Update build

.github/workflows/4testing-build.yml

@@ -1,104 +0,0 @@
-### This workflow setup instance then build and push images ###
-name: 4testing multiarch-build
-
-on:
-  push:
-    tags:
-      - "v*"
-      - "!v*-stable"
-
-env: 
-  COMPANY_NAME: "onlyoffice"
-  PRODUCT_NAME: "documentserver"
-      
-jobs:
-  build:
-    name: "Build image: DocumentServer${{ matrix.edition }}"
-    runs-on: ubuntu-latest
-    strategy:
-      fail-fast: false
-      matrix:
-        images: ["documentserver"]
-        edition: ["", "-ee", "-de"]
-    steps:
-      - name: Checkout code 
-        uses: actions/checkout@v3
-
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v2
-
-      - name: Set up Docker Buildx
-        id: buildx
-        uses: docker/setup-buildx-action@v2
-     
-      - name: Login to Docker Hub
-        uses: docker/login-action@v2
-        with:
-          username: ${{ secrets.DOCKER_HUB_USERNAME }}
-          password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
-
-      - name: Get Tag Name
-        run: |
-          echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV
-
-      - name: Build 4testing
-        run: |
-          ### ==>> At this step build variable declaration ###
-          DOCKER_TAG=$( echo ${{ env.RELEASE_VERSION }} | sed 's/^.//' )
-          PACKAGE_VERSION=$( echo $DOCKER_TAG | sed -E 's/(.*)\./\1-/' )
-          NODE_PLATFORMS=$( echo ${{ steps.buildx.outputs.platforms }} | sed 's/linux\///g' | sed 's/,/ /g' )
-          EXPECTED_PLATFORMS="linux/amd64,linux/arm64"
-          echo "Start check avalivable build platforms >>"
-
-          ### ==>> In this loop we will check all avalivable documentserver architectures. After that all accessed arch will be added to build-platforms list. ###
-          for ARCH in ${NODE_PLATFORMS}; do
-            REPO_URL=${{ secrets.REPO_URL }} 
-            if [[ ${{ env.RELEASE_VERSION }} == v99.* ]]; then
-              REPO_URL=${{ secrets.UNSTABLE_REPO_URL }}
-              DEVELOP_BUILD=true
-            fi
-            PACKAGE_URL_CHECK=${REPO_URL}${{ matrix.edition }}_"$PACKAGE_VERSION"_${ARCH}.deb
-            STATUS=$(curl -s -o /dev/null -w "%{http_code}\n" "${PACKAGE_URL_CHECK}")
-            if [[ "$STATUS" = "200" ]]; then
-              echo "✔  ${ARCH} is avalivable >> set like one of build platforms"
-              PLATFORMS+=(linux/${ARCH},)
-              BUILD_PLATFORMS=$( echo ${PLATFORMS[@]} | sed 's/ //g' | sed 's/\(.*\),/\1/' )
-            else
-              echo "Х ${ARCH} in not avalivable"
-            fi
-          done
-          PACKAGE_URL_BUILD=$( echo ${PACKAGE_URL_CHECK} | sed -e "s/${PACKAGE_VERSION}_.*.deb/${PACKAGE_VERSION}_TARGETARCH.deb/g" )
-
-          ### ==>> At this step if there is no access to any platform and platform list is empty, build will exit with 1. ###  
-          if [[ -z ${BUILD_PLATFORMS} ]]; then
-            echo "Have no access to any platform >> exit with 1"
-            exit 1
-          fi
-          echo "DONE: Check passed >> Build for platforms: ${BUILD_PLATFORMS}"
-          echo "Build is starting ... >>"
-
-          ### == >> Set exit code for action
-          if [ ${BUILD_PLATFORMS} == ${EXPECTED_PLATFORMS} ]; then
-            EXIT_CODE=0
-            echo "OK: Build platforms is expected"
-          else
-            EXIT_CODE=1
-            echo "WARNING: Build platforms is unexpected action is gonna be marked as Failed" 
-          fi
-
-          ### ==>> Build and push images at this step ### 
-          PRODUCT_EDITION=${{ matrix.edition }} \
-          PACKAGE_URL=$PACKAGE_URL_BUILD \
-          PRODUCT_NAME=${{ env.PRODUCT_NAME }} \
-          DOCKERFILE=Dockerfile \
-          PREFIX_NAME=4testing- \
-          TAG=$DOCKER_TAG \
-          PLATFORM=$BUILD_PLATFORMS \
-          COMPANY_NAME=${{ env.COMPANY_NAME }} \
-          DEVELOP_BUILD=$DEVELOP_BUILD \
-            docker buildx bake \
-            -f docker-bake.hcl ${{ matrix.images }} \
-            --push
-          echo "DONE: Build success >> exit with ${EXIT_CODE}"
-          exit ${EXIT_CODE}
-        shell: bash

.github/workflows/stable-build.yml

@@ -1,109 +0,0 @@
-### This workflow setup instance then build and push images ###
-name: Multi-arch build stable
-
-on:
-  push:
-    tags:
-      - "v*-stable"
-
-env:
-  COMPANY_NAME: "onlyoffice"
-  PRODUCT_NAME: "documentserver" 
-
-jobs:
-  build:
-    name: "Release image: DocumentServer${{ matrix.edition }}"
-    runs-on: ubuntu-latest
-    strategy:
-      fail-fast: false
-      matrix:
-        images: ["documentserver-stable"]
-        edition: ["", "-ee", "-de"]
-    steps:
-      - name: Checkout code 
-        uses: actions/checkout@v3
-
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v2
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
-     
-      - name: Login to Docker Hub
-        uses: docker/login-action@v2
-        with:
-          username: ${{ secrets.DOCKER_HUB_USERNAME }}
-          password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
-
-      - name: Get Tag Name
-        id: tag_name
-        run: |
-          echo ::set-output name=SOURCE_TAG::${GITHUB_REF#refs/tags/}
-
-      - name: Build documentserver-release
-        run: |
-          TAG=$(echo ${{ steps.tag_name.outputs.SOURCE_TAG }} | sed 's/^.//; s/-stable//')
-          SHORTER_TAG=$(echo ${TAG} | grep -o -P '^[\d]+\.[\d]+\.[\d]+')
-          SHORTEST_TAG=$(echo ${TAG} | grep -o -P '^[\d]+\.[\d]+')
-          IMAGE_STATUS=$(docker manifest inspect ${{ env.COMPANY_NAME }}/4testing-${{ env.PRODUCT_NAME }}${{ matrix.edition }}:$TAG > /dev/null ; echo $?)
-             if [[ "$IMAGE_STATUS" = "0" ]]; then
-                echo "Image present on docker.hub >> start build stable version"
-                PRODUCT_EDITION=${{ matrix.edition }} \
-                PRODUCT_NAME=${{ env.PRODUCT_NAME }} \
-                COMPANY_NAME=${{ env.COMPANY_NAME}} \
-                   TAG=$TAG \
-                   SHORTER_TAG=$SHORTER_TAG \
-                   SHORTEST_TAG=$SHORTEST_TAG \
-                   docker buildx bake \
-                   -f docker-bake.hcl ${{ matrix.images }} \
-                   --push 
-                echo "DONE: Build success >> exit with 0"
-                exit 0
-             else
-                echo "FAILED: Image with tag $TAG do not presented on docker.hub >> build will not started >> exit with 1"
-                exit 1
-             fi
-        shell: bash
-
-  build-nonExample:
-    name: "Release image: DocumentServer${{ matrix.edition }}-nonExample"
-    runs-on: ubuntu-latest
-    needs: [build]
-    if: always()
-    strategy:
-      fail-fast: false
-      matrix:
-        images: ["documentserver-nonexample"]
-        edition: ["", "-ee", "-de"]
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v3
-
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v2
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
-
-      - name: Login to Docker Hub
-        uses: docker/login-action@v2
-        with:
-          username: ${{ secrets.DOCKER_HUB_USERNAME }}
-          password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
-
-      - name: Get Tag Name
-        id: tag_name
-        run: |
-          echo ::set-output name=SOURCE_TAG::${GITHUB_REF#refs/tags/}
-
-      - name: build image
-        run: |
-           TAG=$(echo ${{ steps.tag_name.outputs.SOURCE_TAG }} | sed 's/^.//; s/-stable//')
-           PRODUCT_EDITION=${{ matrix.edition }} \
-           PRODUCT_NAME=${{ env.PRODUCT_NAME }} \
-           COMPANY_NAME=${{ env.COMPANY_NAME }} \
-           TAG=$TAG \
-           docker buildx bake \
-           -f docker-bake.hcl ${{ matrix.images }} \
-           --push
-        shell: bash

Dockerfile

@@ -1,16 +1,14 @@
-FROM ubuntu:22.04 as documentserver
+FROM ubuntu:20.04
 LABEL maintainer Ascensio System SIA <support@onlyoffice.com>
 
-ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 DEBIAN_FRONTEND=noninteractive PG_VERSION=14
+ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 DEBIAN_FRONTEND=noninteractive PG_VERSION=12
 
 ARG ONLYOFFICE_VALUE=onlyoffice
 
 RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \
     apt-get -y update && \
     apt-get -yq install wget apt-transport-https gnupg locales && \
-    mkdir -p $HOME/.gnupg && \
-    gpg --no-default-keyring --keyring gnupg-ring:/etc/apt/trusted.gpg.d/onlyoffice.gpg --keyserver keyserver.ubuntu.com --recv-keys 0x8320ca65cb2de8e5 && \
-    chmod 644 /etc/apt/trusted.gpg.d/onlyoffice.gpg && \
+    apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 0x8320ca65cb2de8e5 && \
     locale-gen en_US.UTF-8 && \
     echo ttf-mscorefonts-installer msttcorefonts/accepted-mscorefonts-eula select true | debconf-set-selections && \
     apt-get -yq install \
@@ -71,18 +69,14 @@ COPY run-document-server.sh /app/ds/run-document-server.sh
 
 EXPOSE 80 443
 
-ARG TARGETARCH
-ARG PRODUCT_EDITION=
 ARG COMPANY_NAME=onlyoffice
 ARG PRODUCT_NAME=documentserver
-ARG PACKAGE_URL="http://download.onlyoffice.com/install/documentserver/linux/${COMPANY_NAME}-${PRODUCT_NAME}${PRODUCT_EDITION}_$TARGETARCH.deb"
+ARG PACKAGE_URL="http://download.onlyoffice.com/install/documentserver/linux/${COMPANY_NAME}-${PRODUCT_NAME}_amd64.deb"
 
 ENV COMPANY_NAME=$COMPANY_NAME \
-    PRODUCT_NAME=$PRODUCT_NAME \
-    PRODUCT_EDITION=$PRODUCT_EDITION
+    PRODUCT_NAME=$PRODUCT_NAME
 
-RUN PACKAGE_URL=$( echo ${PACKAGE_URL} | sed "s/TARGETARCH/"${TARGETARCH}"/g") && \
-    wget -q -P /tmp "$PACKAGE_URL" && \
+RUN wget -q -P /tmp "$PACKAGE_URL" && \
     apt-get -y update && \
     service postgresql start && \
     apt-get -yq install /tmp/$(basename "$PACKAGE_URL") && \

Dockerfile.cl

@@ -0,0 +1,4 @@
+FROM onlyoffice/documentserver-ee:latest
+
+RUN sed -i '/trap clean_exit SIGTERM/s/^/#/' /app/ds/run-document-server.sh
+

Dockerfile.production

@@ -1,24 +0,0 @@
-### Arguments avavlivable only for FROM instruction ### 
-ARG TAG=latest
-ARG COMPANY_NAME=onlyoffice
-ARG PRODUCT_EDITION=
-
-### Build main-release ###
-
-FROM ${COMPANY_NAME}/4testing-documentserver${PRODUCT_EDITION}:${TAG} as documentserver-stable
-
-### Build nonexample ###
- 
-FROM ${COMPANY_NAME}/documentserver${PRODUCT_EDITION}:${TAG} as documentserver-nonexample
-
-ARG COMPANY_NAME=onlyoffice
-ARG PRODUCT_NAME=documentserver
-ARG DS_SUPERVISOR_CONF=/etc/supervisor/conf.d/ds.conf
-
-### Remove all documentserver-example data ###
-
-RUN    rm -rf /var/www/$COMPANY_NAME/$PRODUCT_NAME-example \
-    && rm -rf /etc/$COMPANY_NAME/$PRODUCT_NAME-example \
-    && rm -f $DS_SUPERVISOR_CONF \ 
-    && rm -f /etc/nginx/includes/ds-example.conf \
-    && ln -s /etc/$COMPANY_NAME/$PRODUCT_NAME/supervisor/ds.conf  $DS_SUPERVISOR_CONF 

Makefile

@@ -15,54 +15,60 @@ PACKAGE_NAME := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME_LOW)
 PACKAGE_VERSION := $(PRODUCT_VERSION)-$(BUILD_NUMBER)
 PACKAGE_URL := http://$(S3_BUCKET).s3.amazonaws.com/$(COMPANY_NAME_LOW)/$(RELEASE_BRANCH)/ubuntu/$(PACKAGE_NAME)_$(PACKAGE_VERSION)_amd64.deb
 
-ifeq ($(RELEASE_BRANCH),$(filter $(RELEASE_BRANCH),unstable testing))
-	DOCKER_TAG := $(subst -,.,$(PACKAGE_VERSION))
+UPDATE_LATEST := false
+
+ifneq (,$(findstring develop,$(GIT_BRANCH)))
+DOCKER_TAG += $(subst -,.,$(PACKAGE_VERSION))
+DOCKER_TAGS += latest
+else ifneq (,$(findstring release,$(GIT_BRANCH)))
+DOCKER_TAG += $(subst -,.,$(PACKAGE_VERSION))
+else ifneq (,$(findstring hotfix,$(GIT_BRANCH)))
+DOCKER_TAG += $(subst -,.,$(PACKAGE_VERSION))
 else
-	DOCKER_TAG := $(subst -,.,$(PACKAGE_VERSION))-$(subst /,-,$(GIT_BRANCH))
+DOCKER_TAG += $(subst -,.,$(PACKAGE_VERSION))-$(subst /,-,$(GIT_BRANCH))
 endif
 
-DOCKER_IMAGE := $(subst -,,$(COMPANY_NAME_LOW))/4testing-$(PRODUCT_NAME_LOW)
-DOCKER_DUMMY := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME_LOW)__$(DOCKER_TAG).dummy
+DOCKER_TAGS += $(DOCKER_TAG)
+
+DOCKER_REPO = $(COMPANY_NAME_LOW_ESCAPED)/4testing-$(PRODUCT_NAME_LOW)
+
+COLON := __colon__
+DOCKER_TARGETS := $(foreach TAG,$(DOCKER_TAGS),$(DOCKER_REPO)$(COLON)$(TAG))
+
 DOCKER_ARCH := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME_LOW)_$(PACKAGE_VERSION).tar.gz
+
 DOCKER_ARCH_URI := $(COMPANY_NAME_LOW)/$(RELEASE_BRANCH)/docker/$(notdir $(DOCKER_ARCH))
 
-.PHONY: all clean clean-docker image deploy docker publish
+.PHONY: all clean clean-docker deploy docker publish
 
-$(DOCKER_DUMMY):
+$(DOCKER_TARGETS): $(DEB_REPO_DATA)
 	docker pull ubuntu:20.04
 	docker build \
 		--build-arg PACKAGE_URL=$(PACKAGE_URL) \
 		--build-arg COMPANY_NAME=$(COMPANY_NAME_LOW) \
 		--build-arg PRODUCT_NAME=$(PRODUCT_NAME_LOW) \
 		--build-arg ONLYOFFICE_VALUE=$(ONLYOFFICE_VALUE) \
-		-t $(DOCKER_IMAGE):$(DOCKER_TAG) . && \
-	mkdir -p $$(dirname $@) && \
+		-t $(subst $(COLON),:,$@) . &&\
+	mkdir -p $$(dirname $@) &&\
 	echo "Done" > $@
 
-$(DOCKER_ARCH): $(DOCKER_DUMMY)
-	docker save $(DOCKER_IMAGE):$(DOCKER_TAG) | \
+$(DOCKER_ARCH): $(DOCKER_TARGETS)
+	docker save $(DOCKER_REPO):$(DOCKER_TAG) | \
 		gzip > $@
 
-all: image
+all: $(DOCKER_TARGETS)
 
 clean:
-	rm -rfv *.dummy *.tar.gz
+	rm -rfv $(DOCKER_TARGETS) $(DOCKER_ARCH)
 		
 clean-docker:
 	docker rmi -f $$(docker images -q $(COMPANY_NAME_LOW)/*) || exit 0
 
-image: $(DOCKER_DUMMY)
-
-deploy: $(DOCKER_DUMMY)
-	for i in {1..3}; do \
-		docker push $(DOCKER_IMAGE):$(DOCKER_TAG) && break || sleep 1m; \
-	done
-ifeq ($(RELEASE_BRANCH),unstable)
-	docker tag $(DOCKER_IMAGE):$(DOCKER_TAG) $(DOCKER_IMAGE):latest
-	for i in {1..3}; do \
-		docker push $(DOCKER_IMAGE):latest && break || sleep 1m; \
-	done
-endif
+deploy: $(DOCKER_TARGETS)
+	$(foreach TARGET,$(DOCKER_TARGETS), \
+		for i in {1..3}; do \
+			docker push $(subst $(COLON),:,$(TARGET)) && break || sleep 1m; \
+		done;)
 
 publish: $(DOCKER_ARCH)
 	aws s3 cp --no-progress --acl public-read \

README.md

@@ -185,10 +185,8 @@ Below is the complete list of parameters that can be set using environment varia
 - **AMQP_TYPE**: The message broker type. Supported values are `rabbitmq` or `activemq`. Defaults to `rabbitmq`.
 - **REDIS_SERVER_HOST**: The IP address or the name of the host where the Redis server is running.
 - **REDIS_SERVER_PORT**:  The Redis server port number.
-- **REDIS_SERVER_PASS**: The Redis server password. The password is not set by default.
 - **NGINX_WORKER_PROCESSES**: Defines the number of nginx worker processes.
 - **NGINX_WORKER_CONNECTIONS**: Sets the maximum number of simultaneous connections that can be opened by a nginx worker process.
-- **SECURE_LINK_SECRET**: Defines secret for the nginx config directive [secure_link_md5](http://nginx.org/ru/docs/http/ngx_http_secure_link_module.html#secure_link_md5). Defaults to `random string`.
 - **JWT_ENABLED**: Specifies the enabling the JSON Web Token validation by the ONLYOFFICE Document Server. Defaults to `false`.
 - **JWT_SECRET**: Defines the secret key to validate the JSON Web Token in the request to the ONLYOFFICE Document Server. Defaults to `secret`.
 - **JWT_HEADER**: Defines the http header that will be used to send the JSON Web Token. Defaults to `Authorization`.
@@ -247,7 +245,7 @@ sudo docker run --init --net onlyoffice --privileged -i -t -d --restart=always -
  onlyoffice/mailserver
 ```
 
-The additional parameters for mail server are available [here](https://github.com/ONLYOFFICE/Docker-CommunityServer/blob/master/docker-compose.workspace_enterprise.yml#L87).
+The additional parameters for mail server are available [here](https://github.com/ONLYOFFICE/Docker-CommunityServer/blob/master/docker-compose.yml#L75).
 
 To learn more, refer to the [ONLYOFFICE Mail Server documentation](https://github.com/ONLYOFFICE/Docker-MailServer "ONLYOFFICE Mail Server documentation").
 
@@ -297,7 +295,7 @@ bash opensource-install.sh -md yourdomain.com
 Or, use [docker-compose](https://docs.docker.com/compose/install "docker-compose"). For the mail server correct work you need to specify its hostname 'yourdomain.com'. Assuming you have docker-compose installed, execute the following command:
 
 ```bash
-wget https://raw.githubusercontent.com/ONLYOFFICE/Docker-CommunityServer/master/docker-compose.groups.yml
+wget https://raw.githubusercontent.com/ONLYOFFICE/Docker-CommunityServer/master/docker-compose.yml
 docker-compose up -d
 ```
 

docker-bake.hcl

@@ -1,89 +0,0 @@
-variable "TAG" {
-    default = ""
-}
-
-variable "SHORTER_TAG" {
-    default = ""
-}
-
-variable "SHORTEST_TAG" {
-    default = ""
-}
-
-variable "COMPANY_NAME" {
-    default = ""
-}
-
-variable "PREFIX_NAME" {
-    default = ""
-}
-
-variable "PRODUCT_EDITION" {
-    default = ""
-}
-
-variable "PRODUCT_NAME" {
-    default = ""
-}
-
-variable "DOCKERFILE" {
-    default = ""
-}
-
-variable "PLATFORM" {
-    default = ""
-}
-
-variable "PACKAGE_URL" {
-    default = ""
-}
-
-variable "DEVELOP_BUILD" {
-    default = ""
-}
-
-target "documentserver" {
-    target = "documentserver"
-    dockerfile= "${DOCKERFILE}"
-    tags = [
-           "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}",
-           notequal("",DEVELOP_BUILD) ? "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:latest": "",
-           ]
-    platforms = ["${PLATFORM}"]
-    args = {
-        "PRODUCT_EDITION": "${PRODUCT_EDITION}"
-        "PRODUCT_NAME": "${PRODUCT_NAME}"
-        "COMPANY_NAME": "${COMPANY_NAME}"
-        "PACKAGE_URL": "${PACKAGE_URL}"
-        "PLATFORM": "${PLATFORM}"
-    }
-}
-
-target "documentserver-stable" {
-    target = "documentserver-stable"
-    dockerfile= "Dockerfile.production"
-    tags = ["docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}",
-            "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${SHORTER_TAG}",
-            "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${SHORTEST_TAG}",
-            "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:latest"]
-    platforms = ["linux/amd64", "linux/arm64"]
-    args = {
-        "TAG": "${TAG}"
-        "COMPANY_NAME": "${COMPANY_NAME}"
-        "PRODUCT_NAME": "${PRODUCT_NAME}"
-        "PRODUCT_EDITION": "${PRODUCT_EDITION}"
-    }
-}
-
-target "documentserver-nonexample" {
-    target = "documentserver-nonexample"
-    dockerfile = "Dockerfile.production"
-    tags = [ "docker.io/${COMPANY_NAME}/${PRODUCT_NAME}${PREFIX_NAME}${PRODUCT_EDITION}:${TAG}-nonexample" ]
-    platforms = ["linux/amd64", "linux/arm64"]
-    args = {
-        "TAG": "${TAG}"
-        "COMPANY_NAME": "${COMPANY_NAME}"
-        "PRODUCT_NAME": "${PRODUCT_NAME}"
-        "PRODUCT_EDITION": "${PRODUCT_EDITION}"
-    } 
-}

hooks/build

@@ -0,0 +1,5 @@
+#!/bin/bash
+
+sed -i '/trap clean_exit SIGTERM/s/^/#/' run-document-server.sh
+
+docker build -t $IMAGE_NAME .

hooks/post_push

@@ -0,0 +1,7 @@
+#!/bin/bash
+
+NEW_TAG=6.4.2
+NEW_IMAGE_NAME=$DOCKER_REPO:$NEW_TAG
+
+docker tag $IMAGE_NAME $NEW_IMAGE_NAME
+docker push $NEW_IMAGE_NAME

hooks/push

@@ -0,0 +1,3 @@
+#!/bin/bash
+
+docker push $IMAGE_NAME

run-document-server.sh

@@ -1,7 +1,5 @@
 #!/bin/bash
 
-umask 0022
-
 function clean_exit {
   /usr/bin/documentserver-prepare4shutdown.sh
 }
@@ -39,21 +37,14 @@ if [ "${RELEASE_DATE}" != "${PREV_RELEASE_DATE}" ]; then
   fi
 fi
 
-SSL_CERTIFICATES_DIR="/usr/share/ca-certificates/ds"
-mkdir -p ${SSL_CERTIFICATES_DIR}
-if [[ -d ${DATA_DIR}/certs ]] && [ -e ${DATA_DIR}/certs/*.crt ]; then
-  cp -f ${DATA_DIR}/certs/* ${SSL_CERTIFICATES_DIR}
-  chmod 644 ${SSL_CERTIFICATES_DIR}/*.crt ${SSL_CERTIFICATES_DIR}/*.pem
-  chmod 400 ${SSL_CERTIFICATES_DIR}/*.key
-fi
-
-if [[ -z $SSL_CERTIFICATE_PATH ]] && [[ -f ${SSL_CERTIFICATES_DIR}/${COMPANY_NAME}.crt ]]; then
-  SSL_CERTIFICATE_PATH=${SSL_CERTIFICATES_DIR}/${COMPANY_NAME}.crt
+SSL_CERTIFICATES_DIR="${DATA_DIR}/certs"
+if [[ -z $SSL_CERTIFICATE_PATH ]] && [[ -f ${SSL_CERTIFICATES_DIR}/onlyoffice.crt ]]; then
+  SSL_CERTIFICATE_PATH=${SSL_CERTIFICATES_DIR}/onlyoffice.crt
 else
   SSL_CERTIFICATE_PATH=${SSL_CERTIFICATE_PATH:-${SSL_CERTIFICATES_DIR}/tls.crt}
 fi
-if [[ -z $SSL_KEY_PATH ]] && [[ -f ${SSL_CERTIFICATES_DIR}/${COMPANY_NAME}.key ]]; then
-  SSL_KEY_PATH=${SSL_CERTIFICATES_DIR}/${COMPANY_NAME}.key
+if [[ -z $SSL_KEY_PATH ]] && [[ -f ${SSL_CERTIFICATES_DIR}/onlyoffice.key ]]; then
+  SSL_KEY_PATH=${SSL_CERTIFICATES_DIR}/onlyoffice.key
 else
   SSL_KEY_PATH=${SSL_KEY_PATH:-${SSL_CERTIFICATES_DIR}/tls.key}
 fi
@@ -75,18 +66,8 @@ NGINX_CONFIG_PATH="/etc/nginx/nginx.conf"
 NGINX_WORKER_PROCESSES=${NGINX_WORKER_PROCESSES:-1}
 NGINX_WORKER_CONNECTIONS=${NGINX_WORKER_CONNECTIONS:-$(ulimit -n)}
 
-JWT_ENABLED=${JWT_ENABLED:-true}
-
-# validate user's vars before usinig in json
-if [ "${JWT_ENABLED}" == "true" ]; then
-  JWT_ENABLED="true"
-else
-  JWT_ENABLED="false"
-fi
-
-[ -z $JWT_SECRET ] && JWT_MESSAGE="JWT is enabled by default. A random secret is generated automatically. Run the command 'docker exec $(cut -c9-20 < /proc/1/cpuset) sudo documentserver-jwt-status.sh' to get information about JWT."
-
-JWT_SECRET=${JWT_SECRET:-$(pwgen -s 20)}
+JWT_ENABLED=${JWT_ENABLED:-false}
+JWT_SECRET=${JWT_SECRET:-secret}
 JWT_HEADER=${JWT_HEADER:-Authorization}
 JWT_IN_BODY=${JWT_IN_BODY:-false}
 
@@ -94,7 +75,7 @@ WOPI_ENABLED=${WOPI_ENABLED:-false}
 
 GENERATE_FONTS=${GENERATE_FONTS:-true}
 
-if [[ ${PRODUCT_NAME}${PRODUCT_EDITION} == "documentserver" ]]; then
+if [[ ${PRODUCT_NAME} == "documentserver" ]]; then
   REDIS_ENABLED=false
 else
   REDIS_ENABLED=true
@@ -303,37 +284,33 @@ update_rabbitmq_setting(){
 }
 
 update_redis_settings(){
-  ${JSON} -I -e "if(this.services.CoAuthoring.redis===undefined)this.services.CoAuthoring.redis={};"
   ${JSON} -I -e "this.services.CoAuthoring.redis.host = '${REDIS_SERVER_HOST}'"
   ${JSON} -I -e "this.services.CoAuthoring.redis.port = '${REDIS_SERVER_PORT}'"
-
-  if [ -n "${REDIS_SERVER_PASS}" ]; then
-    ${JSON} -I -e "this.services.CoAuthoring.redis.options = {'password':'${REDIS_SERVER_PASS}'}"
-  fi
-
 }
 
 update_ds_settings(){
-  ${JSON} -I -e "this.services.CoAuthoring.token.enable.browser = ${JWT_ENABLED}"
-  ${JSON} -I -e "this.services.CoAuthoring.token.enable.request.inbox = ${JWT_ENABLED}"
-  ${JSON} -I -e "this.services.CoAuthoring.token.enable.request.outbox = ${JWT_ENABLED}"
+  if [ "${JWT_ENABLED}" == "true" ]; then
+    ${JSON} -I -e "this.services.CoAuthoring.token.enable.browser = ${JWT_ENABLED}"
+    ${JSON} -I -e "this.services.CoAuthoring.token.enable.request.inbox = ${JWT_ENABLED}"
+    ${JSON} -I -e "this.services.CoAuthoring.token.enable.request.outbox = ${JWT_ENABLED}"
 
-  ${JSON} -I -e "this.services.CoAuthoring.secret.inbox.string = '${JWT_SECRET}'"
-  ${JSON} -I -e "this.services.CoAuthoring.secret.outbox.string = '${JWT_SECRET}'"
-  ${JSON} -I -e "this.services.CoAuthoring.secret.session.string = '${JWT_SECRET}'"
+    ${JSON} -I -e "this.services.CoAuthoring.secret.inbox.string = '${JWT_SECRET}'"
+    ${JSON} -I -e "this.services.CoAuthoring.secret.outbox.string = '${JWT_SECRET}'"
+    ${JSON} -I -e "this.services.CoAuthoring.secret.session.string = '${JWT_SECRET}'"
 
-  ${JSON} -I -e "this.services.CoAuthoring.token.inbox.header = '${JWT_HEADER}'"
-  ${JSON} -I -e "this.services.CoAuthoring.token.outbox.header = '${JWT_HEADER}'"
+    ${JSON} -I -e "this.services.CoAuthoring.token.inbox.header = '${JWT_HEADER}'"
+    ${JSON} -I -e "this.services.CoAuthoring.token.outbox.header = '${JWT_HEADER}'"
 
-  ${JSON} -I -e "this.services.CoAuthoring.token.inbox.inBody = ${JWT_IN_BODY}"
-  ${JSON} -I -e "this.services.CoAuthoring.token.outbox.inBody = ${JWT_IN_BODY}"
+    ${JSON} -I -e "this.services.CoAuthoring.token.inbox.inBody = ${JWT_IN_BODY}"
+    ${JSON} -I -e "this.services.CoAuthoring.token.outbox.inBody = ${JWT_IN_BODY}"
 
-  if [ -f "${ONLYOFFICE_EXAMPLE_CONFIG}" ]; then
-    ${JSON_EXAMPLE} -I -e "this.server.token.enable = ${JWT_ENABLED}"
-    ${JSON_EXAMPLE} -I -e "this.server.token.secret = '${JWT_SECRET}'"
-    ${JSON_EXAMPLE} -I -e "this.server.token.authorizationHeader = '${JWT_HEADER}'"
+    if [ -f "${ONLYOFFICE_EXAMPLE_CONFIG}" ] && [ "${JWT_ENABLED}" == "true" ]; then
+      ${JSON_EXAMPLE} -I -e "this.server.token.enable = ${JWT_ENABLED}"
+      ${JSON_EXAMPLE} -I -e "this.server.token.secret = '${JWT_SECRET}'"
+      ${JSON_EXAMPLE} -I -e "this.server.token.authorizationHeader = '${JWT_HEADER}'"
+    fi
   fi
- 
+
   if [ "${USE_UNAUTHORIZED_STORAGE}" == "true" ]; then
     ${JSON} -I -e "if(this.services.CoAuthoring.requestDefaults===undefined)this.services.CoAuthoring.requestDefaults={}"
     ${JSON} -I -e "if(this.services.CoAuthoring.requestDefaults.rejectUnauthorized===undefined)this.services.CoAuthoring.requestDefaults.rejectUnauthorized=false"
@@ -426,13 +403,11 @@ update_welcome_page() {
   WELCOME_PAGE="${APP_DIR}-example/welcome/docker.html"
   if [[ -e $WELCOME_PAGE ]]; then
     DOCKER_CONTAINER_ID=$(basename $(cat /proc/1/cpuset))
-    if (( ${#DOCKER_CONTAINER_ID} >= 12 )); then
-      if [[ -x $(command -v docker) ]]; then
-        DOCKER_CONTAINER_NAME=$(docker inspect --format="{{.Name}}" $DOCKER_CONTAINER_ID)
-        sed 's/$(sudo docker ps -q)/'"${DOCKER_CONTAINER_NAME#/}"'/' -i $WELCOME_PAGE
-      else
-        sed 's/$(sudo docker ps -q)/'"${DOCKER_CONTAINER_ID::12}"'/' -i $WELCOME_PAGE
-      fi
+    if [[ -x $(command -v docker) ]]; then
+      DOCKER_CONTAINER_NAME=$(docker inspect --format="{{.Name}}" $DOCKER_CONTAINER_ID)
+      sed 's/$(sudo docker ps -q)/'"${DOCKER_CONTAINER_NAME#/}"'/' -i $WELCOME_PAGE
+    else
+      sed 's/$(sudo docker ps -q)/'"${DOCKER_CONTAINER_ID::12}"'/' -i $WELCOME_PAGE
     fi
   fi
 }
@@ -484,8 +459,6 @@ update_nginx_settings(){
   if [ -f "${NGINX_ONLYOFFICE_EXAMPLE_CONF}" ]; then
     sed 's/linux/docker/' -i ${NGINX_ONLYOFFICE_EXAMPLE_CONF}
   fi
-
-  documentserver-update-securelink.sh -s ${SECURE_LINK_SECRET:-$(pwgen -s 20)} -r false
 }
 
 update_supervisor_settings(){
@@ -521,7 +494,7 @@ for i in ${DS_LIB_DIR}/App_Data/cache/files ${DS_LIB_DIR}/App_Data/docbuilder ${
 done
 
 # change folder rights
-for i in ${LOG_DIR} ${LIB_DIR}; do
+for i in ${LOG_DIR} ${LIB_DIR} ${DATA_DIR}; do
   chown -R ds:ds "$i"
   chmod -R 755 "$i"
 done
@@ -595,8 +568,6 @@ else
   update_welcome_page
 fi
 
-find /etc/${COMPANY_NAME} -exec chown ds:ds {} \;
-
 #start needed local services
 for i in ${LOCAL_SERVICES[@]}; do
   service $i start
@@ -645,7 +616,5 @@ if [ "${GENERATE_FONTS}" == "true" ]; then
 fi
 documentserver-static-gzip.sh ${ONLYOFFICE_DATA_CONTAINER}
 
-echo "${JWT_MESSAGE}" 
-
 tail -f /var/log/${COMPANY_NAME}/**/*.log &
 wait $!