Add oauth service proxy

2023-09-22 15:38:11 +03:00 · 2023-09-22 15:38:11 +03:00 · ac496b82a2
commit ac496b82a2
parent 6d6116c5ce
10 changed files with 54 additions and 29 deletions
--- a/build/build.backend.docker.ps1
+++ b/build/build.backend.docker.ps1
@ -13,6 +13,7 @@ $LocalIp = (Get-CimInstance -ClassName Win32_NetworkAdapterConfiguration | Where
 $Doceditor = ($LocalIp + ":5013")
 $Login = ($LocalIp + ":5011")
 $Client = ($LocalIp + ":5001")
+$Oauth = ($LocalIp + ":9090")
 $PortalUrl = ("http://" + $LocalIp)
 $ProxyVersion="v1.0.0"

@ -92,6 +93,7 @@ $Env:Baseimage_Proxy_Run="onlyoffice/4testing-docspace-proxy-runtime:$ProxyVersi
 $Env:SERVICE_DOCEDITOR=$Doceditor
 $Env:SERVICE_LOGIN=$Login
 $Env:SERVICE_CLIENT=$Client
+$Env:SERVICE_OAUTH=$Oauth
 $Env:ROOT_DIR=$RootDir
 $Env:BUILD_PATH="/var/www"
 $Env:SRC_PATH="$RootDir\publish\services"
@ -105,6 +107,7 @@ Write-Host "LOCAL IP: $LocalIp" -ForegroundColor Blue
 Write-Host "SERVICE_DOCEDITOR: $Env:SERVICE_DOCEDITOR" -ForegroundColor Blue
 Write-Host "SERVICE_LOGIN: $Env:SERVICE_LOGIN" -ForegroundColor Blue
 Write-Host "SERVICE_CLIENT: $Env:SERVICE_CLIENT" -ForegroundColor Blue
+Write-Host "SERVICE_OAUTH: $Env:SERVICE_OAUTH" -ForegroundColor Blue
 Write-Host "INSTALLATION_TYPE: $Env:INSTALLATION_TYPE" -ForegroundColor Blue

 Set-Location -Path $PSScriptRoot
--- a/build/install/docker/.env
+++ b/build/install/docker/.env
@ -105,6 +105,7 @@
    DOCEDITOR_HOST=${CONTAINER_PREFIX}doceditor
    LOGIN_HOST=${CONTAINER_PREFIX}login
    HELTHCHECKS_HOST=${CONTAINER_PREFIX}healthchecks
+    OAUTH_HOST=${CONTAINER_PREFIX}oauth

 # router upstream environment #
    SERVICE_API_SYSTEM=${API_SYSTEM_HOST}:${SERVICE_PORT}
@ -124,6 +125,7 @@
    SERVICE_DOCEDITOR=${DOCEDITOR_HOST}:5013
    SERVICE_LOGIN=${LOGIN_HOST}:5011
    SERVICE_HELTHCHECKS=${HELTHCHECKS_HOST}:${SERVICE_PORT}
+    SERVICE_OAUTH=${OAUTH_HOST}:9090
        
    NETWORK_NAME=${PRODUCT}
    
--- a/build/install/docker/Dockerfile
+++ b/build/install/docker/Dockerfile
@ -176,6 +176,7 @@ RUN chown nginx:nginx /etc/nginx/* -R && \
    sed -i 's/127.0.0.1:9834/$service_sso/' /etc/nginx/conf.d/onlyoffice.conf && \
    sed -i 's/127.0.0.1:5013/$service_doceditor/' /etc/nginx/conf.d/onlyoffice.conf && \
    sed -i 's/127.0.0.1:5011/$service_login/' /etc/nginx/conf.d/onlyoffice.conf && \
+    sed -i 's/127.0.0.1:9090/$service_oauth/' /etc/nginx/conf.d/onlyoffice.conf && \
    if [[ -z "${SERVICE_CLIENT}" ]] ; then sed -i 's/127.0.0.1:5001/$service_client/' /etc/nginx/conf.d/onlyoffice.conf; fi && \
    sed -i 's/127.0.0.1:5033/$service_healthchecks/' /etc/nginx/conf.d/onlyoffice.conf && \
    sed -i 's/$public_root/\/var\/www\/public\//' /etc/nginx/conf.d/onlyoffice.conf && \
--- a/build/install/docker/Dockerfile.app
+++ b/build/install/docker/Dockerfile.app
@ -163,6 +163,7 @@ RUN sed -i 's/127.0.0.1:5010/$service_api_system/' /etc/nginx/conf.d/onlyoffice.
    sed -i 's/127.0.0.1:9834/$service_sso/' /etc/nginx/conf.d/onlyoffice.conf && \
    sed -i 's/127.0.0.1:5013/$service_doceditor/' /etc/nginx/conf.d/onlyoffice.conf && \
    sed -i 's/127.0.0.1:5011/$service_login/' /etc/nginx/conf.d/onlyoffice.conf && \
+    sed -i 's/127.0.0.1:9090/$service_oauth/' /etc/nginx/conf.d/onlyoffice.conf && \
    sed -i 's/127.0.0.1:5033/$service_healthchecks/' /etc/nginx/conf.d/onlyoffice.conf && \
    sed -i 's/$public_root/\/var\/www\/public\//' /etc/nginx/conf.d/onlyoffice.conf && \
    sed -i 's/http:\/\/172.*/$document_server;/' /etc/nginx/conf.d/onlyoffice.conf && \
--- a/build/install/docker/Dockerfile.runtime
+++ b/build/install/docker/Dockerfile.runtime
@ -120,6 +120,7 @@ RUN chown onlyoffice:onlyoffice /etc/nginx/* -R && \
    sed -i 's/127.0.0.1:9834/$service_sso/' /etc/nginx/conf.d/onlyoffice.conf && \
    sed -i 's/127.0.0.1:5013/$service_doceditor/' /etc/nginx/conf.d/onlyoffice.conf && \
    sed -i 's/127.0.0.1:5011/$service_login/' /etc/nginx/conf.d/onlyoffice.conf && \
+    sed -i 's/127.0.0.1:9090/$service_oauth/' /etc/nginx/conf.d/onlyoffice.conf && \
    sed -i 's/127.0.0.1:5001/$service_client/' /etc/nginx/conf.d/onlyoffice.conf && \
    sed -i 's/127.0.0.1:5033/$service_healthchecks/' /etc/nginx/conf.d/onlyoffice.conf && \
    sed -i 's/$public_root/\/var\/www\/public\//' /etc/nginx/conf.d/onlyoffice.conf && \
--- a/build/install/docker/config/nginx/templates/upstream.conf.template
+++ b/build/install/docker/config/nginx/templates/upstream.conf.template
@ -48,6 +48,12 @@ map $SERVICE_API $service_api {
    default $SERVICE_API;
 }

+map $SERVICE_OAUTH $service_oauth {
+    volatile;
+    "" 127.0.0.1:9090;
+    default $SERVICE_OAUTH;
+}
+
 map $SERVICE_STUDIO $service_studio {
    volatile;
    "" 127.0.0.1:5003;
--- a/build/install/docker/docspace.profiles.yml
+++ b/build/install/docker/docspace.profiles.yml
@ -261,6 +261,7 @@ services:
      - SERVICE_NOTIFY=${SERVICE_NOTIFY}
      - SERVICE_PEOPLE_SERVER=${SERVICE_PEOPLE_SERVER}
      - SERVICE_SOCKET=${SERVICE_SOCKET}
+      - SERVICE_OAUTH=${SERVICE_OAUTH}
      - SERVICE_STUDIO_NOTIFY=${SERVICE_STUDIO_NOTIFY}
      - SERVICE_API=${SERVICE_API}
      - SERVICE_API_SYSTEM=${SERVICE_API_SYSTEM}
--- a/build/install/docker/docspace.yml
+++ b/build/install/docker/docspace.yml
@ -1,6 +1,5 @@
 version: "3.8"
-x-healthcheck:
-  &x-healthcheck
+x-healthcheck: &x-healthcheck
  test: curl --fail http://127.0.0.1 || exit 1
  interval: 60s
  retries: 5
@ -208,6 +207,7 @@ services:
      - SERVICE_NOTIFY=${SERVICE_NOTIFY}
      - SERVICE_PEOPLE_SERVER=${SERVICE_PEOPLE_SERVER}
      - SERVICE_SOCKET=${SERVICE_SOCKET}
+      - SERVICE_OAUTH=${SERVICE_OAUTH}
      - SERVICE_STUDIO_NOTIFY=${SERVICE_STUDIO_NOTIFY}
      - SERVICE_API=${SERVICE_API}
      - SERVICE_API_SYSTEM=${SERVICE_API_SYSTEM}
--- a/build/start/start.backend.docker.ps1
+++ b/build/start/start.backend.docker.ps1
@ -13,6 +13,7 @@ $LocalIp = (Get-CimInstance -ClassName Win32_NetworkAdapterConfiguration | Where
 $Doceditor = ($LocalIp + ":5013")
 $Login = ($LocalIp + ":5011")
 $Client = ($LocalIp + ":5001")
+$Oauth = ($LocalIp + ":9090")

 Set-Location -Path $DockerDir

@ -25,6 +26,7 @@ $Env:DOCUMENT_SERVER_IMAGE_NAME="onlyoffice/documentserver-de:latest"
 $Env:SERVICE_DOCEDITOR=$Doceditor
 $Env:SERVICE_LOGIN=$Login
 $Env:SERVICE_CLIENT=$Client
+$Env:SERVICE_OAUTH=$Oauth
 $Env:ROOT_DIR=$RootDir
 $Env:BUILD_PATH="/var/www"
 $Env:SRC_PATH="$RootDir\publish\services"
--- a/config/nginx/onlyoffice.conf
+++ b/config/nginx/onlyoffice.conf
@ -265,10 +265,18 @@ server {
 		}
    }

+	location /api/clients {
+		proxy_pass http://127.0.0.1:9090;
+
+		proxy_set_header X-API-Version 1;
+		proxy_set_header X-Tenant 1;
+	}
+
 	location /sso {
 		rewrite sso/(.*) /$1  break;
 		proxy_pass http://127.0.0.1:9834;
 	}
+	
 	location ~* /(ssologin.ashx|login.ashx|storage) {
 		proxy_pass http://127.0.0.1:5003;
 	}