diff --git a/install/OneClickInstall/install-Debian.sh b/install/OneClickInstall/install-Debian.sh index e9a41037f6..206f89e5bb 100644 --- a/install/OneClickInstall/install-Debian.sh +++ b/install/OneClickInstall/install-Debian.sh @@ -13,6 +13,7 @@ RES_APP_CHECK_PORTS="uses ports" RES_CHECK_PORTS="please, make sure that the ports are free."; RES_INSTALL_SUCCESS="Thank you for installing ONLYOFFICE ${product_name}."; RES_QUESTIONS="In case you have any questions contact us via http://support.onlyoffice.com or visit our forum at http://forum.onlyoffice.com" +INSTALL_FLUENT_BIT="true" while [ "$1" != "" ]; do case $1 in @@ -53,6 +54,27 @@ while [ "$1" != "" ]; do fi ;; + -ifb | --installfluentbit ) + if [ "$2" != "" ]; then + INSTALL_FLUENT_BIT=$2 + shift + fi + ;; + + -du | --dashboadrsusername ) + if [ "$2" != "" ]; then + DASHBOARDS_USERNAME=$2 + shift + fi + ;; + + -dp | --dashboadrspassword ) + if [ "$2" != "" ]; then + DASHBOARDS_PASSWORD=$2 + shift + fi + ;; + -ls | --localscripts ) if [ "$2" != "" ]; then LOCAL_SCRIPTS=$2 @@ -89,6 +111,9 @@ while [ "$1" != "" ]; do echo " -je, --jwtenabled specifies the enabling the JWT validation (true|false)" echo " -jh, --jwtheader defines the http header that will be used to send the JWT" echo " -js, --jwtsecret defines the secret key to validate the JWT in the request" + echo " -ifb, --installfluentbit install or update fluent-bit (true|false)" + echo " -du, --dashboadrsusername login for authorization in /dashboards/" + echo " -dp, --dashboadrspassword password for authorization in /dashboards/" echo " -ls, --local_scripts use 'true' to run local scripts (true|false)" echo " -skiphc, --skiphardwarecheck use to skip hardware check (true|false)" echo " -ms, --makeswap make swap file (true|false)" diff --git a/install/OneClickInstall/install-Debian/install-app.sh b/install/OneClickInstall/install-Debian/install-app.sh index a0d14b169d..c8705b76d2 100644 --- a/install/OneClickInstall/install-Debian/install-app.sh +++ b/install/OneClickInstall/install-Debian/install-app.sh @@ -85,7 +85,7 @@ elif [ "$UPDATE" = "true" ] && [ "$PRODUCT_INSTALLED" = "true" ]; then fi fi -hold_package_version dotnet-host opensearch redis-server rabbitmq-server +hold_package_version dotnet-host opensearch redis-server rabbitmq-server opensearch-dashboards fluent-bit if [ "$MAKESWAP" == "true" ]; then make_swap diff --git a/install/OneClickInstall/install-Debian/install-preq.sh b/install/OneClickInstall/install-Debian/install-preq.sh index 6c2c0a2821..04402de4ba 100644 --- a/install/OneClickInstall/install-Debian/install-preq.sh +++ b/install/OneClickInstall/install-Debian/install-preq.sh @@ -36,6 +36,13 @@ curl -o- https://artifacts.opensearch.org/publickeys/opensearch.pgp | gpg --dear echo "deb [signed-by=/usr/share/keyrings/opensearch-keyring] https://artifacts.opensearch.org/releases/bundle/opensearch/2.x/apt stable main" >> /etc/apt/sources.list.d/opensearch-2.x.list ELASTIC_VERSION="2.11.1" +#add opensearch dashboards repo +if [ ${INSTALL_FLUENT_BIT} == "true" ]; then + curl -o- https://artifacts.opensearch.org/publickeys/opensearch.pgp | gpg --dearmor --batch --yes -o /usr/share/keyrings/opensearch-keyring + echo "deb [signed-by=/usr/share/keyrings/opensearch-keyring] https://artifacts.opensearch.org/releases/bundle/opensearch-dashboards/2.x/apt stable main" >> /etc/apt/sources.list.d/opensearch-dashboards-2.x.list + DASHBOARDS_VERSION="2.11.1" +fi + # add nodejs repo NODE_VERSION="18" curl -fsSL https://deb.nodesource.com/setup_${NODE_VERSION}.x | bash - @@ -124,6 +131,11 @@ if ! dpkg -l | grep -q "opensearch"; then apt-get install -yq opensearch=${ELASTIC_VERSION} fi +if [ ${INSTALL_FLUENT_BIT} == "true" ]; then + apt-get install -yq opensearch-dashboards=${DASHBOARDS_VERSION} + curl https://raw.githubusercontent.com/fluent/fluent-bit/master/install.sh | sh +fi + # disable apparmor for mysql if which apparmor_parser && [ ! -f /etc/apparmor.d/disable/usr.sbin.mysqld ] && [ -f /etc/apparmor.d/disable/usr.sbin.mysqld ]; then ln -sf /etc/apparmor.d/usr.sbin.mysqld /etc/apparmor.d/disable/; diff --git a/install/OneClickInstall/install-RedHat.sh b/install/OneClickInstall/install-RedHat.sh index 3ee10a2c19..31597e6465 100644 --- a/install/OneClickInstall/install-RedHat.sh +++ b/install/OneClickInstall/install-RedHat.sh @@ -14,6 +14,7 @@ RES_CHECK_PORTS="please, make sure that the ports are free."; RES_INSTALL_SUCCESS="Thank you for installing ONLYOFFICE ${product_name}."; RES_QUESTIONS="In case you have any questions contact us via http://support.onlyoffice.com or visit our forum at http://forum.onlyoffice.com" RES_MARIADB="To continue the installation, you need to remove MariaDB" +INSTALL_FLUENT_BIT="true" res_unsupported_version () { RES_CHOICE="Please, enter Y or N" @@ -62,6 +63,27 @@ while [ "$1" != "" ]; do fi ;; + -ifb | --installfluentbit ) + if [ "$2" != "" ]; then + INSTALL_FLUENT_BIT=$2 + shift + fi + ;; + + -du | --dashboadrsusername ) + if [ "$2" != "" ]; then + DASHBOARDS_USERNAME=$2 + shift + fi + ;; + + -dp | --dashboadrspassword ) + if [ "$2" != "" ]; then + DASHBOARDS_PASSWORD=$2 + shift + fi + ;; + -ls | --localscripts ) if [ "$2" != "" ]; then LOCAL_SCRIPTS=$2 @@ -98,6 +120,9 @@ while [ "$1" != "" ]; do echo " -je, --jwtenabled specifies the enabling the JWT validation (true|false)" echo " -jh, --jwtheader defines the http header that will be used to send the JWT" echo " -js, --jwtsecret defines the secret key to validate the JWT in the request" + echo " -ifb, --installfluentbit install or update fluent-bit (true|false)" + echo " -du, --dashboadrsusername login for authorization in /dashboards/" + echo " -dp, --dashboadrspassword password for authorization in /dashboards/" echo " -ls, --local_scripts use 'true' to run local scripts (true|false)" echo " -skiphc, --skiphardwarecheck use to skip hardware check (true|false)" echo " -ms, --makeswap make swap file (true|false)" diff --git a/install/OneClickInstall/install-RedHat/install-preq.sh b/install/OneClickInstall/install-RedHat/install-preq.sh index 82194ecf60..965c87db17 100644 --- a/install/OneClickInstall/install-RedHat/install-preq.sh +++ b/install/OneClickInstall/install-RedHat/install-preq.sh @@ -69,6 +69,12 @@ fi curl -SL https://artifacts.opensearch.org/releases/bundle/opensearch/2.x/opensearch-2.x.repo -o /etc/yum.repos.d/opensearch-2.x.repo ELASTIC_VERSION="2.11.1" +#add opensearch dashboards repo +if [ ${INSTALL_FLUENT_BIT} == "true" ]; then + curl -SL https://artifacts.opensearch.org/releases/bundle/opensearch-dashboards/2.x/opensearch-dashboards-2.x.repo -o /etc/yum.repos.d/opensearch-dashboards-2.x.repo + DASHBOARDS_VERSION="2.11.1" +fi + # add nginx repo, Fedora doesn't need it if [ "$DIST" != "fedora" ]; then cat > /etc/yum.repos.d/nginx.repo < /etc/openresty/.htpasswd_dashboards + chown nginx:nginx /etc/openresty/.htpasswd_dashboards + + # enable connection with opensearch + sed -i 's~\(opensearch\.hosts:\).*~\1 \[http://localhost:9200\]~' ${DASHBOARDS_CONF_PATH} + sed -i '/^opensearch\_security/d' ${DASHBOARDS_CONF_PATH} + if /usr/share/opensearch-dashboards/bin/opensearch-dashboards-plugin list --allow-root | grep "securityDashboards*" > /dev/null 2>&1 ; then + /usr/share/opensearch-dashboards/bin/opensearch-dashboards-plugin remove securityDashboards --allow-root > /dev/null 2>&1 + fi + + # set basePath variable to get access to Dashboards from a remote host + sed 's_.*\(server.basePath:\).*_\1 "/dashboards"_' -i ${DASHBOARDS_CONF_PATH} + + systemctl restart opensearch-dashboards + echo "OK" +} + +setup_fluentbit() { + echo -n "Configuring fluent-bit... " + + # Replace variables in fluent-bit config file template, force copy to conf directory + sed -i "s/OPENSEARCH_HOST/$ELK_HOST/g; s/OPENSEARCH_PORT/$ELK_PORT/g; s/OPENSEARCH_INDEX/$OPENSEARCH_INDEX/g; s/OPENSEARCH_SCHEME/$ELK_SHEME/g" ${APP_DIR}/fluent-bit.conf + cp -f ${APP_DIR}/fluent-bit.conf /etc/fluent-bit/fluent-bit.conf + + systemctl restart fluent-bit + echo "OK" +} + setup_redis() { echo -n "Configuring redis... " @@ -822,6 +871,14 @@ elif $PACKAGE_MANAGER opensearch >/dev/null 2>&1; then setup_elasticsearch "LOCAL_ELASTIC_SERVER" fi +if $PACKAGE_MANAGER opensearch-dashboards >/dev/null 2>&1; then + setup_dashboards +fi + +if $PACKAGE_MANAGER fluent-bit >/dev/null 2>&1; then + setup_fluentbit +fi + if [[ ! -z $EXTERNAL_REDIS_FLAG ]]; then check_connection_external_services "$REDIS_HOST" "$REDIS_PORT" "Redis" setup_redis "EXTERNAL_REDIS_SERVER" diff --git a/install/deb/debian/product-common.install b/install/deb/debian/product-common.install index 4294882fc7..2f3a5de1c7 100644 --- a/install/deb/debian/product-common.install +++ b/install/deb/debian/product-common.install @@ -2,3 +2,4 @@ debian/build/buildtools/config/*.json etc/onlyo debian/build/buildtools/config/*.config etc/onlyoffice/{{product}} debian/build/buildtools/install/common/{{product}}-configuration usr/bin debian/build/buildtools/install/common/logrotate/{{product}}-common etc/logrotate.d +debian/build/buildtools/install/docker/config/fluent-bit.conf etc/onlyoffice/{{product}} diff --git a/install/deb/debian/rules b/install/deb/debian/rules index 2bc6ff0258..07d8104bc7 100644 --- a/install/deb/debian/rules +++ b/install/deb/debian/rules @@ -76,6 +76,7 @@ override_dh_auto_build: check_archives sed -e 's_etc/nginx_etc/openresty_g' -e 's/listen\s\+\([0-9]\+\);/listen 127.0.0.1:\1;/g' -i ${BUILDTOOLS_PATH}/config/nginx/*.conf sed -i "s#\$$public_root#/var/www/${PRODUCT}/public/#g" ${BUILDTOOLS_PATH}/config/nginx/onlyoffice.conf + sed -E 's_(http://)[^:]+(:5601)_\1localhost\2_g' -i ${BUILDTOOLS_PATH}/config/nginx/onlyoffice.conf sed 's/teamlab.info/onlyoffice.com/g' -i ${BUILDTOOLS_PATH}/config/autofac.consumers.json json -I -f ${CLENT_PATH}/public/scripts/config.json -e "this.wrongPortalNameUrl=\"\"" sed -e 's/$$router_host/127.0.0.1/g' -e 's/this_host\|proxy_x_forwarded_host/host/g' -e 's/proxy_x_forwarded_proto/scheme/g' -e 's/proxy_x_forwarded_port/server_port/g' -e 's_includes_/etc/openresty/includes_g' -i ${BUILDTOOLS_PATH}/install/docker/config/nginx/onlyoffice-proxy*.conf @@ -83,6 +84,8 @@ override_dh_auto_build: check_archives sed -e '/.pid/d' -e '/temp_path/d' -e 's_etc/nginx_etc/openresty_g' -e 's/\.log/-openresty.log/g' -i ${BUILDTOOLS_PATH}/install/docker/config/nginx/templates/nginx.conf.template mv -f ${BUILDTOOLS_PATH}/install/docker/config/nginx/onlyoffice-proxy-ssl.conf ${BUILDTOOLS_PATH}/install/docker/config/nginx/onlyoffice-proxy-ssl.conf.template cp -rf ${BUILDTOOLS_PATH}/install/docker/config/nginx/onlyoffice-proxy.conf ${BUILDTOOLS_PATH}/install/docker/config/nginx/onlyoffice-proxy.conf.template + sed -i '/^\s*Name\s\+forward\s*/d; /^\s*Listen\s\+127\.0\.0\.1\s*/d; /^\s*Port\s\+24224\s*/d' ${BUILDTOOLS_PATH}/install/docker/config/fluent-bit.conf + sed -i '0,/\[INPUT\]/ s/\(\[INPUT\]\)/\1\n Name tail\n Path \/var\/log\/onlyoffice\/${PRODUCT}\/*.log\n Path_Key filename/' ${BUILDTOOLS_PATH}/install/docker/config/fluent-bit.conf for i in ${PRODUCT} $$(ls ${CURDIR}/debian/*.install | grep -oP 'debian/\K.*' | grep -o '^[^.]*'); do \ cp ${CURDIR}/debian/source/lintian-overrides ${CURDIR}/debian/$$i.lintian-overrides; \ diff --git a/install/rpm/SPECS/build.spec b/install/rpm/SPECS/build.spec index 1687caf000..08012cb81a 100644 --- a/install/rpm/SPECS/build.spec +++ b/install/rpm/SPECS/build.spec @@ -26,9 +26,12 @@ sed 's/teamlab.info/onlyoffice.com/g' -i config/autofac.consumers.json sed -e 's_etc/nginx_etc/openresty_g' -e 's/listen\s\+\([0-9]\+\);/listen 127.0.0.1:\1;/g' -i config/nginx/*.conf sed -i "s#\$public_root#/var/www/%{product}/public/#g" config/nginx/onlyoffice.conf +sed -E 's_(http://)[^:]+(:5601)_\1localhost\2_g' -i config/nginx/onlyoffice.conf sed -e 's/$router_host/127.0.0.1/g' -e 's/this_host\|proxy_x_forwarded_host/host/g' -e 's/proxy_x_forwarded_proto/scheme/g' -e 's/proxy_x_forwarded_port/server_port/g' -e 's_includes_/etc/openresty/includes_g' -i install/docker/config/nginx/onlyoffice-proxy*.conf sed -e '/.pid/d' -e '/temp_path/d' -e 's_etc/nginx_etc/openresty_g' -e 's/\.log/-openresty.log/g' -i install/docker/config/nginx/templates/nginx.conf.template sed -i "s_\(.*root\).*;_\1 \"/var/www/%{product}\";_g" -i install/docker/config/nginx/letsencrypt.conf +sed -i '/^\s*Name\s\+forward\s*$/d; /^\s*Listen\s\+127\.0\.0\.1\s*$/d; /^\s*Port\s\+24224\s*$/d' -i install/docker/config/fluent-bit.conf +sed -i "0,/\[INPUT\]/ s/\(\[INPUT\]\)/\1\n Name tail\n Path \/var\/log\/onlyoffice\/%{product}\/*.log\n Path_Key filename/" -i install/docker/config/fluent-bit.conf find %{_builddir}/server/publish/ \ %{_builddir}/server/ASC.Migration.Runner \ diff --git a/install/rpm/SPECS/install.spec b/install/rpm/SPECS/install.spec index 90aebd925e..e9a53680b1 100644 --- a/install/rpm/SPECS/install.spec +++ b/install/rpm/SPECS/install.spec @@ -35,6 +35,7 @@ mkdir -p "%{buildroot}%{_sysconfdir}/openresty/html/" mkdir -p "%{buildroot}%{_sysconfdir}/onlyoffice/%{product}/openresty" mkdir -p "%{buildroot}%{_sysconfdir}/onlyoffice/%{product}/.private/" mkdir -p "%{buildroot}%{_sysconfdir}/logrotate.d" +mkdir -p "%{buildroot}%{_sysconfdir}/fluent-bit/" mkdir -p "%{buildroot}%{_docdir}/%{name}-%{version}-%{release}/" mkdir -p "%{buildroot}%{_bindir}/" cp -rf %{_builddir}/publish/web/public/* "%{buildroot}%{buildpath}/public/" @@ -75,3 +76,4 @@ cp -rf %{_builddir}/buildtools/config/nginx/onlyoffice*.conf "%{buildroot}%{_sys cp -rf %{_builddir}/buildtools/config/nginx/includes/onlyoffice*.conf "%{buildroot}%{_sysconfdir}/openresty/includes/" cp -rf %{_builddir}/buildtools/config/nginx/html/*.html "%{buildroot}%{_sysconfdir}/openresty/html/" cp -rf %{_builddir}/buildtools/config/* "%{buildroot}%{_sysconfdir}/onlyoffice/%{product}/" +cp -rf %{_builddir}/buildtools/install/docker/config/fluent-bit.conf "%{buildroot}%{_sysconfdir}/onlyoffice/%{product}/"