From d1c4e871abb4eb2be418cec8c8dc47f9d6fe171b Mon Sep 17 00:00:00 2001 From: yu-i-i Date: Mon, 16 Mar 2026 17:30:33 +0100 Subject: [PATCH] Release v6.1.2-ext-v4.0 --- Extended-CE:-Environment-Variables.md | 8 ++- Extended-CE:-Installation.md | 13 ++-- Extended-CE:-Sandboxed-Compiles.md | 91 +++++++-------------------- Extended-CE:-Template-Gallery.md | 5 +- Extended-CE:-Useful-Links.md | 4 +- Home.md | 13 ++++ 6 files changed, 55 insertions(+), 79 deletions(-) diff --git a/Extended-CE:-Environment-Variables.md b/Extended-CE:-Environment-Variables.md index e295725..ac00e50 100644 --- a/Extended-CE:-Environment-Variables.md +++ b/Extended-CE:-Environment-Variables.md @@ -4,6 +4,12 @@ In addition to the [environment variables used in upstream Overleaf Server CE](h the following variables has been added in Extended CE: - `MAX_UPLOAD_SIZE` - * Specifies the maximum size of an uploaded project or file, in MB. The default value is 50 MB. + * Specifies the maximum size of an uploaded project or file (in MB). The default value is 50 MB. + * The nginx server must be configured accordingly. If using overleaf-toolkit, set for example `client_max_body_size 100M;` + in `overleaf-toolkit/config/nginx/nginx.conf`. + * If Git integration is enabled, set `GIT_BRIDGE_REPOSTORE_MAX_FILE_SIZE` accordingly. Note that this value is specified **in bytes**. - `OVERLEAF_EMAIL_SMTP_PASS_FILE` * Used to provide the email password from a file rather than directly via the environment variable `OVERLEAF_EMAIL_SMTP_PASS`. Useful when used with Docker Compose secrets. +- `OVERLEAF_HISTORY_RESTORE` + * If set to `true`, the user can restore projects or files from history snapshots. This functionality has existed in CE for a long time and works without visible issues, but it is still considered experimental. +Note that restoring from history is available only for projects created after this variable was set to `true`. Attempting to restore a history snapshot in older projects results in an error. diff --git a/Extended-CE:-Installation.md b/Extended-CE:-Installation.md index 36239eb..5293dff 100644 --- a/Extended-CE:-Installation.md +++ b/Extended-CE:-Installation.md @@ -9,12 +9,15 @@ services: sharelatex: image: sharelatex/sharelatex:ext-ce ``` - -If you want to build a Docker image of the extended CE based on the upstream v6.1.0 release, first check out the tag corresponding to v6.1.0-ext-v3.5: +If you use the `git-bridge` image, update the version number in `overleaf-toolkit/config/version` to match the upstream version, for example: ``` -git checkout v6.1.0-ext-v3.5 +6.1.2 +``` +If you want to build a Docker image of the extended CE based on the upstream `v6.1.0` release, first check out the tag corresponding to `v6.1.0-ext-v4.0`: ``` -After building this image, switch to the latest state of the repository, rewiev the `server-ce/hotfix` directory, and build the patched images sequentially: v6.1.1-ext-v3.5, ..., v6.n.m-ext-v3.5. +git checkout v6.1.0-ext-v4.0 +``` +After building this image, switch to the the branch `ext-ce-v6.1`, rewiev the `server-ce/hotfix` directory, and build the patched images sequentially: v6.1.1-ext-v4.0, ..., v6.1.n-ext-v4.0. Notes for updating 5.5.x-ext images: @@ -23,6 +26,6 @@ Notes for updating 5.5.x-ext images: Alternatively, you can download a prebuilt image from Docker Hub: ``` -docker pull overleafcep/sharelatex:6.1.1-ext-v3.5 +docker pull overleafcep/sharelatex:6.1.2-ext-v4.0 ``` Make sure to update the image name in `overleaf-toolkit/config/docker-compose.override.yml` accordingly. diff --git a/Extended-CE:-Sandboxed-Compiles.md b/Extended-CE:-Sandboxed-Compiles.md index d45a51c..97c01a1 100644 --- a/Extended-CE:-Sandboxed-Compiles.md +++ b/Extended-CE:-Sandboxed-Compiles.md @@ -89,79 +89,16 @@ If an existing installation already stores full image names in MongoDB and `TEX_ Migration can be performed with: ```bash -# Dry run (default): no real changes are applied -docker exec -i mongo mongosh --quiet < migrate-texlive-image-names.js - -# Apply real changes -docker exec -i -e DRY_RUN=false mongo mongosh --quiet < migrate-texlive-image-names.js +./overleaf-toolkit/bin/run-script modules/server-ce-scripts/scripts/strip-image-repo-prefix.mjs ``` -By default, the script runs in dry-run mode. -Actual changes are applied only when `DRY_RUN=false` is explicitly set. +The script runs in dry-run mode by default and prints the changes that would be applied. Add the `--no-dry-run` option to perform the actual changes. -The `migrate-texlive-image-names.js` script can be as follows: -```javascript -(() => { - var dryRun = true - - try { - if (typeof process !== 'undefined' && process.env.DRY_RUN !== undefined) { - dryRun = process.env.DRY_RUN === 'false' ? false : true - } - } catch (e) { - dryRun = true - } - - const dbx = db.getSiblingDB('sharelatex') - - function stripPath(name) { - if (!name || typeof name !== 'string') return '' - const parts = name.split('/') - return parts[parts.length - 1] - } - - const collections = ['projects', 'templates'] - - for (const collName of collections) { - const coll = dbx.getCollection(collName) - const cursor = coll.find({ imageName: { $regex: '/' } }) - - print('\nProcessing collection: ' + collName) - - let count = 0 - cursor.forEach(doc => { - const oldName = doc.imageName || '' - const newName = stripPath(oldName) - - if (oldName && newName && oldName !== newName) { - count++ - if (dryRun) { - print('_id: ' + doc._id + ', old: ' + oldName + ', new: ' + newName) - } else { - coll.updateOne( - { _id: doc._id }, - { $set: { imageName: newName } } - ) - } - } - }) - - print( - 'Total entries ' + - (dryRun ? 'to be changed' : 'changed') + - ' in ' + - collName + - ': ' + - count - ) - } - - print( - dryRun - ? '\nDry-run complete. No changes made. Set DRY_RUN=false to apply updates.' - : '\nUpdate complete.' - ) -})() +If an administrator later decides to return to the variant with full image paths and removes `TEX_LIVE_DOCKER_IMAGE_ROOT`, the `imageName` fields in MongoDB records must again include the repository prefix. +This can be done with: +```bash +./overleaf-toolkit/bin/run-script modules/server-ce-scripts/scripts/add-image-repo-prefix.mjs --prefix=texlive ``` +The `--prefix` option specifies the repository prefix to add (for example, `texlive`). The script runs in dry-run mode by default; add `--no-dry-run` to apply the changes. If **overleaf-toolkit** is used to pull and update TeX Live images (`SIBLING_CONTAINERS_PULL=true`), an additional change is required when `TEX_LIVE_DOCKER_IMAGE_ROOT` is set. The file `overleaf-toolkit/bin/up` must be updated as follows: @@ -190,6 +127,20 @@ file during compilation. This is required for packages like `minted`. For this p - A list of extra flags for TeX compiler. Example: `-shell-escape -file-line-error` +## Note on migration from Overleaf CE + +In projects created with Overleaf CE, the image name is not stored in MongoDB project records. When a user opens such a project in Overleaf CE+ for the first time, the `imageName` +field is initialized with the default image. + +If an administrator later decides to return to Overleaf CE, these records can optionally be removed. Open `mongosh` with: +```bash +./overleaf-toolkit/bin/mongo +``` +Then remove the `imageName` field from all projects: + +```javascript +db.projects.updateMany({}, { $unset: { imageName: "" } }) +``` For additional details refer to [Server Pro: Sandboxed Compiles](https://github.com/overleaf/overleaf/wiki/Server-Pro:-sandboxed-compiles). diff --git a/Extended-CE:-Template-Gallery.md b/Extended-CE:-Template-Gallery.md index 137dcbb..9e08b66 100644 --- a/Extended-CE:-Template-Gallery.md +++ b/Extended-CE:-Template-Gallery.md @@ -31,6 +31,8 @@ The Template Gallery feature is controlled using the following environment varia - `OVERLEAF_NON_ADMIN_CAN_PUBLISH_TEMPLATES`: Determines whether non-admin users can publish templates. Defaults to `false`. +- `OVERLEAF_TEMPLATES_USER_ID`: ID of a non-admin user allowed to manage all templates (publish, remove, and edit). + ## Publishing Templates For each template you want to upload: @@ -43,7 +45,8 @@ For each template you want to upload: - The *Description* field supports Markdown formatting. - The *Author* field accepts Markdown-formatted links. -After submission, template details can be edited, or the template can be deleted via the Template Gallery page. Users can manage their own templates; admins can manage any template. +After submission, template details can be edited, or the template can be deleted via the Template Gallery page. +Users can manage their own templates, while admins and the user with the ID defined by `OVERLEAF_TEMPLATES_USER_ID` can manage any template.

Example

 diff --git a/Extended-CE:-Useful-Links.md b/Extended-CE:-Useful-Links.md index 961b278..559f8b4 100644 --- a/Extended-CE:-Useful-Links.md +++ b/Extended-CE:-Useful-Links.md @@ -2,8 +2,8 @@ - [How to increase the maximum compilation time beyond 600 seconds](https://github.com/yu-i-i/overleaf-cep/discussions/37) -- [How to enable the 'Restore project to this version' feature](https://github.com/yu-i-i/overleaf-cep/discussions/76) - - [Example of Authentik Identity Provider configuration for OIDC](https://github.com/yu-i-i/overleaf-cep/discussions/68) - [Alternative Tex Live images](https://github.com/ayaka-notes/texlive-full) + +- [How to fix segmentation fault when building a docker image on high-spec hardware](https://github.com/yu-i-i/overleaf-cep/discussions/146) diff --git a/Home.md b/Home.md index 9362457..14cc5f8 100644 --- a/Home.md +++ b/Home.md @@ -12,6 +12,19 @@ the [Overleaf Wiki Page](https://github.com/overleaf/overleaf/wiki). ## Extended CE Release Notes +### `v6.1.2-ext-v4.0` +- Based on upstream release v6.1.2 +- Introduced Git integration +- Added environment variable `OVERLEAF_HISTORY_RESTORE` to enable restoring a project or file from a history snapshot, + see [Environment Variables](https://github.com/yu-i-i/overleaf-cep/wiki/Extended-CE:-Environment-Variables) +- Administrator tools: significantly improved page rendering performance when handling large numbers of users or projects; added pagination to user and project lists +- Template gallery: **security fix** — non-privileged user could manage a template not owned by that user +- Template gallery: introduced template manager role (environment variable `OVERLEAF_TEMPLATES_USER_ID`) +- Linked URL: **security fix** — prevents access to internal services via crafted links +- Authentication: updated `passport-ldapauth` to 3.0.1 +- Sandboxed compiles: set `imageName` to default when undefined on the first project opening (for migration from CE) +- Sandboxed compiles: - Sandboxed compiles: added scripts to add or remove the repository prefix in project `imageName` + ### `v6.1.1-ext-v3.5` - Based on upstream release v6.1.1 - New design of the Overleaf editor (supports light and dark themes)