fjudith / docker-draw.io Goto Github PK

Hi,

As a good newbie with Docker, I follow the steps to install/start it. I used "docker run -it --rm --name="draw" -p 8080:8080 -p 8443:8443 fjudith/draw.io"

Now I wish make French default langage but is there a way to include this parameter when running the pod ?
Someone would like to be a good teacher to me please ?

Thank You
Arno

would it be possible to add an option for "Container" storage. Using Device or Browser works well for individuals however it doesn't work well for collaboration. I'd like to have an instance of a DrawIO container running with a PersistentVolume or Docker Mount point so other users can connect to the instance and work on the same drawings with little configuration changes.

Currently i know logs is localhost_access_log.log , catalina.log in logs Directory

but The console.log is not checked anywhere.

I'm sorry, but can you please let me know?

Base URL customization per this issue is not working, the following files still attempt to load from the root instead of the noted subdirectory (/diagram):
croppie.min.css
grapheditor.css
PreConfig.js
apple-touch-icon.png
favicon-16x16.png

Nginx location block

location /diagram { # begin diagram block
        auth_request /auth-4;
        proxy_pass  https://diagram-url:8443/;
        add_header X-Frame-Options "SAMEORIGIN";
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
} 

Docker-compose.yml

version: '3.5'
services:
  drawio:
    image: fjudith/draw.io
    container_name: drawio
    restart: unless-stopped
    ports:
      - 8080:8080
      - 8443:8443
    environment:
      PUBLIC_DNS: example.org
    volumes:
      - ./config/PreConfig.js:/usr/local/tomcat/webapps/draw/js/PreConfig.js

PreConfig.js

/**
 * Copyright (c) 2006-2019, JGraph Ltd
 * Copyright (c) 2006-2019, draw.io AG
 */
// Overrides of global vars need to be pre-loaded
window.EXPORT_URL = '/export'; //This points to ExportProxyServlet which uses the local export server at port 8000.
//This proxy configuration allows https requests to the export server via Tomcat.
window.PLANT_URL = 'REPLACE_WITH_YOUR_PLANTUML_SERVER';
// window.DRAWIO_BASE_URL = 'https://mcp.lunacite.com/diagram';
// window.DRAWIO_VIEWER_URL = 'https://mcp.lunacite.com/diagram/js/viewer.min.js';
window.DRAW_MATH_URL = 'math';
window.DRAWIO_CONFIG = null; //Replace with your custom draw.io configurations. For more details, https://desk.draw.io/support/solutions/articles/16000058316

docker run -it --rm --name="draw" -p 8080:8080 -p 8443:8443 jgraph/draw.io
this image doesnt exist because you put dot between words draw and io.
Please fix doc.

Hi,

I can't access the drawio app. Broser gives me an ssl error that i can not easily workaround

docker run -it --rm --name="draw" -p 8080:8080 fjudith/draw.io

firefox to -> https://localhost:8080/draw/?offline=1

=>

Secure Connection Failed

An error occurred during a connection to localhost:8080. SSL received a record that exceeded the maximum permissible length. Error code: SSL_ERROR_RX_RECORD_TOO_LONG

    The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
    Please contact the website owners to inform them of this problem.

Learn more…

Hello,

We have discovered a typo in your docker file that seems to be preventing the war/plugins/embed2js.patch from being included.

The Dockerfile should be :

patch -p1 < war/plugins/embed2js.patch

but is:

patch -p1 war/plugins/embed2js.patch

Chris

You said that draw.io is enforcing https
Did you import haproxy in your docker container which we can download? Or do we need to add it separately?
Sorry I never used a proxy before.
So the proxy will redirect the http to https? And so if we open the 8080 port it-s only to give it access to the proxy ?

The debian/Dockerfile builds from the base image "tomcat:9-jre11-slim", but it is warned CRITICAL level as CVE-2019-2201 vulnerability by AWS ECR scanner. Debian looks taking no action on that. I am not sure it is because there may be no actually critical impact (may be because it is an android issue?), but anyway it may be good to take any work around the critical-alert by ECR.

When I changed it to "tomcat:9-jdk11-openjdk-slim", then the 1 critical was disappeared. Do you agree to change to this image to work around ECR critical signal?

The error occurred when I created a blank diagram on my self-hosted draw.io.

By the way, it is fine when I use the IP:Port to access the self-hosted draw.io services.

Spawning up drawio using docker-compose running locally on http://localhost:8080 works great.

However when 'File > Export as > URL' then the URL will start as https://app.diagram.net/?lightbox... .
Expectation is that the URL starts as http://localhost:8080/?lightbox... .

When changing the URL manually to localhost:8080 the diagram shows perfectly fine.

Considering the goal of providing the highest data privacy and security for customers who want to keep their data within their infrastructure, could this be fixed?

Every time you save it, the browser automatically downloads it to the local location instead of saving it automatically. Why?

Just like the title, if not, would you consider supporting this feature.

thanks for developing this!

Dear,

I wondered why debian/Dockerfile generated docker process had an error as follows when I accessed it from my browser:

Access to XMLHttpRequest at 'https://rt.draw.io/cache?alive' from origin 'https://localhost:8443' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains the invalid value 'https:/'.

...while self-contained/docker-compose.yml didn't.

What I find out is that the image is different. The former is latest built locally while the latter is https://hub.docker.com/r/jgraph/drawio

Unfortunately, the latter doesn't show Dockerfile so that I wonder how it is built.

Could you let me know how to fix this CORS error in either:

a) by fixing drawio itself
b) by knowing how to build jgraph/drawio
c) any other?

Thank you and best regards,

jgraph/drawio#493 (comment)

ver 11.1.2 support define private gitlab repo, but how to use it in docker image?

I tried both in docker-compose and Dockerfile but not work

environment:
  DRAWIO_GITLAB_URL: http://xxx:8989/gitlab
 DRAWIO_GITLAB_ID:a8ef2e21acff13f734127b0cbfe6a22e5302095630b2378a39f33239d9b459b7

If the UUID generated in docker-entrypoint.sh begins with a number, it results in an illegal XML element name (XML elements cannot begin with a number).

The result is that sometimes when you start the container, the following errors appear:

Append https connector to server.xml
Invalid expression: /Server/Service/3iSCTQuE
Invalid expression: /Server/Service/3iSCTQuE
Invalid expression: /Server/Service/3iSCTQuE
Invalid expression: /Server/Service/3iSCTQuE
Invalid expression: /Server/Service/3iSCTQuE
Invalid expression: /Server/Service/3iSCTQuE
Invalid expression: /Server/Service/3iSCTQuE
Invalid expression: /Server/Service/3iSCTQuE
Invalid expression: /Server/Service/3iSCTQuE
Invalid expression: /Server/Service/3iSCTQuE
Invalid expression: /Server/Service/3iSCTQuE
Invalid expression: /Server/Service/3iSCTQuE
Invalid expression: /Server/Service/3iSCTQuE
Invalid expression: /Server/Service/3iSCTQuE
Invalid expression: /Server/Service/3iSCTQuE
Invalid expression: /Server/Service/3iSCTQuE
Invalid expression: /Server/Service/3iSCTQuE
Invalid expression: /Server/Service/3iSCTQuE
Invalid expression: /Server/Service/3iSCTQuE
Invalid expression: /Server/Service/3iSCTQuE
Invalid expression: /Server/Service/3iSCTQuE
Invalid expression: /Server/Service/3iSCTQuE
Using CATALINA_BASE:   /usr/local/tomcat
Using CATALINA_HOME:   /usr/local/tomcat
Using CATALINA_TMPDIR: /usr/local/tomcat/temp
Using JRE_HOME:        /docker-java-home/jre
Using CLASSPATH:       /usr/local/tomcat/bin/bootstrap.jar:/usr/local/tomcat/bin/tomcat-juli.jar
01-Dec-2017 21:00:19.961 WARNING [main] org.apache.catalina.core.StandardContext.setPath A context path must either be an empty string or start with a '/' and do not end with a '/'. The path [/] does not meet these criteria and has been changed to []
01-Dec-2017 21:00:19.980 SEVERE [main] org.apache.tomcat.util.digester.Digester.fatalError Parse Fatal Error at line 224 column 4: The content of elements must consist of well-formed character data or markup.
 org.xml.sax.SAXParseException; systemId: file:/usr/local/tomcat/conf/server.xml; lineNumber: 224; columnNumber: 4; The content of elements must consist of well-formed character data or markup.
...

The UUID should be generated with a format that does not allow a numeric value as the first character.

I guess there is no way to make the ondrive, dropbox and google drive work, is it ? or maybe I should it 's not the fault of the docker container but more of the draw.io github?

On first run inside docker, i see a javascript error for offline mode.
If I remove offline=1, it works.

http://xxxxxxxxx:8280/?offline=1

(8080 -> 8280, no https)

app.min.js:8540
Uncaught ReferenceError: applicationCache is not defined
at App.EditorUi.updateUi (app.min.js:8540)
at new App (app.min.js:8931)
at app.min.js:8942
at app.min.js:194
at mxXmlRequest. (app.min.js:276)
at XMLHttpRequest. (app.min.js:179)

Using: fjudith/draw.io:latest@sha256:4f8bdbaebf7823e66e6289fea4df16093fbb365da1a4d8ab5abac2e82a7887c4

I just started a new docker instance using the instructions -> docker run -it --rm --name="draw" -p 8080:8080 -p 8443:8443 fjudith/draw.io

i later stumbled upon missing graphics.

BPMN Gateways and BPMN Events do only show white boxes in the left selection Menu

Screenshot:

However those icons do appear when i no not use the offline parameter

I run docker-compose after cloning this repo. Draw.io starts and run on localhost:8080.
The docker log for draw.io display:

Init config.js
window.DRAWIO_GITLAB_URL = 'http://mygitlab.net';
window.DRAWIO_GITLAB_ID = 'change_to_your_app_id';

Choosing Gitlab as target for storing files and selecting authorize. Still redirecting me to gitlab.com

Would it be useful to push the version to this repo when new draw.io releases are built?

I want to create a domain name for draw.io but i will only do that if i can secure the app with a username and password.
Is there a way to do that?
If not i will only run it locally

By the way, i'm not sure if this is an issue. To me its more like a question.

I'd love to run this on a Raspberry Pi, which needs an ARM64 version of the container... Would this be possible?

Thanks!

I try to run as many images as possible read-only to reduce the chances of being hacked. It would be nice if there were an option to completely disable TLS and the generation of the keystore file via environment variables. I do my TLS termination in another container and don't need/want the JVM to do it.

I run my draw.io container with a tmpfs at /usr/local/tomcat/work/Catalina/localhost to keep Tomcat happy, and I copied a .keystore out to my host filesystem and mount it into the container at /usr/local/tomcat/.keystore as a temporary workaround.

Thanks for the fantastic image!

Can we update the apache tomcat to > 9.0.31 - or best to latest 9.0.46?

first your readme is wrong since we need to had draw in the url because if we do not we go to a tomcat test page.

Second if I go to draw/ I have a ssl problem and not the same one as the previous issue.
ERR_SSL_PROTOCOL_ERROR
Is it because I'm not using it in localhost but from a distant point in the LAN? Does your container only work in loop?

Would be possible to have the server configured to set the param ?offline=1 automatically?
Maybe with some env variable