Update build

add hooks
2026-04-07 14:01:38 +08:00 · 2022-01-06 12:18:40 +03:00 · 2022-01-06 12:13:22 +03:00 · 2022-01-06 11:46:31 +03:00 · 2021-12-20 11:01:52 +03:00 · 2021-12-17 17:04:20 +03:00
43 changed files with 305 additions and 4530 deletions
--- a/.github/workflows/4testing-build.yml
+++ b/.github/workflows/4testing-build.yml
@ -1,186 +0,0 @@
-### This workflow setup instance then build and push images ###
-name: 4testing multiarch-build
-run-name: >-
-  Build #${{ inputs.build }} [
-  ${{ inputs.amd64 && 'AMD64' || '-' }}
-  ${{ inputs.arm64 && 'ARM64' || '-' }}
-  ] [
-  ${{ inputs.community && 'CE' || '-' }}
-  ${{ inputs.developer && 'DE' || '-' }}
-  ${{ inputs.enterprise && 'EE' || '-' }}
-  ]
-
-on:
-  workflow_dispatch:
-    inputs:
-      build:
-        description: 'Build number (ex. 45)'
-        type: string
-        required: true
-      amd64:
-        type: boolean
-        description: 'Build AMD64'
-        default: true
-      arm64:
-        type: boolean
-        description: 'Build ARM64'
-        default: true
-      community:
-        type: boolean
-        description: 'Build Community Edition'
-        default: true
-      enterprise:
-        type: boolean
-        description: 'Build Enterprise Edition'
-        default: true
-      developer:
-        type: boolean
-        description: 'Build Developer Edition'
-        default: true
-
-env: 
-  COMPANY_NAME: "onlyoffice"
-  PRODUCT_NAME: "documentserver"
-      
-jobs:
-  prepare:
-    runs-on: ubuntu-latest
-    steps:
-      - id: matrix
-        env:
-          BRANCH_NAME: ${{ github.ref_name }}
-          AMD64: ${{ github.event.inputs.amd64 }}
-          ARM64: ${{ github.event.inputs.arm64 }}
-          COMMUNITY: ${{ github.event.inputs.community }}
-          ENTERPRISE: ${{ github.event.inputs.enterprise }}
-          DEVELOPER: ${{ github.event.inputs.developer }}
-        run: |
-          set -ex
-
-          if ! [[ "$BRANCH_NAME" == develop || "$BRANCH_NAME" =~ hotfix || "$BRANCH_NAME" =~ release ]]; then
-            echo "Wrong branch."
-            exit 1
-          fi
-
-          [ "${AMD64}" = true ] && PLATFORMS+=("amd64")
-          [ "${ARM64}" = true ] && PLATFORMS+=("arm64")
-          if [ -z ${PLATFORMS} ]; then
-            echo "None of the platforms are selected."
-            exit 1
-          fi
-
-          [ "${COMMUNITY}" = true ] && EDITIONS+=("community")
-          [ "${ENTERPRISE}" = true ] && EDITIONS+=("enterprise")
-          [ "${DEVELOPER}" = true ] && EDITIONS+=("developer")
-          if [ -z ${EDITIONS} ]; then
-            echo "None of the editions are selected."
-            exit 1
-          fi
-          echo "editions=$(jq -n -c --arg s "${EDITIONS[*]}" '($s|split(" "))')" >> $GITHUB_OUTPUT
-    outputs:
-      editions: ${{ steps.matrix.outputs.editions }}
-
-  build:
-    name: "Build ${{ matrix.image }}-${{ matrix.edition }}"
-    runs-on: ubuntu-latest
-    needs: prepare
-    strategy:
-      fail-fast: false
-      matrix:
-        image: ["documentserver"]
-        edition: ${{ fromJSON(needs.prepare.outputs.editions) }}
-    steps:
-      - name: Checkout code 
-        uses: actions/checkout@v3
-
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v2
-
-      - name: Set up Docker Buildx
-        id: buildx
-        uses: docker/setup-buildx-action@v2
-     
-      - name: Login to Docker Hub
-        uses: docker/login-action@v2
-        with:
-          username: ${{ secrets.DOCKER_HUB_USERNAME }}
-          password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
-
-      - name: Build 4testing
-        id: build-ds
-        env:
-          BRANCH_NAME: ${{ github.ref_name }}
-          AMD64: ${{ github.event.inputs.amd64 }}
-          ARM64: ${{ github.event.inputs.arm64 }}
-          BUILD_NUMBER: ${{ github.event.inputs.build }}
-          EDITION: ${{ matrix.edition }}
-          IMAGE: ${{ matrix.image }}
-          PACKAGE_BASEURL: ${{ secrets.REPO_BASEURL }}
-        run: |
-          set -eux
-
-          ### ==>> At this step build variable declaration ###
-
-          case "${EDITION}" in
-            community)
-              PRODUCT_EDITION=""
-              ;;
-            enterprise)
-              PRODUCT_EDITION="-ee"
-              ;;
-            developer)
-              PRODUCT_EDITION="-de"
-              ;;
-          esac
-
-          [ "${AMD64}" = true ] && PLATFORMS+=("amd64")
-          [ "${ARM64}" = true ] && PLATFORMS+=("arm64")
-          PLATFORM=$(echo ${PLATFORMS[*]/#/linux/} | tr ' ' ',')
-
-          if [ "$BRANCH_NAME" = develop ]; then
-            BUILD_CHANNEL=nightly
-            PRODUCT_VERSION=99.99.99
-          elif [[ "$BRANCH_NAME" =~ hotfix || "$BRANCH_NAME" =~ release ]]; then
-            BUILD_CHANNEL=test
-            PRODUCT_VERSION=${BRANCH_NAME#*/v}
-          fi
-
-          export PRODUCT_EDITION
-          export PACKAGE_VERSION=${PRODUCT_VERSION}-${BUILD_NUMBER}
-          export BUILD_CHANNEL
-          export PLATFORM
-          export DOCKERFILE=Dockerfile
-          export PREFIX_NAME=4testing-
-          export TAG=${PRODUCT_VERSION}.${BUILD_NUMBER}
-
-          ### ==>> Build and push images at this step ###
-
-          docker buildx bake -f docker-bake.hcl "${IMAGE}" --push
-          echo "DONE: Build success"
-
-          ### Set output for Zap scanner
-          ### NOTE: Output will be used only in release/hotfix branches
-          
-          echo "version=${TAG}" >> "$GITHUB_OUTPUT"
-          echo "branch=${BRANCH_NAME}" >> "$GITHUB_OUTPUT"
-        shell: bash
-
-      # Run scanner only when edition is community 
-      # and branch hit release/ or hotfix/
-      - name: Trigger zap manualy
-        if: >-
-             matrix.edition == 'community' &&
-             (startsWith(steps.build-ds.outputs.branch, 'release/') ||
-              startsWith(steps.build-ds.outputs.branch, 'hotfix/'))
-        env:
-          VERSION: ${{ steps.build-ds.outputs.version }}
-          BRANCH: ${{ steps.build-ds.outputs.branch }}
-          GITHUB_TOKEN: ${{ secrets.TOKEN }}
-          REPO: ${{ github.repository }}
-        run: |
-            gh workflow run zap-ds.yaml \
-                 --repo "${REPO}" \
-                 -f branch="${BRANCH}" \
-                 -f version="${VERSION}"
-        shell: bash
-
--- a/.github/workflows/cron-rebuild-trigger.yml
+++ b/.github/workflows/cron-rebuild-trigger.yml
@ -1,22 +0,0 @@
---
-name: Trigger 4testing rebuild
-
-run-name: "Weekly 4testing rebuild trigger"
-
-on: 
-  schedule:
-    # Run every Saturday at 10 p.m.   
-    - cron: '00 22 * * 6'
-  
-jobs: 
-  trigger-rebuild:
-    name: "trigget-rebuild"
-    runs-on: "ubuntu-latest"
-    steps:
-      - name: Rebuild 4testing manualy
-        env: 
-          GITHUB_TOKEN: ${{ secrets.TOKEN }}
-        run: |
-          gh workflow run rebuild.yml \
-              --repo ONLYOFFICE/Docker-DocumentServer \
-              -f repo=4test
--- a/.github/workflows/rebuild.yml
+++ b/.github/workflows/rebuild.yml
@ -1,224 +0,0 @@
---
-name: Rebuild Docker-Documentserver 
-
-run-name: >
-        Rebuild DocumentServer with secure updates for repo: ${{ github.event.inputs.repo }}
-
-on:
-  workflow_dispatch:
-    inputs:
-      repo:
-        type: choice
-        description: Please, choose upload repo..
-        options:
-        - '4test'
-        - 'stable'
-
-permissions:
-  # All other permissions are set to none
-  contents: read
-  # Technically read access while waiting for images should be more than enough. However,
-  # there is a bug in GitHub Actions/Packages and in case private repositories are used, you get a permission
-  # denied error when attempting to just pull private image, changing the token permission to write solves the
-  # issue. This is not dangerous, because if it is for "ONLYOFFICE/Docker-DocumentServer", only maintainers can use ds-rebuild.yaml
-  # If it is for a fork, then the token is read-only anyway.
-  packages: read
-
-env: 
-  COMPANY_NAME: "onlyoffice"
-  PRODUCT_NAME: "documentserver" 
-  REGISTRY_URL: "https://hub.docker.com/v2/repositories"  
-
-jobs:
-  rebuild-info:
-    name: "Rebuild-info"
-    runs-on: "ubuntu-22.04"
-    env:
-      REPO_INPUTS: ${{ github.event.inputs.repo }}
-      EVENT: ${{ github.event_name }}
-    outputs: 
-      stable-versions: ${{ steps.selective-checks.outputs.stable-versions }}
-      ucs-versions: ${{ steps.selective-checks.outputs.ucs-versions }}
-      minor-tags: ${{ steps.selective-checks.outputs.minor-tags }}
-      ucs-rebuild-condition: ${{ steps.selective-checks.outputs.ucs-rebuild-condition }}
-      prefix-name: ${{ steps.selective-checks.outputs.prefix-name }}
-      repo: ${{ steps.selective-checks.outputs.repo }}
-    steps:
-      - name: Selective checks
-        id: selective-checks
-        run: |
-            set -e
-
-            REPO=${REPO_INPUTS:-"4test"}
-
-            if [ "${REPO}" == "stable" ]; then
-                 UCS_REBUILD=true
-                 UCS_VERSIONS=($(curl -s -H -X ${REGISTRY_URL}/${COMPANY_NAME}/${PRODUCT_NAME}-ucs/tags/?page_size=100 | \
-                            jq -r '.results|.[]|.name' | grep -oxE '[0-9]{1,}.[0-9]{1,}.[0-9]{1,}.1' || true))
-                 echo "ucs-versions=$(jq -c -n '$ARGS.positional' --args "${UCS_VERSIONS[@]}")" >> "$GITHUB_OUTPUT"
-            elif
-               [ "${REPO}" == "4test" ]; then 
-                 UCS_REBUILD=false
-                 PREFIX_NAME=4testing-
-            fi
-            
-            STABLE_VERSIONS=($(curl -s -H -X ${REGISTRY_URL}/${COMPANY_NAME}/${PRODUCT_NAME}/tags/?page_size=100 | \
-                            jq -r '.results|.[]|.name' | grep -oxE '[0-9]{1,}.[0-9]{1,}.[0-9]{1,}.1' || true))
-                            
-            # When rebuilding stable versions of the document server, 
-            # it is necessary to determine the version from which the 
-            # minor x.x tag will need to be pushed.        
-            
-            VERSIONS=(${STABLE_VERSIONS[@]})
-            for i in {1..10}; do
-                 if [ -z "${VERSIONS}" ]; then
-                     break
-                 else 
-                     TEMPLATE=${VERSIONS[0]%.*.*}
-                     TEMPLATE_MINOR=$(printf -- '%s\n' "${VERSIONS[@]}" | grep -o -m 1 "${VERSIONS[0]%.*.*}.[0-9].[0-9]")
-                     MINOR_TAGS+=(${TEMPLATE_MINOR%.*})
-            
-                     for v in ${MINOR_TAGS[@]}; do
-                          VERSIONS=(${VERSIONS[@]//${v%.*}.*.*})
-                     done
-                 fi
-            done
-            
-            echo "Stable releases that will be rebuilded"
-            echo "--------------------------------------"
-            echo "${STABLE_VERSIONS[@]}"
-            echo
-            echo 
-            echo "Ucs releases that will be rebuilded"
-            echo "-----------------------------------"
-            echo "${UCS_VERSIONS[@]}"
-            
-            echo "stable-versions=$(jq -c -n '$ARGS.positional' --args "${STABLE_VERSIONS[@]}")" >> "$GITHUB_OUTPUT"
-            echo "minor-tags=${MINOR_TAGS[@]}" >> "$GITHUB_OUTPUT"
-            echo "ucs-rebuild-condition=${UCS_REBUILD}" >> "$GITHUB_OUTPUT"
-            echo "prefix-name=${PREFIX_NAME}" >>  "$GITHUB_OUTPUT"
-            echo "repo=${REPO}" >> "$GITHUB_OUTPUT"
-        shell: bash
-
-  re-build-stable:
-    name: "Rebuild stable:${{ matrix.version }} ${{ matrix.edition }}"
-    needs: [rebuild-info]
-    runs-on: ubuntu-latest
-    strategy:
-      fail-fast: false
-      matrix:
-        type: ["stable"]
-        edition: ["", "-ee", "-de"]
-        version: ${{fromJSON(needs.rebuild-info.outputs.stable-versions)}}
-    steps:
-      - name: Checkout code 
-        uses: actions/checkout@v3
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v2
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2      
-      - name: Login to Docker Hub
-        uses: docker/login-action@v2
-        with:
-          username: ${{ secrets.DOCKER_HUB_USERNAME }}
-          password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
-     # Determines the new build number based 
-     # on data from the hub.docker registry
-      - name: Declare release number
-        id: release-number
-        env: 
-          REBUILD_VERSION: ${{ matrix.version }}
-        run: |
-          MINOR_VERSION=${REBUILD_VERSION%.*} 
-          LAST_RELEASE=$(curl -s -H -X ${REGISTRY_URL}/${COMPANY_NAME}/${PRODUCT_NAME}/tags/?page_size=100 \
-          | jq -r '.results|.[]|.name' | grep -Eo -m1 "${MINOR_VERSION}.[0-9]{1,}")
-          LAST_RELEASE=${LAST_RELEASE#*.*.*.}
-          echo "release-number=$((LAST_RELEASE+1))" >> "$GITHUB_OUTPUT"   
-        shell: bash  
-    #  Note: Rebuilding images with an 
-    #  extra layer to update security and 
-    #  all dependencies. Update tags got +1 to previous release.
-      - name: Re-build documentserver-stable
-        env:
-          MINOR_TAGS_ST: ${{ needs.rebuild-info.outputs.minor-tags }}
-          VERSION: ${{ matrix.version }}
-          RELEASE_NUMBER: ${{ steps.release-number.outputs.release-number }}
-          PREFIX_NAME: ${{ needs.rebuild-info.outputs.prefix-name }}
-          REPO: ${{ needs.rebuild-info.outputs.repo }}
-          PRODUCT_EDITION: ${{ matrix.edition }}
-        run: |
-            set -eux
-            export PULL_TAG=${VERSION}
-            export TAG=${VERSION%.*}.${RELEASE_NUMBER}
-            export SHORTER_TAG=${VERSION%.*}
-            export SHORTEST_TAG=${VERSION%.*.*}
-            
-            if [ "${REPO}" == "stable" ]; then
-                 MINOR_TAGS=(${MINOR_TAGS_ST})
-                 for v in ${MINOR_TAGS[@]}; do
-                     if [ "${SHORTER_TAG}" == "${v}" ]; then
-                         export PUSH_MAJOR="true"
-                     fi
-                 done
-                 if [ "${SHORTER_TAG}" == "${MINOR_TAGS[0]}" ]; then
-                     export LATEST="true"
-                 fi
-            fi
-            docker buildx bake -f docker-bake.hcl documentserver-stable-rebuild --push
-        shell: bash
-  re-build-ucs:
-    name: "Rebuild ucs: ${{ matrix.version }} ${{ matrix.edition }}"
-    if: needs.rebuild-info.outputs.ucs-rebuild-condition == 'true'
-    needs: [rebuild-info]
-    runs-on: ubuntu-latest
-    strategy:
-      fail-fast: false
-      matrix:
-        type: ["ucs"]
-        edition: ["", "-ee"]
-        version: ${{fromJSON(needs.rebuild-info.outputs.ucs-versions)}}
-    steps:
-      - name: Checkout code 
-        uses: actions/checkout@v3
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v2
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
-      - name: Login to Docker Hub
-        uses: docker/login-action@v2
-        with:
-          username: ${{ secrets.DOCKER_HUB_USERNAME }}
-          password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
-      # Determines the new build number based 
-      # on data from the hub.docker registry
-      - name: Declare release number
-        id: release-number
-        env: 
-          REBUILD_VERSION: ${{ matrix.version }}
-        run: |
-          MINOR_VERSION=${REBUILD_VERSION%.*} 
-          LAST_RELEASE=$(curl -s -H -X ${REGISTRY_URL}/${COMPANY_NAME}/${PRODUCT_NAME}/tags/?page_size=100 \
-                        | jq -r '.results|.[]|.name' | grep -Eo -m1 "${MINOR_VERSION}.[0-9]{1,}")
-          LAST_RELEASE=${LAST_RELEASE#*.*.*.}
-          echo "release-number=$((LAST_RELEASE+1))" >> "$GITHUB_OUTPUT"
-        shell: bash       
-      #  Note: Rebuilding images with an 
-      #  extra layer to update security and 
-      #  all dependencies. Update tags +1 to previous release.
-      - name: Re-build documentserver-ucs
-        env: 
-          VERSION: ${{ matrix.version }}
-          RELEASE_NUMBER: ${{ steps.release-number.outputs.release-number }}
-          PRODUCT_EDITION: ${{ matrix.edition }}
-        run: |
-            set -eux
-            export PULL_TAG=${VERSION}
-            export TAG=${VERSION%.*}.${RELEASE_NUMBER}
-            export SHORTER_TAG=${VERSION%.*}
-            export SHORTEST_TAG=${VERSION%.*.*}
-          
-            export UCS_REBUILD=true
-            export UCS_PREFIX=-ucs
-          
-            docker buildx bake -f docker-bake.hcl documentserver-stable-rebuild --push
-        shell: bash
--- a/.github/workflows/stable-build.yml
+++ b/.github/workflows/stable-build.yml
@ -1,139 +0,0 @@
-### This workflow setup instance then build and push images ###
-name: Multi-arch build stable
-run-name: ${{ inputs.tag }} (${{ inputs.release_number }})
-
-on:
-  workflow_dispatch:
-    inputs:
-      tag:
-        description: 'Tag for release (ex. 1.2.3.45)'
-        type: string
-        required: true
-      release_number:
-        description: 'Sequence number of the release (ex. x.x.x.<number>)'
-        type: string
-        required: true
-        default: '1'
-
-env:
-  COMPANY_NAME: "onlyoffice"
-  PRODUCT_NAME: "documentserver"
-  VERSION: ${{ github.event.inputs.tag }}
-  RELEASE_NUMBER: ${{ github.event.inputs.release_number }}
-
-jobs:
-  build:
-    name: "Release image: DocumentServer${{ matrix.edition }}"
-    runs-on: ubuntu-latest
-    strategy:
-      fail-fast: false
-      matrix:
-        images: ["documentserver-stable"]
-        edition: ["", "-ee", "-de"]
-    steps:
-      - name: Checkout code 
-        uses: actions/checkout@v3
-
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v2
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
-     
-      - name: Login to Docker Hub
-        uses: docker/login-action@v2
-        with:
-          username: ${{ secrets.DOCKER_HUB_USERNAME }}
-          password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
-
-      - name: Build documentserver-release
-        env:
-          TARGET: ${{ matrix.images }}
-          PRODUCT_EDITION: ${{ matrix.edition }}
-        run: |
-          set -eux
-          TESTING_IMAGE=${COMPANY_NAME}/4testing-${PRODUCT_NAME}${PRODUCT_EDITION}
-            export PRODUCT_EDITION
-            export PULL_TAG=${VERSION}
-            export TAG=${VERSION%.*}.${RELEASE_NUMBER}
-            export SHORTER_TAG=${VERSION%.*}
-            export SHORTEST_TAG=${VERSION%.*.*}
-            docker buildx bake -f docker-bake.hcl "${TARGET}" --push
-            echo "DONE: Build success >> exit with 0"
-            exit 0
-        shell: bash
-
-  build-nonexample:
-    name: "Release image: DocumentServer${{ matrix.edition }}-nonExample"
-    runs-on: ubuntu-latest
-    needs: [build]
-    if: ${{ false }}
-    strategy:
-      fail-fast: false
-      matrix:
-        images: ["documentserver-nonexample"]
-        edition: ["", "-ee", "-de"]
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v3
-
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v2
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
-
-      - name: Login to Docker Hub
-        uses: docker/login-action@v2
-        with:
-          username: ${{ secrets.DOCKER_HUB_USERNAME }}
-          password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
-
-      - name: build image
-        env:
-          TARGET: ${{ matrix.images }}
-          PRODUCT_EDITION: ${{ matrix.edition }}
-        run: |
-          set -eux
-          export PULL_TAG=${VERSION%.*}.${RELEASE_NUMBER}
-          export TAG=${VERSION%.*}.${RELEASE_NUMBER}
-          docker buildx bake -f docker-bake.hcl "${TARGET}" --push
-        shell: bash
-
-  build-ucs-ubuntu20:
-    name: "Release image: DocumentServer${{ matrix.edition }}-ucs"
-    runs-on: ubuntu-latest
-    strategy:
-      fail-fast: false
-      matrix:
-        edition: ["", "-ee"]
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v3
-
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v2
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
-
-      - name: Login to Docker Hub
-        uses: docker/login-action@v2
-        with:
-          username: ${{ secrets.DOCKER_HUB_USERNAME }}
-          password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
-
-      - name: build UCS
-        env:
-          PACKAGE_BASEURL: ${{ secrets.REPO_BASEURL }}
-          PRODUCT_EDITION: ${{ matrix.edition }}
-        run: |
-           set -eux
-           export DOCKERFILE=Dockerfile
-           export BASE_VERSION=20.04
-           export PG_VERSION=12
-           export PACKAGE_SUFFIX=
-           export TAG=${VERSION%.*}.${RELEASE_NUMBER}
-           export PACKAGE_VERSION=$( echo ${VERSION} |  sed -E 's/(.*)\./\1-/')
-           docker buildx bake -f docker-bake.hcl documentserver-ucs --push
-        shell: bash
--- a/.github/workflows/zap-ds.yaml
+++ b/.github/workflows/zap-ds.yaml
@ -1,70 +0,0 @@
---
-name: Scanning DocumentServer with ZAP
-
-run-name: > 
-      ZAP DocumentServer ver: ${{ github.event.inputs.version }} from branch: ${{ github.event.inputs.branch }}
-
-on:
-  workflow_dispatch:
-    inputs:
-      version:
-        description: 'Set DocumentServer version that will be deployed'
-        type: string
-        required: true
-      branch:
-        description: 'The branch from which the scan will be performed'
-        type: string
-        required: true
-jobs:
-  zap:
-    name: "Zap scanning DocumentServer"
-    runs-on: ubuntu-latest
-    permissions:
-      issues: write
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v3
-
-      - name: Run DS
-        id: run-ds
-        env:
-          TAG: ${{ github.event.inputs.version }}
-        run: |
-           # Create ssl certs
-           openssl genrsa -out tls.key 2048
-           openssl req -new -key tls.key -out tls.csr -subj "/C=RU/ST=NizhObl/L=NizhNov/O=RK-Tech/OU=TestUnit/CN=TestName"
-           openssl x509 -req -days 365 -in tls.csr -signkey tls.key -out tls.crt
-           openssl dhparam -out dhparam.pem 2048
-           sudo mkdir -p /app/onlyoffice/DocumentServer/data/certs
-           sudo cp ./tls.key /app/onlyoffice/DocumentServer/data/certs/
-           sudo cp ./tls.crt /app/onlyoffice/DocumentServer/data/certs/
-           sudo cp ./dhparam.pem /app/onlyoffice/DocumentServer/data/certs/
-           sudo chmod 400 /app/onlyoffice/DocumentServer/data/certs/tls.key
-           rm ./tls.key ./tls.crt ./dhparam.pem
-
-           # Run Ds with enabled ssl
-           export CONTAINER_NAME="documentserver"
-           sudo docker run -itd \
-                           --name ${CONTAINER_NAME} \
-                           -p 80:80 \
-                           -p 443:443 \
-                           -v /app/onlyoffice/DocumentServer/data:/var/www/onlyoffice/Data \
-                           onlyoffice/4testing-documentserver:${TAG}
-           sleep 60
-           sudo docker exec ${CONTAINER_NAME} sudo supervisorctl start ds:example
-           LOCAL_IP=$(hostname -I | awk '{print $1}')
-           echo "local-ip=${LOCAL_IP}" >> "$GITHUB_OUTPUT"
-
-      # Scan DocumentServer with ZAP.
-      # NOTE: Full scan get a lot of time.
-      # If you want make scan more faster (but less accurate) remove `cmd options` field
-      # -j mean that scanning use AJAX Spider, with this spider the scan takes approximately an hour
-      # Without any cmd options will be used default spider and the scan takes approximately ~10-15 minutes
-      - name: ZAP Scan
-        uses: zaproxy/action-full-scan@v0.8.0
-        with:
-          token: ${{ secrets.GITHUB_TOKEN }}
-          docker_name: 'ghcr.io/zaproxy/zaproxy:stable'
-          target: 'https://${{ steps.run-ds.outputs.local-ip }}/'
-          allow_issue_writing: false
-          cmd_options: '-j'
--- a/.travis.yml
+++ b/.travis.yml
@ -32,23 +32,23 @@ env:
    SSL_KEY_PATH: /var/www/onlyoffice/Data/certs/mycert.key


-  # postgresql 16
-  - config: postgres.yml
-    POSTGRES_VERSION: 16
-
-  # postgresql 15
-  - config: postgres.yml
-    POSTGRES_VERSION: 15
-
-  # postgresql 14
-  - config: postgres.yml
-    POSTGRES_VERSION: 14
-
-  # postgresql 13
-  - config: postgres.yml
-    POSTGRES_VERSION: 13
-
  # postgresql 12
+  - config: postgres.yml
+    POSTGRES_VERSION: 12
+
+  # postgresql 11
+  - config: postgres.yml
+    POSTGRES_VERSION: 11
+
+  # postgresql 10
+  - config: postgres.yml
+    POSTGRES_VERSION: 10
+
+  # postgresql 9
+  - config: postgres.yml
+    POSTGRES_VERSION: 9
+
+  # postgresql 9.5
  - config: postgres.yml

  # postgresql custom values
--- a/80
+++ b/80
@ -1,48 +1,25 @@
-ARG BASE_VERSION=24.04
-
-ARG BASE_IMAGE=ubuntu:$BASE_VERSION
-
-FROM ${BASE_IMAGE} AS documentserver
+FROM ubuntu:20.04
 LABEL maintainer Ascensio System SIA <support@onlyoffice.com>

-ARG BASE_VERSION
-ARG PG_VERSION=16
-ARG PACKAGE_SUFFIX=t64
-
-ENV OC_RELEASE_NUM=21
-ENV OC_RU_VER=12
-ENV OC_RU_REVISION_VER=0
-ENV OC_RESERVED_NUM=0
-ENV OC_RU_DATE=0
-ENV OC_PATH=${OC_RELEASE_NUM}${OC_RU_VER}000
-ENV OC_FILE_SUFFIX=${OC_RELEASE_NUM}.${OC_RU_VER}.${OC_RU_REVISION_VER}.${OC_RESERVED_NUM}.${OC_RU_DATE}${OC_FILE_SUFFIX}dbru
-ENV OC_VER_DIR=${OC_RELEASE_NUM}_${OC_RU_VER}
-ENV OC_DOWNLOAD_URL=https://download.oracle.com/otn_software/linux/instantclient/${OC_PATH}
-
-ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 DEBIAN_FRONTEND=noninteractive PG_VERSION=${PG_VERSION} BASE_VERSION=${BASE_VERSION}
+ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 DEBIAN_FRONTEND=noninteractive PG_VERSION=12

 ARG ONLYOFFICE_VALUE=onlyoffice

 RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \
    apt-get -y update && \
-    apt-get -yq install wget apt-transport-https gnupg locales lsb-release && \
-    wget -q -O /etc/apt/sources.list.d/mssql-release.list "https://packages.microsoft.com/config/ubuntu/$BASE_VERSION/prod.list" && \
-    wget -q -O /tmp/microsoft.asc https://packages.microsoft.com/keys/microsoft.asc && \
-    apt-key add /tmp/microsoft.asc && \
-    gpg --dearmor -o /usr/share/keyrings/microsoft-prod.gpg < /tmp/microsoft.asc && \
-    apt-get -y update && \
+    apt-get -yq install wget apt-transport-https gnupg locales && \
+    apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 0x8320ca65cb2de8e5 && \
    locale-gen en_US.UTF-8 && \
    echo ttf-mscorefonts-installer msttcorefonts/accepted-mscorefonts-eula select true | debconf-set-selections && \
-    ACCEPT_EULA=Y apt-get -yq install \
+    apt-get -yq install \
        adduser \
        apt-utils \
        bomstrip \
        certbot \
-        cron \
        curl \
+        gconf-service \
        htop \
-        libaio1${PACKAGE_SUFFIX} \
-        libasound2${PACKAGE_SUFFIX} \
+        libasound2 \
        libboost-regex-dev \
        libcairo2 \
        libcurl3-gnutls \
@ -54,7 +31,6 @@ RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \
        libxml2 \
        libxss1 \
        libxtst6 \
-        mssql-tools18 \
        mysql-client \
        nano \
        net-tools \
@ -65,15 +41,12 @@ RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \
        pwgen \
        rabbitmq-server \
        redis-server \
+        software-properties-common \
        sudo \
        supervisor \
        ttf-mscorefonts-installer \
-        unixodbc-dev \
-        unzip \
        xvfb \
-        xxd \
-        zlib1g || dpkg --configure -a && \
-    # Added dpkg --configure -a to handle installation issues with rabbitmq-server on arm64 architecture
+        zlib1g && \
    if [  $(ls -l /usr/share/fonts/truetype/msttcorefonts | wc -l) -ne 61 ]; \
        then echo 'msttcorefonts failed to download'; exit 1; fi  && \
    echo "SERVER_ADDITIONAL_ERL_ARGS=\"+S 1:1\"" | tee -a /etc/rabbitmq/rabbitmq-env.conf && \
@ -81,13 +54,9 @@ RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \
    sed 's|\(application\/zip.*\)|\1\n    application\/wasm wasm;|' -i /etc/nginx/mime.types && \
    pg_conftool $PG_VERSION main set listen_addresses 'localhost' && \
    service postgresql restart && \
+    sudo -u postgres psql -c "CREATE DATABASE $ONLYOFFICE_VALUE;" && \
    sudo -u postgres psql -c "CREATE USER $ONLYOFFICE_VALUE WITH password '$ONLYOFFICE_VALUE';" && \
-    sudo -u postgres psql -c "CREATE DATABASE $ONLYOFFICE_VALUE OWNER $ONLYOFFICE_VALUE;" && \
-    wget -O basic.zip ${OC_DOWNLOAD_URL}/instantclient-basic-linux.x64-${OC_FILE_SUFFIX}.zip && \
-    wget -O sqlplus.zip ${OC_DOWNLOAD_URL}/instantclient-sqlplus-linux.x64-${OC_FILE_SUFFIX}.zip && \
-    unzip -d /usr/share basic.zip && \
-    unzip -d /usr/share sqlplus.zip && \
-    mv /usr/share/instantclient_${OC_VER_DIR} /usr/share/instantclient && \
+    sudo -u postgres psql -c "GRANT ALL privileges ON DATABASE $ONLYOFFICE_VALUE TO $ONLYOFFICE_VALUE;" && \ 
    service postgresql stop && \
    service redis-server stop && \
    service rabbitmq-server stop && \
@ -95,41 +64,26 @@ RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \
    service nginx stop && \
    rm -rf /var/lib/apt/lists/*

-COPY config/supervisor/supervisor /etc/init.d/
-COPY config/supervisor/ds/*.conf /etc/supervisor/conf.d/
+COPY config /app/ds/setup/config/
 COPY run-document-server.sh /app/ds/run-document-server.sh
-COPY oracle/sqlplus /usr/bin/sqlplus

 EXPOSE 80 443

 ARG COMPANY_NAME=onlyoffice
 ARG PRODUCT_NAME=documentserver
-ARG PRODUCT_EDITION=
-ARG PACKAGE_VERSION=
-ARG TARGETARCH
-ARG PACKAGE_BASEURL="http://download.onlyoffice.com/install/documentserver/linux"
+ARG PACKAGE_URL="http://download.onlyoffice.com/install/documentserver/linux/${COMPANY_NAME}-${PRODUCT_NAME}_amd64.deb"

 ENV COMPANY_NAME=$COMPANY_NAME \
-    PRODUCT_NAME=$PRODUCT_NAME \
-    PRODUCT_EDITION=$PRODUCT_EDITION \
-    DS_PLUGIN_INSTALLATION=false \
-    DS_DOCKER_INSTALLATION=true
+    PRODUCT_NAME=$PRODUCT_NAME

-RUN PACKAGE_FILE="${COMPANY_NAME}-${PRODUCT_NAME}${PRODUCT_EDITION}${PACKAGE_VERSION:+_$PACKAGE_VERSION}_${TARGETARCH:-$(dpkg --print-architecture)}.deb" && \
-    wget -q -P /tmp "$PACKAGE_BASEURL/$PACKAGE_FILE" && \
+RUN wget -q -P /tmp "$PACKAGE_URL" && \
    apt-get -y update && \
    service postgresql start && \
-    apt-get -yq install /tmp/$PACKAGE_FILE && \
+    apt-get -yq install /tmp/$(basename "$PACKAGE_URL") && \
    service postgresql stop && \
-    chmod 755 /etc/init.d/supervisor && \
-    sed "s/COMPANY_NAME/${COMPANY_NAME}/g" -i /etc/supervisor/conf.d/*.conf && \
    service supervisor stop && \
    chmod 755 /app/ds/*.sh && \
-    printf "\nGO" >> "/var/www/$COMPANY_NAME/documentserver/server/schema/mssql/createdb.sql" && \
-    printf "\nGO" >> "/var/www/$COMPANY_NAME/documentserver/server/schema/mssql/removetbl.sql" && \
-    printf "\nexit" >> "/var/www/$COMPANY_NAME/documentserver/server/schema/oracle/createdb.sql" && \
-    printf "\nexit" >> "/var/www/$COMPANY_NAME/documentserver/server/schema/oracle/removetbl.sql" && \
-    rm -f /tmp/$PACKAGE_FILE && \
+    rm -f /tmp/$(basename "$PACKAGE_URL") && \
    rm -rf /var/log/$COMPANY_NAME && \
    rm -rf /var/lib/apt/lists/*

--- a/Dockerfile.cl
+++ b/Dockerfile.cl
@ -0,0 +1,4 @@
+FROM onlyoffice/documentserver-ee:latest
+
+RUN sed -i '/trap clean_exit SIGTERM/s/^/#/' /app/ds/run-document-server.sh
+
--- a/85
+++ b/85
@ -1,66 +1,75 @@
 COMPANY_NAME ?= ONLYOFFICE
 GIT_BRANCH ?= develop
-PRODUCT_NAME ?= documentserver
-PRODUCT_EDITION ?= 
+PRODUCT_NAME ?= DocumentServer
 PRODUCT_VERSION ?= 0.0.0
 BUILD_NUMBER ?= 0
-BUILD_CHANNEL ?= nightly
 ONLYOFFICE_VALUE ?= onlyoffice
+S3_BUCKET ?= repo-doc-onlyoffice-com
+RELEASE_BRANCH ?= unstable

 COMPANY_NAME_LOW = $(shell echo $(COMPANY_NAME) | tr A-Z a-z)
+PRODUCT_NAME_LOW = $(shell echo $(PRODUCT_NAME) | tr A-Z a-z)
+COMPANY_NAME_LOW_ESCAPED = $(subst -,,$(COMPANY_NAME_LOW))

-PACKAGE_NAME := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME)$(PRODUCT_EDITION)
-PACKAGE_VERSION ?= $(PRODUCT_VERSION)-$(BUILD_NUMBER)~stretch
-PACKAGE_BASEURL ?= https://s3.eu-west-1.amazonaws.com/repo-doc-onlyoffice-com/server/linux/debian
+PACKAGE_NAME := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME_LOW)
+PACKAGE_VERSION := $(PRODUCT_VERSION)-$(BUILD_NUMBER)
+PACKAGE_URL := http://$(S3_BUCKET).s3.amazonaws.com/$(COMPANY_NAME_LOW)/$(RELEASE_BRANCH)/ubuntu/$(PACKAGE_NAME)_$(PACKAGE_VERSION)_amd64.deb

-ifeq ($(BUILD_CHANNEL),$(filter $(BUILD_CHANNEL),nightly test))
-	DOCKER_TAG := $(PRODUCT_VERSION).$(BUILD_NUMBER)
+UPDATE_LATEST := false
+
+ifneq (,$(findstring develop,$(GIT_BRANCH)))
+DOCKER_TAG += $(subst -,.,$(PACKAGE_VERSION))
+DOCKER_TAGS += latest
+else ifneq (,$(findstring release,$(GIT_BRANCH)))
+DOCKER_TAG += $(subst -,.,$(PACKAGE_VERSION))
+else ifneq (,$(findstring hotfix,$(GIT_BRANCH)))
+DOCKER_TAG += $(subst -,.,$(PACKAGE_VERSION))
 else
-	DOCKER_TAG := $(PRODUCT_VERSION).$(BUILD_NUMBER)-$(subst /,-,$(GIT_BRANCH))
+DOCKER_TAG += $(subst -,.,$(PACKAGE_VERSION))-$(subst /,-,$(GIT_BRANCH))
 endif

-DOCKER_ORG ?= $(COMPANY_NAME_LOW)
-DOCKER_IMAGE := $(DOCKER_ORG)/4testing-$(PRODUCT_NAME)$(PRODUCT_EDITION)
-DOCKER_DUMMY := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME)$(PRODUCT_EDITION)__$(DOCKER_TAG).dummy
-DOCKER_ARCH := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME)_$(DOCKER_TAG).tar.gz
+DOCKER_TAGS += $(DOCKER_TAG)

-.PHONY: all clean clean-docker image deploy docker
+DOCKER_REPO = $(COMPANY_NAME_LOW_ESCAPED)/4testing-$(PRODUCT_NAME_LOW)

-$(DOCKER_DUMMY):
-	docker pull ubuntu:22.04
+COLON := __colon__
+DOCKER_TARGETS := $(foreach TAG,$(DOCKER_TAGS),$(DOCKER_REPO)$(COLON)$(TAG))
+
+DOCKER_ARCH := $(COMPANY_NAME_LOW)-$(PRODUCT_NAME_LOW)_$(PACKAGE_VERSION).tar.gz
+
+DOCKER_ARCH_URI := $(COMPANY_NAME_LOW)/$(RELEASE_BRANCH)/docker/$(notdir $(DOCKER_ARCH))
+
+.PHONY: all clean clean-docker deploy docker publish
+
+$(DOCKER_TARGETS): $(DEB_REPO_DATA)
+	docker pull ubuntu:20.04
 	docker build \
+		--build-arg PACKAGE_URL=$(PACKAGE_URL) \
 		--build-arg COMPANY_NAME=$(COMPANY_NAME_LOW) \
-		--build-arg PRODUCT_NAME=$(PRODUCT_NAME) \
-		--build-arg PRODUCT_EDITION=$(PRODUCT_EDITION) \
-		--build-arg PACKAGE_VERSION=$(PACKAGE_VERSION) \
-		--build-arg PACKAGE_BASEURL=$(PACKAGE_BASEURL) \
-		--build-arg TARGETARCH=amd64 \
+		--build-arg PRODUCT_NAME=$(PRODUCT_NAME_LOW) \
 		--build-arg ONLYOFFICE_VALUE=$(ONLYOFFICE_VALUE) \
-		-t $(DOCKER_IMAGE):$(DOCKER_TAG) . && \
-	mkdir -p $$(dirname $@) && \
+		-t $(subst $(COLON),:,$@) . &&\
+	mkdir -p $$(dirname $@) &&\
 	echo "Done" > $@

-$(DOCKER_ARCH): $(DOCKER_DUMMY)
-	docker save $(DOCKER_IMAGE):$(DOCKER_TAG) | \
+$(DOCKER_ARCH): $(DOCKER_TARGETS)
+	docker save $(DOCKER_REPO):$(DOCKER_TAG) | \
 		gzip > $@

-all: image
+all: $(DOCKER_TARGETS)

 clean:
-	rm -rfv *.dummy *.tar.gz
+	rm -rfv $(DOCKER_TARGETS) $(DOCKER_ARCH)
 		
 clean-docker:
 	docker rmi -f $$(docker images -q $(COMPANY_NAME_LOW)/*) || exit 0

-image: $(DOCKER_DUMMY)
+deploy: $(DOCKER_TARGETS)
+	$(foreach TARGET,$(DOCKER_TARGETS), \
+		for i in {1..3}; do \
+			docker push $(subst $(COLON),:,$(TARGET)) && break || sleep 1m; \
+		done;)

-deploy: $(DOCKER_DUMMY)
-	for i in {1..3}; do \
-		docker push $(DOCKER_IMAGE):$(DOCKER_TAG) && break || sleep 1m; \
-	done
-ifeq ($(BUILD_CHANNEL),nightly)
-	docker tag $(DOCKER_IMAGE):$(DOCKER_TAG) $(DOCKER_IMAGE):latest
-	for i in {1..3}; do \
-		docker push $(DOCKER_IMAGE):latest && break || sleep 1m; \
-	done
-endif
+publish: $(DOCKER_ARCH)
+	aws s3 cp --no-progress --acl public-read \
+		$(DOCKER_ARCH) s3://$(S3_BUCKET)/$(DOCKER_ARCH_URI)
--- a/README.md
+++ b/README.md
@ -11,7 +11,6 @@
        + [Installation of the SSL Certificates](#installation-of-the-ssl-certificates)
        + [Available Configuration Parameters](#available-configuration-parameters)
 * [Installing ONLYOFFICE Document Server integrated with Community and Mail Servers](#installing-onlyoffice-document-server-integrated-with-community-and-mail-servers)
-* [ONLYOFFICE Document Server ipv6 setup](#onlyoffice-document-server-ipv6-setup)
 * [Issues](#issues)
    - [Docker Issues](#docker-issues)
    - [Document Server usage Issues](#document-server-usage-issues)
@ -26,8 +25,6 @@ Starting from version 6.0, Document Server is distributed as ONLYOFFICE Docs. It

 ONLYOFFICE Docs can be used as a part of ONLYOFFICE Workspace or with third-party sync&share solutions (e.g. Nextcloud, ownCloud, Seafile) to enable collaborative editing within their interface.

-***Important*** Please update `docker-engine` to latest version (`20.10.21` as of writing this doc) before using it. We use `ubuntu:22.04` as base image and it older versions of docker have compatibility problems with it
-
 ## Functionality ##
 * ONLYOFFICE Document Editor
 * ONLYOFFICE Spreadsheet Editor
@ -178,8 +175,7 @@ Below is the complete list of parameters that can be set using environment varia
 - **SSL_KEY_PATH**: The path to the SSL certificate's private key. Defaults to `/var/www/onlyoffice/Data/certs/tls.key`.
 - **SSL_DHPARAM_PATH**: The path to the Diffie-Hellman parameter. Defaults to `/var/www/onlyoffice/Data/certs/dhparam.pem`.
 - **SSL_VERIFY_CLIENT**: Enable verification of client certificates using the `CA_CERTIFICATES_PATH` file. Defaults to `false`
- **NODE_EXTRA_CA_CERTS**: The [NODE_EXTRA_CA_CERTS](https://nodejs.org/api/cli.html#node_extra_ca_certsfile "Node.js documentation") to extend CAs with the extra certificates for Node.js. Defaults to `/var/www/onlyoffice/Data/certs/extra-ca-certs.pem`.
- **DB_TYPE**: The database type. Supported values are `postgres`, `mariadb`, `mysql`, `mssql` or `oracle`. Defaults to `postgres`.
+- **DB_TYPE**: The database type. Supported values are `postgres`, `mariadb` or `mysql`. Defaults to `postgres`.
 - **DB_HOST**: The IP address or the name of the host where the database server is running.
 - **DB_PORT**: The database server port number.
 - **DB_NAME**: The name of a database to use. Should be existing on container startup.
@ -189,17 +185,13 @@ Below is the complete list of parameters that can be set using environment varia
 - **AMQP_TYPE**: The message broker type. Supported values are `rabbitmq` or `activemq`. Defaults to `rabbitmq`.
 - **REDIS_SERVER_HOST**: The IP address or the name of the host where the Redis server is running.
 - **REDIS_SERVER_PORT**:  The Redis server port number.
- **REDIS_SERVER_PASS**: The Redis server password. The password is not set by default.
 - **NGINX_WORKER_PROCESSES**: Defines the number of nginx worker processes.
 - **NGINX_WORKER_CONNECTIONS**: Sets the maximum number of simultaneous connections that can be opened by a nginx worker process.
- **SECURE_LINK_SECRET**: Defines secret for the nginx config directive [secure_link_md5](https://nginx.org/en/docs/http/ngx_http_secure_link_module.html#secure_link_md5). Defaults to `random string`.
- **JWT_ENABLED**: Specifies the enabling the JSON Web Token validation by the ONLYOFFICE Document Server. Defaults to `true`.
- **JWT_SECRET**: Defines the secret key to validate the JSON Web Token in the request to the ONLYOFFICE Document Server. Defaults to random value.
+- **JWT_ENABLED**: Specifies the enabling the JSON Web Token validation by the ONLYOFFICE Document Server. Defaults to `false`.
+- **JWT_SECRET**: Defines the secret key to validate the JSON Web Token in the request to the ONLYOFFICE Document Server. Defaults to `secret`.
 - **JWT_HEADER**: Defines the http header that will be used to send the JSON Web Token. Defaults to `Authorization`.
 - **JWT_IN_BODY**: Specifies the enabling the token validation in the request body to the ONLYOFFICE Document Server. Defaults to `false`.
 - **WOPI_ENABLED**: Specifies the enabling the wopi handlers. Defaults to `false`.
- **ALLOW_META_IP_ADDRESS**: Defines if it is allowed to connect meta IP address or not. Defaults to `false`.
- **ALLOW_PRIVATE_IP_ADDRESS**: Defines if it is allowed to connect private IP address or not. Defaults to `false`.
 - **USE_UNAUTHORIZED_STORAGE**: Set to `true`if using selfsigned certificates for your storage server e.g. Nextcloud. Defaults to `false`
 - **GENERATE_FONTS**: When 'true' regenerates fonts list and the fonts thumbnails etc. at each start. Defaults to `true`
 - **METRICS_ENABLED**: Specifies the enabling StatsD for ONLYOFFICE Document Server. Defaults to `false`.
@ -208,7 +200,6 @@ Below is the complete list of parameters that can be set using environment varia
 - **METRICS_PREFIX**: Defines StatsD metrics prefix for backend services. Defaults to `ds.`.
 - **LETS_ENCRYPT_DOMAIN**: Defines the domain for Let's Encrypt certificate.
 - **LETS_ENCRYPT_MAIL**: Defines the domain administator mail address for Let's Encrypt certificate.
- **PLUGINS_ENABLED**: Defines whether to enable default plugins. Defaults to `true`.

 ## Installing ONLYOFFICE Document Server integrated with Community and Mail Servers

@ -225,28 +216,18 @@ Then launch containers on it using the 'docker run --net onlyoffice' option:

 Follow [these steps](#installing-mysql) to install MySQL server.

-**STEP 3**: Generate JWT Secret
-
-JWT secret defines the secret key to validate the JSON Web Token in the request to the **ONLYOFFICE Document Server**. You can specify it yourself or easily get it using the command:
-```
-JWT_SECRET=$(cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 12);
-```
-
-**STEP 4**: Install ONLYOFFICE Document Server.
+**STEP 3**: Install ONLYOFFICE Document Server.

 ```bash
 sudo docker run --net onlyoffice -i -t -d --restart=always --name onlyoffice-document-server \
- -e JWT_ENABLED=true \
- -e JWT_SECRET=${JWT_SECRET} \
- -e JWT_HEADER=AuthorizationJwt \
- -v /app/onlyoffice/DocumentServer/logs:/var/log/onlyoffice  \
- -v /app/onlyoffice/DocumentServer/data:/var/www/onlyoffice/Data  \
- -v /app/onlyoffice/DocumentServer/lib:/var/lib/onlyoffice \
- -v /app/onlyoffice/DocumentServer/db:/var/lib/postgresql \
- onlyoffice/documentserver
+	-v /app/onlyoffice/DocumentServer/logs:/var/log/onlyoffice  \
+	-v /app/onlyoffice/DocumentServer/data:/var/www/onlyoffice/Data  \
+	-v /app/onlyoffice/DocumentServer/lib:/var/lib/onlyoffice \
+	-v /app/onlyoffice/DocumentServer/db:/var/lib/postgresql \
+	onlyoffice/documentserver
 ```

-**STEP 5**: Install ONLYOFFICE Mail Server. 
+**STEP 4**: Install ONLYOFFICE Mail Server. 

 For the mail server correct work you need to specify its hostname 'yourdomain.com'.

@ -264,14 +245,14 @@ sudo docker run --init --net onlyoffice --privileged -i -t -d --restart=always -
 onlyoffice/mailserver
 ```

-The additional parameters for mail server are available [here](https://github.com/ONLYOFFICE/Docker-CommunityServer/blob/master/docker-compose.workspace_enterprise.yml#L87).
+The additional parameters for mail server are available [here](https://github.com/ONLYOFFICE/Docker-CommunityServer/blob/master/docker-compose.yml#L75).

 To learn more, refer to the [ONLYOFFICE Mail Server documentation](https://github.com/ONLYOFFICE/Docker-MailServer "ONLYOFFICE Mail Server documentation").

-**STEP 6**: Install ONLYOFFICE Community Server
+**STEP 5**: Install ONLYOFFICE Community Server

 ```bash
-sudo docker run --net onlyoffice -i -t -d --privileged --restart=always --name onlyoffice-community-server -p 80:80 -p 443:443 -p 5222:5222 --cgroupns=host \
+sudo docker run --net onlyoffice -i -t -d --restart=always --name onlyoffice-community-server -p 80:80 -p 443:443 -p 5222:5222 \
 -e MYSQL_SERVER_ROOT_PASSWORD=my-secret-pw \
 -e MYSQL_SERVER_DB_NAME=onlyoffice \
 -e MYSQL_SERVER_HOST=onlyoffice-mysql-server \
@ -279,9 +260,6 @@ sudo docker run --net onlyoffice -i -t -d --privileged --restart=always --name o
 -e MYSQL_SERVER_PASS=onlyoffice_pass \
 
 -e DOCUMENT_SERVER_PORT_80_TCP_ADDR=onlyoffice-document-server \
- -e DOCUMENT_SERVER_JWT_ENABLED=true \
- -e DOCUMENT_SERVER_JWT_SECRET=${JWT_SECRET} \
- -e DOCUMENT_SERVER_JWT_HEADER=AuthorizationJwt \
 
 -e MAIL_SERVER_API_HOST=${MAIL_SERVER_IP} \
 -e MAIL_SERVER_DB_HOST=onlyoffice-mysql-server \
@ -292,14 +270,12 @@ sudo docker run --net onlyoffice -i -t -d --privileged --restart=always --name o
 
 -v /app/onlyoffice/CommunityServer/data:/var/www/onlyoffice/Data \
 -v /app/onlyoffice/CommunityServer/logs:/var/log/onlyoffice \
- -v /app/onlyoffice/CommunityServer/letsencrypt:/etc/letsencrypt \
- -v /sys/fs/cgroup:/sys/fs/cgroup:rw \
 onlyoffice/communityserver
 ```

 Where `${MAIL_SERVER_IP}` is the IP address for **ONLYOFFICE Mail Server**. You can easily get it using the command:
 ```
-MAIL_SERVER_IP=$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' onlyoffice-mail-server)
+docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' onlyoffice-mail-server
 ```

 Alternatively, you can use an automatic installation script to install the whole ONLYOFFICE Community Edition at once. For the mail server correct work you need to specify its hostname 'yourdomain.com'.
@ -319,34 +295,10 @@ bash opensource-install.sh -md yourdomain.com
 Or, use [docker-compose](https://docs.docker.com/compose/install "docker-compose"). For the mail server correct work you need to specify its hostname 'yourdomain.com'. Assuming you have docker-compose installed, execute the following command:

 ```bash
-wget https://raw.githubusercontent.com/ONLYOFFICE/Docker-CommunityServer/master/docker-compose.groups.yml
+wget https://raw.githubusercontent.com/ONLYOFFICE/Docker-CommunityServer/master/docker-compose.yml
 docker-compose up -d
 ```

-## ONLYOFFICE Document Server ipv6 setup
-
-(Works and is supported only for Linux hosts)
-
-Docker does not currently provide ipv6 addresses to containers by default. This function is experimental now.
-
-To set up interaction via ipv6, you need to enable support for this feature in your Docker. For this you need:
- create the `/etc/docker/daemon.json` file with the following content:
-
-```
-{
-"ipv6": true,
-"fixed-cidr-v6": "2001:db8:abc1::/64"
-}
-```
- restart docker with the following command: `systemctl restart docker`
-
-After that, all running containers receive an ipv6 address and have an inet6 interface.
-
-You can check your default bridge network and see the field there
-`EnableIPv6=true`. A new ipv6 subnet will also be added.
-
-For more information, visit the official [Docker manual site](https://docs.docker.com/config/daemon/ipv6/)
-
 ## Issues

 ### Docker Issues
--- a/cluster.yml
+++ b/cluster.yml
@ -0,0 +1,108 @@
+version: '2.1'
+
+x-ds-image:
+  &ds-image
+  ${COMPANY_NAME:-onlyoffice}/${PRODUCT_NAME:-documentserver-de}:${PRODUCT_VERSION:-latest}
+
+services:
+  onlyoffice-documentserver-data:  
+    container_name: onlyoffice-documentserver-data
+    image: *ds-image
+    environment:
+      - ONLYOFFICE_DATA_CONTAINER=true
+      - DB_HOST=onlyoffice-postgresql
+      - DB_PORT=5432
+      - DB_NAME=onlyoffice
+      - DB_USER=onlyoffice
+      - AMQP_URI=amqp://guest:guest@onlyoffice-rabbitmq
+      - REDIS_SERVER_HOST=onlyoffice-redis
+      - REDIS_SERVER_PORT=6379
+      # Uncomment strings below to enable the JSON Web Token validation.
+      #- JWT_ENABLED=true
+      #- JWT_SECRET=secret
+      #- JWT_HEADER=Authorization
+      #- JWT_IN_BODY=true
+    stdin_open: true
+    restart: always
+    volumes:
+       - /etc/onlyoffice
+       - /var/www/onlyoffice/Data
+       - /var/log/onlyoffice
+       - /var/lib/onlyoffice/documentserver/App_Data/cache/files
+       - /var/www/onlyoffice/documentserver-example/public/files
+       - /usr/share/fonts
+       
+  onlyoffice-documentserver:
+    image: *ds-image
+    depends_on:
+      - onlyoffice-documentserver-data
+      - onlyoffice-postgresql
+      - onlyoffice-redis
+      - onlyoffice-rabbitmq
+    environment:
+      - ONLYOFFICE_DATA_CONTAINER_HOST=onlyoffice-documentserver-data
+      - BALANCE=uri depth 3
+      - EXCLUDE_PORTS=443
+      - HTTP_CHECK=GET /healthcheck
+      - EXTRA_SETTINGS=http-check expect string true
+      # Uncomment the string below to redirect HTTP request to HTTPS request.
+      #- FORCE_SSL=true
+    stdin_open: true
+    restart: always
+    expose:
+      - '80'
+    volumes_from:
+     - onlyoffice-documentserver-data
+
+  onlyoffice-haproxy:
+    container_name: onlyoffice-haproxy
+    image: dockercloud/haproxy:1.5.1
+    depends_on:
+      - onlyoffice-documentserver
+    environment:
+      - MODE=http
+      # Uncomment the string below to specify the path of ssl certificates
+      #- CERT_FOLDER=/certs/
+    stdin_open: true
+    links:
+     - onlyoffice-documentserver
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+      # Uncomment the string below to map a ssl certificate from host
+      # to the proxy container
+      #- /app/onlyoffice/DocumentServer/data/certs/onlyoffice.pem:/certs/cert1.pem
+    restart: always
+    ports:
+      - '80:80'
+      - '443:443'
+      - '1936:1936'
+       
+  onlyoffice-redis:
+    container_name: onlyoffice-redis
+    image: redis
+    restart: always
+    expose:
+      - '6379'
+
+  onlyoffice-rabbitmq:
+    container_name: onlyoffice-rabbitmq
+    image: rabbitmq
+    restart: always
+    expose:
+      - '5672'
+
+  onlyoffice-postgresql:
+    container_name: onlyoffice-postgresql
+    image: postgres:9.5
+    environment:
+      - POSTGRES_DB=onlyoffice
+      - POSTGRES_USER=onlyoffice
+      - POSTGRES_HOST_AUTH_METHOD=trust
+    restart: always
+    expose:
+      - '5432'
+    volumes:
+      - postgresql_data:/var/lib/postgresql
+
+volumes:
+  postgresql_data:
--- a/config/supervisor/ds/ds-converter.conf
+++ b/config/supervisor/ds/ds-converter.conf
@ -1,13 +0,0 @@
-[program:converter]
-command=/var/www/COMPANY_NAME/documentserver/server/FileConverter/converter
-directory=/var/www/COMPANY_NAME/documentserver/server/FileConverter
-user=ds
-environment=NODE_ENV=production-linux,NODE_CONFIG_DIR=/etc/COMPANY_NAME/documentserver,NODE_DISABLE_COLORS=1,APPLICATION_NAME=COMPANY_NAME,LD_LIBRARY_PATH=/var/www/COMPANY_NAME/documentserver/server/FileConverter/bin
-stdout_logfile=/var/log/COMPANY_NAME/documentserver/converter/out.log
-stdout_logfile_backups=0
-stdout_logfile_maxbytes=0
-stderr_logfile=/var/log/COMPANY_NAME/documentserver/converter/err.log
-stderr_logfile_backups=0
-stderr_logfile_maxbytes=0
-autostart=true
-autorestart=true
--- a/config/supervisor/ds/ds-docservice.conf
+++ b/config/supervisor/ds/ds-docservice.conf
@ -1,13 +0,0 @@
-[program:docservice]
-command=/var/www/COMPANY_NAME/documentserver/server/DocService/docservice
-directory=/var/www/COMPANY_NAME/documentserver/server/DocService
-user=ds
-environment=NODE_ENV=production-linux,NODE_CONFIG_DIR=/etc/COMPANY_NAME/documentserver,NODE_DISABLE_COLORS=1,APPLICATION_NAME=COMPANY_NAME
-stdout_logfile=/var/log/COMPANY_NAME/documentserver/docservice/out.log
-stdout_logfile_backups=0
-stdout_logfile_maxbytes=0
-stderr_logfile=/var/log/COMPANY_NAME/documentserver/docservice/err.log
-stderr_logfile_backups=0
-stderr_logfile_maxbytes=0
-autostart=true
-autorestart=true
--- a/config/supervisor/ds/ds-example.conf
+++ b/config/supervisor/ds/ds-example.conf
@ -1,14 +0,0 @@
-[program:example]
-command=/var/www/COMPANY_NAME/documentserver-example/example
-directory=/var/www/COMPANY_NAME/documentserver-example/
-user=ds
-environment=NODE_ENV=production-linux,NODE_CONFIG_DIR=/etc/COMPANY_NAME/documentserver-example,NODE_DISABLE_COLORS=1
-stdout_logfile=/var/log/COMPANY_NAME/documentserver-example/out.log
-stdout_logfile_backups=0
-stdout_logfile_maxbytes=0
-stderr_logfile=/var/log/COMPANY_NAME/documentserver-example/err.log
-stderr_logfile_backups=0
-stderr_logfile_maxbytes=0
-autostart=false
-autorestart=true
-redirect_stderr=true
--- a/config/supervisor/ds/ds-metrics.conf
+++ b/config/supervisor/ds/ds-metrics.conf
@ -1,13 +0,0 @@
-[program:metrics]
-command=/var/www/COMPANY_NAME/documentserver/server/Metrics/metrics ./config/config.js
-directory=/var/www/COMPANY_NAME/documentserver/server/Metrics
-user=ds
-environment=NODE_DISABLE_COLORS=1
-stdout_logfile=/var/log/COMPANY_NAME/documentserver/metrics/out.log
-stdout_logfile_backups=0
-stdout_logfile_maxbytes=0
-stderr_logfile=/var/log/COMPANY_NAME/documentserver/metrics/err.log
-stderr_logfile_backups=0
-stderr_logfile_maxbytes=0
-autostart=false
-autorestart=false
--- a/config/supervisor/ds/ds.conf
+++ b/config/supervisor/ds/ds.conf
@ -1,2 +0,0 @@
-[group:ds]
-programs=docservice,converter,metrics,example
--- a/config/supervisor/supervisord.conf
+++ b/config/supervisor/supervisord.conf
@ -0,0 +1,27 @@
+; supervisor config file
+
+[inet_http_server]
+port = 127.0.0.1:9001
+
+[supervisord]
+logfile=/var/log/supervisor/supervisord.log ; (main log file;default $CWD/supervisord.log)
+pidfile=/var/run/supervisord.pid ; (supervisord pidfile;default supervisord.pid)
+childlogdir=/var/log/supervisor            ; ('AUTO' child log dir, default $TEMP)
+
+; the below section must remain in the config file for RPC
+; (supervisorctl/web interface) to work, additional interfaces may be
+; added by defining them in separate rpcinterface: sections
+[rpcinterface:supervisor]
+supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
+
+[supervisorctl]
+serverurl = http://localhost:9001 ; use a unix:// URL  for a unix socket
+
+; The [include] section can just contain the "files" setting.  This
+; setting can list multiple files (separated by whitespace or
+; newlines).  It can also contain wildcards.  The filenames are
+; interpreted as relative to this file.  Included files *cannot*
+; include files themselves.
+
+[include]
+files = /etc/supervisor/conf.d/*.conf
--- a/docker-bake.hcl
+++ b/docker-bake.hcl
@ -1,169 +0,0 @@
-variable "TAG" {
-    default = ""
-}
-
-variable "SHORTER_TAG" {
-    default = ""
-}
-
-variable "SHORTEST_TAG" {
-    default = ""
-}
-
-variable "PULL_TAG" {
-    default = ""
-}
-
-variable "COMPANY_NAME" {
-    default = ""
-}
-
-variable "PREFIX_NAME" {
-    default = ""
-}
-
-variable "PRODUCT_EDITION" {
-    default = ""
-}
-
-variable "PRODUCT_NAME" {
-    default = ""
-}
-
-variable "PACKAGE_VERSION" {
-    default = ""
-}
-
-variable "DOCKERFILE" {
-    default = ""
-}
-
-variable "PLATFORM" {
-    default = ""
-}
-
-variable "PACKAGE_BASEURL" {
-    default = ""
-}
-
-variable "PACKAGE_FILE" {
-    default = ""
-}
-
-variable "BUILD_CHANNEL" {
-    default = ""
-}
-
-variable "PUSH_MAJOR" {
-    default = "false"
-}
-
-variable "LATEST" {
-    default = "false"
-}
-
-### ↓ Variables for UCS build ↓
-
-variable "BASE_VERSION" {
-    default     = ""
-}
-
-variable "PG_VERSION" {
-    default     = ""
-}
-
-variable "UCS_REBUILD" {
-    default = ""
-}
-
-variable "UCS_PREFIX" {
-    default = ""
-}
-
-### ↑ Variables for UCS build ↑
-
-target "documentserver" {
-    target = "documentserver"
-    dockerfile = "${DOCKERFILE}"
-    tags = [
-           "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}",
-           equal("nightly",BUILD_CHANNEL) ? "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:latest": "",
-           ]
-    platforms = ["${PLATFORM}"]
-    args = {
-        "COMPANY_NAME": "${COMPANY_NAME}"
-        "PRODUCT_NAME": "${PRODUCT_NAME}"
-        "PRODUCT_EDITION": "${PRODUCT_EDITION}"
-        "PACKAGE_VERSION": "${PACKAGE_VERSION}"
-        "PACKAGE_BASEURL": "${PACKAGE_BASEURL}"
-        "PLATFORM": "${PLATFORM}"
-    }
-}
-
-target "documentserver-stable" {
-    target = "documentserver-stable"
-    dockerfile = "production.dockerfile"
-    tags = ["docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}",
-            "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${SHORTER_TAG}",
-            "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${SHORTEST_TAG}",
-            "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:latest",
-            equal("-ee",PRODUCT_EDITION) ? "docker.io/${COMPANY_NAME}4enterprise/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}": "",]
-    platforms = ["linux/amd64", "linux/arm64"]
-    args = {
-        "PULL_TAG": "${PULL_TAG}"
-        "COMPANY_NAME": "${COMPANY_NAME}"
-        "PRODUCT_NAME": "${PRODUCT_NAME}"
-        "PRODUCT_EDITION": "${PRODUCT_EDITION}"
-    }
-}
-
-target "documentserver-ucs" {
-    target = "documentserver"
-    dockerfile = "${DOCKERFILE}"
-    tags = [
-           "docker.io/${COMPANY_NAME}/${PRODUCT_NAME}${PRODUCT_EDITION}-ucs:${TAG}"
-           ]
-    platforms = ["linux/amd64", "linux/arm64"]
-    args = {
-        "PRODUCT_EDITION": "${PRODUCT_EDITION}"
-        "PRODUCT_NAME": "${PRODUCT_NAME}"
-        "COMPANY_NAME": "${COMPANY_NAME}"
-        "PACKAGE_VERSION": "${PACKAGE_VERSION}"
-        "PACKAGE_BASEURL": "${PACKAGE_BASEURL}"
-        "BASE_VERSION": "${BASE_VERSION}"
-        "PG_VERSION": "${PG_VERSION}"
-    }
-}
-
-target "documentserver-nonexample" {
-    target = "documentserver-nonexample"
-    dockerfile = "production.dockerfile"
-    tags = [ "docker.io/${COMPANY_NAME}/${PRODUCT_NAME}${PREFIX_NAME}${PRODUCT_EDITION}:${TAG}-nonexample" ]
-    platforms = ["linux/amd64", "linux/arm64"]
-    args = {
-        "PULL_TAG": "${PULL_TAG}"
-        "COMPANY_NAME": "${COMPANY_NAME}"
-        "PRODUCT_NAME": "${PRODUCT_NAME}"
-        "PRODUCT_EDITION": "${PRODUCT_EDITION}"
-    } 
-}
-
-target "documentserver-stable-rebuild" {
-    target = "documentserver-stable-rebuild"
-    dockerfile = "production.dockerfile"
-    tags = equal("true",UCS_REBUILD) ? ["docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}-ucs:${TAG}",] : [
-                                        "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}",
-                equal("",PREFIX_NAME) ? "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${SHORTER_TAG}": "",
-             equal("true",PUSH_MAJOR) ? "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${SHORTEST_TAG}": "",
-                equal("",PREFIX_NAME) && equal("true",LATEST) ? "docker.io/${COMPANY_NAME}/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:latest": "",
-         equal("-ee",PRODUCT_EDITION) && equal("",PREFIX_NAME) ? "docker.io/${COMPANY_NAME}4enterprise/${PREFIX_NAME}${PRODUCT_NAME}${PRODUCT_EDITION}:${TAG}": "",
-                                 ]
-    platforms = ["linux/amd64", "linux/arm64"]
-    args = {
-        "UCS_PREFIX": "${UCS_PREFIX}"
-        "PULL_TAG": "${PULL_TAG}"
-        "COMPANY_NAME": "${COMPANY_NAME}"
-        "PRODUCT_NAME": "${PRODUCT_NAME}"
-        "PRODUCT_EDITION": "${PRODUCT_EDITION}"
-    }
-}
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -1,3 +1,4 @@
+version: '2'
 services:
  onlyoffice-documentserver:
    build:
@ -40,7 +41,7 @@ services:

  onlyoffice-postgresql:
    container_name: onlyoffice-postgresql
-    image: postgres:12
+    image: postgres:9.5
    environment:
      - POSTGRES_DB=onlyoffice
      - POSTGRES_USER=onlyoffice
--- a/hooks/build
+++ b/hooks/build
@ -0,0 +1,5 @@
+#!/bin/bash
+
+sed -i '/trap clean_exit SIGTERM/s/^/#/' run-document-server.sh
+
+docker build -t $IMAGE_NAME .
--- a/hooks/post_push
+++ b/hooks/post_push
@ -0,0 +1,7 @@
+#!/bin/bash
+
+NEW_TAG=6.4.2
+NEW_IMAGE_NAME=$DOCKER_REPO:$NEW_TAG
+
+docker tag $IMAGE_NAME $NEW_IMAGE_NAME
+docker push $NEW_IMAGE_NAME
--- a/hooks/push
+++ b/hooks/push
@ -0,0 +1,3 @@
+#!/bin/bash
+
+docker push $IMAGE_NAME
--- a/oracle/sqlplus
+++ b/oracle/sqlplus
@ -1,6 +0,0 @@
-#!/bin/sh
-
-CLIENTDIR=/usr/share/instantclient
-export LD_LIBRARY_PATH=$CLIENTDIR
-$CLIENTDIR/sqlplus $@
-
--- a/production.dockerfile
+++ b/production.dockerfile
@ -1,33 +0,0 @@
-### Arguments avavlivable only for FROM instruction ### 
-ARG PULL_TAG=latest
-ARG COMPANY_NAME=onlyoffice
-ARG PRODUCT_EDITION=
-### Rebuild arguments
-ARG UCS_PREFIX=
-ARG IMAGE=${COMPANY_NAME}/documentserver${PRODUCT_EDITION}${UCS_PREFIX}:${PULL_TAG}
-
-### Build main-release ###
-
-FROM ${COMPANY_NAME}/4testing-documentserver${PRODUCT_EDITION}:${PULL_TAG} as documentserver-stable
-
-### Rebuild stable images with secure updates 
-FROM ${IMAGE} as documentserver-stable-rebuild
-RUN    echo "This is rebuild" \
-    && apt-get update -y \
-    && apt-get upgrade -y
-
-### Build nonexample ###
- 
-FROM ${COMPANY_NAME}/documentserver${PRODUCT_EDITION}:${PULL_TAG} as documentserver-nonexample
-
-ARG COMPANY_NAME=onlyoffice
-ARG PRODUCT_NAME=documentserver
-ARG DS_SUPERVISOR_CONF=/etc/supervisor/conf.d/ds.conf
-
-### Remove all documentserver-example data ###
-
-RUN    rm -rf /var/www/$COMPANY_NAME/$PRODUCT_NAME-example \
-    && rm -rf /etc/$COMPANY_NAME/$PRODUCT_NAME-example \
-    && rm -f $DS_SUPERVISOR_CONF \ 
-    && rm -f /etc/nginx/includes/ds-example.conf \
-    && ln -s /etc/$COMPANY_NAME/$PRODUCT_NAME/supervisor/ds.conf  $DS_SUPERVISOR_CONF 
--- a/run-document-server.sh
+++ b/run-document-server.sh
@ -1,22 +1,10 @@
 #!/bin/bash

-umask 0022
-
-start_process() {
-  "$@" &
-  CHILD=$!; wait "$CHILD"; CHILD="";
-}
-
 function clean_exit {
-  [[ -z "$CHILD" ]] || kill -s SIGTERM "$CHILD" 2>/dev/null
-  if [ ${ONLYOFFICE_DATA_CONTAINER} == "false" ] && \
-  [ ${ONLYOFFICE_DATA_CONTAINER_HOST} == "localhost" ]; then
-    /usr/bin/documentserver-prepare4shutdown.sh
-  fi
-  exit
+  /usr/bin/documentserver-prepare4shutdown.sh
 }

-trap clean_exit SIGTERM SIGQUIT SIGABRT SIGINT
+trap clean_exit SIGTERM

 # Define '**' behavior explicitly
 shopt -s globstar
@ -30,9 +18,7 @@ DS_LOG_DIR="${LOG_DIR}/documentserver"
 LIB_DIR="/var/lib/${COMPANY_NAME}"
 DS_LIB_DIR="${LIB_DIR}/documentserver"
 CONF_DIR="/etc/${COMPANY_NAME}/documentserver"
-SUPERVISOR_CONF_DIR="/etc/supervisor/conf.d"
 IS_UPGRADE="false"
-PLUGINS_ENABLED=${PLUGINS_ENABLED:-true}

 ONLYOFFICE_DATA_CONTAINER=${ONLYOFFICE_DATA_CONTAINER:-false}
 ONLYOFFICE_DATA_CONTAINER_HOST=${ONLYOFFICE_DATA_CONTAINER_HOST:-localhost}
@ -51,43 +37,17 @@ if [ "${RELEASE_DATE}" != "${PREV_RELEASE_DATE}" ]; then
  fi
 fi

-SSL_CERTIFICATES_DIR="/usr/share/ca-certificates/ds"
-mkdir -p ${SSL_CERTIFICATES_DIR}
-if find "${DATA_DIR}/certs" -type f \( -name "*.crt" -o -name "*.pem" \) -print -quit >/dev/null 2>&1; then
-  cp -f ${DATA_DIR}/certs/* ${SSL_CERTIFICATES_DIR}
-  chmod 644 ${SSL_CERTIFICATES_DIR}/*.{crt,pem} 2>/dev/null
-  chmod 400 ${SSL_CERTIFICATES_DIR}/*.key 2>/dev/null
-fi
-
-if [[ -z $SSL_CERTIFICATE_PATH ]] && [[ -f ${SSL_CERTIFICATES_DIR}/${COMPANY_NAME}.crt ]]; then
-  SSL_CERTIFICATE_PATH=${SSL_CERTIFICATES_DIR}/${COMPANY_NAME}.crt
+SSL_CERTIFICATES_DIR="${DATA_DIR}/certs"
+if [[ -z $SSL_CERTIFICATE_PATH ]] && [[ -f ${SSL_CERTIFICATES_DIR}/onlyoffice.crt ]]; then
+  SSL_CERTIFICATE_PATH=${SSL_CERTIFICATES_DIR}/onlyoffice.crt
 else
  SSL_CERTIFICATE_PATH=${SSL_CERTIFICATE_PATH:-${SSL_CERTIFICATES_DIR}/tls.crt}
 fi
-if [[ -z $SSL_KEY_PATH ]] && [[ -f ${SSL_CERTIFICATES_DIR}/${COMPANY_NAME}.key ]]; then
-  SSL_KEY_PATH=${SSL_CERTIFICATES_DIR}/${COMPANY_NAME}.key
+if [[ -z $SSL_KEY_PATH ]] && [[ -f ${SSL_CERTIFICATES_DIR}/onlyoffice.key ]]; then
+  SSL_KEY_PATH=${SSL_CERTIFICATES_DIR}/onlyoffice.key
 else
  SSL_KEY_PATH=${SSL_KEY_PATH:-${SSL_CERTIFICATES_DIR}/tls.key}
 fi
-
-#When set, the well known "root" CAs will be extended with the extra certificates in file
-NODE_EXTRA_CA_CERTS=${NODE_EXTRA_CA_CERTS:-${SSL_CERTIFICATES_DIR}/extra-ca-certs.pem}
-if [[ -f ${NODE_EXTRA_CA_CERTS} ]]; then
-  NODE_EXTRA_ENVIRONMENT="${NODE_EXTRA_CA_CERTS}"
-elif [[ -f ${SSL_CERTIFICATE_PATH} ]]; then
-  SSL_CERTIFICATE_SUBJECT=$(openssl x509 -subject -noout -in "${SSL_CERTIFICATE_PATH}" | sed 's/subject=//')
-  SSL_CERTIFICATE_ISSUER=$(openssl x509 -issuer -noout -in "${SSL_CERTIFICATE_PATH}" | sed 's/issuer=//')
-
-  #Add self-signed certificate to trusted list for validating Docs requests to the test example 
-  if [[ -n $SSL_CERTIFICATE_SUBJECT && $SSL_CERTIFICATE_SUBJECT == $SSL_CERTIFICATE_ISSUER ]]; then
-    NODE_EXTRA_ENVIRONMENT="${SSL_CERTIFICATE_PATH}"
-  fi
-fi
-
-if [[ -n $NODE_EXTRA_ENVIRONMENT ]]; then
-  sed -i "s|^environment=.*$|&,NODE_EXTRA_CA_CERTS=${NODE_EXTRA_ENVIRONMENT}|" /etc/supervisor/conf.d/*.conf
-fi
-
 CA_CERTIFICATES_PATH=${CA_CERTIFICATES_PATH:-${SSL_CERTIFICATES_DIR}/ca-certificates.pem}
 SSL_DHPARAM_PATH=${SSL_DHPARAM_PATH:-${SSL_CERTIFICATES_DIR}/dhparam.pem}
 SSL_VERIFY_CLIENT=${SSL_VERIFY_CLIENT:-off}
@ -104,33 +64,18 @@ NGINX_ONLYOFFICE_EXAMPLE_CONF="${NGINX_ONLYOFFICE_EXAMPLE_PATH}/includes/ds-exam

 NGINX_CONFIG_PATH="/etc/nginx/nginx.conf"
 NGINX_WORKER_PROCESSES=${NGINX_WORKER_PROCESSES:-1}
-# Limiting the maximum number of simultaneous connections due to possible memory shortage
-LIMIT=$(ulimit -n); [ $LIMIT -gt 1048576 ] && LIMIT=1048576
-NGINX_WORKER_CONNECTIONS=${NGINX_WORKER_CONNECTIONS:-$LIMIT}
-RABBIT_CONNECTIONS=${RABBIT_CONNECTIONS:-$LIMIT}
+NGINX_WORKER_CONNECTIONS=${NGINX_WORKER_CONNECTIONS:-$(ulimit -n)}

-JWT_ENABLED=${JWT_ENABLED:-true}
-
-# validate user's vars before usinig in json
-if [ "${JWT_ENABLED}" == "true" ]; then
-  JWT_ENABLED="true"
-else
-  JWT_ENABLED="false"
-fi
-
-[ -z $JWT_SECRET ] && JWT_MESSAGE='JWT is enabled by default. A random secret is generated automatically. Run the command "docker exec $(sudo docker ps -q) sudo documentserver-jwt-status.sh" to get information about JWT.'
-
-JWT_SECRET=${JWT_SECRET:-$(pwgen -s 32)}
+JWT_ENABLED=${JWT_ENABLED:-false}
+JWT_SECRET=${JWT_SECRET:-secret}
 JWT_HEADER=${JWT_HEADER:-Authorization}
 JWT_IN_BODY=${JWT_IN_BODY:-false}

 WOPI_ENABLED=${WOPI_ENABLED:-false}
-ALLOW_META_IP_ADDRESS=${ALLOW_META_IP_ADDRESS:-false}
-ALLOW_PRIVATE_IP_ADDRESS=${ALLOW_PRIVATE_IP_ADDRESS:-false}

 GENERATE_FONTS=${GENERATE_FONTS:-true}

-if [[ ${PRODUCT_NAME}${PRODUCT_EDITION} == "documentserver" ]]; then
+if [[ ${PRODUCT_NAME} == "documentserver" ]]; then
  REDIS_ENABLED=false
 else
  REDIS_ENABLED=true
@ -184,15 +129,6 @@ read_setting(){
    "mariadb"|"mysql")
      DB_PORT=${DB_PORT:-"3306"}
      ;;
-    "dameng")
-      DB_PORT=${DB_PORT:-"5236"}
-      ;;
-    "mssql")
-      DB_PORT=${DB_PORT:-"1433"}
-      ;;
-    "oracle")
-      DB_PORT=${DB_PORT:-"1521"}
-      ;;
    "")
      DB_PORT=${DB_PORT:-${POSTGRESQL_SERVER_PORT:-$(${JSON} services.CoAuthoring.sql.dbPort)}}
      ;;
@ -244,7 +180,7 @@ parse_rabbitmq_url(){
  # extract the host
  local hostport="$(echo ${url/$userpass@/} | cut -d/ -f1)"
  # by request - try to extract the port
-  local port="$(echo $hostport | grep : | sed -r 's_^.*:+|/.*$__g')"
+  local port="$(echo $hostport | sed -e 's,^.*:,:,g' -e 's,.*:\([0-9]*\).*,\1,g' -e 's,[^0-9],,g')"

  local host
  if [ -n "$port" ]; then
@ -271,31 +207,8 @@ waiting_for_connection(){
  done
 }

-waiting_for_db_ready(){
-  case $DB_TYPE in
-    "oracle")
-      PDB="XEPDB1"
-      ORACLE_SQL="sqlplus $DB_USER/$DB_PWD@//$DB_HOST:$DB_PORT/$PDB"
-      DB_TEST="echo \"SELECT version FROM V\$INSTANCE;\" | $ORACLE_SQL 2>/dev/null | grep \"Connected\" | wc -l"
-      ;;
-    *)
-      return
-      ;;
-  esac
-
-  for (( i=1; i <= 10; i++ )); do
-    RES=$(eval $DB_TEST)
-    if [ "$RES" -ne "0" ]; then
-      echo "Database is ready"
-      break
-    fi
-    sleep 5
-  done
-}
-
 waiting_for_db(){
  waiting_for_connection $DB_HOST $DB_PORT
-  waiting_for_db_ready
 }

 waiting_for_amqp(){
@ -315,7 +228,6 @@ update_statsd_settings(){
  ${JSON} -I -e "this.statsd.host = '${METRICS_HOST}'"
  ${JSON} -I -e "this.statsd.port = '${METRICS_PORT}'"
  ${JSON} -I -e "this.statsd.prefix = '${METRICS_PREFIX}'"
-  sed -i -E "s/(autostart|autorestart)=.*$/\1=${METRICS_ENABLED}/g" ${SUPERVISOR_CONF_DIR}/ds-metrics.conf
 }

 update_db_settings(){
@ -372,65 +284,41 @@ update_rabbitmq_setting(){
 }

 update_redis_settings(){
-  ${JSON} -I -e "if(this.services.CoAuthoring.redis===undefined)this.services.CoAuthoring.redis={};"
  ${JSON} -I -e "this.services.CoAuthoring.redis.host = '${REDIS_SERVER_HOST}'"
  ${JSON} -I -e "this.services.CoAuthoring.redis.port = '${REDIS_SERVER_PORT}'"
-
-  if [ -n "${REDIS_SERVER_PASS}" ]; then
-    ${JSON} -I -e "this.services.CoAuthoring.redis.options = {'password':'${REDIS_SERVER_PASS}'}"
-  fi
-
 }

 update_ds_settings(){
-  ${JSON} -I -e "this.services.CoAuthoring.token.enable.browser = ${JWT_ENABLED}"
-  ${JSON} -I -e "this.services.CoAuthoring.token.enable.request.inbox = ${JWT_ENABLED}"
-  ${JSON} -I -e "this.services.CoAuthoring.token.enable.request.outbox = ${JWT_ENABLED}"
+  if [ "${JWT_ENABLED}" == "true" ]; then
+    ${JSON} -I -e "this.services.CoAuthoring.token.enable.browser = ${JWT_ENABLED}"
+    ${JSON} -I -e "this.services.CoAuthoring.token.enable.request.inbox = ${JWT_ENABLED}"
+    ${JSON} -I -e "this.services.CoAuthoring.token.enable.request.outbox = ${JWT_ENABLED}"

-  ${JSON} -I -e "this.services.CoAuthoring.secret.inbox.string = '${JWT_SECRET}'"
-  ${JSON} -I -e "this.services.CoAuthoring.secret.outbox.string = '${JWT_SECRET}'"
-  ${JSON} -I -e "this.services.CoAuthoring.secret.session.string = '${JWT_SECRET}'"
+    ${JSON} -I -e "this.services.CoAuthoring.secret.inbox.string = '${JWT_SECRET}'"
+    ${JSON} -I -e "this.services.CoAuthoring.secret.outbox.string = '${JWT_SECRET}'"
+    ${JSON} -I -e "this.services.CoAuthoring.secret.session.string = '${JWT_SECRET}'"

-  ${JSON} -I -e "this.services.CoAuthoring.token.inbox.header = '${JWT_HEADER}'"
-  ${JSON} -I -e "this.services.CoAuthoring.token.outbox.header = '${JWT_HEADER}'"
+    ${JSON} -I -e "this.services.CoAuthoring.token.inbox.header = '${JWT_HEADER}'"
+    ${JSON} -I -e "this.services.CoAuthoring.token.outbox.header = '${JWT_HEADER}'"

-  ${JSON} -I -e "this.services.CoAuthoring.token.inbox.inBody = ${JWT_IN_BODY}"
-  ${JSON} -I -e "this.services.CoAuthoring.token.outbox.inBody = ${JWT_IN_BODY}"
+    ${JSON} -I -e "this.services.CoAuthoring.token.inbox.inBody = ${JWT_IN_BODY}"
+    ${JSON} -I -e "this.services.CoAuthoring.token.outbox.inBody = ${JWT_IN_BODY}"

-  if [ -f "${ONLYOFFICE_EXAMPLE_CONFIG}" ]; then
-    ${JSON_EXAMPLE} -I -e "this.server.token.enable = ${JWT_ENABLED}"
-    ${JSON_EXAMPLE} -I -e "this.server.token.secret = '${JWT_SECRET}'"
-    ${JSON_EXAMPLE} -I -e "this.server.token.authorizationHeader = '${JWT_HEADER}'"
+    if [ -f "${ONLYOFFICE_EXAMPLE_CONFIG}" ] && [ "${JWT_ENABLED}" == "true" ]; then
+      ${JSON_EXAMPLE} -I -e "this.server.token.enable = ${JWT_ENABLED}"
+      ${JSON_EXAMPLE} -I -e "this.server.token.secret = '${JWT_SECRET}'"
+      ${JSON_EXAMPLE} -I -e "this.server.token.authorizationHeader = '${JWT_HEADER}'"
+    fi
  fi
- 
+
  if [ "${USE_UNAUTHORIZED_STORAGE}" == "true" ]; then
    ${JSON} -I -e "if(this.services.CoAuthoring.requestDefaults===undefined)this.services.CoAuthoring.requestDefaults={}"
    ${JSON} -I -e "if(this.services.CoAuthoring.requestDefaults.rejectUnauthorized===undefined)this.services.CoAuthoring.requestDefaults.rejectUnauthorized=false"
  fi

-  WOPI_PRIVATE_KEY="${DATA_DIR}/wopi_private.key"
-  WOPI_PUBLIC_KEY="${DATA_DIR}/wopi_public.key"
-
-  [ ! -f "${WOPI_PRIVATE_KEY}" ] && echo -n "Generating WOPI private key..." && openssl genpkey -algorithm RSA -outform PEM -out "${WOPI_PRIVATE_KEY}" >/dev/null 2>&1 && echo "Done"
-  [ ! -f "${WOPI_PUBLIC_KEY}" ] && echo -n "Generating WOPI public key..." && openssl rsa -RSAPublicKey_out -in "${WOPI_PRIVATE_KEY}" -outform "MS PUBLICKEYBLOB" -out "${WOPI_PUBLIC_KEY}" >/dev/null 2>&1  && echo "Done"
-  WOPI_MODULUS=$(openssl rsa -pubin -inform "MS PUBLICKEYBLOB" -modulus -noout -in "${WOPI_PUBLIC_KEY}" | sed 's/Modulus=//' | xxd -r -p | openssl base64 -A)
-  WOPI_EXPONENT=$(openssl rsa -pubin -inform "MS PUBLICKEYBLOB" -text -noout -in "${WOPI_PUBLIC_KEY}" | grep -oP '(?<=Exponent: )\d+')
-  
-  ${JSON} -I -e "if(this.wopi===undefined)this.wopi={};"
-  ${JSON} -I -e "this.wopi.enable = ${WOPI_ENABLED}"
-  ${JSON} -I -e "this.wopi.privateKey = '$(awk '{printf "%s\\n", $0}' ${WOPI_PRIVATE_KEY})'"
-  ${JSON} -I -e "this.wopi.privateKeyOld = '$(awk '{printf "%s\\n", $0}' ${WOPI_PRIVATE_KEY})'"
-  ${JSON} -I -e "this.wopi.publicKey = '$(openssl base64 -in ${WOPI_PUBLIC_KEY} -A)'"
-  ${JSON} -I -e "this.wopi.publicKeyOld = '$(openssl base64 -in ${WOPI_PUBLIC_KEY} -A)'"
-  ${JSON} -I -e "this.wopi.modulus = '${WOPI_MODULUS}'"
-  ${JSON} -I -e "this.wopi.modulusOld = '${WOPI_MODULUS}'"
-  ${JSON} -I -e "this.wopi.exponent = ${WOPI_EXPONENT}"
-  ${JSON} -I -e "this.wopi.exponentOld = ${WOPI_EXPONENT}"
-
-  if [ "${ALLOW_META_IP_ADDRESS}" = "true" ] || [ "${ALLOW_PRIVATE_IP_ADDRESS}" = "true" ]; then
-    ${JSON} -I -e "if(this.services.CoAuthoring['request-filtering-agent']===undefined)this.services.CoAuthoring['request-filtering-agent']={}"
-    [ "${ALLOW_META_IP_ADDRESS}" = "true" ] && ${JSON} -I -e "this.services.CoAuthoring['request-filtering-agent'].allowMetaIPAddress = true"
-    [ "${ALLOW_PRIVATE_IP_ADDRESS}" = "true" ] && ${JSON} -I -e "this.services.CoAuthoring['request-filtering-agent'].allowPrivateIPAddress = true"
+  if [ "${WOPI_ENABLED}" == "true" ]; then
+    ${JSON} -I -e "if(this.wopi===undefined)this.wopi={}"
+    ${JSON} -I -e "this.wopi.enable = true"
  fi
 }

@ -446,14 +334,9 @@ create_postgresql_cluster(){
 }

 create_postgresql_db(){
+  sudo -u postgres psql -c "CREATE DATABASE $DB_NAME;"
  sudo -u postgres psql -c "CREATE USER $DB_USER WITH password '"$DB_PWD"';"
-  sudo -u postgres psql -c "CREATE DATABASE $DB_NAME OWNER $DB_USER;"
-}
-
-create_mssql_db(){
-  MSSQL="/opt/mssql-tools18/bin/sqlcmd -S $DB_HOST,$DB_PORT"
-
-  $MSSQL -U $DB_USER -P "$DB_PWD" -C -Q "IF NOT EXISTS (SELECT * FROM sys.databases WHERE name = '$DB_NAME') BEGIN CREATE DATABASE $DB_NAME; END"
+  sudo -u postgres psql -c "GRANT ALL privileges ON DATABASE $DB_NAME TO $DB_USER;"
 }

 create_db_tbl() {
@ -464,12 +347,6 @@ create_db_tbl() {
    "mariadb"|"mysql")
      create_mysql_tbl
    ;;
-    "mssql")
-      create_mssql_tbl
-    ;;
-    "oracle")
-      create_oracle_tbl
-    ;;
  esac
 }

@ -481,12 +358,6 @@ upgrade_db_tbl() {
    "mariadb"|"mysql")
      upgrade_mysql_tbl
    ;;
-    "mssql")
-      upgrade_mssql_tbl
-    ;;
-    "oracle")
-      upgrade_oracle_tbl
-    ;;
  esac
 }

@ -509,22 +380,6 @@ upgrade_mysql_tbl() {
  $MYSQL $DB_NAME < "$APP_DIR/server/schema/mysql/createdb.sql" >/dev/null 2>&1
 }

-upgrade_mssql_tbl() {
-  CONN_PARAMS="-U $DB_USER -P "$DB_PWD" -C"
-  MSSQL="/opt/mssql-tools18/bin/sqlcmd -S $DB_HOST,$DB_PORT $CONN_PARAMS"
-
-  $MSSQL < "$APP_DIR/server/schema/mssql/removetbl.sql" >/dev/null 2>&1
-  $MSSQL < "$APP_DIR/server/schema/mssql/createdb.sql" >/dev/null 2>&1
-}
-
-upgrade_oracle_tbl() {
-  PDB="XEPDB1"
-  ORACLE_SQL="sqlplus $DB_USER/$DB_PWD@//$DB_HOST:$DB_PORT/$PDB"
-
-  $ORACLE_SQL @$APP_DIR/server/schema/oracle/removetbl.sql >/dev/null 2>&1
-  $ORACLE_SQL @$APP_DIR/server/schema/oracle/createdb.sql >/dev/null 2>&1
-}
-
 create_postgresql_tbl() {
  if [ -n "$DB_PWD" ]; then
    export PGPASSWORD=$DB_PWD
@ -544,36 +399,15 @@ create_mysql_tbl() {
  $MYSQL $DB_NAME < "$APP_DIR/server/schema/mysql/createdb.sql" >/dev/null 2>&1
 }

-create_mssql_tbl() {  
-  create_mssql_db
-
-  CONN_PARAMS="-U $DB_USER -P "$DB_PWD" -C"
-  MSSQL="/opt/mssql-tools18/bin/sqlcmd -S $DB_HOST,$DB_PORT $CONN_PARAMS"
-
-  $MSSQL < "$APP_DIR/server/schema/mssql/createdb.sql" >/dev/null 2>&1
-}
-
-create_oracle_tbl() {
-  PDB="XEPDB1"
-  ORACLE_SQL="sqlplus $DB_USER/$DB_PWD@//$DB_HOST:$DB_PORT/$PDB"
-
-  $ORACLE_SQL @$APP_DIR/server/schema/oracle/createdb.sql >/dev/null 2>&1
-}
-
 update_welcome_page() {
  WELCOME_PAGE="${APP_DIR}-example/welcome/docker.html"
  if [[ -e $WELCOME_PAGE ]]; then
    DOCKER_CONTAINER_ID=$(basename $(cat /proc/1/cpuset))
-    (( ${#DOCKER_CONTAINER_ID} < 12 )) && DOCKER_CONTAINER_ID=$(hostname)
-    if (( ${#DOCKER_CONTAINER_ID} >= 12 )); then
-      if [[ -x $(command -v docker) ]]; then
-        DOCKER_CONTAINER_NAME=$(docker inspect --format="{{.Name}}" $DOCKER_CONTAINER_ID)
-        sed 's/$(sudo docker ps -q)/'"${DOCKER_CONTAINER_NAME#/}"'/' -i $WELCOME_PAGE
-        JWT_MESSAGE=$(echo $JWT_MESSAGE | sed 's/$(sudo docker ps -q)/'"${DOCKER_CONTAINER_NAME#/}"'/')
-      else
-        sed 's/$(sudo docker ps -q)/'"${DOCKER_CONTAINER_ID::12}"'/' -i $WELCOME_PAGE
-        JWT_MESSAGE=$(echo $JWT_MESSAGE | sed 's/$(sudo docker ps -q)/'"${DOCKER_CONTAINER_ID::12}"'/')
-      fi
+    if [[ -x $(command -v docker) ]]; then
+      DOCKER_CONTAINER_NAME=$(docker inspect --format="{{.Name}}" $DOCKER_CONTAINER_ID)
+      sed 's/$(sudo docker ps -q)/'"${DOCKER_CONTAINER_NAME#/}"'/' -i $WELCOME_PAGE
+    else
+      sed 's/$(sudo docker ps -q)/'"${DOCKER_CONTAINER_ID::12}"'/' -i $WELCOME_PAGE
    fi
  fi
 }
@ -625,8 +459,13 @@ update_nginx_settings(){
  if [ -f "${NGINX_ONLYOFFICE_EXAMPLE_CONF}" ]; then
    sed 's/linux/docker/' -i ${NGINX_ONLYOFFICE_EXAMPLE_CONF}
  fi
+}

-  start_process documentserver-update-securelink.sh -s ${SECURE_LINK_SECRET:-$(pwgen -s 20)} -r false
+update_supervisor_settings(){
+  # Copy modified supervisor start script
+  cp ${SYSCONF_TEMPLATES_DIR}/supervisor/supervisor /etc/init.d/
+  # Copy modified supervisor config
+  cp ${SYSCONF_TEMPLATES_DIR}/supervisor/supervisord.conf /etc/supervisor/supervisord.conf
 }

 update_log_settings(){
@ -655,7 +494,7 @@ for i in ${DS_LIB_DIR}/App_Data/cache/files ${DS_LIB_DIR}/App_Data/docbuilder ${
 done

 # change folder rights
-for i in ${DS_LOG_DIR} ${DS_LOG_DIR}-example ${LIB_DIR}; do
+for i in ${LOG_DIR} ${LIB_DIR} ${DATA_DIR}; do
  chown -R ds:ds "$i"
  chmod -R 755 "$i"
 done
@ -702,8 +541,6 @@ if [ ${ONLYOFFICE_DATA_CONTAINER_HOST} = "localhost" ]; then
        chmod 400 ${RABBITMQ_DATA}/.erlang.cookie
    fi

-    echo "ulimit -n $RABBIT_CONNECTIONS" >> /etc/default/rabbitmq-server
-
    LOCAL_SERVICES+=("rabbitmq-server")
    # allow Rabbitmq startup after container kill
    rm -rf /var/run/rabbitmq
@ -731,8 +568,6 @@ else
  update_welcome_page
 fi

-find /etc/${COMPANY_NAME} ! -path '*logrotate*' -exec chown ds:ds {} \;
-
 #start needed local services
 for i in ${LOCAL_SERVICES[@]}; do
  service $i start
@ -756,7 +591,8 @@ if [ ${ONLYOFFICE_DATA_CONTAINER} != "true" ]; then
  fi

  update_nginx_settings
-  
+
+  update_supervisor_settings
  service supervisor start
  
  # start cron to enable log rotating
@ -764,32 +600,21 @@ if [ ${ONLYOFFICE_DATA_CONTAINER} != "true" ]; then
  service cron start
 fi

-# Fix to resolve the `unknown "cache_tag" variable` error
-start_process documentserver-flush-cache.sh -r false
-
 # nginx used as a proxy, and as data container status service.
 # it run in all cases.
 service nginx start

 if [ "${LETS_ENCRYPT_DOMAIN}" != "" -a "${LETS_ENCRYPT_MAIL}" != "" ]; then
  if [ ! -f "${SSL_CERTIFICATE_PATH}" -a ! -f "${SSL_KEY_PATH}" ]; then
-    start_process documentserver-letsencrypt.sh ${LETS_ENCRYPT_MAIL} ${LETS_ENCRYPT_DOMAIN}
+    documentserver-letsencrypt.sh ${LETS_ENCRYPT_MAIL} ${LETS_ENCRYPT_DOMAIN}
  fi
 fi

 # Regenerate the fonts list and the fonts thumbnails
 if [ "${GENERATE_FONTS}" == "true" ]; then
-  start_process documentserver-generate-allfonts.sh ${ONLYOFFICE_DATA_CONTAINER}
+  documentserver-generate-allfonts.sh ${ONLYOFFICE_DATA_CONTAINER}
 fi
+documentserver-static-gzip.sh ${ONLYOFFICE_DATA_CONTAINER}

-if [ "${PLUGINS_ENABLED}" = "true" ]; then
-  echo -n Installing plugins, please wait...
-  start_process documentserver-pluginsmanager.sh -r false --update=\"${APP_DIR}/sdkjs-plugins/plugin-list-default.json\" >/dev/null
-  echo Done
-fi
-
-start_process documentserver-static-gzip.sh ${ONLYOFFICE_DATA_CONTAINER}
-
-echo "${JWT_MESSAGE}" 
-
-start_process tail -f /var/log/${COMPANY_NAME}/**/*.log
+tail -f /var/log/${COMPANY_NAME}/**/*.log &
+wait $!
--- a/tests/damengdb/.env
+++ b/tests/damengdb/.env
@ -1 +0,0 @@
-VERSION=latest
--- a/tests/damengdb/README.md
+++ b/tests/damengdb/README.md
@ -1,19 +0,0 @@
-## Stand Documentserver with damengdb
-
-### How it works
-
-For deploy stand, you need:
-
-**STEP 1**: Build you own images, do it with command:
-   
-```bash
-docker compose build
-```
-
-**STEP 2**: Wait build and when it finish deploy with command:
-
-```bash
-docker compose up -d 
-```
-
-Thats all.
--- a/tests/damengdb/damengdb.Dockerfile
+++ b/tests/damengdb/damengdb.Dockerfile
@ -1,57 +0,0 @@
-FROM onlyoffice/damengdb:8.1.2 as damengdb
-
-ARG DM8_USER="SYSDBA"
-ARG DM8_PASS="SYSDBA001"
-ARG DB_HOST="localhost"
-ARG DB_PORT="5236"
-ARG DISQL_BIN="/opt/dmdbms/bin"
-
-SHELL ["/bin/bash", "-c"]
-
-COPY <<"EOF" /wait_dm_ready.sh
-#!/usr/bin/env bash
-
-function wait_dm_ready() {
-  cd /opt/dmdbms/bin
-  for i in `seq 1  10`; do
-    echo `./disql /nolog <<EOF
-CONN SYSDBA/SYSDBA001@localhost
-exit
-EOF` | grep  "connection failure" > /dev/null 2>&1
-    if [ $? -eq 0 ]; then
-      echo "DM Database is not OK, please wait..."
-      sleep 10
-    else
-      echo "DM Database is OK"
-      break
-    fi
-  done
-}
-
-wait_dm_ready
-
-EOF
-
-COPY <<"EOF" /permissions.sql
-
-CREATE SYNONYM onlyoffice.DOC_CHANGES FOR sysdba.DOC_CHANGES;
-CREATE SYNONYM onlyoffice.TASK_RESULT FOR sysdba.TASK_RESULT;
-GRANT ALL PRIVILEGES ON sysdba.DOC_CHANGES TO onlyoffice;
-GRANT ALL PRIVILEGES ON sysdba.TASK_RESULT TO onlyoffice;
-
-EOF
-
-RUN   bash /opt/startup.sh > /dev/null 2>&1 \
-   &  mkdir -p /schema/damengdb \
-   && apt update -y ; apt install wget -y \
-   && wget https://raw.githubusercontent.com/ONLYOFFICE/server/master/schema/dameng/createdb.sql -P /schema/dameng/ \
-   && bash ./wait_dm_ready.sh \
-   && cd ${DISQL_BIN} \
-   && ./disql $DM8_USER/$DM8_PASS@$DB_HOST:$DB_PORT -e \
-      "create user "onlyoffice" identified by "onlyoffice" password_policy 0;" \
-   && ./disql $DM8_USER/$DM8_PASS@$DB_HOST:$DB_PORT -e \
-      "GRANT SELECT ON DBA_TAB_COLUMNS TO onlyoffice;" \
-   && echo "EXIT" | tee -a /schema/dameng/createdb.sql \
-   && ./disql $DM8_USER/$DM8_PASS@$DB_HOST:$DB_PORT \`/schema/dameng/createdb.sql \
-   && ./disql $DM8_USER/$DM8_PASS@$DB_HOST:$DB_PORT \`/permissions.sql \
-   && sleep 10
--- a/tests/damengdb/docker-compose.yml
+++ b/tests/damengdb/docker-compose.yml
@ -1,67 +0,0 @@
-version: '2'
-services:
-  onlyoffice-documentserver:
-    build:
-      context: ../../.
-      dockerfile: Dockerfile
-      target: documentserver
-    container_name: onlyoffice-documentserver
-    depends_on:
-      - onlyoffice-dameng
-      - onlyoffice-rabbitmq
-    environment:
-      - DB_TYPE=dameng
-      - DB_HOST=onlyoffice-dameng
-      - DB_PORT=5236
-      - DB_NAME=onlyoffice
-      - DB_USER=onlyoffice
-      - AMQP_URI=amqp://guest:guest@onlyoffice-rabbitmq
-      # Costomize the JSON Web Token validation parameters if needed.
-      #- JWT_ENABLED=false
-      #- JWT_SECRET=secret
-      #- JWT_HEADER=Authorization
-      #- JWT_IN_BODY=true
-    ports:
-      - '80:80'
-      - '443:443'
-    stdin_open: true
-    restart: always
-    stop_grace_period: 60s
-    volumes:
-       - /var/www/onlyoffice/Data
-       - /var/log/onlyoffice
-       - /var/lib/onlyoffice/documentserver/App_Data/cache/files
-       - /var/www/onlyoffice/documentserver-example/public/files
-       - /usr/share/fonts
-       
-  onlyoffice-rabbitmq:
-    container_name: onlyoffice-rabbitmq
-    image: rabbitmq
-    restart: always
-    expose:
-      - '5672'
-
-  onlyoffice-dameng:
-    container_name: onlyoffice-dameng
-    build:
-      context: .
-      dockerfile: damengdb.Dockerfile
-      target: damengdb
-      args:
-        DM8_USER: SYSDBA
-        DM8_PASS: SYSDBA001
-        DB_HOST: localhost
-        DB_PORT: 5236
-    environment:
-      - PAGE_SIZE=16
-      - LD_LIBRARY_PATH=/opt/dmdbms/bin
-      - INSTANCE_NAME=dm8_01
-    restart: always
-    expose:
-      - '5236'
-    volumes:
-      - dameng_data:/opt/dmdbms/data
-
-volumes:
-  dameng_data:
-  
--- a/tests/mssql/README.md
+++ b/tests/mssql/README.md
@ -1,17 +0,0 @@
-## Stand Documentserver with mssql
-
-### How it works
-
-For deploy stand:
-
-**STEP 1**: Build you own images:
-   
-```bash
-sudo docker-compose build
-```
-
-**STEP 2**: Wait build complete and when:
-
-```bash
-sudo docker-compose up -d 
-```
--- a/tests/mssql/create_db_user.sh
+++ b/tests/mssql/create_db_user.sh
@ -1,32 +0,0 @@
-#!/bin/bash
-
-#generate SA password
-SYMBOLS='!#$%&*+,-.:;=?@^_~'
-for (( i=1; i <= 20; i++ )); do
-  PASS=$(tr -dc "A-Za-z0-9$SYMBOLS" </dev/urandom | head -c 15)
-  if [[ $PASS == *[0-9]* && 
-        $PASS != $(echo "$PASS" | tr [:upper:] ' ') && 
-        $PASS != $(echo "$PASS" | tr [:lower:] ' ') && 
-        $PASS != $(echo "$PASS" | tr "$SYMBOLS" ' ') ]]; then
-    break
-  fi
-done
-export MSSQL_SA_PASSWORD=$PASS
-
-CONNECTION_STR="/opt/mssql-tools/bin/sqlcmd -S localhost,1433 -U SA -P "$MSSQL_SA_PASSWORD" -C -Q"
-
-#start db
-/opt/mssql/bin/sqlservr &
-
-#wait for db up
-for (( i=1; i <= 10; i++ )); do
-  RES=$($CONNECTION_STR "SELECT @@VERSION;" 2>/dev/null | grep "affected" | wc -l)
-  if [ "$RES" -eq "1" ]; then
-    echo "Database is ready"
-    break
-  fi
-  sleep 10
-done
-
-#create new db user
-$CONNECTION_STR "IF NOT EXISTS (SELECT * FROM sys.sql_logins WHERE name = '$MSSQL_USER') BEGIN CREATE LOGIN $MSSQL_USER WITH PASSWORD = '$MSSQL_PASSWORD' , CHECK_POLICY = OFF; ALTER SERVER ROLE [dbcreator] ADD MEMBER [$MSSQL_USER]; END"
--- a/tests/mssql/docker-compose.yml
+++ b/tests/mssql/docker-compose.yml
@ -1,38 +0,0 @@
-version: '2.1'
-services:
-  onlyoffice-documentserver:
-    container_name: onlyoffice-documentserver
-    build:
-      context: ../../.
-      dockerfile: Dockerfile
-    depends_on:
-      - onlyoffice-mssql
-    environment:
-      - DB_TYPE=${DB_TYPE:-mssql}
-      - DB_HOST=${DB_HOST:-onlyoffice-mssql}
-      - DB_PORT=${DB_PORT:-1433}
-      - DB_NAME=${DB_NAME:-onlyoffice}
-      - DB_USER=${DB_USER:-onlyoffice}
-      - DB_PWD=${DB_PWD:-onlyoffice}
-    stdin_open: true
-    restart: always
-    ports:
-      - '80:80'
-
-  onlyoffice-mssql:
-    container_name: onlyoffice-mssql
-    build:
-      context: .
-      dockerfile: mssql.Dockerfile
-      args:
-        - MSSQL_DATABASE=${DB_NAME:-onlyoffice}
-        - MSSQL_USER=${DB_USER:-onlyoffice}
-        - MSSQL_PASSWORD=${DB_PWD:-onlyoffice}
-    restart: always
-    volumes:
-      - mssql_data:/var/opt/mssql
-    expose:
-      - '1433'
-
-volumes:
-  mssql_data:
--- a/tests/mssql/mssql.Dockerfile
+++ b/tests/mssql/mssql.Dockerfile
@ -1,9 +0,0 @@
-FROM mcr.microsoft.com/mssql/server:2022-latest as onlyoffice-mssql
-
-ENV ACCEPT_EULA=Y
-
-SHELL ["/bin/bash", "-c"]
-
-COPY create_db_user.sh /tmp/create_db_user.sh
-
-RUN bash /tmp/create_db_user.sh
--- a/tests/oracle/README.md
+++ b/tests/oracle/README.md
@ -1,17 +0,0 @@
-## Stand Documentserver with oracle
-
-### How it works
-
-For deploy stand:
-
-**STEP 1**: Build you own images:
-   
-```bash
-sudo docker-compose build
-```
-
-**STEP 2**: Wait build complete and when:
-
-```bash
-sudo docker-compose up -d 
-```
--- a/tests/oracle/create_db_user.sh
+++ b/tests/oracle/create_db_user.sh
@ -1,28 +0,0 @@
-#!/bin/bash
-
-CONNECTION_STR="sqlplus sys/$ORACLE_PASSWORD@//localhost:1521/$ORACLE_DATABASE as sysdba"
-
-export ORACLE_PWD=$ORACLE_PASSWORD
-
-#start db
-/opt/oracle/runOracle.sh &
-
-#wait for db up
-for (( i=1; i <= 20; i++ )); do
-  RES=$(echo "SELECT version FROM V\$INSTANCE;" | $CONNECTION_STR 2>/dev/null | grep "Connected" | wc -l)
-  if [ "$RES" -ne "0" ]; then
-    echo "Database is ready"
-    break
-  fi
-  sleep 10
-done
-
-sleep 1
-
-#create new db user
-$CONNECTION_STR <<EOF
-CREATE USER $ORACLE_USER IDENTIFIED BY $ORACLE_PASSWORD;
-GRANT CREATE SESSION TO $ORACLE_USER;
-GRANT CREATE TABLE TO $ORACLE_USER; 
-ALTER USER $ORACLE_USER quota unlimited on USERS;
-EOF
--- a/tests/oracle/docker-compose.yml
+++ b/tests/oracle/docker-compose.yml
@ -1,38 +0,0 @@
-version: '2.1'
-services:
-  onlyoffice-documentserver:
-    container_name: onlyoffice-documentserver
-    build:
-      context: ../../.
-      dockerfile: Dockerfile
-    depends_on:
-      - onlyoffice-oracle
-    environment:
-      - DB_TYPE=${DB_TYPE:-oracle}
-      - DB_HOST=${DB_HOST:-onlyoffice-oracle}
-      - DB_PORT=${DB_PORT:-1521}
-      - DB_NAME=${DB_NAME:-xepdb1}
-      - DB_USER=${DB_USER:-onlyoffice}
-      - DB_PWD=${DB_PWD:-onlyoffice}
-    stdin_open: true
-    restart: always
-    ports:
-      - '80:80'
-
-  onlyoffice-oracle:
-    container_name: onlyoffice-oracle
-    build:
-      context: .
-      dockerfile: oracle.Dockerfile
-      args:
-        - ORACLE_DATABASE=${DB_NAME:-xepdb1}
-        - ORACLE_USER=${DB_USER:-onlyoffice}
-        - ORACLE_PASSWORD=${DB_PWD:-onlyoffice}
-    restart: always
-    volumes:
-      - oracle_data:/opt/oracle/oradata
-    expose:
-      - '1521'
-
-volumes:
-  oracle_data:
--- a/tests/oracle/oracle.Dockerfile
+++ b/tests/oracle/oracle.Dockerfile
@ -1,15 +0,0 @@
-FROM container-registry.oracle.com/database/express:21.3.0-xe as onlyoffice-oracle
-
-ARG ORACLE_DATABASE=
-ARG ORACLE_PASSWORD=
-ARG ORACLE_USER=
-
-ENV ORACLE_DATABASE=$ORACLE_DATABASE \
-    ORACLE_PASSWORD=$ORACLE_PASSWORD \
-    ORACLE_USER=$ORACLE_USER
-
-SHELL ["/bin/bash", "-c"]
-
-COPY create_db_user.sh /tmp/create_db_user.sh
-
-RUN bash /tmp/create_db_user.sh
--- a/tests/postgres.yml
+++ b/tests/postgres.yml
@ -20,7 +20,7 @@ services:

  onlyoffice-postgresql:
    container_name: onlyoffice-postgresql
-    image: postgres:${POSTGRES_VERSION:-12}
+    image: postgres:${POSTGRES_VERSION:-9.5}
    environment:
      - POSTGRES_DB=${POSTGRES_DB:-onlyoffice}
      - POSTGRES_USER=${POSTGRES_USER:-onlyoffice}
--- a/tests/prometheus.yml
+++ b/tests/prometheus.yml
@ -1,46 +0,0 @@
-version: '2.1'
-services:
-  onlyoffice-documentserver:
-    container_name: onlyoffice-documentserver
-    build:
-      context: ../.
-    depends_on:
-      - onlyoffice-statsd-exporter
-    environment:
-      - METRICS_ENABLED=${METRICS_ENABLED:-true}
-      - METRICS_HOST=${METRICS_HOST:-onlyoffice-statsd-exporter}
-      - METRICS_PORT=${METRICS_PORT:-9125}
-      - METRICS_PREFIX=${METRICS_PREFIX:-ds.}
-    stdin_open: true
-    restart: always
-    ports:
-      - '80:80'
-
-  onlyoffice-statsd-exporter:
-    container_name: onlyoffice-statsd-exporter
-    image: prom/statsd-exporter
-    command: --statsd.event-flush-interval=30000ms
-    ports:
-      - '9102:9102'
-      - '9125:9125/tcp'
-      - '9125:9125/udp'
-
-  onlyoffice-prometheus:
-    container_name: onlyoffice-prometheus
-    image: prom/prometheus
-    ports:
-      - '9090:9090'
-    volumes:
-      - ./prometheus/prometheus-scrape/statsd-exporter.yml:/etc/prometheus/prometheus.yml
-
-  grafana:
-    container_name: onlyoffice-grafana
-    image: bitnami/grafana
-    ports:
-      - '3000:3000'
-    environment:
-      - 'GF_SECURITY_ADMIN_PASSWORD=G0pGE4'
-    volumes:
-      - ./prometheus/grafana/conf/prometheus.yml:/opt/bitnami/grafana/conf/provisioning/datasources/prometheus.yml
-      - ./prometheus/grafana/conf/default-provider.yaml:/opt/bitnami/grafana/conf/provisioning/dashboards/default-provider.yaml
-      - ./prometheus/grafana/dashboards:/opt/bitnami/grafana/dashboards
--- a/tests/prometheus/grafana/conf/default-provider.yaml
+++ b/tests/prometheus/grafana/conf/default-provider.yaml
@ -1,23 +0,0 @@
-apiVersion: 1
-providers:
-  # <string> an unique provider name
- name: 'default-provider'
-  # <int> org id. will default to orgId 1 if not specified
-  orgId: 1
-  # <string, required> name of the dashboard folder. Required
-  folder: dashboards
-  # <string> folder UID. will be automatically generated if not specified
-  folderUid: ''
-  # <string, required> provider type. Required
-  type: file
-  # <bool> disable dashboard deletion
-  disableDeletion: false
-  # <bool> enable dashboard editing
-  editable: true
-  # <int> how often Grafana will scan for changed dashboards
-  updateIntervalSeconds: 10
-  options:
-    # <string, required> path to dashboard files on disk. Required
-    path: /opt/bitnami/grafana/dashboards
-    # <bool> enable folders creation for dashboards
-    #foldersFromFilesStructure: true
--- a/tests/prometheus/grafana/conf/prometheus.yml
+++ b/tests/prometheus/grafana/conf/prometheus.yml
@ -1,6 +0,0 @@
-apiVersion: 1
-datasources:
-  - name: Prometheus
-    type: prometheus
-    url: http://onlyoffice-prometheus:9090
-    editable: true
--- a/tests/prometheus/grafana/dashboards/documentserver-statsd-exporter.json
+++ b/tests/prometheus/grafana/dashboards/documentserver-statsd-exporter.json
--- a/tests/prometheus/prometheus-scrape/statsd-exporter.yml
+++ b/tests/prometheus/prometheus-scrape/statsd-exporter.yml
@ -1,6 +0,0 @@
-scrape_configs:
-  - job_name: 'statsd'
-    scrape_interval: 30s
-    static_configs:
-      - targets:
-        - onlyoffice-statsd-exporter:9102
Author	SHA1	Message	Date
AlexandrKharitonov	f663fbd43b	Update build	2022-01-06 12:18:40 +03:00
AlexandrKharitonov	e3f8ab9a1d	Update build	2022-01-06 12:13:22 +03:00
AlexandrKharitonov	2fbbccccec	add hooks	2022-01-06 11:46:31 +03:00
AlexandrKharitonov	9c1975df7b	Update Dockerfile.cl	2021-12-20 11:01:52 +03:00
AlexandrKharitonov	f9499ba9ff	Create Dockerfile.cl	2021-12-17 17:04:20 +03:00