Fix bug #58032 / Fix moves certificates alarm messages (#461 )

* Add some checks before replace certificates * Change if check key * Refactoring code * Refactoring code * Add checking exist files * Refactor: refactoring code * Remove check files conditions
Fix Big #57286 / Add redis password config settings (#466 )
2026-04-07 14:01:38 +08:00 · 2022-07-19 15:51:46 +03:00 · 2022-07-18 17:11:06 +03:00 · 2022-07-18 10:02:02 +00:00 · 2022-07-12 12:37:48 +03:00 · 2022-07-11 13:27:43 +03:00
5 changed files with 51 additions and 29 deletions
--- a/.github/workflows/4testing-build.yml
+++ b/.github/workflows/4testing-build.yml
@ -1,5 +1,5 @@
 ### This workflow setup instance then build and push images ###
-name: Multi-arch build 4testing
+name: 4testing multiarch-build

 on:
  push:
@ -15,10 +15,12 @@ jobs:
  build:
    name: Build 
    runs-on: ubuntu-latest
+    continue-on-error: ${{ matrix.condition }}
    strategy:
      matrix:
-        edition: ["", "-ee", "-de"]
        images: ["documentserver"]
+        edition: ["", "-ee", "-de"]
+        condition: [true]
    steps:
      - name: Checkout code 
        uses: actions/checkout@v3
@ -40,7 +42,7 @@ jobs:
        run: |
          echo ::set-output name=SOURCE_TAG::${GITHUB_REF#refs/tags/}

-      - name: Build documentserver-4testing
+      - name: Build 4testing
        run: |
          DOCKER_TAG=$(echo ${{ steps.tag_name.outputs.SOURCE_TAG }} | sed 's/^.//' )
          PACKAGE_VERSION=$(echo $DOCKER_TAG | sed  's/\./-/3')
@ -48,23 +50,26 @@ jobs:
          STATUS=$(curl -s -o /dev/null -w "%{http_code}\n" "$PACKAGE_URL")
          if [[ "$STATUS" = "200" ]]; then
             echo "Have access to documentserver${{ matrix.edition }} amd64 arch >> check arm64 access"
-             PACKAGE_URL=${{ secrets.REPO_URL }}${{ matrix.edition }}_"$PACKAGE_VERSION"_arm64.deb
-             STATUS=$(curl -s -o /dev/null -w "%{http_code}\n" "$PACKAGE_URL") 
-                 if [[ "$STATUS" = "200" ]]; then
-                 echo "Have access to documentserver${{ matrix.edition }} arm64 arch"
-                 echo "All architecture are available >> Build is starting."
-                 sed -i "s|http://download.onlyoffice.com/install/documentserver/linux/\${COMPANY_NAME}-\${PRODUCT_NAME}\${PRODUCT_EDITION}|${{ secrets.REPO_URL }}${{ matrix.edition }}_$PACKAGE_VERSION|g" Dockerfile
-                 PRODUCT_EDITION=${{ matrix.edition }} COMPANY_NAME=${{ env.COMPANY_NAME }} \
-                    PRODUCT_NAME=${{ env.PRODUCT_NAME }} DOCKERFILE=Dockerfile \
-                    PREFIX_NAME=4testing- TAG=$DOCKER_TAG \
-                    docker buildx bake \
-                    -f docker-bake.hcl ${{ matrix.images }} \
-                    --push
-                 echo "DONE: Build success >> exit with 0"
-                 exit 0  
-          else
-             echo "FAILED: Have no access to some required architecture documentserver${{ matrix.edition }}  >> Build did't started >> Exit with 0."
-             exit 0
+          else 
+             echo "FAILED: Have no access to documentserver${{ matrix.edition }} amd64 arch"
+             exit 1
          fi
+          PACKAGE_URL=${{ secrets.REPO_URL }}${{ matrix.edition }}_"$PACKAGE_VERSION"_arm64.deb
+          STATUS=$(curl -s -o /dev/null -w "%{http_code}\n" "$PACKAGE_URL") 
+          if [[ "$STATUS" = "200" ]]; then
+             echo "Have access to documentserver${{ matrix.edition }} arm64 arch"
+             echo "All architecture are available >> build is starting."
+             sed -i "s|http://download.onlyoffice.com/install/documentserver/linux/\${COMPANY_NAME}-\${PRODUCT_NAME}\${PRODUCT_EDITION}|${{ secrets.REPO_URL }}${{ matrix.edition }}_$PACKAGE_VERSION|g" Dockerfile
+             PRODUCT_EDITION=${{ matrix.edition }} COMPANY_NAME=${{ env.COMPANY_NAME }} \
+                PRODUCT_NAME=${{ env.PRODUCT_NAME }} DOCKERFILE=Dockerfile \
+                PREFIX_NAME=4testing- TAG=$DOCKER_TAG \
+                docker buildx bake \
+                -f docker-bake.hcl ${{ matrix.images }} \
+                --push
+             echo "DONE: Build success >> exit with 0"
+             exit 0  
+          else
+             echo "FAILED: Have no access to some required architecture documentserver${{ matrix.edition }} >> Exit with 0."
+             exit 1
          fi
        shell: bash
--- a/.github/workflows/stable-build.yml
+++ b/.github/workflows/stable-build.yml
@ -14,10 +14,12 @@ jobs:
  build:
    name: Build 
    runs-on: ubuntu-latest
+    continue-on-error: ${{ matrix.condition }}
    strategy:
      matrix:
        images: ["documentserver-stable"]
        edition: ["", "-ee", "-de"]
+        condition: [true]
    steps:
      - name: Checkout code 
        uses: actions/checkout@v3
@ -39,7 +41,7 @@ jobs:
        run: |
          echo ::set-output name=SOURCE_TAG::${GITHUB_REF#refs/tags/}

-      - name: Build documentserver-stable
+      - name: Build documentserver-release
        run: |
          TAG=$(echo ${{ steps.tag_name.outputs.SOURCE_TAG }} | sed 's/^.//; s/-stable//')
          SHORTER_TAG=$(echo ${TAG} | grep -o -P '^[\d]+\.[\d]+\.[\d]+')
@ -55,9 +57,11 @@ jobs:
                   SHORTEST_TAG=$SHORTEST_TAG \
                   docker buildx bake \
                   -f docker-bake.hcl ${{ matrix.images }} \
-                   --push ;
-             else
-                echo "FAILED: Image with tag $TAG do not presented on docker.hub >> build will not started >> exit with 0"
+                   --push 
+                echo "DONE: Build success >> exit with 0"
                exit 0
+             else
+                echo "FAILED: Image with tag $TAG do not presented on docker.hub >> build will not started >> exit with 1"
+                exit 1
             fi
        shell: bash
--- a/4
+++ b/4
@ -1,7 +1,7 @@
-FROM ubuntu:20.04 as documentserver
+FROM ubuntu:22.04 as documentserver
 LABEL maintainer Ascensio System SIA <support@onlyoffice.com>

-ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 DEBIAN_FRONTEND=noninteractive PG_VERSION=12
+ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 DEBIAN_FRONTEND=noninteractive PG_VERSION=14

 ARG ONLYOFFICE_VALUE=onlyoffice

--- a/README.md
+++ b/README.md
@ -185,6 +185,7 @@ Below is the complete list of parameters that can be set using environment varia
 - **AMQP_TYPE**: The message broker type. Supported values are `rabbitmq` or `activemq`. Defaults to `rabbitmq`.
 - **REDIS_SERVER_HOST**: The IP address or the name of the host where the Redis server is running.
 - **REDIS_SERVER_PORT**:  The Redis server port number.
+- **REDIS_SERVER_PASS**: The Redis server password. The password is not set by default.
 - **NGINX_WORKER_PROCESSES**: Defines the number of nginx worker processes.
 - **NGINX_WORKER_CONNECTIONS**: Sets the maximum number of simultaneous connections that can be opened by a nginx worker process.
 - **SECURE_LINK_SECRET**: Defines secret for the nginx config directive [secure_link_md5](http://nginx.org/ru/docs/http/ngx_http_secure_link_module.html#secure_link_md5). Defaults to `random string`.
--- a/run-document-server.sh
+++ b/run-document-server.sh
@ -37,7 +37,14 @@ if [ "${RELEASE_DATE}" != "${PREV_RELEASE_DATE}" ]; then
  fi
 fi

-SSL_CERTIFICATES_DIR="${DATA_DIR}/certs"
+SSL_CERTIFICATES_DIR="/usr/share/ca-certificates/ds"
+mkdir -p ${SSL_CERTIFICATES_DIR}
+if [[ -d ${DATA_DIR}/certs ]] && [ -e ${DATA_DIR}/certs/*.crt ]; then
+  cp -f ${DATA_DIR}/certs/* ${SSL_CERTIFICATES_DIR}
+  chmod 644 ${SSL_CERTIFICATES_DIR}/*.crt ${SSL_CERTIFICATES_DIR}/*.pem
+  chmod 400 ${SSL_CERTIFICATES_DIR}/*.key
+fi
+
 if [[ -z $SSL_CERTIFICATE_PATH ]] && [[ -f ${SSL_CERTIFICATES_DIR}/${COMPANY_NAME}.crt ]]; then
  SSL_CERTIFICATE_PATH=${SSL_CERTIFICATES_DIR}/${COMPANY_NAME}.crt
 else
@ -295,6 +302,11 @@ update_redis_settings(){
  ${JSON} -I -e "if(this.services.CoAuthoring.redis===undefined)this.services.CoAuthoring.redis={};"
  ${JSON} -I -e "this.services.CoAuthoring.redis.host = '${REDIS_SERVER_HOST}'"
  ${JSON} -I -e "this.services.CoAuthoring.redis.port = '${REDIS_SERVER_PORT}'"
+
+  if [ -n "${REDIS_SERVER_PASS}" ]; then
+    ${JSON} -I -e "this.services.CoAuthoring.redis.options = {'password':'${REDIS_SERVER_PASS}'}"
+  fi
+
 }

 update_ds_settings(){
@ -469,7 +481,7 @@ update_nginx_settings(){
    sed 's/linux/docker/' -i ${NGINX_ONLYOFFICE_EXAMPLE_CONF}
  fi

-  documentserver-update-securelink.sh -s ${SECURE_LINK_SECRET:-$(pwgen -s 20)}
+  documentserver-update-securelink.sh -s ${SECURE_LINK_SECRET:-$(pwgen -s 20)} -r false
 }

 update_supervisor_settings(){
@ -505,7 +517,7 @@ for i in ${DS_LIB_DIR}/App_Data/cache/files ${DS_LIB_DIR}/App_Data/docbuilder ${
 done

 # change folder rights
-for i in ${LOG_DIR} ${LIB_DIR} ${DATA_DIR}; do
+for i in ${LOG_DIR} ${LIB_DIR}; do
  chown -R ds:ds "$i"
  chmod -R 755 "$i"
 done
Author	SHA1	Message	Date
Danil Titarenko	06a05223b5	Fix bug #58032 / Fix moves certificates alarm messages (#461 ) * Add some checks before replace certificates * Change if check key * Refactoring code * Refactoring code * Add checking exist files * Refactor: refactoring code * Remove check files conditions	2022-07-19 15:51:46 +03:00
Danil Titarenko	143e77fdfc	Fix Big #57286 / Add redis password config settings (#466 ) * Add redis password settings * Add variable description * Change variable descriptions * Change variable descriptions * Change variable descriptions	2022-07-18 17:11:06 +03:00
papacarlo	8acbfdbeb7	Merge branch hotfix/v7.1.1 into release/v7.2.0	2022-07-18 10:02:02 +00:00
Danil Titarenko	c16635ea71	Fix supervisor socket messages (#459 )	2022-07-12 12:37:48 +03:00
Danil Titarenko	29e4ec3027	Refactoring workflow (#448 )	2022-07-11 13:27:43 +03:00
Evgeniy Antonyuk	c7a1fd04a4	fix Bug 50138 / Fix SSL key access error (#455 ) * Fix SSL key access error * Change name of directory	2022-07-05 14:56:42 +03:00
Danil Titarenko	c4ddb99710	Update base image version (#447 )	2022-07-05 14:41:20 +03:00
Alexey Golubev	19b66de202	Revert "Update run-document-server.sh (#439 )" This reverts commit `5c17c711b1`.	2022-05-26 17:03:57 +03:00
Roger Shieh	5c17c711b1	Update run-document-server.sh (#439 )	2022-05-24 18:02:42 +03:00
papacarlo	95e27e2655	Merge branch release/v7.1.0 into master	2022-05-12 13:21:23 +00:00