Compare commits
109 Commits
feature/op
...
master
Author | SHA1 | Date | |
---|---|---|---|
bf0ef9e17d | |||
|
013a497dab | ||
f795f619bc | |||
9cc902be7e | |||
71afb4bc3a | |||
|
75d3548bc7 | ||
|
1b1be72fdd | ||
339a2cc1c9 | |||
fd3517fc8e | |||
8cd68c2cfa | |||
6f069fe4d1 | |||
c2a3b46e12 | |||
7bf4b77ec3 | |||
|
a400806726 | ||
c9488e3e1a | |||
2debedcfba | |||
c09704c3d3 | |||
520681d8d6 | |||
|
7d4dd0da2b | ||
ef67bae358 | |||
ac25dc567f | |||
83921a7f85 | |||
4cbb9f028c | |||
9c85615a6c | |||
633f0de3d1 | |||
d780bd1386 | |||
1892c1187a | |||
ea968a82eb | |||
044eb04161 | |||
94113da1ec | |||
16abb17842 | |||
3c6249de92 | |||
5d9a492c06 | |||
72cc435c5d | |||
0a72fbc828 | |||
2785f092ce | |||
5a855991d6 | |||
74a849ec92 | |||
58867e72a8 | |||
1c3907df34 | |||
54c3496a7f | |||
955267377e | |||
1b020f3441 | |||
274ede0fdc | |||
74b16879b0 | |||
b7f87ae77b | |||
2a6fd1449f | |||
2bf24478ed | |||
0025ee6867 | |||
|
7cb9f577d9 | ||
000a444f44 | |||
|
570dc223e8 | ||
509ec61a55 | |||
30fd1f860d | |||
87aad9f6cc | |||
aa24ca32d0 | |||
d98874e182 | |||
c64b815fe2 | |||
86dbea14fd | |||
124c6be56e | |||
1e4d844f69 | |||
d41b7c1e03 | |||
55c9099d04 | |||
84ef92a4ee | |||
5014429c2b | |||
f18536b61e | |||
fb3b14522f | |||
a6b2bb16a0 | |||
10e43f0434 | |||
6ab1d625c7 | |||
0af8141025 | |||
a127774c46 | |||
5477124545 | |||
f1c8bcec80 | |||
feb177ba2b | |||
77381293c4 | |||
be47784a61 | |||
a7abb2d726 | |||
13e3142002 | |||
21d82d66e4 | |||
6be8859d0f | |||
fb3f85f2a2 | |||
d974083434 | |||
17151eabc8 | |||
b709f41fa0 | |||
7ddedd6f0f | |||
b295eca7ab | |||
ae896c9d9c | |||
a97f2fc140 | |||
9f5f57dc4f | |||
4fe602cc7b | |||
7518c63e66 | |||
701d55d40a | |||
f75662822c | |||
fce6429cc3 | |||
5570c5d52d | |||
0d35d073cb | |||
0f5611eeb2 | |||
a2f371d197 | |||
|
37cd9e6f1c | ||
80b0d3ffd6 | |||
a470d14c0c | |||
e14d215876 | |||
d26240d090 | |||
e6f5c0fd6c | |||
786a5e74dd | |||
e050c81861 | |||
3c49230199 | |||
|
d9f308fdcf |
89
.github/scripts/release-docspace.sh
vendored
Executable file
89
.github/scripts/release-docspace.sh
vendored
Executable file
@ -0,0 +1,89 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
set -e
|
||||
|
||||
function get_colors() {
|
||||
COLOR_BLUE=$'\e[34m'
|
||||
COLOR_GREEN=$'\e[32m'
|
||||
COLOR_RED=$'\e[31m'
|
||||
COLOR_RESET=$'\e[0m'
|
||||
COLOR_YELLOW=$'\e[33m'
|
||||
export COLOR_BLUE
|
||||
export COLOR_GREEN
|
||||
export COLOR_RED
|
||||
export COLOR_RESET
|
||||
export COLOR_YELLOW
|
||||
}
|
||||
|
||||
function release_service() {
|
||||
|
||||
# ex. service_source_tag=onlyoffice/4testing-docspace-service-name:2.5.1.1473
|
||||
local service_source_tag=${1}
|
||||
|
||||
echo ${service_source_tag}
|
||||
|
||||
# ex. service_release_tag=onlyoffice/docspace-service-name:2.5.1.1
|
||||
# NOTE: latest tag also will be updated
|
||||
local service_release_tag
|
||||
service_release_tag=$(echo ${service_source_tag%:*} | sed 's/4testing-//')
|
||||
|
||||
# If specifyed tag look like 2.5.1.1 it will release like 3 different tags: 2.5.1 2.5.1.1 latest
|
||||
# Make new image manigest and push it to stable images repository
|
||||
|
||||
docker buildx imagetools create --tag ${service_release_tag}:${RELEASE_VERSION%.*} \
|
||||
--tag ${service_release_tag}:${RELEASE_VERSION} \
|
||||
--tag ${service_release_tag}:latest \
|
||||
${service_source_tag} || local STATUS=$?
|
||||
|
||||
# Make alert
|
||||
if [[ ! ${STATUS} ]]; then
|
||||
RELEASED_SERVICES+=("${service_release_tag}")
|
||||
else
|
||||
UNRELEASED_SERVICES+=("${service_release_tag}")
|
||||
fi
|
||||
}
|
||||
|
||||
function main() {
|
||||
# Import all colors
|
||||
get_colors
|
||||
|
||||
# Make released|unreleased array
|
||||
RELEASED_SERVICES=()
|
||||
UNRELEASED_SERVICES=()
|
||||
|
||||
# REPO mean hub.docker repo owner ex. onlyoffice
|
||||
: "${REPO:?Should be set}"
|
||||
|
||||
# DOCKER_TAG mean tag from 4testing ex. 2.6.1.3123
|
||||
: "${DOCKER_TAG:?Should be set}"
|
||||
|
||||
# RELEASED_VERSION mean tag for stable repo 2.6.1.1
|
||||
: "${RELEASE_VERSION:?Should be set}"
|
||||
|
||||
# DOCKER_IMAGE_PREFIX mean tag prefix ex. 4testing-docspace
|
||||
: "${DOCKER_IMAGE_PREFIX:?Should be set}"
|
||||
|
||||
cd ${GITHUB_WORKSPACE}/install/docker
|
||||
|
||||
SERVICES=($(docker buildx bake -f build.yml --print | jq -r '.target | .[] | .tags[]'))
|
||||
echo ${SERVICES[@]}
|
||||
for service in ${SERVICES[@]}; do
|
||||
release_service ${service}
|
||||
done
|
||||
|
||||
# Output Result
|
||||
echo "Released services"
|
||||
for service in ${RELEASED_SERVICES[@]}; do
|
||||
echo "${COLOR_GREEN}${service}${COLOR_RESET}"
|
||||
done
|
||||
|
||||
# PANIC IF SOME SERVICE WASNT RELEASE
|
||||
if [[ -n ${UNRELEASED_SERVICES} ]]; then
|
||||
for service in ${UNRELEASED_SERVICES[@]}; do
|
||||
echo "${COLOR_RED}PANIC: Service ${service} wasn't relese!${COLOR_RED}"
|
||||
done
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
|
||||
main
|
68
.github/workflows/ci-oci-docker-install.yml
vendored
Normal file
68
.github/workflows/ci-oci-docker-install.yml
vendored
Normal file
@ -0,0 +1,68 @@
|
||||
name: Install OneClickInstall Docker
|
||||
|
||||
on:
|
||||
pull_request:
|
||||
types: [opened, reopened, synchronize]
|
||||
paths:
|
||||
- '.github/workflows/ci-oci-docker-install.yml'
|
||||
- 'install/OneClickInstall/install-Docker.sh'
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
script-branch:
|
||||
description: 'Branch for OCI script docker'
|
||||
required: true
|
||||
type: string
|
||||
default: master
|
||||
|
||||
jobs:
|
||||
Install-OneClickInstall-Docker:
|
||||
runs-on: ubuntu-22.04
|
||||
steps:
|
||||
- name: Test OCI docker scripts
|
||||
run: |
|
||||
sudo docker image prune --all --force
|
||||
|
||||
BRANCH_NAME=$(
|
||||
case "${{ github.event_name }}" in
|
||||
pull_request) echo "${{ github.event.pull_request.head.ref }}";;
|
||||
workflow_dispatch) echo "${{ github.event.inputs.script-branch }}";;
|
||||
push) echo "${GITHUB_REF#refs/heads/}";;
|
||||
esac
|
||||
)
|
||||
|
||||
wget https://download.onlyoffice.com/docspace/docspace-install.sh
|
||||
sed '/bash install-Docker.sh/i sed -i "1i set -x" install-Docker.sh' -i docspace-install.sh
|
||||
sudo bash docspace-install.sh docker -skiphc true -noni true $([ $BRANCH_NAME != "master" ] && echo "-gb $BRANCH_NAME -s 4testing-") || exit $?
|
||||
|
||||
echo -n "Waiting for all containers to start..."
|
||||
timeout 300 bash -c 'while docker ps | grep -q "starting"; do sleep 5; done' && echo "OK" || echo "container_status=timeout" >> $GITHUB_ENV
|
||||
|
||||
- name: Check container status
|
||||
run: |
|
||||
docker ps --all --format "{{.Names}}" | xargs -I {} sh -c '
|
||||
status=$(docker inspect --format="{{if .State.Health}}{{.State.Health.Status}}{{else}}no healthcheck{{end}}" {});
|
||||
case "$status" in
|
||||
healthy) color="\033[0;32m" ;; # green
|
||||
"no healthcheck") color="\033[0;33m" ;; # yellow
|
||||
*) color="\033[0;31m"; echo "container_status=red" >> $GITHUB_ENV ;; # red
|
||||
esac;
|
||||
printf "%-30s ${color}%s\033[0m\n" "{}:" "$status";
|
||||
'
|
||||
|
||||
- name: Print logs for crashed container
|
||||
run: |
|
||||
docker ps --all --format "{{.Names}}" | xargs -I {} sh -c '
|
||||
status=$(docker inspect --format="{{if .State.Health}}{{.State.Health.Status}}{{else}}no healthcheck{{end}}" {});
|
||||
case "$status" in
|
||||
healthy | "no healthcheck") ;;
|
||||
*)
|
||||
echo "Logs for container {}:";
|
||||
docker logs --tail 30 {} | sed "s/^/\t/g";
|
||||
;;
|
||||
esac;
|
||||
'
|
||||
case "${{ env.container_status }}" in
|
||||
timeout) echo "Timeout reached. Not all containers are running."; exit 1 ;;
|
||||
red) echo "One or more containers have status 'red'. Job will fail."; exit 1 ;;
|
||||
esac
|
||||
|
4
.github/workflows/ci-oci-install.yml
vendored
4
.github/workflows/ci-oci-install.yml
vendored
@ -109,7 +109,7 @@ jobs:
|
||||
uses: nick-fields/retry@v3
|
||||
with:
|
||||
max_attempts: 2
|
||||
timeout_minutes: 40
|
||||
timeout_minutes: 80
|
||||
retry_on: error
|
||||
command: |
|
||||
set -eux
|
||||
@ -133,7 +133,7 @@ jobs:
|
||||
uses: nick-fields/retry@v3
|
||||
with:
|
||||
max_attempts: 2
|
||||
timeout_minutes: 40
|
||||
timeout_minutes: 80
|
||||
retry_on: error
|
||||
command: |
|
||||
set -eux
|
||||
|
75
.github/workflows/oci-release.yml
vendored
Normal file
75
.github/workflows/oci-release.yml
vendored
Normal file
@ -0,0 +1,75 @@
|
||||
name: Upload OneСlickInstall scripts on S3
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- master
|
||||
paths:
|
||||
- 'install/docker/*.yml'
|
||||
- 'install/docker/*.env'
|
||||
- 'install/docker/config/**'
|
||||
- 'install/OneClickInstall/**'
|
||||
workflow_dispatch:
|
||||
|
||||
env:
|
||||
PRODUCT: docspace
|
||||
|
||||
jobs:
|
||||
release:
|
||||
name: Scripts release
|
||||
runs-on: ubuntu-latest
|
||||
env:
|
||||
DOCKER_DIR: "${{ github.workspace }}/install/docker"
|
||||
SCRIPT_DIR: "${{ github.workspace }}/install/OneClickInstall"
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Creating an enterprise script
|
||||
run: |
|
||||
cp ${{ env.SCRIPT_DIR }}/${{ env.PRODUCT }}-install.sh ${{ env.SCRIPT_DIR }}/${{ env.PRODUCT }}-enterprise-install.sh
|
||||
sed -i 's/\(PARAMETERS -it\).*";/\1 ENTERPRISE";/' ${{ env.SCRIPT_DIR }}/${{ env.PRODUCT }}-enterprise-install.sh
|
||||
|
||||
- name: Create Docker Tarball
|
||||
run: |
|
||||
cd ${{ env.DOCKER_DIR }}
|
||||
tar -czvf ${{ env.SCRIPT_DIR }}/docker.tar.gz --exclude='config/supervisor*' *.yml .env config/
|
||||
|
||||
- name: Configure AWS Credentials
|
||||
uses: aws-actions/configure-aws-credentials@v1
|
||||
with:
|
||||
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_OCI }}
|
||||
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_OCI }}
|
||||
aws-region: us-east-1
|
||||
|
||||
- name: Upload scripts
|
||||
run: |
|
||||
cd ${{ env.SCRIPT_DIR }}
|
||||
aws s3 cp . ${{ secrets.AWS_BUCKET_URL_OCI }}/ \
|
||||
--recursive \
|
||||
--acl public-read \
|
||||
--content-type application/x-sh \
|
||||
--metadata-directive REPLACE \
|
||||
--exclude '*' \
|
||||
--include="${{ env.PRODUCT }}-install.sh" \
|
||||
--include="${{ env.PRODUCT }}-enterprise-install.sh" \
|
||||
--include="install-RedHat.sh" \
|
||||
--include="install-RedHat/*" \
|
||||
--include="install-Debian.sh" \
|
||||
--include="install-Debian/*" \
|
||||
--include="install-Docker.sh" \
|
||||
--include="docker.tar.gz"
|
||||
|
||||
- name: Invalidate AWS CloudFront cache
|
||||
run: |
|
||||
aws cloudfront create-invalidation \
|
||||
--distribution-id ${{ secrets.AWS_DISTRIBUTION_ID_OCI }} \
|
||||
--paths \
|
||||
"/${{ env.PRODUCT }}/${{ env.PRODUCT }}-install.sh" \
|
||||
"/${{ env.PRODUCT }}/${{ env.PRODUCT }}-enterprise-install.sh" \
|
||||
"/${{ env.PRODUCT }}/install-RedHat.sh" \
|
||||
"/${{ env.PRODUCT }}/install-RedHat/*" \
|
||||
"/${{ env.PRODUCT }}/install-Debian.sh" \
|
||||
"/${{ env.PRODUCT }}/install-Debian/*" \
|
||||
"/${{ env.PRODUCT }}/install-Docker.sh" \
|
||||
"/${{ env.PRODUCT }}/docker.tar.gz"
|
31
.github/workflows/release-docspace.yaml
vendored
Normal file
31
.github/workflows/release-docspace.yaml
vendored
Normal file
@ -0,0 +1,31 @@
|
||||
name: Release DocSpace
|
||||
|
||||
run-name: "Release Docker-DocSpace ${{ github.event.inputs.release_version }}"
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
repo:
|
||||
description: 'hub.docker repo owner (ex. onlyoffice)'
|
||||
type: string
|
||||
required: true
|
||||
default: 'onlyoffice'
|
||||
release_version:
|
||||
type: string
|
||||
description: 'Tag for stable release (ex. 2.5.1.1)'
|
||||
required: true
|
||||
source_version:
|
||||
type: string
|
||||
description: '4testing tag from which the release will be created (ex. 2.5.1.2678)'
|
||||
required: true
|
||||
|
||||
jobs:
|
||||
docker-release:
|
||||
uses: ONLYOFFICE/DocSpace-buildtools/.github/workflows/reusable-docspace-release.yaml@master
|
||||
with:
|
||||
repo: ${{ github.event.inputs.repo }}
|
||||
release_version: ${{ github.event.inputs.release_version }}
|
||||
source_version: ${{ github.event.inputs.source_version }}
|
||||
secrets:
|
||||
docker-username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||||
docker-usertoken: ${{ secrets.DOCKERHUB_TOKEN }}
|
49
.github/workflows/reusable-docspace-release.yaml
vendored
Normal file
49
.github/workflows/reusable-docspace-release.yaml
vendored
Normal file
@ -0,0 +1,49 @@
|
||||
name: "<reusable> release Docker-DocSpace"
|
||||
|
||||
on:
|
||||
workflow_call:
|
||||
inputs:
|
||||
repo:
|
||||
type: string
|
||||
required: true
|
||||
description: 'hub.docker repo owner (ex. onlyoffice)'
|
||||
release_version:
|
||||
type: string
|
||||
required: true
|
||||
description: 'Tag for stable release (ex. 1.0.0.1)'
|
||||
source_version:
|
||||
type: string
|
||||
required: true
|
||||
description: '4testing tag from which the release will be created (ex. 2.5.1.5678)'
|
||||
secrets:
|
||||
docker-username:
|
||||
required: true
|
||||
description: "hub.docker username"
|
||||
docker-usertoken:
|
||||
description: "hub.docker token"
|
||||
required: true
|
||||
|
||||
jobs:
|
||||
Release:
|
||||
name: "Release Docker-DocSpace"
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
with:
|
||||
repository: 'ONLYOFFICE/DocSpace-buildtools'
|
||||
|
||||
- name: Login to DockerHub
|
||||
uses: docker/login-action@v3
|
||||
with:
|
||||
username: ${{ secrets.docker-username }}
|
||||
password: ${{ secrets.docker-usertoken }}
|
||||
|
||||
- name: "Release Docker-DocSpace"
|
||||
shell: bash
|
||||
env:
|
||||
REPO: ${{ inputs.repo }}
|
||||
DOCKER_TAG: ${{ inputs.source_version }}
|
||||
RELEASE_VERSION: ${{ inputs.release_version }}
|
||||
DOCKER_IMAGE_PREFIX: "4testing-docspace"
|
||||
run: |
|
||||
${GITHUB_WORKSPACE}/.github/scripts/release-docspace.sh
|
@ -188,7 +188,8 @@ os.environ["SRC_PATH"] = os.path.join(dir, "publish/services")
|
||||
os.environ["DATA_DIR"] = os.path.join(dir, "data")
|
||||
os.environ["APP_URL_PORTAL"] = portal_url
|
||||
os.environ["MIGRATION_TYPE"] = migration_type
|
||||
subprocess.run(["docker-compose", "-f", os.path.join(dockerDir, "docspace.profiles.yml"), "-f", os.path.join(dockerDir, "docspace.overcome.yml"), "--profile", "migration-runner", "--profile", "backend-local", "up", "-d"])
|
||||
subprocess.run(["docker", "compose", "-f", os.path.join(dockerDir, "docspace.profiles.yml"), "-f", os.path.join(
|
||||
dockerDir, "docspace.overcome.yml"), "--profile", "migration-runner", "--profile", "backend-local", "up", "-d"])
|
||||
|
||||
print()
|
||||
print("Run script directory:", dir)
|
||||
|
@ -30,6 +30,9 @@
|
||||
"ios": ""
|
||||
}
|
||||
},
|
||||
"hcaptcha" : {
|
||||
"private-key" : ""
|
||||
},
|
||||
"auth" : {
|
||||
"allowskip" : {
|
||||
"default" : false,
|
||||
|
@ -71,7 +71,7 @@
|
||||
"files": {
|
||||
"thirdparty": { "enable": ["box", "dropboxv2", "docusign", "google", "onedrive", "nextcloud", "owncloud", "webdav", "kdrive" ] },
|
||||
"docservice": {
|
||||
"coauthor-docs": [ ".csv", ".docm", ".docx", ".docxf", ".dotm", ".dotx", ".oform", ".potm", ".potx", ".ppsm", ".pptm", ".ppsx", ".pptx", ".txt", ".xlsm", ".xlsx", ".xltm", ".xltx" ],
|
||||
"coauthor-docs": [ ".csv", ".docm", ".docx", ".docxf", ".dotm", ".dotx", ".oform", ".pdf", ".potm", ".potx", ".ppsm", ".pptm", ".ppsx", ".pptx", ".txt", ".xlsm", ".xlsx", ".xltm", ".xltx" ],
|
||||
"commented-docs": [ ".docm", ".docx", ".docxf", ".dotm", ".dotx", ".potm", ".potx", ".ppsm", ".pptm", ".ppsx", ".pptx", ".xlsm", ".xlsx", ".xltm", ".xltx" ],
|
||||
"convert-docs": [ ".doc", ".dot", ".dps", ".dpt", ".epub", ".et", ".ett", ".fb2", ".fodp", ".fods", ".fodt", ".htm", ".html", ".mht", ".mhtml", ".odp", ".ods", ".odt", ".otp", ".ots", ".ott", ".pot", ".pps", ".ppt", ".rtf", ".stw", ".sxc", ".sxi", ".sxw", ".wps", ".wpt", ".xls", ".xlsb", ".xlt", ".xml" ],
|
||||
"edited-docs": [ ".csv", ".doc", ".docm", ".docx", ".docxf", ".dot", ".dotm", ".dotx", ".dps", ".dpt", ".epub", ".et", ".ett", ".fb2", ".fodp", ".fods", ".fodt", ".htm", ".html", ".mht", ".mhtml", ".odp", ".ods", ".odt", ".oform", ".otp", ".ots", ".ott", ".pdf", ".pot", ".potm", ".potx", ".pps", ".ppsm", ".ppsx", ".ppt", ".pptm", ".pptx", ".rtf", ".stw", ".sxc", ".sxi", ".sxw", ".txt", ".wps", ".wpt", ".xls", ".xlsb", ".xlsm", ".xlsx", ".xlt", ".xltm", ".xltx", ".xml" ],
|
||||
@ -104,13 +104,14 @@
|
||||
"oform": {
|
||||
"domain": "https://cmsoforms.teamlab.info",
|
||||
"path": "/api/oforms/",
|
||||
"ext": ".oform",
|
||||
"ext": ".pdf",
|
||||
"upload": {
|
||||
"domain": "https://oforms.teamlab.info",
|
||||
"path": "/api/upload",
|
||||
"ext": ".docxf",
|
||||
"ext": ".pdf",
|
||||
"dashboard": "/dashboard/api"
|
||||
}
|
||||
},
|
||||
"signature": "ONLYOFFICEFORM"
|
||||
}
|
||||
},
|
||||
"web": {
|
||||
@ -127,7 +128,10 @@
|
||||
"url": "/socket.io",
|
||||
"internal": "http://localhost:9899/"
|
||||
},
|
||||
"cultures": "az,cs,de,en-GB,en-US,es,fr,it,lv,nl,pl,pt-BR,pt,ro,sk,sl,fi,vi,tr,el-GR,bg,ru,sr-Latn-RS,uk-UA,hy-AM,ar-SA,si,lo-LA,zh-CN,ja-JP,ko-KR",
|
||||
"cultures": "az,cs,de,en-GB,en-US,es,fr,it,lv,nl,pl,pt-BR,pt,ro,sk,sl,fi,vi,tr,el-GR,bg,ru,sr-Cyrl-RS,sr-Latn-RS,uk-UA,hy-AM,ar-SA,si,lo-LA,zh-CN,ja-JP,ko-KR",
|
||||
"logo": {
|
||||
"custom-cultures": ["zh-CN"]
|
||||
},
|
||||
"controlpanel": {
|
||||
"url": ""
|
||||
},
|
||||
@ -156,6 +160,10 @@
|
||||
"recaptcha": {
|
||||
"public-key": "",
|
||||
"private-key": ""
|
||||
},
|
||||
"hcaptcha" : {
|
||||
"public-key": "",
|
||||
"private-key": ""
|
||||
}
|
||||
},
|
||||
"ConnectionStrings": {
|
||||
@ -219,16 +227,8 @@
|
||||
"thumbnail": {
|
||||
"maxDegreeOfParallelism": 1,
|
||||
"sizes": [
|
||||
{ "height": 156, "width": 216 },
|
||||
{ "height": 156, "width": 240 },
|
||||
{ "height": 156, "width": 264 },
|
||||
{ "height": 156, "width": 288 },
|
||||
{ "height": 156, "width": 312 },
|
||||
{ "height": 156, "width": 336 },
|
||||
{ "height": 156, "width": 360 },
|
||||
{ "height": 156, "width": 400 },
|
||||
{ "height": 156, "width": 440 },
|
||||
{ "height": 720, "width": 1280, "resizeMode": "Max" }
|
||||
{ "height": 720, "width": 1280, "resizeMode": "Manual" },
|
||||
{ "height": 2160, "width": 3840, "resizeMode": "Manual" }
|
||||
]
|
||||
},
|
||||
"csp": {
|
||||
@ -257,6 +257,12 @@
|
||||
"oform": {
|
||||
"img": ["static-oforms.teamlab.info"],
|
||||
"connect": ["cmsoforms.teamlab.info", "oforms.teamlab.info"]
|
||||
},
|
||||
"captcha": {
|
||||
"script": ["*.google.com", "*.gstatic.com", "hcaptcha.com", "*.hcaptcha.com"],
|
||||
"style": ["hcaptcha.com", "*.hcaptcha.com"],
|
||||
"frame": ["*.google.com", "hcaptcha.com", "*.hcaptcha.com"],
|
||||
"connect": ["hcaptcha.com", "*.hcaptcha.com"]
|
||||
}
|
||||
},
|
||||
"logocolors": [
|
||||
@ -324,5 +330,9 @@
|
||||
"asc.files": "/openapi/asc.files/common.yaml",
|
||||
"asc.data.backup": "/openapi/asc.data.backup/common.yaml"
|
||||
}
|
||||
},
|
||||
"urlShortener":{
|
||||
"length": 15,
|
||||
"alphabet": "5XzpDt6wZRdsTrJkSY_cgPyxN4j-fnb9WKBF8vh3GH72QqmLVCM"
|
||||
}
|
||||
}
|
||||
|
@ -46,7 +46,7 @@ map $request_uri $cache_control {
|
||||
default "no-cache, no-store, no-transform";
|
||||
~*\/(filehandler\.ashx\?action=(thumb|preview))|\/(storage\/room_logos\/root\/.*\?hash.*|storage\/userPhotos\/root\/.*\?hash.*|storage\/whitelabel\/root\/.*\?hash.*|storage\/static_partnerdata\/root\/.*\?hash.*) "must-revalidate, no-transform, immutable, max-age=31536000";
|
||||
~*\/(api\/2\.0.*|storage|login\.ashx|filehandler\.ashx|ChunkedUploader.ashx|ThirdPartyAppHandler|apisystem|sh|remoteEntry\.js|debuginfo\.md|static\/scripts\/api\.js|static\/scripts\/sdk\/.*|static\/scripts\/api\.poly\.js) "no-cache, no-store, no-transform";
|
||||
~*\/(static\/images\/.*)|\.(js|woff|woff2|css)|(locales.*\.json) "must-revalidate, no-transform, immutable, max-age=31536000";
|
||||
~*\/(static\/images\/.*)|\/(_next\/public\/images\/.*)|\.(js|woff|woff2|css)|(locales.*\.json) "must-revalidate, no-transform, immutable, max-age=31536000";
|
||||
}
|
||||
|
||||
map $request_uri $content_security_policy {
|
||||
@ -102,7 +102,8 @@ server {
|
||||
set $csp "";
|
||||
access_by_lua '
|
||||
local accept_header = ngx.req.get_headers()["Accept"]
|
||||
if ngx.req.get_method() == "GET" and accept_header ~= nil and string.find(accept_header, "html") and not ngx.re.match(ngx.var.request_uri, "ds-vpath") then
|
||||
if ngx.req.get_method() == "GET" and accept_header ~= nil and string.find(accept_header, "html") and not ngx.re.match(ngx.var.request_uri, "ds-vpath|/api/") then
|
||||
|
||||
local key = string.format("csp:%s",ngx.var.host)
|
||||
local redis = require "resty.redis"
|
||||
local red = redis:new()
|
||||
@ -229,17 +230,9 @@ server {
|
||||
proxy_pass http://127.0.0.1:5011;
|
||||
proxy_redirect off;
|
||||
|
||||
location ~* /static/favicon.ico {
|
||||
try_files /$basename /index.html =404;
|
||||
}
|
||||
|
||||
location ~* /static/images/(.*)$ {
|
||||
location ~* /_next/public/images/(.*)$ {
|
||||
try_files /images/$1 /index.html =404;
|
||||
}
|
||||
|
||||
location ~* /static/css/ {
|
||||
try_files /css/$basename /index.html =404;
|
||||
}
|
||||
}
|
||||
|
||||
location /management {
|
||||
|
@ -13,10 +13,10 @@
|
||||
<variable name="name" value="web"/>
|
||||
|
||||
<targets async="true">
|
||||
<default-target-parameters type="File" maxArchiveDays="30" archiveNumbering="DateAndSequence" archiveEvery="Day" enableArchiveFileCompression="true" archiveAboveSize="52428800" archiveDateFormat="MM-dd" layout="${date:format=yyyy-MM-dd HH\:mm\:ss,fff} ${level:uppercase=true} [${threadid}] ${logger} - ${message} ${exception:format=ToString}"/>
|
||||
<default-target-parameters type="File" maxArchiveDays="30" archiveNumbering="DateAndSequence" archiveEvery="Day" enableArchiveFileCompression="true" archiveAboveSize="52428800" archiveDateFormat="MM-dd" layout="${date:format=yyyy-MM-dd HH\:mm\:ss,fff}|${level:uppercase=true}|[${threadid}]|${logger} - ${message}|${exception:format=ToString}"/>
|
||||
<target name="web" type="File" fileName="${var:dir}${var:name}.log" />
|
||||
<target name="sql" type="File" fileName="${var:dir}${var:name}.sql.log" layout="${date:universalTime=true:format=yyyy-MM-dd HH\:mm\:ss,fff}|${threadid}|${event-properties:item=elapsed}|${replace:inner=${event-properties:item=commandText}:searchFor=\\r\\n|\\s:replaceWith= :regex=true}|${event-properties:item=parameters}"/>
|
||||
<target name="ownFile-web" type="File" fileName="${var:dir}${var:name}.asp.log" layout="${longdate}|${event-properties:item=EventId_Id}|${uppercase:${level}}|${logger}|${message} ${exception:format=tostring}|url: ${aspnet-request-url}|action: ${aspnet-mvc-action}" />
|
||||
<target name="ownFile-web" type="File" fileName="${var:dir}${var:name}.asp.log" layout="${date:format=yyyy-MM-dd HH\:mm\:ss,fff}|${event-properties:item=EventId_Id}|${uppercase:${level}}|${logger}|${message} ${exception:format=tostring}|url: ${aspnet-request-url}|action: ${aspnet-mvc-action}" />
|
||||
<target name="lifetimeConsole" type="Console" layout="${MicrosoftConsoleLayout}" />
|
||||
|
||||
<target type="AWSTarget" name="aws" logGroup="/asc/docspace/cluster/cluster_name/general" region="us-east-1" LogStreamNamePrefix="${hostname} - ${application-context}">
|
||||
|
@ -87,7 +87,8 @@
|
||||
"type": "disc",
|
||||
"path": "$STORAGE_ROOT\\Studio\\{0}\\CoBranding",
|
||||
"virtualpath": "~/studio/{0}/cobranding",
|
||||
"public": true
|
||||
"public": true,
|
||||
"contentAsAttachment": true
|
||||
},
|
||||
{
|
||||
"name": "static_partnerdata",
|
||||
|
@ -156,27 +156,27 @@ fi
|
||||
|
||||
if [ "$DOCKER" == "true" ]; then
|
||||
if [ "$LOCAL_SCRIPTS" == "true" ]; then
|
||||
bash install-Docker.sh ${PARAMETERS}
|
||||
bash install-Docker.sh ${PARAMETERS} || EXIT_CODE=$?
|
||||
else
|
||||
curl -s -O ${DOWNLOAD_URL_PREFIX}/install-Docker.sh
|
||||
bash install-Docker.sh ${PARAMETERS}
|
||||
bash install-Docker.sh ${PARAMETERS} || EXIT_CODE=$?
|
||||
rm install-Docker.sh
|
||||
fi
|
||||
else
|
||||
if [ -f /etc/redhat-release ] ; then
|
||||
if [ "$LOCAL_SCRIPTS" == "true" ]; then
|
||||
bash install-RedHat.sh ${PARAMETERS}
|
||||
bash install-RedHat.sh ${PARAMETERS} || EXIT_CODE=$?
|
||||
else
|
||||
curl -s -O ${DOWNLOAD_URL_PREFIX}/install-RedHat.sh
|
||||
bash install-RedHat.sh ${PARAMETERS}
|
||||
bash install-RedHat.sh ${PARAMETERS} || EXIT_CODE=$?
|
||||
rm install-RedHat.sh
|
||||
fi
|
||||
elif [ -f /etc/debian_version ] ; then
|
||||
if [ "$LOCAL_SCRIPTS" == "true" ]; then
|
||||
bash install-Debian.sh ${PARAMETERS}
|
||||
bash install-Debian.sh ${PARAMETERS} || EXIT_CODE=$?
|
||||
else
|
||||
curl -s -O ${DOWNLOAD_URL_PREFIX}/install-Debian.sh
|
||||
bash install-Debian.sh ${PARAMETERS}
|
||||
bash install-Debian.sh ${PARAMETERS} || EXIT_CODE=$?
|
||||
rm install-Debian.sh
|
||||
fi
|
||||
else
|
||||
@ -184,3 +184,5 @@ else
|
||||
exit 1;
|
||||
fi
|
||||
fi
|
||||
|
||||
exit ${EXIT_CODE:-0}
|
||||
|
@ -85,8 +85,6 @@ elif [ "$UPDATE" = "true" ] && [ "$PRODUCT_INSTALLED" = "true" ]; then
|
||||
fi
|
||||
fi
|
||||
|
||||
hold_package_version dotnet-host opensearch redis-server rabbitmq-server opensearch-dashboards fluent-bit
|
||||
|
||||
if [ "$MAKESWAP" == "true" ]; then
|
||||
make_swap
|
||||
fi
|
||||
|
@ -10,6 +10,8 @@ cat<<EOF
|
||||
|
||||
EOF
|
||||
|
||||
hold_package_version
|
||||
|
||||
if [ "$DIST" = "debian" ] && [ $(apt-cache search ttf-mscorefonts-installer | wc -l) -eq 0 ]; then
|
||||
echo "deb http://ftp.uk.debian.org/debian/ $DISTRIB_CODENAME main contrib" >> /etc/apt/sources.list
|
||||
echo "deb-src http://ftp.uk.debian.org/debian/ $DISTRIB_CODENAME main contrib" >> /etc/apt/sources.list
|
||||
@ -33,13 +35,13 @@ locale-gen en_US.UTF-8
|
||||
|
||||
# add opensearch repo
|
||||
curl -o- https://artifacts.opensearch.org/publickeys/opensearch.pgp | gpg --dearmor --batch --yes -o /usr/share/keyrings/opensearch-keyring
|
||||
echo "deb [signed-by=/usr/share/keyrings/opensearch-keyring] https://artifacts.opensearch.org/releases/bundle/opensearch/2.x/apt stable main" >> /etc/apt/sources.list.d/opensearch-2.x.list
|
||||
echo "deb [signed-by=/usr/share/keyrings/opensearch-keyring] https://artifacts.opensearch.org/releases/bundle/opensearch/2.x/apt stable main" > /etc/apt/sources.list.d/opensearch-2.x.list
|
||||
ELASTIC_VERSION="2.11.1"
|
||||
|
||||
#add opensearch dashboards repo
|
||||
if [ ${INSTALL_FLUENT_BIT} == "true" ]; then
|
||||
curl -o- https://artifacts.opensearch.org/publickeys/opensearch.pgp | gpg --dearmor --batch --yes -o /usr/share/keyrings/opensearch-keyring
|
||||
echo "deb [signed-by=/usr/share/keyrings/opensearch-keyring] https://artifacts.opensearch.org/releases/bundle/opensearch-dashboards/2.x/apt stable main" >> /etc/apt/sources.list.d/opensearch-dashboards-2.x.list
|
||||
echo "deb [signed-by=/usr/share/keyrings/opensearch-keyring] https://artifacts.opensearch.org/releases/bundle/opensearch-dashboards/2.x/apt stable main" > /etc/apt/sources.list.d/opensearch-dashboards-2.x.list
|
||||
DASHBOARDS_VERSION="2.11.1"
|
||||
fi
|
||||
|
||||
@ -48,10 +50,12 @@ NODE_VERSION="18"
|
||||
curl -fsSL https://deb.nodesource.com/setup_${NODE_VERSION}.x | bash -
|
||||
|
||||
#add dotnet repo
|
||||
if [[ "$DISTRIB_CODENAME" != noble ]]; then
|
||||
if [ "$DIST" = "debian" ] || [ "$DISTRIB_CODENAME" = "focal" ]; then
|
||||
curl https://packages.microsoft.com/config/$DIST/$REV/packages-microsoft-prod.deb -O
|
||||
echo -e "Package: *\nPin: origin \"packages.microsoft.com\"\nPin-Priority: 1002" | tee /etc/apt/preferences.d/99microsoft-prod.pref
|
||||
dpkg -i packages-microsoft-prod.deb && rm packages-microsoft-prod.deb
|
||||
elif dpkg -l | grep -q packages-microsoft-prod; then
|
||||
apt-get purge -y packages-microsoft-prod
|
||||
fi
|
||||
|
||||
MYSQL_REPO_VERSION="$(curl https://repo.mysql.com | grep -oP 'mysql-apt-config_\K.*' | grep -o '^[^_]*' | sort --version-sort --field-separator=. | tail -n1)"
|
||||
|
@ -26,14 +26,23 @@ command_exists () {
|
||||
|
||||
# Function to prevent package auto-update
|
||||
hold_package_version() {
|
||||
for package in "$@"; do
|
||||
if command -v apt-mark >/dev/null 2>&1 &&
|
||||
dpkg -s "$package" >/dev/null 2>&1 &&
|
||||
! apt-mark showhold | grep -q "$package" >/dev/null 2>&1
|
||||
then
|
||||
apt-mark hold "$package"
|
||||
fi
|
||||
done
|
||||
packages=("dotnet-*" "aspnetcore-*" opensearch redis-server rabbitmq-server opensearch-dashboards fluent-bit)
|
||||
for package in "${packages[@]}"; do
|
||||
command -v apt-mark >/dev/null 2>&1 && apt-mark showhold | grep -q "^$package" && apt-mark unhold "$package"
|
||||
done
|
||||
|
||||
UNATTENDED_UPGRADES_FILE="/etc/apt/apt.conf.d/50unattended-upgrades"
|
||||
if [ -f ${UNATTENDED_UPGRADES_FILE} ] && grep -q "Package-Blacklist" ${UNATTENDED_UPGRADES_FILE}; then
|
||||
for package in "${packages[@]}"; do
|
||||
if ! grep -q "$package" ${UNATTENDED_UPGRADES_FILE}; then
|
||||
sed -i "/Package-Blacklist/a \\\t\"$package\";" ${UNATTENDED_UPGRADES_FILE}
|
||||
fi
|
||||
done
|
||||
|
||||
if systemctl list-units --type=service --state=running | grep -q "unattended-upgrades"; then
|
||||
systemctl restart unattended-upgrades
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
check_hardware () {
|
||||
|
@ -60,7 +60,7 @@ INSTALL_RABBITMQ="true";
|
||||
INSTALL_MYSQL_SERVER="true";
|
||||
INSTALL_DOCUMENT_SERVER="true";
|
||||
INSTALL_ELASTICSEARCH="true";
|
||||
INSTALL_FLUENT_BIT="false";
|
||||
INSTALL_FLUENT_BIT="true";
|
||||
INSTALL_PRODUCT="true";
|
||||
UPDATE="false";
|
||||
|
||||
@ -1324,41 +1324,32 @@ install_elasticsearch () {
|
||||
|
||||
install_fluent_bit () {
|
||||
if [ "$INSTALL_FLUENT_BIT" == "true" ]; then
|
||||
curl https://raw.githubusercontent.com/fluent/fluent-bit/master/install.sh | sh
|
||||
systemctl enable fluent-bit
|
||||
|
||||
if systemctl list-unit-files --type=service | grep -q "fluent-bit.service"; then
|
||||
sed -i "s/OPENSEARCH_SCHEME/$(get_env_parameter "ELK_SHEME")/g" "${BASE_DIR}/config/fluent-bit.conf"
|
||||
sed -i "s/OPENSEARCH_HOST/${ELK_HOST:-127.0.0.1}/g" "${BASE_DIR}/config/fluent-bit.conf"
|
||||
sed -i "s/OPENSEARCH_PORT/$(get_env_parameter "ELK_PORT")/g" ${BASE_DIR}/config/fluent-bit.conf
|
||||
sed -i "s/OPENSEARCH_INDEX/${OPENSEARCH_INDEX:-"${PACKAGE_SYSNAME}-fluent-bit"}/g" ${BASE_DIR}/config/fluent-bit.conf
|
||||
[ ! -z "${ELK_HOST}" ] && sed -i "s/ELK_CONTAINER_NAME/ELK_HOST/g" ${BASE_DIR}/dashboards.yml
|
||||
cp -rf ${BASE_DIR}/config/fluent-bit.conf /etc/fluent-bit/fluent-bit.conf
|
||||
systemctl restart fluent-bit
|
||||
|
||||
DOCKER_SYSTEMD_DIR="/etc/systemd/system/docker.service.d"
|
||||
if [ ! -f "${DOCKER_SYSTEMD_DIR}/fluent-after.conf" ]; then
|
||||
mkdir -p ${DOCKER_SYSTEMD_DIR}
|
||||
echo -e "[Unit]\n$(grep After= $(systemctl show -p FragmentPath docker.service | awk -F= '{print $2}')) fluent-bit.service" > "${DOCKER_SYSTEMD_DIR}/fluent-after.conf"
|
||||
systemctl daemon-reload
|
||||
if ! command_exists crontab; then
|
||||
if command_exists apt-get; then
|
||||
install_service crontab cron
|
||||
elif command_exists yum; then
|
||||
install_service crontab cronie
|
||||
fi
|
||||
|
||||
DOCKER_DAEMON_FILE="/etc/docker/daemon.json"
|
||||
if [[ ! -f "${DOCKER_DAEMON_FILE}" ]]; then
|
||||
echo "{\"log-driver\": \"fluentd\", \"log-opts\": { \"fluentd-address\": \"127.0.0.1:24224\" }}" > "${DOCKER_DAEMON_FILE}"
|
||||
systemctl restart docker
|
||||
elif ! grep -q "log-driver" ${DOCKER_DAEMON_FILE}; then
|
||||
sed -i 's!{!& "log-driver": "fluentd", "log-opts": { "fluentd-address": "127.0.0.1:24224" },!' "${DOCKER_DAEMON_FILE}"
|
||||
systemctl restart docker
|
||||
fi
|
||||
|
||||
reconfigure DASHBOARDS_USERNAME "${DASHBOARDS_USERNAME:-"onlyoffice"}"
|
||||
reconfigure DASHBOARDS_PASSWORD "${DASHBOARDS_PASSWORD:-$(get_random_str 20)}"
|
||||
|
||||
docker-compose -f ${BASE_DIR}/dashboards.yml up -d
|
||||
else
|
||||
echo "The installation of the fluent-bit service was unsuccessful."
|
||||
fi
|
||||
|
||||
[ ! -z "$ELK_HOST" ] && sed -i "s/ELK_CONTAINER_NAME/ELK_HOST/g" $BASE_DIR/fluent.yml ${BASE_DIR}/dashboards.yml
|
||||
|
||||
OPENSEARCH_INDEX="${OPENSEARCH_INDEX:-"${PACKAGE_SYSNAME}-fluent-bit"}"
|
||||
if crontab -l | grep -q "${OPENSEARCH_INDEX}"; then
|
||||
crontab < <(crontab -l | grep -v "${OPENSEARCH_INDEX}")
|
||||
fi
|
||||
(crontab -l 2>/dev/null; echo "0 0 */1 * * curl -s -X POST "$(get_env_parameter 'ELK_SHEME')"://${ELK_HOST:-127.0.0.1}:$(get_env_parameter 'ELK_PORT')/${OPENSEARCH_INDEX}/_delete_by_query -H 'Content-Type: application/json' -d '{\"query\": {\"range\": {\"@timestamp\": {\"lt\": \"now-30d\"}}}}'") | crontab -
|
||||
|
||||
sed -i "s/OPENSEARCH_HOST/${ELK_HOST:-"${PACKAGE_SYSNAME}-opensearch"}/g" "${BASE_DIR}/config/fluent-bit.conf"
|
||||
sed -i "s/OPENSEARCH_PORT/$(get_env_parameter "ELK_PORT")/g" ${BASE_DIR}/config/fluent-bit.conf
|
||||
sed -i "s/OPENSEARCH_INDEX/${OPENSEARCH_INDEX}/g" ${BASE_DIR}/config/fluent-bit.conf
|
||||
|
||||
reconfigure DASHBOARDS_USERNAME "${DASHBOARDS_USERNAME:-"${PACKAGE_SYSNAME}"}"
|
||||
reconfigure DASHBOARDS_PASSWORD "${DASHBOARDS_PASSWORD:-$(get_random_str 20)}"
|
||||
|
||||
docker-compose -f ${BASE_DIR}/fluent.yml -f ${BASE_DIR}/dashboards.yml up -d
|
||||
elif [ "$INSTALL_FLUENT_BIT" == "pull" ]; then
|
||||
docker-compose -f ${BASE_DIR}/fluent.yml -f ${BASE_DIR}/dashboards.yml pull
|
||||
fi
|
||||
}
|
||||
|
||||
|
@ -37,12 +37,9 @@ fi
|
||||
rpm -ivh https://rpms.remirepo.net/$REMI_DISTR_NAME/remi-release-$REV.rpm || true
|
||||
yum localinstall -y --nogpgcheck https://download1.rpmfusion.org/free/$RPMFUSION_DISTR_NAME/rpmfusion-free-release-$REV.noarch.rpm
|
||||
|
||||
[ "$REV" = "9" ] && update-crypto-policies --set DEFAULT:SHA1
|
||||
if [ "$DIST" == "centos" ]; then
|
||||
[ "$REV" = "9" ] && TESTING_REPO="--enablerepo=crb" || POWERTOOLS_REPO="--enablerepo=powertools"
|
||||
elif [ "$DIST" == "redhat" ]; then
|
||||
/usr/bin/crb enable
|
||||
fi
|
||||
[ "$REV" = "9" ] && update-crypto-policies --set DEFAULT:SHA1 && ${package_manager} -y install xorg-x11-font-utils
|
||||
[ "$DIST" = "centos" ] && TESTING_REPO="--enablerepo=$( [ "$REV" = "9" ] && echo "crb" || echo "powertools" )"
|
||||
[ "$DIST" = "redhat" ] && /usr/bin/crb enable
|
||||
|
||||
#add rabbitmq & erlang repo
|
||||
curl -s https://packagecloud.io/install/repositories/rabbitmq/rabbitmq-server/script.rpm.sh | bash
|
||||
|
@ -1,16 +0,0 @@
|
||||
/var/log/onlyoffice/docspace/*.log {
|
||||
daily
|
||||
missingok
|
||||
rotate 30
|
||||
compress
|
||||
dateext
|
||||
delaycompress
|
||||
notifempty
|
||||
nocreate
|
||||
sharedscripts
|
||||
postrotate
|
||||
if pgrep -x ""systemd"" >/dev/null; then
|
||||
systemctl restart docspace* > /dev/null
|
||||
fi
|
||||
endscript
|
||||
}
|
@ -26,7 +26,7 @@ APP_PORT="80"
|
||||
ELK_SHEME="http"
|
||||
ELK_HOST="localhost"
|
||||
ELK_PORT="9200"
|
||||
OPENSEARCH_INDEX="${PACKAGE_SYSNAME}-${PRODUCT}-logs"
|
||||
OPENSEARCH_INDEX="${PACKAGE_SYSNAME}-fluent-bit"
|
||||
|
||||
RABBITMQ_HOST="localhost"
|
||||
RABBITMQ_USER="guest"
|
||||
@ -548,10 +548,12 @@ setup_openresty(){
|
||||
done
|
||||
fi
|
||||
|
||||
if rpm -q "firewalld"; then
|
||||
firewall-cmd --permanent --zone=public --add-service=http
|
||||
firewall-cmd --permanent --zone=public --add-service=https
|
||||
systemctl restart firewalld.service
|
||||
if $PACKAGE_MANAGER firewalld >/dev/null 2>&1; then
|
||||
if [ $(systemctl is-active firewalld.service) == active ]; then
|
||||
firewall-cmd --permanent --zone=public --add-service=http
|
||||
firewall-cmd --permanent --zone=public --add-service=https
|
||||
systemctl restart firewalld.service
|
||||
fi
|
||||
fi
|
||||
elif [ "$DIST" = "Debian" ]; then
|
||||
if ! id "nginx" &>/dev/null; then
|
||||
|
@ -8,7 +8,8 @@ LETSENCRYPT="/etc/letsencrypt/live";
|
||||
OPENRESTY="/etc/openresty/conf.d"
|
||||
DHPARAM_FILE="/etc/ssl/certs/dhparam.pem"
|
||||
WEBROOT_PATH="/var/www/${PRODUCT}"
|
||||
SYSTEMD_DIR="/usr/lib/systemd/system"
|
||||
CONFIG_DIR="/etc/onlyoffice/${PRODUCT}"
|
||||
SYSTEMD_DIR=$(dirname $($(command -v dpkg-query &> /dev/null && echo "dpkg-query -L" || echo "rpm -ql") ${PRODUCT}-api | grep systemd/system/))
|
||||
|
||||
# Check if configuration files are present
|
||||
if [ ! -f "${OPENRESTY}/onlyoffice-proxy-ssl.conf.template" -a ! -f "${OPENRESTY}/onlyoffice-proxy.conf.template" ]; then
|
||||
@ -47,6 +48,8 @@ case $1 in
|
||||
DOMAIN=$2
|
||||
CERTIFICATE_FILE=$3
|
||||
PRIVATEKEY_FILE=$4
|
||||
|
||||
[[ $DOMAIN =~ ^([a-zA-Z0-9]([a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])?\.)+[a-zA-Z]{2,6}$ ]] || { echo "Error: domain name '$DOMAIN' is incorrect." >&2; exit 1; }
|
||||
else
|
||||
help
|
||||
fi
|
||||
@ -59,7 +62,7 @@ case $1 in
|
||||
sed "s!\(worker_connections\).*;!\1 $(ulimit -n);!" -i "${OPENRESTY}/onlyoffice-proxy.conf"
|
||||
[[ -f "${DIR}/${PRODUCT}-renew-letsencrypt" ]] && rm -rf "${DIR}/${PRODUCT}-renew-letsencrypt"
|
||||
[ $(pgrep -x ""systemd"" | wc -l) -gt 0 ] && systemctl reload openresty || service openresty reload
|
||||
|
||||
sed -i "s/\(\"portal\":\).*/\1 \"http:\/\/localhost:80\"/" ${CONFIG_DIR}/appsettings.$(grep -oP 'ENVIRONMENT=\K.*' ${SYSTEMD_DIR}/${PRODUCT}-api.service).json
|
||||
SYSTEMD_NODE_FILES=$(grep -l "NODE_EXTRA_CA_CERTS" ${SYSTEMD_DIR}/${PRODUCT}-*.service ${SYSTEMD_DIR}/ds-*.service || true)
|
||||
if [ -n "$SYSTEMD_NODE_FILES" ]; then
|
||||
sed -i '/NODE_EXTRA_CA_CERTS/d' ${SYSTEMD_NODE_FILES}
|
||||
@ -91,8 +94,8 @@ case $1 in
|
||||
echo "Generating Let's Encrypt SSL Certificates..."
|
||||
|
||||
# Request and generate Let's Encrypt SSL certificate
|
||||
echo certbot certonly --expand --webroot -w ${WEBROOT_PATH} --cert-name ${PRODUCT} --noninteractive --agree-tos --email ${MAIL} -d ${DOMAINS[@]} > /var/log/le-start.log
|
||||
certbot certonly --expand --webroot -w ${WEBROOT_PATH} --cert-name ${PRODUCT} --noninteractive --agree-tos --email ${MAIL} -d ${DOMAINS[@]} > /var/log/le-new.log
|
||||
echo certbot certonly --expand --webroot -w ${WEBROOT_PATH} --key-type rsa --cert-name ${PRODUCT} --noninteractive --agree-tos --email ${MAIL} -d ${DOMAINS[@]} > /var/log/le-start.log
|
||||
certbot certonly --expand --webroot -w ${WEBROOT_PATH} --key-type rsa --cert-name ${PRODUCT} --noninteractive --agree-tos --email ${MAIL} -d ${DOMAINS[@]} > /var/log/le-new.log
|
||||
else
|
||||
help
|
||||
fi
|
||||
@ -106,10 +109,7 @@ PRIVATEKEY_FILE="${PRIVATEKEY_FILE:-"${LETSENCRYPT}/${PRODUCT}/privkey.pem"}"
|
||||
if [ -f "${CERTIFICATE_FILE}" ]; then
|
||||
if [ -f "${PRIVATEKEY_FILE}" ]; then
|
||||
cp -f ${OPENRESTY}/onlyoffice-proxy-ssl.conf.template ${OPENRESTY}/onlyoffice-proxy.conf
|
||||
|
||||
PACKAGE_FILE_CHECKER=$(command -v dpkg-query &> /dev/null && echo "dpkg-query -L" || echo "rpm -ql")
|
||||
ENVIRONMENT=$(grep -oP 'ENVIRONMENT=\K.*' $(dirname $(${PACKAGE_FILE_CHECKER} ${PRODUCT}-api | grep systemd/system/))/${PRODUCT}-api.service)
|
||||
sed -i "s/\(\"portal\":\).*/\1 \"https:\/\/${DOMAIN}\"/" /etc/onlyoffice/docspace/appsettings.$ENVIRONMENT.json
|
||||
sed -i "s/\(\"portal\":\).*/\1 \"https:\/\/${DOMAIN}\"/" ${CONFIG_DIR}/appsettings.$(grep -oP 'ENVIRONMENT=\K.*' ${SYSTEMD_DIR}/${PRODUCT}-api.service).json
|
||||
sed -i "s~\(ssl_certificate \).*;~\1${CERTIFICATE_FILE};~g" ${OPENRESTY}/onlyoffice-proxy.conf
|
||||
sed -i "s~\(ssl_certificate_key \).*;~\1${PRIVATEKEY_FILE};~g" ${OPENRESTY}/onlyoffice-proxy.conf
|
||||
sed -i "s~\(ssl_dhparam \).*;~\1${DHPARAM_FILE};~g" ${OPENRESTY}/onlyoffice-proxy.conf
|
||||
|
@ -11,7 +11,7 @@ Multi-Arch: foreign
|
||||
Package: {{product}}
|
||||
Architecture: all
|
||||
Multi-Arch: foreign
|
||||
Depends: debconf,
|
||||
Depends: debconf, openssl,
|
||||
${misc:Depends}, ${shlibs:Depends},
|
||||
{{product}}-api (= {{package_header_tag_version}}),
|
||||
{{product}}-api-system (= {{package_header_tag_version}}),
|
||||
@ -40,7 +40,7 @@ Description: {{product}}
|
||||
Package: {{product}}-common
|
||||
Architecture: all
|
||||
Multi-Arch: foreign
|
||||
Depends: adduser, logrotate, ${misc:Depends}, ${shlibs:Depends}
|
||||
Depends: adduser, ${misc:Depends}, ${shlibs:Depends}
|
||||
Recommends: default-mysql-client
|
||||
Description: {{product}}-common
|
||||
A package containing configs and scripts
|
||||
|
@ -1,5 +1,4 @@
|
||||
debian/build/buildtools/config/*.json etc/onlyoffice/{{product}}
|
||||
debian/build/buildtools/config/*.config etc/onlyoffice/{{product}}
|
||||
debian/build/buildtools/install/common/{{product}}-configuration usr/bin
|
||||
debian/build/buildtools/install/common/logrotate/{{product}}-common etc/logrotate.d
|
||||
debian/build/buildtools/install/docker/config/fluent-bit.conf etc/onlyoffice/{{product}}
|
||||
|
@ -79,13 +79,17 @@ override_dh_auto_build: check_archives
|
||||
sed -E 's_(http://)[^:]+(:5601)_\1localhost\2_g' -i ${BUILDTOOLS_PATH}/config/nginx/onlyoffice.conf
|
||||
sed 's/teamlab.info/onlyoffice.com/g' -i ${BUILDTOOLS_PATH}/config/autofac.consumers.json
|
||||
json -I -f ${CLENT_PATH}/public/scripts/config.json -e "this.wrongPortalNameUrl=\"\""
|
||||
sed -e 's/$$router_host/127.0.0.1/g' -e 's/this_host\|proxy_x_forwarded_host/host/g' -e 's/proxy_x_forwarded_proto/scheme/g' -e 's/proxy_x_forwarded_port/server_port/g' -e 's_includes_/etc/openresty/includes_g' -i ${BUILDTOOLS_PATH}/install/docker/config/nginx/onlyoffice-proxy*.conf
|
||||
sed -e 's/$$router_host/127.0.0.1/g' -e 's/this_host\|proxy_x_forwarded_host/host/g' -e 's/proxy_x_forwarded_proto/scheme/g' -e 's/proxy_x_forwarded_port/server_port/g' -e 's_includes_/etc/openresty/includes_g' -e '/quic\|alt-svc/Id' -i ${BUILDTOOLS_PATH}/install/docker/config/nginx/onlyoffice-proxy*.conf
|
||||
sed "s_\(.*root\).*;_\1 \"/var/www/${PRODUCT}\";_g" -i ${BUILDTOOLS_PATH}/install/docker/config/nginx/letsencrypt.conf
|
||||
sed -e '/.pid/d' -e '/temp_path/d' -e 's_etc/nginx_etc/openresty_g' -e 's/\.log/-openresty.log/g' -i ${BUILDTOOLS_PATH}/install/docker/config/nginx/templates/nginx.conf.template
|
||||
mv -f ${BUILDTOOLS_PATH}/install/docker/config/nginx/onlyoffice-proxy-ssl.conf ${BUILDTOOLS_PATH}/install/docker/config/nginx/onlyoffice-proxy-ssl.conf.template
|
||||
cp -rf ${BUILDTOOLS_PATH}/install/docker/config/nginx/onlyoffice-proxy.conf ${BUILDTOOLS_PATH}/install/docker/config/nginx/onlyoffice-proxy.conf.template
|
||||
sed -i '/^\s*Name\s\+forward\s*/d; /^\s*Listen\s\+127\.0\.0\.1\s*/d; /^\s*Port\s\+24224\s*/d' ${BUILDTOOLS_PATH}/install/docker/config/fluent-bit.conf
|
||||
sed -i '0,/\[INPUT\]/ s/\(\[INPUT\]\)/\1\n Name tail\n Path \/var\/log\/onlyoffice\/${PRODUCT}\/*.log\n Path_Key filename/' ${BUILDTOOLS_PATH}/install/docker/config/fluent-bit.conf
|
||||
sed -i "s#\(/var/log/onlyoffice/\)#\1${PRODUCT}/#" ${BUILDTOOLS_PATH}/install/docker/config/fluent-bit.conf
|
||||
sed -i '/^\[OUTPUT\]/i\[INPUT]' ${BUILDTOOLS_PATH}/install/docker/config/fluent-bit.conf
|
||||
sed -i '/^\[OUTPUT\]/i\ Name exec' ${BUILDTOOLS_PATH}/install/docker/config/fluent-bit.conf
|
||||
sed -i '/^\[OUTPUT\]/i\ Interval_Sec 86400' ${BUILDTOOLS_PATH}/install/docker/config/fluent-bit.conf
|
||||
sed -i '/^\[OUTPUT\]/i\ Command curl -s -X POST OPENSEARCH_SCHEME://OPENSEARCH_HOST:OPENSEARCH_PORT/OPENSEARCH_INDEX/_delete_by_query -H '\''Content-Type: application/json'\'' -d '\''{"query": {"range": {"@timestamp": {"lt": "now-30d"}}}}'\''' ${BUILDTOOLS_PATH}/install/docker/config/fluent-bit.conf
|
||||
sed -i '/^\[OUTPUT\]/i\\' ${BUILDTOOLS_PATH}/install/docker/config/fluent-bit.conf
|
||||
|
||||
for i in ${PRODUCT} $$(ls ${CURDIR}/debian/*.install | grep -oP 'debian/\K.*' | grep -o '^[^.]*'); do \
|
||||
cp ${CURDIR}/debian/source/lintian-overrides ${CURDIR}/debian/$$i.lintian-overrides; \
|
||||
|
@ -24,6 +24,8 @@
|
||||
DASHBOARDS_CONTAINER_NAME=${CONTAINER_PREFIX}opensearch-dashboards
|
||||
DASHBOARDS_USERNAME=onlyoffice
|
||||
DASHBOARDS_PASSWORD=onlyoffice
|
||||
FLUENT_BIT_VERSION=3.0.2
|
||||
FLUENT_BIT_CONTAINER_NAME=${CONTAINER_PREFIX}fluent-bit
|
||||
|
||||
# app service environment #
|
||||
ENV_EXTENSION=none
|
||||
|
@ -253,8 +253,8 @@ ENV LD_LIBRARY_PATH=/usr/local/lib:/usr/local/lib64
|
||||
WORKDIR ${BUILD_PATH}/products/ASC.Files/service/
|
||||
|
||||
RUN echo "deb http://security.ubuntu.com/ubuntu focal-security main" | tee /etc/apt/sources.list && \
|
||||
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 3B4FE6ACC0B21F32 && \
|
||||
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 871920D1991BC93C && \
|
||||
apt-key adv --keyserver keys.gnupg.net --recv-keys 3B4FE6ACC0B21F32 && \
|
||||
apt-key adv --keyserver keys.gnupg.net --recv-keys 871920D1991BC93C && \
|
||||
apt-get -y update && \
|
||||
apt-get install -yq libssl1.1 && \
|
||||
rm -rf /var/lib/apt/lists/*
|
||||
|
@ -1,33 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
set -e
|
||||
|
||||
PRODUCT="docspace"
|
||||
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
|
||||
DOCKERCOMPOSE=$(dirname "$DIR")
|
||||
|
||||
if [ -f "${DOCKERCOMPOSE}/docspace.yml" ]; then
|
||||
:
|
||||
elif [ -f "/app/onlyoffice/${PRODUCT}.yml" ]; then
|
||||
DOCKERCOMPOSE="/app/onlyoffice"
|
||||
else
|
||||
echo "Error: yml files not found." && exit 1
|
||||
fi
|
||||
|
||||
FILES=("${PRODUCT}" "notify" "healthchecks" "proxy" "ds" "rabbitmq" "redis" "opensearch" "dashboards" "db")
|
||||
|
||||
LOG_DIR="${DOCKERCOMPOSE}/logs"
|
||||
mkdir -p ${LOG_DIR}
|
||||
|
||||
echo "Creating ${PRODUCT} logs to a directory ${LOG_DIR}..."
|
||||
for FILE in "${FILES[@]}"; do
|
||||
SERVICE_NAMES=($(docker-compose -f ${DOCKERCOMPOSE}/${FILE}.yml config --services))
|
||||
for SERVICE_NAME in "${SERVICE_NAMES[@]}"; do
|
||||
if [[ $(docker-compose -f ${DOCKERCOMPOSE}/${FILE}.yml ps -q ${SERVICE_NAME} | wc -l) -eq 1 ]]; then
|
||||
docker-compose -f ${DOCKERCOMPOSE}/${FILE}.yml logs ${SERVICE_NAME} > ${LOG_DIR}/${SERVICE_NAME}.log
|
||||
else
|
||||
echo "The ${SERVICE_NAME} service is not running"
|
||||
fi
|
||||
done
|
||||
done
|
||||
echo "OK"
|
@ -72,12 +72,9 @@ case $1 in
|
||||
fi
|
||||
|
||||
if grep -q '${CERTIFICATE_PATH}:' ${DOCKERCOMPOSE}/docspace.yml; then
|
||||
sed -i '/${CERTIFICATE_PATH}:/d' ${DOCKERCOMPOSE}/docspace.yml
|
||||
docker-compose -f ${DOCKERCOMPOSE}/docspace.yml up --force-recreate -d onlyoffice-doceditor onlyoffice-login onlyoffice-socket onlyoffice-ssoauth
|
||||
fi
|
||||
|
||||
if grep -q 'USE_UNAUTHORIZED_STORAGE' ${DOCKERCOMPOSE}/ds.yml; then
|
||||
sed -i '/USE_UNAUTHORIZED_STORAGE/d' ${DOCKERCOMPOSE}/ds.yml
|
||||
sed -i '/${CERTIFICATE_PATH}:/d' ${DOCKERCOMPOSE}/docspace.yml ${DOCKERCOMPOSE}/ds.yml
|
||||
docker-compose -f ${DOCKERCOMPOSE}/docspace.yml up --force-recreate -d onlyoffice-doceditor onlyoffice-login onlyoffice-socket onlyoffice-ssoauth
|
||||
docker-compose -f ${DOCKERCOMPOSE}/ds.yml up --force-recreate -d
|
||||
fi
|
||||
|
||||
@ -112,7 +109,7 @@ case $1 in
|
||||
-v /var/log:/var/log \
|
||||
-v onlyoffice_webroot_path:${WEBROOT_PATH} \
|
||||
certbot/certbot certonly \
|
||||
--expand --webroot -w ${WEBROOT_PATH} \
|
||||
--expand --webroot -w ${WEBROOT_PATH} --key-type rsa \
|
||||
--cert-name ${PRODUCT} --non-interactive --agree-tos --email ${MAIL} -d ${DOMAINS[@]}
|
||||
else
|
||||
help
|
||||
@ -148,14 +145,14 @@ if [ -f "${CERTIFICATE_FILE}" ]; then
|
||||
echo -e "@weekly root ${DIR}/${PRODUCT}-renew-letsencrypt" | tee /etc/cron.d/${PRODUCT}-letsencrypt
|
||||
fi
|
||||
else
|
||||
CERTIFICATE_SUBJECT=$(openssl x509 -subject -noout -in "${CERTIFICATE_FILE}" | sed 's/subject=//')
|
||||
CERTIFICATE_ISSUER=$(openssl x509 -issuer -noout -in "${CERTIFICATE_FILE}" | sed 's/issuer=//')
|
||||
CERTIFICATE_SUBJECT=$(openssl x509 -subject -noout -in "${CERTIFICATE_FILE}" | sed -n 's/^.*CN *= *\([^,]*\).*$/\1/p' | awk -F. '{print $(NF-1)"."$NF}')
|
||||
CERTIFICATE_ISSUER=$(openssl x509 -issuer -noout -in "${CERTIFICATE_FILE}" | sed -n 's/^.*CN *= *\([^,]*\).*$/\1/p' | awk -F. '{print $(NF-1)"."$NF}')
|
||||
|
||||
#Checking whether the certificate is self-signed
|
||||
if [[ -n "$CERTIFICATE_SUBJECT" && -n "$CERTIFICATE_ISSUER" && "$CERTIFICATE_SUBJECT" == "$CERTIFICATE_ISSUER" ]]; then
|
||||
sed -i '/app_data:\/.*/a \ - ${CERTIFICATE_PATH}:${CERTIFICATE_PATH}' ${DOCKERCOMPOSE}/docspace.yml
|
||||
docker-compose -f ${DOCKERCOMPOSE}/docspace.yml up --force-recreate -d onlyoffice-doceditor onlyoffice-login onlyoffice-socket onlyoffice-ssoauth
|
||||
sed -i '/environment:/a \ - USE_UNAUTHORIZED_STORAGE=true' ${DOCKERCOMPOSE}/ds.yml
|
||||
sed -i '/app_data:\/.*/a \ - ${CERTIFICATE_PATH}:/var/www/onlyoffice/Data/certs/extra-ca-certs.pem' ${DOCKERCOMPOSE}/ds.yml
|
||||
docker-compose -f ${DOCKERCOMPOSE}/ds.yml up --force-recreate -d
|
||||
fi
|
||||
fi
|
||||
|
@ -4,14 +4,14 @@
|
||||
Daemon off
|
||||
|
||||
[INPUT]
|
||||
Name forward
|
||||
Listen 127.0.0.1
|
||||
Port 24224
|
||||
|
||||
[INPUT]
|
||||
Name exec
|
||||
Interval_Sec 86400
|
||||
Command curl -s -X POST 'OPENSEARCH_SCHEME://OPENSEARCH_HOST:OPENSEARCH_PORT/OPENSEARCH_INDEX/_delete_by_query' -H 'Content-Type: application/json' -d "{\"query\": {\"range\": {\"@timestamp\": {\"lt\": \"$(date -u -d '30 days ago' '+%Y-%m-%dT%H:%M:%S')\"}}}}"
|
||||
Name tail
|
||||
Path /var/log/onlyoffice/*.log, /var/log/onlyoffice/**/**/*.log
|
||||
Exclude_Path /var/log/onlyoffice/*.sql.log
|
||||
Path_Key filename
|
||||
Mem_Buf_Limit 500MB
|
||||
Refresh_Interval 60
|
||||
Ignore_Older 30d
|
||||
Skip_Empty_Lines true
|
||||
|
||||
[OUTPUT]
|
||||
Name opensearch
|
||||
@ -20,6 +20,7 @@
|
||||
Port OPENSEARCH_PORT
|
||||
Replace_Dots On
|
||||
Suppress_Type_Name On
|
||||
Compress gzip
|
||||
Time_Key @timestamp
|
||||
Type _doc
|
||||
Index OPENSEARCH_INDEX
|
||||
|
@ -7,6 +7,9 @@ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_hide_header 'Server';
|
||||
proxy_hide_header 'X-Powered-By';
|
||||
|
||||
access_log /var/log/nginx/access-proxy.log;
|
||||
error_log /var/log/nginx/error-proxy.log;
|
||||
|
||||
## HTTP host
|
||||
server {
|
||||
listen 0.0.0.0:80;
|
||||
@ -32,8 +35,14 @@ server {
|
||||
|
||||
## HTTPS host
|
||||
server {
|
||||
# Enable HTTP/2
|
||||
listen 0.0.0.0:443 ssl;
|
||||
listen [::]:443 ssl default_server;
|
||||
|
||||
# Enable QUIC and HTTP/3.
|
||||
listen 0.0.0.0:443 quic reuseport;
|
||||
listen [::]:443 quic reuseport;
|
||||
|
||||
root /usr/share/nginx/html;
|
||||
|
||||
client_max_body_size 4G;
|
||||
@ -48,7 +57,7 @@ server {
|
||||
|
||||
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
|
||||
|
||||
ssl_protocols TLSv1.2;
|
||||
ssl_protocols TLSv1.2 TLSv1.3;
|
||||
ssl_session_cache builtin:1000 shared:SSL:10m;
|
||||
|
||||
ssl_prefer_server_ciphers on;
|
||||
@ -56,6 +65,7 @@ server {
|
||||
add_header Strict-Transport-Security max-age=31536000;
|
||||
# add_header X-Frame-Options SAMEORIGIN;
|
||||
add_header X-Content-Type-Options nosniff;
|
||||
add_header alt-svc 'h3=":443"; ma=86400';
|
||||
|
||||
## [Optional] If your certficate has OCSP, enable OCSP stapling to reduce the overhead and latency of running SSL.
|
||||
## Replace with your ssl_trusted_certificate. For more info see:
|
||||
|
@ -7,6 +7,9 @@ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_hide_header 'Server';
|
||||
proxy_hide_header 'X-Powered-By';
|
||||
|
||||
access_log /var/log/nginx/access-proxy.log;
|
||||
error_log /var/log/nginx/error-proxy.log;
|
||||
|
||||
server {
|
||||
listen 0.0.0.0:80;
|
||||
listen [::]:80 default_server;
|
||||
|
@ -200,6 +200,7 @@ writeJsonFile(filePath, jsonData)
|
||||
|
||||
filePath = "/app/onlyoffice/config/appsettings.services.json"
|
||||
jsonData = openJsonFile(filePath)
|
||||
updateJsonData(jsonData,"$.logPath", LOG_DIR)
|
||||
updateJsonData(jsonData,"$.logLevel", LOG_LEVEL)
|
||||
writeJsonFile(filePath, jsonData)
|
||||
|
||||
|
@ -53,6 +53,7 @@ x-service: &x-service-base
|
||||
CERTIFICATE_PATH: ${CERTIFICATE_PATH}
|
||||
volumes:
|
||||
#- /app/onlyoffice/CommunityServer/data:/app/onlyoffice/data
|
||||
- log_data:/var/log/onlyoffice
|
||||
- app_data:/app/onlyoffice/data
|
||||
- files_data:/var/www/products/ASC.Files/server/
|
||||
- people_data:/var/www/products/ASC.People/server/
|
||||
@ -161,7 +162,7 @@ services:
|
||||
- "5013"
|
||||
healthcheck:
|
||||
<<: *x-healthcheck
|
||||
test: curl --fail http://${SERVICE_DOCEDITOR}/health || exit 1
|
||||
test: curl --fail http://${SERVICE_DOCEDITOR}/doceditor/health || exit 1
|
||||
|
||||
onlyoffice-login:
|
||||
<<: *x-service-base
|
||||
@ -171,7 +172,7 @@ services:
|
||||
- "5011"
|
||||
healthcheck:
|
||||
<<: *x-healthcheck
|
||||
test: curl --fail http://${SERVICE_LOGIN}/health || exit 1
|
||||
test: curl --fail http://${SERVICE_LOGIN}/login/health || exit 1
|
||||
|
||||
onlyoffice-router:
|
||||
image: "${REPO}/${DOCKER_IMAGE_PREFIX}-router:${DOCKER_TAG}"
|
||||
@ -227,7 +228,7 @@ services:
|
||||
- DASHBOARDS_USERNAME=${DASHBOARDS_USERNAME}
|
||||
- DASHBOARDS_PASSWORD=${DASHBOARDS_PASSWORD}
|
||||
volumes:
|
||||
- router_log:/var/log/nginx
|
||||
- log_data:/var/log/nginx
|
||||
|
||||
networks:
|
||||
default:
|
||||
@ -235,7 +236,7 @@ networks:
|
||||
external: true
|
||||
|
||||
volumes:
|
||||
router_log:
|
||||
log_data:
|
||||
app_data:
|
||||
files_data:
|
||||
people_data:
|
||||
|
@ -9,6 +9,7 @@ services:
|
||||
- JWT_HEADER=${DOCUMENT_SERVER_JWT_HEADER}
|
||||
- JWT_IN_BODY=true
|
||||
volumes:
|
||||
- log_data:/var/log/onlyoffice
|
||||
- app_data:/var/www/onlyoffice/Data
|
||||
expose:
|
||||
- '80'
|
||||
@ -22,4 +23,5 @@ networks:
|
||||
external: true
|
||||
|
||||
volumes:
|
||||
log_data:
|
||||
app_data:
|
||||
|
19
install/docker/fluent.yml
Normal file
19
install/docker/fluent.yml
Normal file
@ -0,0 +1,19 @@
|
||||
services:
|
||||
fluent-bit:
|
||||
image: fluent/fluent-bit:${FLUENT_BIT_VERSION}
|
||||
container_name: ${FLUENT_BIT_CONTAINER_NAME}
|
||||
restart: always
|
||||
environment:
|
||||
- HOST=${ELK_CONTAINER_NAME}
|
||||
- PORT=${ELK_PORT}
|
||||
volumes:
|
||||
- log_data:/var/log/onlyoffice
|
||||
- ./config/fluent-bit.conf:/fluent-bit/etc/fluent-bit.conf
|
||||
|
||||
networks:
|
||||
default:
|
||||
name: ${NETWORK_NAME}
|
||||
external: true
|
||||
|
||||
volumes:
|
||||
log_data:
|
@ -53,6 +53,7 @@ x-service:
|
||||
DEBUG_INFO: ${DEBUG_INFO}
|
||||
volumes:
|
||||
#- /app/onlyoffice/CommunityServer/data:/app/onlyoffice/data
|
||||
- log_data:/var/log/onlyoffice
|
||||
- app_data:/app/onlyoffice/data
|
||||
- files_data:/var/www/products/ASC.Files/server/
|
||||
- people_data:/var/www/products/ASC.People/server/
|
||||
@ -72,6 +73,7 @@ networks:
|
||||
external: true
|
||||
|
||||
volumes:
|
||||
log_data:
|
||||
app_data:
|
||||
files_data:
|
||||
people_data:
|
||||
|
@ -16,13 +16,14 @@ services:
|
||||
test: nginx -t || exit 1
|
||||
ports:
|
||||
- 80:80
|
||||
- 443:443
|
||||
- 443:443/tcp
|
||||
- 443:443/udp
|
||||
environment:
|
||||
- ROUTER_HOST=${ROUTER_HOST}
|
||||
- EXTERNAL_PORT=${EXTERNAL_PORT}
|
||||
volumes:
|
||||
- webroot_path:/letsencrypt
|
||||
- proxy_log:/var/log/nginx
|
||||
- log_data:/var/log/nginx
|
||||
- ./config/nginx/templates/nginx.conf.template:/etc/nginx/nginx.conf
|
||||
- ./config/nginx/letsencrypt.conf:/etc/nginx/includes/letsencrypt.conf
|
||||
- ./config/nginx/templates/proxy.upstream.conf.template:/etc/nginx/templates/proxy.upstream.conf.template:ro
|
||||
@ -37,5 +38,5 @@ networks:
|
||||
external: true
|
||||
|
||||
volumes:
|
||||
proxy_log:
|
||||
log_data:
|
||||
webroot_path:
|
||||
|
@ -21,7 +21,7 @@ services:
|
||||
- EXTERNAL_PORT=${EXTERNAL_PORT}
|
||||
volumes:
|
||||
- webroot_path:/letsencrypt
|
||||
- proxy_log:/var/log/nginx
|
||||
- log_data:/var/log/nginx
|
||||
- ./config/nginx/templates/nginx.conf.template:/etc/nginx/nginx.conf
|
||||
- ./config/nginx/letsencrypt.conf:/etc/nginx/includes/letsencrypt.conf
|
||||
- ./config/nginx/templates/proxy.upstream.conf.template:/etc/nginx/templates/proxy.upstream.conf.template:ro
|
||||
@ -33,5 +33,5 @@ networks:
|
||||
external: true
|
||||
|
||||
volumes:
|
||||
proxy_log:
|
||||
log_data:
|
||||
webroot_path:
|
||||
|
@ -1,5 +1,7 @@
|
||||
@echo off
|
||||
|
||||
chcp 65001 > nul
|
||||
|
||||
PUSHD %~dp0..
|
||||
call runasadmin.bat "%~dpnx0"
|
||||
|
||||
|
@ -27,11 +27,15 @@ sed 's/teamlab.info/onlyoffice.com/g' -i config/autofac.consumers.json
|
||||
sed -e 's_etc/nginx_etc/openresty_g' -e 's/listen\s\+\([0-9]\+\);/listen 127.0.0.1:\1;/g' -i config/nginx/*.conf
|
||||
sed -i "s#\$public_root#/var/www/%{product}/public/#g" config/nginx/onlyoffice.conf
|
||||
sed -E 's_(http://)[^:]+(:5601)_\1localhost\2_g' -i config/nginx/onlyoffice.conf
|
||||
sed -e 's/$router_host/127.0.0.1/g' -e 's/this_host\|proxy_x_forwarded_host/host/g' -e 's/proxy_x_forwarded_proto/scheme/g' -e 's/proxy_x_forwarded_port/server_port/g' -e 's_includes_/etc/openresty/includes_g' -i install/docker/config/nginx/onlyoffice-proxy*.conf
|
||||
sed -e 's/$router_host/127.0.0.1/g' -e 's/this_host\|proxy_x_forwarded_host/host/g' -e 's/proxy_x_forwarded_proto/scheme/g' -e 's/proxy_x_forwarded_port/server_port/g' -e 's_includes_/etc/openresty/includes_g' -e '/quic\|alt-svc/Id' -i install/docker/config/nginx/onlyoffice-proxy*.conf
|
||||
sed -e '/.pid/d' -e '/temp_path/d' -e 's_etc/nginx_etc/openresty_g' -e 's/\.log/-openresty.log/g' -i install/docker/config/nginx/templates/nginx.conf.template
|
||||
sed -i "s_\(.*root\).*;_\1 \"/var/www/%{product}\";_g" -i install/docker/config/nginx/letsencrypt.conf
|
||||
sed -i '/^\s*Name\s\+forward\s*$/d; /^\s*Listen\s\+127\.0\.0\.1\s*$/d; /^\s*Port\s\+24224\s*$/d' -i install/docker/config/fluent-bit.conf
|
||||
sed -i "0,/\[INPUT\]/ s/\(\[INPUT\]\)/\1\n Name tail\n Path \/var\/log\/onlyoffice\/%{product}\/*.log\n Path_Key filename/" -i install/docker/config/fluent-bit.conf
|
||||
sed -i "s#\(/var/log/onlyoffice/\)#\1%{product}#" install/docker/config/fluent-bit.conf
|
||||
sed -i '/^\[OUTPUT\]/i\[INPUT]' install/docker/config/fluent-bit.conf
|
||||
sed -i '/^\[OUTPUT\]/i\ Name exec' install/docker/config/fluent-bit.conf
|
||||
sed -i '/^\[OUTPUT\]/i\ Interval_Sec 86400' install/docker/config/fluent-bit.conf
|
||||
sed -i '/^\[OUTPUT\]/i\ Command curl -s -X POST OPENSEARCH_SCHEME://OPENSEARCH_HOST:OPENSEARCH_PORT/OPENSEARCH_INDEX/_delete_by_query -H '\''Content-Type: application/json'\'' -d '\''{"query": {"range": {"@timestamp": {"lt": "now-30d"}}}}'\''' install/docker/config/fluent-bit.conf
|
||||
sed -i '/^\[OUTPUT\]/i\\' install/docker/config/fluent-bit.conf
|
||||
|
||||
find %{_builddir}/server/publish/ \
|
||||
%{_builddir}/server/ASC.Migration.Runner \
|
||||
|
@ -34,7 +34,6 @@
|
||||
%exclude %{_sysconfdir}/onlyoffice/%{product}/openresty
|
||||
%exclude %{_sysconfdir}/onlyoffice/%{product}/nginx
|
||||
%{_docdir}/%{name}-%{version}-%{release}/
|
||||
%config %{_sysconfdir}/logrotate.d/%{product}-common
|
||||
%{_var}/log/onlyoffice/%{product}/
|
||||
%dir %{_sysconfdir}/onlyoffice/
|
||||
%dir %{_sysconfdir}/onlyoffice/%{product}/
|
||||
|
@ -25,6 +25,7 @@ mkdir -p "%{buildroot}%{buildpath}/products/ASC.Files/server/DocStore/"
|
||||
mkdir -p "%{buildroot}%{buildpath}/products/ASC.Files/editor/"
|
||||
# Hidden folders are not copied when applying a mask * (only in RPM), so we explicitly copy .next directory in this way
|
||||
mkdir -p "%{buildroot}%{buildpath}/products/ASC.Files/editor/.next/"
|
||||
mkdir -p "%{buildroot}%{buildpath}/products/ASC.Login/login/.next/"
|
||||
mkdir -p "%{buildroot}%{buildpath}/products/ASC.Files/client/"
|
||||
mkdir -p "%{buildroot}%{buildpath}/client/"
|
||||
mkdir -p "%{buildroot}%{buildpath}/management/"
|
||||
@ -34,13 +35,13 @@ mkdir -p "%{buildroot}%{_sysconfdir}/openresty/conf.d/"
|
||||
mkdir -p "%{buildroot}%{_sysconfdir}/openresty/html/"
|
||||
mkdir -p "%{buildroot}%{_sysconfdir}/onlyoffice/%{product}/openresty"
|
||||
mkdir -p "%{buildroot}%{_sysconfdir}/onlyoffice/%{product}/.private/"
|
||||
mkdir -p "%{buildroot}%{_sysconfdir}/logrotate.d"
|
||||
mkdir -p "%{buildroot}%{_sysconfdir}/fluent-bit/"
|
||||
mkdir -p "%{buildroot}%{_docdir}/%{name}-%{version}-%{release}/"
|
||||
mkdir -p "%{buildroot}%{_bindir}/"
|
||||
cp -rf %{_builddir}/publish/web/public/* "%{buildroot}%{buildpath}/public/"
|
||||
cp -rf %{_builddir}/campaigns/src/campaigns/* "%{buildroot}%{buildpath}/public/campaigns"
|
||||
cp -rf %{_builddir}/publish/web/login/* "%{buildroot}%{buildpath}/products/ASC.Login/login/"
|
||||
cp -rf %{_builddir}/publish/web/login/.next/* "%{buildroot}%{buildpath}/products/ASC.Login/login/.next/"
|
||||
cp -rf %{_builddir}/publish/web/editor/* "%{buildroot}%{buildpath}/products/ASC.Files/editor/"
|
||||
cp -rf %{_builddir}/publish/web/editor/.next/* "%{buildroot}%{buildpath}/products/ASC.Files/editor/.next/"
|
||||
cp -rf %{_builddir}/server/products/ASC.Files/Server/DocStore/* "%{buildroot}%{buildpath}/products/ASC.Files/server/DocStore/"
|
||||
@ -69,7 +70,6 @@ cp -rf %{_builddir}/buildtools/install/docker/config/nginx/onlyoffice-proxy.conf
|
||||
cp -rf %{_builddir}/buildtools/install/docker/config/nginx/onlyoffice-proxy-ssl.conf "%{buildroot}%{_sysconfdir}/openresty/conf.d/onlyoffice-proxy-ssl.conf.template"
|
||||
cp -rf %{_builddir}/buildtools/install/docker/config/nginx/letsencrypt.conf "%{buildroot}%{_sysconfdir}/openresty/includes/letsencrypt.conf"
|
||||
cp -rf %{_builddir}/buildtools/install/common/systemd/modules/* "%{buildroot}/usr/lib/systemd/system/"
|
||||
cp -rf %{_builddir}/buildtools/install/common/logrotate/product-common "%{buildroot}%{_sysconfdir}/logrotate.d/%{product}-common"
|
||||
cp -rf %{_builddir}/buildtools/install/common/%{product}-ssl-setup "%{buildroot}%{_bindir}/%{product}-ssl-setup"
|
||||
cp -rf %{_builddir}/buildtools/install/common/%{product}-configuration "%{buildroot}%{_bindir}/%{product}-configuration"
|
||||
cp -rf %{_builddir}/buildtools/config/nginx/onlyoffice*.conf "%{buildroot}%{_sysconfdir}/openresty/conf.d/"
|
||||
|
@ -13,7 +13,6 @@ The service which handles API requests related to backup
|
||||
Packager: %{packager}
|
||||
Summary: Common
|
||||
Group: Applications/Internet
|
||||
Requires: logrotate
|
||||
BuildArch: noarch
|
||||
%description common
|
||||
A package containing configure and scripts
|
||||
|
@ -53,6 +53,7 @@ Requires: %name-socket = %version-%release
|
||||
Requires: %name-ssoauth = %version-%release
|
||||
Requires: %name-studio = %version-%release
|
||||
Requires: %name-studio-notify = %version-%release
|
||||
Requires: openssl
|
||||
|
||||
%description
|
||||
ONLYOFFICE DocSpace is a new way to collaborate on documents with teams,
|
||||
|
@ -56,7 +56,7 @@
|
||||
<ROW Property="MySQLConnector" Value="MySQL Connector/ODBC 8.0.21 x86"/>
|
||||
<ROW Property="NEED_REINDEX_OPENSEARCH" Value="FALSE" ValueLocId="-"/>
|
||||
<ROW Property="OPENSEARCH_HOST" Value="localhost" ValueLocId="-"/>
|
||||
<ROW Property="OPENSEARCH_INDEX" Value="fluentbit" ValueLocId="-"/>
|
||||
<ROW Property="OPENSEARCH_INDEX" Value="onlyoffice-fluent-bit" ValueLocId="-"/>
|
||||
<ROW Property="OPENSEARCH_MSG" Value="Unable to connect to remote OpenSearch server at "/>
|
||||
<ROW Property="OPENSEARCH_PORT" Value="9200" ValueLocId="-"/>
|
||||
<ROW Property="OPENSEARCH_SCHEME" Value="http" ValueLocId="-"/>
|
||||
@ -366,6 +366,7 @@
|
||||
</COMPONENT>
|
||||
<COMPONENT cid="caphyon.advinst.msicomp.JsonPropertyComponent">
|
||||
<ROW JsonProperty="ConnectionString" Parent="__1" Name="ConnectionString" Condition="1" Order="0" Flags="57" Value="Server=[DB_HOST];Database=[DB_NAME];User ID=[DB_USER];Password=[DB_PWD]"/>
|
||||
<ROW JsonProperty="ConnectionString_1" Parent="__2" Name="ConnectionString" Condition="1" Order="0" Flags="57" Value="Server=[DB_HOST];Database=[DB_NAME];User ID=[DB_USER];Password=[DB_PWD]"/>
|
||||
<ROW JsonProperty="ConnectionStrings" Parent="Root_12" Name="ConnectionStrings" Condition="1" Order="1" Flags="60"/>
|
||||
<ROW JsonProperty="ConnectionStrings_1" Parent="Root_1" Name="ConnectionStrings" Condition="1" Order="0" Flags="60"/>
|
||||
<ROW JsonProperty="Host" Parent="elastic" Name="Host" Condition="1" Order="0" Flags="57" Value="[OPENSEARCH_HOST]"/>
|
||||
@ -393,10 +394,12 @@
|
||||
<ROW JsonProperty="Root_7" Name="Root" Condition="1" Order="0" Flags="60"/>
|
||||
<ROW JsonProperty="Root_9" Name="Root" Condition="1" Order="0" Flags="60"/>
|
||||
<ROW JsonProperty="Scheme" Parent="elastic" Name="Scheme" Condition="1" Order="1" Flags="57" Value="[OPENSEARCH_SCHEME]"/>
|
||||
<ROW JsonProperty="TeamlabsiteProviders" Parent="options" Name="TeamlabsiteProviders" Condition="1" Order="1" Flags="61"/>
|
||||
<ROW JsonProperty="UserName" Parent="RabbitMQ" Name="UserName" Condition="1" Order="1" Flags="57" Value="[AMQP_USER]"/>
|
||||
<ROW JsonProperty="VirtualHost" Parent="RabbitMQ" Name="VirtualHost" Condition="1" Order="4" Flags="57" Value="[AMQP_VHOST]"/>
|
||||
<ROW JsonProperty="_" Parent="Hosts" Name="0" Condition="1" Order="0" Flags="60"/>
|
||||
<ROW JsonProperty="__1" Parent="Providers" Name="0" Condition="1" Order="0" Flags="60"/>
|
||||
<ROW JsonProperty="__2" Parent="TeamlabsiteProviders" Name="0" Condition="1" Order="0" Flags="60"/>
|
||||
<ROW JsonProperty="app" Parent="Root_6" Name="app" Condition="1" Order="0" Flags="60"/>
|
||||
<ROW JsonProperty="app_1" Parent="Root_7" Name="app" Condition="1" Order="0" Flags="60"/>
|
||||
<ROW JsonProperty="app_3" Parent="Root_9" Name="app" Condition="1" Order="0" Flags="60"/>
|
||||
@ -1032,7 +1035,7 @@
|
||||
<ROW Action="AI_XmlUninstall" Type="1" Source="xmlCfg.dll" Target="OnXmlUninstall" AdditionalSeq="AI_DATA_SETTER_15"/>
|
||||
<ROW Action="DetectMySQLService" Type="1" Source="aicustact.dll" Target="DetectProcess" Options="3" AdditionalSeq="AI_DATA_SETTER_9"/>
|
||||
<ROW Action="MoveConfigs" Type="4102" Source="utils.vbs" Target="MoveConfigs"/>
|
||||
<ROW Action="MySQLConfigure" Type="262" Source="utils.vbs" Target="MySQLConfigure"/>
|
||||
<ROW Action="MySQLConfigure" Type="4358" Source="utils.vbs" Target="MySQLConfigure"/>
|
||||
<ROW Action="OpenCancelUrl" Type="194" Source="viewer.exe" Target="http://www.onlyoffice.com/install-canceled.aspx" WithoutSeq="true" Options="1"/>
|
||||
<ROW Action="OpenSearchSetup" Type="6" Source="utils.vbs" Target="OpenSearchSetup"/>
|
||||
<ROW Action="PostgreSQLConfigure" Type="4102" Source="utils.vbs" Target="PostgreSqlConfigure"/>
|
||||
@ -1505,9 +1508,9 @@
|
||||
<ROW PrereqKey="MicrosoftVisualC" DisplayName="Visual C++ Redistributable for Visual Studio 2013 Update 5 x64" VersionMin="12.0" SetupFileUrl="redist\vcredist_2013u5_x64.exe" Location="0" ExactSize="0" Operator="1" ComLine="/quiet" BasicUiComLine="/quiet" NoUiComLine="/quiet" Options="ym" TargetName="Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649\vcredist_2013u5_x64.exe" Builds="ExeBuild"/>
|
||||
<ROW PrereqKey="MicrosoftVisualC_1" DisplayName="Visual C++ Redistributable for Visual Studio 2015-2019 x86" VersionMin="14.26" SetupFileUrl="redist\VC_redist.x86.exe" Location="0" ExactSize="0" Operator="0" ComLine="/q /norestart" BasicUiComLine="/q /norestart" NoUiComLine="/q /norestart" Options="ym" TargetName="Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.26.28720\VC_redist.x86.exe" Builds="ExeBuild"/>
|
||||
<ROW PrereqKey="MicrosoftVisualC_2" DisplayName="Visual C++ Redistributable for Visual Studio 2015-2019 x64" VersionMin="14.26" SetupFileUrl="redist\VC_redist.x64.exe" Location="0" ExactSize="0" WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86" WinNT64Versions="Windows Vista x64, Windows Server 2008 x64, Windows 7 x64, Windows Server 2008 R2 x64" Operator="1" ComLine="/q /norestart" BasicUiComLine="/q /norestart" NoUiComLine="/q /norestart" Options="yxm" TargetName="Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.26.28720\VC_redist.x64.exe" Builds="ExeBuild"/>
|
||||
<ROW PrereqKey="MySQLConnectorODBC" DisplayName="MySQL Connector/ODBC 8.0.33 x86" VersionMin="8.0.33" SetupFileUrl="redist\mysql-connector-odbc-8.0.33-win32.msi" Location="0" ExactSize="0" Operator="1" ComLine="/quiet" BasicUiComLine="/quiet" NoUiComLine="/quiet" Options="ym" TargetName="MySQL ConnectorODBC 8.0 (32-bit)\mysql-connector-odbc-8.0.33-win32.msi" Builds="ExeBuild"/>
|
||||
<ROW PrereqKey="MySQLInstallerCo" DisplayName="MySQL Installer Community 8.0.33 x86" VersionMin="1.6.6.0" SetupFileUrl="redist\mysql-installer-community-8.0.33.0.msi" Location="0" ExactSize="0" Operator="1" ComLine="/quiet" BasicUiComLine="/quiet" NoUiComLine="/quiet" Options="y" TargetName="MySQL Installer - Community\mysql-installer-community-8.0.33.0.msi" Builds="ExeBuild"/>
|
||||
<ROW PrereqKey="MySQLInstallerRunn" DisplayName="MySQL Installer Community 8.0.33 x86 Runner" SetupFileUrl="MySQL Installer Runner.exe" Location="0" ExactSize="0" Operator="1" ComLine="/VERYSILENT /DB_PWD="root" /MYSQL_VERSION="8.0.33"" BasicUiComLine="/VERYSILENT /DB_PWD="root" /MYSQL_VERSION="8.0.33"" NoUiComLine="/VERYSILENT /DB_PWD="root" /MYSQL_VERSION="8.0.33"" Options="y" TargetName="MySQL Installer Runner \MySQL Installer Runner.exe" ParentPrereq="RequiredApplication_2"/>
|
||||
<ROW PrereqKey="MySQLConnectorODBC" DisplayName="MySQL Connector/ODBC 8.0.37 x86" VersionMin="8.0.33" SetupFileUrl="redist\mysql-connector-odbc-8.0.37-win32.msi" Location="0" ExactSize="0" Operator="1" ComLine="/quiet" BasicUiComLine="/quiet" NoUiComLine="/quiet" Options="ym" TargetName="MySQL ConnectorODBC 8.0 (32-bit)\mysql-connector-odbc-8.0.37-win32.msi" Builds="ExeBuild"/>
|
||||
<ROW PrereqKey="MySQLInstallerCo" DisplayName="MySQL Installer Community 8.0.37 x86" VersionMin="1.6.6.0" SetupFileUrl="redist\mysql-installer-community-8.0.37.0.msi" Location="0" ExactSize="0" Operator="1" ComLine="/quiet" BasicUiComLine="/quiet" NoUiComLine="/quiet" Options="y" TargetName="MySQL Installer - Community\mysql-installer-community-8.0.37.0.msi" Builds="ExeBuild"/>
|
||||
<ROW PrereqKey="MySQLInstallerRunn" DisplayName="MySQL Installer Community 8.0.37 x86 Runner" SetupFileUrl="MySQL Installer Runner.exe" Location="0" ExactSize="0" Operator="1" ComLine="/VERYSILENT /DB_PWD="root" /MYSQL_VERSION="8.0.37"" BasicUiComLine="/VERYSILENT /DB_PWD="root" /MYSQL_VERSION="8.0.37"" NoUiComLine="/VERYSILENT /DB_PWD="root" /MYSQL_VERSION="8.0.37"" Options="yx" TargetName="MySQL Installer Runner \MySQL Installer Runner.exe" ParentPrereq="RequiredApplication_2"/>
|
||||
<ROW PrereqKey="Node.js" DisplayName="Node.js 20.11.1" VersionMin="20.11.1" SetupFileUrl="redist\node-v20.11.1-x64.msi" Location="0" ExactSize="0" Operator="0" ComLine="/quiet" BasicUiComLine="/quiet" NoUiComLine="/quiet" Options="ym" TargetName="Node.js\node-v20.11.1-x64.msi" Builds="ExeBuild"/>
|
||||
<ROW PrereqKey="OpenResty" DisplayName="OpenResty v1.21.4" VersionMin="1.21.4.2" SetupFileUrl="publish\OpenResty.msi" Location="0" ExactSize="0" Operator="1" ComLine="/quiet" BasicUiComLine="/quiet" NoUiComLine="/quiet" Options="yxm" TargetName="OpenResty\OpenResty.msi"/>
|
||||
<ROW PrereqKey="OpenSearch2.11.1" DisplayName="OpenSearch v2.11.1 x64" VersionMin="2.11.1" SetupFileUrl="publish\OpenSearch-2.11.1.exe" Location="0" ExactSize="0" WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86" Operator="1" ComLine="/exenoui /qn" BasicUiComLine="/exenoui /qn" NoUiComLine="/exenoui /qn" Options="y" TargetName="OpenSearch 2.11.1\OpenSearch-2.11.1.exe"/>
|
||||
@ -1516,9 +1519,9 @@
|
||||
<ROW PrereqKey="PostgresSQL" DisplayName="PostgreSQL v14.0 x64" VersionMin="14.0" SetupFileUrl="postgresql-14.0-1-windows-x64.exe" Location="0" ExactSize="0" WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86" Operator="1" ComLine="--unattendedmodeui none --install_runtimes 0 --mode unattended --superaccount "postgres" --superpassword "postgres"" BasicUiComLine="--unattendedmodeui none --install_runtimes 0 --mode unattended --superaccount "postgres" --superpassword "postgres"" NoUiComLine="--unattendedmodeui none --install_runtimes 0 --mode unattended --superaccount "postgres" --superpassword "postgres"" Options="xy" TargetName="postgresql-14.0-1-windows-x64.exe"/>
|
||||
<ROW PrereqKey="RabbitMQServer" DisplayName="RabbitMQ v3.12.1 x64" VersionMin="3.12" SetupFileUrl="redist\rabbitmq-server-3.12.1.exe" Location="0" ExactSize="0" WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86" Operator="1" ComLine="/S" BasicUiComLine="/S" NoUiComLine="/S" Options="yx" TargetName="RabbitMQ Server\rabbitmq-server-3.12.1.exe" Builds="ExeBuild"/>
|
||||
<ROW PrereqKey="RedisonWindows" DisplayName="Redis 5.0.10 x64" VersionMin="5.0" SetupFileUrl="redist\Redis-x64-5.0.10.msi" Location="0" ExactSize="0" WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86" Operator="1" ComLine="/quiet ADD_INSTALLFOLDER_TO_PATH=1" BasicUiComLine="/quiet ADD_INSTALLFOLDER_TO_PATH=1" NoUiComLine="/quiet ADD_INSTALLFOLDER_TO_PATH=1" Options="yx" TargetName="Redis on Windows\Redis-x64-5.0.10.msi" Builds="ExeBuild"/>
|
||||
<ROW PrereqKey="RequiredApplication" DisplayName="MySQL Connector/ODBC 8.0.33 x86" VersionMin="8.0.33" SetupFileUrl="https://cdn.mysql.com/archives/mysql-connector-odbc-8.0/mysql-connector-odbc-8.0.33-win32.msi" Location="1" ExactSize="0" Operator="1" ComLine="/quiet" BasicUiComLine="/quiet" NoUiComLine="/quiet" Options="ym" TargetName="MySQL Connector ODBC 8.0.33 x86" Builds="DefaultBuild"/>
|
||||
<ROW PrereqKey="RequiredApplication" DisplayName="MySQL Connector/ODBC 8.0.37 x86" VersionMin="8.0.33" SetupFileUrl="https://cdn.mysql.com/Downloads/Connector-ODBC/8.0/mysql-connector-odbc-8.0.37-win32.msi" Location="1" ExactSize="0" Operator="1" ComLine="/quiet" BasicUiComLine="/quiet" NoUiComLine="/quiet" Options="ym" TargetName="MySQL Connector ODBC 8.0.37 x86" Builds="DefaultBuild"/>
|
||||
<ROW PrereqKey="RequiredApplication_1" DisplayName="Node.js 20.11.1" VersionMin="20.11.1" SetupFileUrl="https://nodejs.org/dist/v20.11.1/node-v20.11.1-x64.msi" Location="1" ExactSize="0" Operator="0" ComLine="/quiet" BasicUiComLine="/quiet" NoUiComLine="/quiet" Options="my" TargetName="Node.js v20.11.1 x64" Builds="DefaultBuild"/>
|
||||
<ROW PrereqKey="RequiredApplication_2" DisplayName="MySQL Installer Community 8.0.33 x86" VersionMin="1.6.6.0" SetupFileUrl="https://cdn.mysql.com/archives/mysql-installer/mysql-installer-community-8.0.33.0.msi" Location="1" ExactSize="0" Operator="1" ComLine="/quiet" BasicUiComLine="/quiet" NoUiComLine="/quiet" Options="y" TargetName="MySQL Installer Community 8.0.33 x86" Builds="DefaultBuild"/>
|
||||
<ROW PrereqKey="RequiredApplication_2" DisplayName="MySQL Installer Community 8.0.37 x86" VersionMin="1.6.6.0" SetupFileUrl="https://cdn.mysql.com/Downloads/MySQLInstaller/mysql-installer-community-8.0.37.0.msi" Location="1" ExactSize="0" Operator="1" ComLine="/quiet" BasicUiComLine="/quiet" NoUiComLine="/quiet" Options="y" TargetName="MySQL Installer Community 8.0.37 x86" Builds="DefaultBuild"/>
|
||||
<ROW PrereqKey="RequiredApplication_3" DisplayName="Certbot v2.6.0" VersionMin="2.6.0" SetupFileUrl="redist\certbot-2.6.0.exe" Location="0" ExactSize="0" WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86" Operator="1" ComLine="/S" BasicUiComLine="/S" NoUiComLine="/S" Options="yxm" TargetName="Required Application\certbot-2.6.0.exe" Builds="ExeBuild"/>
|
||||
<ROW PrereqKey="RequiredApplication_5" DisplayName="RabbitMQ v3.12.1 x64" VersionMin="3.12" SetupFileUrl="https://github.com/rabbitmq/rabbitmq-server/releases/download/v3.12.1/rabbitmq-server-3.12.1.exe" Location="1" ExactSize="0" WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86" Operator="1" ComLine="/S" BasicUiComLine="/S" NoUiComLine="/S" Options="yx" TargetName="RabbitMQ v3.12.1 x64" Builds="DefaultBuild"/>
|
||||
<ROW PrereqKey="RequiredApplication_6" DisplayName="Redis 5.0.10 x64" VersionMin="5.0" SetupFileUrl="http://download.onlyoffice.com/install/windows/redist/Redis-x64-5.0.10.msi" Location="1" ExactSize="0" WinNTVersions="Windows 9x/ME/NT/2000/XP/Vista/Windows 7/Windows 8 x86/Windows 8.1 x86/Windows 10 x86" Operator="1" ComLine="/quiet ADD_INSTALLFOLDER_TO_PATH=1" BasicUiComLine="/quiet ADD_INSTALLFOLDER_TO_PATH=1" NoUiComLine="/quiet ADD_INSTALLFOLDER_TO_PATH=1" Options="yx" TargetName="Redis 5.0.10 x64" Builds="DefaultBuild"/>
|
||||
@ -1563,6 +1566,7 @@
|
||||
<ROW SearchKey="Version" Prereq="MySQLInstallerRunn" SearchType="2" SearchString="HKLM\SOFTWARE\MySQL AB\MySQL Server 5.7\Version" Order="1" Property="PreReqSearch_4"/>
|
||||
<ROW SearchKey="Version_1" Prereq="MySQLInstallerRunn" SearchType="2" SearchString="HKLM\SOFTWARE\MySQL AB\MySQL Server 8.0\Version" Order="2" Property="PreReqSearch_5"/>
|
||||
<ROW SearchKey="Version_2" Prereq="MySQLInstallerRunn" SearchType="2" SearchString="HKLM\SOFTWARE\MySQL AB\MySQL Server 5.5\Version" VerMin="5.5" Order="0" Property="PreReqSearch_6"/>
|
||||
<ROW SearchKey="Version_3" Prereq="MySQLInstallerRunn" SearchType="2" SearchString="HKLM\SOFTWARE\Wow6432Node\MySQL AB\MySQL Server 8.0\Version" Order="4" Property="PreReqSearch_31"/>
|
||||
<ROW SearchKey="__1" Prereq="Erlangv26.0x64" SearchType="5" SearchString="HKLM\SOFTWARE\Wow6432Node\Ericsson\Erlang\14.0.2" Order="2" Property="PreReqSearch_11"/>
|
||||
<ROW SearchKey="postgresqlx649.5" Prereq="PostgresSQL" SearchType="5" SearchString="HKLM\SOFTWARE\PostgreSQL\Installations\postgresql-x64-14" Order="1" Property="PreReqSearch_2_1"/>
|
||||
</COMPONENT>
|
||||
|
@ -59,15 +59,20 @@ REM echo ######## SSL configs ########
|
||||
%sed% -i "s/proxy_x_forwarded_port/server_port/g" buildtools\install\win\Files\nginx\conf\onlyoffice-proxy.conf buildtools\install\win\Files\nginx\conf\onlyoffice-proxy.conf.tmpl
|
||||
%sed% -i "s/proxy_x_forwarded_proto/scheme/g" buildtools\install\win\Files\nginx\conf\onlyoffice-proxy.conf buildtools\install\win\Files\nginx\conf\onlyoffice-proxy.conf.tmpl buildtools\install\win\Files\nginx\conf\onlyoffice-proxy-ssl.conf.tmpl
|
||||
%sed% -i "s/ssl_dhparam \/etc\/ssl\/certs\/dhparam.pem;/#ssl_dhparam \/etc\/ssl\/certs\/dhparam.pem;/" buildtools\install\win\Files\nginx\conf\onlyoffice-proxy-ssl.conf.tmpl
|
||||
%sed% -i "/quic\|alt-svc/Id" buildtools\install\win\Files\nginx\conf\onlyoffice-proxy-ssl.conf.tmpl
|
||||
%sed% -i "s_\(.*root\).*;_\1 \"{APPDIR}letsencrypt\";_g" -i buildtools\install\win\Files\nginx\conf\includes\letsencrypt.conf
|
||||
%sed% -i "s#/var/log/nginx/#logs/#g" buildtools\install\win\Files\nginx\conf\onlyoffice-proxy.conf buildtools\install\win\Files\nginx\conf\onlyoffice-proxy.conf.tmpl buildtools\install\win\Files\nginx\conf\onlyoffice-proxy-ssl.conf.tmpl
|
||||
%sed% -i "s#/etc/nginx/html#conf/html#g" buildtools\install\win\Files\nginx\conf\onlyoffice.conf
|
||||
%sed% -i "s/\/etc\/nginx\/\.htpasswd_dashboards/\.htpasswd_dashboards/g" buildtools\install\win\Files\nginx\conf\onlyoffice.conf
|
||||
|
||||
REM echo ######## Configure fluent-bit config for windows ########
|
||||
%sed% -i "s/forward/tail/" buildtools\install\win\Files\config\fluent-bit.conf
|
||||
%sed% -i "s/Port/Path/" buildtools\install\win\Files\config\fluent-bit.conf
|
||||
%sed% -i "s/24224/{APPDIR}Logs\*.log/" buildtools\install\win\Files\config\fluent-bit.conf
|
||||
%sed% -i "/Listen\s*127\.0\.0\.1/d" buildtools\install\win\Files\config\fluent-bit.conf
|
||||
%sed% -i -e "s|/var/log/onlyoffice/|{APPDIR}Logs\\|g" -e "s|\*\*/|\*\*\\|g" -e "s#DocSpace\Logs\**\#DocumentServer\Log\#g" buildtools\install\win\Files\config\fluent-bit.conf
|
||||
%sed% -i "/^\[OUTPUT\]/i\[INPUT]" buildtools\install\win\Files\config\fluent-bit.conf
|
||||
%sed% -i "/^\[OUTPUT\]/i\ Name exec" buildtools\install\win\Files\config\fluent-bit.conf
|
||||
%sed% -i "/^\[OUTPUT\]/i\ Interval_Sec 86400" buildtools\install\win\Files\config\fluent-bit.conf
|
||||
%sed% -i "/^\[OUTPUT\]/i\ Command curl -s -X POST OPENSEARCH_SCHEME://OPENSEARCH_HOST:OPENSEARCH_PORT/OPENSEARCH_INDEX/_delete_by_query -H 'Content-Type: application/json' -d '{\"query\": {\"range\": {\"@timestamp\": {\"lt\": \"now-30d\"}}}}'" buildtools\install\win\Files\config\fluent-bit.conf
|
||||
%sed% -i -e "s/\"/\\\\\"/g" -e "s/'/\"/g" buildtools\install\win\Files\config\fluent-bit.conf
|
||||
%sed% -i "/\[OUTPUT\]/i\\n" buildtools\install\win\Files\config\fluent-bit.conf
|
||||
|
||||
REM echo ######## Delete test and dev configs ########
|
||||
del /f /q buildtools\install\win\Files\config\*.test.json
|
||||
|
@ -151,14 +151,14 @@ $enterprise_prerequisites = @(
|
||||
|
||||
@{
|
||||
download_allways = $false;
|
||||
name = "mysql-connector-odbc-8.0.33-win32.msi";
|
||||
link = "https://cdn.mysql.com/archives/mysql-connector-odbc-8.0/mysql-connector-odbc-8.0.33-win32.msi";
|
||||
name = "mysql-connector-odbc-8.0.37-win32.msi";
|
||||
link = "https://cdn.mysql.com/Downloads/Connector-ODBC/8.0/mysql-connector-odbc-8.0.37-win32.msi";
|
||||
}
|
||||
|
||||
@{
|
||||
download_allways = $false;
|
||||
name = "mysql-installer-community-8.0.33.0.msi";
|
||||
link = "https://cdn.mysql.com/archives/mysql-installer/mysql-installer-community-8.0.33.0.msi";
|
||||
name = "mysql-installer-community-8.0.37.0.msi";
|
||||
link = "https://cdn.mysql.com/Downloads/MySQLInstaller/mysql-installer-community-8.0.37.0.msi";
|
||||
}
|
||||
|
||||
@{
|
||||
|
@ -28,6 +28,7 @@ if ( -not $certbot_path )
|
||||
exit
|
||||
}
|
||||
|
||||
$product = "docspace"
|
||||
$letsencrypt_root_dir = "$env:SystemDrive\Certbot\live"
|
||||
$app = Resolve-Path -Path ".\..\"
|
||||
$root_dir = "${app}\letsencrypt"
|
||||
@ -46,17 +47,17 @@ if ( $args.Count -ge 2 )
|
||||
}
|
||||
|
||||
else {
|
||||
$letsencrypt_mail = $args[0]
|
||||
$letsencrypt_domain = $args[1]
|
||||
$letsencrypt_mail = $args[0] -JOIN ","
|
||||
$letsencrypt_domain = $args[1] -JOIN ","
|
||||
|
||||
[void](New-Item -ItemType "directory" -Path "${root_dir}\Logs" -Force)
|
||||
|
||||
"certbot certonly --expand --webroot -w `"${root_dir}`" --noninteractive --agree-tos --email ${letsencrypt_mail} -d ${letsencrypt_domain}" > "${app}\letsencrypt\Logs\le-start.log"
|
||||
cmd.exe /c "certbot certonly --expand --webroot -w `"${root_dir}`" --noninteractive --agree-tos --email ${letsencrypt_mail} -d ${letsencrypt_domain}" > "${app}\letsencrypt\Logs\le-new.log"
|
||||
"certbot certonly --expand --webroot -w `"${root_dir}`" --key-type rsa --cert-name ${product} --noninteractive --agree-tos --email ${letsencrypt_mail} -d ${letsencrypt_domain}" > "${app}\letsencrypt\Logs\le-start.log"
|
||||
cmd.exe /c "certbot certonly --expand --webroot -w `"${root_dir}`" --key-type rsa --cert-name ${product} --noninteractive --agree-tos --email ${letsencrypt_mail} -d ${letsencrypt_domain}" > "${app}\letsencrypt\Logs\le-new.log"
|
||||
|
||||
pushd "${letsencrypt_root_dir}\${letsencrypt_domain}"
|
||||
$ssl_cert = (Resolve-Path -Path (Get-Item "${letsencrypt_root_dir}\${letsencrypt_domain}\fullchain.pem").Target).ToString().Replace('\', '/')
|
||||
$ssl_key = (Resolve-Path -Path (Get-Item "${letsencrypt_root_dir}\${letsencrypt_domain}\privkey.pem").Target).ToString().Replace('\', '/')
|
||||
pushd "${letsencrypt_root_dir}\${product}"
|
||||
$ssl_cert = (Resolve-Path -Path (Get-Item "${letsencrypt_root_dir}\${product}\fullchain.pem").Target).ToString().Replace('\', '/')
|
||||
$ssl_key = (Resolve-Path -Path (Get-Item "${letsencrypt_root_dir}\${product}\privkey.pem").Target).ToString().Replace('\', '/')
|
||||
popd
|
||||
}
|
||||
|
||||
@ -68,7 +69,7 @@ if ( $args.Count -ge 2 )
|
||||
|
||||
if ($letsencrypt_domain)
|
||||
{
|
||||
$acl = Get-Acl -Path "$env:SystemDrive\Certbot\archive\${letsencrypt_domain}"
|
||||
$acl = Get-Acl -Path "$env:SystemDrive\Certbot\archive\${product}"
|
||||
$acl.SetSecurityDescriptorSddlForm('O:LAG:S-1-5-21-4011186057-2202358572-2315966083-513D:PAI(A;;0x1200a9;;;WD)(A;;FA;;;SY)(A;OI;0x1200a9;;;LS)(A;;FA;;;BA)(A;;FA;;;LA)')
|
||||
Set-Acl -Path $acl.path -ACLObject $acl
|
||||
}
|
||||
@ -107,6 +108,8 @@ else
|
||||
Write-Output " comma to register multiple emails, ex: "
|
||||
Write-Output " u1@example.com,u2@example.com. "
|
||||
Write-Output " DOMAIN Domain name to apply "
|
||||
Write-Output " Use comma to register multiple domains, ex: "
|
||||
Write-Output " example.com,s1.example.com,s2.example.com. "
|
||||
Write-Output " "
|
||||
Write-Output " Using your own certificates via the -f parameter: "
|
||||
Write-Output " usage: "
|
||||
|
@ -202,8 +202,8 @@ Function MySQLConfigure
|
||||
|
||||
If Err.Number <> 0 Then
|
||||
Err.Clear
|
||||
installDir = shell.RegRead("HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\MySQL AB\MySQL Server 8.0\Location")
|
||||
dataDir = shell.RegRead("HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\MySQL AB\MySQL Server 8.0\DataLocation")
|
||||
installDir = shell.RegRead("HKEY_LOCAL_MACHINE\SOFTWARE\MySQL AB\MySQL Server 8.0\Location")
|
||||
dataDir = shell.RegRead("HKEY_LOCAL_MACHINE\SOFTWARE\MySQL AB\MySQL Server 8.0\DataLocation")
|
||||
End If
|
||||
|
||||
Call WriteToLog("MySQLConfigure: installDir " & installDir)
|
||||
|
@ -1,4 +1,5 @@
|
||||
PUSHD %~dp0\..
|
||||
set dir="%cd%"
|
||||
echo %dir%
|
||||
dotnet test %dir%\client\common\Tests\Frontend.Translations.Tests\Frontend.Translations.Tests.csproj --filter "TestCategory=Locales" -l:html --environment "BASE_DIR=%dir%" --results-directory "%dir%\TestsResults"
|
||||
PUSHD %~dp0\..
|
||||
set dir=%cd%
|
||||
echo %dir%
|
||||
dotnet test %dir%\client\common\Tests\Frontend.Translations.Tests\Frontend.Translations.Tests.csproj --filter "TestCategory=Locales" -l:html --environment "BASE_DIR=%dir%\client" --results-directory "%dir%\TestsResults"
|
||||
pause
|
@ -3,7 +3,8 @@
|
||||
<name>ONLYOFFICE Login SSR</name>
|
||||
<startmode>manual</startmode>
|
||||
<executable>node</executable>
|
||||
<arguments>../../publish/web/login/server.js</arguments>
|
||||
<arguments>server.js</arguments>
|
||||
<workingdirectory>%BASE%\..\..\client\packages\login</workingdirectory>
|
||||
<log mode="none"/>
|
||||
<delayedAutoStart>true</delayedAutoStart>
|
||||
<onfailure action="none" />
|
||||
|
1
tests/vagrant/Vagrantfile
vendored
1
tests/vagrant/Vagrantfile
vendored
@ -15,6 +15,7 @@ Vagrant.configure("2") do |config|
|
||||
config.vm.provision "file", source: "../../../DocSpace-buildtools/install/OneClickInstall/.", destination: "/tmp/docspace/"
|
||||
end
|
||||
|
||||
config.vm.provision "file", source: "../../../DocSpace-buildtools/install/common/systemd/build.sh", destination: "/tmp/docspace/build.sh"
|
||||
config.vm.provision "shell", path: './install.sh', :args => "#{ENV['DOWNLOAD_SCRIPT']} #{ENV['TEST_REPO']} #{ENV['ARGUMENTS']}"
|
||||
|
||||
# Prevent SharedFoldersEnableSymlinksCreate errors
|
||||
|
@ -1,91 +1,45 @@
|
||||
#!/bin/bash
|
||||
|
||||
set -ex
|
||||
set -e
|
||||
|
||||
while [ "$1" != "" ]; do
|
||||
case $1 in
|
||||
case $1 in
|
||||
-ds | --download-scripts )
|
||||
if [ "$2" != "" ]; then
|
||||
DOWNLOAD_SCRIPTS=$2
|
||||
shift
|
||||
fi
|
||||
;;
|
||||
|
||||
-ds | --download-scripts )
|
||||
if [ "$2" != "" ]; then
|
||||
DOWNLOAD_SCRIPTS=$2
|
||||
shift
|
||||
fi
|
||||
;;
|
||||
-arg | --arguments )
|
||||
if [ "$2" != "" ]; then
|
||||
ARGUMENTS=$2
|
||||
shift
|
||||
fi
|
||||
;;
|
||||
|
||||
-arg | --arguments )
|
||||
if [ "$2" != "" ]; then
|
||||
ARGUMENTS=$2
|
||||
shift
|
||||
fi
|
||||
;;
|
||||
-li | --local-install )
|
||||
if [ "$2" != "" ]; then
|
||||
LOCAL_INSTALL=$2
|
||||
shift
|
||||
fi
|
||||
;;
|
||||
|
||||
|
||||
-pi | --production-install )
|
||||
if [ "$2" != "" ]; then
|
||||
PRODUCTION_INSTALL=$2
|
||||
shift
|
||||
fi
|
||||
;;
|
||||
|
||||
-li | --local-install )
|
||||
if [ "$2" != "" ]; then
|
||||
LOCAL_INSTALL=$2
|
||||
shift
|
||||
fi
|
||||
;;
|
||||
|
||||
-lu | --local-update )
|
||||
if [ "$2" != "" ]; then
|
||||
LOCAL_UPDATE=$2
|
||||
shift
|
||||
fi
|
||||
;;
|
||||
|
||||
-tr | --test-repo )
|
||||
if [ "$2" != "" ]; then
|
||||
TEST_REPO_ENABLE=$2
|
||||
shift
|
||||
fi
|
||||
;;
|
||||
|
||||
|
||||
esac
|
||||
shift
|
||||
-tr | --test-repo )
|
||||
if [ "$2" != "" ]; then
|
||||
TEST_REPO_ENABLE=$2
|
||||
shift
|
||||
fi
|
||||
;;
|
||||
esac
|
||||
shift
|
||||
done
|
||||
|
||||
export TERM=xterm-256color^M
|
||||
|
||||
SERVICES_SYSTEMD=(
|
||||
"docspace-api.service"
|
||||
"docspace-doceditor.service"
|
||||
"docspace-studio-notify.service"
|
||||
"docspace-files.service"
|
||||
"docspace-notify.service"
|
||||
"docspace-studio.service"
|
||||
"docspace-backup-background.service"
|
||||
"docspace-files-services.service"
|
||||
"docspace-people-server.service"
|
||||
"docspace-backup.service"
|
||||
"docspace-healthchecks.service"
|
||||
"docspace-socket.service"
|
||||
"docspace-clear-events.service"
|
||||
"docspace-login.service"
|
||||
"docspace-ssoauth.service"
|
||||
"ds-converter.service"
|
||||
"ds-docservice.service"
|
||||
"ds-metrics.service")
|
||||
|
||||
function common::get_colors() {
|
||||
COLOR_BLUE=$'\e[34m'
|
||||
COLOR_GREEN=$'\e[32m'
|
||||
COLOR_RED=$'\e[31m'
|
||||
COLOR_RESET=$'\e[0m'
|
||||
COLOR_YELLOW=$'\e[33m'
|
||||
export COLOR_BLUE
|
||||
export COLOR_GREEN
|
||||
export COLOR_RED
|
||||
export COLOR_RESET
|
||||
export COLOR_YELLOW
|
||||
export LINE_SEPARATOR="-----------------------------------------"
|
||||
export COLOR_BLUE=$'\e[34m' COLOR_GREEN=$'\e[32m' COLOR_RED=$'\e[31m' COLOR_RESET=$'\e[0m' COLOR_YELLOW=$'\e[33m'
|
||||
}
|
||||
|
||||
#############################################################################################
|
||||
@ -98,13 +52,10 @@ function common::get_colors() {
|
||||
# None
|
||||
#############################################################################################
|
||||
function check_hw() {
|
||||
local FREE_RAM=$(free -h)
|
||||
local FREE_CPU=$(nproc)
|
||||
echo "${COLOR_RED} ${FREE_RAM} ${COLOR_RESET}"
|
||||
echo "${COLOR_RED} ${FREE_CPU} ${COLOR_RESET}"
|
||||
echo "${COLOR_RED} $(free -h) ${COLOR_RESET}"
|
||||
echo "${COLOR_RED} $(nproc) ${COLOR_RESET}"
|
||||
}
|
||||
|
||||
|
||||
#############################################################################################
|
||||
# Add nexus repositories for test packages for .deb and .rpm packages
|
||||
# Globals: None
|
||||
@ -149,12 +100,8 @@ function prepare_vm() {
|
||||
;;
|
||||
|
||||
debian)
|
||||
if [ "$VERSION_CODENAME" == "bookworm" ]; then
|
||||
apt-get update -y
|
||||
apt install -y curl gnupg
|
||||
fi
|
||||
apt-get remove postfix -y
|
||||
echo "${COLOR_GREEN}☑ PREPAVE_VM: Postfix was removed${COLOR_RESET}"
|
||||
[ "$VERSION_CODENAME" == "bookworm" ] && apt-get update -y && apt install -y curl gnupg
|
||||
apt-get remove postfix -y && echo "${COLOR_GREEN}☑ PREPAVE_VM: Postfix was removed${COLOR_RESET}"
|
||||
[[ "${TEST_REPO_ENABLE}" == 'true' ]] && add-repo-deb
|
||||
;;
|
||||
|
||||
@ -163,10 +110,7 @@ function prepare_vm() {
|
||||
;;
|
||||
|
||||
centos)
|
||||
if [ "$VERSION_ID" == "9" ]; then
|
||||
update-crypto-policies --set LEGACY
|
||||
echo "${COLOR_GREEN}☑ PREPAVE_VM: sha1 gpg key chek enabled${COLOR_RESET}"
|
||||
fi
|
||||
[ "$VERSION_ID" == "8" ] && sed -i 's|^mirrorlist=|#&|; s|^#baseurl=http://mirror.centos.org|baseurl=http://vault.centos.org|' /etc/yum.repos.d/CentOS-*
|
||||
[[ "${TEST_REPO_ENABLE}" == 'true' ]] && add-repo-rpm
|
||||
yum -y install centos*-release
|
||||
;;
|
||||
@ -175,21 +119,16 @@ function prepare_vm() {
|
||||
echo "${COLOR_RED}Failed to determine Linux dist${COLOR_RESET}"; exit 1
|
||||
;;
|
||||
esac
|
||||
|
||||
else
|
||||
echo "${COLOR_RED}File /etc/os-release doesn't exist${COLOR_RESET}"; exit 1
|
||||
fi
|
||||
|
||||
# Clean up home folder
|
||||
rm -rf /home/vagrant/*
|
||||
|
||||
if [ -d /tmp/docspace ]; then
|
||||
mv /tmp/docspace/* /home/vagrant
|
||||
fi
|
||||
[ -d /tmp/docspace ] && mv /tmp/docspace/* /home/vagrant
|
||||
|
||||
echo '127.0.0.1 host4test' | sudo tee -a /etc/hosts
|
||||
echo "${COLOR_GREEN}☑ PREPAVE_VM: Hostname was setting up${COLOR_RESET}"
|
||||
|
||||
}
|
||||
|
||||
#############################################################################################
|
||||
@ -202,34 +141,23 @@ function prepare_vm() {
|
||||
# Script log
|
||||
#############################################################################################
|
||||
function install_docspace() {
|
||||
if [ "${DOWNLOAD_SCRIPTS}" == 'true' ]; then
|
||||
wget https://download.onlyoffice.com/docspace/docspace-install.sh
|
||||
else
|
||||
sed 's/set -e/set -xe/' -i *.sh
|
||||
fi
|
||||
|
||||
printf "N\nY\nY" | bash docspace-install.sh ${ARGUMENTS}
|
||||
|
||||
if [[ $? != 0 ]]; then
|
||||
echo "Exit code non-zero. Exit with 1."
|
||||
exit 1
|
||||
else
|
||||
echo "Exit code 0. Continue..."
|
||||
fi
|
||||
[[ "${DOWNLOAD_SCRIPTS}" == 'true' ]] && wget https://download.onlyoffice.com/docspace/docspace-install.sh || sed 's/set -e/set -xe/' -i *.sh
|
||||
bash docspace-install.sh package ${ARGUMENTS} || { echo "Exit code non-zero. Exit with 1."; exit 1; }
|
||||
echo "Exit code 0. Continue..."
|
||||
}
|
||||
|
||||
#############################################################################################
|
||||
# Healthcheck function for systemd services
|
||||
# Globals:
|
||||
# SERVICES_SYSTEMD
|
||||
# None
|
||||
# Arguments:
|
||||
# None
|
||||
# Outputs:
|
||||
# Message about service status
|
||||
#############################################################################################
|
||||
function healthcheck_systemd_services() {
|
||||
for service in ${SERVICES_SYSTEMD[@]}
|
||||
do
|
||||
for service in ${SERVICES_SYSTEMD[@]}; do
|
||||
[[ "$service" == "docspace-migration-runner.service" ]] && continue;
|
||||
if systemctl is-active --quiet ${service}; then
|
||||
echo "${COLOR_GREEN}☑ OK: Service ${service} is running${COLOR_RESET}"
|
||||
else
|
||||
@ -239,7 +167,6 @@ function healthcheck_systemd_services() {
|
||||
done
|
||||
}
|
||||
|
||||
|
||||
#############################################################################################
|
||||
# Set output if some services failed
|
||||
# Globals:
|
||||
@ -261,7 +188,7 @@ function healthcheck_general_status() {
|
||||
#############################################################################################
|
||||
# Get logs for all services
|
||||
# Globals:
|
||||
# $SERVICES_SYSTEMD
|
||||
# None
|
||||
# Arguments:
|
||||
# None
|
||||
# Outputs:
|
||||
@ -272,83 +199,27 @@ function healthcheck_general_status() {
|
||||
# This function succeeds even if the file for cat was not found. For that use ${SKIP_EXIT} variable
|
||||
#############################################################################################
|
||||
function services_logs() {
|
||||
SERVICES_SYSTEMD=($(awk '/SERVICE_NAME=\(/{flag=1; next} /\)/{flag=0} flag' "build.sh" | sed 's/^[[:space:]]*//;s/[[:space:]]*$//' | sed 's/^/docspace-/' | sed 's/$/.service/'))
|
||||
SERVICES_SYSTEMD+=("ds-converter.service" "ds-docservice.service" "ds-metrics.service")
|
||||
|
||||
for service in ${SERVICES_SYSTEMD[@]}; do
|
||||
echo -----------------------------------------
|
||||
echo "${COLOR_GREEN}Check logs for systemd service: $service${COLOR_RESET}"
|
||||
echo ---------------------- -------------------
|
||||
EXIT_CODE=0
|
||||
journalctl -u $service || true
|
||||
echo $LINE_SEPARATOR && echo "${COLOR_GREEN}Check logs for systemd service: $service${COLOR_RESET}" && echo $LINE_SEPARATOR
|
||||
journalctl -u $service -n 30 || true
|
||||
done
|
||||
|
||||
local MAIN_LOGS_DIR="/var/log/onlyoffice"
|
||||
local DOCSPACE_LOGS_DIR="${MAIN_LOGS_DIR}/docspace"
|
||||
local DOCUMENTSERVER_LOGS_DIR="${MAIN_LOGS_DIR}/documentserver"
|
||||
local DOCSERVICE_LOGS_DIR="${DOCUMENTSERVER_LOGS_DIR}/docservice"
|
||||
local CONVERTER_LOGS_DIR="${DOCUMENTSERVER_LOGS_DIR}/converter"
|
||||
local METRICS_LOGS_DIR="${DOCUMENTSERVER_LOGS_DIR}/metrics"
|
||||
|
||||
ARRAY_MAIN_SERVICES_LOGS=($(ls ${MAIN_LOGS_DIR} | grep log | sed 's/web.sql.log//;s/web.api.log//;s/nginx.*//' ))
|
||||
ARRAY_DOCSPACE_LOGS=($(ls ${DOCSPACE_LOGS_DIR}))
|
||||
ARRAY_DOCSERVICE_LOGS=($(ls ${DOCSERVICE_LOGS_DIR}))
|
||||
ARRAY_CONVERTER_LOGS=($(ls ${CONVERTER_LOGS_DIR}))
|
||||
ARRAY_METRICS_LOGS=($(ls ${METRICS_LOGS_DIR}))
|
||||
|
||||
echo "-----------------------------------"
|
||||
echo "${COLOR_YELLOW} Check logs for main services ${COLOR_RESET}"
|
||||
echo "-----------------------------------"
|
||||
for file in ${ARRAY_MAIN_SERVICES_LOGS[@]}; do
|
||||
echo ---------------------------------------
|
||||
echo "${COLOR_GREEN}logs from file: ${file}${COLOR_RESET}"
|
||||
echo ---------------------------------------
|
||||
cat ${MAIN_LOGS_DIR}/${file} || true
|
||||
done
|
||||
|
||||
echo "-----------------------------------"
|
||||
echo "${COLOR_YELLOW} Check logs for Docservice ${COLOR_RESET}"
|
||||
echo "-----------------------------------"
|
||||
for file in ${ARRAY_DOCSERVICE_LOGS[@]}; do
|
||||
echo ---------------------------------------
|
||||
echo "${COLOR_GREEN}logs from file: ${file}${COLOR_RESET}"
|
||||
echo ---------------------------------------
|
||||
cat ${DOCSERVICE_LOGS_DIR}/${file} || true
|
||||
done
|
||||
|
||||
echo "-----------------------------------"
|
||||
echo "${COLOR_YELLOW} Check logs for Converter ${COLOR_RESET}"
|
||||
echo "-----------------------------------"
|
||||
for file in ${ARRAY_CONVERTER_LOGS[@]}; do
|
||||
echo ---------------------------------------
|
||||
echo "${COLOR_GREEN}logs from file ${file}${COLOR_RESET}"
|
||||
echo ---------------------------------------
|
||||
cat ${CONVERTER_LOGS_DIR}/${file} || true
|
||||
done
|
||||
|
||||
echo "-----------------------------------"
|
||||
echo "${COLOR_YELLOW} Start logs for Metrics ${COLOR_RESET}"
|
||||
echo "-----------------------------------"
|
||||
for file in ${ARRAY_METRICS_LOGS[@]}; do
|
||||
echo ---------------------------------------
|
||||
echo "${COLOR_GREEN}logs from file ${file}${COLOR_RESET}"
|
||||
echo ---------------------------------------
|
||||
cat ${METRICS_LOGS_DIR}/${file} || true
|
||||
done
|
||||
local DOCSPACE_LOGS_DIR="/var/log/onlyoffice/docspace"
|
||||
local DOCUMENTSERVER_LOGS_DIR="/var/log/onlyoffice/documentserver"
|
||||
|
||||
echo "-----------------------------------"
|
||||
echo "${COLOR_YELLOW} Start logs for DocSpace ${COLOR_RESET}"
|
||||
echo "-----------------------------------"
|
||||
for file in ${ARRAY_DOCSPACE_LOGS[@]}; do
|
||||
echo ---------------------------------------
|
||||
echo "${COLOR_GREEN}logs from file ${file}${COLOR_RESET}"
|
||||
echo ---------------------------------------
|
||||
cat ${DOCSPACE_LOGS_DIR}/${file} || true
|
||||
for LOGS_DIR in "${DOCSPACE_LOGS_DIR}" "${DOCUMENTSERVER_LOGS_DIR}"; do
|
||||
echo $LINE_SEPARATOR && echo "${COLOR_YELLOW}Check logs for $(basename "${LOGS_DIR}"| tr '[:lower:]' '[:upper:]') ${COLOR_RESET}" && echo $LINE_SEPARATOR
|
||||
|
||||
find "${LOGS_DIR}" -type f -name "*.log" ! -name "*sql*" ! -name "*nginx*" | while read -r FILE; do
|
||||
echo $LINE_SEPARATOR && echo "${COLOR_GREEN}Logs from file: ${FILE}${COLOR_RESET}" && echo $LINE_SEPARATOR
|
||||
tail -30 "${FILE}" || true
|
||||
done
|
||||
done
|
||||
}
|
||||
|
||||
function healthcheck_docker_installation() {
|
||||
exit 0
|
||||
}
|
||||
|
||||
|
||||
main() {
|
||||
common::get_colors
|
||||
prepare_vm
|
||||
|
Loading…
Reference in New Issue
Block a user