From 8b6ee971e3c6d3b05297237f68dbbe92569ea605 Mon Sep 17 00:00:00 2001 From: Danil Titarenko <77471369+danilapog@users.noreply.github.com> Date: Mon, 12 Dec 2022 18:29:13 +0300 Subject: [PATCH 01/18] Update base image version on 22.04 (#167) * Update base images version * Cosmetic changes * Send dir to variable * Refactor: refactoring variable name * Add dinamyc dirs * Refactoring code * Refactor: refactoring code * Remove needles command --- Dockerfile | 41 +++++++++++++++++++++++++++-------------- 1 file changed, 27 insertions(+), 14 deletions(-) diff --git a/Dockerfile b/Dockerfile index 14b9994..eb0ab5c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM ubuntu:18.04 +FROM ubuntu:22.04 ARG RELEASE_DATE="2016-06-21" ARG RELEASE_DATE_SIGN="" @@ -8,6 +8,8 @@ ARG DEBIAN_FRONTEND=noninteractive ARG PACKAGE_SYSNAME="onlyoffice" ARG ELK_DIR=/usr/share/elasticsearch +ARG ELK_INDEX_DIR=/var/www/${PACKAGE_SYSNAME}/Data/Index +ARG ELK_LOG_DIR=/var/log/${PACKAGE_SYSNAME}/Index ARG ELK_LIB_DIR=${ELK_DIR}/lib ARG ELK_MODULE_DIR=${ELK_DIR}/modules @@ -49,20 +51,20 @@ RUN apt-get -y update && \ locale-gen en_US.UTF-8 && \ echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \ echo "${SOURCE_REPO_URL}" >> /etc/apt/sources.list && \ - echo "deb https://download.mono-project.com/repo/ubuntu stable-bionic/snapshots/6.8.0.123 main" | tee /etc/apt/sources.list.d/mono-official.list && \ - echo "deb https://d2nlctn12v279m.cloudfront.net/repo/mono/ubuntu bionic main" | tee /etc/apt/sources.list.d/mono-extra.list && \ + echo "deb https://download.mono-project.com/repo/ubuntu stable-focal/snapshots/6.8.0.123 main" | tee /etc/apt/sources.list.d/mono-official.list && \ + echo "deb https://d2nlctn12v279m.cloudfront.net/repo/mono/ubuntu focal main" | tee /etc/apt/sources.list.d/mono-extra.list && \ apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys CB2DE8E5 && \ apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 3FA7E0328081BFF6A14DA29AA6A19B38D3D831EF && \ - wget http://nginx.org/keys/nginx_signing.key && \ - apt-key add nginx_signing.key && \ - echo "deb http://nginx.org/packages/ubuntu/ bionic nginx" >> /etc/apt/sources.list.d/nginx.list && \ + wget http://archive.ubuntu.com/ubuntu/pool/main/g/glibc/multiarch-support_2.27-3ubuntu1_amd64.deb && \ + apt-get install ./multiarch-support_2.27-3ubuntu1_amd64.deb && \ + rm -f ./multiarch-support_2.27-3ubuntu1_amd64.deb && \ wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | apt-key add - && \ echo "deb https://artifacts.elastic.co/packages/7.x/apt stable main" | tee -a /etc/apt/sources.list.d/elastic-7.x.list && \ - add-apt-repository -y ppa:certbot/certbot && \ - add-apt-repository -y ppa:chris-lea/redis-server && \ - curl -sSL https://packages.microsoft.com/keys/microsoft.asc | apt-key add - && \ - echo "deb [arch=amd64] https://packages.microsoft.com/ubuntu/18.04/prod bionic main" >> /etc/apt/sources.list.d/microsoft-prod.list && \ - curl -sL https://deb.nodesource.com/setup_12.x | sudo -E bash - && \ + wget https://packages.microsoft.com/config/ubuntu/22.04/packages-microsoft-prod.deb -O packages-microsoft-prod.deb && \ + sudo dpkg -i packages-microsoft-prod.deb && \ + rm packages-microsoft-prod.deb && \ + printf "Package: * \nPin: origin \"packages.microsoft.com\"\nPin-Priority: 1001" > /etc/apt/preferences && \ + curl -sL https://deb.nodesource.com/setup_18.x | sudo -E bash - && \ apt-get install -yq gnupg2 \ ca-certificates \ software-properties-common \ @@ -75,7 +77,7 @@ RUN apt-get -y update && \ gdb \ mono-complete \ ca-certificates-mono \ - python-certbot-nginx \ + python3-certbot-nginx \ htop \ nano \ dnsutils \ @@ -86,8 +88,19 @@ RUN apt-get -y update && \ ffmpeg \ jq \ apt-transport-https \ - elasticsearch=${ELASTICSEARCH_VERSION} \ - mono-webserver-hyperfastcgi=0.4-7 \ + elasticsearch=${ELASTICSEARCH_VERSION} && \ + mkdir -p ${ELK_INDEX_DIR}/v${ELASTICSEARCH_VERSION} && \ + mkdir -p ${ELK_LOG_DIR} && \ + chmod -R u=rwx /var/www/${PACKAGE_SYSNAME} && \ + chmod -R g=rx /var/www/${PACKAGE_SYSNAME} && \ + chmod -R o=rx /var/www/${PACKAGE_SYSNAME} && \ + chown -R elasticsearch:elasticsearch ${ELK_INDEX_DIR}/v${ELASTICSEARCH_VERSION} && \ + chown -R elasticsearch:elasticsearch ${ELK_LOG_DIR} && \ + chmod -R u=rwx ${ELK_INDEX_DIR}/v${ELASTICSEARCH_VERSION} && \ + chmod -R g=rs ${ELK_INDEX_DIR}/v${ELASTICSEARCH_VERSION} && \ + chmod -R o= ${ELK_INDEX_DIR}/v${ELASTICSEARCH_VERSION} && \ + apt-get install -yq \ + mono-webserver-hyperfastcgi=0.4-8 \ dotnet-sdk-6.0 \ ${PACKAGE_SYSNAME}-communityserver \ ${PACKAGE_SYSNAME}-xmppserver && \ From 9970ea287c900abef62279ef6e86c0e8ea9a9e7b Mon Sep 17 00:00:00 2001 From: evgeniy-antonyuk Date: Mon, 19 Dec 2022 17:43:14 +0300 Subject: [PATCH 02/18] Cosmetic changes README.md --- README.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index a72010d..9e83990 100644 --- a/README.md +++ b/README.md @@ -355,11 +355,11 @@ Follow [these steps](#installing-mysql) to install MySQL server. ```bash sudo docker run --net onlyoffice -i -t -d --restart=always --name onlyoffice-document-server \ - -v /app/onlyoffice/DocumentServer/logs:/var/log/onlyoffice \ - -v /app/onlyoffice/DocumentServer/data:/var/www/onlyoffice/Data \ - -v /app/onlyoffice/DocumentServer/fonts:/usr/share/fonts/truetype/custom \ - -v /app/onlyoffice/DocumentServer/forgotten:/var/lib/onlyoffice/documentserver/App_Data/cache/files/forgotten \ - onlyoffice/documentserver + -v /app/onlyoffice/DocumentServer/logs:/var/log/onlyoffice \ + -v /app/onlyoffice/DocumentServer/data:/var/www/onlyoffice/Data \ + -v /app/onlyoffice/DocumentServer/fonts:/usr/share/fonts/truetype/custom \ + -v /app/onlyoffice/DocumentServer/forgotten:/var/lib/onlyoffice/documentserver/App_Data/cache/files/forgotten \ + onlyoffice/documentserver ``` To learn more, refer to the [ONLYOFFICE Document Server documentation](https://github.com/ONLYOFFICE/Docker-DocumentServer "ONLYOFFICE Document Server documentation"). From c2747007d858a449ea0e17b6799b8ad487b420a3 Mon Sep 17 00:00:00 2001 From: evgeniy-antonyuk Date: Wed, 28 Dec 2022 10:33:52 +0300 Subject: [PATCH 03/18] fix Bug 60342 - Fix the absence of the version.release-date parameter --- run-community-server.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/run-community-server.sh b/run-community-server.sh index 8d161ae..d4a03fa 100644 --- a/run-community-server.sh +++ b/run-community-server.sh @@ -74,7 +74,7 @@ else APP_CORE_MACHINEKEY=$(head -n 1 ${APP_PRIVATE_DATA_DIR}/machinekey) fi -RELEASE_DATE="$(sudo sed -n '/"version.release-date"/s!.*value\s*=\s*"\([^"]*\)".*!\1!p' ${APP_ROOT_DIR}/web.appsettings.config)"; +RELEASE_DATE="$(sudo sed -n '/"version.number"/s!.*value\s*=\s*"\([^"]*\)".*!\1!p' ${APP_ROOT_DIR}/web.appsettings.config)"; RELEASE_DATE_SIGN="$(CreateAuthToken "${RELEASE_DATE}" "${APP_CORE_MACHINEKEY}" )"; sed -i '/version.release-date.sign/s!value="[^"]*"!value=\"'"$RELEASE_DATE_SIGN"'\"!g' ${APP_ROOT_DIR}/web.appsettings.config From ac1164fa4f45c75f699cad80bb6d8cc9052d6962 Mon Sep 17 00:00:00 2001 From: Evgeniy Antonyuk Date: Fri, 30 Dec 2022 11:20:42 +0300 Subject: [PATCH 04/18] Add obligatory use of JWT parameters (#177) * Add obligatory use of JWT parameters * Add JWT_SECRET generation * Add a step to generate a JWT secret --- README.md | 21 +++++++++++++++++---- 1 file changed, 17 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 9e83990..693b297 100644 --- a/README.md +++ b/README.md @@ -351,10 +351,20 @@ Then launch containers on it using the 'docker run --net onlyoffice' option: Follow [these steps](#installing-mysql) to install MySQL server. -**STEP 3**: Install ONLYOFFICE Document Server. +**STEP 3**: Generate JWT Secret + +JWT secret defines the secret key to validate the JSON Web Token in the request to the **ONLYOFFICE Document Server**. You can specify it yourself or easily get it using the command: +``` +JWT_SECRET=$(cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 12); +``` + +**STEP 4**: Install ONLYOFFICE Document Server. ```bash sudo docker run --net onlyoffice -i -t -d --restart=always --name onlyoffice-document-server \ + -e JWT_ENABLED=true \ + -e JWT_SECRET=${JWT_SECRET} \ + -e JWT_HEADER=AuthorizationJwt \ -v /app/onlyoffice/DocumentServer/logs:/var/log/onlyoffice \ -v /app/onlyoffice/DocumentServer/data:/var/www/onlyoffice/Data \ -v /app/onlyoffice/DocumentServer/fonts:/usr/share/fonts/truetype/custom \ @@ -363,7 +373,7 @@ sudo docker run --net onlyoffice -i -t -d --restart=always --name onlyoffice-doc ``` To learn more, refer to the [ONLYOFFICE Document Server documentation](https://github.com/ONLYOFFICE/Docker-DocumentServer "ONLYOFFICE Document Server documentation"). -**STEP 4**: Install ONLYOFFICE Mail Server. +**STEP 5**: Install ONLYOFFICE Mail Server. For the mail server correct work you need to specify its hostname 'yourdomain.com'. To learn more, refer to the [ONLYOFFICE Mail Server documentation](https://github.com/ONLYOFFICE/Docker-MailServer "ONLYOFFICE Mail Server documentation"). @@ -384,7 +394,7 @@ sudo docker run --init --net onlyoffice --privileged -i -t -d --restart=always - The additional parameters for mail server are available [here](https://github.com/ONLYOFFICE/Docker-CommunityServer/blob/master/docker-compose.yml#L75). -**STEP 5**: Install ONLYOFFICE Control Panel +**STEP 6**: Install ONLYOFFICE Control Panel ```bash docker run --net onlyoffice -i -t -d --restart=always --name onlyoffice-control-panel \ @@ -394,7 +404,7 @@ docker run --net onlyoffice -i -t -d --restart=always --name onlyoffice-control- -v /app/onlyoffice/ControlPanel/logs:/var/log/onlyoffice onlyoffice/controlpanel ``` -**STEP 6**: Install ONLYOFFICE Community Server +**STEP 7**: Install ONLYOFFICE Community Server ```bash sudo docker run --net onlyoffice -i -t -d --privileged --restart=always --name onlyoffice-community-server -p 80:80 -p 443:443 -p 5222:5222 --cgroupns=host \ @@ -404,6 +414,9 @@ sudo docker run --net onlyoffice -i -t -d --privileged --restart=always --name o -e MYSQL_SERVER_USER=onlyoffice_user \ -e MYSQL_SERVER_PASS=onlyoffice_pass \ -e DOCUMENT_SERVER_PORT_80_TCP_ADDR=onlyoffice-document-server \ + -e DOCUMENT_SERVER_JWT_ENABLED=true \ + -e DOCUMENT_SERVER_JWT_SECRET=${JWT_SECRET} \ + -e DOCUMENT_SERVER_JWT_HEADER=AuthorizationJwt \ -e MAIL_SERVER_API_HOST=${MAIL_SERVER_IP} \ -e MAIL_SERVER_DB_HOST=onlyoffice-mysql-server \ -e MAIL_SERVER_DB_NAME=onlyoffice_mailserver \ From b0e047cf1dcbdfa539c942c723a788037ae6f8d4 Mon Sep 17 00:00:00 2001 From: Evgeniy Antonyuk Date: Tue, 10 Jan 2023 10:33:35 +0300 Subject: [PATCH 05/18] Generated JWT secret is too small for HMAC SHA256 (#179) --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 693b297..9c23c79 100644 --- a/README.md +++ b/README.md @@ -355,7 +355,7 @@ Follow [these steps](#installing-mysql) to install MySQL server. JWT secret defines the secret key to validate the JSON Web Token in the request to the **ONLYOFFICE Document Server**. You can specify it yourself or easily get it using the command: ``` -JWT_SECRET=$(cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 12); +JWT_SECRET=$(cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 32); ``` **STEP 4**: Install ONLYOFFICE Document Server. From 16f42eb175cf34ca50319c267f5704eb636ed355 Mon Sep 17 00:00:00 2001 From: evgeniy-antonyuk Date: Thu, 2 Feb 2023 10:43:02 +0300 Subject: [PATCH 06/18] Modification of db connection strings for mail server --- .../docker-entrypoint-initdb.d/onlyoffice-initdb.sql | 4 ++-- docker-compose.workspace.yml | 8 ++++---- docker-compose.workspace_enterprise.yml | 8 ++++---- 3 files changed, 10 insertions(+), 10 deletions(-) diff --git a/config/mysql/docker-entrypoint-initdb.d/onlyoffice-initdb.sql b/config/mysql/docker-entrypoint-initdb.d/onlyoffice-initdb.sql index 1c1a5aa..ed4f675 100644 --- a/config/mysql/docker-entrypoint-initdb.d/onlyoffice-initdb.sql +++ b/config/mysql/docker-entrypoint-initdb.d/onlyoffice-initdb.sql @@ -3,10 +3,10 @@ CREATE DATABASE IF NOT EXISTS onlyoffice_mailserver CHARACTER SET "utf8" COLLATE ALTER USER 'root'@'%' IDENTIFIED WITH mysql_native_password BY 'my-secret-pw'; CREATE USER IF NOT EXISTS 'onlyoffice_user'@'%' IDENTIFIED WITH mysql_native_password BY 'onlyoffice_pass'; -CREATE USER IF NOT EXISTS 'onlyoffice_mailserver_user'@'%' IDENTIFIED WITH mysql_native_password BY 'onlyoffice_mailserver_user_pass'; +CREATE USER IF NOT EXISTS 'mail_admin'@'%' IDENTIFIED WITH mysql_native_password BY 'Isadmin123'; GRANT ALL PRIVILEGES ON *.* TO 'root'@'%'; GRANT ALL PRIVILEGES ON *.* TO 'onlyoffice_user'@'%'; -GRANT ALL PRIVILEGES ON *.* TO 'onlyoffice_mailserver_user'@'%'; +GRANT ALL PRIVILEGES ON *.* TO 'mail_admin'@'%'; FLUSH PRIVILEGES; diff --git a/docker-compose.workspace.yml b/docker-compose.workspace.yml index 5972ef5..d07c4f3 100644 --- a/docker-compose.workspace.yml +++ b/docker-compose.workspace.yml @@ -40,8 +40,8 @@ services: - MAIL_SERVER_DB_HOST=onlyoffice-mysql-server - MAIL_SERVER_DB_PORT=3306 - MAIL_SERVER_DB_NAME=onlyoffice_mailserver - - MAIL_SERVER_DB_USER=onlyoffice_mailserver_user - - MAIL_SERVER_DB_PASS=onlyoffice_mailserver_user_pass + - MAIL_SERVER_DB_USER=mail_admin + - MAIL_SERVER_DB_PASS=Isadmin123 - ELASTICSEARCH_SERVER_HOST=onlyoffice-elasticsearch - ELASTICSEARCH_SERVER_HTTPPORT=9200 networks: @@ -115,8 +115,8 @@ services: environment: - MYSQL_SERVER=onlyoffice-mysql-server - MYSQL_SERVER_PORT=3306 - - MYSQL_ROOT_USER=onlyoffice_mailserver_user - - MYSQL_ROOT_PASSWD=onlyoffice_mailserver_user_pass + - MYSQL_ROOT_USER=mail_admin + - MYSQL_ROOT_PASSWD=Isadmin123 - MYSQL_SERVER_DB_NAME=onlyoffice_mailserver networks: - onlyoffice diff --git a/docker-compose.workspace_enterprise.yml b/docker-compose.workspace_enterprise.yml index f6795e7..322f1ec 100644 --- a/docker-compose.workspace_enterprise.yml +++ b/docker-compose.workspace_enterprise.yml @@ -40,8 +40,8 @@ services: - MAIL_SERVER_DB_HOST=onlyoffice-mysql-server - MAIL_SERVER_DB_PORT=3306 - MAIL_SERVER_DB_NAME=onlyoffice_mailserver - - MAIL_SERVER_DB_USER=onlyoffice_mailserver_user - - MAIL_SERVER_DB_PASS=onlyoffice_mailserver_user_pass + - MAIL_SERVER_DB_USER=mail_admin + - MAIL_SERVER_DB_PASS=Isadmin123 - ELASTICSEARCH_SERVER_HOST=onlyoffice-elasticsearch - ELASTICSEARCH_SERVER_HTTPPORT=9200 networks: @@ -115,8 +115,8 @@ services: environment: - MYSQL_SERVER=onlyoffice-mysql-server - MYSQL_SERVER_PORT=3306 - - MYSQL_ROOT_USER=onlyoffice_mailserver_user - - MYSQL_ROOT_PASSWD=onlyoffice_mailserver_user_pass + - MYSQL_ROOT_USER=mail_admin + - MYSQL_ROOT_PASSWD=Isadmin123 - MYSQL_SERVER_DB_NAME=onlyoffice_mailserver networks: - onlyoffice From 23eb6868787a5288e49ce296f8ac0ba5c4b1684e Mon Sep 17 00:00:00 2001 From: evgeniy-antonyuk Date: Fri, 10 Feb 2023 16:20:42 +0300 Subject: [PATCH 07/18] Update the dotnet sdk version to 7.0 --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index eb0ab5c..aad700b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -101,7 +101,7 @@ RUN apt-get -y update && \ chmod -R o= ${ELK_INDEX_DIR}/v${ELASTICSEARCH_VERSION} && \ apt-get install -yq \ mono-webserver-hyperfastcgi=0.4-8 \ - dotnet-sdk-6.0 \ + dotnet-sdk-7.0 \ ${PACKAGE_SYSNAME}-communityserver \ ${PACKAGE_SYSNAME}-xmppserver && \ apt-get clean && \ From 37d227fcea2e9c3a6f96ff631d78238ee1898bc7 Mon Sep 17 00:00:00 2001 From: Alexey Golubev Date: Thu, 16 Feb 2023 19:29:38 +0500 Subject: [PATCH 08/18] Fix the issue "gpg: keyserver receive failed: No data" with keyserver.ubuntu.com --- Dockerfile | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/Dockerfile b/Dockerfile index aad700b..374ddb8 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,7 +3,7 @@ FROM ubuntu:22.04 ARG RELEASE_DATE="2016-06-21" ARG RELEASE_DATE_SIGN="" ARG VERSION="8.9.0.190" -ARG SOURCE_REPO_URL="deb http://static.teamlab.com.s3.amazonaws.com/repo/debian squeeze main" +ARG SOURCE_REPO_URL="deb [signed-by=/usr/share/keyrings/onlyoffice.gpg] https://download.onlyoffice.com/repo/debian squeeze main" ARG DEBIAN_FRONTEND=noninteractive ARG PACKAGE_SYSNAME="onlyoffice" @@ -51,10 +51,14 @@ RUN apt-get -y update && \ locale-gen en_US.UTF-8 && \ echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \ echo "${SOURCE_REPO_URL}" >> /etc/apt/sources.list && \ - echo "deb https://download.mono-project.com/repo/ubuntu stable-focal/snapshots/6.8.0.123 main" | tee /etc/apt/sources.list.d/mono-official.list && \ - echo "deb https://d2nlctn12v279m.cloudfront.net/repo/mono/ubuntu focal main" | tee /etc/apt/sources.list.d/mono-extra.list && \ - apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys CB2DE8E5 && \ - apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 3FA7E0328081BFF6A14DA29AA6A19B38D3D831EF && \ + echo "deb [signed-by=/usr/share/keyrings/xamarin.gpg] https://download.mono-project.com/repo/ubuntu stable-focal/snapshots/6.8.0.123 main" | tee /etc/apt/sources.list.d/mono-official.list && \ + echo "deb [signed-by=/usr/share/keyrings/mono-extra.gpg] https://d2nlctn12v279m.cloudfront.net/repo/mono/ubuntu focal main" | tee /etc/apt/sources.list.d/mono-extra.list && \ + curl -fsSL https://download.onlyoffice.com/GPG-KEY-ONLYOFFICE | gpg --no-default-keyring --keyring gnupg-ring:/usr/share/keyrings/onlyoffice.gpg --import && \ + chmod 644 /usr/share/keyrings/onlyoffice.gpg && \ + curl -fsSL https://download.mono-project.com/repo/xamarin.gpg | gpg --no-default-keyring --keyring gnupg-ring:/usr/share/keyrings/xamarin.gpg --import && \ + chmod 644 /usr/share/keyrings/xamarin.gpg && \ + curl -fsSL https://d2nlctn12v279m.cloudfront.net/repo/mono/mono.key | gpg --no-default-keyring --keyring gnupg-ring:/usr/share/keyrings/mono-extra.gpg --import && \ + chmod 644 /usr/share/keyrings/mono-extra.gpg && \ wget http://archive.ubuntu.com/ubuntu/pool/main/g/glibc/multiarch-support_2.27-3ubuntu1_amd64.deb && \ apt-get install ./multiarch-support_2.27-3ubuntu1_amd64.deb && \ rm -f ./multiarch-support_2.27-3ubuntu1_amd64.deb && \ From f07b737dd4554cc943552d20244c06cd7bcf1e6e Mon Sep 17 00:00:00 2001 From: evgeniy-antonyuk Date: Thu, 9 Mar 2023 16:08:39 +0300 Subject: [PATCH 09/18] Fix substitution of machinekey values --- run-community-server.sh | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/run-community-server.sh b/run-community-server.sh index d4a03fa..482e3a4 100644 --- a/run-community-server.sh +++ b/run-community-server.sh @@ -908,13 +908,11 @@ do if [ $serverID == 1 ]; then sed '/web.warmup.count/s/value=\"\S*\"/value=\"'${APP_MONOSERVE_COUNT}'\"/g' -i ${APP_ROOT_DIR}/web.appsettings.config sed '/web.warmup.domain/s/value=\"\S*\"/value=\"localhost\/warmup\"/g' -i ${APP_ROOT_DIR}/web.appsettings.config - sed "/core.machinekey/s!value=\".*\"!value=\"${APP_CORE_MACHINEKEY}\"!g" -i ${APP_ROOT_DIR}/web.appsettings.config - sed "/core.machinekey/s!value=\".*\"!value=\"${APP_CORE_MACHINEKEY}\"!g" -i ${APP_APISYSTEM_DIR}/Web.config - sed "/core.machinekey/s!value=\".*\"!value=\"${APP_CORE_MACHINEKEY}\"!g" -i ${APP_SERVICES_DIR}/TeamLabSvc/TeamLabSvc.exe.config - sed "/core\.machinekey/s!\"core\.machinekey\".*!\"core\.machinekey\":\"${APP_CORE_MACHINEKEY}\",!" -i ${APP_SERVICES_DIR}/ASC.Socket.IO/config/config.json - sed "s!machine_key\s*=.*!machine_key = ${APP_CORE_MACHINEKEY}!g" -i ${APP_SERVICES_DIR}/TeamLabSvc/radicale.config - sed "s!\"core\.machinekey\":.*,!\"core\.machinekey\":\"${APP_CORE_MACHINEKEY}\",!g" -i ${APP_SERVICES_DIR}/ASC.UrlShortener/config/config.json - sed "s!\"machinekey\":.*!\"machinekey\":\"${APP_CORE_MACHINEKEY}\",!" -i ${APP_CONFIG_DIR}/appsettings.production.json + binDirs=("$APP_DIR" "$APP_CONFIG_DIR") + for i in "${!binDirs[@]}"; do + find "${binDirs[$i]}" -type f -name "*.[cC]onfig" -exec sed -i "/core.\machinekey/s_\(value\s*=\s*\"\)[^\"]*\"_\1${APP_CORE_MACHINEKEY}\"_" {} \; + find "${binDirs[$i]}" -type f -name "*.json" -exec sed -i "s_\(\"core.machinekey\":\|\"machinekey\":\).*,_\1 \"${APP_CORE_MACHINEKEY}\",_" {} \; + done continue; fi From ca74e5d593879d3f375a0c95fb71c90cc1e0ff9f Mon Sep 17 00:00:00 2001 From: evgeniy-antonyuk Date: Sat, 18 Mar 2023 14:58:53 +0300 Subject: [PATCH 10/18] fix Bug 61133 - Fix substitution of machinekey values for radicale service --- run-community-server.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/run-community-server.sh b/run-community-server.sh index 482e3a4..29de79b 100644 --- a/run-community-server.sh +++ b/run-community-server.sh @@ -908,6 +908,9 @@ do if [ $serverID == 1 ]; then sed '/web.warmup.count/s/value=\"\S*\"/value=\"'${APP_MONOSERVE_COUNT}'\"/g' -i ${APP_ROOT_DIR}/web.appsettings.config sed '/web.warmup.domain/s/value=\"\S*\"/value=\"localhost\/warmup\"/g' -i ${APP_ROOT_DIR}/web.appsettings.config + + sed "s^\(machine_key\)\s*=.*^\1 = ${APP_CORE_MACHINEKEY}^g" -i /var/www/onlyoffice/Services/TeamLabSvc/radicale.config + binDirs=("$APP_DIR" "$APP_CONFIG_DIR") for i in "${!binDirs[@]}"; do find "${binDirs[$i]}" -type f -name "*.[cC]onfig" -exec sed -i "/core.\machinekey/s_\(value\s*=\s*\"\)[^\"]*\"_\1${APP_CORE_MACHINEKEY}\"_" {} \; From 534b74d2212763fc603e7ae809cfa8c4bcc4e2e6 Mon Sep 17 00:00:00 2001 From: evgeniy-antonyuk Date: Mon, 20 Mar 2023 16:03:48 +0300 Subject: [PATCH 11/18] Optimize machinekey substitution --- run-community-server.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/run-community-server.sh b/run-community-server.sh index 29de79b..61488af 100644 --- a/run-community-server.sh +++ b/run-community-server.sh @@ -909,9 +909,9 @@ do sed '/web.warmup.count/s/value=\"\S*\"/value=\"'${APP_MONOSERVE_COUNT}'\"/g' -i ${APP_ROOT_DIR}/web.appsettings.config sed '/web.warmup.domain/s/value=\"\S*\"/value=\"localhost\/warmup\"/g' -i ${APP_ROOT_DIR}/web.appsettings.config - sed "s^\(machine_key\)\s*=.*^\1 = ${APP_CORE_MACHINEKEY}^g" -i /var/www/onlyoffice/Services/TeamLabSvc/radicale.config + sed "s^\(machine_key\)\s*=.*^\1 = ${APP_CORE_MACHINEKEY}^g" -i ${APP_SERVICES_DIR}/TeamLabSvc/radicale.config - binDirs=("$APP_DIR" "$APP_CONFIG_DIR") + binDirs=("$APP_APISYSTEM_DIR" "$APP_SERVICES_DIR" "$APP_ROOT_DIR" "$APP_CONFIG_DIR") for i in "${!binDirs[@]}"; do find "${binDirs[$i]}" -type f -name "*.[cC]onfig" -exec sed -i "/core.\machinekey/s_\(value\s*=\s*\"\)[^\"]*\"_\1${APP_CORE_MACHINEKEY}\"_" {} \; find "${binDirs[$i]}" -type f -name "*.json" -exec sed -i "s_\(\"core.machinekey\":\|\"machinekey\":\).*,_\1 \"${APP_CORE_MACHINEKEY}\",_" {} \; From f96fe4e111b56f8622a7f6ba2533e46aff1e989b Mon Sep 17 00:00:00 2001 From: Evgeniy Antonyuk Date: Tue, 4 Apr 2023 14:27:29 +0500 Subject: [PATCH 12/18] Fix the substitution of values in the UrlShortener config --- run-community-server.sh | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/run-community-server.sh b/run-community-server.sh index 61488af..43a0fae 100644 --- a/run-community-server.sh +++ b/run-community-server.sh @@ -635,10 +635,11 @@ change_connections "default" "${APP_SERVICES_DIR}/TeamLabSvc/TeamLabSvc.exe.conf change_connections "default" "${APP_SERVICES_DIR}/Jabber/ASC.Xmpp.Server.Launcher.exe.config"; change_connections "default" "${APP_APISYSTEM_DIR}/Web.config"; -sed "s!\"host\":.*,!\"host\":\"${MYSQL_SERVER_HOST}\",!" -i ${APP_SERVICES_DIR}/ASC.UrlShortener/config/config.json -sed "s!\"user\":.*,!\"user\":\"${MYSQL_SERVER_USER}\",!" -i ${APP_SERVICES_DIR}/ASC.UrlShortener/config/config.json -sed "s!\"password\":.*,!\"password\":\"${MYSQL_SERVER_PASS}\",!" -i ${APP_SERVICES_DIR}/ASC.UrlShortener/config/config.json -sed "s!\"database\":.*!\"database\":\"${MYSQL_SERVER_DB_NAME}\"!" -i ${APP_SERVICES_DIR}/ASC.UrlShortener/config/config.json +find "${APP_SERVICES_DIR}/ASC.UrlShortener/config" -type f -name "*.json" -exec sed -i \ +-e "s!\(\"host\":\).*,!\1 \"${MYSQL_SERVER_HOST}\",!" \ +-e "s!\(\"user\":\).*,!\1 \"${MYSQL_SERVER_USER}\",!" \ +-e "s!\(\"password\":\).*,!\1 \"${MYSQL_SERVER_PASS//!/\\!}\",!" \ +-e "s!\(\"database\":\).*!\1 \"${MYSQL_SERVER_DB_NAME}\"!" {} \; sed -i "s/Server=.*/Server=${MYSQL_SERVER_HOST};Port=${MYSQL_SERVER_PORT};Database=${MYSQL_SERVER_DB_NAME};User ID=${MYSQL_SERVER_USER};Password=${MYSQL_SERVER_PASS};Pooling=true;Character Set=utf8;AutoEnlist=false;SSL Mode=none;AllowPublicKeyRetrieval=true;Connection Timeout=30;Maximum Pool Size=300;\",/g" ${APP_CONFIG_DIR}/appsettings.production.json From bec2c1f9bb2d6dc4b2027f03c4b6808ea5e5449a Mon Sep 17 00:00:00 2001 From: Evgeniy Antonyuk Date: Mon, 24 Apr 2023 12:48:01 +0500 Subject: [PATCH 13/18] fix Bug 58578 - Fix docker-compose on Debian 11 and Ubuntu 22.04 (#189) --- README.md | 4 +++- docker-compose.groups.yml | 1 + docker-compose.workspace.yml | 1 + docker-compose.workspace_enterprise.yml | 1 + 4 files changed, 6 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 9c23c79..efa577e 100644 --- a/README.md +++ b/README.md @@ -449,7 +449,7 @@ wget https://download.onlyoffice.com/install/workspace-install.sh workspace-install.sh -md yourdomain.com ``` -Or use [docker-compose](https://docs.docker.com/compose/install "docker-compose"). `Temporarily does not work on Ubuntu 22.04 and Debian 11.` +Or use [docker-compose](https://docs.docker.com/compose/install "docker-compose"). First you need to clone this [GitHub repository](https://github.com/ONLYOFFICE/Docker-CommunityServer/): @@ -469,6 +469,8 @@ For the mail server correct work, open one of the files depending on the product * [docker-compose.yml](https://github.com/ONLYOFFICE/Docker-CommunityServer/blob/master/docker-compose.workspace.yml) for ONLYOFFICE Workspace Community Edition * [docker-compose.yml](https://github.com/ONLYOFFICE/Docker-CommunityServer/blob/master/docker-compose.workspace_enterprise.yml) for ONLYOFFICE Workspace Enterprise Edition +For working on `Ubuntu 22.04` and `Debian 11` or later, you need to use docker-compose versions v2.16.0 or later and uncomment the cgroup line in the yml file + Then replace the `${MAIL_SERVER_HOSTNAME}` variable with your own hostname for the **Mail Server**. After that, assuming you have docker-compose installed, execute the following command: ```bash diff --git a/docker-compose.groups.yml b/docker-compose.groups.yml index 8929feb..50649d5 100644 --- a/docker-compose.groups.yml +++ b/docker-compose.groups.yml @@ -41,6 +41,7 @@ services: tty: true restart: always privileged: true +# cgroup: host volumes: - community_data:/var/www/onlyoffice/Data - community_log:/var/log/onlyoffice diff --git a/docker-compose.workspace.yml b/docker-compose.workspace.yml index d07c4f3..7af2cf7 100644 --- a/docker-compose.workspace.yml +++ b/docker-compose.workspace.yml @@ -54,6 +54,7 @@ services: tty: true restart: always privileged: true +# cgroup: host volumes: - community_data:/var/www/onlyoffice/Data - community_log:/var/log/onlyoffice diff --git a/docker-compose.workspace_enterprise.yml b/docker-compose.workspace_enterprise.yml index 322f1ec..b2f142c 100644 --- a/docker-compose.workspace_enterprise.yml +++ b/docker-compose.workspace_enterprise.yml @@ -54,6 +54,7 @@ services: tty: true restart: always privileged: true +# cgroup: host volumes: - community_data:/var/www/onlyoffice/Data - community_log:/var/log/onlyoffice From 3fb50d21bf3681099650938842b0b19ba7cae357 Mon Sep 17 00:00:00 2001 From: Elbakyan Shirak Date: Tue, 23 May 2023 13:54:50 +0400 Subject: [PATCH 14/18] Fix issue #190 add user define syncTimeout param (#191) * Fix syncTymout param * Add syncTimeout teamLabs config --- run-community-server.sh | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/run-community-server.sh b/run-community-server.sh index 43a0fae..e49a8e4 100644 --- a/run-community-server.sh +++ b/run-community-server.sh @@ -453,13 +453,14 @@ REDIS_SERVER_SSL=${REDIS_SERVER_SSL:-"false"}; REDIS_SERVER_DATABASE=${REDIS_SERVER_DATABASE:-"0"}; REDIS_SERVER_CONNECT_TIMEOUT=${REDIS_SERVER_CONNECT_TIMEOUT:-"5000"}; REDIS_SERVER_EXTERNAL=false; +REDIS_SERVER_SYNC_TIMEOUT=${REDIS_SERVER_SYNC_TIMEOUT:-"60000"} if [ ${REDIS_SERVER_HOST} ]; then sed 's///' -i ${APP_ROOT_DIR}/Web.config - sed -E 's///' -i ${APP_ROOT_DIR}/Web.config + sed -E 's///' -i ${APP_ROOT_DIR}/Web.config sed 's///' -i ${APP_SERVICES_DIR}/TeamLabSvc/TeamLabSvc.exe.config - sed -E 's///' -i ${APP_SERVICES_DIR}/TeamLabSvc/TeamLabSvc.exe.config + sed -E 's///' -i ${APP_SERVICES_DIR}/TeamLabSvc/TeamLabSvc.exe.config APP_SERVICES_SOCKET_IO_PATH=${APP_SERVICES_DIR}/ASC.Socket.IO/config/config.json; From cc8c2a7a8bd2c2e93dbfa0167979c39db2c89418 Mon Sep 17 00:00:00 2001 From: Evgeniy Antonyuk Date: Sat, 10 Jun 2023 18:49:42 +0500 Subject: [PATCH 15/18] Correct the FilesTrashCleaner service name --- run-community-server.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/run-community-server.sh b/run-community-server.sh index e49a8e4..02b1c0b 100644 --- a/run-community-server.sh +++ b/run-community-server.sh @@ -1102,7 +1102,7 @@ systemctl stop onlyofficeStorageMigrate systemctl stop onlyofficeStorageEncryption systemctl stop onlyofficeUrlShortener systemctl stop onlyofficeThumbnailBuilder -systemctl stop onlyofficeAutoCleanUp +systemctl stop onlyofficeFilesTrashCleaner systemctl stop god systemctl enable god @@ -1149,7 +1149,7 @@ if [ "${APP_SERVICES_EXTERNAL}" == "true" ]; then systemctl disable onlyofficeStorageEncryption.service systemctl disable onlyofficeUrlShortener.service systemctl disable onlyofficeThumbnailBuilder.service - systemctl disable onlyofficeAutoCleanUp.service + systemctl disable onlyofficeFilesTrashCleaner.service rm -f /lib/systemd/system/onlyofficeRadicale.service rm -f /lib/systemd/system/onlyofficeTelegram.service @@ -1168,7 +1168,7 @@ if [ "${APP_SERVICES_EXTERNAL}" == "true" ]; then rm -f /lib/systemd/system/onlyofficeStorageEncryption.sevice rm -f /lib/systemd/system/onlyofficeUrlShortener.service rm -f /lib/systemd/system/onlyofficeThumbnailBuilder.service - rm -f /lib/systemd/system/onlyofficeAutoCleanUp.service + rm -f /lib/systemd/system/onlyofficeFilesTrashCleaner.service sed '/onlyoffice/d' -i ${APP_CRON_PATH} else @@ -1189,7 +1189,7 @@ else systemctl enable onlyofficeStorageEncryption.service systemctl enable onlyofficeUrlShortener.service systemctl enable onlyofficeThumbnailBuilder.service - systemctl enable onlyofficeAutoCleanUp.service + systemctl enable onlyofficeFilesTrashCleaner.service fi if [ "${APP_MODE}" == "SERVER" ]; then From 12fad27b2088d66e9c87a2120db64f02331e66e3 Mon Sep 17 00:00:00 2001 From: Evgeniy Antonyuk Date: Sat, 10 Jun 2023 19:28:41 +0500 Subject: [PATCH 16/18] Fix mysql startup inside a container --- run-community-server.sh | 30 ++++-------------------------- 1 file changed, 4 insertions(+), 26 deletions(-) diff --git a/run-community-server.sh b/run-community-server.sh index 02b1c0b..6ba4673 100644 --- a/run-community-server.sh +++ b/run-community-server.sh @@ -549,35 +549,17 @@ change_connections(){ } if [ "${MYSQL_SERVER_EXTERNAL}" == "false" ]; then - chown -R mysql:mysql /var/lib/mysql/ - chmod -R 755 /var/lib/mysql/ - if [ ! -f /var/lib/mysql/ibdata1 ]; then - # cp /etc/mysql/my.cnf /usr/share/mysql/my-default.cnf mysql_install_db || true - # mysqld --initialize-insecure --user=mysql || true fi if [ ${LOG_DEBUG} ]; then log_debug "Fix docker bug volume mapping for mysql"; fi - myisamchk -q -r /var/lib/mysql/mysql/proc || true - systemctl enable mysql.service service mysql start - if [ ! -f /var/lib/mysql/mysql_upgrade_info ]; then - if mysqladmin --silent ping -u root | grep -q "mysqld is alive" ; then - mysql_upgrade - else - mysql_upgrade --password=${MYSQL_SERVER_ROOT_PASSWORD}; - fi - - service mysql restart; - fi - - if [ -n "$MYSQL_SERVER_ROOT_PASSWORD" ] && mysqladmin --silent ping -u root | grep -q "mysqld is alive" ; then mysql < Date: Sat, 10 Jun 2023 20:33:21 +0500 Subject: [PATCH 17/18] Correct the substitution of machinekey characters used in sed --- run-community-server.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/run-community-server.sh b/run-community-server.sh index 6ba4673..bd30ff5 100644 --- a/run-community-server.sh +++ b/run-community-server.sh @@ -889,12 +889,12 @@ do sed '/web.warmup.count/s/value=\"\S*\"/value=\"'${APP_MONOSERVE_COUNT}'\"/g' -i ${APP_ROOT_DIR}/web.appsettings.config sed '/web.warmup.domain/s/value=\"\S*\"/value=\"localhost\/warmup\"/g' -i ${APP_ROOT_DIR}/web.appsettings.config - sed "s^\(machine_key\)\s*=.*^\1 = ${APP_CORE_MACHINEKEY}^g" -i ${APP_SERVICES_DIR}/TeamLabSvc/radicale.config + sed "s^\(machine_key\)\s*=.*^\1 = ${APP_CORE_MACHINEKEY//^/\\^}^g" -i ${APP_SERVICES_DIR}/TeamLabSvc/radicale.config binDirs=("$APP_APISYSTEM_DIR" "$APP_SERVICES_DIR" "$APP_ROOT_DIR" "$APP_CONFIG_DIR") for i in "${!binDirs[@]}"; do - find "${binDirs[$i]}" -type f -name "*.[cC]onfig" -exec sed -i "/core.\machinekey/s_\(value\s*=\s*\"\)[^\"]*\"_\1${APP_CORE_MACHINEKEY}\"_" {} \; - find "${binDirs[$i]}" -type f -name "*.json" -exec sed -i "s_\(\"core.machinekey\":\|\"machinekey\":\).*,_\1 \"${APP_CORE_MACHINEKEY}\",_" {} \; + find "${binDirs[$i]}" -type f -name "*.[cC]onfig" -exec sed -i "/core.\machinekey/s_\(value\s*=\s*\"\)[^\"]*\"_\1${APP_CORE_MACHINEKEY//_/\\_}\"_" {} \; + find "${binDirs[$i]}" -type f -name "*.json" -exec sed -i "s_\(\"core.machinekey\":\|\"machinekey\":\).*,_\1 \"${APP_CORE_MACHINEKEY//_/\\_}\",_" {} \; done continue; From 3e7cc45b99d753f50eb84b17e403c6ba94f9554e Mon Sep 17 00:00:00 2001 From: Evgeniy Antonyuk Date: Thu, 22 Jun 2023 14:53:20 +0500 Subject: [PATCH 18/18] Hide the authentication credentials when connecting to mysql (#192) * Hide the authentication credentials when connecting to mysql * Change the creation of mysql config files --- run-community-server.sh | 81 +++++++++++++++++++++++++++++------------ 1 file changed, 58 insertions(+), 23 deletions(-) diff --git a/run-community-server.sh b/run-community-server.sh index bd30ff5..e832c9c 100644 --- a/run-community-server.sh +++ b/run-community-server.sh @@ -148,6 +148,8 @@ DOCUMENT_SERVER_HOST_IP=""; CONTROL_PANEL_ENABLED=false MAIL_SERVER_ENABLED=false +set +x + MYSQL_SERVER_ROOT_PASSWORD=${MYSQL_SERVER_ROOT_PASSWORD:-""} MYSQL_SERVER_HOST=${MYSQL_SERVER_HOST:-"127.0.0.1"} MYSQL_SERVER_PORT=${MYSQL_SERVER_PORT:-"3306"} @@ -156,6 +158,25 @@ MYSQL_SERVER_USER=${MYSQL_SERVER_USER:-"root"} MYSQL_SERVER_PASS=${MYSQL_SERVER_PASS:-${MYSQL_SERVER_ROOT_PASSWORD}} MYSQL_SERVER_EXTERNAL=${MYSQL_SERVER_EXTERNAL:-false}; +mysql_config() { + cat << EOF > $1 +[client] +host=$2 +port=$3 +user=$4 +password=$5 +EOF +} + +MYSQL_CLIENT_CONFIG="/etc/mysql/conf.d/client.cnf" +MYSQL_ROOT_CONFIG="/etc/mysql/conf.d/root.cnf" +MYSQL_MAIL_CONFIG="/etc/mysql/conf.d/mail.cnf" + +mysql_config ${MYSQL_CLIENT_CONFIG} ${MYSQL_SERVER_HOST} ${MYSQL_SERVER_PORT} ${MYSQL_SERVER_USER} ${MYSQL_SERVER_PASS} +mysql_config ${MYSQL_ROOT_CONFIG} ${MYSQL_SERVER_HOST} ${MYSQL_SERVER_PORT} root ${MYSQL_SERVER_ROOT_PASSWORD} + +set -x + mkdir -p "${SSL_CERTIFICATES_DIR}/.well-known/acme-challenge" check_ip_is_internal(){ @@ -377,12 +398,20 @@ fi if [ ${MYSQL_SERVER_PORT_3306_TCP} ]; then MYSQL_SERVER_EXTERNAL=true; + + set +x + MYSQL_SERVER_HOST=${MYSQL_SERVER_PORT_3306_TCP_ADDR}; MYSQL_SERVER_PORT=${MYSQL_SERVER_PORT_3306_TCP_PORT}; MYSQL_SERVER_DB_NAME=${MYSQL_SERVER_ENV_MYSQL_DATABASE:-${MYSQL_SERVER_DB_NAME}}; MYSQL_SERVER_USER=${MYSQL_SERVER_ENV_MYSQL_USER:-${MYSQL_SERVER_USER}}; MYSQL_SERVER_PASS=${MYSQL_SERVER_ENV_MYSQL_PASSWORD:-${MYSQL_SERVER_ENV_MYSQL_ROOT_PASSWORD:-${MYSQL_SERVER_PASS}}}; + mysql_config ${MYSQL_CLIENT_CONFIG} ${MYSQL_SERVER_HOST} ${MYSQL_SERVER_PORT} ${MYSQL_SERVER_USER} ${MYSQL_SERVER_PASS} + mysql_config ${MYSQL_ROOT_CONFIG} ${MYSQL_SERVER_HOST} ${MYSQL_SERVER_PORT} root ${MYSQL_SERVER_ROOT_PASSWORD} + + set -x + if [ ${LOG_DEBUG} ]; then log_debug "MYSQL_SERVER_HOST: ${MYSQL_SERVER_HOST}"; log_debug "MYSQL_SERVER_PORT: ${MYSQL_SERVER_PORT}"; @@ -397,6 +426,8 @@ if [ ${CONTROL_PANEL_PORT_80_TCP} ]; then CONTROL_PANEL_ENABLED=true; fi +set +x + MAIL_SERVER_API_PORT=${MAIL_SERVER_API_PORT:-${MAIL_SERVER_PORT_8081_TCP_PORT:-8081}}; MAIL_SERVER_API_HOST=${MAIL_SERVER_API_HOST:-${MAIL_SERVER_PORT_8081_TCP_ADDR}}; MAIL_SERVER_DB_HOST=${MAIL_SERVER_DB_HOST:-${MAIL_SERVER_PORT_3306_TCP_ADDR}}; @@ -405,6 +436,10 @@ MAIL_SERVER_DB_NAME=${MAIL_SERVER_DB_NAME:-"onlyoffice_mailserver"}; MAIL_SERVER_DB_USER=${MAIL_SERVER_DB_USER:-"mail_admin"}; MAIL_SERVER_DB_PASS=${MAIL_SERVER_DB_PASS:-"Isadmin123"}; +mysql_config ${MYSQL_MAIL_CONFIG} ${MAIL_SERVER_DB_HOST} ${MAIL_SERVER_DB_PORT} ${MAIL_SERVER_DB_USER} ${MAIL_SERVER_DB_PASS} + +set -x + if [ ${MAIL_SERVER_DB_HOST} ]; then MAIL_SERVER_ENABLED=true; @@ -505,9 +540,9 @@ mysql_scalar_exec(){ local queryResult=""; if [ "$2" == "opt_ignore_db_name" ]; then - queryResult=$(mysql --silent --skip-column-names -h ${MYSQL_SERVER_HOST} -P ${MYSQL_SERVER_PORT} -u ${MYSQL_SERVER_USER} --password=${MYSQL_SERVER_PASS} -e "$1"); + queryResult=$(mysql --defaults-extra-file="$MYSQL_CLIENT_CONFIG" --skip-column-names -e "$1"); else - queryResult=$(mysql --silent --skip-column-names -h ${MYSQL_SERVER_HOST} -P ${MYSQL_SERVER_PORT} -u ${MYSQL_SERVER_USER} --password=${MYSQL_SERVER_PASS} -D ${MYSQL_SERVER_DB_NAME} -e "$1"); + queryResult=$(mysql --defaults-extra-file="$MYSQL_CLIENT_CONFIG" --skip-column-names -D ${MYSQL_SERVER_DB_NAME} -e "$1"); fi echo $queryResult; } @@ -516,9 +551,9 @@ mysql_list_exec(){ local queryResult=""; if [ "$2" == "opt_ignore_db_name" ]; then - queryResult=$(mysql --silent --skip-column-names -h ${MYSQL_SERVER_HOST} -P ${MYSQL_SERVER_PORT} -u ${MYSQL_SERVER_USER} --password=${MYSQL_SERVER_PASS} -e "$1"); + queryResult=$(mysql --defaults-extra-file="$MYSQL_CLIENT_CONFIG" --skip-column-names -e "$1"); else - queryResult=$(mysql --silent --skip-column-names -h ${MYSQL_SERVER_HOST} -P ${MYSQL_SERVER_PORT} -u ${MYSQL_SERVER_USER} --password=${MYSQL_SERVER_PASS} -D ${MYSQL_SERVER_DB_NAME} -e "$1"); + queryResult=$(mysql --defaults-extra-file="$MYSQL_CLIENT_CONFIG" --skip-column-names -D ${MYSQL_SERVER_DB_NAME} -e "$1"); fi read -ra vars <<< ${queryResult}; @@ -528,7 +563,7 @@ mysql_list_exec(){ } mysql_batch_exec(){ - mysql --silent --skip-column-names -h ${MYSQL_SERVER_HOST} -P ${MYSQL_SERVER_PORT} -u ${MYSQL_SERVER_USER} --password=${MYSQL_SERVER_PASS} -D ${MYSQL_SERVER_DB_NAME} < "$1"; + mysql --defaults-extra-file="$MYSQL_CLIENT_CONFIG" --skip-column-names -D ${MYSQL_SERVER_DB_NAME} < "$1"; } mysql_check_connection() { @@ -538,14 +573,16 @@ mysql_check_connection() { fi - while ! mysqladmin ping -h ${MYSQL_SERVER_HOST} -P ${MYSQL_SERVER_PORT} -u ${MYSQL_SERVER_USER} --password=${MYSQL_SERVER_PASS} --silent; do + while ! mysqladmin --defaults-extra-file="$MYSQL_CLIENT_CONFIG" ping; do sleep 1 done } change_connections(){ + set +x sed '/'${1}'/s/\(connectionString\s*=\s*\"\)[^\"]*\"/\1Server='${MYSQL_SERVER_HOST}';Port='${MYSQL_SERVER_PORT}';Database='${MYSQL_SERVER_DB_NAME}';User ID='${MYSQL_SERVER_USER}';Password='${MYSQL_SERVER_PASS}';Pooling=true;Character Set=utf8;AutoEnlist=false;SSL Mode=none;AllowPublicKeyRetrieval=true;Connection Timeout=30;Maximum Pool Size=300;\"/' -i ${2} + set -x } if [ "${MYSQL_SERVER_EXTERNAL}" == "false" ]; then @@ -560,8 +597,8 @@ if [ "${MYSQL_SERVER_EXTERNAL}" == "false" ]; then systemctl enable mysql.service service mysql start - if [ -n "$MYSQL_SERVER_ROOT_PASSWORD" ] && mysqladmin --silent ping -u root | grep -q "mysqld is alive" ; then -mysql <