micord/ervu-dashboard-backend
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

initial commit

Browse source
This commit is contained in:
Халтобин Евгений 2024-08-21 12:20:40 +03:00
commit c43cf85dec
1081 changed files with 282568 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

2
config/.gitignore vendored Normal file
View file

@ -0,0 +1,2 @@
/*.ear
/*.jar

44
config/Dockerfile Normal file
View file

@ -0,0 +1,44 @@
FROM quay.io/wildfly/wildfly:26.1.3.Final-jdk17
USER root
ARG POSTGRES_DRIVER_VERSION=42.7.3
RUN yum-config-manager --disable base --disable extras --disable updates \
&& yum-config-manager --enable C7.8.2003-base --enable C7.8.2003-extras --enable C7.8.2003-updates \
&& yum -y --disableplugin=fastestmirror install sudo \
&& chown -R jboss: /opt/jboss/
USER jboss
WORKDIR $JBOSS_HOME
ENV JAVA_ARGS=-Xmx3g
RUN echo 'JAVA_OPTS="$JAVA_OPTS -agentlib:jdwp=transport=dt_socket,address=*:8787,server=y,suspend=n"' >> bin/standalone.conf && \
echo 'JAVA_OPTS="$JAVA_OPTS -XX:MaxMetaspaceSize=1g"' >> bin/standalone.conf && \
echo 'JAVA_OPTS="$JAVA_OPTS -XX:+UseStringDeduplication -XX:+ParallelRefProcEnabled -XX:+ExplicitGCInvokesConcurrent"' >> bin/standalone.conf && \
echo 'JAVA_OPTS="$JAVA_OPTS -XX:+UnlockDiagnosticVMOptions -XX:G1SummarizeRSetStatsPeriod=1"' >> bin/standalone.conf && \
echo 'JAVA_OPTS="$JAVA_OPTS -Dfile.encoding=UTF-8"' >> bin/standalone.conf && \
echo 'JAVA_OPTS="$JAVA_OPTS -XX:-OmitStackTraceInFastThrow"' >> bin/standalone.conf && \
echo 'JAVA_OPTS="$JAVA_OPTS -Dorg.jboss.logmanager.nocolor=true"' >> bin/standalone.conf && \
echo 'JAVA_OPTS="$JAVA_OPTS $JAVA_ARGS"' >> bin/standalone.conf
### Locale support ru_RU ###
USER root
RUN localedef -i ru_RU -f UTF-8 ru_RU.UTF-8
RUN echo "LANG=\"ru_RU.UTF-8\"" > /etc/locale.conf
USER jboss
ENV LANG ru_RU.UTF-8
ENV LANGUAGE ru_RU.UTF-8
ENV LC_ALL ru_RU.UTF-8
### Locale Support END ###
COPY --chown=jboss entrypoint.sh .
COPY --chown=jboss patches patches
RUN (cd patches && wget https://repo.micord.ru/repository/libs-releases-local/org/jboss/ironjacamar/ironjacamar-core-impl/1.5.3.Final/ironjacamar-core-impl-1.5.3.Final.jar)
RUN (cd patches/system && wget https://repo1.maven.org/maven2/org/postgresql/postgresql/$POSTGRES_DRIVER_VERSION/postgresql-$POSTGRES_DRIVER_VERSION.jar -O postgresql-driver.jar)
RUN chmod -R +x patches && \
chmod +x entrypoint.sh && \
./entrypoint.sh && \
rm -rf patches
ENV SERVER_START=true
COPY --chown=jboss *.ear $JBOSS_HOME/standalone/deployments/
HEALTHCHECK --timeout=3s --start-period=3600s CMD curl --fail 127.0.0.1:8080/dashboard/version || exit 1

10
config/Dockerfile.build Normal file
View file

@ -0,0 +1,10 @@
FROM maven:3-jdk-11-slim
RUN apt update \
&& apt upgrade -y \
&& curl -fsSL https://deb.nodesource.com/setup_14.x | bash - \
&& apt install -y git nodejs \
&& rm -rf /var/lib/apt/lists/*
WORKDIR /app
COPY ../ .
RUN mvn clean -T4C && mvn package -T4C

5
config/Dockerfile.secdb Normal file
View file

@ -0,0 +1,5 @@
FROM postgres:11-alpine
COPY secdb.sql .
CMD psql "postgresql://${DB_SEC_USERNAME:-security}:${DB_SEC_PASSWORD:-secpassword}@${DB_SEC_HOST:-db}/${DB_SEC_NAME:-security}" < secdb.sql

1
config/JDK_version Normal file
View file

@ -0,0 +1 @@
17

31
config/browsers.json Normal file
View file

@ -0,0 +1,31 @@
{
"firefox": {
"default": "112.0",
"versions": {
"112.0": {
"image": "selenoid/firefox:112.0",
"port": "4444",
"path": "/wd/hub",
"tmpfs": {
"/tmp": "size=512m"
},
"env" : ["LANG=ru_RU.UTF-8", "LANGUAGE=ru:en", "LC_ALL=ru_RU.UTF-8"],
"shmSize": 1073741824
}
}
},
"chrome": {
"default": "121.0",
"versions": {
"121.0": {
"image": "selenoid/chrome:121.0",
"port": "4444",
"tmpfs": {
"/tmp": "size=512m"
},
"env" : ["LANG=ru_RU.UTF-8", "LANGUAGE=ru:en", "LC_ALL=ru_RU.UTF-8"],
"shmSize": 1073741824
}
}
}
}

12
config/create-databases.sh Normal file
View file

@ -0,0 +1,12 @@
#!/bin/bash
set -e
IFS=','
for databases in $WILDFLY_DATABASES
do
IFS=':' read name user password <<< $databases
psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL
CREATE USER $user WITH PASSWORD '$password';
CREATE DATABASE $name WITH OWNER $user;
EOSQL
done

12
config/docker-compose.secdb.yaml Normal file
View file

@ -0,0 +1,12 @@
version: "3"
services:
secdb:
build:
context: .
dockerfile: Dockerfile.secdb
depends_on:
- db
env_file:
- testing.env
labels:
- "tmp=true"

28
config/docker-compose.selenoid.yaml Normal file
View file

@ -0,0 +1,28 @@
version: "3"
services:
selenoid:
network_mode: bridge
image: aerokube/selenoid:latest-release
container_name: "selenoid"
environment:
- OVERRIDE_VIDEO_OUTPUT_DIR=$PWD/video
volumes:
- ".:/etc/selenoid/:ro"
- "/var/run/docker.sock:/var/run/docker.sock"
- "./logs:/opt/selenoid/logs/"
- "./video/:/opt/selenoid/video/"
command: -session-attempt-timeout 1m -retry-count 3 -limit ${LIMIT:-4} -save-all-logs -log-output-dir /opt/selenoid/logs -video-output-dir /opt/selenoid/video
ports:
- "4444:4444"
selenoid-ui:
image: aerokube/selenoid-ui
container_name: "selenoid-ui"
network_mode: bridge
depends_on:
- selenoid
links:
- "selenoid:selenoid"
ports:
- "8080:8080"
command: --selenoid-uri http://selenoid:4444`

41
config/docker-compose.tests.yaml Normal file
View file

@ -0,0 +1,41 @@
version: "3"
services:
db:
ports:
- 5432:5432
environment:
- WILDFLY_DATABASES=app:app_user:apppassword,security:security_user:secpassword,jbpm:jbpm:jbpmpassword
webbpm-app:
env_file:
- testing.env
selenoid:
network_mode: bridge
image: aerokube/selenoid:latest-release
container_name: "selenoid"
environment:
- OVERRIDE_VIDEO_OUTPUT_DIR=$PWD/video
volumes:
- "$PWD:/etc/selenoid/:ro"
- "/var/run/docker.sock:/var/run/docker.sock"
- "$PWD/logs:/opt/selenoid/logs/"
- "$PWD/video/:/opt/selenoid/video/"
command: -session-attempt-timeout 1m -retry-count 3 -limit ${LIMIT:-4} -save-all-logs -log-output-dir /opt/selenoid/logs -video-output-dir /opt/selenoid/video
ports:
- "4444:4444"
depends_on:
- webbpm-app
selenoid-ui:
image: aerokube/selenoid-ui
container_name: "selenoid-ui"
network_mode: bridge
depends_on:
- selenoid
links:
- "selenoid:selenoid"
ports:
- "8080:8080"
command: --selenoid-uri http://selenoid:4444

31
config/docker-compose.tomcat.yaml Normal file
View file

@ -0,0 +1,31 @@
version: "3"
services:
db:
image: postgres:15-bullseye
volumes:
- ./config/create-databases.sh:/docker-entrypoint-initdb.d/create-databases.sh
command:
- "--max_prepared_transactions=100"
ports:
- 5432
environment:
- WILDFLY_DATABASES=security:security_user:secpassword,jbpm:jbpm:jbpmpassword
- POSTGRES_PASSWORD=supersecretpassword
labels:
- "tmp=true"
webbpm-app:
build:
context: ./..
dockerfile: Dockerfile
depends_on:
- db
ports:
- 9990
- 8080
- 8787
- 12345
env_file:
- testing.env
labels:
- "tmp=true"

31
config/docker-compose.yaml Normal file
View file

@ -0,0 +1,31 @@
version: "3"
services:
db:
image: postgres:15-bullseye
volumes:
- ./create-databases.sh:/docker-entrypoint-initdb.d/create-databases.sh
command:
- "--max_prepared_transactions=100"
ports:
- 5432
environment:
- WILDFLY_DATABASES=security:security_user:secpassword,jbpm:jbpm:jbpmpassword
- POSTGRES_PASSWORD=supersecretpassword
labels:
- "tmp=true"
webbpm-app:
build:
context: .
dockerfile: Dockerfile
depends_on:
- db
ports:
- 9990
- 8080
- 8787
- 12345
env_file:
- testing.env
labels:
- "tmp=true"

48
config/entrypoint.sh Normal file
View file

@ -0,0 +1,48 @@
#! /bin/bash
set -e
function wait_for_server() {
until `$JBOSS_HOME/bin/jboss-cli.sh -c ":read-attribute(name=server-state)" 2> /dev/null | grep -q running`; do
echo "Retry ..."
done
}
echo "dump environment variables to env.properties file"
printenv > env.properties
echo "starting JBoss"
nohup $JBOSS_HOME/bin/standalone.sh --admin-only 1>&2 2>/dev/null &
# running system patches
wait_for_server
$JBOSS_HOME/bin/jboss-cli.sh --connect --file="./patches/system/init.cli" --properties=env.properties
$JBOSS_HOME/bin/jboss-cli.sh --connect --file="./patches/system/add-postgresql-driver.cli" --properties=env.properties
bash "./patches/system/add-demo-user.sh"
# running project patches
find ./patches/ -type f -name '*.cli' -not -path './patches/system/*' -print0 |
while IFS= read -r -d '' f; do
wait_for_server
echo "running $f"
$JBOSS_HOME/bin/jboss-cli.sh --connect --file="$f" --properties=env.properties
done;
find ./patches/ -type f -name '*.sh' -not -path './patches/system/*' -print0 |
while IFS= read -r -d '' f; do
wait_for_server
echo "running $f"
bash "$f"
done
echo "stopping JBoss"
wait_for_server
$JBOSS_HOME/bin/jboss-cli.sh --connect --command=:shutdown
if ! [[ -z $SERVER_START ]]; then
echo "starting JBoss in standalone"
sleep 10 # without this occurs error "address already in use"
/opt/jboss/wildfly/bin/standalone.sh -c standalone.xml -b 0.0.0.0 -bmanagement 0.0.0.0
else
echo "cleaning up JBoss logs"
rm -rf $JBOSS_HOME/standalone/log
fi

3
config/patches/add-logger-database.cli Normal file
View file

@ -0,0 +1,3 @@
/subsystem=logging/logger=org.jooq.tools:add()
/subsystem=logging/logger=org.jooq.tools:write-attribute(name=level, value=DEBUG)
/subsystem=logging/logger=org.jooq.tools:add-handler(name=CONSOLE)

30
config/patches/default.cli Normal file
View file

@ -0,0 +1,30 @@
xa-data-source add \
--name=AppDS \
--enabled=true \
--driver-name=postgresql \
--jndi-name=java:/webbpm/AppDS \
--user-name=${env.DB_APP_USERNAME:app_user} \
--password=${env.DB_APP_PASSWORD:apppassword} \
--use-ccm=true \
--valid-connection-checker-class-name=org.jboss.jca.adapters.jdbc.extensions.postgres.PostgreSQLValidConnectionChecker \
--validate-on-match=false \
--background-validation=true \
--background-validation-millis=5000 \
--exception-sorter-class-name=org.jboss.jca.adapters.jdbc.extensions.postgres.PostgreSQLExceptionSorter \
--statistics-enabled=true \
--max-pool-size=50 \
--query-timeout=300 \
--xa-datasource-properties=ServerName=${env.DB_APP_HOST:db},PortNumber=${env.DB_APP_PORT:5432},DatabaseName=${env.DB_APP_NAME:app}
/system-property=ldap.mapping.login.param:add(value=${env.WEBBPM_LDAP_LOGIN_ATTR:uid})
/system-property=ldap.mapping.org.code.param:add(value=${env.WEBBPM_LDAP_ORGANIZATION_ATTR:ou})
/system-property=jboss.as.management.blocking.timeout:add(value=900)
/subsystem=undertow/server=default-server/http-listener=default/:write-attribute(name=record-request-start-time,value=true)
/subsystem=undertow/server=default-server/host=default-host/setting=access-log:add(pattern=%h %t "%r" %s %b %D)
/system-property=webbpm.cache.hazelcast.hosts:add(value="127.0.0.1")
/system-property=webbpm.cache.hazelcast.outbound_port_definitions:add(value="5801-5820")
/system-property=webbpm.security.session.active.count:add(value="20")
/system-property=gar.enable:add(value=false)
/system-property=security.password.regex:add(value="^((?=(.*\\d){1,})(?=.*[a-zа-яё])(?=.*[A-ZА-ЯЁ]).{8,})$")
/system-property=fias.enable:add(value=false)
/system-property=bpmn.enable:add(value=false)

1
config/patches/system/add-demo-user.sh Normal file
View file

@ -0,0 +1 @@
$JBOSS_HOME/bin/add-user.sh demo@example.com demo

5
config/patches/system/add-postgresql-driver.cli Normal file
View file

@ -0,0 +1,5 @@
/subsystem=datasources/jdbc-driver=postgresql:add( \
driver-name="postgresql", \
driver-module-name="org.postgresql", \
driver-xa-datasource-class-name="org.postgresql.xa.PGXADataSource" \
)

14
config/patches/system/init.cli Normal file
View file

@ -0,0 +1,14 @@
/system-property=webbpm.mode:add(value=production)
/system-property=authentication.method:add(value=form)
/subsystem=undertow/configuration=filter/gzip=gzipFilter:add()
/subsystem=undertow/server=default-server/host=default-host/\
filter-ref=gzipFilter:add(predicate="exists('%{o,Content-Type}') and regex(pattern='(?:application/javascript|text/css|text/html|text/xml|application/json)(;.*)?', value=%{o,Content-Type}, full-match=true)")
/subsystem=undertow/configuration=filter/response-header=vary-header:add(header-name="Vary", header-value="Accept-Encoding")
/subsystem=undertow/server=default-server/host=default-host/filter-ref=vary-header:add()
/subsystem=undertow/server=default-server/http-listener=default/:write-attribute(name=max-post-size,value=${env.MAX_POST_SIZE:104857600})
data-source remove --name=ExampleDS
/subsystem=ee/service=default-bindings:remove
/system-property=jboss.bind.address.management:add(value=0.0.0.0)
/system-property=jboss.bind.address:add(value=0.0.0.0)
module add --name=org.postgresql --resources=./patches/system/postgresql-driver.jar --dependencies=javax.api,javax.transaction.api
shutdown --restart

25
config/secdb.sql Normal file
View file

@ -0,0 +1,25 @@
INSERT INTO security.user_group(user_group_id, name, created, updated, access_level_id) VALUES (uuid_in(md5(random()::text || now()::text)::cstring), 'Example', '2019-07-04 11:12:01.263+03', '2019-08-26 16:40:11.953+03', (SELECT access_level_id FROM security.access_level where level = 0)) ON CONFLICT DO NOTHING;
INSERT INTO security.link_user_group_user_role(link_user_group_user_role_id, user_group_id, user_role_id) SELECT uuid_in(md5(random()::text || now()::text)::cstring), (SELECT user_group_id FROM security.user_group where name = 'Example'), user_role_id FROM security.user_role WHERE name = 'Example' ON CONFLICT DO NOTHING;
INSERT INTO security.link_user_group_user_role(link_user_group_user_role_id, user_group_id, user_role_id) SELECT uuid_in(md5(random()::text || now()::text)::cstring), (SELECT user_group_id FROM security.user_group where name = 'Demo'), user_role_id FROM security.user_role WHERE name = 'Example' ON CONFLICT DO NOTHING;
INSERT INTO security.user_group(user_group_id, name, created, updated, access_level_id) VALUES (uuid_in(md5(random()::text || now()::text)::cstring), 'Example', '2019-07-04 11:12:01.263+03', '2019-08-26 16:40:11.953+03', (SELECT access_level_id FROM security.access_level where level = 0)) ON CONFLICT DO NOTHING;
INSERT INTO security.link_user_group_user_role(link_user_group_user_role_id, user_group_id, user_role_id) SELECT uuid_in(md5(random()::text || now()::text)::cstring), (SELECT user_group_id FROM security.user_group where name = 'Example'), user_role_id FROM security.user_role WHERE name = 'Example' ON CONFLICT DO NOTHING;
INSERT INTO security.link_user_group_user_role(link_user_group_user_role_id, user_group_id, user_role_id) SELECT uuid_in(md5(random()::text || now()::text)::cstring), (SELECT user_group_id FROM security.user_group where name = 'Demo'), user_role_id FROM security.user_role WHERE name = 'Example' ON CONFLICT DO NOTHING;
INSERT INTO security.user_account(user_account_id, email, first_name, last_name, middle_name, created, updated, locked, org_unit_id, username) VALUES (uuid_in(md5(random()::text || now()::text)::cstring), 'qa_test@micord.ru', 'Пользователь', 'Основной-Тестовый', NULL, '2020-01-20 08:41:25.526+03', '2020-01-20 09:57:07.25+03', false, (SELECT id from security.org_unit where code = 'DEFAULT'), 'qa_test') ON CONFLICT DO NOTHING;
INSERT INTO security.simple_credentials( user_account_id, password, password_expires, password_updated) VALUES ((SELECT user_account_id from security.user_account where username = 'qa_test'), '$2a$11$uTzaeewDp2NehwjmfRe/euxP.cy.4ecl5nYA.E5TV9AGjjDKdJwI2', NULL, '2020-01-20 05:41:25.746') ON CONFLICT DO NOTHING;
INSERT INTO security.link_user_account_user_group(link_user_account_user_group_id, user_account_id, user_group_id) VALUES (uuid_in(md5(random()::text || now()::text)::cstring), (SELECT user_account_id from security.user_account where username = 'qa_test'), (SELECT user_group_id FROM security.user_group where name = 'Security Admin')) ON CONFLICT DO NOTHING;
INSERT INTO security.link_user_account_user_group(link_user_account_user_group_id, user_account_id, user_group_id) VALUES (uuid_in(md5(random()::text || now()::text)::cstring), (SELECT user_account_id from security.user_account where username = 'qa_test'), (SELECT user_group_id FROM security.user_group where name = 'BPMN Superuser')) ON CONFLICT DO NOTHING;
INSERT INTO security.link_user_account_user_group(link_user_account_user_group_id, user_account_id, user_group_id) VALUES (uuid_in(md5(random()::text || now()::text)::cstring), (SELECT user_account_id from security.user_account where username = 'qa_test'), (SELECT user_group_id FROM security.user_group where name = 'BPMN Admin')) ON CONFLICT DO NOTHING;
INSERT INTO security.link_user_account_user_group(link_user_account_user_group_id, user_account_id, user_group_id) VALUES (uuid_in(md5(random()::text || now()::text)::cstring), (SELECT user_account_id from security.user_account where username = 'qa_test'), (SELECT user_group_id FROM security.user_group where name = 'Example')) ON CONFLICT DO NOTHING;
INSERT INTO security.link_user_account_user_group(link_user_account_user_group_id, user_account_id, user_group_id) VALUES (uuid_in(md5(random()::text || now()::text)::cstring), (SELECT user_account_id from security.user_account where username = 'qa_test'), (SELECT user_group_id FROM security.user_group where name = 'BPMN User')) ON CONFLICT DO NOTHING;
INSERT INTO security.link_user_account_user_group(link_user_account_user_group_id, user_account_id, user_group_id) VALUES (uuid_in(md5(random()::text || now()::text)::cstring), (SELECT user_account_id from security.user_account where username = 'qa_test'), (SELECT user_group_id FROM security.user_group where name = 'Demo')) ON CONFLICT DO NOTHING;
INSERT INTO security.user_account(user_account_id, email, first_name, last_name, middle_name, created, updated, locked, org_unit_id, username) VALUES (uuid_in(md5(random()::text || now()::text)::cstring), 'qa_admin@micord.ru', 'qa_admin', 'qa_admin', NULL, '2020-01-20 08:41:25.526+03', '2020-01-20 09:57:07.25+03', false, (SELECT id from security.org_unit where code = 'DEFAULT'), 'qa_admin') ON CONFLICT DO NOTHING;
INSERT INTO security.simple_credentials( user_account_id, password, password_expires, password_updated) VALUES ((SELECT user_account_id from security.user_account where username = 'qa_admin'), '$2a$11$Zzmuga/xw1c1UnUe9nP9c.aqJ2O.OAI/AbmphOm2jurxMI0S6VAcy', NULL, '2020-01-20 05:41:25.746') ON CONFLICT DO NOTHING;
INSERT INTO security.link_user_account_user_group(link_user_account_user_group_id, user_account_id, user_group_id) VALUES (uuid_in(md5(random()::text || now()::text)::cstring), (SELECT user_account_id from security.user_account where username = 'qa_admin'), (SELECT user_group_id FROM security.user_group where name = 'Security Admin')) ON CONFLICT DO NOTHING;
INSERT INTO security.link_user_account_user_group(link_user_account_user_group_id, user_account_id, user_group_id) VALUES (uuid_in(md5(random()::text || now()::text)::cstring), (SELECT user_account_id from security.user_account where username = 'qa_admin'), (SELECT user_group_id FROM security.user_group where name = 'BPMN Superuser')) ON CONFLICT DO NOTHING;
INSERT INTO security.link_user_account_user_group(link_user_account_user_group_id, user_account_id, user_group_id) VALUES (uuid_in(md5(random()::text || now()::text)::cstring), (SELECT user_account_id from security.user_account where username = 'qa_admin'), (SELECT user_group_id FROM security.user_group where name = 'BPMN Admin')) ON CONFLICT DO NOTHING;
INSERT INTO security.link_user_account_user_group(link_user_account_user_group_id, user_account_id, user_group_id) VALUES (uuid_in(md5(random()::text || now()::text)::cstring), (SELECT user_account_id from security.user_account where username = 'qa_admin'), (SELECT user_group_id FROM security.user_group where name = 'Example')) ON CONFLICT DO NOTHING;
INSERT INTO security.link_user_account_user_group(link_user_account_user_group_id, user_account_id, user_group_id) VALUES (uuid_in(md5(random()::text || now()::text)::cstring), (SELECT user_account_id from security.user_account where username = 'qa_admin'), (SELECT user_group_id FROM security.user_group where name = 'BPMN User')) ON CONFLICT DO NOTHING;
INSERT INTO security.link_user_account_user_group(link_user_account_user_group_id, user_account_id, user_group_id) VALUES (uuid_in(md5(random()::text || now()::text)::cstring), (SELECT user_account_id from security.user_account where username = 'qa_admin'), (SELECT user_group_id FROM security.user_group where name = 'Demo')) ON CONFLICT DO NOTHING;

561
config/standalone/dev/standalone.xml Normal file
View file

@ -0,0 +1,561 @@
<?xml version="1.0" ?>
<server xmlns="urn:jboss:domain:19.0">
<extensions>
<extension module="org.jboss.as.clustering.infinispan"/>
<extension module="org.jboss.as.connector"/>
<extension module="org.jboss.as.deployment-scanner"/>
<extension module="org.jboss.as.ee"/>
<extension module="org.jboss.as.ejb3"/>
<extension module="org.jboss.as.jaxrs"/>
<extension module="org.jboss.as.jdr"/>
<extension module="org.jboss.as.jmx"/>
<extension module="org.jboss.as.jpa"/>
<extension module="org.jboss.as.jsf"/>
<extension module="org.jboss.as.logging"/>
<extension module="org.jboss.as.mail"/>
<extension module="org.jboss.as.naming"/>
<extension module="org.jboss.as.pojo"/>
<extension module="org.jboss.as.remoting"/>
<extension module="org.jboss.as.sar"/>
<extension module="org.jboss.as.transactions"/>
<extension module="org.jboss.as.webservices"/>
<extension module="org.jboss.as.weld"/>
<extension module="org.wildfly.extension.batch.jberet"/>
<extension module="org.wildfly.extension.bean-validation"/>
<extension module="org.wildfly.extension.clustering.web"/>
<extension module="org.wildfly.extension.core-management"/>
<extension module="org.wildfly.extension.discovery"/>
<extension module="org.wildfly.extension.ee-security"/>
<extension module="org.wildfly.extension.elytron"/>
<extension module="org.wildfly.extension.elytron-oidc-client"/>
<extension module="org.wildfly.extension.health"/>
<extension module="org.wildfly.extension.io"/>
<extension module="org.wildfly.extension.metrics"/>
<extension module="org.wildfly.extension.microprofile.config-smallrye"/>
<extension module="org.wildfly.extension.microprofile.jwt-smallrye"/>
<extension module="org.wildfly.extension.microprofile.opentracing-smallrye"/>
<extension module="org.wildfly.extension.request-controller"/>
<extension module="org.wildfly.extension.security.manager"/>
<extension module="org.wildfly.extension.undertow"/>
</extensions>
<system-properties>
<property name="webbpm.mode" value="development"/>
<property name="authentication.method" value="form"/>
<property name="jboss.bind.address.management" value="0.0.0.0"/>
<property name="jboss.bind.address" value="0.0.0.0"/>
<property name="ldap.mapping.login.param" value="${env.WEBBPM_LDAP_LOGIN_ATTR:uid}"/>
<property name="ldap.mapping.org.code.param" value="${env.WEBBPM_LDAP_ORGANIZATION_ATTR:ou}"/>
<property name="jboss.as.management.blocking.timeout" value="900"/>
<property name="webbpm.cache.hazelcast.hosts" value="127.0.0.1"/>
<property name="webbpm.cache.hazelcast.outbound_port_definitions" value="5801-5820"/>
<property name="webbpm.security.session.active.count" value="20"/>
<property name="gar.enable" value="false"/>
<property name="security.password.regex" value="^((?=(.*\d){1,})(?=.*[a-zа-яё])(?=.*[A-ZА-ЯЁ]).{8,})$"/>
<property name="fias.enable" value="false"/>
<property name="com.arjuna.ats.arjuna.allowMultipleLastResources" value="true"/>
<property name="bpmn.enable" value="false"/>
</system-properties>
<management>
<audit-log>
<formatters>
<json-formatter name="json-formatter"/>
</formatters>
<handlers>
<file-handler name="file" formatter="json-formatter" path="audit-log.log" relative-to="jboss.server.data.dir"/>
</handlers>
<logger log-boot="true" log-read-only="false" enabled="false">
<handlers>
<handler name="file"/>
</handlers>
</logger>
</audit-log>
<management-interfaces>
<http-interface http-authentication-factory="management-http-authentication">
<http-upgrade enabled="true" sasl-authentication-factory="management-sasl-authentication"/>
<socket-binding http="management-http"/>
</http-interface>
</management-interfaces>
<access-control provider="simple">
<role-mapping>
<role name="SuperUser">
<include>
<user name="$local"/>
</include>
</role>
</role-mapping>
</access-control>
</management>
<profile>
<subsystem xmlns="urn:jboss:domain:logging:8.0">
<console-handler name="CONSOLE">
<level name="INFO"/>
<formatter>
<named-formatter name="COLOR-PATTERN"/>
</formatter>
</console-handler>
<periodic-rotating-file-handler name="FILE" autoflush="true">
<formatter>
<named-formatter name="PATTERN"/>
</formatter>
<file relative-to="jboss.server.log.dir" path="server.log"/>
<suffix value=".yyyy-MM-dd"/>
<append value="true"/>
</periodic-rotating-file-handler>
<logger category="com.arjuna">
<level name="WARN"/>
</logger>
<logger category="io.jaegertracing.Configuration">
<level name="WARN"/>
</logger>
<logger category="org.jboss.as.config">
<level name="DEBUG"/>
</logger>
<logger category="sun.rmi">
<level name="WARN"/>
</logger>
<logger category="org.jooq.tools">
<level name="DEBUG"/>
<handlers>
<handler name="CONSOLE"/>
</handlers>
</logger>
<root-logger>
<level name="INFO"/>
<handlers>
<handler name="CONSOLE"/>
<handler name="FILE"/>
</handlers>
</root-logger>
<formatter name="PATTERN">
<pattern-formatter pattern="%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p [%c] (%t) %s%e%n"/>
</formatter>
<formatter name="COLOR-PATTERN">
<pattern-formatter pattern="%K{level}%d{HH:mm:ss,SSS} %-5p [%c] (%t) %s%e%n"/>
</formatter>
</subsystem>
<subsystem xmlns="urn:jboss:domain:batch-jberet:3.0">
<default-job-repository name="in-memory"/>
<default-thread-pool name="batch"/>
<job-repository name="in-memory">
<in-memory/>
</job-repository>
<thread-pool name="batch">
<max-threads count="10"/>
<keepalive-time time="30" unit="seconds"/>
</thread-pool>
</subsystem>
<subsystem xmlns="urn:jboss:domain:bean-validation:1.0"/>
<subsystem xmlns="urn:jboss:domain:core-management:1.0"/>
<subsystem xmlns="urn:jboss:domain:datasources:7.0">
<datasources>
<datasource jndi-name="java:jboss/datasources/jbpmDS" pool-name="JBPMDS" enabled="true" statistics-enabled="true">
<connection-url>jdbc:h2:mem:jbpm;DB_CLOSE_DELAY=-1</connection-url>
<driver>h2</driver>
<security>
<user-name>${env.DB_JBPM_USERNAME:sa}</user-name>
<password>${env.DB_JBPM_PASSWORD:sa}</password>
</security>
<timeout>
<query-timeout>300</query-timeout>
</timeout>
</datasource>
<xa-datasource jndi-name="java:/webbpm/security-ds" pool-name="SECURITYDS" enabled="true" use-java-context="true">
<xa-datasource-property name="ServerName">10.10.31.119</xa-datasource-property>
<xa-datasource-property name="PortNumber">5432</xa-datasource-property>
<xa-datasource-property name="DatabaseName">ervu-dashboard</xa-datasource-property>
<driver>postgresql-driver</driver>
<security>
<user-name>ervu-dashboard-sec</user-name>
<password>ervu-dashboard-sec</password>
</security>
<validation>
<valid-connection-checker class-name="org.jboss.jca.adapters.jdbc.extensions.postgres.PostgreSQLValidConnectionChecker" />
<validate-on-match>false</validate-on-match>
<background-validation>true</background-validation>
<background-validation-millis>5000</background-validation-millis>
<exception-sorter class-name="org.jboss.jca.adapters.jdbc.extensions.postgres.PostgreSQLExceptionSorter" />
</validation>
</xa-datasource>
<drivers>
<driver name="h2" module="com.h2database.h2">
<xa-datasource-class>org.h2.jdbcx.JdbcDataSource</xa-datasource-class>
</driver>
<driver name="postgresql-driver" module="org.postgresql">
<xa-datasource-class>org.postgresql.xa.PGXADataSource</xa-datasource-class>
</driver>
</drivers>
</datasources>
</subsystem>
<subsystem xmlns="urn:jboss:domain:deployment-scanner:2.0">
<deployment-scanner path="deployments" relative-to="jboss.server.base.dir" scan-interval="5000" runtime-failure-causes-rollback="${jboss.deployment.scanner.rollback.on.failure:false}"/>
</subsystem>
<subsystem xmlns="urn:jboss:domain:discovery:1.0"/>
<subsystem xmlns="urn:jboss:domain:distributable-web:2.0" default-session-management="default" default-single-sign-on-management="default">
<infinispan-session-management name="default" cache-container="web" granularity="SESSION">
<local-affinity/>
</infinispan-session-management>
<infinispan-single-sign-on-management name="default" cache-container="web" cache="sso"/>
<local-routing/>
</subsystem>
<subsystem xmlns="urn:jboss:domain:ee:6.0">
<spec-descriptor-property-replacement>false</spec-descriptor-property-replacement>
<concurrent>
<context-services>
<context-service name="default" jndi-name="java:jboss/ee/concurrency/context/default" use-transaction-setup-provider="true"/>
</context-services>
<managed-thread-factories>
<managed-thread-factory name="default" jndi-name="java:jboss/ee/concurrency/factory/default" context-service="default"/>
</managed-thread-factories>
<managed-executor-services>
<managed-executor-service name="default" jndi-name="java:jboss/ee/concurrency/executor/default" context-service="default" hung-task-termination-period="0" hung-task-threshold="60000" keepalive-time="5000"/>
</managed-executor-services>
<managed-scheduled-executor-services>
<managed-scheduled-executor-service name="default" jndi-name="java:jboss/ee/concurrency/scheduler/default" context-service="default" hung-task-termination-period="0" hung-task-threshold="60000" keepalive-time="3000"/>
</managed-scheduled-executor-services>
</concurrent>
</subsystem>
<subsystem xmlns="urn:jboss:domain:ee-security:1.0"/>
<subsystem xmlns="urn:jboss:domain:ejb3:9.0">
<session-bean>
<stateless>
<bean-instance-pool-ref pool-name="slsb-strict-max-pool"/>
</stateless>
<stateful default-access-timeout="5000" cache-ref="simple" passivation-disabled-cache-ref="simple"/>
<singleton default-access-timeout="5000"/>
</session-bean>
<pools>
<bean-instance-pools>
<strict-max-pool name="mdb-strict-max-pool" derive-size="from-cpu-count" instance-acquisition-timeout="5" instance-acquisition-timeout-unit="MINUTES"/>
<strict-max-pool name="slsb-strict-max-pool" derive-size="from-worker-pools" instance-acquisition-timeout="5" instance-acquisition-timeout-unit="MINUTES"/>
</bean-instance-pools>
</pools>
<caches>
<cache name="simple"/>
<cache name="distributable" passivation-store-ref="infinispan" aliases="passivating clustered"/>
</caches>
<passivation-stores>
<passivation-store name="infinispan" cache-container="ejb" max-size="10000"/>
</passivation-stores>
<async thread-pool-name="default"/>
<timer-service thread-pool-name="default" default-data-store="default-file-store">
<data-stores>
<file-data-store name="default-file-store" path="timer-service-data" relative-to="jboss.server.data.dir"/>
</data-stores>
</timer-service>
<remote cluster="ejb" connectors="http-remoting-connector" thread-pool-name="default">
<channel-creation-options>
<option name="MAX_OUTBOUND_MESSAGES" value="1234" type="remoting"/>
</channel-creation-options>
</remote>
<thread-pools>
<thread-pool name="default">
<max-threads count="10"/>
<keepalive-time time="60" unit="seconds"/>
</thread-pool>
</thread-pools>
<default-security-domain value="other"/>
<application-security-domains>
<application-security-domain name="other" security-domain="ApplicationDomain"/>
</application-security-domains>
<default-missing-method-permissions-deny-access value="true"/>
<statistics enabled="${wildfly.ejb3.statistics-enabled:${wildfly.statistics-enabled:false}}"/>
<log-system-exceptions value="true"/>
</subsystem>
<subsystem xmlns="urn:wildfly:elytron:15.1" final-providers="combined-providers" disallowed-providers="OracleUcrypto">
<providers>
<aggregate-providers name="combined-providers">
<providers name="elytron"/>
<providers name="openssl"/>
</aggregate-providers>
<provider-loader name="elytron" module="org.wildfly.security.elytron"/>
<provider-loader name="openssl" module="org.wildfly.openssl"/>
</providers>
<audit-logging>
<file-audit-log name="local-audit" path="audit.log" relative-to="jboss.server.log.dir" format="JSON"/>
</audit-logging>
<security-domains>
<security-domain name="ManagementDomain" default-realm="ManagementRealm" permission-mapper="default-permission-mapper">
<realm name="ManagementRealm" role-decoder="groups-to-roles"/>
<realm name="local" role-mapper="super-user-mapper"/>
</security-domain>
<security-domain name="ApplicationDomain" default-realm="ApplicationRealm" permission-mapper="default-permission-mapper">
<realm name="ApplicationRealm" role-decoder="groups-to-roles"/>
<realm name="local"/>
</security-domain>
</security-domains>
<security-realms>
<identity-realm name="local" identity="$local"/>
<properties-realm name="ApplicationRealm">
<users-properties path="application-users.properties" relative-to="jboss.server.config.dir" digest-realm-name="ApplicationRealm"/>
<groups-properties path="application-roles.properties" relative-to="jboss.server.config.dir"/>
</properties-realm>
<properties-realm name="ManagementRealm">
<users-properties path="mgmt-users.properties" relative-to="jboss.server.config.dir" digest-realm-name="ManagementRealm"/>
<groups-properties path="mgmt-groups.properties" relative-to="jboss.server.config.dir"/>
</properties-realm>
</security-realms>
<mappers>
<simple-permission-mapper name="default-permission-mapper" mapping-mode="first">
<permission-mapping>
<principal name="anonymous"/>
<permission-set name="default-permissions"/>
</permission-mapping>
<permission-mapping match-all="true">
<permission-set name="login-permission"/>
<permission-set name="default-permissions"/>
</permission-mapping>
</simple-permission-mapper>
<constant-realm-mapper name="local" realm-name="local"/>
<simple-role-decoder name="groups-to-roles" attribute="groups"/>
<constant-role-mapper name="super-user-mapper">
<role name="SuperUser"/>
</constant-role-mapper>
</mappers>
<permission-sets>
<permission-set name="login-permission">
<permission class-name="org.wildfly.security.auth.permission.LoginPermission"/>
</permission-set>
<permission-set name="default-permissions">
<permission class-name="org.wildfly.extension.batch.jberet.deployment.BatchPermission" module="org.wildfly.extension.batch.jberet" target-name="*"/>
<permission class-name="org.wildfly.transaction.client.RemoteTransactionPermission" module="org.wildfly.transaction.client"/>
<permission class-name="org.jboss.ejb.client.RemoteEJBPermission" module="org.jboss.ejb-client"/>
</permission-set>
</permission-sets>
<http>
<http-authentication-factory name="management-http-authentication" security-domain="ManagementDomain" http-server-mechanism-factory="global">
<mechanism-configuration>
<mechanism mechanism-name="DIGEST">
<mechanism-realm realm-name="ManagementRealm"/>
</mechanism>
</mechanism-configuration>
</http-authentication-factory>
<http-authentication-factory name="application-http-authentication" security-domain="ApplicationDomain" http-server-mechanism-factory="global">
<mechanism-configuration>
<mechanism mechanism-name="BASIC">
<mechanism-realm realm-name="ApplicationRealm"/>
</mechanism>
</mechanism-configuration>
</http-authentication-factory>
<provider-http-server-mechanism-factory name="global"/>
</http>
<sasl>
<sasl-authentication-factory name="management-sasl-authentication" sasl-server-factory="configured" security-domain="ManagementDomain">
<mechanism-configuration>
<mechanism mechanism-name="JBOSS-LOCAL-USER" realm-mapper="local"/>
<mechanism mechanism-name="DIGEST-MD5">
<mechanism-realm realm-name="ManagementRealm"/>
</mechanism>
</mechanism-configuration>
</sasl-authentication-factory>
<sasl-authentication-factory name="application-sasl-authentication" sasl-server-factory="configured" security-domain="ApplicationDomain">
<mechanism-configuration>
<mechanism mechanism-name="JBOSS-LOCAL-USER" realm-mapper="local"/>
<mechanism mechanism-name="DIGEST-MD5">
<mechanism-realm realm-name="ApplicationRealm"/>
</mechanism>
</mechanism-configuration>
</sasl-authentication-factory>
<configurable-sasl-server-factory name="configured" sasl-server-factory="elytron">
<properties>
<property name="wildfly.sasl.local-user.default-user" value="$local"/>
<property name="wildfly.sasl.local-user.challenge-path" value="${jboss.server.temp.dir}/auth"/>
</properties>
</configurable-sasl-server-factory>
<mechanism-provider-filtering-sasl-server-factory name="elytron" sasl-server-factory="global">
<filters>
<filter provider-name="WildFlyElytron"/>
</filters>
</mechanism-provider-filtering-sasl-server-factory>
<provider-sasl-server-factory name="global"/>
</sasl>
<tls>
<key-stores>
<key-store name="applicationKS">
<credential-reference clear-text="password"/>
<implementation type="JKS"/>
<file path="application.keystore" relative-to="jboss.server.config.dir"/>
</key-store>
</key-stores>
<key-managers>
<key-manager name="applicationKM" key-store="applicationKS" generate-self-signed-certificate-host="localhost">
<credential-reference clear-text="password"/>
</key-manager>
</key-managers>
<server-ssl-contexts>
<server-ssl-context name="applicationSSC" key-manager="applicationKM"/>
</server-ssl-contexts>
</tls>
</subsystem>
<subsystem xmlns="urn:wildfly:elytron-oidc-client:1.0"/>
<subsystem xmlns="urn:wildfly:health:1.0" security-enabled="false"/>
<subsystem xmlns="urn:jboss:domain:infinispan:13.0">
<cache-container name="ejb" default-cache="passivation" marshaller="PROTOSTREAM" aliases="sfsb" modules="org.wildfly.clustering.ejb.infinispan">
<local-cache name="passivation">
<expiration interval="0"/>
<file-store passivation="true" purge="false"/>
</local-cache>
</cache-container>
<cache-container name="web" default-cache="passivation" marshaller="PROTOSTREAM" modules="org.wildfly.clustering.web.infinispan">
<local-cache name="passivation">
<expiration interval="0"/>
<file-store passivation="true" purge="false"/>
</local-cache>
<local-cache name="sso">
<expiration interval="0"/>
</local-cache>
</cache-container>
<cache-container name="server" default-cache="default" marshaller="PROTOSTREAM" modules="org.wildfly.clustering.server">
<local-cache name="default">
<expiration interval="0"/>
</local-cache>
</cache-container>
<cache-container name="hibernate" marshaller="JBOSS" modules="org.infinispan.hibernate-cache">
<local-cache name="entity">
<heap-memory size="10000"/>
<expiration max-idle="100000"/>
</local-cache>
<local-cache name="local-query">
<heap-memory size="10000"/>
<expiration max-idle="100000"/>
</local-cache>
<local-cache name="timestamps">
<expiration interval="0"/>
</local-cache>
<local-cache name="pending-puts">
<expiration max-idle="60000"/>
</local-cache>
</cache-container>
</subsystem>
<subsystem xmlns="urn:jboss:domain:io:3.0">
<worker name="default"/>
<buffer-pool name="default"/>
</subsystem>
<subsystem xmlns="urn:jboss:domain:jaxrs:2.0"/>
<subsystem xmlns="urn:jboss:domain:jca:5.0">
<archive-validation enabled="true" fail-on-error="true" fail-on-warn="false"/>
<bean-validation enabled="true"/>
<default-workmanager>
<short-running-threads>
<core-threads count="50"/>
<queue-length count="50"/>
<max-threads count="50"/>
<keepalive-time time="10" unit="seconds"/>
</short-running-threads>
<long-running-threads>
<core-threads count="50"/>
<queue-length count="50"/>
<max-threads count="50"/>
<keepalive-time time="10" unit="seconds"/>
</long-running-threads>
</default-workmanager>
<cached-connection-manager/>
</subsystem>
<subsystem xmlns="urn:jboss:domain:jdr:1.0"/>
<subsystem xmlns="urn:jboss:domain:jmx:1.3">
<expose-resolved-model/>
<expose-expression-model/>
<remoting-connector/>
</subsystem>
<subsystem xmlns="urn:jboss:domain:jpa:1.1">
<jpa default-extended-persistence-inheritance="DEEP"/>
</subsystem>
<subsystem xmlns="urn:jboss:domain:jsf:1.1"/>
<subsystem xmlns="urn:jboss:domain:mail:4.0">
<mail-session name="default" jndi-name="java:jboss/mail/Default">
<smtp-server outbound-socket-binding-ref="mail-smtp"/>
</mail-session>
</subsystem>
<subsystem xmlns="urn:wildfly:metrics:1.0" security-enabled="false" exposed-subsystems="*" prefix="${wildfly.metrics.prefix:wildfly}"/>
<subsystem xmlns="urn:wildfly:microprofile-config-smallrye:2.0"/>
<subsystem xmlns="urn:wildfly:microprofile-jwt-smallrye:1.0"/>
<subsystem xmlns="urn:wildfly:microprofile-opentracing-smallrye:3.0" default-tracer="jaeger">
<jaeger-tracer name="jaeger">
<sampler-configuration sampler-type="const" sampler-param="1.0"/>
</jaeger-tracer>
</subsystem>
<subsystem xmlns="urn:jboss:domain:naming:2.0">
<remote-naming/>
</subsystem>
<subsystem xmlns="urn:jboss:domain:pojo:1.0"/>
<subsystem xmlns="urn:jboss:domain:remoting:4.0">
<http-connector name="http-remoting-connector" connector-ref="default" sasl-authentication-factory="application-sasl-authentication"/>
</subsystem>
<subsystem xmlns="urn:jboss:domain:request-controller:1.0"/>
<subsystem xmlns="urn:jboss:domain:resource-adapters:6.1"/>
<subsystem xmlns="urn:jboss:domain:sar:1.0"/>
<subsystem xmlns="urn:jboss:domain:security-manager:1.0">
<deployment-permissions>
<maximum-set>
<permission class="java.security.AllPermission"/>
</maximum-set>
</deployment-permissions>
</subsystem>
<subsystem xmlns="urn:jboss:domain:transactions:6.0">
<core-environment node-identifier="${jboss.tx.node.id:1}">
<process-id>
<uuid/>
</process-id>
</core-environment>
<recovery-environment socket-binding="txn-recovery-environment" status-socket-binding="txn-status-manager"/>
<coordinator-environment statistics-enabled="${wildfly.transactions.statistics-enabled:${wildfly.statistics-enabled:false}}"/>
<object-store path="tx-object-store" relative-to="jboss.server.data.dir"/>
</subsystem>
<subsystem xmlns="urn:jboss:domain:undertow:12.0" default-server="default-server" default-virtual-host="default-host" default-servlet-container="default" default-security-domain="other" statistics-enabled="${wildfly.undertow.statistics-enabled:${wildfly.statistics-enabled:false}}">
<buffer-cache name="default"/>
<server name="default-server">
<http-listener name="default" socket-binding="http" max-post-size="${env.MAX_POST_SIZE:104857600}" record-request-start-time="true" redirect-socket="https" enable-http2="true"/>
<https-listener name="https" socket-binding="https" ssl-context="applicationSSC" enable-http2="true"/>
<host name="default-host" alias="localhost">
<location name="/" handler="welcome-content"/>
<filter-ref name="cache-control" predicate="path-suffix['.bpmn'] or path-suffix['.bpmn2']"/>
<http-invoker http-authentication-factory="application-http-authentication"/>
</host>
</server>
<servlet-container name="default">
<jsp-config/>
<websockets/>
</servlet-container>
<handlers>
<file name="welcome-content" path="${jboss.home.dir}/welcome-content"/>
</handlers>
<filters>
<response-header name="cache-control" header-name="Cache-Control" header-value="no-store"/>
</filters>
<application-security-domains>
<application-security-domain name="other" security-domain="ApplicationDomain"/>
</application-security-domains>
</subsystem>
<subsystem xmlns="urn:jboss:domain:webservices:2.0" statistics-enabled="${wildfly.webservices.statistics-enabled:${wildfly.statistics-enabled:false}}">
<wsdl-host>${jboss.bind.address:127.0.0.1}</wsdl-host>
<endpoint-config name="Standard-Endpoint-Config"/>
<endpoint-config name="Recording-Endpoint-Config">
<pre-handler-chain name="recording-handlers" protocol-bindings="##SOAP11_HTTP ##SOAP11_HTTP_MTOM ##SOAP12_HTTP ##SOAP12_HTTP_MTOM">
<handler name="RecordingHandler" class="org.jboss.ws.common.invocation.RecordingServerHandler"/>
</pre-handler-chain>
</endpoint-config>
<client-config name="Standard-Client-Config"/>
</subsystem>
<subsystem xmlns="urn:jboss:domain:weld:4.0"/>
</profile>
<interfaces>
<interface name="management">
<inet-address value="${jboss.bind.address.management:127.0.0.1}"/>
</interface>
<interface name="public">
<inet-address value="${jboss.bind.address:127.0.0.1}"/>
</interface>
</interfaces>
<socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}">
<socket-binding name="ajp" port="${jboss.ajp.port:8009}"/>
<socket-binding name="http" port="${jboss.http.port:8080}"/>
<socket-binding name="https" port="${jboss.https.port:8443}"/>
<socket-binding name="management-http" interface="management" port="${jboss.management.http.port:9990}"/>
<socket-binding name="management-https" interface="management" port="${jboss.management.https.port:9993}"/>
<socket-binding name="txn-recovery-environment" port="4712"/>
<socket-binding name="txn-status-manager" port="4713"/>
<outbound-socket-binding name="mail-smtp">
<remote-destination host="${jboss.mail.server.host:localhost}" port="${jboss.mail.server.port:25}"/>
</outbound-socket-binding>
</socket-binding-group>
</server>

37
config/testing.env Normal file
View file

@ -0,0 +1,37 @@
# Security datasource
DB_SEC_USERNAME=ervu-dashboard-sec
DB_SEC_PASSWORD=ervu-dashboard-sec
DB_SEC_HOST=10.10.31.119
DB_SEC_PORT=5432
DB_SEC_NAME=ervu-dashboard
# App datasource
DB_APP_USERNAME=ervu-dashboard
DB_APP_PASSWORD=ervu-dashboard
DB_APP_HOST=10.10.31.119
DB_APP_PORT=5432
DB_APP_NAME=ervu-dashboard
# jBPM datasorce
DB_JBPM_USERNAME=jbpm-ervu-dashboard
DB_JBPM_PASSWORD=jbpm-ervu-dashboard
DB_JBPM_HOST=10.10.31.119
DB_JBPM_PORT=5432
DB_JBPM_NAME=jbpm-ervu-dashboard
# Elasticsearch
WEBBPM_ELASTIC_HOST=
WEBBPM_ELASTIC_USER_PASSWORD=
# LDAP
WEBBPM_LDAP_URL=
WEBBPM_LDAP_BASE=
WEBBPM_LDAP_USER=
WEBBPM_LDAP_PASSWORD=
WEBBPM_LDAP_SYNC_ENABLED=false
WEBBPM_LDAP_SYNC_CRON=0 0 * * * *
WEBBPM_LDAP_LOGIN_ATTR=uid
WEBBPM_LDAP_ORGANIZATION_ATTR=ou
# JIRA
WEBBPM_JIRA_URL=https:/jira.com
WEBBPM_JIRA_USER=jiraUser
WEBBPM_JIRA_PASSWORD=jiraPass
TZ=Europe/Moscow
WEBBPM_TELEGRAM_BOT_TOKEN=
WEBBPM_TELEGRAM_BOT_NAME=

17
config/tomcat/tomee/bin/setenv.sh Normal file
View file

@ -0,0 +1,17 @@
#!/usr/bin/env bash
#export JAVA_OPTS="$JAVA_OPTS \
# -Ddb.app.host=${DB_APP_HOST:-10.10.31.119} \
# -Ddb.app.port=${DB_APP_PORT:-5432} \
# -Ddb.app.name=${DB_APP_NAME:-ervu-dashboard} \
# -Ddb.app.username=${DB_APP_USERNAME:-ervu-dashboard} \
# -Ddb.app.password=${DB_APP_PASSWORD:-ervu-dashboard} \
#"
export JAVA_OPTS="$JAVA_OPTS \
-Ddb.app.host=${DB_APP_HOST:-db} \
-Ddb.app.port=${DB_APP_PORT:-5432} \
-Ddb.app.name=${DB_APP_NAME:-app} \
-Ddb.app.username=${DB_APP_USERNAME:-app_user} \
-Ddb.app.password=${DB_APP_PASSWORD:-apppassword} \
"

36
config/tomcat/tomee/conf/context.xml Normal file
View file

@ -0,0 +1,36 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
contributor license agreements. See the NOTICE file distributed with
this work for additional information regarding copyright ownership.
The ASF licenses this file to You under the Apache License, Version 2.0
(the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<!-- The contents of this file will be loaded for each web application -->
<Context>
<!-- Default set of monitored resources. If one of these changes, the -->
<!-- web application will be reloaded. -->
<WatchedResource>WEB-INF/web.xml</WatchedResource>
<WatchedResource>WEB-INF/tomcat-web.xml</WatchedResource>
<WatchedResource>${catalina.base}/conf/web.xml</WatchedResource>
<!-- Uncomment this to disable session persistence across Tomcat restarts -->
<!--
<Manager pathname="" />
-->
<Resource name="java:/webbpm/AppDS" auth="Container"
type="javax.sql.DataSource" driverClassName="org.postgresql.Driver"
url="jdbc:postgresql://${db.app.host}:${db.app.port}/${db.app.name}"
username="${db.app.username}" password="${db.app.password}" maxTotal="20" maxIdle="10" maxWaitMillis="-1"/>
</Context>

39
config/tomcat/tomee/conf/tomcat-users.xml Normal file
View file

@ -0,0 +1,39 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
contributor license agreements. See the NOTICE file distributed with
this work for additional information regarding copyright ownership.
The ASF licenses this file to You under the Apache License, Version 2.0
(the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<tomcat-users xmlns="http://tomcat.apache.org/xml"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://tomcat.apache.org/xml tomcat-users.xsd"
version="1.0">
<!--
By default, no user is included in the "manager-gui" role required
to operate the "/manager/html" web application. If you wish to use this app,
you must define such a user - the username and password are arbitrary.
Built-in Tomcat manager roles:
- manager-gui - allows access to the HTML GUI and the status pages
- manager-script - allows access to the HTTP API and the status pages
- manager-jmx - allows access to the JMX proxy and the status pages
- manager-status - allows access to the status pages only
The users below are wrapped in a comment and are therefore ignored. If you
wish to configure one or more of these users for use with the manager web
application, do not forget to remove the <!.. ..> that surrounds them. You
will also need to set the passwords to something appropriate.
-->
<user username="admin" password="<must-be-changed>" roles="manager-gui"/>
</tomcat-users>

15
config/tomcat/tomee/conf/webbpm.properties Normal file
View file

@ -0,0 +1,15 @@
# WebBPM properties
authentication.method=form
bpmn.enable=false
fias.enable=false
gar.enable=false
reset_password.mail.template.path=mail/reset_password.html
security.password.regex=^(?=.*[a-zA-Z])(?=.*[0-9])[a-zA-Z0-9]+$
webbpm.mode=production
webbpm.jbpm.hibernate_statistics.enabled=false
webbpm.cache.hazelcast.hosts=127.0.0.1
webbpm.cache.hazelcast.outbound_port_definitions=5801-5820

26
config/tomcat/tomee/webapps/manager/META-INF/context.xml Normal file
View file

@ -0,0 +1,26 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
contributor license agreements. See the NOTICE file distributed with
this work for additional information regarding copyright ownership.
The ASF licenses this file to You under the Apache License, Version 2.0
(the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<Context antiResourceLocking="false" privileged="true" >
<CookieProcessor className="org.apache.tomcat.util.http.Rfc6265CookieProcessor"
sameSiteCookies="strict" />
<!--
<Valve className="org.apache.catalina.valves.RemoteAddrValve"
allow="d+\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" />
-->
<Manager sessionAttributeValueClassNameFilter="java\.lang\.(?:Boolean|Integer|Long|Number|String)|org\.apache\.catalina\.filters\.CsrfPreventionFilter\$LruCache(?:\$1)?|java\.util\.(?:Linked)?HashMap"/>
</Context>