f -lSL "https://hub.docker.com/v2/repositories/jiriks74/onlyoffice-documentserver/tags/$(echo ${{ steps.meta.outputs.tag }})" > /dev/null; then echo "Already exists" && exit 1; else echo "Desn't exist" && exit 0; fi
|
|
||||||
|
|
||||||
- name: Set tag in Dockerfile
|
|
||||||
run: |
|
|
||||||
sed -i "s/ARG PACKAGE_VERSION=/ARG PACKAGE_VERSION=$(echo ${{ steps.meta.outputs.tag }} | cut -d ':' -f2)/g" Dockerfile
|
|
||||||
|
|
||||||
- name: Update repositories
|
|
||||||
run: sudo apt update
|
|
||||||
- name: Install Docker
|
|
||||||
uses: awalsh128/cache-apt-pkgs-action@latest
|
|
||||||
with:
|
|
||||||
packages: docker.io
|
|
||||||
|
|
||||||
- name: Set up QEMU
|
|
||||||
uses: docker/setup-qemu-action@v2
|
|
||||||
- name: Set up Docker Buildx
|
|
||||||
uses: docker/setup-buildx-action@v1
|
|
||||||
with:
|
|
||||||
platforms: linux/amd64,linux/arm64
|
|
||||||
|
|
||||||
- name: Login to DockerHub
|
|
||||||
uses: docker/login-action@v1
|
|
||||||
with:
|
|
||||||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
|
||||||
password: ${{ secrets.DOCKERHUB_TOKEN }}
|
|
||||||
|
|
||||||
- name: Build and push image
|
|
||||||
uses: docker/build-push-action@v2
|
|
||||||
with:
|
|
||||||
push: true
|
|
||||||
tags: jiriks74/onlyoffice-documentserver:${{ steps.meta.outputs.tag }},jiriks74/onlyoffice-documentserver:latest
|
|
||||||
platforms: linux/amd64,linux/arm64
|
|
||||||
context: .
|
|
||||||
file: ./Dockerfile
|
|
@ -1,22 +0,0 @@
|
|||||||
---
|
|
||||||
name: Trigger 4testing rebuild
|
|
||||||
|
|
||||||
run-name: "Weekly 4testing rebuild trigger"
|
|
||||||
|
|
||||||
on:
|
|
||||||
schedule:
|
|
||||||
# Run every Saturday at 10 p.m.
|
|
||||||
- cron: '00 22 * * 6'
|
|
||||||
|
|
||||||
jobs:
|
|
||||||
trigger-rebuild:
|
|
||||||
name: "trigget-rebuild"
|
|
||||||
runs-on: "ubuntu-latest"
|
|
||||||
steps:
|
|
||||||
- name: Rebuild 4testing manualy
|
|
||||||
env:
|
|
||||||
GITHUB_TOKEN: ${{ secrets.TOKEN }}
|
|
||||||
run: |
|
|
||||||
gh workflow run rebuild.yml \
|
|
||||||
--repo ONLYOFFICE/Docker-DocumentServer \
|
|
||||||
-f repo=4test
|
|
@ -1,224 +0,0 @@
|
|||||||
---
|
|
||||||
name: Rebuild Docker-Documentserver
|
|
||||||
|
|
||||||
run-name: >
|
|
||||||
Rebuild DocumentServer with secure updates for repo: ${{ github.event.inputs.repo }}
|
|
||||||
|
|
||||||
on:
|
|
||||||
workflow_dispatch:
|
|
||||||
inputs:
|
|
||||||
repo:
|
|
||||||
type: choice
|
|
||||||
description: Please, choose upload repo..
|
|
||||||
options:
|
|
||||||
- '4test'
|
|
||||||
- 'stable'
|
|
||||||
|
|
||||||
permissions:
|
|
||||||
# All other permissions are set to none
|
|
||||||
contents: read
|
|
||||||
# Technically read access while waiting for images should be more than enough. However,
|
|
||||||
# there is a bug in GitHub Actions/Packages and in case private repositories are used, you get a permission
|
|
||||||
# denied error when attempting to just pull private image, changing the token permission to write solves the
|
|
||||||
# issue. This is not dangerous, because if it is for "ONLYOFFICE/Docker-DocumentServer", only maintainers can use ds-rebuild.yaml
|
|
||||||
# If it is for a fork, then the token is read-only anyway.
|
|
||||||
packages: read
|
|
||||||
|
|
||||||
env:
|
|
||||||
COMPANY_NAME: "onlyoffice"
|
|
||||||
PRODUCT_NAME: "documentserver"
|
|
||||||
REGISTRY_URL: "https://hub.docker.com/v2/repositories"
|
|
||||||
|
|
||||||
jobs:
|
|
||||||
rebuild-info:
|
|
||||||
name: "Rebuild-info"
|
|
||||||
runs-on: "ubuntu-22.04"
|
|
||||||
env:
|
|
||||||
REPO_INPUTS: ${{ github.event.inputs.repo }}
|
|
||||||
EVENT: ${{ github.event_name }}
|
|
||||||
outputs:
|
|
||||||
stable-versions: ${{ steps.selective-checks.outputs.stable-versions }}
|
|
||||||
ucs-versions: ${{ steps.selective-checks.outputs.ucs-versions }}
|
|
||||||
minor-tags: ${{ steps.selective-checks.outputs.minor-tags }}
|
|
||||||
ucs-rebuild-condition: ${{ steps.selective-checks.outputs.ucs-rebuild-condition }}
|
|
||||||
prefix-name: ${{ steps.selective-checks.outputs.prefix-name }}
|
|
||||||
repo: ${{ steps.selective-checks.outputs.repo }}
|
|
||||||
steps:
|
|
||||||
- name: Selective checks
|
|
||||||
id: selective-checks
|
|
||||||
run: |
|
|
||||||
set -e
|
|
||||||
|
|
||||||
REPO=${REPO_INPUTS:-"4test"}
|
|
||||||
|
|
||||||
if [ "${REPO}" == "stable" ]; then
|
|
||||||
UCS_REBUILD=true
|
|
||||||
UCS_VERSIONS=($(curl -s -H -X ${REGISTRY_URL}/${COMPANY_NAME}/${PRODUCT_NAME}-ucs/tags/?page_size=100 | \
|
|
||||||
jq -r '.results|.[]|.name' | grep -oxE '[0-9]{1,}.[0-9]{1,}.[0-9]{1,}.1' || true))
|
|
||||||
echo "ucs-versions=$(jq -c -n '$ARGS.positional' --args "${UCS_VERSIONS[@]}")" >> "$GITHUB_OUTPUT"
|
|
||||||
elif
|
|
||||||
[ "${REPO}" == "4test" ]; then
|
|
||||||
UCS_REBUILD=false
|
|
||||||
PREFIX_NAME=4testing-
|
|
||||||
fi
|
|
||||||
|
|
||||||
STABLE_VERSIONS=($(curl -s -H -X ${REGISTRY_URL}/${COMPANY_NAME}/${PRODUCT_NAME}/tags/?page_size=100 | \
|
|
||||||
jq -r '.results|.[]|.name' | grep -oxE '[0-9]{1,}.[0-9]{1,}.[0-9]{1,}.1' || true))
|
|
||||||
|
|
||||||
# When rebuilding stable versions of the document server,
|
|
||||||
# it is necessary to determine the version from which the
|
|
||||||
# minor x.x tag will need to be pushed.
|
|
||||||
|
|
||||||
VERSIONS=(${STABLE_VERSIONS[@]})
|
|
||||||
for i in {1..10}; do
|
|
||||||
if [ -z "${VERSIONS}" ]; then
|
|
||||||
break
|
|
||||||
else
|
|
||||||
TEMPLATE=${VERSIONS[0]%.*.*}
|
|
||||||
TEMPLATE_MINOR=$(printf -- '%s\n' "${VERSIONS[@]}" | grep -o -m 1 "${VERSIONS[0]%.*.*}.[0-9].[0-9]")
|
|
||||||
MINOR_TAGS+=(${TEMPLATE_MINOR%.*})
|
|
||||||
|
|
||||||
for v in ${MINOR_TAGS[@]}; do
|
|
||||||
VERSIONS=(${VERSIONS[@]//${v%.*}.*.*})
|
|
||||||
done
|
|
||||||
fi
|
|
||||||
done
|
|
||||||
|
|
||||||
echo "Stable releases that will be rebuilded"
|
|
||||||
echo "--------------------------------------"
|
|
||||||
echo "${STABLE_VERSIONS[@]}"
|
|
||||||
echo
|
|
||||||
echo
|
|
||||||
echo "Ucs releases that will be rebuilded"
|
|
||||||
echo "-----------------------------------"
|
|
||||||
echo "${UCS_VERSIONS[@]}"
|
|
||||||
|
|
||||||
echo "stable-versions=$(jq -c -n '$ARGS.positional' --args "${STABLE_VERSIONS[@]}")" >> "$GITHUB_OUTPUT"
|
|
||||||
echo "minor-tags=${MINOR_TAGS[@]}" >> "$GITHUB_OUTPUT"
|
|
||||||
echo "ucs-rebuild-condition=${UCS_REBUILD}" >> "$GITHUB_OUTPUT"
|
|
||||||
echo "prefix-name=${PREFIX_NAME}" >> "$GITHUB_OUTPUT"
|
|
||||||
echo "repo=${REPO}" >> "$GITHUB_OUTPUT"
|
|
||||||
shell: bash
|
|
||||||
|
|
||||||
re-build-stable:
|
|
||||||
name: "Rebuild stable:${{ matrix.version }} ${{ matrix.edition }}"
|
|
||||||
needs: [rebuild-info]
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
strategy:
|
|
||||||
fail-fast: false
|
|
||||||
matrix:
|
|
||||||
type: ["stable"]
|
|
||||||
edition: ["", "-ee", "-de"]
|
|
||||||
version: ${{fromJSON(needs.rebuild-info.outputs.stable-versions)}}
|
|
||||||
steps:
|
|
||||||
- name: Checkout code
|
|
||||||
uses: actions/checkout@v3
|
|
||||||
- name: Set up QEMU
|
|
||||||
uses: docker/setup-qemu-action@v2
|
|
||||||
- name: Set up Docker Buildx
|
|
||||||
uses: docker/setup-buildx-action@v2
|
|
||||||
- name: Login to Docker Hub
|
|
||||||
uses: docker/login-action@v2
|
|
||||||
with:
|
|
||||||
username: ${{ secrets.DOCKER_HUB_USERNAME }}
|
|
||||||
password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
|
|
||||||
# Determines the new build number based
|
|
||||||
# on data from the hub.docker registry
|
|
||||||
- name: Declare release number
|
|
||||||
id: release-number
|
|
||||||
env:
|
|
||||||
REBUILD_VERSION: ${{ matrix.version }}
|
|
||||||
run: |
|
|
||||||
MINOR_VERSION=${REBUILD_VERSION%.*}
|
|
||||||
LAST_RELEASE=$(curl -s -H -X ${REGISTRY_URL}/${COMPANY_NAME}/${PRODUCT_NAME}/tags/?page_size=100 \
|
|
||||||
| jq -r '.results|.[]|.name' | grep -Eo -m1 "${MINOR_VERSION}.[0-9]{1,}")
|
|
||||||
LAST_RELEASE=${LAST_RELEASE#*.*.*.}
|
|
||||||
echo "release-number=$((LAST_RELEASE+1))" >> "$GITHUB_OUTPUT"
|
|
||||||
shell: bash
|
|
||||||
# Note: Rebuilding images with an
|
|
||||||
# extra layer to update security and
|
|
||||||
# all dependencies. Update tags got +1 to previous release.
|
|
||||||
- name: Re-build documentserver-stable
|
|
||||||
env:
|
|
||||||
MINOR_TAGS_ST: ${{ needs.rebuild-info.outputs.minor-tags }}
|
|
||||||
VERSION: ${{ matrix.version }}
|
|
||||||
RELEASE_NUMBER: ${{ steps.release-number.outputs.release-number }}
|
|
||||||
PREFIX_NAME: ${{ needs.rebuild-info.outputs.prefix-name }}
|
|
||||||
REPO: ${{ needs.rebuild-info.outputs.repo }}
|
|
||||||
PRODUCT_EDITION: ${{ matrix.edition }}
|
|
||||||
run: |
|
|
||||||
set -eux
|
|
||||||
export PULL_TAG=${VERSION}
|
|
||||||
export TAG=${VERSION%.*}.${RELEASE_NUMBER}
|
|
||||||
export SHORTER_TAG=${VERSION%.*}
|
|
||||||
export SHORTEST_TAG=${VERSION%.*.*}
|
|
||||||
|
|
||||||
if [ "${REPO}" == "stable" ]; then
|
|
||||||
MINOR_TAGS=(${MINOR_TAGS_ST})
|
|
||||||
for v in ${MINOR_TAGS[@]}; do
|
|
||||||
if [ "${SHORTER_TAG}" == "${v}" ]; then
|
|
||||||
export PUSH_MAJOR="true"
|
|
||||||
fi
|
|
||||||
done
|
|
||||||
if [ "${SHORTER_TAG}" == "${MINOR_TAGS[0]}" ]; then
|
|
||||||
export LATEST="true"
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
docker buildx bake -f docker-bake.hcl documentserver-stable-rebuild --push
|
|
||||||
shell: bash
|
|
||||||
re-build-ucs:
|
|
||||||
name: "Rebuild ucs: ${{ matrix.version }} ${{ matrix.edition }}"
|
|
||||||
if: needs.rebuild-info.outputs.ucs-rebuild-condition == 'true'
|
|
||||||
needs: [rebuild-info]
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
strategy:
|
|
||||||
fail-fast: false
|
|
||||||
matrix:
|
|
||||||
type: ["ucs"]
|
|
||||||
edition: ["", "-ee"]
|
|
||||||
version: ${{fromJSON(needs.rebuild-info.outputs.ucs-versions)}}
|
|
||||||
steps:
|
|
||||||
- name: Checkout code
|
|
||||||
uses: actions/checkout@v3
|
|
||||||
- name: Set up QEMU
|
|
||||||
uses: docker/setup-qemu-action@v2
|
|
||||||
- name: Set up Docker Buildx
|
|
||||||
uses: docker/setup-buildx-action@v2
|
|
||||||
- name: Login to Docker Hub
|
|
||||||
uses: docker/login-action@v2
|
|
||||||
with:
|
|
||||||
username: ${{ secrets.DOCKER_HUB_USERNAME }}
|
|
||||||
password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
|
|
||||||
# Determines the new build number based
|
|
||||||
# on data from the hub.docker registry
|
|
||||||
- name: Declare release number
|
|
||||||
id: release-number
|
|
||||||
env:
|
|
||||||
REBUILD_VERSION: ${{ matrix.version }}
|
|
||||||
run: |
|
|
||||||
MINOR_VERSION=${REBUILD_VERSION%.*}
|
|
||||||
LAST_RELEASE=$(curl -s -H -X ${REGISTRY_URL}/${COMPANY_NAME}/${PRODUCT_NAME}/tags/?page_size=100 \
|
|
||||||
| jq -r '.results|.[]|.name' | grep -Eo -m1 "${MINOR_VERSION}.[0-9]{1,}")
|
|
||||||
LAST_RELEASE=${LAST_RELEASE#*.*.*.}
|
|
||||||
echo "release-number=$((LAST_RELEASE+1))" >> "$GITHUB_OUTPUT"
|
|
||||||
shell: bash
|
|
||||||
# Note: Rebuilding images with an
|
|
||||||
# extra layer to update security and
|
|
||||||
# all dependencies. Update tags +1 to previous release.
|
|
||||||
- name: Re-build documentserver-ucs
|
|
||||||
env:
|
|
||||||
VERSION: ${{ matrix.version }}
|
|
||||||
RELEASE_NUMBER: ${{ steps.release-number.outputs.release-number }}
|
|
||||||
PRODUCT_EDITION: ${{ matrix.edition }}
|
|
||||||
run: |
|
|
||||||
set -eux
|
|
||||||
export PULL_TAG=${VERSION}
|
|
||||||
export TAG=${VERSION%.*}.${RELEASE_NUMBER}
|
|
||||||
export SHORTER_TAG=${VERSION%.*}
|
|
||||||
export SHORTEST_TAG=${VERSION%.*.*}
|
|
||||||
|
|
||||||
export UCS_REBUILD=true
|
|
||||||
export UCS_PREFIX=-ucs
|
|
||||||
|
|
||||||
docker buildx bake -f docker-bake.hcl documentserver-stable-rebuild --push
|
|
||||||
shell: bash
|
|
@ -1,70 +0,0 @@
|
|||||||
---
|
|
||||||
name: Scanning DocumentServer with ZAP
|
|
||||||
|
|
||||||
run-name: >
|
|
||||||
ZAP DocumentServer ver: ${{ github.event.inputs.version }} from branch: ${{ github.event.inputs.branch }}
|
|
||||||
|
|
||||||
on:
|
|
||||||
workflow_dispatch:
|
|
||||||
inputs:
|
|
||||||
version:
|
|
||||||
description: 'Set DocumentServer version that will be deployed'
|
|
||||||
type: string
|
|
||||||
required: true
|
|
||||||
branch:
|
|
||||||
description: 'The branch from which the scan will be performed'
|
|
||||||
type: string
|
|
||||||
required: true
|
|
||||||
jobs:
|
|
||||||
zap:
|
|
||||||
name: "Zap scanning DocumentServer"
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
permissions:
|
|
||||||
issues: write
|
|
||||||
steps:
|
|
||||||
- name: Checkout code
|
|
||||||
uses: actions/checkout@v3
|
|
||||||
|
|
||||||
- name: Run DS
|
|
||||||
id: run-ds
|
|
||||||
env:
|
|
||||||
TAG: ${{ github.event.inputs.version }}
|
|
||||||
run: |
|
|
||||||
# Create ssl certs
|
|
||||||
openssl genrsa -out tls.key 2048
|
|
||||||
openssl req -new -key tls.key -out tls.csr -subj "/C=RU/ST=NizhObl/L=NizhNov/O=RK-Tech/OU=TestUnit/CN=TestName"
|
|
||||||
openssl x509 -req -days 365 -in tls.csr -signkey tls.key -out tls.crt
|
|
||||||
openssl dhparam -out dhparam.pem 2048
|
|
||||||
sudo mkdir -p /app/onlyoffice/DocumentServer/data/certs
|
|
||||||
sudo cp ./tls.key /app/onlyoffice/DocumentServer/data/certs/
|
|
||||||
sudo cp ./tls.crt /app/onlyoffice/DocumentServer/data/certs/
|
|
||||||
sudo cp ./dhparam.pem /app/onlyoffice/DocumentServer/data/certs/
|
|
||||||
sudo chmod 400 /app/onlyoffice/DocumentServer/data/certs/tls.key
|
|
||||||
rm ./tls.key ./tls.crt ./dhparam.pem
|
|
||||||
|
|
||||||
# Run Ds with enabled ssl
|
|
||||||
export CONTAINER_NAME="documentserver"
|
|
||||||
sudo docker run -itd \
|
|
||||||
--name ${CONTAINER_NAME} \
|
|
||||||
-p 80:80 \
|
|
||||||
-p 443:443 \
|
|
||||||
-v /app/onlyoffice/DocumentServer/data:/var/www/onlyoffice/Data \
|
|
||||||
onlyoffice/4testing-documentserver:${TAG}
|
|
||||||
sleep 60
|
|
||||||
sudo docker exec ${CONTAINER_NAME} sudo supervisorctl start ds:example
|
|
||||||
LOCAL_IP=$(hostname -I | awk '{print $1}')
|
|
||||||
echo "local-ip=${LOCAL_IP}" >> "$GITHUB_OUTPUT"
|
|
||||||
|
|
||||||
# Scan DocumentServer with ZAP.
|
|
||||||
# NOTE: Full scan get a lot of time.
|
|
||||||
# If you want make scan more faster (but less accurate) remove `cmd options` field
|
|
||||||
# -j mean that scanning use AJAX Spider, with this spider the scan takes approximately an hour
|
|
||||||
# Without any cmd options will be used default spider and the scan takes approximately ~10-15 minutes
|
|
||||||
- name: ZAP Scan
|
|
||||||
uses: zaproxy/action-full-scan@v0.8.0
|
|
||||||
with:
|
|
||||||
token: ${{ secrets.GITHUB_TOKEN }}
|
|
||||||
docker_name: 'ghcr.io/zaproxy/zaproxy:stable'
|
|
||||||
target: 'https://${{ steps.run-ds.outputs.local-ip }}/'
|
|
||||||
allow_issue_writing: false
|
|
||||||
cmd_options: '-j'
|
|
@ -1,14 +1,5 @@
|
|||||||
### This workflow setup instance then build and push images ###
|
### This workflow setup instance then build and push images ###
|
||||||
name: 4testing multiarch-build
|
name: 4testing multiarch-build
|
||||||
run-name: >-
|
|
||||||
Build #${{ inputs.build }} [
|
|
||||||
${{ inputs.amd64 && 'AMD64' || '-' }}
|
|
||||||
${{ inputs.arm64 && 'ARM64' || '-' }}
|
|
||||||
] [
|
|
||||||
${{ inputs.community && 'CE' || '-' }}
|
|
||||||
${{ inputs.developer && 'DE' || '-' }}
|
|
||||||
${{ inputs.enterprise && 'EE' || '-' }}
|
|
||||||
]
|
|
||||||
|
|
||||||
on:
|
on:
|
||||||
workflow_dispatch:
|
workflow_dispatch:
|
||||||
@ -70,7 +61,7 @@ jobs:
|
|||||||
echo "None of the editions are selected."
|
echo "None of the editions are selected."
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
echo "editions=$(jq -n -c --arg s "${EDITIONS[*]}" '($s|split(" "))')" >> $GITHUB_OUTPUT
|
echo "::set-output name=editions::$(jq -n -c --arg s "${EDITIONS[*]}" '($s|split(" "))')"
|
||||||
outputs:
|
outputs:
|
||||||
editions: ${{ steps.matrix.outputs.editions }}
|
editions: ${{ steps.matrix.outputs.editions }}
|
||||||
|
|
||||||
@ -101,7 +92,6 @@ jobs:
|
|||||||
password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
|
password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
|
||||||
|
|
||||||
- name: Build 4testing
|
- name: Build 4testing
|
||||||
id: build-ds
|
|
||||||
run: |
|
run: |
|
||||||
set -eux
|
set -eux
|
||||||
|
|
||||||
@ -134,8 +124,8 @@ jobs:
|
|||||||
BUILD_NUMBER=${{ github.event.inputs.build }}
|
BUILD_NUMBER=${{ github.event.inputs.build }}
|
||||||
|
|
||||||
export PRODUCT_EDITION
|
export PRODUCT_EDITION
|
||||||
export PACKAGE_VERSION=${PRODUCT_VERSION}-${BUILD_NUMBER}
|
export PACKAGE_VERSION=${PRODUCT_VERSION}-${BUILD_NUMBER}~stretch
|
||||||
export PACKAGE_BASEURL=${{ secrets.REPO_BASEURL }}
|
export PACKAGE_BASEURL=${{ secrets.REPO_BASEURL }}/${BUILD_CHANNEL}
|
||||||
export BUILD_CHANNEL
|
export BUILD_CHANNEL
|
||||||
export PLATFORM
|
export PLATFORM
|
||||||
export DOCKERFILE=Dockerfile
|
export DOCKERFILE=Dockerfile
|
||||||
@ -146,29 +136,4 @@ jobs:
|
|||||||
|
|
||||||
docker buildx bake -f docker-bake.hcl ${{ matrix.image }} --push
|
docker buildx bake -f docker-bake.hcl ${{ matrix.image }} --push
|
||||||
echo "DONE: Build success"
|
echo "DONE: Build success"
|
||||||
|
|
||||||
### Set output for Zap scanner
|
|
||||||
### NOTE: Output will be used only in release/hotfix branches
|
|
||||||
|
|
||||||
echo "version=${TAG}" >> "$GITHUB_OUTPUT"
|
|
||||||
echo "branch=${BRANCH_NAME}" >> "$GITHUB_OUTPUT"
|
|
||||||
shell: bash
|
shell: bash
|
||||||
|
|
||||||
# Run scanner only when edition is community
|
|
||||||
# and branch hit release/ or hotfix/
|
|
||||||
- name: Trigger zap manualy
|
|
||||||
if: >-
|
|
||||||
matrix.edition == 'community' &&
|
|
||||||
(startsWith(steps.build-ds.outputs.branch, 'release/') ||
|
|
||||||
startsWith(steps.build-ds.outputs.branch, 'hotfix/'))
|
|
||||||
env:
|
|
||||||
VERSION: ${{ steps.build-ds.outputs.version }}
|
|
||||||
BRANCH: ${{ steps.build-ds.outputs.branch }}
|
|
||||||
GITHUB_TOKEN: ${{ secrets.TOKEN }}
|
|
||||||
run: |
|
|
||||||
gh workflow run zap-ds.yaml \
|
|
||||||
--repo ${{ github.repository }} \
|
|
||||||
-f branch=${BRANCH} \
|
|
||||||
-f version=${VERSION}
|
|
||||||
shell: bash
|
|
||||||
|
|
@ -1,6 +1,5 @@
|
|||||||
### This workflow setup instance then build and push images ###
|
### This workflow setup instance then build and push images ###
|
||||||
name: Multi-arch build stable
|
name: Multi-arch build stable
|
||||||
run-name: ${{ inputs.tag }} (${{ inputs.release_number }})
|
|
||||||
|
|
||||||
on:
|
on:
|
||||||
workflow_dispatch:
|
workflow_dispatch:
|
||||||
@ -9,11 +8,6 @@ on:
|
|||||||
description: 'Tag for release (ex. 1.2.3.45)'
|
description: 'Tag for release (ex. 1.2.3.45)'
|
||||||
type: string
|
type: string
|
||||||
required: true
|
required: true
|
||||||
release_number:
|
|
||||||
description: 'Sequence number of the release (ex. x.x.x.<number>)'
|
|
||||||
type: string
|
|
||||||
required: true
|
|
||||||
default: '1'
|
|
||||||
|
|
||||||
env:
|
env:
|
||||||
COMPANY_NAME: "onlyoffice"
|
COMPANY_NAME: "onlyoffice"
|
||||||
@ -48,12 +42,10 @@ jobs:
|
|||||||
run: |
|
run: |
|
||||||
set -eux
|
set -eux
|
||||||
VERSION=${{ github.event.inputs.tag }}
|
VERSION=${{ github.event.inputs.tag }}
|
||||||
RELEASE_NUMBER=${{ github.event.inputs.release_number }}
|
|
||||||
PRODUCT_EDITION=${{ matrix.edition }}
|
PRODUCT_EDITION=${{ matrix.edition }}
|
||||||
TESTING_IMAGE=${COMPANY_NAME}/4testing-${PRODUCT_NAME}${PRODUCT_EDITION}
|
TESTING_IMAGE=${COMPANY_NAME}/4testing-${PRODUCT_NAME}${PRODUCT_EDITION}
|
||||||
export PRODUCT_EDITION
|
export PRODUCT_EDITION
|
||||||
export PULL_TAG=${VERSION}
|
export TAG=${VERSION}
|
||||||
export TAG=${VERSION%.*}.${RELEASE_NUMBER}
|
|
||||||
export SHORTER_TAG=${VERSION%.*}
|
export SHORTER_TAG=${VERSION%.*}
|
||||||
export SHORTEST_TAG=${VERSION%.*.*}
|
export SHORTEST_TAG=${VERSION%.*.*}
|
||||||
docker buildx bake -f docker-bake.hcl ${{ matrix.images }} --push
|
docker buildx bake -f docker-bake.hcl ${{ matrix.images }} --push
|
||||||
@ -90,11 +82,8 @@ jobs:
|
|||||||
- name: build image
|
- name: build image
|
||||||
run: |
|
run: |
|
||||||
set -eux
|
set -eux
|
||||||
VERSION=${{ github.event.inputs.tag }}
|
|
||||||
RELEASE_NUMBER=${{ github.event.inputs.release_number }}
|
|
||||||
export PULL_TAG=${VERSION%.*}.${RELEASE_NUMBER}
|
|
||||||
export PRODUCT_EDITION=${{ matrix.edition }}
|
export PRODUCT_EDITION=${{ matrix.edition }}
|
||||||
export TAG=${VERSION%.*}.${RELEASE_NUMBER}
|
export TAG=${{ github.event.inputs.tag }}
|
||||||
docker buildx bake -f docker-bake.hcl ${{ matrix.images }} --push
|
docker buildx bake -f docker-bake.hcl ${{ matrix.images }} --push
|
||||||
shell: bash
|
shell: bash
|
||||||
|
|
||||||
@ -124,14 +113,12 @@ jobs:
|
|||||||
- name: build UCS
|
- name: build UCS
|
||||||
run: |
|
run: |
|
||||||
set -eux
|
set -eux
|
||||||
VERSION=${{ github.event.inputs.tag }}
|
|
||||||
RELEASE_NUMBER=${{ github.event.inputs.release_number }}
|
|
||||||
export PRODUCT_EDITION=${{ matrix.edition }}
|
export PRODUCT_EDITION=${{ matrix.edition }}
|
||||||
export PACKAGE_BASEURL=${{ secrets.REPO_BASEURL }}
|
export PACKAGE_BASEURL=${{ secrets.REPO_BASEURL }}/test
|
||||||
export DOCKERFILE=Dockerfile
|
export DOCKERFILE=Dockerfile
|
||||||
export BASE_IMAGE=ubuntu:20.04
|
export BASE_IMAGE=ubuntu:20.04
|
||||||
export PG_VERSION=12
|
export PG_VERSION=12
|
||||||
export TAG=${VERSION%.*}.${RELEASE_NUMBER}
|
export TAG=${{ github.event.inputs.tag }}
|
||||||
export PACKAGE_VERSION=$( echo ${VERSION} | sed -E 's/(.*)\./\1-/')
|
export PACKAGE_VERSION=$( echo ${TAG} | sed -E 's/(.*)\./\1-/')~stretch
|
||||||
docker buildx bake -f docker-bake.hcl documentserver-ucs --push
|
docker buildx bake -f docker-bake.hcl documentserver-ucs --push
|
||||||
shell: bash
|
shell: bash
|
2
.gitignore
vendored
2
.gitignore
vendored
@ -1,2 +0,0 @@
|
|||||||
# Nix, direnv
|
|
||||||
.direnv
|
|
131
.travis.yml
131
.travis.yml
@ -1,131 +0,0 @@
|
|||||||
language: generic
|
|
||||||
|
|
||||||
dist: trusty
|
|
||||||
|
|
||||||
env:
|
|
||||||
# community edition
|
|
||||||
- config: standalone.yml
|
|
||||||
|
|
||||||
# integration edition
|
|
||||||
- config: standalone.yml
|
|
||||||
PRODUCT_NAME: documentserver-ie
|
|
||||||
|
|
||||||
|
|
||||||
# certificates (default tls if onlyoffice not exists)
|
|
||||||
- config: certs.yml
|
|
||||||
ssl: true
|
|
||||||
|
|
||||||
# certificates (default onlyoffice if exists)
|
|
||||||
- config: certs.yml
|
|
||||||
ssl: true
|
|
||||||
private_key: onlyoffice.key
|
|
||||||
certificate_request: onlyoffice.csr
|
|
||||||
certificate: onlyoffice.crt
|
|
||||||
|
|
||||||
# custom certificates
|
|
||||||
- config: certs-customized.yml
|
|
||||||
ssl: true
|
|
||||||
private_key: mycert.key
|
|
||||||
certificate_request: mycert.csr
|
|
||||||
certificate: mycert.crt
|
|
||||||
SSL_CERTIFICATE_PATH: /var/www/onlyoffice/Data/certs/mycert.crt
|
|
||||||
SSL_KEY_PATH: /var/www/onlyoffice/Data/certs/mycert.key
|
|
||||||
|
|
||||||
|
|
||||||
# postgresql 16
|
|
||||||
- config: postgres.yml
|
|
||||||
POSTGRES_VERSION: 16
|
|
||||||
|
|
||||||
# postgresql 15
|
|
||||||
- config: postgres.yml
|
|
||||||
POSTGRES_VERSION: 15
|
|
||||||
|
|
||||||
# postgresql 14
|
|
||||||
- config: postgres.yml
|
|
||||||
POSTGRES_VERSION: 14
|
|
||||||
|
|
||||||
# postgresql 13
|
|
||||||
- config: postgres.yml
|
|
||||||
POSTGRES_VERSION: 13
|
|
||||||
|
|
||||||
# postgresql 12
|
|
||||||
- config: postgres.yml
|
|
||||||
|
|
||||||
# postgresql custom values
|
|
||||||
- config: postgres.yml
|
|
||||||
DB_NAME: mydb
|
|
||||||
DB_USER: myuser
|
|
||||||
DB_PWD: password
|
|
||||||
POSTGRES_DB: mydb
|
|
||||||
POSTGRES_USER: myuser
|
|
||||||
|
|
||||||
# postgresql deprecated variables
|
|
||||||
- config: postgres-old.yml
|
|
||||||
|
|
||||||
|
|
||||||
# mysql 8
|
|
||||||
- config: mysql.yml
|
|
||||||
MYSQL_VERSION: 8
|
|
||||||
|
|
||||||
# mysql 5
|
|
||||||
- config: mysql.yml
|
|
||||||
MYSQL_VERSION: 5
|
|
||||||
|
|
||||||
# mysql 5.7
|
|
||||||
- config: mysql.yml
|
|
||||||
|
|
||||||
|
|
||||||
# mariadb 10
|
|
||||||
- config: mariadb.yml
|
|
||||||
MARIADB_VERSION: 10
|
|
||||||
|
|
||||||
# mariadb 10.5
|
|
||||||
- config: mariadb.yml
|
|
||||||
|
|
||||||
|
|
||||||
- config: activemq.yml
|
|
||||||
ACTIVEMQ_VERSION: latest
|
|
||||||
|
|
||||||
# activemq 5.14.3
|
|
||||||
- config: activemq.yml
|
|
||||||
|
|
||||||
|
|
||||||
# rabbitmq latest
|
|
||||||
- config: rabbitmq.yml
|
|
||||||
|
|
||||||
# rabbitmq 3
|
|
||||||
- config: rabbitmq.yml
|
|
||||||
RABBITMQ_VERSION: 3
|
|
||||||
|
|
||||||
# rabbitmq old variables
|
|
||||||
- config: rabbitmq-old.yml
|
|
||||||
|
|
||||||
|
|
||||||
# redis latest with community edition
|
|
||||||
- config: redis.yml
|
|
||||||
|
|
||||||
# redis latest with integraion edition
|
|
||||||
- config: redis.yml
|
|
||||||
PRODUCT_NAME: documentserver-ie
|
|
||||||
|
|
||||||
# redis 6
|
|
||||||
- config: redis.yml
|
|
||||||
REDIS_VERSION: 6
|
|
||||||
|
|
||||||
# redis 5
|
|
||||||
- config: redis.yml
|
|
||||||
REDIS_VERSION: 5
|
|
||||||
|
|
||||||
|
|
||||||
# graphite
|
|
||||||
- config: graphite.yml
|
|
||||||
|
|
||||||
services:
|
|
||||||
- docker
|
|
||||||
|
|
||||||
script:
|
|
||||||
# Go to tests dir
|
|
||||||
- cd ${PWD}/tests
|
|
||||||
|
|
||||||
# Run test.
|
|
||||||
- ./test.sh
|
|
10
Dockerfile
10
Dockerfile
@ -19,8 +19,8 @@ RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \
|
|||||||
apt-utils \
|
apt-utils \
|
||||||
bomstrip \
|
bomstrip \
|
||||||
certbot \
|
certbot \
|
||||||
cron \
|
|
||||||
curl \
|
curl \
|
||||||
|
gconf-service \
|
||||||
htop \
|
htop \
|
||||||
libasound2 \
|
libasound2 \
|
||||||
libboost-regex-dev \
|
libboost-regex-dev \
|
||||||
@ -57,8 +57,9 @@ RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \
|
|||||||
sed 's|\(application\/zip.*\)|\1\n application\/wasm wasm;|' -i /etc/nginx/mime.types && \
|
sed 's|\(application\/zip.*\)|\1\n application\/wasm wasm;|' -i /etc/nginx/mime.types && \
|
||||||
pg_conftool $PG_VERSION main set listen_addresses 'localhost' && \
|
pg_conftool $PG_VERSION main set listen_addresses 'localhost' && \
|
||||||
service postgresql restart && \
|
service postgresql restart && \
|
||||||
|
sudo -u postgres psql -c "CREATE DATABASE $ONLYOFFICE_VALUE;" && \
|
||||||
sudo -u postgres psql -c "CREATE USER $ONLYOFFICE_VALUE WITH password '$ONLYOFFICE_VALUE';" && \
|
sudo -u postgres psql -c "CREATE USER $ONLYOFFICE_VALUE WITH password '$ONLYOFFICE_VALUE';" && \
|
||||||
sudo -u postgres psql -c "CREATE DATABASE $ONLYOFFICE_VALUE OWNER $ONLYOFFICE_VALUE;" && \
|
sudo -u postgres psql -c "GRANT ALL privileges ON DATABASE $ONLYOFFICE_VALUE TO $ONLYOFFICE_VALUE;" && \
|
||||||
service postgresql stop && \
|
service postgresql stop && \
|
||||||
service redis-server stop && \
|
service redis-server stop && \
|
||||||
service rabbitmq-server stop && \
|
service rabbitmq-server stop && \
|
||||||
@ -66,8 +67,7 @@ RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \
|
|||||||
service nginx stop && \
|
service nginx stop && \
|
||||||
rm -rf /var/lib/apt/lists/*
|
rm -rf /var/lib/apt/lists/*
|
||||||
|
|
||||||
COPY config/supervisor/supervisor /etc/init.d/
|
COPY config /app/ds/setup/config/
|
||||||
COPY config/supervisor/ds/*.conf /etc/supervisor/conf.d/
|
|
||||||
COPY run-document-server.sh /app/ds/run-document-server.sh
|
COPY run-document-server.sh /app/ds/run-document-server.sh
|
||||||
|
|
||||||
EXPOSE 80 443
|
EXPOSE 80 443
|
||||||
@ -90,8 +90,6 @@ RUN PACKAGE_FILE="${COMPANY_NAME}-${PRODUCT_NAME}${PRODUCT_EDITION}${PACKAGE_VER
|
|||||||
service postgresql start && \
|
service postgresql start && \
|
||||||
apt-get -yq install /tmp/$PACKAGE_FILE && \
|
apt-get -yq install /tmp/$PACKAGE_FILE && \
|
||||||
service postgresql stop && \
|
service postgresql stop && \
|
||||||
chmod 755 /etc/init.d/supervisor && \
|
|
||||||
sed "s/COMPANY_NAME/${COMPANY_NAME}/g" -i /etc/supervisor/conf.d/*.conf && \
|
|
||||||
service supervisor stop && \
|
service supervisor stop && \
|
||||||
chmod 755 /app/ds/*.sh && \
|
chmod 755 /app/ds/*.sh && \
|
||||||
rm -f /tmp/$PACKAGE_FILE && \
|
rm -f /tmp/$PACKAGE_FILE && \
|
||||||
|
6
Makefile
6
Makefile
@ -8,10 +8,11 @@ BUILD_CHANNEL ?= nightly
|
|||||||
ONLYOFFICE_VALUE ?= onlyoffice
|
ONLYOFFICE_VALUE ?= onlyoffice
|
||||||
|
|
||||||
COMPANY_NAME_LOW = $(shell echo $(COMPANY_NAME) | tr A-Z a-z)
|
COMPANY_NAME_LOW = $(shell echo $(COMPANY_NAME) | tr A-Z a-z)
|
||||||
|
COMPANY_NAME_ESC = $(subst -,,$(COMPANY_NAME_LOW))
|
||||||
|
|
||||||
PACKAGE_NAME := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME)$(PRODUCT_EDITION)
|
PACKAGE_NAME := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME)$(PRODUCT_EDITION)
|
||||||
PACKAGE_VERSION ?= $(PRODUCT_VERSION)-$(BUILD_NUMBER)~stretch
|
PACKAGE_VERSION ?= $(PRODUCT_VERSION)-$(BUILD_NUMBER)~stretch
|
||||||
PACKAGE_BASEURL ?= https://s3.eu-west-1.amazonaws.com/repo-doc-onlyoffice-com/server/linux/debian
|
PACKAGE_BASEURL ?= https://s3.eu-west-1.amazonaws.com/repo-doc-onlyoffice-com/server/linux/debian/$(BUILD_CHANNEL)
|
||||||
|
|
||||||
ifeq ($(BUILD_CHANNEL),$(filter $(BUILD_CHANNEL),nightly test))
|
ifeq ($(BUILD_CHANNEL),$(filter $(BUILD_CHANNEL),nightly test))
|
||||||
DOCKER_TAG := $(PRODUCT_VERSION).$(BUILD_NUMBER)
|
DOCKER_TAG := $(PRODUCT_VERSION).$(BUILD_NUMBER)
|
||||||
@ -19,8 +20,7 @@ else
|
|||||||
DOCKER_TAG := $(PRODUCT_VERSION).$(BUILD_NUMBER)-$(subst /,-,$(GIT_BRANCH))
|
DOCKER_TAG := $(PRODUCT_VERSION).$(BUILD_NUMBER)-$(subst /,-,$(GIT_BRANCH))
|
||||||
endif
|
endif
|
||||||
|
|
||||||
DOCKER_ORG ?= $(COMPANY_NAME_LOW)
|
DOCKER_IMAGE := $(COMPANY_NAME_ESC)/4testing-$(PRODUCT_NAME)$(PRODUCT_EDITION)
|
||||||
DOCKER_IMAGE := $(DOCKER_ORG)/4testing-$(PRODUCT_NAME)$(PRODUCT_EDITION)
|
|
||||||
DOCKER_DUMMY := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME)$(PRODUCT_EDITION)__$(DOCKER_TAG).dummy
|
DOCKER_DUMMY := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME)$(PRODUCT_EDITION)__$(DOCKER_TAG).dummy
|
||||||
DOCKER_ARCH := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME)_$(DOCKER_TAG).tar.gz
|
DOCKER_ARCH := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME)_$(DOCKER_TAG).tar.gz
|
||||||
|
|
||||||
|
34
README.md
34
README.md
@ -2,6 +2,9 @@
|
|||||||
[![Docker Stars](https://img.shields.io/docker/stars/jiriks74/onlyoffice-documentserver.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=stars&logo=docker)](https://hub.docker.com/r/jiriks74/onlyoffice-documentserver)
|
[![Docker Stars](https://img.shields.io/docker/stars/jiriks74/onlyoffice-documentserver.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=stars&logo=docker)](https://hub.docker.com/r/jiriks74/onlyoffice-documentserver)
|
||||||
[![Docker Size](https://img.shields.io/docker/image-size/jiriks74/onlyoffice-documentserver/latest.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=Size&logo=docker)](https://hub.docker.com/r/jiriks74/onlyoffice-documentserver)
|
[![Docker Size](https://img.shields.io/docker/image-size/jiriks74/onlyoffice-documentserver/latest.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=Size&logo=docker)](https://hub.docker.com/r/jiriks74/onlyoffice-documentserver)
|
||||||
|
|
||||||
|
[![GitHub Stars](https://img.shields.io/github/stars/jiriks74/Docker-DocumentServer.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&logo=github)](https://github.com/jiriks74/Docker-DocumentServer)
|
||||||
|
[![GitHub Forks](https://img.shields.io/github/forks/jiriks74/Docker-DocumentServer?color=94398d&label=Forks&logo=github&logoColor=ffffff&style=for-the-badge)](https://github.com/jiriks74/Docker-DocumentServer)
|
||||||
|
|
||||||
#### This repository is based on the official `Dockerfile` and `docker-compose.yml` files with all the needed files as well
|
#### This repository is based on the official `Dockerfile` and `docker-compose.yml` files with all the needed files as well
|
||||||
|
|
||||||
# Table of contents
|
# Table of contents
|
||||||
@ -198,7 +201,6 @@ version of the `onlyoffice-documentserver` debian package used in the image
|
|||||||
+ [Installation of the SSL Certificates](#installation-of-the-ssl-certificates)
|
+ [Installation of the SSL Certificates](#installation-of-the-ssl-certificates)
|
||||||
+ [Available Configuration Parameters](#available-configuration-parameters)
|
+ [Available Configuration Parameters](#available-configuration-parameters)
|
||||||
* [Installing ONLYOFFICE Document Server integrated with Community and Mail Servers](#installing-onlyoffice-document-server-integrated-with-community-and-mail-servers)
|
* [Installing ONLYOFFICE Document Server integrated with Community and Mail Servers](#installing-onlyoffice-document-server-integrated-with-community-and-mail-servers)
|
||||||
* [ONLYOFFICE Document Server ipv6 setup](#onlyoffice-document-server-ipv6-setup)
|
|
||||||
* [Issues](#issues)
|
* [Issues](#issues)
|
||||||
- [Docker Issues](#docker-issues)
|
- [Docker Issues](#docker-issues)
|
||||||
- [Document Server usage Issues](#document-server-usage-issues)
|
- [Document Server usage Issues](#document-server-usage-issues)
|
||||||
@ -213,7 +215,7 @@ Starting from version 6.0, Document Server is distributed as ONLYOFFICE Docs. It
|
|||||||
|
|
||||||
ONLYOFFICE Docs can be used as a part of ONLYOFFICE Workspace or with third-party sync&share solutions (e.g. Nextcloud, ownCloud, Seafile) to enable collaborative editing within their interface.
|
ONLYOFFICE Docs can be used as a part of ONLYOFFICE Workspace or with third-party sync&share solutions (e.g. Nextcloud, ownCloud, Seafile) to enable collaborative editing within their interface.
|
||||||
|
|
||||||
***Important*** Please update `docker-engine` to latest version (`20.10.21` as of writing this doc) before using it. We use `ubuntu:22.04` as base image and it older versions of docker have compatibility problems with it
|
***Important*** Please update `docker-enginge` to latest version (`20.10.21` as of writing this doc) before using it. We use `ubuntu:22.04` as base image and it older versions of docker have compatibility problems with it
|
||||||
|
|
||||||
## Functionality ##
|
## Functionality ##
|
||||||
* ONLYOFFICE Document Editor
|
* ONLYOFFICE Document Editor
|
||||||
@ -378,14 +380,12 @@ Below is the complete list of parameters that can be set using environment varia
|
|||||||
- **REDIS_SERVER_PASS**: The Redis server password. The password is not set by default.
|
- **REDIS_SERVER_PASS**: The Redis server password. The password is not set by default.
|
||||||
- **NGINX_WORKER_PROCESSES**: Defines the number of nginx worker processes.
|
- **NGINX_WORKER_PROCESSES**: Defines the number of nginx worker processes.
|
||||||
- **NGINX_WORKER_CONNECTIONS**: Sets the maximum number of simultaneous connections that can be opened by a nginx worker process.
|
- **NGINX_WORKER_CONNECTIONS**: Sets the maximum number of simultaneous connections that can be opened by a nginx worker process.
|
||||||
- **SECURE_LINK_SECRET**: Defines secret for the nginx config directive [secure_link_md5](https://nginx.org/en/docs/http/ngx_http_secure_link_module.html#secure_link_md5). Defaults to `random string`.
|
- **SECURE_LINK_SECRET**: Defines secret for the nginx config directive [secure_link_md5](http://nginx.org/ru/docs/http/ngx_http_secure_link_module.html#secure_link_md5). Defaults to `random string`.
|
||||||
- **JWT_ENABLED**: Specifies the enabling the JSON Web Token validation by the ONLYOFFICE Document Server. Defaults to `true`.
|
- **JWT_ENABLED**: Specifies the enabling the JSON Web Token validation by the ONLYOFFICE Document Server. Defaults to `true`.
|
||||||
- **JWT_SECRET**: Defines the secret key to validate the JSON Web Token in the request to the ONLYOFFICE Document Server. Defaults to random value.
|
- **JWT_SECRET**: Defines the secret key to validate the JSON Web Token in the request to the ONLYOFFICE Document Server. Defaults to random value.
|
||||||
- **JWT_HEADER**: Defines the http header that will be used to send the JSON Web Token. Defaults to `Authorization`.
|
- **JWT_HEADER**: Defines the http header that will be used to send the JSON Web Token. Defaults to `Authorization`.
|
||||||
- **JWT_IN_BODY**: Specifies the enabling the token validation in the request body to the ONLYOFFICE Document Server. Defaults to `false`.
|
- **JWT_IN_BODY**: Specifies the enabling the token validation in the request body to the ONLYOFFICE Document Server. Defaults to `false`.
|
||||||
- **WOPI_ENABLED**: Specifies the enabling the wopi handlers. Defaults to `false`.
|
- **WOPI_ENABLED**: Specifies the enabling the wopi handlers. Defaults to `false`.
|
||||||
- **ALLOW_META_IP_ADDRESS**: Defines if it is allowed to connect meta IP address or not. Defaults to `false`.
|
|
||||||
- **ALLOW_PRIVATE_IP_ADDRESS**: Defines if it is allowed to connect private IP address or not. Defaults to `false`.
|
|
||||||
- **USE_UNAUTHORIZED_STORAGE**: Set to `true`if using selfsigned certificates for your storage server e.g. Nextcloud. Defaults to `false`
|
- **USE_UNAUTHORIZED_STORAGE**: Set to `true`if using selfsigned certificates for your storage server e.g. Nextcloud. Defaults to `false`
|
||||||
- **GENERATE_FONTS**: When 'true' regenerates fonts list and the fonts thumbnails etc. at each start. Defaults to `true`
|
- **GENERATE_FONTS**: When 'true' regenerates fonts list and the fonts thumbnails etc. at each start. Defaults to `true`
|
||||||
- **METRICS_ENABLED**: Specifies the enabling StatsD for ONLYOFFICE Document Server. Defaults to `false`.
|
- **METRICS_ENABLED**: Specifies the enabling StatsD for ONLYOFFICE Document Server. Defaults to `false`.
|
||||||
@ -508,30 +508,6 @@ wget https://raw.githubusercontent.com/ONLYOFFICE/Docker-CommunityServer/master/
|
|||||||
docker-compose up -d
|
docker-compose up -d
|
||||||
```
|
```
|
||||||
|
|
||||||
## ONLYOFFICE Document Server ipv6 setup
|
|
||||||
|
|
||||||
(Works and is supported only for Linux hosts)
|
|
||||||
|
|
||||||
Docker does not currently provide ipv6 addresses to containers by default. This function is experimental now.
|
|
||||||
|
|
||||||
To set up interaction via ipv6, you need to enable support for this feature in your Docker. For this you need:
|
|
||||||
- create the `/etc/docker/daemon.json` file with the following content:
|
|
||||||
|
|
||||||
```
|
|
||||||
{
|
|
||||||
"ipv6": true,
|
|
||||||
"fixed-cidr-v6": "2001:db8:abc1::/64"
|
|
||||||
}
|
|
||||||
```
|
|
||||||
- restart docker with the following command: `systemctl restart docker`
|
|
||||||
|
|
||||||
After that, all running containers receive an ipv6 address and have an inet6 interface.
|
|
||||||
|
|
||||||
You can check your default bridge network and see the field there
|
|
||||||
`EnableIPv6=true`. A new ipv6 subnet will also be added.
|
|
||||||
|
|
||||||
For more information, visit the official [Docker manual site](https://docs.docker.com/config/daemon/ipv6/)
|
|
||||||
|
|
||||||
## Issues
|
## Issues
|
||||||
|
|
||||||
### Docker Issues
|
### Docker Issues
|
||||||
|
27
config/supervisor/supervisord.conf
Normal file
27
config/supervisor/supervisord.conf
Normal file
@ -0,0 +1,27 @@
|
|||||||
|
; supervisor config file
|
||||||
|
|
||||||
|
[inet_http_server]
|
||||||
|
port = 127.0.0.1:9001
|
||||||
|
|
||||||
|
[supervisord]
|
||||||
|
logfile=/var/log/supervisor/supervisord.log ; (main log file;default $CWD/supervisord.log)
|
||||||
|
pidfile=/var/run/supervisord.pid ; (supervisord pidfile;default supervisord.pid)
|
||||||
|
childlogdir=/var/log/supervisor ; ('AUTO' child log dir, default $TEMP)
|
||||||
|
|
||||||
|
; the below section must remain in the config file for RPC
|
||||||
|
; (supervisorctl/web interface) to work, additional interfaces may be
|
||||||
|
; added by defining them in separate rpcinterface: sections
|
||||||
|
[rpcinterface:supervisor]
|
||||||
|
supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
|
||||||
|
|
||||||
|
[supervisorctl]
|
||||||
|
serverurl = http://localhost:9001 ; use a unix:// URL for a unix socket
|
||||||
|
|
||||||
|
; The [include] section can just contain the "files" setting. This
|
||||||
|
; setting can list multiple files (separated by whitespace or
|
||||||
|
; newlines). It can also contain wildcards. The filenames are
|
||||||
|
; interpreted as relative to this file. Included files *cannot*
|
||||||
|
; include files themselves.
|
||||||
|
|
||||||
|
[include]
|
||||||
|
files = /etc/supervisor/conf.d/*.conf
|
11
default.nix
11
default.nix
@ -1,11 +0,0 @@
|
|||||||
{ pkgs ? (import <nixpkgs> {
|
|
||||||
config.allowUnfree = true;
|
|
||||||
}),
|
|
||||||
}:
|
|
||||||
pkgs.mkShell {
|
|
||||||
pure = true;
|
|
||||||
packages = with pkgs; [
|
|
||||||
# Choose the build tools that you need
|
|
||||||
act
|
|
||||||
];
|
|
||||||
}
|
|
@ -10,10 +10,6 @@ variable "SHORTEST_TAG" {
|
|||||||
default = ""
|
default = ""
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "PULL_TAG" {
|
|
||||||
default = ""
|
|
||||||
}
|
|
||||||
|
|
||||||
variable "COMPANY_NAME" {
|
variable "COMPANY_NAME" {
|
||||||
default = ""
|
default = ""
|
||||||
}
|
}
|
||||||
@ -54,14 +50,6 @@ variable "BUILD_CHANNEL" {
|
|||||||
default = ""
|
default = ""
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "PUSH_MAJOR" {
|
|
||||||
default = "false"
|
|
||||||
}
|
|
||||||
|
|
||||||
variable "LATEST" {
|
|
||||||
default = "false"
|
|
||||||
}
|
|
||||||
|
|
||||||
### ↓ Variables for UCS build ↓
|
### ↓ Variables for UCS build ↓
|
||||||
|
|
||||||
variable "BASE_IMAGE" {
|
variable "BASE_IMAGE" {
|
||||||
@ -72,14 +60,6 @@ variable "PG_VERSION" {
|
|||||||
default = ""
|
default = ""
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "UCS_REBUILD" {
|
|
||||||
default = ""
|
|
||||||
}
|
|
||||||
|
|
||||||
variable "UCS_PREFIX" {
|
|
||||||
default = ""
|
|
||||||
}
|
|
||||||
|
|
||||||
### ↑ Variables for UCS build ↑
|
### ↑ Variables for UCS build ↑
|
||||||
|
|
||||||
target "documentserver" {
|
target "documentserver" {
|
||||||
@ -110,7 +90,7 @@ target "documentserver-stable" {
|
|||||||
equal("-ee",PRODUCT_EDITION) ? "docker.io/${COMPANY_NAME}4enterprise/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}": "",]
|
equal("-ee",PRODUCT_EDITION) ? "docker.io/${COMPANY_NAME}4enterprise/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}": "",]
|
||||||
platforms = ["linux/amd64", "linux/arm64"]
|
platforms = ["linux/amd64", "linux/arm64"]
|
||||||
args = {
|
args = {
|
||||||
"PULL_TAG": "${PULL_TAG}"
|
"TAG": "${TAG}"
|
||||||
"COMPANY_NAME": "${COMPANY_NAME}"
|
"COMPANY_NAME": "${COMPANY_NAME}"
|
||||||
"PRODUCT_NAME": "${PRODUCT_NAME}"
|
"PRODUCT_NAME": "${PRODUCT_NAME}"
|
||||||
"PRODUCT_EDITION": "${PRODUCT_EDITION}"
|
"PRODUCT_EDITION": "${PRODUCT_EDITION}"
|
||||||
@ -141,27 +121,7 @@ target "documentserver-nonexample" {
|
|||||||
tags = [ "docker.io/${COMPANY_NAME}/${PRODUCT_NAME}${PREFIX_NAME}${PRODUCT_EDITION}:${TAG}-nonexample" ]
|
tags = [ "docker.io/${COMPANY_NAME}/${PRODUCT_NAME}${PREFIX_NAME}${PRODUCT_EDITION}:${TAG}-nonexample" ]
|
||||||
platforms = ["linux/amd64", "linux/arm64"]
|
platforms = ["linux/amd64", "linux/arm64"]
|
||||||
args = {
|
args = {
|
||||||
"PULL_TAG": "${PULL_TAG}"
|
"TAG": "${TAG}"
|
||||||
"COMPANY_NAME": "${COMPANY_NAME}"
|
|
||||||
"PRODUCT_NAME": "${PRODUCT_NAME}"
|
|
||||||
"PRODUCT_EDITION": "${PRODUCT_EDITION}"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
target "documentserver-stable-rebuild" {
|
|
||||||
target = "documentserver-stable-rebuild"
|
|
||||||
dockerfile = "production.dockerfile"
|
|
||||||
tags = equal("true",UCS_REBUILD) ? ["docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}-ucs:${TAG}",] : [
|
|
||||||
"docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}",
|
|
||||||
equal("",PREFIX_NAME) ? "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${SHORTER_TAG}": "",
|
|
||||||
equal("true",PUSH_MAJOR) ? "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${SHORTEST_TAG}": "",
|
|
||||||
equal("",PREFIX_NAME) && equal("true",LATEST) ? "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:latest": "",
|
|
||||||
equal("-ee",PRODUCT_EDITION) && equal("",PREFIX_NAME) ? "docker.io/${COMPANY_NAME}4enterprise/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}": "",
|
|
||||||
]
|
|
||||||
platforms = ["linux/amd64", "linux/arm64"]
|
|
||||||
args = {
|
|
||||||
"UCS_PREFIX": "${UCS_PREFIX}"
|
|
||||||
"PULL_TAG": "${PULL_TAG}"
|
|
||||||
"COMPANY_NAME": "${COMPANY_NAME}"
|
"COMPANY_NAME": "${COMPANY_NAME}"
|
||||||
"PRODUCT_NAME": "${PRODUCT_NAME}"
|
"PRODUCT_NAME": "${PRODUCT_NAME}"
|
||||||
"PRODUCT_EDITION": "${PRODUCT_EDITION}"
|
"PRODUCT_EDITION": "${PRODUCT_EDITION}"
|
||||||
|
@ -46,7 +46,7 @@ services:
|
|||||||
|
|
||||||
onlyoffice-postgresql:
|
onlyoffice-postgresql:
|
||||||
container_name: onlyoffice-postgresql
|
container_name: onlyoffice-postgresql
|
||||||
image: postgres:12
|
image: postgres:9.5
|
||||||
environment:
|
environment:
|
||||||
- POSTGRES_DB=onlyoffice
|
- POSTGRES_DB=onlyoffice
|
||||||
- POSTGRES_USER=onlyoffice
|
- POSTGRES_USER=onlyoffice
|
||||||
|
@ -1,24 +1,15 @@
|
|||||||
### Arguments avavlivable only for FROM instruction ###
|
### Arguments avavlivable only for FROM instruction ###
|
||||||
ARG PULL_TAG=latest
|
ARG TAG=latest
|
||||||
ARG COMPANY_NAME=onlyoffice
|
ARG COMPANY_NAME=onlyoffice
|
||||||
ARG PRODUCT_EDITION=
|
ARG PRODUCT_EDITION=
|
||||||
### Rebuild arguments
|
|
||||||
ARG UCS_PREFIX=
|
|
||||||
ARG IMAGE=${COMPANY_NAME}/documentserver${PRODUCT_EDITION}${UCS_PREFIX}:${PULL_TAG}
|
|
||||||
|
|
||||||
### Build main-release ###
|
### Build main-release ###
|
||||||
|
|
||||||
FROM ${COMPANY_NAME}/4testing-documentserver${PRODUCT_EDITION}:${PULL_TAG} as documentserver-stable
|
FROM ${COMPANY_NAME}/4testing-documentserver${PRODUCT_EDITION}:${TAG} as documentserver-stable
|
||||||
|
|
||||||
### Rebuild stable images with secure updates
|
|
||||||
FROM ${IMAGE} as documentserver-stable-rebuild
|
|
||||||
RUN echo "This is rebuild" \
|
|
||||||
&& apt-get update -y \
|
|
||||||
&& apt-get upgrade -y
|
|
||||||
|
|
||||||
### Build nonexample ###
|
### Build nonexample ###
|
||||||
|
|
||||||
FROM ${COMPANY_NAME}/documentserver${PRODUCT_EDITION}:${PULL_TAG} as documentserver-nonexample
|
FROM ${COMPANY_NAME}/documentserver${PRODUCT_EDITION}:${TAG} as documentserver-nonexample
|
||||||
|
|
||||||
ARG COMPANY_NAME=onlyoffice
|
ARG COMPANY_NAME=onlyoffice
|
||||||
ARG PRODUCT_NAME=documentserver
|
ARG PRODUCT_NAME=documentserver
|
||||||
|
78
run-document-server.sh
Normal file → Executable file
78
run-document-server.sh
Normal file → Executable file
@ -3,14 +3,35 @@
|
|||||||
umask 0022
|
umask 0022
|
||||||
|
|
||||||
function clean_exit {
|
function clean_exit {
|
||||||
if [ ${ONLYOFFICE_DATA_CONTAINER} == "false" ] && \
|
/usr/bin/documentserver-prepare4shutdown.sh
|
||||||
[ ${ONLYOFFICE_DATA_CONTAINER_HOST} == "localhost" ]; then
|
|
||||||
/usr/bin/documentserver-prepare4shutdown.sh
|
|
||||||
fi
|
|
||||||
}
|
}
|
||||||
|
|
||||||
trap clean_exit SIGTERM
|
trap clean_exit SIGTERM
|
||||||
|
|
||||||
|
# Check if lager file limits should be set
|
||||||
|
if [ "$LARGER_FILE_LIMITS" = "true" ]; then
|
||||||
|
if [ -e /app/ds/file_limits_set ]; then
|
||||||
|
echo ""
|
||||||
|
else
|
||||||
|
touch /app/ds/file_limits_set
|
||||||
|
|
||||||
|
sed -i -e 's/104857600/10485760000/g' /etc/onlyoffice/documentserver-example/production-linux.json
|
||||||
|
|
||||||
|
sed -i '9iclient_max_body_size 1000M;' /etc/onlyoffice/documentserver-example/nginx/includes/ds-example.conf
|
||||||
|
sed -i '16iclient_max_body_size 1000M;' /etc/nginx/nginx.conf
|
||||||
|
|
||||||
|
sed -i -e 's/104857600/10485760000/g' /etc/onlyoffice/documentserver/default.json
|
||||||
|
sed -i -e 's/50MB/5000MB/g' /etc/onlyoffice/documentserver/default.json
|
||||||
|
sed -i -e 's/300MB/3000MB/g' /etc/onlyoffice/documentserver/default.json
|
||||||
|
|
||||||
|
sed -i 's/^client_max_body_size 100m;$/client_max_body_size 1000m;/' /etc/onlyoffice/documentserver/nginx/includes/ds-common.conf
|
||||||
|
|
||||||
|
service nginx restart
|
||||||
|
supervisorctl restart all
|
||||||
|
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
# Define '**' behavior explicitly
|
# Define '**' behavior explicitly
|
||||||
shopt -s globstar
|
shopt -s globstar
|
||||||
|
|
||||||
@ -90,13 +111,11 @@ fi
|
|||||||
|
|
||||||
[ -z $JWT_SECRET ] && JWT_MESSAGE='JWT is enabled by default. A random secret is generated automatically. Run the command "docker exec $(sudo docker ps -q) sudo documentserver-jwt-status.sh" to get information about JWT.'
|
[ -z $JWT_SECRET ] && JWT_MESSAGE='JWT is enabled by default. A random secret is generated automatically. Run the command "docker exec $(sudo docker ps -q) sudo documentserver-jwt-status.sh" to get information about JWT.'
|
||||||
|
|
||||||
JWT_SECRET=${JWT_SECRET:-$(pwgen -s 32)}
|
JWT_SECRET=${JWT_SECRET:-$(pwgen -s 20)}
|
||||||
JWT_HEADER=${JWT_HEADER:-Authorization}
|
JWT_HEADER=${JWT_HEADER:-Authorization}
|
||||||
JWT_IN_BODY=${JWT_IN_BODY:-false}
|
JWT_IN_BODY=${JWT_IN_BODY:-false}
|
||||||
|
|
||||||
WOPI_ENABLED=${WOPI_ENABLED:-false}
|
WOPI_ENABLED=${WOPI_ENABLED:-false}
|
||||||
ALLOW_META_IP_ADDRESS=${ALLOW_META_IP_ADDRESS:-false}
|
|
||||||
ALLOW_PRIVATE_IP_ADDRESS=${ALLOW_PRIVATE_IP_ADDRESS:-false}
|
|
||||||
|
|
||||||
GENERATE_FONTS=${GENERATE_FONTS:-true}
|
GENERATE_FONTS=${GENERATE_FONTS:-true}
|
||||||
|
|
||||||
@ -349,12 +368,6 @@ update_ds_settings(){
|
|||||||
${JSON} -I -e "if(this.wopi===undefined)this.wopi={}"
|
${JSON} -I -e "if(this.wopi===undefined)this.wopi={}"
|
||||||
${JSON} -I -e "this.wopi.enable = true"
|
${JSON} -I -e "this.wopi.enable = true"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ "${ALLOW_META_IP_ADDRESS}" = "true" ] || [ "${ALLOW_PRIVATE_IP_ADDRESS}" = "true" ]; then
|
|
||||||
${JSON} -I -e "if(this.services.CoAuthoring['request-filtering-agent']===undefined)this.services.CoAuthoring['request-filtering-agent']={}"
|
|
||||||
[ "${ALLOW_META_IP_ADDRESS}" = "true" ] && ${JSON} -I -e "this.services.CoAuthoring['request-filtering-agent'].allowMetaIPAddress = true"
|
|
||||||
[ "${ALLOW_PRIVATE_IP_ADDRESS}" = "true" ] && ${JSON} -I -e "this.services.CoAuthoring['request-filtering-agent'].allowPrivateIPAddress = true"
|
|
||||||
fi
|
|
||||||
}
|
}
|
||||||
|
|
||||||
create_postgresql_cluster(){
|
create_postgresql_cluster(){
|
||||||
@ -369,8 +382,9 @@ create_postgresql_cluster(){
|
|||||||
}
|
}
|
||||||
|
|
||||||
create_postgresql_db(){
|
create_postgresql_db(){
|
||||||
|
sudo -u postgres psql -c "CREATE DATABASE $DB_NAME;"
|
||||||
sudo -u postgres psql -c "CREATE USER $DB_USER WITH password '"$DB_PWD"';"
|
sudo -u postgres psql -c "CREATE USER $DB_USER WITH password '"$DB_PWD"';"
|
||||||
sudo -u postgres psql -c "CREATE DATABASE $DB_NAME OWNER $DB_USER;"
|
sudo -u postgres psql -c "GRANT ALL privileges ON DATABASE $DB_NAME TO $DB_USER;"
|
||||||
}
|
}
|
||||||
|
|
||||||
create_db_tbl() {
|
create_db_tbl() {
|
||||||
@ -502,6 +516,15 @@ update_nginx_settings(){
|
|||||||
documentserver-update-securelink.sh -s ${SECURE_LINK_SECRET:-$(pwgen -s 20)} -r false
|
documentserver-update-securelink.sh -s ${SECURE_LINK_SECRET:-$(pwgen -s 20)} -r false
|
||||||
}
|
}
|
||||||
|
|
||||||
|
update_supervisor_settings(){
|
||||||
|
# Copy modified supervisor start script
|
||||||
|
cp ${SYSCONF_TEMPLATES_DIR}/supervisor/supervisor /etc/init.d/
|
||||||
|
# Copy modified supervisor config
|
||||||
|
cp ${SYSCONF_TEMPLATES_DIR}/supervisor/supervisord.conf /etc/supervisor/supervisord.conf
|
||||||
|
sed "s/COMPANY_NAME/${COMPANY_NAME}/g" -i ${SYSCONF_TEMPLATES_DIR}/supervisor/ds/*.conf
|
||||||
|
cp ${SYSCONF_TEMPLATES_DIR}/supervisor/ds/*.conf etc/supervisor/conf.d/
|
||||||
|
}
|
||||||
|
|
||||||
update_log_settings(){
|
update_log_settings(){
|
||||||
${JSON_LOG} -I -e "this.categories.default.level = '${DS_LOG_LEVEL}'"
|
${JSON_LOG} -I -e "this.categories.default.level = '${DS_LOG_LEVEL}'"
|
||||||
}
|
}
|
||||||
@ -602,7 +625,7 @@ else
|
|||||||
update_welcome_page
|
update_welcome_page
|
||||||
fi
|
fi
|
||||||
|
|
||||||
find /etc/${COMPANY_NAME} ! -path '*logrotate*' -exec chown ds:ds {} \;
|
find /etc/${COMPANY_NAME} -exec chown ds:ds {} \;
|
||||||
|
|
||||||
#start needed local services
|
#start needed local services
|
||||||
for i in ${LOCAL_SERVICES[@]}; do
|
for i in ${LOCAL_SERVICES[@]}; do
|
||||||
@ -628,6 +651,7 @@ if [ ${ONLYOFFICE_DATA_CONTAINER} != "true" ]; then
|
|||||||
|
|
||||||
update_nginx_settings
|
update_nginx_settings
|
||||||
|
|
||||||
|
update_supervisor_settings
|
||||||
service supervisor start
|
service supervisor start
|
||||||
|
|
||||||
# start cron to enable log rotating
|
# start cron to enable log rotating
|
||||||
@ -653,30 +677,6 @@ documentserver-static-gzip.sh ${ONLYOFFICE_DATA_CONTAINER}
|
|||||||
|
|
||||||
echo "${JWT_MESSAGE}"
|
echo "${JWT_MESSAGE}"
|
||||||
|
|
||||||
# Check if lager file limits should be set
|
|
||||||
if [ "$LARGER_FILE_LIMITS" = "true" ]; then
|
|
||||||
if [ -e /app/ds/file_limits_set ]; then
|
|
||||||
echo ""
|
|
||||||
else
|
|
||||||
touch /app/ds/file_limits_set
|
|
||||||
|
|
||||||
sed -i -e 's/104857600/10485760000/g' /etc/onlyoffice/documentserver-example/production-linux.json
|
|
||||||
|
|
||||||
sed -i '9iclient_max_body_size 1000M;' /etc/onlyoffice/documentserver-example/nginx/includes/ds-example.conf
|
|
||||||
sed -i '16iclient_max_body_size 1000M;' /etc/nginx/nginx.conf
|
|
||||||
|
|
||||||
sed -i -e 's/104857600/10485760000/g' /etc/onlyoffice/documentserver/default.json
|
|
||||||
sed -i -e 's/50MB/5000MB/g' /etc/onlyoffice/documentserver/default.json
|
|
||||||
sed -i -e 's/300MB/3000MB/g' /etc/onlyoffice/documentserver/default.json
|
|
||||||
|
|
||||||
sed -i 's/^client_max_body_size 100m;$/client_max_body_size 1000m;/' /etc/onlyoffice/documentserver/nginx/includes/ds-common.conf
|
|
||||||
|
|
||||||
service nginx restart
|
|
||||||
supervisorctl restart all
|
|
||||||
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
|
|
||||||
tail -f /var/log/${COMPANY_NAME}/**/*.log &
|
tail -f /var/log/${COMPANY_NAME}/**/*.log &
|
||||||
wait $!
|
wait $!
|
||||||
|
|
||||||
|
@ -1,35 +0,0 @@
|
|||||||
version: '2.1'
|
|
||||||
services:
|
|
||||||
onlyoffice-documentserver:
|
|
||||||
container_name: onlyoffice-documentserver
|
|
||||||
build:
|
|
||||||
context: ../.
|
|
||||||
depends_on:
|
|
||||||
- onlyoffice-postgresql
|
|
||||||
environment:
|
|
||||||
- DB_TYPE=${DB_TYPE:-postgres}
|
|
||||||
- DB_HOST=${DB_HOST:-onlyoffice-postgresql}
|
|
||||||
- DB_PORT=${DB_PORT:-5432}
|
|
||||||
- DB_NAME=${DB_NAME:-onlyoffice}
|
|
||||||
- DB_USER=${DB_USER:-onlyoffice}
|
|
||||||
- DB_PWD=${DB_PWD:-onlyoffice}
|
|
||||||
stdin_open: true
|
|
||||||
restart: always
|
|
||||||
ports:
|
|
||||||
- '80:80'
|
|
||||||
|
|
||||||
onlyoffice-postgresql:
|
|
||||||
container_name: onlyoffice-postgresql
|
|
||||||
image: postgres:${POSTGRES_VERSION:-12}
|
|
||||||
environment:
|
|
||||||
- POSTGRES_DB=${POSTGRES_DB:-onlyoffice}
|
|
||||||
- POSTGRES_USER=${POSTGRES_USER:-onlyoffice}
|
|
||||||
- POSTGRES_HOST_AUTH_METHOD=${POSTGRES_HOST_AUTH_METHOD:-trust}
|
|
||||||
restart: always
|
|
||||||
expose:
|
|
||||||
- '5432'
|
|
||||||
volumes:
|
|
||||||
- postgresql_data:/var/lib/postgresql
|
|
||||||
|
|
||||||
volumes:
|
|
||||||
postgresql_data:
|
|
@ -1,46 +0,0 @@
|
|||||||
version: '2.1'
|
|
||||||
services:
|
|
||||||
onlyoffice-documentserver:
|
|
||||||
container_name: onlyoffice-documentserver
|
|
||||||
build:
|
|
||||||
context: ../.
|
|
||||||
depends_on:
|
|
||||||
- onlyoffice-statsd-exporter
|
|
||||||
environment:
|
|
||||||
- METRICS_ENABLED=${METRICS_ENABLED:-true}
|
|
||||||
- METRICS_HOST=${METRICS_HOST:-onlyoffice-statsd-exporter}
|
|
||||||
- METRICS_PORT=${METRICS_PORT:-9125}
|
|
||||||
- METRICS_PREFIX=${METRICS_PREFIX:-ds.}
|
|
||||||
stdin_open: true
|
|
||||||
restart: always
|
|
||||||
ports:
|
|
||||||
- '80:80'
|
|
||||||
|
|
||||||
onlyoffice-statsd-exporter:
|
|
||||||
container_name: onlyoffice-statsd-exporter
|
|
||||||
image: prom/statsd-exporter
|
|
||||||
command: --statsd.event-flush-interval=30000ms
|
|
||||||
ports:
|
|
||||||
- '9102:9102'
|
|
||||||
- '9125:9125/tcp'
|
|
||||||
- '9125:9125/udp'
|
|
||||||
|
|
||||||
onlyoffice-prometheus:
|
|
||||||
container_name: onlyoffice-prometheus
|
|
||||||
image: prom/prometheus
|
|
||||||
ports:
|
|
||||||
- '9090:9090'
|
|
||||||
volumes:
|
|
||||||
- ./prometheus/prometheus-scrape/statsd-exporter.yml:/etc/prometheus/prometheus.yml
|
|
||||||
|
|
||||||
grafana:
|
|
||||||
container_name: onlyoffice-grafana
|
|
||||||
image: bitnami/grafana
|
|
||||||
ports:
|
|
||||||
- '3000:3000'
|
|
||||||
environment:
|
|
||||||
- 'GF_SECURITY_ADMIN_PASSWORD=G0pGE4'
|
|
||||||
volumes:
|
|
||||||
- ./prometheus/grafana/conf/prometheus.yml:/opt/bitnami/grafana/conf/provisioning/datasources/prometheus.yml
|
|
||||||
- ./prometheus/grafana/conf/default-provider.yaml:/opt/bitnami/grafana/conf/provisioning/dashboards/default-provider.yaml
|
|
||||||
- ./prometheus/grafana/dashboards:/opt/bitnami/grafana/dashboards
|
|
@ -1,23 +0,0 @@
|
|||||||
apiVersion: 1
|
|
||||||
providers:
|
|
||||||
# <string> an unique provider name
|
|
||||||
- name: 'default-provider'
|
|
||||||
# <int> org id. will default to orgId 1 if not specified
|
|
||||||
orgId: 1
|
|
||||||
# <string, required> name of the dashboard folder. Required
|
|
||||||
folder: dashboards
|
|
||||||
# <string> folder UID. will be automatically generated if not specified
|
|
||||||
folderUid: ''
|
|
||||||
# <string, required> provider type. Required
|
|
||||||
type: file
|
|
||||||
# <bool> disable dashboard deletion
|
|
||||||
disableDeletion: false
|
|
||||||
# <bool> enable dashboard editing
|
|
||||||
editable: true
|
|
||||||
# <int> how often Grafana will scan for changed dashboards
|
|
||||||
updateIntervalSeconds: 10
|
|
||||||
options:
|
|
||||||
# <string, required> path to dashboard files on disk. Required
|
|
||||||
path: /opt/bitnami/grafana/dashboards
|
|
||||||
# <bool> enable folders creation for dashboards
|
|
||||||
#foldersFromFilesStructure: true
|
|
@ -1,6 +0,0 @@
|
|||||||
apiVersion: 1
|
|
||||||
datasources:
|
|
||||||
- name: Prometheus
|
|
||||||
type: prometheus
|
|
||||||
url: http://onlyoffice-prometheus:9090
|
|
||||||
editable: true
|
|
File diff suppressed because it is too large
Load Diff
@ -1,6 +0,0 @@
|
|||||||
scrape_configs:
|
|
||||||
- job_name: 'statsd'
|
|
||||||
scrape_interval: 30s
|
|
||||||
static_configs:
|
|
||||||
- targets:
|
|
||||||
- onlyoffice-statsd-exporter:9102
|
|
Loading…
x
Reference in New Issue
Block a user