Merge branch 'onlyoffice' into 'slim'

SENTRY_DSN=

SENTRY_PUBLIC_DSN=

# OnlyOffice

ONLYOFFICE_DB_HOST=db

ONLYOFFICE_DB_PORT=5432

ONLYOFFICE_DB_NAME=onlyoffice

ONLYOFFICE_DB_USER=onlyoffice

ONLYOFFICE_DB_PASSWORD=123456

ONLYOFFICE_DOCUMENT_SERVER_URL=http://localhost:8081  # Internal Docker URL (auto-adjusts to https in staging/prod via env)

ONLYOFFICE_DOCUMENT_SERVER_INTERNAL_URL=http://documentserver/

ONLYOFFICE_STORAGE_URL=http://nginx/

ONLYOFFICE_JWT_SECRET=01c48da78419982ff70fe3f1979f9df54fcb4cc954a638dab7cf98d9da09c7ae # $(openssl rand -hex 32)  # Generate: openssl rand -hex 32

ONLYOFFICE_JWT_HEADER=Authorization

# nginx

NGINX_DOCKER_IMG=registry.gitlab.e.foundation/e/infra/ecloud/nextcloud/nginx:latest

.idea

files

.env

 No newline at end of file

<?php

if (getenv('ONLYOFFICE_DOCUMENT_SERVER_URL')) {

  $CONFIG = array(

    'onlyoffice' => array(

      'DocumentServerUrl' => getenv('ONLYOFFICE_DOCUMENT_SERVER_URL') ?: 'http://localhost:8081/',

      'DocumentServerInternalUrl' => getenv('ONLYOFFICE_DOCUMENT_SERVER_INTERNAL_URL') ?: 'http://documentserver/',

      'StorageUrl' => getenv('ONLYOFFICE_STORAGE_URL') ?: 'http://nginx',

      'jwt_secret' => getenv('ONLYOFFICE_JWT_SECRET') ?: '',

      'jwt_header' => getenv('ONLYOFFICE_JWT_HEADER') ?: 'Authorization',

    ),

  );

}

#!/bin/bash

set -euo pipefail  # Exit on error, undefined vars, pipe failures

# Helper: Run psql command (uses POSTGRES_USER/DB for auth)

run_psql() {

  psql -v ON_ERROR_STOP=1 -U "${POSTGRES_USER}" "$@"

}

echo "Starting OnlyOffice DB init..."

# Create user if not exists (transaction-safe)

if ! run_psql -tAc "SELECT 1 FROM pg_roles WHERE rolname = '${ONLYOFFICE_DB_USER}'" | grep -q 1; then

  run_psql -c "CREATE USER ${ONLYOFFICE_DB_USER} WITH PASSWORD '${ONLYOFFICE_DB_PASSWORD}';"

  echo "Created user '${ONLYOFFICE_DB_USER}'."

else

  echo "User '${ONLYOFFICE_DB_USER}' already exists."

fi

# Create DB if not exists (non-transactional: check first, then create)

if ! run_psql -tAc "SELECT 1 FROM pg_database WHERE datname = '${ONLYOFFICE_DB_NAME}'" | grep -q 1; then

  # Temp connect as superuser to create DB

 run_psql -c "CREATE DATABASE ${ONLYOFFICE_DB_NAME} OWNER ${ONLYOFFICE_DB_USER};"

  echo "Created DB '${ONLYOFFICE_DB_NAME}'."

else

  echo "DB '${ONLYOFFICE_DB_NAME}' already exists."

fi

# Grant privileges (safe to re-run)

run_psql -c "GRANT ALL PRIVILEGES ON DATABASE ${ONLYOFFICE_DB_NAME} TO ${ONLYOFFICE_DB_USER};"

echo "OnlyOffice DB and user initialized successfully."

      - POSTGRES_DB=${DB_NAME}

      - POSTGRES_USER=${DB_USER}

      - POSTGRES_PASSWORD=${DB_PASSWORD}

      - ONLYOFFICE_DB_NAME=${ONLYOFFICE_DB_NAME}

      - ONLYOFFICE_DB_USER=${ONLYOFFICE_DB_USER}

      - ONLYOFFICE_DB_PASSWORD=${ONLYOFFICE_DB_PASSWORD}

    volumes:

      - db:/var/lib/postgresql/data

      - ./config/postgres/init-onlyoffice.sh:/docker-entrypoint-initdb.d/10-onlyoffice.sh:ro

    healthcheck:

      test: ["CMD-SHELL", "pg_isready -U ${DB_USER} -d ${DB_NAME}"]

      interval: 10s

    depends_on:

      - nextcloud

  documentserver:

    image: onlyoffice/documentserver:9.1

    restart: unless-stopped

    depends_on:

      db:

        condition: service_healthy  

    environment:

      - DB_HOST=${ONLYOFFICE_DB_HOST}

      - DB_PORT=${ONLYOFFICE_DB_PORT}

      - DB_NAME=${ONLYOFFICE_DB_NAME}

      - DB_USER=${ONLYOFFICE_DB_USER}

      - DB_PWD=${ONLYOFFICE_DB_PASSWORD}

      - JWT_SECRET=${ONLYOFFICE_JWT_SECRET}

      - JWT_HEADER=${ONLYOFFICE_JWT_HEADER}

    ports:

      - "8081:80"

    volumes:

      - onlyoffice_data:/var/www/onlyoffice/Data

      - onlyoffice_logs:/var/log/onlyoffice

    healthcheck:

      test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost/healthcheck"]

      interval: 10s

      timeout: 5s

      retries: 5

      start_period: 30s

    networks:

      - worker-network

volumes: !override

  db:

  nextcloud-config:

  nextcloud-data:

  onlyoffice_data:

  onlyoffice_logs:

networks:

  proxy-network: