IlyaSobolev/DocSpace-client
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add oauth service proxy

Browse Source
This commit is contained in:
Timofey Boyko 2023-09-22 15:38:11 +03:00
parent 6d6116c5ce
commit ac496b82a2
10 changed files with 54 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
build/build.backend.docker.ps1
View File

@ -13,6 +13,7 @@ $LocalIp = (Get-CimInstance -ClassName Win32_NetworkAdapterConfiguration | Where
$Doceditor = ($LocalIp + ":5013") $Doceditor = ($LocalIp + ":5013")
$Login = ($LocalIp + ":5011") $Login = ($LocalIp + ":5011")
$Client = ($LocalIp + ":5001") $Client = ($LocalIp + ":5001")
$Oauth = ($LocalIp + ":9090")
$PortalUrl = ("http://" + $LocalIp) $PortalUrl = ("http://" + $LocalIp)
$ProxyVersion="v1.0.0" $ProxyVersion="v1.0.0"
@ -92,6 +93,7 @@ $Env:Baseimage_Proxy_Run="onlyoffice/4testing-docspace-proxy-runtime:$ProxyVersi
$Env:SERVICE_DOCEDITOR=$Doceditor $Env:SERVICE_DOCEDITOR=$Doceditor
$Env:SERVICE_LOGIN=$Login $Env:SERVICE_LOGIN=$Login
$Env:SERVICE_CLIENT=$Client $Env:SERVICE_CLIENT=$Client
$Env:SERVICE_OAUTH=$Oauth
$Env:ROOT_DIR=$RootDir $Env:ROOT_DIR=$RootDir
$Env:BUILD_PATH="/var/www" $Env:BUILD_PATH="/var/www"
$Env:SRC_PATH="$RootDir\publish\services" $Env:SRC_PATH="$RootDir\publish\services"
@ -105,6 +107,7 @@ Write-Host "LOCAL IP: $LocalIp" -ForegroundColor Blue
Write-Host "SERVICE_DOCEDITOR: $Env:SERVICE_DOCEDITOR" -ForegroundColor Blue Write-Host "SERVICE_DOCEDITOR: $Env:SERVICE_DOCEDITOR" -ForegroundColor Blue
Write-Host "SERVICE_LOGIN: $Env:SERVICE_LOGIN" -ForegroundColor Blue Write-Host "SERVICE_LOGIN: $Env:SERVICE_LOGIN" -ForegroundColor Blue
Write-Host "SERVICE_CLIENT: $Env:SERVICE_CLIENT" -ForegroundColor Blue Write-Host "SERVICE_CLIENT: $Env:SERVICE_CLIENT" -ForegroundColor Blue
Write-Host "SERVICE_OAUTH: $Env:SERVICE_OAUTH" -ForegroundColor Blue
Write-Host "INSTALLATION_TYPE: $Env:INSTALLATION_TYPE" -ForegroundColor Blue Write-Host "INSTALLATION_TYPE: $Env:INSTALLATION_TYPE" -ForegroundColor Blue
Set-Location -Path $PSScriptRoot Set-Location -Path $PSScriptRoot

4
build/install/docker/.env
View File

@ -105,6 +105,7 @@
DOCEDITOR_HOST=${CONTAINER_PREFIX}doceditor DOCEDITOR_HOST=${CONTAINER_PREFIX}doceditor
LOGIN_HOST=${CONTAINER_PREFIX}login LOGIN_HOST=${CONTAINER_PREFIX}login
HELTHCHECKS_HOST=${CONTAINER_PREFIX}healthchecks HELTHCHECKS_HOST=${CONTAINER_PREFIX}healthchecks
OAUTH_HOST=${CONTAINER_PREFIX}oauth
# router upstream environment # # router upstream environment #
SERVICE_API_SYSTEM=${API_SYSTEM_HOST}:${SERVICE_PORT} SERVICE_API_SYSTEM=${API_SYSTEM_HOST}:${SERVICE_PORT}
@ -124,7 +125,8 @@
SERVICE_DOCEDITOR=${DOCEDITOR_HOST}:5013 SERVICE_DOCEDITOR=${DOCEDITOR_HOST}:5013
SERVICE_LOGIN=${LOGIN_HOST}:5011 SERVICE_LOGIN=${LOGIN_HOST}:5011
SERVICE_HELTHCHECKS=${HELTHCHECKS_HOST}:${SERVICE_PORT} SERVICE_HELTHCHECKS=${HELTHCHECKS_HOST}:${SERVICE_PORT}
SERVICE_OAUTH=${OAUTH_HOST}:9090
NETWORK_NAME=${PRODUCT} NETWORK_NAME=${PRODUCT}
COMPOSE_IGNORE_ORPHANS=True COMPOSE_IGNORE_ORPHANS=True

1
build/install/docker/Dockerfile
View File

@ -176,6 +176,7 @@ RUN chown nginx:nginx /etc/nginx/* -R && \
sed -i 's/127.0.0.1:9834/$service_sso/' /etc/nginx/conf.d/onlyoffice.conf && \ sed -i 's/127.0.0.1:9834/$service_sso/' /etc/nginx/conf.d/onlyoffice.conf && \
sed -i 's/127.0.0.1:5013/$service_doceditor/' /etc/nginx/conf.d/onlyoffice.conf && \ sed -i 's/127.0.0.1:5013/$service_doceditor/' /etc/nginx/conf.d/onlyoffice.conf && \
sed -i 's/127.0.0.1:5011/$service_login/' /etc/nginx/conf.d/onlyoffice.conf && \ sed -i 's/127.0.0.1:5011/$service_login/' /etc/nginx/conf.d/onlyoffice.conf && \
sed -i 's/127.0.0.1:9090/$service_oauth/' /etc/nginx/conf.d/onlyoffice.conf && \
if [[ -z "${SERVICE_CLIENT}" ]] ; then sed -i 's/127.0.0.1:5001/$service_client/' /etc/nginx/conf.d/onlyoffice.conf; fi && \ if [[ -z "${SERVICE_CLIENT}" ]] ; then sed -i 's/127.0.0.1:5001/$service_client/' /etc/nginx/conf.d/onlyoffice.conf; fi && \
sed -i 's/127.0.0.1:5033/$service_healthchecks/' /etc/nginx/conf.d/onlyoffice.conf && \ sed -i 's/127.0.0.1:5033/$service_healthchecks/' /etc/nginx/conf.d/onlyoffice.conf && \
sed -i 's/$public_root/\/var\/www\/public\//' /etc/nginx/conf.d/onlyoffice.conf && \ sed -i 's/$public_root/\/var\/www\/public\//' /etc/nginx/conf.d/onlyoffice.conf && \

1
build/install/docker/Dockerfile.app
View File

@ -163,6 +163,7 @@ RUN sed -i 's/127.0.0.1:5010/$service_api_system/' /etc/nginx/conf.d/onlyoffice.
sed -i 's/127.0.0.1:9834/$service_sso/' /etc/nginx/conf.d/onlyoffice.conf && \ sed -i 's/127.0.0.1:9834/$service_sso/' /etc/nginx/conf.d/onlyoffice.conf && \
sed -i 's/127.0.0.1:5013/$service_doceditor/' /etc/nginx/conf.d/onlyoffice.conf && \ sed -i 's/127.0.0.1:5013/$service_doceditor/' /etc/nginx/conf.d/onlyoffice.conf && \
sed -i 's/127.0.0.1:5011/$service_login/' /etc/nginx/conf.d/onlyoffice.conf && \ sed -i 's/127.0.0.1:5011/$service_login/' /etc/nginx/conf.d/onlyoffice.conf && \
sed -i 's/127.0.0.1:9090/$service_oauth/' /etc/nginx/conf.d/onlyoffice.conf && \
sed -i 's/127.0.0.1:5033/$service_healthchecks/' /etc/nginx/conf.d/onlyoffice.conf && \ sed -i 's/127.0.0.1:5033/$service_healthchecks/' /etc/nginx/conf.d/onlyoffice.conf && \
sed -i 's/$public_root/\/var\/www\/public\//' /etc/nginx/conf.d/onlyoffice.conf && \ sed -i 's/$public_root/\/var\/www\/public\//' /etc/nginx/conf.d/onlyoffice.conf && \
sed -i 's/http:\/\/172.*/$document_server;/' /etc/nginx/conf.d/onlyoffice.conf && \ sed -i 's/http:\/\/172.*/$document_server;/' /etc/nginx/conf.d/onlyoffice.conf && \

1
build/install/docker/Dockerfile.runtime
View File

@ -120,6 +120,7 @@ RUN chown onlyoffice:onlyoffice /etc/nginx/* -R && \
sed -i 's/127.0.0.1:9834/$service_sso/' /etc/nginx/conf.d/onlyoffice.conf && \ sed -i 's/127.0.0.1:9834/$service_sso/' /etc/nginx/conf.d/onlyoffice.conf && \
sed -i 's/127.0.0.1:5013/$service_doceditor/' /etc/nginx/conf.d/onlyoffice.conf && \ sed -i 's/127.0.0.1:5013/$service_doceditor/' /etc/nginx/conf.d/onlyoffice.conf && \
sed -i 's/127.0.0.1:5011/$service_login/' /etc/nginx/conf.d/onlyoffice.conf && \ sed -i 's/127.0.0.1:5011/$service_login/' /etc/nginx/conf.d/onlyoffice.conf && \
sed -i 's/127.0.0.1:9090/$service_oauth/' /etc/nginx/conf.d/onlyoffice.conf && \
sed -i 's/127.0.0.1:5001/$service_client/' /etc/nginx/conf.d/onlyoffice.conf && \ sed -i 's/127.0.0.1:5001/$service_client/' /etc/nginx/conf.d/onlyoffice.conf && \
sed -i 's/127.0.0.1:5033/$service_healthchecks/' /etc/nginx/conf.d/onlyoffice.conf && \ sed -i 's/127.0.0.1:5033/$service_healthchecks/' /etc/nginx/conf.d/onlyoffice.conf && \
sed -i 's/$public_root/\/var\/www\/public\//' /etc/nginx/conf.d/onlyoffice.conf && \ sed -i 's/$public_root/\/var\/www\/public\//' /etc/nginx/conf.d/onlyoffice.conf && \

6
build/install/docker/config/nginx/templates/upstream.conf.template
View File

@ -48,6 +48,12 @@ map $SERVICE_API $service_api {
default $SERVICE_API; default $SERVICE_API;
} }
map $SERVICE_OAUTH $service_oauth {
volatile;
"" 127.0.0.1:9090;
default $SERVICE_OAUTH;
}
map $SERVICE_STUDIO $service_studio { map $SERVICE_STUDIO $service_studio {
volatile; volatile;
"" 127.0.0.1:5003; "" 127.0.0.1:5003;

1
build/install/docker/docspace.profiles.yml
View File

@ -261,6 +261,7 @@ services:
- SERVICE_NOTIFY=${SERVICE_NOTIFY} - SERVICE_NOTIFY=${SERVICE_NOTIFY}
- SERVICE_PEOPLE_SERVER=${SERVICE_PEOPLE_SERVER} - SERVICE_PEOPLE_SERVER=${SERVICE_PEOPLE_SERVER}
- SERVICE_SOCKET=${SERVICE_SOCKET} - SERVICE_SOCKET=${SERVICE_SOCKET}
- SERVICE_OAUTH=${SERVICE_OAUTH}
- SERVICE_STUDIO_NOTIFY=${SERVICE_STUDIO_NOTIFY} - SERVICE_STUDIO_NOTIFY=${SERVICE_STUDIO_NOTIFY}
- SERVICE_API=${SERVICE_API} - SERVICE_API=${SERVICE_API}
- SERVICE_API_SYSTEM=${SERVICE_API_SYSTEM} - SERVICE_API_SYSTEM=${SERVICE_API_SYSTEM}

56
build/install/docker/docspace.yml
View File

@ -1,6 +1,5 @@
version: "3.8" version: "3.8"
x-healthcheck: x-healthcheck: &x-healthcheck
&x-healthcheck
test: curl --fail http://127.0.0.1 || exit 1 test: curl --fail http://127.0.0.1 || exit 1
interval: 60s interval: 60s
retries: 5 retries: 5
@ -64,48 +63,48 @@ services:
image: "${REPO}/${DOCKER_IMAGE_PREFIX}-backup-background:${DOCKER_TAG}" image: "${REPO}/${DOCKER_IMAGE_PREFIX}-backup-background:${DOCKER_TAG}"
container_name: ${BACKUP_BACKGRUOND_TASKS_HOST} container_name: ${BACKUP_BACKGRUOND_TASKS_HOST}
healthcheck: healthcheck:
<<: *x-healthcheck <<: *x-healthcheck
test: curl --fail http://${SERVICE_BACKUP_BACKGRUOND_TASKS}/health/ || exit 1 test: curl --fail http://${SERVICE_BACKUP_BACKGRUOND_TASKS}/health/ || exit 1
onlyoffice-backup: onlyoffice-backup:
<<: *x-service-base <<: *x-service-base
image: "${REPO}/${DOCKER_IMAGE_PREFIX}-backup:${DOCKER_TAG}" image: "${REPO}/${DOCKER_IMAGE_PREFIX}-backup:${DOCKER_TAG}"
container_name: ${BACKUP_HOST} container_name: ${BACKUP_HOST}
healthcheck: healthcheck:
<<: *x-healthcheck <<: *x-healthcheck
test: curl --fail http://${SERVICE_BACKUP}/health/ || exit 1 test: curl --fail http://${SERVICE_BACKUP}/health/ || exit 1
onlyoffice-clear-events: onlyoffice-clear-events:
<<: *x-service-base <<: *x-service-base
image: "${REPO}/${DOCKER_IMAGE_PREFIX}-clear-events:${DOCKER_TAG}" image: "${REPO}/${DOCKER_IMAGE_PREFIX}-clear-events:${DOCKER_TAG}"
container_name: ${CLEAR_EVENTS_HOST} container_name: ${CLEAR_EVENTS_HOST}
healthcheck: healthcheck:
<<: *x-healthcheck <<: *x-healthcheck
test: curl --fail http://${SERVICE_CLEAR_EVENTS}/health/ || exit 1 test: curl --fail http://${SERVICE_CLEAR_EVENTS}/health/ || exit 1
onlyoffice-files: onlyoffice-files:
<<: *x-service-base <<: *x-service-base
image: "${REPO}/${DOCKER_IMAGE_PREFIX}-files:${DOCKER_TAG}" image: "${REPO}/${DOCKER_IMAGE_PREFIX}-files:${DOCKER_TAG}"
container_name: ${FILES_HOST} container_name: ${FILES_HOST}
healthcheck: healthcheck:
<<: *x-healthcheck <<: *x-healthcheck
test: curl --fail http://${SERVICE_FILES}/health/ || exit 1 test: curl --fail http://${SERVICE_FILES}/health/ || exit 1
onlyoffice-files-services: onlyoffice-files-services:
<<: *x-service-base <<: *x-service-base
image: "${REPO}/${DOCKER_IMAGE_PREFIX}-files-services:${DOCKER_TAG}" image: "${REPO}/${DOCKER_IMAGE_PREFIX}-files-services:${DOCKER_TAG}"
container_name: ${FILES_SERVICES_HOST} container_name: ${FILES_SERVICES_HOST}
healthcheck: healthcheck:
<<: *x-healthcheck <<: *x-healthcheck
test: curl --fail http://${SERVICE_FILES_SERVICES}/health/ || exit 1 test: curl --fail http://${SERVICE_FILES_SERVICES}/health/ || exit 1
onlyoffice-people-server: onlyoffice-people-server:
<<: *x-service-base <<: *x-service-base
image: "${REPO}/${DOCKER_IMAGE_PREFIX}-people-server:${DOCKER_TAG}" image: "${REPO}/${DOCKER_IMAGE_PREFIX}-people-server:${DOCKER_TAG}"
container_name: ${PEOPLE_SERVER_HOST} container_name: ${PEOPLE_SERVER_HOST}
healthcheck: healthcheck:
<<: *x-healthcheck <<: *x-healthcheck
test: curl --fail http://${SERVICE_PEOPLE_SERVER}/health/ || exit 1 test: curl --fail http://${SERVICE_PEOPLE_SERVER}/health/ || exit 1
onlyoffice-socket: onlyoffice-socket:
<<: *x-service-base <<: *x-service-base
@ -119,32 +118,32 @@ services:
image: "${REPO}/${DOCKER_IMAGE_PREFIX}-studio-notify:${DOCKER_TAG}" image: "${REPO}/${DOCKER_IMAGE_PREFIX}-studio-notify:${DOCKER_TAG}"
container_name: ${STUDIO_NOTIFY_HOST} container_name: ${STUDIO_NOTIFY_HOST}
healthcheck: healthcheck:
<<: *x-healthcheck <<: *x-healthcheck
test: curl --fail http://${SERVICE_STUDIO_NOTIFY}/health/ || exit 1 test: curl --fail http://${SERVICE_STUDIO_NOTIFY}/health/ || exit 1
onlyoffice-api: onlyoffice-api:
<<: *x-service-base <<: *x-service-base
image: "${REPO}/${DOCKER_IMAGE_PREFIX}-api:${DOCKER_TAG}" image: "${REPO}/${DOCKER_IMAGE_PREFIX}-api:${DOCKER_TAG}"
container_name: ${API_HOST} container_name: ${API_HOST}
healthcheck: healthcheck:
<<: *x-healthcheck <<: *x-healthcheck
test: curl --fail http://${SERVICE_API}/health/ || exit 1 test: curl --fail http://${SERVICE_API}/health/ || exit 1
onlyoffice-api-system: onlyoffice-api-system:
<<: *x-service-base <<: *x-service-base
image: "${REPO}/${DOCKER_IMAGE_PREFIX}-api-system:${DOCKER_TAG}" image: "${REPO}/${DOCKER_IMAGE_PREFIX}-api-system:${DOCKER_TAG}"
container_name: ${API_SYSTEM_HOST} container_name: ${API_SYSTEM_HOST}
healthcheck: healthcheck:
<<: *x-healthcheck <<: *x-healthcheck
test: curl --fail http://${SERVICE_API_SYSTEM}/health/ || exit 1 test: curl --fail http://${SERVICE_API_SYSTEM}/health/ || exit 1
onlyoffice-studio: onlyoffice-studio:
<<: *x-service-base <<: *x-service-base
image: "${REPO}/${DOCKER_IMAGE_PREFIX}-studio:${DOCKER_TAG}" image: "${REPO}/${DOCKER_IMAGE_PREFIX}-studio:${DOCKER_TAG}"
container_name: ${STUDIO_HOST} container_name: ${STUDIO_HOST}
healthcheck: healthcheck:
<<: *x-healthcheck <<: *x-healthcheck
test: curl --fail http://${SERVICE_STUDIO}/health/ || exit 1 test: curl --fail http://${SERVICE_STUDIO}/health/ || exit 1
onlyoffice-ssoauth: onlyoffice-ssoauth:
<<: *x-service-base <<: *x-service-base
@ -161,8 +160,8 @@ services:
expose: expose:
- "5013" - "5013"
healthcheck: healthcheck:
<<: *x-healthcheck <<: *x-healthcheck
test: curl --fail http://${SERVICE_DOCEDITOR}/health || exit 1 test: curl --fail http://${SERVICE_DOCEDITOR}/health || exit 1
onlyoffice-login: onlyoffice-login:
<<: *x-service-base <<: *x-service-base
@ -171,16 +170,16 @@ services:
expose: expose:
- "5011" - "5011"
healthcheck: healthcheck:
<<: *x-healthcheck <<: *x-healthcheck
test: curl --fail http://${SERVICE_LOGIN}/health || exit 1 test: curl --fail http://${SERVICE_LOGIN}/health || exit 1
onlyoffice-router: onlyoffice-router:
image: "${REPO}/${DOCKER_IMAGE_PREFIX}-router:${DOCKER_TAG}" image: "${REPO}/${DOCKER_IMAGE_PREFIX}-router:${DOCKER_TAG}"
container_name: ${ROUTER_HOST} container_name: ${ROUTER_HOST}
restart: always restart: always
healthcheck: healthcheck:
<<: *x-healthcheck <<: *x-healthcheck
test: nginx -t || exit 1 test: nginx -t || exit 1
expose: expose:
- "8081" - "8081"
- "8099" - "8099"
@ -208,6 +207,7 @@ services:
- SERVICE_NOTIFY=${SERVICE_NOTIFY} - SERVICE_NOTIFY=${SERVICE_NOTIFY}
- SERVICE_PEOPLE_SERVER=${SERVICE_PEOPLE_SERVER} - SERVICE_PEOPLE_SERVER=${SERVICE_PEOPLE_SERVER}
- SERVICE_SOCKET=${SERVICE_SOCKET} - SERVICE_SOCKET=${SERVICE_SOCKET}
- SERVICE_OAUTH=${SERVICE_OAUTH}
- SERVICE_STUDIO_NOTIFY=${SERVICE_STUDIO_NOTIFY} - SERVICE_STUDIO_NOTIFY=${SERVICE_STUDIO_NOTIFY}
- SERVICE_API=${SERVICE_API} - SERVICE_API=${SERVICE_API}
- SERVICE_API_SYSTEM=${SERVICE_API_SYSTEM} - SERVICE_API_SYSTEM=${SERVICE_API_SYSTEM}

2
build/start/start.backend.docker.ps1
View File

@ -13,6 +13,7 @@ $LocalIp = (Get-CimInstance -ClassName Win32_NetworkAdapterConfiguration | Where
$Doceditor = ($LocalIp + ":5013") $Doceditor = ($LocalIp + ":5013")
$Login = ($LocalIp + ":5011") $Login = ($LocalIp + ":5011")
$Client = ($LocalIp + ":5001") $Client = ($LocalIp + ":5001")
$Oauth = ($LocalIp + ":9090")
Set-Location -Path $DockerDir Set-Location -Path $DockerDir
@ -25,6 +26,7 @@ $Env:DOCUMENT_SERVER_IMAGE_NAME="onlyoffice/documentserver-de:latest"
$Env:SERVICE_DOCEDITOR=$Doceditor $Env:SERVICE_DOCEDITOR=$Doceditor
$Env:SERVICE_LOGIN=$Login $Env:SERVICE_LOGIN=$Login
$Env:SERVICE_CLIENT=$Client $Env:SERVICE_CLIENT=$Client
$Env:SERVICE_OAUTH=$Oauth
$Env:ROOT_DIR=$RootDir $Env:ROOT_DIR=$RootDir
$Env:BUILD_PATH="/var/www" $Env:BUILD_PATH="/var/www"
$Env:SRC_PATH="$RootDir\publish\services" $Env:SRC_PATH="$RootDir\publish\services"

8
config/nginx/onlyoffice.conf
View File

@ -265,10 +265,18 @@ server {
} }
} }
location /api/clients {
proxy_pass http://127.0.0.1:9090;
proxy_set_header X-API-Version 1;
proxy_set_header X-Tenant 1;
}
location /sso { location /sso {
rewrite sso/(.*) /$1 break; rewrite sso/(.*) /$1 break;
proxy_pass http://127.0.0.1:9834; proxy_pass http://127.0.0.1:9834;
} }
location ~* /(ssologin.ashx|login.ashx|storage) { location ~* /(ssologin.ashx|login.ashx|storage) {
proxy_pass http://127.0.0.1:5003; proxy_pass http://127.0.0.1:5003;
} }