Compare commits
1 commit
Author | SHA1 | Date | |
---|---|---|---|
e2e65b0ac9 |
1 changed files with 381 additions and 360 deletions
|
@ -1,7 +1,7 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
function clean_exit {
|
function clean_exit {
|
||||||
/usr/bin/documentserver-prepare4shutdown.sh
|
/usr/bin/documentserver-prepare4shutdown.sh
|
||||||
}
|
}
|
||||||
|
|
||||||
trap clean_exit SIGTERM
|
trap clean_exit SIGTERM
|
||||||
|
@ -9,6 +9,27 @@ trap clean_exit SIGTERM
|
||||||
# Define '**' behavior explicitly
|
# Define '**' behavior explicitly
|
||||||
shopt -s globstar
|
shopt -s globstar
|
||||||
|
|
||||||
|
# Check if lager file limits should be set
|
||||||
|
if [ "$LARGER_FILE_LIMITS" = "true" ]; then
|
||||||
|
if [ -e /app/ds/file_limits_set ]; then
|
||||||
|
echo ""
|
||||||
|
else
|
||||||
|
touch /app/ds/file_limits_set
|
||||||
|
|
||||||
|
sed -i -e 's/104857600/10485760000/g' /etc/onlyoffice/documentserver-example/production-linux.json
|
||||||
|
|
||||||
|
sed -i '9iclient_max_body_size 1000M;' /etc/onlyoffice/documentserver-example/nginx/includes/ds-example.conf
|
||||||
|
sed -i '16iclient_max_body_size 1000M;' /etc/nginx/nginx.conf
|
||||||
|
|
||||||
|
sed -i -e 's/104857600/10485760000/g' /etc/onlyoffice/documentserver/default.json
|
||||||
|
sed -i -e 's/50MB/5000MB/g' /etc/onlyoffice/documentserver/default.json
|
||||||
|
sed -i -e 's/300MB/3000MB/g' /etc/onlyoffice/documentserver/default.json
|
||||||
|
|
||||||
|
sed -i 's/^client_max_body_size 100m;$/client_max_body_size 1000m;/' /etc/onlyoffice/documentserver/nginx/includes/ds-common.conf
|
||||||
|
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
APP_DIR="/var/www/${COMPANY_NAME}/documentserver"
|
APP_DIR="/var/www/${COMPANY_NAME}/documentserver"
|
||||||
DATA_DIR="/var/www/${COMPANY_NAME}/Data"
|
DATA_DIR="/var/www/${COMPANY_NAME}/Data"
|
||||||
PRIVATE_DATA_DIR="${DATA_DIR}/.private"
|
PRIVATE_DATA_DIR="${DATA_DIR}/.private"
|
||||||
|
@ -26,27 +47,27 @@ ONLYOFFICE_DATA_CONTAINER_PORT=80
|
||||||
|
|
||||||
RELEASE_DATE="$(stat -c="%y" ${APP_DIR}/server/DocService/docservice | sed -r 's/=([0-9]+)-([0-9]+)-([0-9]+) ([0-9:.+ ]+)/\1-\2-\3/')";
|
RELEASE_DATE="$(stat -c="%y" ${APP_DIR}/server/DocService/docservice | sed -r 's/=([0-9]+)-([0-9]+)-([0-9]+) ([0-9:.+ ]+)/\1-\2-\3/')";
|
||||||
if [ -f ${DS_RELEASE_DATE} ]; then
|
if [ -f ${DS_RELEASE_DATE} ]; then
|
||||||
PREV_RELEASE_DATE=$(head -n 1 ${DS_RELEASE_DATE})
|
PREV_RELEASE_DATE=$(head -n 1 ${DS_RELEASE_DATE})
|
||||||
else
|
else
|
||||||
PREV_RELEASE_DATE="0"
|
PREV_RELEASE_DATE="0"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ "${RELEASE_DATE}" != "${PREV_RELEASE_DATE}" ]; then
|
if [ "${RELEASE_DATE}" != "${PREV_RELEASE_DATE}" ]; then
|
||||||
if [ ${ONLYOFFICE_DATA_CONTAINER} != "true" ]; then
|
if [ ${ONLYOFFICE_DATA_CONTAINER} != "true" ]; then
|
||||||
IS_UPGRADE="true";
|
IS_UPGRADE="true";
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
SSL_CERTIFICATES_DIR="${DATA_DIR}/certs"
|
SSL_CERTIFICATES_DIR="${DATA_DIR}/certs"
|
||||||
if [[ -z $SSL_CERTIFICATE_PATH ]] && [[ -f ${SSL_CERTIFICATES_DIR}/${COMPANY_NAME}.crt ]]; then
|
if [[ -z $SSL_CERTIFICATE_PATH ]] && [[ -f ${SSL_CERTIFICATES_DIR}/${COMPANY_NAME}.crt ]]; then
|
||||||
SSL_CERTIFICATE_PATH=${SSL_CERTIFICATES_DIR}/${COMPANY_NAME}.crt
|
SSL_CERTIFICATE_PATH=${SSL_CERTIFICATES_DIR}/${COMPANY_NAME}.crt
|
||||||
else
|
else
|
||||||
SSL_CERTIFICATE_PATH=${SSL_CERTIFICATE_PATH:-${SSL_CERTIFICATES_DIR}/tls.crt}
|
SSL_CERTIFICATE_PATH=${SSL_CERTIFICATE_PATH:-${SSL_CERTIFICATES_DIR}/tls.crt}
|
||||||
fi
|
fi
|
||||||
if [[ -z $SSL_KEY_PATH ]] && [[ -f ${SSL_CERTIFICATES_DIR}/${COMPANY_NAME}.key ]]; then
|
if [[ -z $SSL_KEY_PATH ]] && [[ -f ${SSL_CERTIFICATES_DIR}/${COMPANY_NAME}.key ]]; then
|
||||||
SSL_KEY_PATH=${SSL_CERTIFICATES_DIR}/${COMPANY_NAME}.key
|
SSL_KEY_PATH=${SSL_CERTIFICATES_DIR}/${COMPANY_NAME}.key
|
||||||
else
|
else
|
||||||
SSL_KEY_PATH=${SSL_KEY_PATH:-${SSL_CERTIFICATES_DIR}/tls.key}
|
SSL_KEY_PATH=${SSL_KEY_PATH:-${SSL_CERTIFICATES_DIR}/tls.key}
|
||||||
fi
|
fi
|
||||||
CA_CERTIFICATES_PATH=${CA_CERTIFICATES_PATH:-${SSL_CERTIFICATES_DIR}/ca-certificates.pem}
|
CA_CERTIFICATES_PATH=${CA_CERTIFICATES_PATH:-${SSL_CERTIFICATES_DIR}/ca-certificates.pem}
|
||||||
SSL_DHPARAM_PATH=${SSL_DHPARAM_PATH:-${SSL_CERTIFICATES_DIR}/dhparam.pem}
|
SSL_DHPARAM_PATH=${SSL_DHPARAM_PATH:-${SSL_CERTIFICATES_DIR}/dhparam.pem}
|
||||||
|
@ -70,9 +91,9 @@ JWT_ENABLED=${JWT_ENABLED:-false}
|
||||||
|
|
||||||
# validate user's vars before usinig in json
|
# validate user's vars before usinig in json
|
||||||
if [ "${JWT_ENABLED}" == "true" ]; then
|
if [ "${JWT_ENABLED}" == "true" ]; then
|
||||||
JWT_ENABLED="true"
|
JWT_ENABLED="true"
|
||||||
else
|
else
|
||||||
JWT_ENABLED="false"
|
JWT_ENABLED="false"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
JWT_SECRET=${JWT_SECRET:-secret}
|
JWT_SECRET=${JWT_SECRET:-secret}
|
||||||
|
@ -84,9 +105,9 @@ WOPI_ENABLED=${WOPI_ENABLED:-false}
|
||||||
GENERATE_FONTS=${GENERATE_FONTS:-true}
|
GENERATE_FONTS=${GENERATE_FONTS:-true}
|
||||||
|
|
||||||
if [[ ${PRODUCT_NAME} == "documentserver" ]]; then
|
if [[ ${PRODUCT_NAME} == "documentserver" ]]; then
|
||||||
REDIS_ENABLED=false
|
REDIS_ENABLED=false
|
||||||
else
|
else
|
||||||
REDIS_ENABLED=true
|
REDIS_ENABLED=true
|
||||||
fi
|
fi
|
||||||
|
|
||||||
ONLYOFFICE_DEFAULT_CONFIG=${CONF_DIR}/local.json
|
ONLYOFFICE_DEFAULT_CONFIG=${CONF_DIR}/local.json
|
||||||
|
@ -108,505 +129,505 @@ RABBITMQ_DATA=/var/lib/rabbitmq
|
||||||
REDIS_DATA=/var/lib/redis
|
REDIS_DATA=/var/lib/redis
|
||||||
|
|
||||||
if [ "${LETS_ENCRYPT_DOMAIN}" != "" -a "${LETS_ENCRYPT_MAIL}" != "" ]; then
|
if [ "${LETS_ENCRYPT_DOMAIN}" != "" -a "${LETS_ENCRYPT_MAIL}" != "" ]; then
|
||||||
LETSENCRYPT_ROOT_DIR="/etc/letsencrypt/live"
|
LETSENCRYPT_ROOT_DIR="/etc/letsencrypt/live"
|
||||||
SSL_CERTIFICATE_PATH=${LETSENCRYPT_ROOT_DIR}/${LETS_ENCRYPT_DOMAIN}/fullchain.pem
|
SSL_CERTIFICATE_PATH=${LETSENCRYPT_ROOT_DIR}/${LETS_ENCRYPT_DOMAIN}/fullchain.pem
|
||||||
SSL_KEY_PATH=${LETSENCRYPT_ROOT_DIR}/${LETS_ENCRYPT_DOMAIN}/privkey.pem
|
SSL_KEY_PATH=${LETSENCRYPT_ROOT_DIR}/${LETS_ENCRYPT_DOMAIN}/privkey.pem
|
||||||
fi
|
fi
|
||||||
|
|
||||||
read_setting(){
|
read_setting(){
|
||||||
deprecated_var POSTGRESQL_SERVER_HOST DB_HOST
|
deprecated_var POSTGRESQL_SERVER_HOST DB_HOST
|
||||||
deprecated_var POSTGRESQL_SERVER_PORT DB_PORT
|
deprecated_var POSTGRESQL_SERVER_PORT DB_PORT
|
||||||
deprecated_var POSTGRESQL_SERVER_DB_NAME DB_NAME
|
deprecated_var POSTGRESQL_SERVER_DB_NAME DB_NAME
|
||||||
deprecated_var POSTGRESQL_SERVER_USER DB_USER
|
deprecated_var POSTGRESQL_SERVER_USER DB_USER
|
||||||
deprecated_var POSTGRESQL_SERVER_PASS DB_PWD
|
deprecated_var POSTGRESQL_SERVER_PASS DB_PWD
|
||||||
deprecated_var RABBITMQ_SERVER_URL AMQP_URI
|
deprecated_var RABBITMQ_SERVER_URL AMQP_URI
|
||||||
deprecated_var AMQP_SERVER_URL AMQP_URI
|
deprecated_var AMQP_SERVER_URL AMQP_URI
|
||||||
deprecated_var AMQP_SERVER_TYPE AMQP_TYPE
|
deprecated_var AMQP_SERVER_TYPE AMQP_TYPE
|
||||||
|
|
||||||
METRICS_ENABLED="${METRICS_ENABLED:-false}"
|
METRICS_ENABLED="${METRICS_ENABLED:-false}"
|
||||||
METRICS_HOST="${METRICS_HOST:-localhost}"
|
METRICS_HOST="${METRICS_HOST:-localhost}"
|
||||||
METRICS_PORT="${METRICS_PORT:-8125}"
|
METRICS_PORT="${METRICS_PORT:-8125}"
|
||||||
METRICS_PREFIX="${METRICS_PREFIX:-.ds}"
|
METRICS_PREFIX="${METRICS_PREFIX:-.ds}"
|
||||||
|
|
||||||
DB_HOST=${DB_HOST:-${POSTGRESQL_SERVER_HOST:-$(${JSON} services.CoAuthoring.sql.dbHost)}}
|
DB_HOST=${DB_HOST:-${POSTGRESQL_SERVER_HOST:-$(${JSON} services.CoAuthoring.sql.dbHost)}}
|
||||||
DB_TYPE=${DB_TYPE:-$(${JSON} services.CoAuthoring.sql.type)}
|
DB_TYPE=${DB_TYPE:-$(${JSON} services.CoAuthoring.sql.type)}
|
||||||
case $DB_TYPE in
|
case $DB_TYPE in
|
||||||
"postgres")
|
"postgres")
|
||||||
DB_PORT=${DB_PORT:-"5432"}
|
DB_PORT=${DB_PORT:-"5432"}
|
||||||
;;
|
;;
|
||||||
"mariadb"|"mysql")
|
"mariadb"|"mysql")
|
||||||
DB_PORT=${DB_PORT:-"3306"}
|
DB_PORT=${DB_PORT:-"3306"}
|
||||||
;;
|
;;
|
||||||
"")
|
"")
|
||||||
DB_PORT=${DB_PORT:-${POSTGRESQL_SERVER_PORT:-$(${JSON} services.CoAuthoring.sql.dbPort)}}
|
DB_PORT=${DB_PORT:-${POSTGRESQL_SERVER_PORT:-$(${JSON} services.CoAuthoring.sql.dbPort)}}
|
||||||
;;
|
;;
|
||||||
*)
|
*)
|
||||||
echo "ERROR: unknown database type"
|
echo "ERROR: unknown database type"
|
||||||
exit 1
|
exit 1
|
||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
DB_NAME=${DB_NAME:-${POSTGRESQL_SERVER_DB_NAME:-$(${JSON} services.CoAuthoring.sql.dbName)}}
|
DB_NAME=${DB_NAME:-${POSTGRESQL_SERVER_DB_NAME:-$(${JSON} services.CoAuthoring.sql.dbName)}}
|
||||||
DB_USER=${DB_USER:-${POSTGRESQL_SERVER_USER:-$(${JSON} services.CoAuthoring.sql.dbUser)}}
|
DB_USER=${DB_USER:-${POSTGRESQL_SERVER_USER:-$(${JSON} services.CoAuthoring.sql.dbUser)}}
|
||||||
DB_PWD=${DB_PWD:-${POSTGRESQL_SERVER_PASS:-$(${JSON} services.CoAuthoring.sql.dbPass)}}
|
DB_PWD=${DB_PWD:-${POSTGRESQL_SERVER_PASS:-$(${JSON} services.CoAuthoring.sql.dbPass)}}
|
||||||
|
|
||||||
RABBITMQ_SERVER_URL=${RABBITMQ_SERVER_URL:-$(${JSON} rabbitmq.url)}
|
RABBITMQ_SERVER_URL=${RABBITMQ_SERVER_URL:-$(${JSON} rabbitmq.url)}
|
||||||
AMQP_URI=${AMQP_URI:-${AMQP_SERVER_URL:-${RABBITMQ_SERVER_URL}}}
|
AMQP_URI=${AMQP_URI:-${AMQP_SERVER_URL:-${RABBITMQ_SERVER_URL}}}
|
||||||
AMQP_TYPE=${AMQP_TYPE:-${AMQP_SERVER_TYPE:-rabbitmq}}
|
AMQP_TYPE=${AMQP_TYPE:-${AMQP_SERVER_TYPE:-rabbitmq}}
|
||||||
parse_rabbitmq_url ${AMQP_URI}
|
parse_rabbitmq_url ${AMQP_URI}
|
||||||
|
|
||||||
REDIS_SERVER_HOST=${REDIS_SERVER_HOST:-$(${JSON} services.CoAuthoring.redis.host)}
|
REDIS_SERVER_HOST=${REDIS_SERVER_HOST:-$(${JSON} services.CoAuthoring.redis.host)}
|
||||||
REDIS_SERVER_PORT=${REDIS_SERVER_PORT:-6379}
|
REDIS_SERVER_PORT=${REDIS_SERVER_PORT:-6379}
|
||||||
|
|
||||||
DS_LOG_LEVEL=${DS_LOG_LEVEL:-$(${JSON_LOG} categories.default.level)}
|
DS_LOG_LEVEL=${DS_LOG_LEVEL:-$(${JSON_LOG} categories.default.level)}
|
||||||
}
|
}
|
||||||
|
|
||||||
deprecated_var() {
|
deprecated_var() {
|
||||||
if [[ -n ${!1} ]]; then
|
if [[ -n ${!1} ]]; then
|
||||||
echo "Variable $1 is deprecated. Use $2 instead."
|
echo "Variable $1 is deprecated. Use $2 instead."
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
parse_rabbitmq_url(){
|
parse_rabbitmq_url(){
|
||||||
local amqp=$1
|
local amqp=$1
|
||||||
|
|
||||||
# extract the protocol
|
# extract the protocol
|
||||||
local proto="$(echo $amqp | grep :// | sed -e's,^\(.*://\).*,\1,g')"
|
local proto="$(echo $amqp | grep :// | sed -e's,^\(.*://\).*,\1,g')"
|
||||||
# remove the protocol
|
# remove the protocol
|
||||||
local url="$(echo ${amqp/$proto/})"
|
local url="$(echo ${amqp/$proto/})"
|
||||||
|
|
||||||
# extract the user and password (if any)
|
# extract the user and password (if any)
|
||||||
local userpass="`echo $url | grep @ | cut -d@ -f1`"
|
local userpass="`echo $url | grep @ | cut -d@ -f1`"
|
||||||
local pass=`echo $userpass | grep : | cut -d: -f2`
|
local pass=`echo $userpass | grep : | cut -d: -f2`
|
||||||
|
|
||||||
local user
|
local user
|
||||||
if [ -n "$pass" ]; then
|
if [ -n "$pass" ]; then
|
||||||
user=`echo $userpass | grep : | cut -d: -f1`
|
user=`echo $userpass | grep : | cut -d: -f1`
|
||||||
else
|
else
|
||||||
user=$userpass
|
user=$userpass
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# extract the host
|
# extract the host
|
||||||
local hostport="$(echo ${url/$userpass@/} | cut -d/ -f1)"
|
local hostport="$(echo ${url/$userpass@/} | cut -d/ -f1)"
|
||||||
# by request - try to extract the port
|
# by request - try to extract the port
|
||||||
local port="$(echo $hostport | sed -e 's,^.*:,:,g' -e 's,.*:\([0-9]*\).*,\1,g' -e 's,[^0-9],,g')"
|
local port="$(echo $hostport | sed -e 's,^.*:,:,g' -e 's,.*:\([0-9]*\).*,\1,g' -e 's,[^0-9],,g')"
|
||||||
|
|
||||||
local host
|
local host
|
||||||
if [ -n "$port" ]; then
|
if [ -n "$port" ]; then
|
||||||
host=`echo $hostport | grep : | cut -d: -f1`
|
host=`echo $hostport | grep : | cut -d: -f1`
|
||||||
else
|
else
|
||||||
host=$hostport
|
host=$hostport
|
||||||
port="5672"
|
port="5672"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# extract the path (if any)
|
# extract the path (if any)
|
||||||
local path="$(echo $url | grep / | cut -d/ -f2-)"
|
local path="$(echo $url | grep / | cut -d/ -f2-)"
|
||||||
|
|
||||||
AMQP_SERVER_PROTO=${proto:0:-3}
|
AMQP_SERVER_PROTO=${proto:0:-3}
|
||||||
AMQP_SERVER_HOST=$host
|
AMQP_SERVER_HOST=$host
|
||||||
AMQP_SERVER_USER=$user
|
AMQP_SERVER_USER=$user
|
||||||
AMQP_SERVER_PASS=$pass
|
AMQP_SERVER_PASS=$pass
|
||||||
AMQP_SERVER_PORT=$port
|
AMQP_SERVER_PORT=$port
|
||||||
}
|
}
|
||||||
|
|
||||||
waiting_for_connection(){
|
waiting_for_connection(){
|
||||||
until nc -z -w 3 "$1" "$2"; do
|
until nc -z -w 3 "$1" "$2"; do
|
||||||
>&2 echo "Waiting for connection to the $1 host on port $2"
|
>&2 echo "Waiting for connection to the $1 host on port $2"
|
||||||
sleep 1
|
sleep 1
|
||||||
done
|
done
|
||||||
}
|
}
|
||||||
|
|
||||||
waiting_for_db(){
|
waiting_for_db(){
|
||||||
waiting_for_connection $DB_HOST $DB_PORT
|
waiting_for_connection $DB_HOST $DB_PORT
|
||||||
}
|
}
|
||||||
|
|
||||||
waiting_for_amqp(){
|
waiting_for_amqp(){
|
||||||
waiting_for_connection ${AMQP_SERVER_HOST} ${AMQP_SERVER_PORT}
|
waiting_for_connection ${AMQP_SERVER_HOST} ${AMQP_SERVER_PORT}
|
||||||
}
|
}
|
||||||
|
|
||||||
waiting_for_redis(){
|
waiting_for_redis(){
|
||||||
waiting_for_connection ${REDIS_SERVER_HOST} ${REDIS_SERVER_PORT}
|
waiting_for_connection ${REDIS_SERVER_HOST} ${REDIS_SERVER_PORT}
|
||||||
}
|
}
|
||||||
waiting_for_datacontainer(){
|
waiting_for_datacontainer(){
|
||||||
waiting_for_connection ${ONLYOFFICE_DATA_CONTAINER_HOST} ${ONLYOFFICE_DATA_CONTAINER_PORT}
|
waiting_for_connection ${ONLYOFFICE_DATA_CONTAINER_HOST} ${ONLYOFFICE_DATA_CONTAINER_PORT}
|
||||||
}
|
}
|
||||||
|
|
||||||
update_statsd_settings(){
|
update_statsd_settings(){
|
||||||
${JSON} -I -e "if(this.statsd===undefined)this.statsd={};"
|
${JSON} -I -e "if(this.statsd===undefined)this.statsd={};"
|
||||||
${JSON} -I -e "this.statsd.useMetrics = '${METRICS_ENABLED}'"
|
${JSON} -I -e "this.statsd.useMetrics = '${METRICS_ENABLED}'"
|
||||||
${JSON} -I -e "this.statsd.host = '${METRICS_HOST}'"
|
${JSON} -I -e "this.statsd.host = '${METRICS_HOST}'"
|
||||||
${JSON} -I -e "this.statsd.port = '${METRICS_PORT}'"
|
${JSON} -I -e "this.statsd.port = '${METRICS_PORT}'"
|
||||||
${JSON} -I -e "this.statsd.prefix = '${METRICS_PREFIX}'"
|
${JSON} -I -e "this.statsd.prefix = '${METRICS_PREFIX}'"
|
||||||
}
|
}
|
||||||
|
|
||||||
update_db_settings(){
|
update_db_settings(){
|
||||||
${JSON} -I -e "this.services.CoAuthoring.sql.type = '${DB_TYPE}'"
|
${JSON} -I -e "this.services.CoAuthoring.sql.type = '${DB_TYPE}'"
|
||||||
${JSON} -I -e "this.services.CoAuthoring.sql.dbHost = '${DB_HOST}'"
|
${JSON} -I -e "this.services.CoAuthoring.sql.dbHost = '${DB_HOST}'"
|
||||||
${JSON} -I -e "this.services.CoAuthoring.sql.dbPort = '${DB_PORT}'"
|
${JSON} -I -e "this.services.CoAuthoring.sql.dbPort = '${DB_PORT}'"
|
||||||
${JSON} -I -e "this.services.CoAuthoring.sql.dbName = '${DB_NAME}'"
|
${JSON} -I -e "this.services.CoAuthoring.sql.dbName = '${DB_NAME}'"
|
||||||
${JSON} -I -e "this.services.CoAuthoring.sql.dbUser = '${DB_USER}'"
|
${JSON} -I -e "this.services.CoAuthoring.sql.dbUser = '${DB_USER}'"
|
||||||
${JSON} -I -e "this.services.CoAuthoring.sql.dbPass = '${DB_PWD}'"
|
${JSON} -I -e "this.services.CoAuthoring.sql.dbPass = '${DB_PWD}'"
|
||||||
}
|
}
|
||||||
|
|
||||||
update_rabbitmq_setting(){
|
update_rabbitmq_setting(){
|
||||||
if [ "${AMQP_TYPE}" == "rabbitmq" ]; then
|
if [ "${AMQP_TYPE}" == "rabbitmq" ]; then
|
||||||
${JSON} -I -e "if(this.queue===undefined)this.queue={};"
|
${JSON} -I -e "if(this.queue===undefined)this.queue={};"
|
||||||
${JSON} -I -e "this.queue.type = 'rabbitmq'"
|
${JSON} -I -e "this.queue.type = 'rabbitmq'"
|
||||||
${JSON} -I -e "this.rabbitmq.url = '${AMQP_URI}'"
|
${JSON} -I -e "this.rabbitmq.url = '${AMQP_URI}'"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ "${AMQP_TYPE}" == "activemq" ]; then
|
if [ "${AMQP_TYPE}" == "activemq" ]; then
|
||||||
${JSON} -I -e "if(this.queue===undefined)this.queue={};"
|
${JSON} -I -e "if(this.queue===undefined)this.queue={};"
|
||||||
${JSON} -I -e "this.queue.type = 'activemq'"
|
${JSON} -I -e "this.queue.type = 'activemq'"
|
||||||
${JSON} -I -e "if(this.activemq===undefined)this.activemq={};"
|
${JSON} -I -e "if(this.activemq===undefined)this.activemq={};"
|
||||||
${JSON} -I -e "if(this.activemq.connectOptions===undefined)this.activemq.connectOptions={};"
|
${JSON} -I -e "if(this.activemq.connectOptions===undefined)this.activemq.connectOptions={};"
|
||||||
|
|
||||||
${JSON} -I -e "this.activemq.connectOptions.host = '${AMQP_SERVER_HOST}'"
|
${JSON} -I -e "this.activemq.connectOptions.host = '${AMQP_SERVER_HOST}'"
|
||||||
|
|
||||||
if [ ! "${AMQP_SERVER_PORT}" == "" ]; then
|
if [ ! "${AMQP_SERVER_PORT}" == "" ]; then
|
||||||
${JSON} -I -e "this.activemq.connectOptions.port = '${AMQP_SERVER_PORT}'"
|
${JSON} -I -e "this.activemq.connectOptions.port = '${AMQP_SERVER_PORT}'"
|
||||||
else
|
else
|
||||||
${JSON} -I -e "delete this.activemq.connectOptions.port"
|
${JSON} -I -e "delete this.activemq.connectOptions.port"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ ! "${AMQP_SERVER_USER}" == "" ]; then
|
if [ ! "${AMQP_SERVER_USER}" == "" ]; then
|
||||||
${JSON} -I -e "this.activemq.connectOptions.username = '${AMQP_SERVER_USER}'"
|
${JSON} -I -e "this.activemq.connectOptions.username = '${AMQP_SERVER_USER}'"
|
||||||
else
|
else
|
||||||
${JSON} -I -e "delete this.activemq.connectOptions.username"
|
${JSON} -I -e "delete this.activemq.connectOptions.username"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ ! "${AMQP_SERVER_PASS}" == "" ]; then
|
if [ ! "${AMQP_SERVER_PASS}" == "" ]; then
|
||||||
${JSON} -I -e "this.activemq.connectOptions.password = '${AMQP_SERVER_PASS}'"
|
${JSON} -I -e "this.activemq.connectOptions.password = '${AMQP_SERVER_PASS}'"
|
||||||
else
|
else
|
||||||
${JSON} -I -e "delete this.activemq.connectOptions.password"
|
${JSON} -I -e "delete this.activemq.connectOptions.password"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
case "${AMQP_SERVER_PROTO}" in
|
case "${AMQP_SERVER_PROTO}" in
|
||||||
amqp+ssl|amqps)
|
amqp+ssl|amqps)
|
||||||
${JSON} -I -e "this.activemq.connectOptions.transport = 'tls'"
|
${JSON} -I -e "this.activemq.connectOptions.transport = 'tls'"
|
||||||
;;
|
;;
|
||||||
*)
|
*)
|
||||||
${JSON} -I -e "delete this.activemq.connectOptions.transport"
|
${JSON} -I -e "delete this.activemq.connectOptions.transport"
|
||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
update_redis_settings(){
|
update_redis_settings(){
|
||||||
${JSON} -I -e "if(this.services.CoAuthoring.redis===undefined)this.services.CoAuthoring.redis={};"
|
${JSON} -I -e "if(this.services.CoAuthoring.redis===undefined)this.services.CoAuthoring.redis={};"
|
||||||
${JSON} -I -e "this.services.CoAuthoring.redis.host = '${REDIS_SERVER_HOST}'"
|
${JSON} -I -e "this.services.CoAuthoring.redis.host = '${REDIS_SERVER_HOST}'"
|
||||||
${JSON} -I -e "this.services.CoAuthoring.redis.port = '${REDIS_SERVER_PORT}'"
|
${JSON} -I -e "this.services.CoAuthoring.redis.port = '${REDIS_SERVER_PORT}'"
|
||||||
}
|
}
|
||||||
|
|
||||||
update_ds_settings(){
|
update_ds_settings(){
|
||||||
${JSON} -I -e "this.services.CoAuthoring.token.enable.browser = ${JWT_ENABLED}"
|
${JSON} -I -e "this.services.CoAuthoring.token.enable.browser = ${JWT_ENABLED}"
|
||||||
${JSON} -I -e "this.services.CoAuthoring.token.enable.request.inbox = ${JWT_ENABLED}"
|
${JSON} -I -e "this.services.CoAuthoring.token.enable.request.inbox = ${JWT_ENABLED}"
|
||||||
${JSON} -I -e "this.services.CoAuthoring.token.enable.request.outbox = ${JWT_ENABLED}"
|
${JSON} -I -e "this.services.CoAuthoring.token.enable.request.outbox = ${JWT_ENABLED}"
|
||||||
|
|
||||||
${JSON} -I -e "this.services.CoAuthoring.secret.inbox.string = '${JWT_SECRET}'"
|
${JSON} -I -e "this.services.CoAuthoring.secret.inbox.string = '${JWT_SECRET}'"
|
||||||
${JSON} -I -e "this.services.CoAuthoring.secret.outbox.string = '${JWT_SECRET}'"
|
${JSON} -I -e "this.services.CoAuthoring.secret.outbox.string = '${JWT_SECRET}'"
|
||||||
${JSON} -I -e "this.services.CoAuthoring.secret.session.string = '${JWT_SECRET}'"
|
${JSON} -I -e "this.services.CoAuthoring.secret.session.string = '${JWT_SECRET}'"
|
||||||
|
|
||||||
${JSON} -I -e "this.services.CoAuthoring.token.inbox.header = '${JWT_HEADER}'"
|
${JSON} -I -e "this.services.CoAuthoring.token.inbox.header = '${JWT_HEADER}'"
|
||||||
${JSON} -I -e "this.services.CoAuthoring.token.outbox.header = '${JWT_HEADER}'"
|
${JSON} -I -e "this.services.CoAuthoring.token.outbox.header = '${JWT_HEADER}'"
|
||||||
|
|
||||||
${JSON} -I -e "this.services.CoAuthoring.token.inbox.inBody = ${JWT_IN_BODY}"
|
${JSON} -I -e "this.services.CoAuthoring.token.inbox.inBody = ${JWT_IN_BODY}"
|
||||||
${JSON} -I -e "this.services.CoAuthoring.token.outbox.inBody = ${JWT_IN_BODY}"
|
${JSON} -I -e "this.services.CoAuthoring.token.outbox.inBody = ${JWT_IN_BODY}"
|
||||||
|
|
||||||
if [ -f "${ONLYOFFICE_EXAMPLE_CONFIG}" ]; then
|
if [ -f "${ONLYOFFICE_EXAMPLE_CONFIG}" ]; then
|
||||||
${JSON_EXAMPLE} -I -e "this.server.token.enable = ${JWT_ENABLED}"
|
${JSON_EXAMPLE} -I -e "this.server.token.enable = ${JWT_ENABLED}"
|
||||||
${JSON_EXAMPLE} -I -e "this.server.token.secret = '${JWT_SECRET}'"
|
${JSON_EXAMPLE} -I -e "this.server.token.secret = '${JWT_SECRET}'"
|
||||||
${JSON_EXAMPLE} -I -e "this.server.token.authorizationHeader = '${JWT_HEADER}'"
|
${JSON_EXAMPLE} -I -e "this.server.token.authorizationHeader = '${JWT_HEADER}'"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ "${USE_UNAUTHORIZED_STORAGE}" == "true" ]; then
|
if [ "${USE_UNAUTHORIZED_STORAGE}" == "true" ]; then
|
||||||
${JSON} -I -e "if(this.services.CoAuthoring.requestDefaults===undefined)this.services.CoAuthoring.requestDefaults={}"
|
${JSON} -I -e "if(this.services.CoAuthoring.requestDefaults===undefined)this.services.CoAuthoring.requestDefaults={}"
|
||||||
${JSON} -I -e "if(this.services.CoAuthoring.requestDefaults.rejectUnauthorized===undefined)this.services.CoAuthoring.requestDefaults.rejectUnauthorized=false"
|
${JSON} -I -e "if(this.services.CoAuthoring.requestDefaults.rejectUnauthorized===undefined)this.services.CoAuthoring.requestDefaults.rejectUnauthorized=false"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ "${WOPI_ENABLED}" == "true" ]; then
|
if [ "${WOPI_ENABLED}" == "true" ]; then
|
||||||
${JSON} -I -e "if(this.wopi===undefined)this.wopi={}"
|
${JSON} -I -e "if(this.wopi===undefined)this.wopi={}"
|
||||||
${JSON} -I -e "this.wopi.enable = true"
|
${JSON} -I -e "this.wopi.enable = true"
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
create_postgresql_cluster(){
|
create_postgresql_cluster(){
|
||||||
local pg_conf_dir=/etc/postgresql/${PG_VERSION}/${PG_NAME}
|
local pg_conf_dir=/etc/postgresql/${PG_VERSION}/${PG_NAME}
|
||||||
local postgresql_conf=$pg_conf_dir/postgresql.conf
|
local postgresql_conf=$pg_conf_dir/postgresql.conf
|
||||||
local hba_conf=$pg_conf_dir/pg_hba.conf
|
local hba_conf=$pg_conf_dir/pg_hba.conf
|
||||||
|
|
||||||
mv $postgresql_conf $postgresql_conf.backup
|
mv $postgresql_conf $postgresql_conf.backup
|
||||||
mv $hba_conf $hba_conf.backup
|
mv $hba_conf $hba_conf.backup
|
||||||
|
|
||||||
pg_createcluster ${PG_VERSION} ${PG_NAME}
|
pg_createcluster ${PG_VERSION} ${PG_NAME}
|
||||||
}
|
}
|
||||||
|
|
||||||
create_postgresql_db(){
|
create_postgresql_db(){
|
||||||
sudo -u postgres psql -c "CREATE DATABASE $DB_NAME;"
|
sudo -u postgres psql -c "CREATE DATABASE $DB_NAME;"
|
||||||
sudo -u postgres psql -c "CREATE USER $DB_USER WITH password '"$DB_PWD"';"
|
sudo -u postgres psql -c "CREATE USER $DB_USER WITH password '"$DB_PWD"';"
|
||||||
sudo -u postgres psql -c "GRANT ALL privileges ON DATABASE $DB_NAME TO $DB_USER;"
|
sudo -u postgres psql -c "GRANT ALL privileges ON DATABASE $DB_NAME TO $DB_USER;"
|
||||||
}
|
}
|
||||||
|
|
||||||
create_db_tbl() {
|
create_db_tbl() {
|
||||||
case $DB_TYPE in
|
case $DB_TYPE in
|
||||||
"postgres")
|
"postgres")
|
||||||
create_postgresql_tbl
|
create_postgresql_tbl
|
||||||
;;
|
;;
|
||||||
"mariadb"|"mysql")
|
"mariadb"|"mysql")
|
||||||
create_mysql_tbl
|
create_mysql_tbl
|
||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
}
|
}
|
||||||
|
|
||||||
upgrade_db_tbl() {
|
upgrade_db_tbl() {
|
||||||
case $DB_TYPE in
|
case $DB_TYPE in
|
||||||
"postgres")
|
"postgres")
|
||||||
upgrade_postgresql_tbl
|
upgrade_postgresql_tbl
|
||||||
;;
|
;;
|
||||||
"mariadb"|"mysql")
|
"mariadb"|"mysql")
|
||||||
upgrade_mysql_tbl
|
upgrade_mysql_tbl
|
||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
}
|
}
|
||||||
|
|
||||||
upgrade_postgresql_tbl() {
|
upgrade_postgresql_tbl() {
|
||||||
if [ -n "$DB_PWD" ]; then
|
if [ -n "$DB_PWD" ]; then
|
||||||
export PGPASSWORD=$DB_PWD
|
export PGPASSWORD=$DB_PWD
|
||||||
fi
|
fi
|
||||||
|
|
||||||
PSQL="psql -q -h$DB_HOST -p$DB_PORT -d$DB_NAME -U$DB_USER -w"
|
PSQL="psql -q -h$DB_HOST -p$DB_PORT -d$DB_NAME -U$DB_USER -w"
|
||||||
|
|
||||||
$PSQL -f "$APP_DIR/server/schema/postgresql/removetbl.sql"
|
$PSQL -f "$APP_DIR/server/schema/postgresql/removetbl.sql"
|
||||||
$PSQL -f "$APP_DIR/server/schema/postgresql/createdb.sql"
|
$PSQL -f "$APP_DIR/server/schema/postgresql/createdb.sql"
|
||||||
}
|
}
|
||||||
|
|
||||||
upgrade_mysql_tbl() {
|
upgrade_mysql_tbl() {
|
||||||
CONNECTION_PARAMS="-h$DB_HOST -P$DB_PORT -u$DB_USER -p$DB_PWD -w"
|
CONNECTION_PARAMS="-h$DB_HOST -P$DB_PORT -u$DB_USER -p$DB_PWD -w"
|
||||||
MYSQL="mysql -q $CONNECTION_PARAMS"
|
MYSQL="mysql -q $CONNECTION_PARAMS"
|
||||||
|
|
||||||
$MYSQL $DB_NAME < "$APP_DIR/server/schema/mysql/removetbl.sql" >/dev/null 2>&1
|
$MYSQL $DB_NAME < "$APP_DIR/server/schema/mysql/removetbl.sql" >/dev/null 2>&1
|
||||||
$MYSQL $DB_NAME < "$APP_DIR/server/schema/mysql/createdb.sql" >/dev/null 2>&1
|
$MYSQL $DB_NAME < "$APP_DIR/server/schema/mysql/createdb.sql" >/dev/null 2>&1
|
||||||
}
|
}
|
||||||
|
|
||||||
create_postgresql_tbl() {
|
create_postgresql_tbl() {
|
||||||
if [ -n "$DB_PWD" ]; then
|
if [ -n "$DB_PWD" ]; then
|
||||||
export PGPASSWORD=$DB_PWD
|
export PGPASSWORD=$DB_PWD
|
||||||
fi
|
fi
|
||||||
|
|
||||||
PSQL="psql -q -h$DB_HOST -p$DB_PORT -d$DB_NAME -U$DB_USER -w"
|
PSQL="psql -q -h$DB_HOST -p$DB_PORT -d$DB_NAME -U$DB_USER -w"
|
||||||
$PSQL -f "$APP_DIR/server/schema/postgresql/createdb.sql"
|
$PSQL -f "$APP_DIR/server/schema/postgresql/createdb.sql"
|
||||||
}
|
}
|
||||||
|
|
||||||
create_mysql_tbl() {
|
create_mysql_tbl() {
|
||||||
CONNECTION_PARAMS="-h$DB_HOST -P$DB_PORT -u$DB_USER -p$DB_PWD -w"
|
CONNECTION_PARAMS="-h$DB_HOST -P$DB_PORT -u$DB_USER -p$DB_PWD -w"
|
||||||
MYSQL="mysql -q $CONNECTION_PARAMS"
|
MYSQL="mysql -q $CONNECTION_PARAMS"
|
||||||
|
|
||||||
# Create db on remote server
|
# Create db on remote server
|
||||||
$MYSQL -e "CREATE DATABASE IF NOT EXISTS $DB_NAME DEFAULT CHARACTER SET utf8 DEFAULT COLLATE utf8_general_ci;" >/dev/null 2>&1
|
$MYSQL -e "CREATE DATABASE IF NOT EXISTS $DB_NAME DEFAULT CHARACTER SET utf8 DEFAULT COLLATE utf8_general_ci;" >/dev/null 2>&1
|
||||||
|
|
||||||
$MYSQL $DB_NAME < "$APP_DIR/server/schema/mysql/createdb.sql" >/dev/null 2>&1
|
$MYSQL $DB_NAME < "$APP_DIR/server/schema/mysql/createdb.sql" >/dev/null 2>&1
|
||||||
}
|
}
|
||||||
|
|
||||||
update_welcome_page() {
|
update_welcome_page() {
|
||||||
WELCOME_PAGE="${APP_DIR}-example/welcome/docker.html"
|
WELCOME_PAGE="${APP_DIR}-example/welcome/docker.html"
|
||||||
if [[ -e $WELCOME_PAGE ]]; then
|
if [[ -e $WELCOME_PAGE ]]; then
|
||||||
DOCKER_CONTAINER_ID=$(basename $(cat /proc/1/cpuset))
|
DOCKER_CONTAINER_ID=$(basename $(cat /proc/1/cpuset))
|
||||||
if (( ${#DOCKER_CONTAINER_ID} >= 12 )); then
|
if (( ${#DOCKER_CONTAINER_ID} >= 12 )); then
|
||||||
if [[ -x $(command -v docker) ]]; then
|
if [[ -x $(command -v docker) ]]; then
|
||||||
DOCKER_CONTAINER_NAME=$(docker inspect --format="{{.Name}}" $DOCKER_CONTAINER_ID)
|
DOCKER_CONTAINER_NAME=$(docker inspect --format="{{.Name}}" $DOCKER_CONTAINER_ID)
|
||||||
sed 's/$(sudo docker ps -q)/'"${DOCKER_CONTAINER_NAME#/}"'/' -i $WELCOME_PAGE
|
sed 's/$(sudo docker ps -q)/'"${DOCKER_CONTAINER_NAME#/}"'/' -i $WELCOME_PAGE
|
||||||
else
|
else
|
||||||
sed 's/$(sudo docker ps -q)/'"${DOCKER_CONTAINER_ID::12}"'/' -i $WELCOME_PAGE
|
sed 's/$(sudo docker ps -q)/'"${DOCKER_CONTAINER_ID::12}"'/' -i $WELCOME_PAGE
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
update_nginx_settings(){
|
update_nginx_settings(){
|
||||||
# Set up nginx
|
# Set up nginx
|
||||||
sed 's/^worker_processes.*/'"worker_processes ${NGINX_WORKER_PROCESSES};"'/' -i ${NGINX_CONFIG_PATH}
|
sed 's/^worker_processes.*/'"worker_processes ${NGINX_WORKER_PROCESSES};"'/' -i ${NGINX_CONFIG_PATH}
|
||||||
sed 's/worker_connections.*/'"worker_connections ${NGINX_WORKER_CONNECTIONS};"'/' -i ${NGINX_CONFIG_PATH}
|
sed 's/worker_connections.*/'"worker_connections ${NGINX_WORKER_CONNECTIONS};"'/' -i ${NGINX_CONFIG_PATH}
|
||||||
sed 's/access_log.*/'"access_log off;"'/' -i ${NGINX_CONFIG_PATH}
|
sed 's/access_log.*/'"access_log off;"'/' -i ${NGINX_CONFIG_PATH}
|
||||||
|
|
||||||
# setup HTTPS
|
# setup HTTPS
|
||||||
if [ -f "${SSL_CERTIFICATE_PATH}" -a -f "${SSL_KEY_PATH}" ]; then
|
if [ -f "${SSL_CERTIFICATE_PATH}" -a -f "${SSL_KEY_PATH}" ]; then
|
||||||
cp -f ${NGINX_ONLYOFFICE_PATH}/ds-ssl.conf.tmpl ${NGINX_ONLYOFFICE_CONF}
|
cp -f ${NGINX_ONLYOFFICE_PATH}/ds-ssl.conf.tmpl ${NGINX_ONLYOFFICE_CONF}
|
||||||
|
|
||||||
# configure nginx
|
# configure nginx
|
||||||
sed 's,{{SSL_CERTIFICATE_PATH}},'"${SSL_CERTIFICATE_PATH}"',' -i ${NGINX_ONLYOFFICE_CONF}
|
sed 's,{{SSL_CERTIFICATE_PATH}},'"${SSL_CERTIFICATE_PATH}"',' -i ${NGINX_ONLYOFFICE_CONF}
|
||||||
sed 's,{{SSL_KEY_PATH}},'"${SSL_KEY_PATH}"',' -i ${NGINX_ONLYOFFICE_CONF}
|
sed 's,{{SSL_KEY_PATH}},'"${SSL_KEY_PATH}"',' -i ${NGINX_ONLYOFFICE_CONF}
|
||||||
|
|
||||||
# turn on http2
|
# turn on http2
|
||||||
sed 's,\(443 ssl\),\1 http2,' -i ${NGINX_ONLYOFFICE_CONF}
|
sed 's,\(443 ssl\),\1 http2,' -i ${NGINX_ONLYOFFICE_CONF}
|
||||||
|
|
||||||
# if dhparam path is valid, add to the config, otherwise remove the option
|
# if dhparam path is valid, add to the config, otherwise remove the option
|
||||||
if [ -r "${SSL_DHPARAM_PATH}" ]; then
|
if [ -r "${SSL_DHPARAM_PATH}" ]; then
|
||||||
sed 's,\(\#* *\)\?\(ssl_dhparam \).*\(;\)$,'"\2${SSL_DHPARAM_PATH}\3"',' -i ${NGINX_ONLYOFFICE_CONF}
|
sed 's,\(\#* *\)\?\(ssl_dhparam \).*\(;\)$,'"\2${SSL_DHPARAM_PATH}\3"',' -i ${NGINX_ONLYOFFICE_CONF}
|
||||||
else
|
else
|
||||||
sed '/ssl_dhparam/d' -i ${NGINX_ONLYOFFICE_CONF}
|
sed '/ssl_dhparam/d' -i ${NGINX_ONLYOFFICE_CONF}
|
||||||
fi
|
fi
|
||||||
|
|
||||||
sed 's,\(ssl_verify_client \).*\(;\)$,'"\1${SSL_VERIFY_CLIENT}\2"',' -i ${NGINX_ONLYOFFICE_CONF}
|
sed 's,\(ssl_verify_client \).*\(;\)$,'"\1${SSL_VERIFY_CLIENT}\2"',' -i ${NGINX_ONLYOFFICE_CONF}
|
||||||
|
|
||||||
if [ -f "${CA_CERTIFICATES_PATH}" ]; then
|
if [ -f "${CA_CERTIFICATES_PATH}" ]; then
|
||||||
sed '/ssl_verify_client/a '"ssl_client_certificate ${CA_CERTIFICATES_PATH}"';' -i ${NGINX_ONLYOFFICE_CONF}
|
sed '/ssl_verify_client/a '"ssl_client_certificate ${CA_CERTIFICATES_PATH}"';' -i ${NGINX_ONLYOFFICE_CONF}
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ "${ONLYOFFICE_HTTPS_HSTS_ENABLED}" == "true" ]; then
|
if [ "${ONLYOFFICE_HTTPS_HSTS_ENABLED}" == "true" ]; then
|
||||||
sed 's,\(max-age=\).*\(;\)$,'"\1${ONLYOFFICE_HTTPS_HSTS_MAXAGE}\2"',' -i ${NGINX_ONLYOFFICE_CONF}
|
sed 's,\(max-age=\).*\(;\)$,'"\1${ONLYOFFICE_HTTPS_HSTS_MAXAGE}\2"',' -i ${NGINX_ONLYOFFICE_CONF}
|
||||||
else
|
else
|
||||||
sed '/max-age=/d' -i ${NGINX_ONLYOFFICE_CONF}
|
sed '/max-age=/d' -i ${NGINX_ONLYOFFICE_CONF}
|
||||||
fi
|
fi
|
||||||
else
|
else
|
||||||
ln -sf ${NGINX_ONLYOFFICE_PATH}/ds.conf.tmpl ${NGINX_ONLYOFFICE_CONF}
|
ln -sf ${NGINX_ONLYOFFICE_PATH}/ds.conf.tmpl ${NGINX_ONLYOFFICE_CONF}
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# check if ipv6 supported otherwise remove it from nginx config
|
# check if ipv6 supported otherwise remove it from nginx config
|
||||||
if [ ! -f /proc/net/if_inet6 ]; then
|
if [ ! -f /proc/net/if_inet6 ]; then
|
||||||
sed '/listen\s\+\[::[0-9]*\].\+/d' -i $NGINX_ONLYOFFICE_CONF
|
sed '/listen\s\+\[::[0-9]*\].\+/d' -i $NGINX_ONLYOFFICE_CONF
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ -f "${NGINX_ONLYOFFICE_EXAMPLE_CONF}" ]; then
|
if [ -f "${NGINX_ONLYOFFICE_EXAMPLE_CONF}" ]; then
|
||||||
sed 's/linux/docker/' -i ${NGINX_ONLYOFFICE_EXAMPLE_CONF}
|
sed 's/linux/docker/' -i ${NGINX_ONLYOFFICE_EXAMPLE_CONF}
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
update_supervisor_settings(){
|
update_supervisor_settings(){
|
||||||
# Copy modified supervisor start script
|
# Copy modified supervisor start script
|
||||||
cp ${SYSCONF_TEMPLATES_DIR}/supervisor/supervisor /etc/init.d/
|
cp ${SYSCONF_TEMPLATES_DIR}/supervisor/supervisor /etc/init.d/
|
||||||
# Copy modified supervisor config
|
# Copy modified supervisor config
|
||||||
cp ${SYSCONF_TEMPLATES_DIR}/supervisor/supervisord.conf /etc/supervisor/supervisord.conf
|
cp ${SYSCONF_TEMPLATES_DIR}/supervisor/supervisord.conf /etc/supervisor/supervisord.conf
|
||||||
}
|
}
|
||||||
|
|
||||||
update_log_settings(){
|
update_log_settings(){
|
||||||
${JSON_LOG} -I -e "this.categories.default.level = '${DS_LOG_LEVEL}'"
|
${JSON_LOG} -I -e "this.categories.default.level = '${DS_LOG_LEVEL}'"
|
||||||
}
|
}
|
||||||
|
|
||||||
update_logrotate_settings(){
|
update_logrotate_settings(){
|
||||||
sed 's|\(^su\b\).*|\1 root root|' -i /etc/logrotate.conf
|
sed 's|\(^su\b\).*|\1 root root|' -i /etc/logrotate.conf
|
||||||
}
|
}
|
||||||
|
|
||||||
update_release_date(){
|
update_release_date(){
|
||||||
mkdir -p ${PRIVATE_DATA_DIR}
|
mkdir -p ${PRIVATE_DATA_DIR}
|
||||||
echo ${RELEASE_DATE} > ${DS_RELEASE_DATE}
|
echo ${RELEASE_DATE} > ${DS_RELEASE_DATE}
|
||||||
}
|
}
|
||||||
|
|
||||||
# create base folders
|
# create base folders
|
||||||
for i in converter docservice metrics; do
|
for i in converter docservice metrics; do
|
||||||
mkdir -p "${DS_LOG_DIR}/$i"
|
mkdir -p "${DS_LOG_DIR}/$i"
|
||||||
done
|
done
|
||||||
|
|
||||||
mkdir -p ${DS_LOG_DIR}-example
|
mkdir -p ${DS_LOG_DIR}-example
|
||||||
|
|
||||||
# create app folders
|
# create app folders
|
||||||
for i in ${DS_LIB_DIR}/App_Data/cache/files ${DS_LIB_DIR}/App_Data/docbuilder ${DS_LIB_DIR}-example/files; do
|
for i in ${DS_LIB_DIR}/App_Data/cache/files ${DS_LIB_DIR}/App_Data/docbuilder ${DS_LIB_DIR}-example/files; do
|
||||||
mkdir -p "$i"
|
mkdir -p "$i"
|
||||||
done
|
done
|
||||||
|
|
||||||
# change folder rights
|
# change folder rights
|
||||||
for i in ${LOG_DIR} ${LIB_DIR} ${DATA_DIR}; do
|
for i in ${LOG_DIR} ${LIB_DIR} ${DATA_DIR}; do
|
||||||
chown -R ds:ds "$i"
|
chown -R ds:ds "$i"
|
||||||
chmod -R 755 "$i"
|
chmod -R 755 "$i"
|
||||||
done
|
done
|
||||||
|
|
||||||
if [ ${ONLYOFFICE_DATA_CONTAINER_HOST} = "localhost" ]; then
|
if [ ${ONLYOFFICE_DATA_CONTAINER_HOST} = "localhost" ]; then
|
||||||
|
|
||||||
read_setting
|
read_setting
|
||||||
|
|
||||||
if [ $METRICS_ENABLED = "true" ]; then
|
if [ $METRICS_ENABLED = "true" ]; then
|
||||||
update_statsd_settings
|
update_statsd_settings
|
||||||
fi
|
fi
|
||||||
|
|
||||||
update_welcome_page
|
update_welcome_page
|
||||||
|
|
||||||
update_log_settings
|
update_log_settings
|
||||||
|
|
||||||
update_ds_settings
|
update_ds_settings
|
||||||
|
|
||||||
# update settings by env variables
|
# update settings by env variables
|
||||||
if [ $DB_HOST != "localhost" ]; then
|
if [ $DB_HOST != "localhost" ]; then
|
||||||
update_db_settings
|
update_db_settings
|
||||||
waiting_for_db
|
waiting_for_db
|
||||||
create_db_tbl
|
create_db_tbl
|
||||||
else
|
|
||||||
# change rights for postgres directory
|
|
||||||
chown -R postgres:postgres ${PG_ROOT}
|
|
||||||
chmod -R 700 ${PG_ROOT}
|
|
||||||
|
|
||||||
# create new db if it isn't exist
|
|
||||||
if [ ! -d ${PGDATA} ]; then
|
|
||||||
create_postgresql_cluster
|
|
||||||
PG_NEW_CLUSTER=true
|
|
||||||
fi
|
|
||||||
LOCAL_SERVICES+=("postgresql")
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [ ${AMQP_SERVER_HOST} != "localhost" ]; then
|
|
||||||
update_rabbitmq_setting
|
|
||||||
else
|
|
||||||
# change rights for rabbitmq directory
|
|
||||||
chown -R rabbitmq:rabbitmq ${RABBITMQ_DATA}
|
|
||||||
chmod -R go=rX,u=rwX ${RABBITMQ_DATA}
|
|
||||||
if [ -f ${RABBITMQ_DATA}/.erlang.cookie ]; then
|
|
||||||
chmod 400 ${RABBITMQ_DATA}/.erlang.cookie
|
|
||||||
fi
|
|
||||||
|
|
||||||
LOCAL_SERVICES+=("rabbitmq-server")
|
|
||||||
# allow Rabbitmq startup after container kill
|
|
||||||
rm -rf /var/run/rabbitmq
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [ ${REDIS_ENABLED} = "true" ]; then
|
|
||||||
if [ ${REDIS_SERVER_HOST} != "localhost" ]; then
|
|
||||||
update_redis_settings
|
|
||||||
else
|
|
||||||
# change rights for redis directory
|
|
||||||
chown -R redis:redis ${REDIS_DATA}
|
|
||||||
chmod -R 750 ${REDIS_DATA}
|
|
||||||
|
|
||||||
LOCAL_SERVICES+=("redis-server")
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
else
|
else
|
||||||
# no need to update settings just wait for remote data
|
# change rights for postgres directory
|
||||||
waiting_for_datacontainer
|
chown -R postgres:postgres ${PG_ROOT}
|
||||||
|
chmod -R 700 ${PG_ROOT}
|
||||||
|
|
||||||
# read settings after the data container in ready state
|
# create new db if it isn't exist
|
||||||
# to prevent get unconfigureted data
|
if [ ! -d ${PGDATA} ]; then
|
||||||
read_setting
|
create_postgresql_cluster
|
||||||
|
PG_NEW_CLUSTER=true
|
||||||
|
fi
|
||||||
|
LOCAL_SERVICES+=("postgresql")
|
||||||
|
fi
|
||||||
|
|
||||||
update_welcome_page
|
if [ ${AMQP_SERVER_HOST} != "localhost" ]; then
|
||||||
|
update_rabbitmq_setting
|
||||||
|
else
|
||||||
|
# change rights for rabbitmq directory
|
||||||
|
chown -R rabbitmq:rabbitmq ${RABBITMQ_DATA}
|
||||||
|
chmod -R go=rX,u=rwX ${RABBITMQ_DATA}
|
||||||
|
if [ -f ${RABBITMQ_DATA}/.erlang.cookie ]; then
|
||||||
|
chmod 400 ${RABBITMQ_DATA}/.erlang.cookie
|
||||||
|
fi
|
||||||
|
|
||||||
|
LOCAL_SERVICES+=("rabbitmq-server")
|
||||||
|
# allow Rabbitmq startup after container kill
|
||||||
|
rm -rf /var/run/rabbitmq
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ ${REDIS_ENABLED} = "true" ]; then
|
||||||
|
if [ ${REDIS_SERVER_HOST} != "localhost" ]; then
|
||||||
|
update_redis_settings
|
||||||
|
else
|
||||||
|
# change rights for redis directory
|
||||||
|
chown -R redis:redis ${REDIS_DATA}
|
||||||
|
chmod -R 750 ${REDIS_DATA}
|
||||||
|
|
||||||
|
LOCAL_SERVICES+=("redis-server")
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
# no need to update settings just wait for remote data
|
||||||
|
waiting_for_datacontainer
|
||||||
|
|
||||||
|
# read settings after the data container in ready state
|
||||||
|
# to prevent get unconfigureted data
|
||||||
|
read_setting
|
||||||
|
|
||||||
|
update_welcome_page
|
||||||
fi
|
fi
|
||||||
|
|
||||||
#start needed local services
|
#start needed local services
|
||||||
for i in ${LOCAL_SERVICES[@]}; do
|
for i in ${LOCAL_SERVICES[@]}; do
|
||||||
service $i start
|
service $i start
|
||||||
done
|
done
|
||||||
|
|
||||||
if [ ${PG_NEW_CLUSTER} = "true" ]; then
|
if [ ${PG_NEW_CLUSTER} = "true" ]; then
|
||||||
create_postgresql_db
|
create_postgresql_db
|
||||||
create_postgresql_tbl
|
create_postgresql_tbl
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ ${ONLYOFFICE_DATA_CONTAINER} != "true" ]; then
|
if [ ${ONLYOFFICE_DATA_CONTAINER} != "true" ]; then
|
||||||
waiting_for_db
|
waiting_for_db
|
||||||
waiting_for_amqp
|
waiting_for_amqp
|
||||||
if [ ${REDIS_ENABLED} = "true" ]; then
|
if [ ${REDIS_ENABLED} = "true" ]; then
|
||||||
waiting_for_redis
|
waiting_for_redis
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ "${IS_UPGRADE}" = "true" ]; then
|
if [ "${IS_UPGRADE}" = "true" ]; then
|
||||||
upgrade_db_tbl
|
upgrade_db_tbl
|
||||||
update_release_date
|
update_release_date
|
||||||
fi
|
fi
|
||||||
|
|
||||||
update_nginx_settings
|
update_nginx_settings
|
||||||
|
|
||||||
update_supervisor_settings
|
update_supervisor_settings
|
||||||
service supervisor start
|
service supervisor start
|
||||||
|
|
||||||
# start cron to enable log rotating
|
# start cron to enable log rotating
|
||||||
update_logrotate_settings
|
update_logrotate_settings
|
||||||
service cron start
|
service cron start
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# nginx used as a proxy, and as data container status service.
|
# nginx used as a proxy, and as data container status service.
|
||||||
|
@ -614,14 +635,14 @@ fi
|
||||||
service nginx start
|
service nginx start
|
||||||
|
|
||||||
if [ "${LETS_ENCRYPT_DOMAIN}" != "" -a "${LETS_ENCRYPT_MAIL}" != "" ]; then
|
if [ "${LETS_ENCRYPT_DOMAIN}" != "" -a "${LETS_ENCRYPT_MAIL}" != "" ]; then
|
||||||
if [ ! -f "${SSL_CERTIFICATE_PATH}" -a ! -f "${SSL_KEY_PATH}" ]; then
|
if [ ! -f "${SSL_CERTIFICATE_PATH}" -a ! -f "${SSL_KEY_PATH}" ]; then
|
||||||
documentserver-letsencrypt.sh ${LETS_ENCRYPT_MAIL} ${LETS_ENCRYPT_DOMAIN}
|
documentserver-letsencrypt.sh ${LETS_ENCRYPT_MAIL} ${LETS_ENCRYPT_DOMAIN}
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Regenerate the fonts list and the fonts thumbnails
|
# Regenerate the fonts list and the fonts thumbnails
|
||||||
if [ "${GENERATE_FONTS}" == "true" ]; then
|
if [ "${GENERATE_FONTS}" == "true" ]; then
|
||||||
documentserver-generate-allfonts.sh ${ONLYOFFICE_DATA_CONTAINER}
|
documentserver-generate-allfonts.sh ${ONLYOFFICE_DATA_CONTAINER}
|
||||||
fi
|
fi
|
||||||
documentserver-static-gzip.sh ${ONLYOFFICE_DATA_CONTAINER}
|
documentserver-static-gzip.sh ${ONLYOFFICE_DATA_CONTAINER}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue