Unify names of environment variables for branches

# Conflicts:
#	config/nginx/onlyoffice.conf
#	install/OneClickInstall/install-RedHat/install-preq.sh
#	run/Login.xml

.github/workflows/cron-build.yml

@@ -18,10 +18,29 @@ jobs:
         run: |
           all_branches=$(git ls-remote -hq | sed -n 's/^[0-9a-f]\{40\}\s\+refs\/heads\//''/p')
           matching_branches=""
+          hashes=""
 
           for branch in $all_branches; do
             if [[ $branch =~ ^release/v[0-9]+ || $branch =~ ^hotfix/v[0-9]+ || $branch == "develop" ]]; then
               matching_branches="${matching_branches},\"${branch}\""
+              curl_buildtools=$(curl -L \
+                -H "Accept: application/vnd.github+json" \
+                -H "X-GitHub-Api-Version: 2022-11-28" \
+                "https://api.github.com/repos/ONLYOFFICE/DocSpace-buildtools/commits/${branch}" | jq -r '.sha')
+              
+              curl_client=$(curl -L \
+                -H "Accept: application/vnd.github+json" \
+                -H "X-GitHub-Api-Version: 2022-11-28" \
+                "https://api.github.com/repos/ONLYOFFICE/DocSpace-client/commits/${branch}" | jq -r '.sha')
+              
+              curl_server=$(curl -L \
+                -H "Accept: application/vnd.github+json" \
+                -H "X-GitHub-Api-Version: 2022-11-28" \
+                "https://api.github.com/repos/ONLYOFFICE/DocSpace-server/commits/${branch}" | jq -r '.sha')
+      
+              echo "${branch}_buildtools_hash=${curl_buildtools}" >> $GITHUB_ENV
+              echo "${branch}_client_hash=${curl_client}" >> $GITHUB_ENV
+              echo "${branch}_server_hash=${curl_server}" >> $GITHUB_ENV
             fi
           done
         
@@ -35,12 +54,15 @@ jobs:
         run: |
           echo "${{ steps.list-branches.outputs.json_output }}"
 
+          payload=$((env | grep '_hash=' | awk -F'=' '{print "\"" $1 "\": \"" $2 "\""}' | paste -sd, - | sed 's/^/{/;s/$/}/')| tr -d '[:space:]')
+          echo "Payload JSON: $payload"
+
           curl \
           -X POST \
           -u "${{ secrets.USERNAME}}:${{secrets.TOKEN}}" \
           "https://api.github.com/repos/ONLYOFFICE/DocSpace-buildtools/dispatches" \
           -H "Accept: application/vnd.github.everest-preview+json" \
-          --data '{"event_type": "cron-trigger-action", "client_payload": { "branches": ${{ steps.list-branches.outputs.json_output }}}}'
+          --data '{"event_type": "cron-trigger-action", "client_payload": { "branches": ${{ steps.list-branches.outputs.json_output }}, "hashes": '$payload' } }'
 
           curl \
           -X POST \

.github/workflows/main-build.yml

@@ -62,6 +62,12 @@ jobs:
             DOCKER_TAG=${PRODUCT_VERSION}.${{github.run_number}}
           fi
           export DOCKER_TAG
+          BUILDTOOLS_ENV="${{ github.event.client_payload.hashes[ format('{0}_buildtools_hash', matrix.branch)] }}"
+          SERVER_ENV="${{ github.event.client_payload.hashes[ format('{0}_server_hash', matrix.branch)] }}"
+          CLIENT_ENV="${{ github.event.client_payload.hashes[ format('{0}_client_hash', matrix.branch)] }}"
+          echo "buildtools_hash: $BUILDTOOLS_ENV"
+          echo "server_hash: $SERVER_ENV"
+          echo "client_hash: $CLIENT_ENV"
           docker buildx bake -f build.yml \
           --set *.args.GIT_BRANCH=${{ matrix.branch }} \
           --set *.args.PRODUCT_VERSION=${PRODUCT_VERSION} \
@@ -69,6 +75,9 @@ jobs:
           --set *.platform=linux/amd64 \
           --set *.args.PRODUCT_VERSION=${PRODUCT_VERSION} \
           --set *.args.BUILD_NUMBER=${{github.run_number}} \
+          --set *.args.BUILDTOOLS_COMMIT=$BUILDTOOLS_ENV \
+          --set *.args.SERVER_COMMIT=$SERVER_ENV \
+          --set *.args.CLIENT_COMMIT=$CLIENT_ENV \
           --push
 
           echo "version=${DOCKER_TAG}" >> "$GITHUB_OUTPUT"

build.backend.docker.py

@@ -11,13 +11,14 @@ def help():
     # Display Help
     print("Build and run backend and working environment. (Use 'yarn start' to run client -> https://github.com/ONLYOFFICE/DocSpace-client)")
     print()
-    print("Syntax: available params [-h|f|s|c|d|]")
+    print("Syntax: available params [-h|f|s|c|d|i")
     print("options:")
     print("h     Print this Help.")
     print("f     Force rebuild base images.")
     print("s     Run as SAAS otherwise as STANDALONE.")
     print("c     Run as COMMUNITY otherwise ENTERPRISE.")
     print("d     Run dnsmasq.")
+    print("i     Run identity (oauth2).")
     print()
 
 
@@ -37,6 +38,8 @@ if local_ip == "127.0.0.1":
 doceditor = f"{local_ip}:5013"
 login = f"{local_ip}:5011"
 client = f"{local_ip}:5001"
+identity_auth = f"{local_ip}:8080"
+identity_api = f"{local_ip}:9090"
 management = f"{local_ip}:5015"
 portal_url = f"http://{local_ip}"
 
@@ -44,13 +47,14 @@ force = False
 dns = False
 standalone = True
 community = False
+identity = False
 
 migration_type = "STANDALONE" # SAAS
 installation_type = "ENTERPRISE"
 document_server_image_name = "onlyoffice/documentserver-de:latest"
 
 # Get the options
-opts, args = getopt.getopt(sys.argv[1:], "hfscd")
+opts, args = getopt.getopt(sys.argv[1:], "hfscdi")
 for opt, arg in opts:
     if opt == "-h":
         help()
@@ -63,6 +67,8 @@ for opt, arg in opts:
         community = arg if arg else True
     elif opt == "-d":
         dns = arg if arg else True
+    elif opt == "-i":
+        identity = arg if arg else True
     else:
         print("Error: Invalid '-" + opt + "' option")
         sys.exit()
@@ -80,6 +86,7 @@ print(f"DOCSPACE_APP_URL: {portal_url}")
 print()
 print("FORCE REBUILD BASE IMAGES:", force)
 print("Run dnsmasq:", dns)
+print("Run identity:", identity)
 
 if standalone == False:
     migration_type = "SAAS"
@@ -182,6 +189,8 @@ os.environ["SERVICE_DOCEDITOR"] = doceditor
 os.environ["SERVICE_LOGIN"] = login
 os.environ["SERVICE_MANAGEMENT"] = management
 os.environ["SERVICE_CLIENT"] = client
+os.environ["SERVICE_IDENTITY"] = identity_auth
+os.environ["SERVICE_IDENTITY_API"] = identity_api
 os.environ["ROOT_DIR"] = dir
 os.environ["BUILD_PATH"] = "/var/www"
 os.environ["SRC_PATH"] = os.path.join(dir, "publish/services")
@@ -191,6 +200,10 @@ os.environ["MIGRATION_TYPE"] = migration_type
 subprocess.run(["docker", "compose", "-f", os.path.join(dockerDir, "docspace.profiles.yml"), "-f", os.path.join(
     dockerDir, "docspace.overcome.yml"), "--profile", "migration-runner", "--profile", "backend-local", "up", "-d"])
 
+if identity:
+    print("Run identity")
+    subprocess.run(["docker-compose", "-f",os.path.join(dockerDir, "identity.yml"), "up", "-d" ])
+
 print()
 print("Run script directory:", dir)
 print("Root directory:", dir)

build.backend.dotnet.bat

@@ -0,0 +1,26 @@
+@echo off
+
+echo Start build backend...
+echo.
+
+cd /D "%~dp0"
+call runasadmin.bat "%~dpnx0"
+
+if %errorlevel% == 0 (
+call start\stop.bat nopause
+dotnet build ..\server\asc.web.slnf  /fl1 /flp1:logfile=asc.web.log;verbosity=normal
+echo.
+)
+
+if %errorlevel% == 0 (
+call start\start.bat nopause
+)
+
+echo.
+
+if "%1"=="nopause" goto end
+pause
+
+
+
+:end

clear.backend.docker.py

@@ -31,6 +31,10 @@ if containers or images:
     db_command = f"docker compose -f {os.path.join(docker_dir, 'db.yml')} down --volumes"
     subprocess.run(db_command, shell=True)
 
+    print("Remove docker contatiners 'Identity'")
+    identity_command = f"docker compose -f {os.path.join(docker_dir, 'identity.yml')} down --volumes"
+    subprocess.run(identity_command, shell=True)
+
     print("Remove docker volumes")
     volumes_command = f"docker volume prune -fa"
     subprocess.run(volumes_command, shell=True)

config/appsettings.json

@@ -38,7 +38,10 @@
     },
     "themelimit": "9",
     "oidc": {
-      "authority": ""
+      "authority": "",
+      "disableValidateToken": "true",
+      "requireHttps": "false",
+      "showPII": "true"
     },
     "server-root": "",
     "username": {
@@ -123,7 +126,7 @@
     "api-system": "",
     "api-cache": "",
     "images": "static/images",
-    "hide-settings": "Monitoring,LdapSettings,DocService,MailService,PublicPortal,ProxyHttpContent,SpamSubscription,FullTextSearch",
+    "hide-settings": "Monitoring,LdapSettings,DocService,MailService,PublicPortal,ProxyHttpContent,SpamSubscription,FullTextSearch,IdentityServer",
     "hub": {
       "url": "/socket.io",
       "internal": "http://localhost:9899/"

config/dnsmasq.conf

@@ -9,6 +9,6 @@ server=8.8.4.4
 server=8.8.8.8
 strict-order
 #serve all .company queries using a specific nameserver
-server=/site/127.0.0.1
+server=/site/192.168.0.18
 #explicitly define host-ip mappings
-address=/docspace.site/127.0.0.1
+address=/docspace.site/192.168.0.18

config/nginx/includes/server-dashboards.conf

@@ -0,0 +1,12 @@
+location ^~ /dashboards/ {
+    auth_basic "Restricted Access";
+    auth_basic_user_file /etc/nginx/.htpasswd_dashboards;
+    
+    rewrite ^/dashboards(/.*)$ $1 break;
+    proxy_pass http://127.0.0.1:5601;
+    proxy_redirect off;
+    proxy_buffering off;
+
+    proxy_set_header Connection "Keep-Alive";
+    proxy_set_header Proxy-Connection "Keep-Alive";
+}

config/nginx/onlyoffice.conf

@@ -104,8 +104,7 @@ server {
 	local accept_header = ngx.req.get_headers()["Accept"]
 	if ngx.req.get_method() == "GET" and accept_header ~= nil and string.find(accept_header, "html") and not ngx.re.match(ngx.var.request_uri, "ds-vpath|/api/") then
 
-		if not ngx.re.match(ngx.var.request_uri, "login|sdk|filehandler|thirdparty|confirm|error|wizard|preparation-portal|unavailable|share=.|rooms/share(.*)key=.|/s/*|token=.") then
-			if ngx.var.http_cookie == nil or not string.find(ngx.var.http_cookie, "asc_auth_key") then
+		if not ngx.re.match(ngx.var.request_uri, "login|oauth2|sdk|filehandler|thirdparty|confirm|error|wizard|preparation-portal|unavailable|share=.|rooms/share(.*)key=.|/s/*|token=.") then
			if ngx.var.http_cookie == nil or not string.find(ngx.var.http_cookie, "asc_auth_key") then
 				if ngx.var.request_uri == "/" then
 					return ngx.redirect("/login")
 				else
@@ -168,18 +167,7 @@ server {
 		
 	}
 	
-	location ^~ /dashboards/ {
-		auth_basic "Restricted Access";
-		auth_basic_user_file /etc/nginx/.htpasswd_dashboards;
-		
-		rewrite ^/dashboards(/.*)$ $1 break;
-		proxy_pass http://127.0.0.1:5601;
-		proxy_redirect off;
-		proxy_buffering off;
-
-		proxy_set_header Connection "Keep-Alive";
-		proxy_set_header Proxy-Connection "Keep-Alive";
-	}
+	include /etc/nginx/includes/server-*.conf;
 
 	location / {
 		proxy_pass http://127.0.0.1:5001;
@@ -333,6 +321,25 @@ server {
         location ~* /migration {
 			 proxy_pass http://127.0.0.1:5034;
 		}
+
+		location ~* /(clients|scopes) {
+			 proxy_pass http://127.0.0.1:9090;
+		}
+
+		location ~* /oauth2 {
+			rewrite api/2.0/(.*) /$1  break;
+			proxy_redirect off;
+			proxy_pass http://127.0.0.1:8080;
+		}
+    }
+	
+	location /oauth2/.well-known/openid-configuration {
+		rewrite oauth2/(.*) /$1  break;
+		proxy_pass http://127.0.0.1:8080;
+	}
+
+	location /oauth2 {
+		proxy_pass http://127.0.0.1:8080;
 	}
 
 	location /sso {

debuginfo.py

@@ -30,9 +30,11 @@ def fetchCommits(url, type):
         print("Error folder does not exists", path)
         return
     
+    branch_env = f"{type.upper()}_BRANCH"
+    branch = os.environ.get(branch_env)
     repo = Repo(path)
 
-    info = f"| [DocSpace-{type}]({url})  | [{repo.active_branch.name}]({url}/tree/{repo.active_branch.name})  | [{repo.head.commit}]({url}/commit/{repo.head.commit}) |{os.linesep}"
+    info = f"| [DocSpace-{type}]({url}) | [{branch}]({url}/tree/{branch}) | [{repo.head.commit}]({url}/commit/{repo.head.commit}) |{os.linesep}"
 
     commits_str = repo.git.log(f"--pretty=format: {format}", "--no-merges", f"--since={LIMIT_DAYS}.days")
     #print(commits_str)

install/docker/.env

@@ -125,3 +125,21 @@
     NETWORK_NAME=${PRODUCT}
 
     COMPOSE_IGNORE_ORPHANS=True
+# identity #
+    IDENTITY_DOCKERFILE=/Dockerfile
+
+    JDBC_USER_NAME=root
+    JDBC_PASSWORD=${MYSQL_ROOT_PASSWORD}
+    JDBC_URL=${MYSQL_CONTAINER_NAME}
+    JDBC_DATABASE=${MYSQL_DATABASE}
+
+    IDENTITY_PROFILE="dev"
+    
+    IDENTITY_MIGRATION_CONTAINER_NAME=${CONTAINER_PREFIX}identity_migration
+    IDENTITY_MIGRATION_SERVER_PORT=8081
+    IDENTITY_AUTHORIZATION_CONTAINER_NAME=${CONTAINER_PREFIX}identity-authorization
+    IDENTITY_AUTHORIZATION_SERVER_PORT=8080
+    IDENTITY_API_CONTAINER_NAME=${CONTAINER_PREFIX}identity-api
+    IDENTITY_API_SERVER_PORT=9090
+
+    REDIS_ADDRESSES=redis://onlyoffice-redis:6379

install/docker/Dockerfile

@@ -176,6 +176,8 @@ RUN chown nginx:nginx /etc/nginx/* -R && \
     sed -i 's/127.0.0.1:9834/$service_sso/' /etc/nginx/conf.d/onlyoffice.conf && \
     sed -i 's/127.0.0.1:5013/$service_doceditor/' /etc/nginx/conf.d/onlyoffice.conf && \
     sed -i 's/127.0.0.1:5011/$service_login/' /etc/nginx/conf.d/onlyoffice.conf && \
+    sed -i 's/127.0.0.1:9090/$service_identity_api/' /etc/nginx/conf.d/onlyoffice.conf && \
+    sed -i 's/127.0.0.1:8080/$service_identity/' /etc/nginx/conf.d/onlyoffice.conf && \
     if [[ -z "${SERVICE_CLIENT}" ]] ; then sed -i 's/127.0.0.1:5001/$service_client/' /etc/nginx/conf.d/onlyoffice.conf; fi && \
     if [[ -z "${SERVICE_MANAGEMENT}" ]] ; then sed -i 's/127.0.0.1:5015/$service_management/' /etc/nginx/conf.d/onlyoffice.conf; fi && \
     sed -i 's/127.0.0.1:5033/$service_healthchecks/' /etc/nginx/conf.d/onlyoffice.conf && \

install/docker/Dockerfile.app

@@ -16,6 +16,15 @@ ARG DEPLOY_ARGS="deploy"
 ARG DEBUG_INFO="true"
 ARG PUBLISH_CNF="Release"
 
+ARG GIT_BRANCH_BUILDTOOLS=""
+ARG GIT_BRANCH_SERVER=""
+ARG GIT_BRANCH_CLIENT=""
+ARG GIT_BRANCH_CAMPAIGNS=""
+ARG BUILDTOOLS_COMMIT=""
+ARG SERVER_COMMIT=""
+ARG CLIENT_COMMIT=""
+ARG CAMPAIGNS_COMMIT=""
+
 LABEL onlyoffice.appserver.release-date="${RELEASE_DATE}" \
     maintainer="Ascensio System SIA <support@onlyoffice.com>"
 
@@ -23,6 +32,11 @@ ENV LANG=en_US.UTF-8 \
     LANGUAGE=en_US:en \
     LC_ALL=en_US.UTF-8
 
+ARG GIT_BRANCH_BUILDTOOLS=${GIT_BRANCH_BUILDTOOLS:-$GIT_BRANCH}
+ARG GIT_BRANCH_SERVER=${GIT_BRANCH_SERVER:-$GIT_BRANCH}
+ARG GIT_BRANCH_CLIENT=${GIT_BRANCH_CLIENT:-$GIT_BRANCH}
+ARG GIT_BRANCH_CAMPAIGNS=${GIT_BRANCH_CAMPAIGNS:-$GIT_BRANCH}
+
 RUN apt-get -y update && \
     apt-get install -yq \
     sudo \
@@ -39,11 +53,15 @@ RUN apt-get -y update && \
     apt-get install -y nodejs && \
     rm -rf /var/lib/apt/lists/*
 
-ADD https://api.github.com/repos/ONLYOFFICE/DocSpace-buildtools/git/refs/heads/${GIT_BRANCH} version.json
-RUN git clone -b ${GIT_BRANCH} https://github.com/ONLYOFFICE/DocSpace-buildtools.git ${SRC_PATH}/buildtools && \
-    git clone --recurse-submodules -b ${GIT_BRANCH} https://github.com/ONLYOFFICE/DocSpace-Server.git ${SRC_PATH}/server && \
-    git clone -b ${GIT_BRANCH} https://github.com/ONLYOFFICE/DocSpace-Client.git ${SRC_PATH}/client && \
-    git clone -b "master" --depth 1 https://github.com/ONLYOFFICE/ASC.Web.Campaigns.git ${SRC_PATH}/campaigns
+ADD https://api.github.com/repos/ONLYOFFICE/DocSpace-buildtools/git/refs/heads/${GIT_BRANCH_BUILDTOOLS} version.json
+RUN git clone -b ${GIT_BRANCH_BUILDTOOLS} https://github.com/ONLYOFFICE/DocSpace-buildtools.git ${SRC_PATH}/buildtools && \
+    if [ -n "${BUILDTOOLS_COMMIT}" ]; then git -C ${SRC_PATH}/buildtools checkout ${BUILDTOOLS_COMMIT}; fi && \
+    git clone --recurse-submodules -b ${SERVER_BRANCH} https://github.com/ONLYOFFICE/DocSpace-Server.git ${SRC_PATH}/server && \
+    if [ -n "${SERVER_COMMIT}" ]; then git -C ${SRC_PATH}/server checkout ${SERVER_COMMIT}; fi && \
+    git clone -b ${GIT_BRANCH_CLIENT} https://github.com/ONLYOFFICE/DocSpace-Client.git ${SRC_PATH}/client && \
+    if [ -n "${CLIENT_COMMIT}" ]; then git -C ${SRC_PATH}/client checkout ${CLIENT_COMMIT}; fi && \
+    git clone -b master --depth 1 https://github.com/ONLYOFFICE/ASC.Web.Campaigns.git ${SRC_PATH}/campaigns && \
+    if [ -n "${CAMPAIGNS_COMMIT}" ]; then git -C ${SRC_PATH}/campaigns checkout ${CAMPAIGNS_COMMIT}; fi
 
 RUN cd ${SRC_PATH} && \
     mkdir -p /app/onlyoffice/config/ && \
@@ -52,7 +70,7 @@ RUN cd ${SRC_PATH} && \
     cd ${SRC_PATH} && \
     cp buildtools/config/*.config /app/onlyoffice/config/ && \
     mkdir -p /etc/nginx/conf.d && cp -f buildtools/config/nginx/onlyoffice*.conf /etc/nginx/conf.d/ && \
-    mkdir -p /etc/nginx/includes/ && cp -f buildtools/config/nginx/includes/onlyoffice*.conf /etc/nginx/includes/ && \
+    mkdir -p /etc/nginx/includes/ && cp -f buildtools/config/nginx/includes/onlyoffice*.conf /etc/nginx/includes/ && cp -f buildtools/config/nginx/includes/server-*.conf /etc/nginx/includes/ && \
     sed -i "s/\"number\".*,/\"number\": \"${PRODUCT_VERSION}.${BUILD_NUMBER}\",/g" /app/onlyoffice/config/appsettings.json && \
     sed -e 's/#//' -i /etc/nginx/conf.d/onlyoffice.conf && \
     cd ${SRC_PATH}/buildtools/install/common/ && \
@@ -170,10 +188,12 @@ RUN sed -i 's/127.0.0.1:5010/$service_api_system/' /etc/nginx/conf.d/onlyoffice.
     sed -i 's/127.0.0.1:9834/$service_sso/' /etc/nginx/conf.d/onlyoffice.conf && \
     sed -i 's/127.0.0.1:5013/$service_doceditor/' /etc/nginx/conf.d/onlyoffice.conf && \
     sed -i 's/127.0.0.1:5011/$service_login/' /etc/nginx/conf.d/onlyoffice.conf && \
+    sed -i 's/127.0.0.1:9090/$service_identity_api/' /etc/nginx/conf.d/onlyoffice.conf && \
+    sed -i 's/127.0.0.1:8080/$service_identity/' /etc/nginx/conf.d/onlyoffice.conf && \
     if [[ -z "${SERVICE_CLIENT}" ]] ; then sed -i 's/127.0.0.1:5001/$service_client/' /etc/nginx/conf.d/onlyoffice.conf; fi && \
     if [[ -z "${SERVICE_MANAGEMENT}" ]] ; then sed -i 's/127.0.0.1:5015/$service_management/' /etc/nginx/conf.d/onlyoffice.conf; fi && \
     sed -i 's/127.0.0.1:5033/$service_healthchecks/' /etc/nginx/conf.d/onlyoffice.conf && \
-    sed -i 's/127.0.0.1:5601/$dashboards_host:5601/' /etc/nginx/conf.d/onlyoffice.conf && \
+    sed -i 's/127.0.0.1:5601/$dashboards_host:5601/' /etc/nginx/includes/server-dashboards.conf && \
     sed -i 's/$public_root/\/var\/www\/public\//' /etc/nginx/conf.d/onlyoffice.conf && \
     sed -i 's/http:\/\/172.*/$document_server;/' /etc/nginx/conf.d/onlyoffice.conf && \
     sed -i '/client_body_temp_path/ i \ \ \ \ $MAP_HASH_BUCKET_SIZE' /etc/nginx/nginx.conf.template && \

install/docker/Dockerfile.runtime

@@ -122,6 +122,8 @@ RUN chown onlyoffice:onlyoffice /etc/nginx/* -R && \
     sed -i 's/127.0.0.1:9834/$service_sso/' /etc/nginx/conf.d/onlyoffice.conf && \
     sed -i 's/127.0.0.1:5013/$service_doceditor/' /etc/nginx/conf.d/onlyoffice.conf && \
     sed -i 's/127.0.0.1:5011/$service_login/' /etc/nginx/conf.d/onlyoffice.conf && \
+    sed -i 's/127.0.0.1:9090/$service_identity_api/' /etc/nginx/conf.d/onlyoffice.conf && \
+    sed -i 's/127.0.0.1:8080/$service_identity/' /etc/nginx/conf.d/onlyoffice.conf && \
     sed -i 's/127.0.0.1:5001/$service_client/' /etc/nginx/conf.d/onlyoffice.conf && \
     sed -i 's/127.0.0.1:5015/$service_management/' /etc/nginx/conf.d/onlyoffice.conf && \
     sed -i 's/127.0.0.1:5033/$service_healthchecks/' /etc/nginx/conf.d/onlyoffice.conf && \

install/docker/config/nginx/templates/upstream.conf.template

@@ -54,6 +54,18 @@ map $SERVICE_API $service_api {
     default $SERVICE_API;
 }
 
+map $SERVICE_IDENTITY_API $service_identity_api {
+    volatile;
+    "" 127.0.0.1:9090;
+    default $SERVICE_IDENTITY_API;
+}
+
+map $SERVICE_IDENTITY $service_identity {
+    volatile;
+    "" 127.0.0.1:8080;
+    default $SERVICE_IDENTITY;
+}
+
 map $SERVICE_STUDIO $service_studio {
     volatile;
     "" 127.0.0.1:5003;

install/docker/docspace.profiles.yml

@@ -264,6 +264,8 @@ services:
       - SERVICE_NOTIFY=${SERVICE_NOTIFY}
       - SERVICE_PEOPLE_SERVER=${SERVICE_PEOPLE_SERVER}
       - SERVICE_SOCKET=${SERVICE_SOCKET}
+      - SERVICE_IDENTITY_API=${SERVICE_IDENTITY_API}
+      - SERVICE_IDENTITY=${SERVICE_IDENTITY}
       - SERVICE_STUDIO_NOTIFY=${SERVICE_STUDIO_NOTIFY}
       - SERVICE_API=${SERVICE_API}
       - SERVICE_API_SYSTEM=${SERVICE_API_SYSTEM}

install/docker/docspace.yml

@@ -1,5 +1,5 @@
-x-healthcheck:
-  &x-healthcheck
+version: "3.8"
+x-healthcheck: &x-healthcheck
   test: curl --fail http://127.0.0.1 || exit 1
   interval: 60s
   retries: 5
@@ -208,6 +208,8 @@ services:
       - SERVICE_NOTIFY=${SERVICE_NOTIFY}
       - SERVICE_PEOPLE_SERVER=${SERVICE_PEOPLE_SERVER}
       - SERVICE_SOCKET=${SERVICE_SOCKET}
+      - SERVICE_IDENTITY_API=${SERVICE_IDENTITY_API}
+      - SERVICE_IDENTITY=${SERVICE_IDENTITY}
       - SERVICE_STUDIO_NOTIFY=${SERVICE_STUDIO_NOTIFY}
       - SERVICE_API=${SERVICE_API}
       - SERVICE_API_SYSTEM=${SERVICE_API_SYSTEM}

install/docker/identity.yml

@@ -0,0 +1,69 @@
+version: "3.8"
+
+services:
+  onlyoffice-identity-authorization:
+    build:
+      context: ../../../server/common/ASC.Identity
+      dockerfile: ${IDENTITY_DOCKERFILE}
+      args: 
+        - MODULE=authorization/authorization-container
+    container_name: ${IDENTITY_AUTHORIZATION_CONTAINER_NAME}
+    restart: always
+    ports:
+      - 8080:8080
+    environment:
+      - SPRING_PROFILES_ACTIVE=${IDENTITY_PROFILE}
+      - SPRING_APPLICATION_NAME=ASC.Identity.Authorization
+      - SERVER_PORT=${IDENTITY_AUTHORIZATION_SERVER_PORT}
+      - JDBC_PASSWORD=${JDBC_PASSWORD}
+      - JDBC_URL=${JDBC_URL}
+      - JDBC_USER_NAME=${JDBC_USER_NAME}
+      - JDBC_DATABASE=${JDBC_DATABASE}
+      - RABBIT_HOST=onlyoffice-rabbitmq
+      - REDIS_HOST=onlyoffice-redis
+    depends_on:
+      - onlyoffice-identity-migration
+
+  onlyoffice-identity-api:
+    build:
+      context: ../../../server/common/ASC.Identity
+      dockerfile: ${IDENTITY_DOCKERFILE}
+      args: 
+        - MODULE=registration/registration-container
+    container_name: ${IDENTITY_API_CONTAINER_NAME}
+    ports:
+      - 9090:9090
+    environment:
+      - SPRING_PROFILES_ACTIVE=${PROFILE}
+      - SPRING_APPLICATION_NAME=ASC.Identity.Registration
+       - SERVER_PORT=${IDENTITY_API_SERVER_PORT}
+      - JDBC_PASSWORD=${JDBC_PASSWORD}
+      - JDBC_URL=${JDBC_URL}
+      - JDBC_USER_NAME=${JDBC_USER_NAME}
+      - JDBC_DATABASE=${JDBC_DATABASE}
+      - RABBIT_HOST=onlyoffice-rabbitmq
+      - REDIS_HOST=onlyoffice-redis
+    depends_on:
+      - onlyoffice-identity-migration
+
+  onlyoffice-identity-migration:
+    build:
+      context: ../../../server/common/ASC.Identity
+      dockerfile: ${IDENTITY_DOCKERFILE}
+      args: 
+        - MODULE=infrastructure/infrastructure-migration-runner
+    container_name: ${IDENTITY_MIGRATION_CONTAINER_NAME} 
+    restart: "no"
+    ports:
+      - 8081:8081
+    environment:
+      - JDBC_PASSWORD=${JDBC_PASSWORD}
+      - JDBC_URL=${JDBC_URL}
+      - JDBC_USER_NAME=${JDBC_USER_NAME}
+      - JDBC_DATABASE=${JDBC_DATABASE}
+      - RABBIT_HOST=onlyoffice-rabbitmq
+      - REDIS_HOST=onlyoffice-redis
+networks:
+  default:
+    name: ${NETWORK_NAME}
+    external: true

run/IdentityApi.xml

@@ -0,0 +1,12 @@
+<service>
+  <id>OnlyofficeIdentityApi</id>
+  <name>ONLYOFFICE IdentityApi</name>
+  <startmode>manual</startmode>
+  <executable>java</executable>
+  <env name="LOG_FILE_PATH" value="../../Logs/identity-api.log"/>
+  <env name="SPRING_PROFILES_ACTIVE" value=""/>
+  <arguments>-jar ../../server/common/ASC.Identity/registration/registration-container/target/registration-container-1.0.0.jar</arguments>
+  <log mode="none"/>
+  <delayedAutoStart>true</delayedAutoStart>
+  <onfailure action="restart" delay="5 sec" />
+</service>

run/IdentityMigration.xml

@@ -0,0 +1,12 @@
+<service>
+  <id>OnlyofficeIdentityMigration</id>
+  <name>ONLYOFFICE IdentityMigration</name>
+  <startmode>manual</startmode>
+  <executable>java</executable>
+  <env name="LOG_FILE_PATH" value="../../Logs/identity-migration.log"/>
+  <env name="SPRING_PROFILES_ACTIVE" value="dev"/>
+  <arguments>-jar ../../server/common/ASC.Identity/infrastructure/infrastructure-migration-runner/target/infrastructure-migration-runner-1.0.0.jar</arguments>
+  <log mode="none"/>
+  <delayedAutoStart>true</delayedAutoStart>
+  <onfailure action="restart" delay="5 sec" />
+</service>

run/IdentityService.xml

@@ -0,0 +1,13 @@
+<service>
+  <id>OnlyofficeIdentityService</id>
+  <name>ONLYOFFICE IdentityService</name>
+  <startmode>manual</startmode>
+  <executable>java</executable>
+  <env name="LOG_FILE_PATH" value="../../Logs/identity-authorization.log"/>
+  <env name="SERVER_PORT" value="8080"/>
+  <env name="SPRING_PROFILES_ACTIVE" value=""/>
+  <arguments>-jar ../../server/common/ASC.Identity/authorization/authorization-container/target/authorization-container-1.0.0.jar</arguments>
+  <log mode="none"/>
+  <delayedAutoStart>true</delayedAutoStart>
+  <onfailure action="restart" delay="5 sec" />
+</service>

scripts/identity.bat

@@ -0,0 +1,28 @@
+PUSHD %~dp0..
+
+cd %~dp0../../server/common/ASC.Identity/
+
+echo Start build ASC.Identity project...
+echo.
+
+echo ASC.Identity: resolves all project dependencies...
+echo.
+
+call mvn dependency:go-offline -q
+
+if %errorlevel% == 0 (
+
+echo ASC.Identity: take the compiled code and package it in its distributable format, such as a JAR...
+call mvn package -DskipTests -q
+
+)
+
+if %errorlevel% == 0 (
+
+echo ASC.Identity: build completed
+echo.
+
+)
+
+
+POPD