diff --git a/bxl-shp/apps/docker-compose.onlyoffice.yaml b/bxl-shp/apps/docker-compose.onlyoffice.yaml index 5dfd340..3dbf718 100644 --- a/bxl-shp/apps/docker-compose.onlyoffice.yaml +++ b/bxl-shp/apps/docker-compose.onlyoffice.yaml @@ -2,10 +2,11 @@ services: onlyoffice-documentserver: container_name: onlyoffice-documentserver image: onlyoffice/documentserver:latest - restart: on-failure:3 + restart: unless-stopped environment: - JWT_SECRET=${ONLYOFFICE_JWT} - WOPI_ENABLED=true + - JWT_ENABLED=false volumes: - $DATA/onlyoffice/DocumentServer/logs:/var/log/onlyoffice - $DATA/onlyoffice/DocumentServer/data:/var/www/onlyoffice/Data @@ -14,14 +15,97 @@ services: - $DATA/onlyoffice/DocumentServer/rabbitmq:/var/lib/rabbitmq labels: - "traefik.enable=true" + - "traefik.http.routers.onlyoffice-editor.rule=Host(`onlyoffice-editor.bhasher.com`)" + - "traefik.http.services.onlyoffice-editor.loadbalancer.server.port=80" + - "traefik.http.routers.onlyoffice-editor.tls=true" + - "traefik.http.routers.onlyoffice-editor.tls.certresolver=http" + - "traefik.http.routers.onlyoffice-editor.entrypoints=internalsecure,externalsecure" + networks: + - external + - onlyoffice + + onlyoffice-db: + container_name: onlyoffice-db + #image: mariadb:11 + image: mysql:8.0.29 + restart: unless-stopped + environment: + - MYSQL_ROOT_PASSWORD=${ONLYOFFICE_DB_PASS} + volumes: + - $CONFIG/onlyoffice/db/conf.d:/etc/mysql/conf.d + - $CONFIG/onlyoffice/db/docker-entrypoint-initdb.d:/docker-entrypoint-initdb.d + - $DATA/onlyoffice/CommunityServer/db:/var/lib/mysql + networks: + - onlyoffice + + onlyoffice-community-server: + container_name: onlyoffice-community-server + image: onlyoffice/communityserver:12.0.1.1748 + restart: unless-stopped + environment: + - ONLYOFFICE_CORE_MACHINEKEY=${ONLYOFFICE_COMMUNITY_KEY} + - CONTROL_PANEL_PORT_80_TCP=80 + - CONTROL_PANEL_PORT_80_TCP_ADDR=onlyoffice-control-panel + - MYSQL_SERVER_ROOT_PASSWORD=${ONLYOFFICE_DB_PASS} + - MYSQL_SERVER_DB_NAME=onlyoffice + - MYSQL_SERVER_HOST=onlyoffice-db + - MYSQL_SERVER_USER=onlyoffice_user + - MYSQL_SERVER_PASS=onlyoffice_pass + - ELASTICSEARCH_SERVER_HOST=onlyoffice-elasticsearch + - ELASTICSEARCH_SERVER_HTTPPORT=9200 + volumes: + - $DATA/onlyoffice/CommunityServer/data:/var/www/onlyoffice/Data + - $DATA/onlyoffice/CommunityServer/log:/var/log/onlyoffice + - /sys/fs/cgroup:/sys/fs/cgroup:rw + privileged: true + cgroup: host + labels: + - "traefik.enable=true" - "traefik.http.routers.onlyoffice.rule=Host(`onlyoffice.bhasher.com`)" - "traefik.http.services.onlyoffice.loadbalancer.server.port=80" - "traefik.http.routers.onlyoffice.tls=true" - "traefik.http.routers.onlyoffice.tls.certresolver=http" - - "traefik.http.routers.onlyoffice.entrypoints=internalsecure" + - "traefik.http.routers.onlyoffice.entrypoints=internalsecure,externalsecure" + depends_on: + - onlyoffice-db + - onlyoffice-elasticsearch networks: + - onlyoffice - external + - auth + + onlyoffice-elasticsearch: + container_name: onlyoffice-elasticsearch + image: onlyoffice/elasticsearch:7.16.3 + restart: unless-stopped + environment: + - discovery.type=single-node + - bootstrap.memory_lock=true + - "ES_JAVA_OPTS=-Xms1g -Xmx1g -Dlog4j2.formatMsgNoLookups=true" + - "indices.fielddata.cache.size=30%" + - "indices.memory.index_buffer_size=30%" + - "ingest.geoip.downloader.enabled=false" + volumes: + - $DATA/onlyoffice/CommunityServer/elasticsearch:/usr/share/elasticsearch/data + networks: + - onlyoffice + + onlyoffice-control-panel: + container_name: onlyoffice-control-panel + image: onlyoffice/controlpanel:3.1.1.467 + restart: unless-stopped + environment: + - ONLYOFFICE_CORE_MACHINEKEY=${ONLYOFFICE_COMMUNITY_KEY} + volumes: + - /var/run/docker.sock:/var/run/docker.sock + - $DATA/onlyoffice/CommunityServer/cp-data:/var/www/onlyoffice/Data + - $DATA/onlyoffice/CommunityServer/cp-log:/var/log/onlyoffice + depends_on: + - onlyoffice-community-server + networks: + - onlyoffice networks: + onlyoffice: external: external: true diff --git a/bxl-shp/config/onlyoffice/db/conf.d/onlyoffice.cnf b/bxl-shp/config/onlyoffice/db/conf.d/onlyoffice.cnf new file mode 100644 index 0000000..e37dc6a --- /dev/null +++ b/bxl-shp/config/onlyoffice/db/conf.d/onlyoffice.cnf @@ -0,0 +1,5 @@ +[mysqld] +sql_mode = 'NO_ENGINE_SUBSTITUTION' +max_connections = 1000 +max_allowed_packet = 1048576000 +group_concat_max_len = 2048 diff --git a/bxl-shp/config/onlyoffice/db/docker-entrypoint-initdb.d/onlyoffice-initdb.sql b/bxl-shp/config/onlyoffice/db/docker-entrypoint-initdb.d/onlyoffice-initdb.sql new file mode 100644 index 0000000..ed4f675 --- /dev/null +++ b/bxl-shp/config/onlyoffice/db/docker-entrypoint-initdb.d/onlyoffice-initdb.sql @@ -0,0 +1,12 @@ +CREATE DATABASE IF NOT EXISTS onlyoffice CHARACTER SET "utf8" COLLATE "utf8_general_ci"; +CREATE DATABASE IF NOT EXISTS onlyoffice_mailserver CHARACTER SET "utf8" COLLATE "utf8_general_ci"; + +ALTER USER 'root'@'%' IDENTIFIED WITH mysql_native_password BY 'my-secret-pw'; +CREATE USER IF NOT EXISTS 'onlyoffice_user'@'%' IDENTIFIED WITH mysql_native_password BY 'onlyoffice_pass'; +CREATE USER IF NOT EXISTS 'mail_admin'@'%' IDENTIFIED WITH mysql_native_password BY 'Isadmin123'; + +GRANT ALL PRIVILEGES ON *.* TO 'root'@'%'; +GRANT ALL PRIVILEGES ON *.* TO 'onlyoffice_user'@'%'; +GRANT ALL PRIVILEGES ON *.* TO 'mail_admin'@'%'; + +FLUSH PRIVILEGES;