diff --git a/Dockerfile b/Dockerfile
index 79f574e459911c192418365b8688a81f8d4b2caf..95e25560332756d3f494f58f9b394490a706da59 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,50 +1,57 @@
-FROM ubuntu:16.04
+FROM ubuntu:18.04
LABEL maintainer Ascensio System SIA <support@onlyoffice.com>
ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 DEBIAN_FRONTEND=noninteractive
+ARG ONLYOFFICE_VALUE=onlyoffice
+
RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \
apt-get -y update && \
- apt-get -yq install wget apt-transport-https curl locales && \
+ apt-get -yq install wget apt-transport-https gnupg locales && \
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 0x8320ca65cb2de8e5 && \
locale-gen en_US.UTF-8 && \
- curl -sL https://deb.nodesource.com/setup_8.x | bash - && \
- apt-get -y update && \
apt-get -yq install \
adduser \
+ apt-utils \
bomstrip \
htop \
libasound2 \
libboost-regex-dev \
libcairo2 \
libcurl3 \
+ libcurl3-gnutls \
libgconf2-4 \
- libgtkglext1 \
+ libgtk-3-0 \
libnspr4 \
libnss3 \
- libnss3-nssdb \
libstdc++6 \
libxml2 \
libxss1 \
libxtst6 \
+ mysql-client \
net-tools \
netcat \
nginx-extras \
- nodejs \
postgresql \
postgresql-client \
pwgen \
rabbitmq-server \
redis-server \
software-properties-common \
+ ssl-cert \
sudo \
supervisor \
vim \
xvfb \
zlib1g && \
- sudo -u postgres psql -c "CREATE DATABASE onlyoffice;" && \
- sudo -u postgres psql -c "CREATE USER onlyoffice WITH password 'onlyoffice';" && \
- sudo -u postgres psql -c "GRANT ALL privileges ON DATABASE onlyoffice TO onlyoffice;" && \
+ echo "SERVER_ADDITIONAL_ERL_ARGS=\"+S 1:1\"" | tee -a /etc/rabbitmq/rabbitmq-env.conf && \
+ sed -i "s/bind .*/bind 127.0.0.1/g" /etc/redis/redis.conf && \
+ sed 's|\(application\/zip.*\)|\1\n application\/wasm wasm;|' -i /etc/nginx/mime.types && \
+ pg_conftool 10 main set listen_addresses 'localhost' && \
+ service postgresql restart && \
+ sudo -u postgres psql -c "CREATE DATABASE $ONLYOFFICE_VALUE;" && \
+ sudo -u postgres psql -c "CREATE USER $ONLYOFFICE_VALUE WITH password '$ONLYOFFICE_VALUE';" && \
+ sudo -u postgres psql -c "GRANT ALL privileges ON DATABASE $ONLYOFFICE_VALUE TO $ONLYOFFICE_VALUE;" && \
service postgresql stop && \
service redis-server stop && \
service rabbitmq-server stop && \
@@ -52,27 +59,29 @@ RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \
service nginx stop && \
rm -rf /var/lib/apt/lists/*
-COPY config /app/onlyoffice/setup/config/
-COPY run-document-server.sh /app/onlyoffice/run-document-server.sh
+COPY config /app/ds/setup/config/
+COPY run-document-server.sh /app/ds/run-document-server.sh
EXPOSE 80 443
ARG REPO_URL="deb http://download.onlyoffice.com/repo/debian squeeze main"
-ARG PRODUCT_NAME=onlyoffice-documentserver
+ARG COMPANY_NAME=onlyoffice
+ARG PRODUCT_NAME=documentserver
+
+ENV COMPANY_NAME=$COMPANY_NAME
-RUN echo "$REPO_URL" | tee /etc/apt/sources.list.d/onlyoffice.list && \
+RUN echo "$REPO_URL" | tee /etc/apt/sources.list.d/ds.list && \
apt-get -y update && \
service postgresql start && \
- apt-get -yq install $PRODUCT_NAME && \
+ apt-get -yq install $COMPANY_NAME-$PRODUCT_NAME && \
service postgresql stop && \
service supervisor stop && \
- chmod 755 /app/onlyoffice/*.sh && \
- rm -rf /var/log/onlyoffice && \
+ chmod 755 /app/ds/*.sh && \
+ rm -rf /var/log/$COMPANY_NAME && \
rm -rf /var/lib/apt/lists/*
COPY piratske-fonty /usr/share/fonts/truetype/
-RUN fc-cache -fv
-VOLUME /var/log/onlyoffice /var/lib/onlyoffice /var/www/onlyoffice/Data /var/lib/postgresql /usr/share/fonts/truetype/custom
+VOLUME /var/log/$COMPANY_NAME /var/lib/$COMPANY_NAME /var/www/$COMPANY_NAME/Data /var/lib/postgresql /var/lib/rabbitmq /var/lib/redis /usr/share/fonts/truetype/custom
-ENTRYPOINT /app/onlyoffice/run-document-server.sh
+ENTRYPOINT /app/ds/run-document-server.sh
diff --git a/Makefile b/Makefile
index 5d216957970515633e156fc53aba249dcb356e50..ce11a086445e5ab67685b83df214b566e073c673 100644
--- a/Makefile
+++ b/Makefile
@@ -1,46 +1,70 @@
-COMPANY_NAME ?= onlyoffice
-GIT_BRANCH ?= origin/develop
-PRODUCT_NAME ?= documentserver-ie
+COMPANY_NAME ?= ONLYOFFICE
+GIT_BRANCH ?= develop
+PRODUCT_NAME ?= DocumentServer
PRODUCT_VERSION ?= 0.0.0
BUILD_NUMBER ?= 0
+ONLYOFFICE_VALUE ?= onlyoffice
+
+COMPANY_NAME_LOW = $(shell echo $(COMPANY_NAME) | tr A-Z a-z)
+PRODUCT_NAME_LOW = $(shell echo $(PRODUCT_NAME) | tr A-Z a-z)
+COMPANY_NAME_LOW_ESCAPED = $(subst -,,$(COMPANY_NAME_LOW))
PACKAGE_VERSION := $(PRODUCT_VERSION)-$(BUILD_NUMBER)
-REPO_URL := "deb [trusted=yes] http://repo-doc-onlyoffice-com.s3.amazonaws.com/ubuntu/trusty/$(COMPANY_NAME)-$(PRODUCT_NAME)/$(GIT_BRANCH)/$(PACKAGE_VERSION)/ repo/"
+REPO_URL := "deb [trusted=yes] http://repo-doc-onlyoffice-com.s3.amazonaws.com/ubuntu/trusty/$(COMPANY_NAME_LOW)-$(PRODUCT_NAME_LOW)/$(GIT_BRANCH)/$(PACKAGE_VERSION)/ repo/"
UPDATE_LATEST := false
ifneq (,$(findstring develop,$(GIT_BRANCH)))
-DOCKER_TAGS += $(subst -,.,$(PACKAGE_VERSION))
+DOCKER_TAG += $(subst -,.,$(PACKAGE_VERSION))
DOCKER_TAGS += latest
else ifneq (,$(findstring release,$(GIT_BRANCH)))
-DOCKER_TAGS += $(subst -,.,$(PACKAGE_VERSION))
+DOCKER_TAG += $(subst -,.,$(PACKAGE_VERSION))
else ifneq (,$(findstring hotfix,$(GIT_BRANCH)))
-DOCKER_TAGS += $(subst -,.,$(PACKAGE_VERSION))
+DOCKER_TAG += $(subst -,.,$(PACKAGE_VERSION))
else
-DOCKER_TAGS += $(subst -,.,$(PACKAGE_VERSION))-$(subst /,-,$(GIT_BRANCH))
+DOCKER_TAG += $(subst -,.,$(PACKAGE_VERSION))-$(subst /,-,$(GIT_BRANCH))
endif
-DOCKER_REPO = $(COMPANY_NAME)/4testing-$(PRODUCT_NAME)
+DOCKER_TAGS += $(DOCKER_TAG)
+
+DOCKER_REPO = $(COMPANY_NAME_LOW_ESCAPED)/4testing-$(PRODUCT_NAME_LOW)
COLON := __colon__
DOCKER_TARGETS := $(foreach TAG,$(DOCKER_TAGS),$(DOCKER_REPO)$(COLON)$(TAG))
-.PHONY: all clean clean-docker deploy docker
+DOCKER_ARCH := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME_LOW)_$(PACKAGE_VERSION).tar.gz
+
+.PHONY: all clean clean-docker deploy docker publish
$(DOCKER_TARGETS): $(DEB_REPO_DATA)
- docker build --build-arg REPO_URL=$(REPO_URL) --build-arg PRODUCT_NAME=$(COMPANY_NAME)-$(PRODUCT_NAME) -t $(subst $(COLON),:,$@) . &&\
+ docker build \
+ --build-arg REPO_URL=$(REPO_URL) \
+ --build-arg COMPANY_NAME=$(COMPANY_NAME_LOW) \
+ --build-arg PRODUCT_NAME=$(PRODUCT_NAME_LOW) \
+ --build-arg ONLYOFFICE_VALUE=$(ONLYOFFICE_VALUE) \
+ -t $(subst $(COLON),:,$@) . &&\
mkdir -p $$(dirname $@) &&\
echo "Done" > $@
+$(DOCKER_ARCH): $(DOCKER_TARGETS)
+ docker save $(DOCKER_REPO):$(DOCKER_TAG) | \
+ gzip > $@
+
all: $(DOCKER_TARGETS)
clean:
- rm -rfv $(DOCKER_TARGETS)
+ rm -rfv $(DOCKER_TARGETS) $(DOCKER_ARCH)
clean-docker:
- docker rmi -f $$(docker images -q $(COMPANY_NAME)/*) || exit 0
+ docker rmi -f $$(docker images -q $(COMPANY_NAME_LOW)/*) || exit 0
deploy: $(DOCKER_TARGETS)
$(foreach TARGET,$(DOCKER_TARGETS),docker push $(subst $(COLON),:,$(TARGET));)
+
+publish: $(DOCKER_ARCH)
+ aws s3 cp \
+ $(DOCKER_ARCH) \
+ s3://repo-doc-onlyoffice-com.s3.amazonaws.com/docker/amd64/ \
+ --acl public-read
diff --git a/README.md b/README.md
index c921efbc754339463b536531521a45b8bce2fa89..12beef510730d272933d7c3655d9686a5d7449eb 100644
--- a/README.md
+++ b/README.md
@@ -67,6 +67,8 @@ To get access to your data from outside the container, you need to mount the vol
-v /app/onlyoffice/DocumentServer/logs:/var/log/onlyoffice \
-v /app/onlyoffice/DocumentServer/data:/var/www/onlyoffice/Data \
-v /app/onlyoffice/DocumentServer/lib:/var/lib/onlyoffice \
+ -v /app/onlyoffice/DocumentServer/rabbitmq:/var/lib/rabbitmq \
+ -v /app/onlyoffice/DocumentServer/redis:/var/lib/redis \
-v /app/onlyoffice/DocumentServer/db:/var/lib/postgresql onlyoffice/documentserver
Normally, you do not need to store container data because the container's operation does not depend on its state. Saving data will be useful:
@@ -162,13 +164,14 @@ Below is the complete list of parameters that can be set using environment varia
- **SSL_KEY_PATH**: The path to the SSL certificate's private key. Defaults to `/var/www/onlyoffice/Data/certs/onlyoffice.key`.
- **SSL_DHPARAM_PATH**: The path to the Diffie-Hellman parameter. Defaults to `/var/www/onlyoffice/Data/certs/dhparam.pem`.
- **SSL_VERIFY_CLIENT**: Enable verification of client certificates using the `CA_CERTIFICATES_PATH` file. Defaults to `false`
-- **POSTGRESQL_SERVER_HOST**: The IP address or the name of the host where the PostgreSQL server is running.
-- **POSTGRESQL_SERVER_PORT**: The PostgreSQL server port number.
-- **POSTGRESQL_SERVER_DB_NAME**: The name of a PostgreSQL database to be created on the image startup.
-- **POSTGRESQL_SERVER_USER**: The new user name with superuser permissions for the PostgreSQL account.
-- **POSTGRESQL_SERVER_PASS**: The password set for the PostgreSQL account.
-- **AMQP_SERVER_URL**: The [AMQP URL](http://www.rabbitmq.com/uri-spec.html "RabbitMQ URI Specification") to connect to message broker server.
-- **AMQP_SERVER_TYPE**: The message broker type. Supported values are `rabbitmq` or `activemq`. Defaults to `rabbitmq`.
+- **DB_TYPE**: The database type. Supported values are `postgres`, `mariadb` or `mysql`. Defaults to `postgres`.
+- **DB_HOST**: The IP address or the name of the host where the database server is running.
+- **DB_PORT**: The database server port number.
+- **DB_NAME**: The name of a database to be created on the image startup.
+- **DB_USER**: The new user name with superuser permissions for the database account.
+- **DB_PWD**: The password set for the database account.
+- **AMQP_URI**: The [AMQP URI](http://www.rabbitmq.com/uri-spec.html "RabbitMQ URI Specification") to connect to message broker server.
+- **AMQP_TYPE**: The message broker type. Supported values are `rabbitmq` or `activemq`. Defaults to `rabbitmq`.
- **REDIS_SERVER_HOST**: The IP address or the name of the host where the Redis server is running.
- **REDIS_SERVER_PORT**: The Redis server port number.
- **NGINX_WORKER_PROCESSES**: Defines the number of nginx worker processes.
@@ -176,6 +179,8 @@ Below is the complete list of parameters that can be set using environment varia
- **JWT_ENABLED**: Specifies the enabling the JSON Web Token validation by the ONLYOFFICE Document Server. Defaults to `false`.
- **JWT_SECRET**: Defines the secret key to validate the JSON Web Token in the request to the ONLYOFFICE Document Server. Defaults to `secret`.
- **JWT_HEADER**: Defines the http header that will be used to send the JSON Web Token. Defaults to `Authorization`.
+- **JWT_IN_BODY**: Specifies the enabling the token validation in the request body to the ONLYOFFICE Document Server. Defaults to `false`.
+- **USE_UNAUTHORIZED_STORAGE**: Set to `true`if using selfsigned certificates for your storage server e.g. Nextcloud. Defaults to `false`
## Installing ONLYOFFICE Document Server integrated with Community and Mail Servers
diff --git a/docker-compose.yml b/docker-compose.yml
index 0cc4cf81922790907f6faf34012886c1d9874e38..3ae25f0a305ace90562c028f92b05f03f887b8ce 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -5,17 +5,19 @@ services:
image: onlyoffice/documentserver:latest
environment:
- ONLYOFFICE_DATA_CONTAINER=true
- - POSTGRESQL_SERVER_HOST=onlyoffice-postgresql
- - POSTGRESQL_SERVER_PORT=5432
- - POSTGRESQL_SERVER_DB_NAME=onlyoffice
- - POSTGRESQL_SERVER_USER=onlyoffice
- - AMQP_SERVER_URL=amqp://guest:guest@onlyoffice-rabbitmq
+ - DB_TYPE=postgres
+ - DB_HOST=onlyoffice-postgresql
+ - DB_PORT=5432
+ - DB_NAME=onlyoffice
+ - DB_USER=onlyoffice
+ - AMQP_URI=amqp://guest:guest@onlyoffice-rabbitmq
- REDIS_SERVER_HOST=onlyoffice-redis
- REDIS_SERVER_PORT=6379
# Uncomment strings below to enable the JSON Web Token validation.
#- JWT_ENABLED=true
#- JWT_SECRET=secret
#- JWT_HEADER=Authorization
+ #- JWT_IN_BODY=true
stdin_open: true
restart: always
networks:
diff --git a/run-document-server.sh b/run-document-server.sh
index c46c6b0b19a9b3a72c7fd03f683a2d5b707585ae..5fe88c279e4a0611f35e7feb4355188ad644bf2e 100755
--- a/run-document-server.sh
+++ b/run-document-server.sh
@@ -3,13 +3,13 @@
# Define '**' behavior explicitly
shopt -s globstar
-APP_DIR="/var/www/onlyoffice/documentserver"
-DATA_DIR="/var/www/onlyoffice/Data"
-LOG_DIR="/var/log/onlyoffice"
+APP_DIR="/var/www/${COMPANY_NAME}/documentserver"
+DATA_DIR="/var/www/${COMPANY_NAME}/Data"
+LOG_DIR="/var/log/${COMPANY_NAME}"
DS_LOG_DIR="${LOG_DIR}/documentserver"
-LIB_DIR="/var/lib/onlyoffice"
+LIB_DIR="/var/lib/${COMPANY_NAME}"
DS_LIB_DIR="${LIB_DIR}/documentserver"
-CONF_DIR="/etc/onlyoffice/documentserver"
+CONF_DIR="/etc/${COMPANY_NAME}/documentserver"
ONLYOFFICE_DATA_CONTAINER=${ONLYOFFICE_DATA_CONTAINER:-false}
ONLYOFFICE_DATA_CONTAINER_HOST=${ONLYOFFICE_DATA_CONTAINER_HOST:-localhost}
@@ -21,9 +21,10 @@ SSL_KEY_PATH=${SSL_KEY_PATH:-${SSL_CERTIFICATES_DIR}/onlyoffice.key}
CA_CERTIFICATES_PATH=${CA_CERTIFICATES_PATH:-${SSL_CERTIFICATES_DIR}/ca-certificates.pem}
SSL_DHPARAM_PATH=${SSL_DHPARAM_PATH:-${SSL_CERTIFICATES_DIR}/dhparam.pem}
SSL_VERIFY_CLIENT=${SSL_VERIFY_CLIENT:-off}
+USE_UNAUTHORIZED_STORAGE=${USE_UNAUTHORIZED_STORAGE:-false}
ONLYOFFICE_HTTPS_HSTS_ENABLED=${ONLYOFFICE_HTTPS_HSTS_ENABLED:-true}
ONLYOFFICE_HTTPS_HSTS_MAXAGE=${ONLYOFFICE_HTTPS_HSTS_MAXAGE:-31536000}
-SYSCONF_TEMPLATES_DIR="/app/onlyoffice/setup/config"
+SYSCONF_TEMPLATES_DIR="/app/ds/setup/config"
NGINX_CONFD_PATH="/etc/nginx/conf.d";
NGINX_ONLYOFFICE_PATH="${CONF_DIR}/nginx"
@@ -38,12 +39,13 @@ NGINX_WORKER_CONNECTIONS=${NGINX_WORKER_CONNECTIONS:-$(ulimit -n)}
JWT_ENABLED=${JWT_ENABLED:-false}
JWT_SECRET=${JWT_SECRET:-secret}
JWT_HEADER=${JWT_HEADER:-Authorization}
+JWT_IN_BODY=${JWT_IN_BODY:-false}
ONLYOFFICE_DEFAULT_CONFIG=${CONF_DIR}/local.json
ONLYOFFICE_LOG4JS_CONFIG=${CONF_DIR}/log4js/production.json
ONLYOFFICE_EXAMPLE_CONFIG=${CONF_DIR}-example/local.json
-JSON_BIN=${APP_DIR}/npm/node_modules/.bin/json
+JSON_BIN=${APP_DIR}/npm/json
JSON="${JSON_BIN} -q -f ${ONLYOFFICE_DEFAULT_CONFIG}"
JSON_LOG="${JSON_BIN} -q -f ${ONLYOFFICE_LOG4JS_CONFIG}"
JSON_EXAMPLE="${JSON_BIN} -q -f ${ONLYOFFICE_EXAMPLE_CONFIG}"
@@ -51,22 +53,48 @@ JSON_EXAMPLE="${JSON_BIN} -q -f ${ONLYOFFICE_EXAMPLE_CONFIG}"
LOCAL_SERVICES=()
PG_ROOT=/var/lib/postgresql
-PG_VERSION=9.5
+PG_VERSION=10
PG_NAME=main
PGDATA=${PG_ROOT}/${PG_VERSION}/${PG_NAME}
PG_NEW_CLUSTER=false
+RABBITMQ_DATA=/var/lib/rabbitmq
+REDIS_DATA=/var/lib/redis
read_setting(){
- POSTGRESQL_SERVER_HOST=${POSTGRESQL_SERVER_HOST:-$(${JSON} services.CoAuthoring.sql.dbHost)}
- POSTGRESQL_SERVER_PORT=${POSTGRESQL_SERVER_PORT:-5432}
- POSTGRESQL_SERVER_DB_NAME=${POSTGRESQL_SERVER_DB_NAME:-$(${JSON} services.CoAuthoring.sql.dbName)}
- POSTGRESQL_SERVER_USER=${POSTGRESQL_SERVER_USER:-$(${JSON} services.CoAuthoring.sql.dbUser)}
- POSTGRESQL_SERVER_PASS=${POSTGRESQL_SERVER_PASS:-$(${JSON} services.CoAuthoring.sql.dbPass)}
+ deprecated_var POSTGRESQL_SERVER_HOST DB_HOST
+ deprecated_var POSTGRESQL_SERVER_PORT DB_PORT
+ deprecated_var POSTGRESQL_SERVER_DB_NAME DB_NAME
+ deprecated_var POSTGRESQL_SERVER_USER DB_USER
+ deprecated_var POSTGRESQL_SERVER_PASS DB_PWD
+ deprecated_var RABBITMQ_SERVER_URL AMQP_URI
+ deprecated_var AMQP_SERVER_URL AMQP_URI
+ deprecated_var AMQP_SERVER_TYPE AMQP_TYPE
+
+ DB_HOST=${DB_HOST:-${POSTGRESQL_SERVER_HOST:-$(${JSON} services.CoAuthoring.sql.dbHost)}}
+ case $DB_TYPE in
+ "postgres")
+ DB_PORT=${DB_PORT:-"5432"}
+ ;;
+ "mariadb"|"mysql")
+ DB_PORT=${DB_PORT:-"3306"}
+ ;;
+ "")
+ DB_PORT=${DB_PORT:-${POSTGRESQL_SERVER_PORT:-$(${JSON} services.CoAuthoring.sql.dbPort)}}
+ ;;
+ *)
+ echo "ERROR: unknown database type"
+ exit 1
+ ;;
+ esac
+ DB_NAME=${DB_NAME:-${POSTGRESQL_SERVER_DB_NAME:-$(${JSON} services.CoAuthoring.sql.dbName)}}
+ DB_USER=${DB_USER:-${POSTGRESQL_SERVER_USER:-$(${JSON} services.CoAuthoring.sql.dbUser)}}
+ DB_PWD=${DB_PWD:-${POSTGRESQL_SERVER_PASS:-$(${JSON} services.CoAuthoring.sql.dbPass)}}
+ DB_TYPE=${DB_TYPE:-$(${JSON} services.CoAuthoring.sql.type)}
RABBITMQ_SERVER_URL=${RABBITMQ_SERVER_URL:-$(${JSON} rabbitmq.url)}
- AMQP_SERVER_URL=${AMQP_SERVER_URL:-${RABBITMQ_SERVER_URL}}
- AMQP_SERVER_TYPE=${AMQP_SERVER_TYPE:-rabbitmq}
- parse_rabbitmq_url ${AMQP_SERVER_URL}
+ AMQP_URI=${AMQP_URI:-${AMQP_SERVER_URL:-${RABBITMQ_SERVER_URL}}}
+ AMQP_TYPE=${AMQP_TYPE:-${AMQP_SERVER_TYPE:-rabbitmq}}
+ parse_rabbitmq_url ${AMQP_URI}
REDIS_SERVER_HOST=${REDIS_SERVER_HOST:-$(${JSON} services.CoAuthoring.redis.host)}
REDIS_SERVER_PORT=${REDIS_SERVER_PORT:-6379}
@@ -74,6 +102,12 @@ read_setting(){
DS_LOG_LEVEL=${DS_LOG_LEVEL:-$(${JSON_LOG} categories.default.level)}
}
+deprecated_var() {
+ if [[ -n ${!1} ]]; then
+ echo "Variable $1 is deprecated. Use $2 instead."
+ fi
+}
+
parse_rabbitmq_url(){
local amqp=$1
@@ -123,8 +157,8 @@ waiting_for_connection(){
done
}
-waiting_for_postgresql(){
- waiting_for_connection ${POSTGRESQL_SERVER_HOST} ${POSTGRESQL_SERVER_PORT}
+waiting_for_db(){
+ waiting_for_connection $DB_HOST $DB_PORT
}
waiting_for_amqp(){
@@ -137,22 +171,23 @@ waiting_for_redis(){
waiting_for_datacontainer(){
waiting_for_connection ${ONLYOFFICE_DATA_CONTAINER_HOST} ${ONLYOFFICE_DATA_CONTAINER_PORT}
}
-update_postgresql_settings(){
- ${JSON} -I -e "this.services.CoAuthoring.sql.dbHost = '${POSTGRESQL_SERVER_HOST}'"
- ${JSON} -I -e "this.services.CoAuthoring.sql.dbPort = '${POSTGRESQL_SERVER_PORT}'"
- ${JSON} -I -e "this.services.CoAuthoring.sql.dbName = '${POSTGRESQL_SERVER_DB_NAME}'"
- ${JSON} -I -e "this.services.CoAuthoring.sql.dbUser = '${POSTGRESQL_SERVER_USER}'"
- ${JSON} -I -e "this.services.CoAuthoring.sql.dbPass = '${POSTGRESQL_SERVER_PASS}'"
+update_db_settings(){
+ ${JSON} -I -e "this.services.CoAuthoring.sql.type = '${DB_TYPE}'"
+ ${JSON} -I -e "this.services.CoAuthoring.sql.dbHost = '${DB_HOST}'"
+ ${JSON} -I -e "this.services.CoAuthoring.sql.dbPort = '${DB_PORT}'"
+ ${JSON} -I -e "this.services.CoAuthoring.sql.dbName = '${DB_NAME}'"
+ ${JSON} -I -e "this.services.CoAuthoring.sql.dbUser = '${DB_USER}'"
+ ${JSON} -I -e "this.services.CoAuthoring.sql.dbPass = '${DB_PWD}'"
}
update_rabbitmq_setting(){
- if [ "${AMQP_SERVER_TYPE}" == "rabbitmq" ]; then
+ if [ "${AMQP_TYPE}" == "rabbitmq" ]; then
${JSON} -I -e "if(this.queue===undefined)this.queue={};"
${JSON} -I -e "this.queue.type = 'rabbitmq'"
- ${JSON} -I -e "this.rabbitmq.url = '${AMQP_SERVER_URL}'"
+ ${JSON} -I -e "this.rabbitmq.url = '${AMQP_URI}'"
fi
- if [ "${AMQP_SERVER_TYPE}" == "activemq" ]; then
+ if [ "${AMQP_TYPE}" == "activemq" ]; then
${JSON} -I -e "if(this.queue===undefined)this.queue={};"
${JSON} -I -e "this.queue.type = 'activemq'"
${JSON} -I -e "if(this.activemq===undefined)this.activemq={};"
@@ -194,7 +229,7 @@ update_redis_settings(){
${JSON} -I -e "this.services.CoAuthoring.redis.port = '${REDIS_SERVER_PORT}'"
}
-update_jwt_settings(){
+update_ds_settings(){
if [ "${JWT_ENABLED}" == "true" ]; then
${JSON} -I -e "this.services.CoAuthoring.token.enable.browser = ${JWT_ENABLED}"
${JSON} -I -e "this.services.CoAuthoring.token.enable.request.inbox = ${JWT_ENABLED}"
@@ -207,12 +242,20 @@ update_jwt_settings(){
${JSON} -I -e "this.services.CoAuthoring.token.inbox.header = '${JWT_HEADER}'"
${JSON} -I -e "this.services.CoAuthoring.token.outbox.header = '${JWT_HEADER}'"
+ ${JSON} -I -e "this.services.CoAuthoring.token.inbox.inBody = ${JWT_IN_BODY}"
+ ${JSON} -I -e "this.services.CoAuthoring.token.outbox.inBody = ${JWT_IN_BODY}"
+
if [ -f "${ONLYOFFICE_EXAMPLE_CONFIG}" ] && [ "${JWT_ENABLED}" == "true" ]; then
${JSON_EXAMPLE} -I -e "this.server.token.enable = ${JWT_ENABLED}"
${JSON_EXAMPLE} -I -e "this.server.token.secret = '${JWT_SECRET}'"
${JSON_EXAMPLE} -I -e "this.server.token.authorizationHeader = '${JWT_HEADER}'"
fi
fi
+
+ if [ "${USE_UNAUTHORIZED_STORAGE}" == "true" ]; then
+ ${JSON} -I -e "if(this.services.CoAuthoring.requestDefaults===undefined)this.services.CoAuthoring.requestDefaults={}"
+ ${JSON} -I -e "if(this.services.CoAuthoring.requestDefaults.rejectUnauthorized===undefined)this.services.CoAuthoring.requestDefaults.rejectUnauthorized=false"
+ fi
}
create_postgresql_cluster(){
@@ -232,10 +275,21 @@ create_postgresql_db(){
sudo -u postgres psql -c "GRANT ALL privileges ON DATABASE onlyoffice TO onlyoffice;"
}
-create_postgresql_tbl(){
- CONNECTION_PARAMS="-h${POSTGRESQL_SERVER_HOST} -p${POSTGRESQL_SERVER_PORT} -U${POSTGRESQL_SERVER_USER} -w"
- if [ -n "${POSTGRESQL_SERVER_PASS}" ]; then
- export PGPASSWORD=${POSTGRESQL_SERVER_PASS}
+create_db_tbl() {
+ case $DB_TYPE in
+ "postgres")
+ create_postgresql_tbl
+ ;;
+ "mariadb"|"mysql")
+ create_mysql_tbl
+ ;;
+ esac
+}
+
+create_postgresql_tbl() {
+ CONNECTION_PARAMS="-h$DB_HOST -p$DB_PORT -U$DB_USER -w"
+ if [ -n "$DB_PWD" ]; then
+ export PGPASSWORD=$DB_PWD
fi
PSQL="psql -q $CONNECTION_PARAMS"
@@ -243,10 +297,33 @@ create_postgresql_tbl(){
# Create db on remote server
if $PSQL -lt | cut -d\| -f 1 | grep -qw | grep 0; then
- $CREATEDB $POSTGRESQL_SERVER_DB_NAME
+ $CREATEDB $DB_NAME
fi
- $PSQL -d "${POSTGRESQL_SERVER_DB_NAME}" -f "${APP_DIR}/server/schema/postgresql/createdb.sql"
+ $PSQL -d "$DB_NAME" -f "$APP_DIR/server/schema/postgresql/createdb.sql"
+}
+
+create_mysql_tbl() {
+ CONNECTION_PARAMS="-h$DB_HOST -P$DB_PORT -u$DB_USER -p$DB_PWD -w"
+ MYSQL="mysql -q $CONNECTION_PARAMS"
+
+ # Create db on remote server
+ $MYSQL -e "CREATE DATABASE IF NOT EXISTS $DB_NAME DEFAULT CHARACTER SET utf8 DEFAULT COLLATE utf8_general_ci;" >/dev/null 2>&1
+
+ $MYSQL $DB_NAME < "$APP_DIR/server/schema/mysql/createdb.sql" >/dev/null 2>&1
+}
+
+update_welcome_page() {
+ WELCOME_PAGE="${APP_DIR}-example/welcome/docker.html"
+ if [[ -e $WELCOME_PAGE ]]; then
+ DOCKER_CONTAINER_ID=$(basename $(cat /proc/1/cpuset))
+ if [[ -x $(command -v docker) ]]; then
+ DOCKER_CONTAINER_NAME=$(docker inspect --format="{{.Name}}" $DOCKER_CONTAINER_ID)
+ sed 's/$(sudo docker ps -q)/'"${DOCKER_CONTAINER_NAME#/}"'/' -i $WELCOME_PAGE
+ else
+ sed 's/$(sudo docker ps -q)/'"${DOCKER_CONTAINER_ID::12}"'/' -i $WELCOME_PAGE
+ fi
+ fi
}
update_nginx_settings(){
@@ -314,15 +391,15 @@ update_logrotate_settings(){
}
# create base folders
-for i in converter docservice spellchecker metrics gc; do
+for i in converter docservice spellchecker metrics; do
mkdir -p "${DS_LOG_DIR}/$i"
done
mkdir -p ${DS_LOG_DIR}-example
# create app folders
-for i in App_Data/cache/files App_Data/docbuilder; do
- mkdir -p "${DS_LIB_DIR}/$i"
+for i in ${DS_LIB_DIR}/App_Data/cache/files ${DS_LIB_DIR}/App_Data/docbuilder ${DS_LIB_DIR}-example/files; do
+ mkdir -p "$i"
done
# change folder rights
@@ -335,15 +412,17 @@ if [ ${ONLYOFFICE_DATA_CONTAINER_HOST} = "localhost" ]; then
read_setting
+ update_welcome_page
+
update_log_settings
- update_jwt_settings
+ update_ds_settings
# update settings by env variables
- if [ ${POSTGRESQL_SERVER_HOST} != "localhost" ]; then
- update_postgresql_settings
- waiting_for_postgresql
- create_postgresql_tbl
+ if [ $DB_HOST != "localhost" ]; then
+ update_db_settings
+ waiting_for_db
+ create_db_tbl
else
# change rights for postgres directory
chown -R postgres:postgres ${PG_ROOT}
@@ -360,6 +439,13 @@ if [ ${ONLYOFFICE_DATA_CONTAINER_HOST} = "localhost" ]; then
if [ ${AMQP_SERVER_HOST} != "localhost" ]; then
update_rabbitmq_setting
else
+ # change rights for rabbitmq directory
+ chown -R rabbitmq:rabbitmq ${RABBITMQ_DATA}
+ chmod -R go=rX,u=rwX ${RABBITMQ_DATA}
+ if [ -f ${RABBITMQ_DATA}/.erlang.cookie ]; then
+ chmod 400 ${RABBITMQ_DATA}/.erlang.cookie
+ fi
+
LOCAL_SERVICES+=("rabbitmq-server")
# allow Rabbitmq startup after container kill
rm -rf /var/run/rabbitmq
@@ -368,6 +454,10 @@ if [ ${ONLYOFFICE_DATA_CONTAINER_HOST} = "localhost" ]; then
if [ ${REDIS_SERVER_HOST} != "localhost" ]; then
update_redis_settings
else
+ # change rights for redis directory
+ chown -R redis:redis ${REDIS_DATA}
+ chmod -R 750 ${REDIS_DATA}
+
LOCAL_SERVICES+=("redis-server")
fi
else
@@ -377,6 +467,8 @@ else
# read settings after the data container in ready state
# to prevent get unconfigureted data
read_setting
+
+ update_welcome_page
fi
#start needed local services
@@ -390,7 +482,7 @@ if [ ${PG_NEW_CLUSTER} = "true" ]; then
fi
if [ ${ONLYOFFICE_DATA_CONTAINER} != "true" ]; then
- waiting_for_postgresql
+ waiting_for_db
waiting_for_amqp
waiting_for_redis
@@ -412,4 +504,4 @@ service nginx start
documentserver-generate-allfonts.sh ${ONLYOFFICE_DATA_CONTAINER}
documentserver-static-gzip.sh ${ONLYOFFICE_DATA_CONTAINER}
-tail -f /var/log/onlyoffice/**/*.log
+tail -f /var/log/${COMPANY_NAME}/**/*.log