Open kahlablack opened 2 years ago
Hello @kahlablack yes, we have a problem with docker-compose on Ubuntu 22.04 and Debian 11 (Bug 58578 in our private bugtracker). But you can try use this solution https://github.com/ONLYOFFICE/CommunityServer/issues/424#issuecomment-1231672641.
Ok, I've tried https://github.com/gdraheim/docker-systemctl-replacement to fix this, as the solution workaround does not work. It does not give the errors anymore, but it gives these instead:
onlyoffice-community-server | ERROR:systemctl: dbus-org.freedesktop.resolve1.service: Executable path is not absolute, ignoring: !!/lib/systemd/systemd-resolved
onlyoffice-community-server | ERROR:systemctl: systemd-networkd.service: Executable path is not absolute, ignoring: !!/lib/systemd/systemd-networkd
onlyoffice-community-server | ERROR:systemctl: systemd-resolved.service: Executable path is not absolute, ignoring: !!/lib/systemd/systemd-resolved
onlyoffice-community-server | ERROR:systemctl: systemd-timesyncd.service: Executable path is not absolute, ignoring: !!/lib/systemd/systemd-timesyncd
For the idea of it, I added git and python3 to apt, and then added this to after the last apt install:
RUN git clone https://github.com/gdraheim/docker-systemctl-replacement /opt/systemctl-github && \
rm -f /bin/systemctl && \
ln -s /opt/systemctl-github/files/docker/systemctl.py /bin/systemctl
Unfortunately this is not working. I suspect the problem is somewhere else.
As the scripts (Dockerfile and run-community-server.sh) are simply bad (using hammers to fix non-understood parts of Linux/Docker, and no documentation), I have no idea what is really the goal, and thus where to start fixing. Sorry.
Also, the used libraries are years and years old, and that adds to the serious security problem caused by the privileged mode. Private mode for cgroupns is a feature you really want here! Especially because you only use it for starting some services that should have been external.
IMO it needs a full rewrite. Is there a design plan for what this docker should do?
I'm also very disappointed and totally agree with VincentSC. Additionally, I found this info on their docs page:
Temporarily does not work on Ubuntu 22.04 and Debian 11.
Not quite sure if there is any progress on this issue to produce a properly working docker-compose.yml for any OS.
If it would work on 22.10 or 23.04 then I'd be happy. :)
Hello, I migrated to Debian 11 and I used your docker compose for community server but unfortunately it does not work
the onlyoffice-community-server container doesn't start :
onlyoffice/communityserver:12.0.1.1748 "/app/run-community-…" 13 minutes ago Up 14 seconds 0.0.0.0:80->80/tcp, :::80->80/tcp, 0.0.0.0:443->443/tcp, :::443->443/tcp, 3306/tcp, 5280/tcp, 9865-9866/tcp, 9871/tcp, 9882/tcp, 0.0.0.0:5222->5222/tcp, :::5222->5222/tcp, 9888/tcp onlyoffice-community-server
script version: '3' services: onlyoffice-mysql-server: container_name: onlyoffice-mysql-server image: mysql:8.0.29 cap_add:
logs :
'[' -f /var/www/onlyoffice/Data/certs/onlyoffice.crt -a -f /var/www/onlyoffice/Data/certs/onlyoffice.key ']'
cp /etc/nginx/includes/onlyoffice-communityserver-common.conf.template /app/config/nginx/prepare-onlyoffice
sed -i 1d /etc/logrotate.d/nginx
sed '1 i\/var/log/nginx/.log /var/log/onlyoffice/nginx..log {' -i /etc/logrotate.d/nginx
'[' 172.23.0.0/16 ']'
sed 's,{{DOCKER_APP_SUBNET}},172.23.0.0/16,' -i /app/config/nginx/prepare-onlyoffice
'[' ']'
'[' true == true ']'
sed '/files.docservice.secret/s!(value\s=\s\")[^\"]*\"!\1XhvVHg5z59Z3hEXd\"!' -i /var/www/onlyoffice/WebStudio/web.appsettings.config
sed '/files.docservice.secret.header/s!(value\s=\s\")[^\"]*\"!\1Authorization\"!' -i /var/www/onlyoffice/WebStudio/web.appsettings.config
sed '/files.docservice.secret/s!(value\s=\s\")[^\"]*\"!\1XhvVHg5z59Z3hEXd\"!' -i /var/www/onlyoffice/Services/TeamLabSvc/TeamLabSvc.exe.config
sed '/files.docservice.secret.header/s!(value\s=\s\")[^\"]*\"!\1Authorization\"!' -i /var/www/onlyoffice/Services/TeamLabSvc/TeamLabSvc.exe.config
'[' true == true ']'
cp /etc/nginx/includes/onlyoffice-communityserver-proxy-to-documentserver.conf.template /etc/nginx/includes/onlyoffice-communityserver-proxy-to-documentserver.conf
sed 's,{{DOCUMENT_SERVER_HOST_ADDR}},https:\/\/10.30.160.80,' -i /etc/nginx/includes/onlyoffice-communityserver-proxy-to-documentserver.conf
sed '/files.docservice.url.internal/s!(value\s=\s\")[^\"]*\"!\1https:\/\/10.30.160.80\/\"!' -i /var/www/onlyoffice/WebStudio/web.appsettings.config
sed '/files.docservice.url.public/s!(value\s=\s\")[^\"]*\"!\1https:\/\/10.30.160.80\/\"!' -i /var/www/onlyoffice/WebStudio/web.appsettings.config
sed '/files.docservice.url.internal/s!(value\s=\s\")[^\"]*\"!\1https:\/\/10.30.160.80\/\"!' -i /var/www/onlyoffice/Services/TeamLabSvc/TeamLabSvc.exe.config
sed '/files.docservice.url.public/s!(value\s=\s\")[^\"]*\"!\1https:\/\/10.30.160.80\/\"!' -i /var/www/onlyoffice/Services/TeamLabSvc/TeamLabSvc.exe.config
'[' -n 172.23.0.0/16 ']'
'[' -n '' ']'
'[' false == true ']'
'[' false == true ']'
'[' true == true ']'
cp /etc/nginx/includes/onlyoffice-communityserver-proxy-to-controlpanel.conf.template /etc/nginx/includes/onlyoffice-communityserver-proxy-to-controlpanel.conf
sed 's,{{CONTROL_PANEL_HOST_ADDR}},onlyoffice-control-panel,' -i /etc/nginx/includes/onlyoffice-communityserver-proxy-to-controlpanel.conf
sed 's,{{SERVICE_SSO_AUTH_HOST_ADDR}},onlyoffice-control-panel,' -i /etc/nginx/includes/onlyoffice-communityserver-proxy-to-controlpanel.conf
sed '/web.controlpanel.url/s/(value\s=\s\")[^\"]*\"/\1\/controlpanel\/\"/' -i /var/www/onlyoffice/WebStudio/web.appsettings.config
sed '/web.controlpanel.url/s/(value\s=\s\")[^\"]*\"/\1\/controlpanel\/\"/' -i /var/www/onlyoffice/Services/TeamLabSvc/TeamLabSvc.exe.config
'[' SERVER == SERVER ']' ++ seq 1 1
for serverID in $(seq 1 ${APP_MONOSERVE_COUNT})
'[' 1 == 1 ']'
sed '/web.warmup.count/s/value=\"\S*\"/value=\"1\"/g' -i /var/www/onlyoffice/WebStudio/web.appsettings.config
sed '/web.warmup.domain/s/value=\"\S*\"/value=\"localhost\/warmup\"/g' -i /var/www/onlyoffice/WebStudio/web.appsettings.config
sed '/core.machinekey/s!value=".*"!value="core_secret"!g' -i /var/www/onlyoffice/WebStudio/web.appsettings.config
sed '/core.machinekey/s!value=".*"!value="core_secret"!g' -i /var/www/onlyoffice/ApiSystem/Web.config
sed '/core.machinekey/s!value=".*"!value="core_secret"!g' -i /var/www/onlyoffice/Services/TeamLabSvc/TeamLabSvc.exe.config
sed '/core.machinekey/s!"core.machinekey".*!"core.machinekey":"core_secret",!' -i /var/www/onlyoffice/Services/ASC.Socket.IO/config/config.json
sed 's!machine_key\s=.!machine_key = core_secret!g' -i /var/www/onlyoffice/Services/TeamLabSvc/radicale.config
sed 's!"core.machinekey":.*,!"core.machinekey":"core_secret",!g' -i /var/www/onlyoffice/Services/ASC.UrlShortener/config/config.json
sed 's!"machinekey":.*!"machinekey":"core_secret",!' -i /etc/onlyoffice/communityserver/appsettings.production.json
continue
sed 's/{{APP_NIGNX_KEEPLIVE}}/32/g' -i /app/config/nginx/prepare-onlyoffice
bash -c 'echo "onlyoffice ALL=(ALL) NOPASSWD: /usr/sbin/service" | (EDITOR="tee -a" visudo)' onlyoffice ALL=(ALL) NOPASSWD: /usr/sbin/service
'[' false == true ']'
systemctl enable redis-server.service Synchronizing state of redis-server.service with SysV service script with /lib/systemd/systemd-sysv-install. Executing: /lib/systemd/systemd-sysv-install enable redis-server Created symlink /etc/systemd/system/redis.service → /lib/systemd/system/redis-server.service.
service redis-server start Starting redis-server: redis-server.
redis-cli config set save '' OK
redis-cli config rewrite OK
redis-cli flushall OK
service redis-server stop Stopping redis-server: redis-server.
'[' SERVER == SERVICES ']'
systemctl enable monoserveApiSystem.service ++ seq 1 1
for serverID in $(seq 1 ${APP_MONOSERVE_COUNT})
index=1
'[' 1 == 1 ']'
index=
systemctl enable monoserve.service
chown -R onlyoffice:onlyoffice /var/log/onlyoffice
chown -R onlyoffice:onlyoffice /var/www/onlyoffice/DocumentServerData ++ ls -alhd /var/www/onlyoffice/Data ++ awk '{ print $3 }'
'[' onlyoffice '!=' onlyoffice ']'
'[' '!' -d /var/www/onlyoffice/Data/Index/v7.16.3 ']'
mysql_scalar_exec 'TRUNCATE webstudio_index'
local queryResult=
'[' '' == opt_ignore_db_name ']' ++ mysql --silent --skip-column-names -h onlyoffice-mysql-server -P 3306 -u onlyoffice --password=Vjkcs477jiEpq25V -D onlyoffice -e 'TRUNCATE webstudio_index' mysql: [Warning] Using a password on the command line interface can be insecure.
queryResult=
echo
mkdir -p /var/log/onlyoffice//Index
mkdir -p /var/www/onlyoffice/Data/Index/v7.16.3 ++ ls -alhd /var/www/onlyoffice/Data/Index/v7.16.3 ++ awk '{ print $3 }'
'[' root '!=' elasticsearch ']'
chown -R elasticsearch:elasticsearch /var/www/onlyoffice/Data/Index/v7.16.3
chown -R elasticsearch:elasticsearch /var/log/onlyoffice//Index
grep -q onlyoffice-xmppserver
dpkg -l
sed '/web.talk/s/value=\"\S*\"/value=\"true\"/g' -i /var/www/onlyoffice/WebStudio/web.appsettings.config
sed '/web.chat/s/value=\"\S*\"/value=\"false\"/g' -i /var/www/onlyoffice/WebStudio/web.appsettings.config
systemctl stop onlyofficeRadicale System has not been booted with systemd as init system (PID 1). Can't operate.
systemctl stop onlyofficeTelegram System has not been booted with systemd as init system (PID 1). Can't operate.
systemctl stop onlyofficeSocketIO System has not been booted with systemd as init system (PID 1). Can't operate.
systemctl stop onlyofficeThumb System has not been booted with systemd as init system (PID 1). Can't operate.
systemctl stop onlyofficeFeed System has not been booted with systemd as init system (PID 1). Can't operate.
systemctl stop onlyofficeIndex System has not been booted with systemd as init system (PID 1). Can't operate.
systemctl stop onlyofficeJabber System has not been booted with systemd as init system (PID 1). Can't operate.
systemctl stop onlyofficeMailAggregator System has not been booted with systemd as init system (PID 1). Can't operate.
systemctl stop onlyofficeMailWatchdog System has not been booted with systemd as init system (PID 1). Can't operate.
systemctl stop onlyofficeMailCleaner System has not been booted with systemd as init system (PID 1). Can't operate.
systemctl stop onlyofficeMailImap System has not been booted with systemd as init system (PID 1). Can't operate.
systemctl stop onlyofficeNotify System has not been booted with systemd as init system (PID 1). Can't operate.
systemctl stop onlyofficeBackup System has not been booted with systemd as init system (PID 1). Can't operate.
systemctl stop onlyofficeStorageMigrate System has not been booted with systemd as init system (PID 1). Can't operate.
systemctl stop onlyofficeStorageEncryption System has not been booted with systemd as init system (PID 1). Can't operate.
systemctl stop onlyofficeUrlShortener System has not been booted with systemd as init system (PID 1). Can't operate.
systemctl stop onlyofficeThumbnailBuilder System has not been booted with systemd as init system (PID 1). Can't operate.
systemctl stop onlyofficeAutoCleanUp System has not been booted with systemd as init system (PID 1). Can't operate.
systemctl stop god System has not been booted with systemd as init system (PID 1). Can't operate.
systemctl enable god
systemctl stop elasticsearch System has not been booted with systemd as init system (PID 1). Can't operate.
systemctl stop redis-server System has not been booted with systemd as init system (PID 1). Can't operate.
systemctl stop mysql System has not been booted with systemd as init system (PID 1). Can't operate.
systemctl stop nginx System has not been booted with systemd as init system (PID 1). Can't operate.
systemctl stop monoserveApiSystem.service System has not been booted with systemd as init system (PID 1). Can't operate.
systemctl enable monoserveApiSystem.service ++ seq 1 1
for serverID in $(seq 1 ${APP_MONOSERVE_COUNT})
index=1
'[' 1 == 1 ']'
index=
systemctl stop monoserve.service System has not been booted with systemd as init system (PID 1). Can't operate.
systemctl enable monoserve.service
'[' false == true ']'
systemctl enable onlyofficeRadicale.service
systemctl enable onlyofficeTelegram.service
systemctl enable onlyofficeSocketIO.service
systemctl enable onlyofficeThumb.service
systemctl enable onlyofficeFeed.service
systemctl enable onlyofficeIndex.service
systemctl enable onlyofficeJabber.service
systemctl enable onlyofficeMailAggregator.service
systemctl enable onlyofficeMailWatchdog.service
systemctl enable onlyofficeMailCleaner.service
systemctl enable onlyofficeMailImap.service
systemctl enable onlyofficeNotify.service
systemctl enable onlyofficeBackup.service
systemctl enable onlyofficeStorageMigrate.service
systemctl enable onlyofficeStorageEncryption.service
systemctl enable onlyofficeUrlShortener.service
systemctl enable onlyofficeThumbnailBuilder.service
systemctl enable onlyofficeAutoCleanUp.service
'[' SERVER == SERVER ']'
mv /app/config/nginx/prepare-onlyoffice /etc/nginx/sites-enabled/onlyoffice
service nginx stop
systemctl enable nginx.service Synchronizing state of nginx.service with SysV service script with /lib/systemd/systemd-sysv-install. Executing: /lib/systemd/systemd-sysv-install enable nginx ++ grep -v grep ++ awk '{print $2}' ++ grep cron ++ ps auxf
PID=
'[' onlyoffice-elasticsearch ']'
service elasticsearch stop
systemctl disable elasticsearch.service Synchronizing state of elasticsearch.service with SysV service script with /lib/systemd/systemd-sysv-install. Executing: /lib/systemd/systemd-sysv-install disable elasticsearch
rm -f /usr/lib/systemd/system/elasticsearch.service
rm -f /etc/init.d/elasticsearch
'[' -n '' ']'
rm -dfr '/tmp/onlyoffice*'
rm -dfr '/var/run/onlyoffice/*'
rm -dfr '/var/cache/nginx/onlyoffice/*'
+ '[' false == true ']' I don't understand why the last parameter of the script /app/run-community-server.sh is set to false.