Add onlyoffice user
This commit is contained in:
parent
12ab50d3a5
commit
57db3d548c
@ -67,7 +67,7 @@ RUN cd ${SRC_PATH} && \
|
|||||||
rm -rf ${SRC_PATH}/server/products/ASC.Files/Service/* && \
|
rm -rf ${SRC_PATH}/server/products/ASC.Files/Service/* && \
|
||||||
rm -rf ${SRC_PATH}/server/products/ASC.People/Server/*
|
rm -rf ${SRC_PATH}/server/products/ASC.People/Server/*
|
||||||
|
|
||||||
COPY config/mysql/conf.d/mysql.cnf /etc/mysql/conf.d/mysql.cnf
|
COPY --chown=onlyoffice:onlyoffice config/mysql/conf.d/mysql.cnf /etc/mysql/conf.d/mysql.cnf
|
||||||
|
|
||||||
FROM $DOTNET_RUN as dotnetrun
|
FROM $DOTNET_RUN as dotnetrun
|
||||||
ARG BUILD_PATH
|
ARG BUILD_PATH
|
||||||
@ -124,7 +124,7 @@ RUN mkdir -p /var/log/onlyoffice && \
|
|||||||
rm -rf /var/lib/apt/lists/*
|
rm -rf /var/lib/apt/lists/*
|
||||||
|
|
||||||
COPY --from=base --chown=onlyoffice:onlyoffice /app/onlyoffice/config/* /app/onlyoffice/config/
|
COPY --from=base --chown=onlyoffice:onlyoffice /app/onlyoffice/config/* /app/onlyoffice/config/
|
||||||
|
USER onlyoffice
|
||||||
EXPOSE 5050
|
EXPOSE 5050
|
||||||
ENTRYPOINT ["python3", "docker-entrypoint.py"]
|
ENTRYPOINT ["python3", "docker-entrypoint.py"]
|
||||||
|
|
||||||
@ -139,25 +139,32 @@ ENV DNS_NAMESERVER=127.0.0.11 \
|
|||||||
|
|
||||||
RUN apt-get -y update && \
|
RUN apt-get -y update && \
|
||||||
apt-get install -yq vim && \
|
apt-get install -yq vim && \
|
||||||
|
mkdir -p /var/log/nginx/ && \
|
||||||
addgroup --system --gid 107 onlyoffice && \
|
addgroup --system --gid 107 onlyoffice && \
|
||||||
adduser -uid 104 --quiet --home /var/www/onlyoffice --system --gid 107 onlyoffice && \
|
adduser -uid 104 --quiet --home /var/www/onlyoffice --system --gid 107 onlyoffice && \
|
||||||
rm -rf /var/lib/apt/lists/* && \
|
rm -rf /var/lib/apt/lists/* && \
|
||||||
rm -rf /usr/share/nginx/html/*
|
rm -rf /usr/share/nginx/html/* && \
|
||||||
|
chown -R onlyoffice:onlyoffice /etc/nginx/ && \
|
||||||
|
chown -R onlyoffice:onlyoffice /var/ && \
|
||||||
|
chown -R onlyoffice:onlyoffice /usr/ && \
|
||||||
|
chown -R onlyoffice:onlyoffice /run/ && \
|
||||||
|
chown -R onlyoffice:onlyoffice /var/log/nginx/
|
||||||
|
|
||||||
# copy static services files and config values
|
# copy static services files and config values
|
||||||
COPY --from=base /etc/nginx/conf.d /etc/nginx/conf.d
|
COPY --from=base --chown=onlyoffice:onlyoffice /etc/nginx/conf.d /etc/nginx/conf.d
|
||||||
COPY --from=base /etc/nginx/includes /etc/nginx/includes
|
COPY --from=base --chown=onlyoffice:onlyoffice /etc/nginx/includes /etc/nginx/includes
|
||||||
COPY --from=base ${SRC_PATH}/publish/web/client ${BUILD_PATH}/client
|
COPY --from=base --chown=onlyoffice:onlyoffice ${SRC_PATH}/publish/web/client ${BUILD_PATH}/client
|
||||||
COPY --from=base ${SRC_PATH}/publish/web/public ${BUILD_PATH}/public
|
COPY --from=base --chown=onlyoffice:onlyoffice ${SRC_PATH}/publish/web/public ${BUILD_PATH}/public
|
||||||
COPY --from=base ${SRC_PATH}/campaigns/src/campaigns ${BUILD_PATH}/public/campaigns
|
COPY --from=base --chown=onlyoffice:onlyoffice ${SRC_PATH}/campaigns/src/campaigns ${BUILD_PATH}/public/campaigns
|
||||||
COPY --from=base ${SRC_PATH}/publish/web/management ${BUILD_PATH}/management
|
COPY --from=base --chown=onlyoffice:onlyoffice ${SRC_PATH}/publish/web/management ${BUILD_PATH}/management
|
||||||
COPY --from=base ${SRC_PATH}/buildtools/install/docker/config/nginx/docker-entrypoint.d /docker-entrypoint.d
|
COPY --from=base --chown=onlyoffice:onlyoffice ${SRC_PATH}/buildtools/install/docker/config/nginx/docker-entrypoint.d /docker-entrypoint.d
|
||||||
COPY --from=base ${SRC_PATH}/buildtools/install/docker/config/nginx/templates/upstream.conf.template /etc/nginx/templates/upstream.conf.template
|
COPY --from=base --chown=onlyoffice:onlyoffice ${SRC_PATH}/buildtools/install/docker/config/nginx/templates/upstream.conf.template /etc/nginx/templates/upstream.conf.template
|
||||||
COPY --from=base ${SRC_PATH}/buildtools/install/docker/config/nginx/templates/nginx.conf.template /etc/nginx/nginx.conf.template
|
COPY --from=base --chown=onlyoffice:onlyoffice ${SRC_PATH}/buildtools/install/docker/config/nginx/templates/nginx.conf.template /etc/nginx/nginx.conf.template
|
||||||
COPY --from=base ${SRC_PATH}/buildtools/config/nginx/html /etc/nginx/html
|
COPY --from=base --chown=onlyoffice:onlyoffice ${SRC_PATH}/buildtools/config/nginx/html /etc/nginx/html
|
||||||
COPY --from=base ${SRC_PATH}/buildtools/install/docker/prepare-nginx-router.sh /docker-entrypoint.d/prepare-nginx-router.sh
|
COPY --from=base --chown=onlyoffice:onlyoffice ${SRC_PATH}/buildtools/install/docker/prepare-nginx-router.sh /docker-entrypoint.d/prepare-nginx-router.sh
|
||||||
COPY --from=base ${SRC_PATH}/buildtools/install/docker/config/nginx/docker-entrypoint.sh /docker-entrypoint.sh
|
COPY --from=base --chown=onlyoffice:onlyoffice ${SRC_PATH}/buildtools/install/docker/config/nginx/docker-entrypoint.sh /docker-entrypoint.sh
|
||||||
|
|
||||||
|
USER onlyoffice
|
||||||
|
|
||||||
# changes for upstream configure
|
# changes for upstream configure
|
||||||
RUN sed -i 's/127.0.0.1:5010/$service_api_system/' /etc/nginx/conf.d/onlyoffice.conf && \
|
RUN sed -i 's/127.0.0.1:5010/$service_api_system/' /etc/nginx/conf.d/onlyoffice.conf && \
|
||||||
@ -253,14 +260,14 @@ CMD ["ASC.Files.dll", "ASC.Files"]
|
|||||||
FROM dotnetrun AS files_services
|
FROM dotnetrun AS files_services
|
||||||
ENV LD_LIBRARY_PATH=/usr/local/lib:/usr/local/lib64
|
ENV LD_LIBRARY_PATH=/usr/local/lib:/usr/local/lib64
|
||||||
WORKDIR ${BUILD_PATH}/products/ASC.Files/service/
|
WORKDIR ${BUILD_PATH}/products/ASC.Files/service/
|
||||||
|
USER root
|
||||||
RUN echo "deb http://security.ubuntu.com/ubuntu focal-security main" | tee /etc/apt/sources.list && \
|
RUN echo "deb http://security.ubuntu.com/ubuntu focal-security main" | tee /etc/apt/sources.list && \
|
||||||
apt-key adv --keyserver keys.gnupg.net --recv-keys 3B4FE6ACC0B21F32 && \
|
apt-key adv --keyserver keys.gnupg.net --recv-keys 3B4FE6ACC0B21F32 && \
|
||||||
apt-key adv --keyserver keys.gnupg.net --recv-keys 871920D1991BC93C && \
|
apt-key adv --keyserver keys.gnupg.net --recv-keys 871920D1991BC93C && \
|
||||||
apt-get -y update && \
|
apt-get -y update && \
|
||||||
apt-get install -yq libssl1.1 && \
|
apt-get install -yq libssl1.1 && \
|
||||||
rm -rf /var/lib/apt/lists/*
|
rm -rf /var/lib/apt/lists/*
|
||||||
|
USER onlyoffice
|
||||||
COPY --chown=onlyoffice:onlyoffice docker-entrypoint.py ./docker-entrypoint.py
|
COPY --chown=onlyoffice:onlyoffice docker-entrypoint.py ./docker-entrypoint.py
|
||||||
COPY --from=base --chown=onlyoffice:onlyoffice ${BUILD_PATH}/services/ASC.Files.Service/service/ .
|
COPY --from=base --chown=onlyoffice:onlyoffice ${BUILD_PATH}/services/ASC.Files.Service/service/ .
|
||||||
COPY --from=onlyoffice/ffvideo:6.0 --chown=onlyoffice:onlyoffice /usr/local /usr/local/
|
COPY --from=onlyoffice/ffvideo:6.0 --chown=onlyoffice:onlyoffice /usr/local /usr/local/
|
||||||
@ -346,6 +353,9 @@ ARG BUILD_PATH
|
|||||||
ARG SRC_PATH
|
ARG SRC_PATH
|
||||||
ENV BUILD_PATH=${BUILD_PATH}
|
ENV BUILD_PATH=${BUILD_PATH}
|
||||||
ENV SRC_PATH=${SRC_PATH}
|
ENV SRC_PATH=${SRC_PATH}
|
||||||
|
RUN addgroup --system --gid 107 onlyoffice && \
|
||||||
|
adduser -uid 104 --quiet --home /var/www/onlyoffice --system --gid 107 onlyoffice
|
||||||
|
USER onlyoffice
|
||||||
WORKDIR ${BUILD_PATH}/services/ASC.Migration.Runner/
|
WORKDIR ${BUILD_PATH}/services/ASC.Migration.Runner/
|
||||||
COPY ./docker-migration-entrypoint.sh ./docker-migration-entrypoint.sh
|
COPY ./docker-migration-entrypoint.sh ./docker-migration-entrypoint.sh
|
||||||
COPY --from=base ${SRC_PATH}/server/ASC.Migration.Runner/service/ .
|
COPY --from=base ${SRC_PATH}/server/ASC.Migration.Runner/service/ .
|
||||||
@ -358,15 +368,17 @@ RUN mkdir -p /app/ASC.Files/server && \
|
|||||||
mkdir -p /app/ASC.People/server && \
|
mkdir -p /app/ASC.People/server && \
|
||||||
addgroup --system --gid 107 onlyoffice && \
|
addgroup --system --gid 107 onlyoffice && \
|
||||||
adduser -u 104 onlyoffice --home /var/www/onlyoffice --system -G onlyoffice
|
adduser -u 104 onlyoffice --home /var/www/onlyoffice --system -G onlyoffice
|
||||||
|
USER onlyoffice
|
||||||
COPY bin-share-docker-entrypoint.sh /app/docker-entrypoint.sh
|
COPY --chown=onlyoffice:onlyoffice bin-share-docker-entrypoint.sh /app/docker-entrypoint.sh
|
||||||
COPY --from=base /var/www/products/ASC.Files/server/ /app/ASC.Files/server/
|
COPY --from=base --chown=onlyoffice:onlyoffice /var/www/products/ASC.Files/server/ /app/ASC.Files/server/
|
||||||
COPY --from=base /var/www/products/ASC.People/server/ /app/ASC.People/server/
|
COPY --from=base --chown=onlyoffice:onlyoffice /var/www/products/ASC.People/server/ /app/ASC.People/server/
|
||||||
ENTRYPOINT ["./app/docker-entrypoint.sh"]
|
ENTRYPOINT ["./app/docker-entrypoint.sh"]
|
||||||
|
|
||||||
## image for k8s wait-bin-share ##
|
## image for k8s wait-bin-share ##
|
||||||
FROM busybox:latest AS wait_bin_share
|
FROM busybox:latest AS wait_bin_share
|
||||||
RUN mkdir /app
|
RUN addgroup --system --gid 107 onlyoffice && \
|
||||||
|
adduser -u 104 onlyoffice --home /var/www/onlyoffice --system -G onlyoffice && \
|
||||||
COPY wait-bin-share-docker-entrypoint.sh /app/docker-entrypoint.sh
|
mkdir /app
|
||||||
|
USER onlyoffice
|
||||||
|
COPY --chown=onlyoffice:onlyoffice wait-bin-share-docker-entrypoint.sh /app/docker-entrypoint.sh
|
||||||
ENTRYPOINT ["./app/docker-entrypoint.sh"]
|
ENTRYPOINT ["./app/docker-entrypoint.sh"]
|
||||||
|
Loading…
Reference in New Issue
Block a user