diff --git a/Dockerfile b/Dockerfile
index 14b9994..374ddb8 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,13 +1,15 @@
-FROM ubuntu:18.04
+FROM ubuntu:22.04
 
 ARG RELEASE_DATE="2016-06-21"
 ARG RELEASE_DATE_SIGN=""
 ARG VERSION="8.9.0.190"
-ARG SOURCE_REPO_URL="deb http://static.teamlab.com.s3.amazonaws.com/repo/debian squeeze main"
+ARG SOURCE_REPO_URL="deb [signed-by=/usr/share/keyrings/onlyoffice.gpg] https://download.onlyoffice.com/repo/debian squeeze main"
 ARG DEBIAN_FRONTEND=noninteractive
 ARG PACKAGE_SYSNAME="onlyoffice"
 
 ARG ELK_DIR=/usr/share/elasticsearch
+ARG ELK_INDEX_DIR=/var/www/${PACKAGE_SYSNAME}/Data/Index
+ARG ELK_LOG_DIR=/var/log/${PACKAGE_SYSNAME}/Index
 ARG ELK_LIB_DIR=${ELK_DIR}/lib
 ARG ELK_MODULE_DIR=${ELK_DIR}/modules
 
@@ -49,20 +51,24 @@ RUN apt-get -y update && \
     locale-gen en_US.UTF-8 && \
     echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \
     echo "${SOURCE_REPO_URL}" >> /etc/apt/sources.list && \
-    echo "deb https://download.mono-project.com/repo/ubuntu stable-bionic/snapshots/6.8.0.123 main" | tee /etc/apt/sources.list.d/mono-official.list && \
-    echo "deb https://d2nlctn12v279m.cloudfront.net/repo/mono/ubuntu bionic main" | tee /etc/apt/sources.list.d/mono-extra.list && \    
-    apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys CB2DE8E5 && \
-    apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 3FA7E0328081BFF6A14DA29AA6A19B38D3D831EF && \
-    wget http://nginx.org/keys/nginx_signing.key && \
-    apt-key add nginx_signing.key && \
-    echo "deb http://nginx.org/packages/ubuntu/ bionic nginx" >> /etc/apt/sources.list.d/nginx.list && \
+    echo "deb [signed-by=/usr/share/keyrings/xamarin.gpg] https://download.mono-project.com/repo/ubuntu stable-focal/snapshots/6.8.0.123 main" | tee /etc/apt/sources.list.d/mono-official.list && \
+    echo "deb [signed-by=/usr/share/keyrings/mono-extra.gpg] https://d2nlctn12v279m.cloudfront.net/repo/mono/ubuntu focal main" | tee /etc/apt/sources.list.d/mono-extra.list && \
+    curl -fsSL https://download.onlyoffice.com/GPG-KEY-ONLYOFFICE | gpg --no-default-keyring --keyring gnupg-ring:/usr/share/keyrings/onlyoffice.gpg --import && \
+	chmod 644 /usr/share/keyrings/onlyoffice.gpg && \
+    curl -fsSL https://download.mono-project.com/repo/xamarin.gpg | gpg --no-default-keyring --keyring gnupg-ring:/usr/share/keyrings/xamarin.gpg --import && \
+	chmod 644 /usr/share/keyrings/xamarin.gpg && \
+	curl -fsSL https://d2nlctn12v279m.cloudfront.net/repo/mono/mono.key | gpg --no-default-keyring --keyring gnupg-ring:/usr/share/keyrings/mono-extra.gpg --import && \
+	chmod 644 /usr/share/keyrings/mono-extra.gpg && \
+    wget http://archive.ubuntu.com/ubuntu/pool/main/g/glibc/multiarch-support_2.27-3ubuntu1_amd64.deb && \
+    apt-get install ./multiarch-support_2.27-3ubuntu1_amd64.deb && \
+    rm -f ./multiarch-support_2.27-3ubuntu1_amd64.deb && \
     wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | apt-key add - && \
     echo "deb https://artifacts.elastic.co/packages/7.x/apt stable main" | tee -a /etc/apt/sources.list.d/elastic-7.x.list && \
-    add-apt-repository -y ppa:certbot/certbot && \
-    add-apt-repository -y ppa:chris-lea/redis-server && \
-    curl -sSL https://packages.microsoft.com/keys/microsoft.asc | apt-key add - && \
-    echo "deb [arch=amd64] https://packages.microsoft.com/ubuntu/18.04/prod bionic main" >> /etc/apt/sources.list.d/microsoft-prod.list && \
-    curl -sL https://deb.nodesource.com/setup_12.x | sudo -E bash - && \
+    wget https://packages.microsoft.com/config/ubuntu/22.04/packages-microsoft-prod.deb -O packages-microsoft-prod.deb && \
+    sudo dpkg -i packages-microsoft-prod.deb && \
+    rm packages-microsoft-prod.deb && \
+    printf "Package: * \nPin: origin \"packages.microsoft.com\"\nPin-Priority: 1001" > /etc/apt/preferences && \
+    curl -sL https://deb.nodesource.com/setup_18.x | sudo -E bash - && \
     apt-get install -yq gnupg2 \
                         ca-certificates \
                         software-properties-common \
@@ -75,7 +81,7 @@ RUN apt-get -y update && \
                         gdb \
                         mono-complete \
                         ca-certificates-mono \
-                        python-certbot-nginx \
+                        python3-certbot-nginx \
                         htop \
                         nano \
                         dnsutils \
@@ -86,9 +92,20 @@ RUN apt-get -y update && \
                         ffmpeg \
                         jq \
                         apt-transport-https \
-                        elasticsearch=${ELASTICSEARCH_VERSION} \
-                        mono-webserver-hyperfastcgi=0.4-7 \
-                        dotnet-sdk-6.0 \
+                        elasticsearch=${ELASTICSEARCH_VERSION} && \
+    mkdir -p ${ELK_INDEX_DIR}/v${ELASTICSEARCH_VERSION} && \
+    mkdir -p ${ELK_LOG_DIR} && \
+    chmod -R u=rwx /var/www/${PACKAGE_SYSNAME} && \
+    chmod -R g=rx /var/www/${PACKAGE_SYSNAME} && \
+    chmod -R o=rx /var/www/${PACKAGE_SYSNAME} && \
+    chown -R elasticsearch:elasticsearch ${ELK_INDEX_DIR}/v${ELASTICSEARCH_VERSION} && \
+    chown -R elasticsearch:elasticsearch ${ELK_LOG_DIR} && \
+    chmod -R u=rwx ${ELK_INDEX_DIR}/v${ELASTICSEARCH_VERSION} && \
+    chmod -R g=rs ${ELK_INDEX_DIR}/v${ELASTICSEARCH_VERSION} && \
+    chmod -R o= ${ELK_INDEX_DIR}/v${ELASTICSEARCH_VERSION} && \
+    apt-get install -yq \
+                        mono-webserver-hyperfastcgi=0.4-8 \
+                        dotnet-sdk-7.0 \
                         ${PACKAGE_SYSNAME}-communityserver \
                         ${PACKAGE_SYSNAME}-xmppserver && \
     apt-get clean && \
diff --git a/README.md b/README.md
index a72010d..efa577e 100644
--- a/README.md
+++ b/README.md
@@ -351,19 +351,29 @@ Then launch containers on it using the 'docker run --net onlyoffice' option:
 
 Follow [these steps](#installing-mysql) to install MySQL server.
 
-**STEP 3**: Install ONLYOFFICE Document Server.
+**STEP 3**: Generate JWT Secret
+
+JWT secret defines the secret key to validate the JSON Web Token in the request to the **ONLYOFFICE Document Server**. You can specify it yourself or easily get it using the command:
+```
+JWT_SECRET=$(cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 32);
+```
+
+**STEP 4**: Install ONLYOFFICE Document Server.
 
 ```bash
 sudo docker run --net onlyoffice -i -t -d --restart=always --name onlyoffice-document-server \
-	-v /app/onlyoffice/DocumentServer/logs:/var/log/onlyoffice  \
-	-v /app/onlyoffice/DocumentServer/data:/var/www/onlyoffice/Data  \
-	-v /app/onlyoffice/DocumentServer/fonts:/usr/share/fonts/truetype/custom \
-	-v /app/onlyoffice/DocumentServer/forgotten:/var/lib/onlyoffice/documentserver/App_Data/cache/files/forgotten \
-	onlyoffice/documentserver
+ -e JWT_ENABLED=true \
+ -e JWT_SECRET=${JWT_SECRET} \
+ -e JWT_HEADER=AuthorizationJwt \
+ -v /app/onlyoffice/DocumentServer/logs:/var/log/onlyoffice  \
+ -v /app/onlyoffice/DocumentServer/data:/var/www/onlyoffice/Data  \
+ -v /app/onlyoffice/DocumentServer/fonts:/usr/share/fonts/truetype/custom \
+ -v /app/onlyoffice/DocumentServer/forgotten:/var/lib/onlyoffice/documentserver/App_Data/cache/files/forgotten \
+ onlyoffice/documentserver
 ```
 To learn more, refer to the [ONLYOFFICE Document Server documentation](https://github.com/ONLYOFFICE/Docker-DocumentServer "ONLYOFFICE Document Server documentation").
 
-**STEP 4**: Install ONLYOFFICE Mail Server. 
+**STEP 5**: Install ONLYOFFICE Mail Server. 
 
 For the mail server correct work you need to specify its hostname 'yourdomain.com'.
 To learn more, refer to the [ONLYOFFICE Mail Server documentation](https://github.com/ONLYOFFICE/Docker-MailServer "ONLYOFFICE Mail Server documentation").
@@ -384,7 +394,7 @@ sudo docker run --init --net onlyoffice --privileged -i -t -d --restart=always -
 
 The additional parameters for mail server are available [here](https://github.com/ONLYOFFICE/Docker-CommunityServer/blob/master/docker-compose.yml#L75).
 
-**STEP 5**: Install ONLYOFFICE Control Panel
+**STEP 6**: Install ONLYOFFICE Control Panel
 
 ```bash
 docker run --net onlyoffice -i -t -d --restart=always --name onlyoffice-control-panel \
@@ -394,7 +404,7 @@ docker run --net onlyoffice -i -t -d --restart=always --name onlyoffice-control-
 -v /app/onlyoffice/ControlPanel/logs:/var/log/onlyoffice onlyoffice/controlpanel
 ```
 
-**STEP 6**: Install ONLYOFFICE Community Server
+**STEP 7**: Install ONLYOFFICE Community Server
 
 ```bash
 sudo docker run --net onlyoffice -i -t -d --privileged --restart=always --name onlyoffice-community-server -p 80:80 -p 443:443 -p 5222:5222 --cgroupns=host \
@@ -404,6 +414,9 @@ sudo docker run --net onlyoffice -i -t -d --privileged --restart=always --name o
  -e MYSQL_SERVER_USER=onlyoffice_user \
  -e MYSQL_SERVER_PASS=onlyoffice_pass \
  -e DOCUMENT_SERVER_PORT_80_TCP_ADDR=onlyoffice-document-server \
+ -e DOCUMENT_SERVER_JWT_ENABLED=true \
+ -e DOCUMENT_SERVER_JWT_SECRET=${JWT_SECRET} \
+ -e DOCUMENT_SERVER_JWT_HEADER=AuthorizationJwt \
  -e MAIL_SERVER_API_HOST=${MAIL_SERVER_IP} \
  -e MAIL_SERVER_DB_HOST=onlyoffice-mysql-server \
  -e MAIL_SERVER_DB_NAME=onlyoffice_mailserver \
@@ -436,7 +449,7 @@ wget https://download.onlyoffice.com/install/workspace-install.sh
 workspace-install.sh -md yourdomain.com
 ```
 
-Or use [docker-compose](https://docs.docker.com/compose/install "docker-compose"). `Temporarily does not work on Ubuntu 22.04 and Debian 11.`
+Or use [docker-compose](https://docs.docker.com/compose/install "docker-compose").
 
 First you need to clone this [GitHub repository](https://github.com/ONLYOFFICE/Docker-CommunityServer/):
 
@@ -456,6 +469,8 @@ For the mail server correct work, open one of the files depending on the product
 * [docker-compose.yml](https://github.com/ONLYOFFICE/Docker-CommunityServer/blob/master/docker-compose.workspace.yml) for ONLYOFFICE Workspace Community Edition 
 * [docker-compose.yml](https://github.com/ONLYOFFICE/Docker-CommunityServer/blob/master/docker-compose.workspace_enterprise.yml) for ONLYOFFICE Workspace Enterprise Edition
 
+For working on `Ubuntu 22.04` and `Debian 11` or later, you need to use docker-compose versions v2.16.0 or later and uncomment the cgroup line in the yml file
+
 Then replace the `${MAIL_SERVER_HOSTNAME}` variable with your own hostname for the **Mail Server**. After that, assuming you have docker-compose installed, execute the following command:
 
 ```bash
diff --git a/config/mysql/docker-entrypoint-initdb.d/onlyoffice-initdb.sql b/config/mysql/docker-entrypoint-initdb.d/onlyoffice-initdb.sql
index 1c1a5aa..ed4f675 100644
--- a/config/mysql/docker-entrypoint-initdb.d/onlyoffice-initdb.sql
+++ b/config/mysql/docker-entrypoint-initdb.d/onlyoffice-initdb.sql
@@ -3,10 +3,10 @@ CREATE DATABASE IF NOT EXISTS onlyoffice_mailserver CHARACTER SET "utf8" COLLATE
 
 ALTER USER 'root'@'%' IDENTIFIED WITH mysql_native_password BY 'my-secret-pw';
 CREATE USER IF NOT EXISTS 'onlyoffice_user'@'%' IDENTIFIED WITH mysql_native_password BY 'onlyoffice_pass';
-CREATE USER IF NOT EXISTS 'onlyoffice_mailserver_user'@'%' IDENTIFIED WITH mysql_native_password BY 'onlyoffice_mailserver_user_pass';
+CREATE USER IF NOT EXISTS 'mail_admin'@'%' IDENTIFIED WITH mysql_native_password BY 'Isadmin123';
 
 GRANT ALL PRIVILEGES ON *.* TO 'root'@'%';
 GRANT ALL PRIVILEGES ON *.* TO 'onlyoffice_user'@'%';
-GRANT ALL PRIVILEGES ON *.* TO 'onlyoffice_mailserver_user'@'%';
+GRANT ALL PRIVILEGES ON *.* TO 'mail_admin'@'%';
 
 FLUSH PRIVILEGES;
diff --git a/docker-compose.groups.yml b/docker-compose.groups.yml
index 8929feb..50649d5 100644
--- a/docker-compose.groups.yml
+++ b/docker-compose.groups.yml
@@ -41,6 +41,7 @@ services:
     tty: true
     restart: always
     privileged: true
+#    cgroup: host
     volumes:
      - community_data:/var/www/onlyoffice/Data
      - community_log:/var/log/onlyoffice
diff --git a/docker-compose.workspace.yml b/docker-compose.workspace.yml
index 5972ef5..7af2cf7 100644
--- a/docker-compose.workspace.yml
+++ b/docker-compose.workspace.yml
@@ -40,8 +40,8 @@ services:
      - MAIL_SERVER_DB_HOST=onlyoffice-mysql-server
      - MAIL_SERVER_DB_PORT=3306
      - MAIL_SERVER_DB_NAME=onlyoffice_mailserver
-     - MAIL_SERVER_DB_USER=onlyoffice_mailserver_user
-     - MAIL_SERVER_DB_PASS=onlyoffice_mailserver_user_pass
+     - MAIL_SERVER_DB_USER=mail_admin
+     - MAIL_SERVER_DB_PASS=Isadmin123
      - ELASTICSEARCH_SERVER_HOST=onlyoffice-elasticsearch
      - ELASTICSEARCH_SERVER_HTTPPORT=9200
     networks:
@@ -54,6 +54,7 @@ services:
     tty: true
     restart: always
     privileged: true
+#    cgroup: host
     volumes:
      - community_data:/var/www/onlyoffice/Data
      - community_log:/var/log/onlyoffice
@@ -115,8 +116,8 @@ services:
     environment:
        - MYSQL_SERVER=onlyoffice-mysql-server
        - MYSQL_SERVER_PORT=3306
-       - MYSQL_ROOT_USER=onlyoffice_mailserver_user
-       - MYSQL_ROOT_PASSWD=onlyoffice_mailserver_user_pass
+       - MYSQL_ROOT_USER=mail_admin
+       - MYSQL_ROOT_PASSWD=Isadmin123
        - MYSQL_SERVER_DB_NAME=onlyoffice_mailserver
     networks:
       - onlyoffice
diff --git a/docker-compose.workspace_enterprise.yml b/docker-compose.workspace_enterprise.yml
index f6795e7..b2f142c 100644
--- a/docker-compose.workspace_enterprise.yml
+++ b/docker-compose.workspace_enterprise.yml
@@ -40,8 +40,8 @@ services:
      - MAIL_SERVER_DB_HOST=onlyoffice-mysql-server
      - MAIL_SERVER_DB_PORT=3306
      - MAIL_SERVER_DB_NAME=onlyoffice_mailserver
-     - MAIL_SERVER_DB_USER=onlyoffice_mailserver_user
-     - MAIL_SERVER_DB_PASS=onlyoffice_mailserver_user_pass
+     - MAIL_SERVER_DB_USER=mail_admin
+     - MAIL_SERVER_DB_PASS=Isadmin123
      - ELASTICSEARCH_SERVER_HOST=onlyoffice-elasticsearch
      - ELASTICSEARCH_SERVER_HTTPPORT=9200
     networks:
@@ -54,6 +54,7 @@ services:
     tty: true
     restart: always
     privileged: true
+#    cgroup: host
     volumes:
      - community_data:/var/www/onlyoffice/Data
      - community_log:/var/log/onlyoffice
@@ -115,8 +116,8 @@ services:
     environment:
        - MYSQL_SERVER=onlyoffice-mysql-server
        - MYSQL_SERVER_PORT=3306
-       - MYSQL_ROOT_USER=onlyoffice_mailserver_user
-       - MYSQL_ROOT_PASSWD=onlyoffice_mailserver_user_pass
+       - MYSQL_ROOT_USER=mail_admin
+       - MYSQL_ROOT_PASSWD=Isadmin123
        - MYSQL_SERVER_DB_NAME=onlyoffice_mailserver
     networks:
       - onlyoffice
diff --git a/run-community-server.sh b/run-community-server.sh
index 8d161ae..e832c9c 100644
--- a/run-community-server.sh
+++ b/run-community-server.sh
@@ -74,7 +74,7 @@ else
    APP_CORE_MACHINEKEY=$(head -n 1 ${APP_PRIVATE_DATA_DIR}/machinekey)
 fi
 
-RELEASE_DATE="$(sudo sed -n '/"version.release-date"/s!.*value\s*=\s*"\([^"]*\)".*!\1!p' ${APP_ROOT_DIR}/web.appsettings.config)";
+RELEASE_DATE="$(sudo sed -n '/"version.number"/s!.*value\s*=\s*"\([^"]*\)".*!\1!p' ${APP_ROOT_DIR}/web.appsettings.config)";
 RELEASE_DATE_SIGN="$(CreateAuthToken "${RELEASE_DATE}" "${APP_CORE_MACHINEKEY}" )";
 
 sed -i '/version.release-date.sign/s!value="[^"]*"!value=\"'"$RELEASE_DATE_SIGN"'\"!g' ${APP_ROOT_DIR}/web.appsettings.config
@@ -148,6 +148,8 @@ DOCUMENT_SERVER_HOST_IP="";
 CONTROL_PANEL_ENABLED=false
 MAIL_SERVER_ENABLED=false
 
+set +x
+
 MYSQL_SERVER_ROOT_PASSWORD=${MYSQL_SERVER_ROOT_PASSWORD:-""}
 MYSQL_SERVER_HOST=${MYSQL_SERVER_HOST:-"127.0.0.1"}
 MYSQL_SERVER_PORT=${MYSQL_SERVER_PORT:-"3306"}
@@ -156,6 +158,25 @@ MYSQL_SERVER_USER=${MYSQL_SERVER_USER:-"root"}
 MYSQL_SERVER_PASS=${MYSQL_SERVER_PASS:-${MYSQL_SERVER_ROOT_PASSWORD}}
 MYSQL_SERVER_EXTERNAL=${MYSQL_SERVER_EXTERNAL:-false};
 
+mysql_config() {
+  cat << EOF > $1
+[client]
+host=$2
+port=$3
+user=$4
+password=$5
+EOF
+}
+
+MYSQL_CLIENT_CONFIG="/etc/mysql/conf.d/client.cnf"
+MYSQL_ROOT_CONFIG="/etc/mysql/conf.d/root.cnf"
+MYSQL_MAIL_CONFIG="/etc/mysql/conf.d/mail.cnf"
+
+mysql_config ${MYSQL_CLIENT_CONFIG} ${MYSQL_SERVER_HOST} ${MYSQL_SERVER_PORT} ${MYSQL_SERVER_USER} ${MYSQL_SERVER_PASS}
+mysql_config ${MYSQL_ROOT_CONFIG} ${MYSQL_SERVER_HOST} ${MYSQL_SERVER_PORT} root ${MYSQL_SERVER_ROOT_PASSWORD}
+
+set -x
+
 mkdir -p "${SSL_CERTIFICATES_DIR}/.well-known/acme-challenge"
 
 check_ip_is_internal(){
@@ -377,12 +398,20 @@ fi
 
 if [ ${MYSQL_SERVER_PORT_3306_TCP} ]; then
 	MYSQL_SERVER_EXTERNAL=true;
+
+	set +x
+
 	MYSQL_SERVER_HOST=${MYSQL_SERVER_PORT_3306_TCP_ADDR};
 	MYSQL_SERVER_PORT=${MYSQL_SERVER_PORT_3306_TCP_PORT};
 	MYSQL_SERVER_DB_NAME=${MYSQL_SERVER_ENV_MYSQL_DATABASE:-${MYSQL_SERVER_DB_NAME}};
 	MYSQL_SERVER_USER=${MYSQL_SERVER_ENV_MYSQL_USER:-${MYSQL_SERVER_USER}};
 	MYSQL_SERVER_PASS=${MYSQL_SERVER_ENV_MYSQL_PASSWORD:-${MYSQL_SERVER_ENV_MYSQL_ROOT_PASSWORD:-${MYSQL_SERVER_PASS}}};
 
+	mysql_config ${MYSQL_CLIENT_CONFIG} ${MYSQL_SERVER_HOST} ${MYSQL_SERVER_PORT} ${MYSQL_SERVER_USER} ${MYSQL_SERVER_PASS}
+	mysql_config ${MYSQL_ROOT_CONFIG} ${MYSQL_SERVER_HOST} ${MYSQL_SERVER_PORT} root ${MYSQL_SERVER_ROOT_PASSWORD}
+
+	set -x
+
 	if [ ${LOG_DEBUG} ]; then
 		log_debug "MYSQL_SERVER_HOST: ${MYSQL_SERVER_HOST}";
 		log_debug "MYSQL_SERVER_PORT: ${MYSQL_SERVER_PORT}";
@@ -397,6 +426,8 @@ if [ ${CONTROL_PANEL_PORT_80_TCP} ]; then
 	CONTROL_PANEL_ENABLED=true;
 fi
 
+set +x
+
 MAIL_SERVER_API_PORT=${MAIL_SERVER_API_PORT:-${MAIL_SERVER_PORT_8081_TCP_PORT:-8081}};
 MAIL_SERVER_API_HOST=${MAIL_SERVER_API_HOST:-${MAIL_SERVER_PORT_8081_TCP_ADDR}};
 MAIL_SERVER_DB_HOST=${MAIL_SERVER_DB_HOST:-${MAIL_SERVER_PORT_3306_TCP_ADDR}};
@@ -405,6 +436,10 @@ MAIL_SERVER_DB_NAME=${MAIL_SERVER_DB_NAME:-"onlyoffice_mailserver"};
 MAIL_SERVER_DB_USER=${MAIL_SERVER_DB_USER:-"mail_admin"};
 MAIL_SERVER_DB_PASS=${MAIL_SERVER_DB_PASS:-"Isadmin123"};
 
+mysql_config ${MYSQL_MAIL_CONFIG} ${MAIL_SERVER_DB_HOST} ${MAIL_SERVER_DB_PORT} ${MAIL_SERVER_DB_USER} ${MAIL_SERVER_DB_PASS}
+
+set -x
+
 if [ ${MAIL_SERVER_DB_HOST} ]; then
 	MAIL_SERVER_ENABLED=true;
 
@@ -453,13 +488,14 @@ REDIS_SERVER_SSL=${REDIS_SERVER_SSL:-"false"};
 REDIS_SERVER_DATABASE=${REDIS_SERVER_DATABASE:-"0"};
 REDIS_SERVER_CONNECT_TIMEOUT=${REDIS_SERVER_CONNECT_TIMEOUT:-"5000"};
 REDIS_SERVER_EXTERNAL=false;
+REDIS_SERVER_SYNC_TIMEOUT=${REDIS_SERVER_SYNC_TIMEOUT:-"60000"}
 
 if [ ${REDIS_SERVER_HOST} ]; then
         sed 's/<add\s*host=".*"\s*cachePort="[0-9]*"\s*\/>/<add host="'${REDIS_SERVER_HOST}'" cachePort="'${REDIS_SERVER_CACHEPORT}'" \/>/' -i ${APP_ROOT_DIR}/Web.config
-        sed -E 's/<redisCacheClient\s*ssl="(false|true)"\s*connectTimeout="[0-9]*"\s*database="[0-9]*"\s*password=".*">/<redisCacheClient ssl="'${REDIS_SERVER_SSL}'" connectTimeout="'${REDIS_SERVER_CONNECT_TIMEOUT}'" database="'${REDIS_SERVER_DATABASE}'" password="'${REDIS_SERVER_PASSWORD}'">/' -i ${APP_ROOT_DIR}/Web.config
+        sed -E 's/<redisCacheClient\s*ssl="(false|true)"\s*connectTimeout="[0-9]*"\s*syncTimeout="[0-9]*"\s*database="[0-9]*"\s*password=".*">/<redisCacheClient ssl="'${REDIS_SERVER_SSL}'" connectTimeout="'${REDIS_SERVER_CONNECT_TIMEOUT}'" syncTimeout="'${REDIS_SERVER_SYNC_TIMEOUT}'" database="'${REDIS_SERVER_DATABASE}'" password="'${REDIS_SERVER_PASSWORD}'">/' -i ${APP_ROOT_DIR}/Web.config
 
         sed 's/<add\s*host=".*"\s*cachePort="[0-9]*"\s*\/>/<add host="'${REDIS_SERVER_HOST}'" cachePort="'${REDIS_SERVER_CACHEPORT}'" \/>/' -i ${APP_SERVICES_DIR}/TeamLabSvc/TeamLabSvc.exe.config
-        sed -E 's/<redisCacheClient\s*ssl="(false|true)"\s*connectTimeout="[0-9]*"\s*database="[0-9]*"\s*password=".*">/<redisCacheClient ssl="'${REDIS_SERVER_SSL}'" connectTimeout="'${REDIS_SERVER_CONNECT_TIMEOUT}'" database="'${REDIS_SERVER_DATABASE}'" password="'${REDIS_SERVER_PASSWORD}'">/' -i ${APP_SERVICES_DIR}/TeamLabSvc/TeamLabSvc.exe.config
+        sed -E 's/<redisCacheClient\s*ssl="(false|true)"\s*connectTimeout="[0-9]*"\s*syncTimeout="[0-9]*"\s*database="[0-9]*"\s*password=".*">/<redisCacheClient ssl="'${REDIS_SERVER_SSL}'" connectTimeout="'${REDIS_SERVER_CONNECT_TIMEOUT}'" syncTimeout="'${REDIS_SERVER_SYNC_TIMEOUT}'"  database="'${REDIS_SERVER_DATABASE}'" password="'${REDIS_SERVER_PASSWORD}'">/' -i ${APP_SERVICES_DIR}/TeamLabSvc/TeamLabSvc.exe.config
 
 	APP_SERVICES_SOCKET_IO_PATH=${APP_SERVICES_DIR}/ASC.Socket.IO/config/config.json;
 
@@ -504,9 +540,9 @@ mysql_scalar_exec(){
 	local queryResult="";
 
 	if [ "$2" == "opt_ignore_db_name" ]; then
-		queryResult=$(mysql --silent --skip-column-names -h ${MYSQL_SERVER_HOST} -P ${MYSQL_SERVER_PORT} -u ${MYSQL_SERVER_USER} --password=${MYSQL_SERVER_PASS} -e "$1");
+		queryResult=$(mysql --defaults-extra-file="$MYSQL_CLIENT_CONFIG" --skip-column-names -e "$1");
 	else
-		queryResult=$(mysql --silent --skip-column-names -h ${MYSQL_SERVER_HOST} -P ${MYSQL_SERVER_PORT} -u ${MYSQL_SERVER_USER} --password=${MYSQL_SERVER_PASS} -D ${MYSQL_SERVER_DB_NAME} -e "$1");
+		queryResult=$(mysql --defaults-extra-file="$MYSQL_CLIENT_CONFIG" --skip-column-names -D ${MYSQL_SERVER_DB_NAME} -e "$1");
 	fi
 	echo $queryResult;
 }
@@ -515,9 +551,9 @@ mysql_list_exec(){
 	local queryResult="";
 
 	if [ "$2" == "opt_ignore_db_name" ]; then
-		queryResult=$(mysql --silent --skip-column-names -h ${MYSQL_SERVER_HOST} -P ${MYSQL_SERVER_PORT} -u ${MYSQL_SERVER_USER} --password=${MYSQL_SERVER_PASS} -e "$1");
+		queryResult=$(mysql --defaults-extra-file="$MYSQL_CLIENT_CONFIG" --skip-column-names -e "$1");
 	else
-		queryResult=$(mysql --silent --skip-column-names -h ${MYSQL_SERVER_HOST} -P ${MYSQL_SERVER_PORT} -u ${MYSQL_SERVER_USER} --password=${MYSQL_SERVER_PASS} -D ${MYSQL_SERVER_DB_NAME} -e "$1");
+		queryResult=$(mysql --defaults-extra-file="$MYSQL_CLIENT_CONFIG" --skip-column-names -D ${MYSQL_SERVER_DB_NAME} -e "$1");
 	fi
 
 	read -ra vars <<< ${queryResult};
@@ -527,7 +563,7 @@ mysql_list_exec(){
 }
 
 mysql_batch_exec(){
-	mysql --silent --skip-column-names -h ${MYSQL_SERVER_HOST} -P ${MYSQL_SERVER_PORT} -u ${MYSQL_SERVER_USER} --password=${MYSQL_SERVER_PASS} -D ${MYSQL_SERVER_DB_NAME} < "$1";
+	mysql --defaults-extra-file="$MYSQL_CLIENT_CONFIG" --skip-column-names -D ${MYSQL_SERVER_DB_NAME} < "$1";
 }
 
 mysql_check_connection() {
@@ -537,48 +573,32 @@ mysql_check_connection() {
 	fi
 	
 
-	while ! mysqladmin ping -h ${MYSQL_SERVER_HOST} -P ${MYSQL_SERVER_PORT} -u ${MYSQL_SERVER_USER} --password=${MYSQL_SERVER_PASS} --silent; do
+	while ! mysqladmin --defaults-extra-file="$MYSQL_CLIENT_CONFIG" ping; do
     		sleep 1
 	done
 }
 
 
 change_connections(){
+	set +x
 	sed '/'${1}'/s/\(connectionString\s*=\s*\"\)[^\"]*\"/\1Server='${MYSQL_SERVER_HOST}';Port='${MYSQL_SERVER_PORT}';Database='${MYSQL_SERVER_DB_NAME}';User ID='${MYSQL_SERVER_USER}';Password='${MYSQL_SERVER_PASS}';Pooling=true;Character Set=utf8;AutoEnlist=false;SSL Mode=none;AllowPublicKeyRetrieval=true;Connection Timeout=30;Maximum Pool Size=300;\"/' -i ${2}
+	set -x
 }
 
 if [ "${MYSQL_SERVER_EXTERNAL}" == "false" ]; then
-	chown -R mysql:mysql /var/lib/mysql/
-	chmod -R 755 /var/lib/mysql/
-
 	if [ ! -f /var/lib/mysql/ibdata1 ]; then
-		# cp /etc/mysql/my.cnf /usr/share/mysql/my-default.cnf
 		mysql_install_db || true
-		# mysqld --initialize-insecure --user=mysql || true
 	fi
 
 	if [ ${LOG_DEBUG} ]; then
 		log_debug "Fix docker bug volume mapping for mysql";
 	fi
 
-	myisamchk -q -r /var/lib/mysql/mysql/proc || true
-
         systemctl enable mysql.service
 	service mysql start
 
-	if [ ! -f /var/lib/mysql/mysql_upgrade_info ]; then
-		if mysqladmin --silent ping -u root | grep -q "mysqld is alive" ; then
-			mysql_upgrade
-		else
-			mysql_upgrade --password=${MYSQL_SERVER_ROOT_PASSWORD};
-		fi
-	
-		service mysql restart;
-	fi
-
-
-	if [ -n "$MYSQL_SERVER_ROOT_PASSWORD" ] && mysqladmin --silent ping -u root | grep -q "mysqld is alive" ; then
-mysql <<EOF
+	if [ -n "$MYSQL_SERVER_ROOT_PASSWORD" ] && mysqladmin --defaults-extra-file="$MYSQL_ROOT_CONFIG" ping | grep -q "mysqld is alive" ; then
+mysql --defaults-extra-file="$MYSQL_ROOT_CONFIG" <<EOF
 ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY "$MYSQL_SERVER_ROOT_PASSWORD";
 DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');
 DELETE FROM mysql.user WHERE User='';
@@ -589,7 +609,7 @@ EOF
 
 
 		if [ "$MYSQL_SERVER_USER" != "root" ]; then
-mysql "-p${MYSQL_SERVER_ROOT_PASSWORD}" <<EOF
+mysql --defaults-extra-file="$MYSQL_ROOT_CONFIG" <<EOF
 CREATE USER IF NOT EXISTS "$MYSQL_SERVER_USER"@"localhost" IDENTIFIED WITH mysql_native_password BY "$MYSQL_SERVER_PASS";
 GRANT ALL PRIVILEGES ON *.* TO "$MYSQL_SERVER_USER"@'localhost';
 FLUSH PRIVILEGES;
@@ -599,14 +619,11 @@ EOF
 	fi
 
 	DEBIAN_SYS_MAINT_PASS=$(grep "password" /etc/mysql/debian.cnf | head -1 | sed 's/password\s*=\s*//' | tr -d '[[:space:]]');
-	mysql_scalar_exec "GRANT ALL PRIVILEGES ON *.* TO 'debian-sys-maint'@'localhost' IDENTIFIED BY '${DEBIAN_SYS_MAINT_PASS}'"
-
-
-	#mysql_scalar_exec "GRANT ALL PRIVILEGES ON *.* TO 'debian-sys-maint'@'localhost'" "opt_ignore_db_name";
-
+	mysql_scalar_exec "GRANT ALL PRIVILEGES ON *.* TO 'debian-sys-maint'@'localhost';"
+	set -x
 else
-	service mysql stop
-        systemctl disable mysql.service
+	mysqladmin shutdown
+	systemctl disable mysql.service
 fi
 
 mysql_check_connection;
@@ -635,13 +652,18 @@ change_connections "default" "${APP_SERVICES_DIR}/TeamLabSvc/TeamLabSvc.exe.conf
 change_connections "default" "${APP_SERVICES_DIR}/Jabber/ASC.Xmpp.Server.Launcher.exe.config";
 change_connections "default" "${APP_APISYSTEM_DIR}/Web.config";
 
-sed "s!\"host\":.*,!\"host\":\"${MYSQL_SERVER_HOST}\",!" -i ${APP_SERVICES_DIR}/ASC.UrlShortener/config/config.json
-sed "s!\"user\":.*,!\"user\":\"${MYSQL_SERVER_USER}\",!" -i ${APP_SERVICES_DIR}/ASC.UrlShortener/config/config.json
-sed "s!\"password\":.*,!\"password\":\"${MYSQL_SERVER_PASS}\",!" -i ${APP_SERVICES_DIR}/ASC.UrlShortener/config/config.json
-sed "s!\"database\":.*!\"database\":\"${MYSQL_SERVER_DB_NAME}\"!" -i ${APP_SERVICES_DIR}/ASC.UrlShortener/config/config.json
+set +x
+
+find "${APP_SERVICES_DIR}/ASC.UrlShortener/config" -type f -name "*.json" -exec sed -i \
+-e "s!\(\"host\":\).*,!\1 \"${MYSQL_SERVER_HOST}\",!" \
+-e "s!\(\"user\":\).*,!\1 \"${MYSQL_SERVER_USER}\",!" \
+-e "s!\(\"password\":\).*,!\1 \"${MYSQL_SERVER_PASS//!/\\!}\",!" \
+-e "s!\(\"database\":\).*!\1 \"${MYSQL_SERVER_DB_NAME}\"!" {} \;
 
 sed -i "s/Server=.*/Server=${MYSQL_SERVER_HOST};Port=${MYSQL_SERVER_PORT};Database=${MYSQL_SERVER_DB_NAME};User ID=${MYSQL_SERVER_USER};Password=${MYSQL_SERVER_PASS};Pooling=true;Character Set=utf8;AutoEnlist=false;SSL Mode=none;AllowPublicKeyRetrieval=true;Connection Timeout=30;Maximum Pool Size=300;\",/g" ${APP_CONFIG_DIR}/appsettings.production.json
 
+set -x
+
 if [ "${DB_TABLES_COUNT}" -eq "0" ]; then
       	mysql_batch_exec ${APP_SQL_DIR}/onlyoffice.sql
        	mysql_batch_exec ${APP_SQL_DIR}/onlyoffice.data.sql
@@ -755,7 +777,7 @@ if [ "${DOCUMENT_SERVER_ENABLED}" == "true" ]; then
 
          if [ ! -f ${LICENSE_FILE_PATH} ]; then
 
-mysql --silent --skip-column-names -h ${MYSQL_SERVER_HOST} -P ${MYSQL_SERVER_PORT} -u ${MYSQL_SERVER_USER} --password=${MYSQL_SERVER_PASS} -D ${MYSQL_SERVER_DB_NAME} <<EOF || true
+mysql --defaults-extra-file="$MYSQL_CLIENT_CONFIG" --skip-column-names -D ${MYSQL_SERVER_DB_NAME} <<EOF || true
 INSERT IGNORE INTO tenants_quota (tenant, name, max_file_size, max_total_size, active_users, features)
 SELECT -1000, 'start_trial', max_file_size, max_total_size, active_users, CONCAT(features, ',trial')
 FROM tenants_quota
@@ -778,9 +800,8 @@ if [ "${MAIL_SERVER_ENABLED}" == "true" ]; then
     while [ "$interval" -lt "$timeout" ] ; do
         interval=$((${interval} + 10));
 
-        MAIL_SERVER_HOSTNAME=$(mysql --silent --skip-column-names -h ${MAIL_SERVER_DB_HOST} \
-            --port=${MAIL_SERVER_DB_PORT} -u "${MAIL_SERVER_DB_USER}" \
-            --password="${MAIL_SERVER_DB_PASS}" -D "${MAIL_SERVER_DB_NAME}" -e "SELECT Comment from greylisting_whitelist where Source='SenderIP:${MAIL_SERVER_API_HOST}' limit 1;");
+        MAIL_SERVER_HOSTNAME=$(mysql --defaults-extra-file="$MYSQL_MAIL_CONFIG" --skip-column-names \
+            -D "${MAIL_SERVER_DB_NAME}" -e "SELECT Comment from greylisting_whitelist where Source='SenderIP:${MAIL_SERVER_API_HOST}' limit 1;");
         if [[ "$?" -eq "0" ]] && [[ -n ${MAIL_SERVER_HOSTNAME} ]]; then
             break;
         fi
@@ -816,14 +837,10 @@ if [ "${MAIL_SERVER_ENABLED}" == "true" ]; then
 	fi
 
 
-        mysql --silent --skip-column-names -h ${MAIL_SERVER_DB_HOST} \
-            --port=${MAIL_SERVER_DB_PORT} -u "${MAIL_SERVER_DB_USER}" \
-            --password="${MAIL_SERVER_DB_PASS}" -D "${MAIL_SERVER_DB_NAME}" \
+        mysql --defaults-extra-file="$MYSQL_MAIL_CONFIG" --skip-column-names -D "${MAIL_SERVER_DB_NAME}" \
 	    -e "DELETE FROM greylisting_whitelist WHERE Comment='onlyoffice-community-server';";
 
-        mysql --silent --skip-column-names -h ${MAIL_SERVER_DB_HOST} \
-            --port=${MAIL_SERVER_DB_PORT} -u "${MAIL_SERVER_DB_USER}" \
-            --password="${MAIL_SERVER_DB_PASS}" -D "${MAIL_SERVER_DB_NAME}" \
+        mysql --defaults-extra-file="$MYSQL_MAIL_CONFIG" --skip-column-names -D "${MAIL_SERVER_DB_NAME}" \
             -e "REPLACE INTO greylisting_whitelist (Source, Comment, Disabled) VALUES (\"SenderIP:${SENDER_IP}\", 'onlyoffice-community-server', 0);";
 
     if [ -z ${MYSQL_MAIL_SERVER_ID} ]; then
@@ -866,10 +883,8 @@ END
     while [ "$interval" -lt "$timeout" ] ; do
         interval=$((${interval} + 10));
 
-        MYSQL_MAIL_SERVER_ACCESS_TOKEN=$(mysql --silent --skip-column-names -h ${MAIL_SERVER_DB_HOST} \
-            --port=${MAIL_SERVER_DB_PORT} -u "${MAIL_SERVER_DB_USER}" \
-            --password="${MAIL_SERVER_DB_PASS}" -D "${MAIL_SERVER_DB_NAME}" \
-            -e "select access_token from api_keys where id=1;");
+        MYSQL_MAIL_SERVER_ACCESS_TOKEN=$(mysql --defaults-extra-file="$MYSQL_MAIL_CONFIG" --skip-column-names  \
+			-D "${MAIL_SERVER_DB_NAME}" -e "select access_token from api_keys where id=1;");
         if [[ "$?" -eq "0" ]] && [[ -n ${MYSQL_MAIL_SERVER_ACCESS_TOKEN} ]]; then
             break;
         fi
@@ -908,13 +923,14 @@ do
 	 if [ $serverID == 1 ]; then
                 sed '/web.warmup.count/s/value=\"\S*\"/value=\"'${APP_MONOSERVE_COUNT}'\"/g' -i  ${APP_ROOT_DIR}/web.appsettings.config
                 sed '/web.warmup.domain/s/value=\"\S*\"/value=\"localhost\/warmup\"/g' -i  ${APP_ROOT_DIR}/web.appsettings.config
-                sed "/core.machinekey/s!value=\".*\"!value=\"${APP_CORE_MACHINEKEY}\"!g" -i  ${APP_ROOT_DIR}/web.appsettings.config
-		sed "/core.machinekey/s!value=\".*\"!value=\"${APP_CORE_MACHINEKEY}\"!g" -i  ${APP_APISYSTEM_DIR}/Web.config
-                sed "/core.machinekey/s!value=\".*\"!value=\"${APP_CORE_MACHINEKEY}\"!g" -i  ${APP_SERVICES_DIR}/TeamLabSvc/TeamLabSvc.exe.config
-		sed "/core\.machinekey/s!\"core\.machinekey\".*!\"core\.machinekey\":\"${APP_CORE_MACHINEKEY}\",!" -i ${APP_SERVICES_DIR}/ASC.Socket.IO/config/config.json
-		sed "s!machine_key\s*=.*!machine_key = ${APP_CORE_MACHINEKEY}!g" -i  ${APP_SERVICES_DIR}/TeamLabSvc/radicale.config
-		sed "s!\"core\.machinekey\":.*,!\"core\.machinekey\":\"${APP_CORE_MACHINEKEY}\",!g" -i ${APP_SERVICES_DIR}/ASC.UrlShortener/config/config.json
-		sed "s!\"machinekey\":.*!\"machinekey\":\"${APP_CORE_MACHINEKEY}\",!" -i ${APP_CONFIG_DIR}/appsettings.production.json
+
+				sed "s^\(machine_key\)\s*=.*^\1 = ${APP_CORE_MACHINEKEY//^/\\^}^g" -i ${APP_SERVICES_DIR}/TeamLabSvc/radicale.config
+
+                binDirs=("$APP_APISYSTEM_DIR" "$APP_SERVICES_DIR" "$APP_ROOT_DIR" "$APP_CONFIG_DIR")
+                for i in "${!binDirs[@]}"; do
+                    find "${binDirs[$i]}" -type f -name "*.[cC]onfig" -exec sed -i "/core.\machinekey/s_\(value\s*=\s*\"\)[^\"]*\"_\1${APP_CORE_MACHINEKEY//_/\\_}\"_" {} \;
+                    find "${binDirs[$i]}" -type f -name "*.json" -exec sed -i "s_\(\"core.machinekey\":\|\"machinekey\":\).*,_\1 \"${APP_CORE_MACHINEKEY//_/\\_}\",_" {} \;
+                done
 
                 continue;
         fi
@@ -1099,14 +1115,14 @@ systemctl stop onlyofficeStorageMigrate
 systemctl stop onlyofficeStorageEncryption
 systemctl stop onlyofficeUrlShortener
 systemctl stop onlyofficeThumbnailBuilder
-systemctl stop onlyofficeAutoCleanUp
+systemctl stop onlyofficeFilesTrashCleaner
 
 systemctl stop god
 systemctl enable god
 
 systemctl stop elasticsearch
 systemctl stop redis-server
-systemctl stop mysql
+mysqladmin shutdown
 systemctl stop nginx
 
 systemctl stop monoserveApiSystem.service
@@ -1146,7 +1162,7 @@ if [ "${APP_SERVICES_EXTERNAL}" == "true" ]; then
         systemctl disable onlyofficeStorageEncryption.service
         systemctl disable onlyofficeUrlShortener.service
         systemctl disable onlyofficeThumbnailBuilder.service
-        systemctl disable onlyofficeAutoCleanUp.service
+        systemctl disable onlyofficeFilesTrashCleaner.service
 
 	rm -f /lib/systemd/system/onlyofficeRadicale.service
 	rm -f /lib/systemd/system/onlyofficeTelegram.service
@@ -1165,7 +1181,7 @@ if [ "${APP_SERVICES_EXTERNAL}" == "true" ]; then
 	rm -f /lib/systemd/system/onlyofficeStorageEncryption.sevice
 	rm -f /lib/systemd/system/onlyofficeUrlShortener.service
 	rm -f /lib/systemd/system/onlyofficeThumbnailBuilder.service
-	rm -f /lib/systemd/system/onlyofficeAutoCleanUp.service
+	rm -f /lib/systemd/system/onlyofficeFilesTrashCleaner.service
 
 	sed '/onlyoffice/d' -i ${APP_CRON_PATH}
 else
@@ -1186,7 +1202,7 @@ else
         systemctl enable onlyofficeStorageEncryption.service
         systemctl enable onlyofficeUrlShortener.service
         systemctl enable onlyofficeThumbnailBuilder.service
-        systemctl enable onlyofficeAutoCleanUp.service
+        systemctl enable onlyofficeFilesTrashCleaner.service
 fi
 
 if [ "${APP_MODE}" == "SERVER" ]; then