Merge commit '0011284e1d05a313c59eaed19a12d01ad8c76225' into dev

jgraph · Aug 3, 2023 · 81e9c9a · 81e9c9a
2 parents 596e581 + 0011284
commit 81e9c9a
Show file tree

Hide file tree

Showing 12 changed files with 27 additions and 76 deletions.
diff --git a/.github/stale.yml b/.github/stale.yml
@@ -1,5 +1,5 @@
 # Number of days of inactivity before an issue becomes stale
-daysUntilStale: 600
+daysUntilStale: 500
 # Number of days of inactivity before a stale issue is closed
 daysUntilClose: 20
 # Issues with these labels will never be considered stale

diff --git a/README.md b/README.md
@@ -10,12 +10,11 @@
 * draw.io export server image which allow exporting draw.io diagrams to pdf and images
 * docker-compose to run draw.io with the export server
 * docker-compose to run draw.io integrated within nextcloud
-* docker-compose to run draw.io with PlantUML support
 * docker-compose to run draw.io self-contained without any dependency on diagrams.net website (with the export server, plantUml, Google Drive support, OneDrive support, and EMF conversion support (for VSDX export)
 
 ## Description
 
-The Dockerfile builds from `tomcat:10.1-jdk11-corretto ` (see <https://hub.docker.com/_/tomcat/>)
+The Dockerfile builds from `tomcat:9-jre11` (see <https://hub.docker.com/_/tomcat/>)
 
 **Note: Starting from version 16.5.3, alpine and debian images are no longer maintained. We changed to a single image that uses the tomcat image with the least security vulnerabilities.**
 
@@ -63,8 +62,11 @@ If you're running `Docker Toolbox` then start a web browser session to <http://1
 
 ### Method:
 
-1. Using jgraph/drawio docker image, run the following command
-`docker run -it -m1g -e LETS_ENCRYPT_ENABLED=true -e PUBLIC_DNS=drawio.example.com --rm --name="draw" -p 80:80 -p 443:8443 jgraph/drawio`
+1. Create a directory to store the letsencrypt data. (e.g., /opt/docker/drawiodata/letsencrypt-log, /opt/docker/drawiodata/letsencrypt-etc, /opt/docker/drawiodata/letsencrypt-lib)
+2. Using jgraph/drawio docker image, run the following command
+```bash
+docker run -it -m1g -v "/opt/docker/drawiodata/letsencrypt-log:/var/log/letsencrypt/" -v "/opt/docker/drawiodata/letsencrypt-etc:/etc/letsencrypt/" -v "/opt/docker/drawiodata/letsencrypt-lib:/var/lib/letsencrypt" -e LETS_ENCRYPT_ENABLED=true -e PUBLIC_DNS=drawio.example.com --rm --name="draw" -p 80:80 -p 443:8443 jgraph/drawio
+```
 Notice that mapping port 80 to container's port 80 allows certbot to work in stand-alone mode. Mapping port 443 to container's port 8443 allows the container tomcat to serve https requests directly.
 
 ## Changing draw.io configuration

diff --git a/image-export/Dockerfile b/image-export/Dockerfile
@@ -1,23 +1,27 @@
 FROM node:lts-slim
 
-LABEL maintainer="JGraph Ltd"
+LABEL maintainer="JGraph Ltd" \
+      org.opencontainers.image.authors="JGraph Ltd" \
+      org.opencontainers.image.url="https://www.drawio.com" \
+      org.opencontainers.image.source="https://github.com/jgraph/docker-drawio"
 
 ENV RUN_USER            drawio
 ENV RUN_GROUP           drawio
 
 RUN apt-get update -y && \
     apt-get install -y --no-install-recommends \
-        git curl software-properties-common chromium libatk-bridge2.0-0 libgtk-3-0 && \
+        git curl software-properties-common chromium libatk-bridge2.0-0 libgtk-3-0 wget && \
     apt-add-repository contrib && \
     apt-get update -y && \
-    apt-get install -y --no-install-recommends \
-        ttf-mscorefonts-installer && \
+    wget http://ftp.de.debian.org/debian/pool/contrib/m/msttcorefonts/ttf-mscorefonts-installer_3.8_all.deb && \
+    apt install -y --no-install-recommends \
+        ./ttf-mscorefonts-installer_3.8_all.deb && \
     mkdir /usr/local/drawio && \
     cd /usr/local/drawio && \
     git clone https://github.com/jgraph/draw-image-export2.git && \
     cd draw-image-export2 && \
     npm install && \
-    apt-get remove -y --purge chromium git
+    apt-get remove -y --purge chromium git wget
 
 # Add drawio user
 RUN groupadd -r ${RUN_GROUP} && useradd -g ${RUN_GROUP} -d /usr/local/drawio -s /bin/bash ${RUN_USER} && \

diff --git a/main/Dockerfile b/main/Dockerfile
@@ -15,7 +15,10 @@ RUN cd /tmp && \
 
 FROM tomcat:9-jre11
 
-LABEL maintainer="JGraph Ltd"
+LABEL maintainer="JGraph Ltd" \
+      org.opencontainers.image.authors="JGraph Ltd" \
+      org.opencontainers.image.url="https://www.drawio.com" \
+      org.opencontainers.image.source="https://github.com/jgraph/docker-drawio"
 
 ENV RUN_USER            tomcat
 ENV RUN_GROUP           tomcat

diff --git a/main/docker-entrypoint.sh b/main/docker-entrypoint.sh
@@ -26,6 +26,8 @@ echo "})();" >> $CATALINA_HOME/webapps/draw/js/PreConfig.js
 if [[ "${DRAWIO_SELF_CONTAINED}" ]]; then
     echo "window.EXPORT_URL = '/service/0'; //This points to ExportProxyServlet which uses the local export server at port 8000. This proxy configuration allows https requests to the export server via Tomcat." >> $CATALINA_HOME/webapps/draw/js/PreConfig.js
     echo "window.PLANT_URL = '/service/1';" >> $CATALINA_HOME/webapps/draw/js/PreConfig.js
+elif [[ "${EXPORT_URL}" ]]; then
+    echo "window.EXPORT_URL = '/service/0';" >> $CATALINA_HOME/webapps/draw/js/PreConfig.js
 fi
 #DRAWIO_BASE_URL is path to base of deployment, e.g. https://www.example.com/folder
 echo "window.DRAWIO_BASE_URL = '${DRAWIO_BASE_URL:-http://localhost:8080}';" >> $CATALINA_HOME/webapps/draw/js/PreConfig.js

diff --git a/plantUml/PostConfig.js b/plantUml/PostConfig.js
diff --git a/plantUml/PreConfig.js b/plantUml/PreConfig.js
diff --git a/plantUml/README.md b/plantUml/README.md
diff --git a/plantUml/docker-compose.yml b/plantUml/docker-compose.yml
diff --git a/plantUml/fonts/ADD_YOUR_FONTS_HERE b/plantUml/fonts/ADD_YOUR_FONTS_HERE
diff --git a/self-contained/README.md b/self-contained/README.md
@@ -15,6 +15,7 @@ You can customize the application by setting the following environment variables
 * `DRAWIO_VIEWER_URL`: (Optional) If you want to host a draw.io viewer also, set the viewer URL. For example, `https://drawio.example.com/js/viewer.min.js`
 * `DRAWIO_LIGHTBOX_URL`: (Optional) If you want to host a draw.io viewer also, set the lightbox URL. For example, `https://drawio.example.com` 
 * `DRAWIO_CONFIG`: (Optional) draw.io configuration JSON. [Documentation](https://desk.draw.io/support/solutions/articles/16000058316)
+* `DRAWIO_USE_HTTP`: (Optional and INSECURE) If your setup uses http only and you understand the risks (for example, sending OAuth tokens over http), set `DRAWIO_USE_HTTP=1`. **Caution: Use at your own risk**.
 
 ## Google Drive
 
@@ -37,11 +38,12 @@ In "Advanced settings" on the same page, enable "Access tokens" and "ID tokens"
 Set the client ID and secret into environment variables `DRAWIO_MSGRAPH_CLIENT_ID` and `DRAWIO_MSGRAPH_CLIENT_SECRET`. If your Azure app is a single tenant, set `DRAWIO_MSGRAPH_TENANT_ID` to your tenant ID.
 ## Gitlab
 
-Set the following environment variables to enable Gitlab integration.
+Create a new OAuth app (Settings -> Applications). Set "Redirect URI" (e.g, `https://drawio.example.com/gitlab`) and "Scopes" (e.g, `api`, `read_repository
+`, `write_repository`). Then, set the following environment variables, using information from the app, to enable Gitlab integration.
 
 * `DRAWIO_GITLAB_ID`: Your Gitlab ID
 * `DRAWIO_GITLAB_SECRET`: Your Gitlab Secret
-* `DRAWIO_GITLAB_URL`: Your Gitlab URL
+* `DRAWIO_GITLAB_URL`: Your Gitlab URL, for example, `https://gitlab.com/oauth/token` when the gitlab.com is used
 
 ## EMF Converter
 

diff --git a/self-contained/docker-compose.yml b/self-contained/docker-compose.yml
@@ -1,7 +1,7 @@
 version: '3'
 services:
   plantuml-server:
-    image: jgraph/plantuml-server
+    image: plantuml/plantuml-server
     expose:
       - "8080"
     networks: