From d1b7bc8daa9397d0a69c99e9b7ba3a04260c1f01 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=D0=A5=D0=B0=D0=BB=D1=82=D0=BE=D0=B1=D0=B8=D0=BD=20=D0=95?= =?UTF-8?q?=D0=B2=D0=B3=D0=B5=D0=BD=D0=B8=D0=B9?= Date: Mon, 16 Sep 2024 10:14:19 +0300 Subject: [PATCH] updated docker --- Dockerfile | 18 - config/.gitignore | 1 + config/Dockerfile | 59 +- config/Dockerfile.TC | 22 + config/Dockerfile.alt | 49 ++ config/Dockerfile.backend | 40 ++ config/Dockerfile.build | 10 - config/Dockerfile.frontend | 31 +- config/Dockerfile.secdb | 5 - config/JDK_version | 1 - config/{nginx.conf => angie.conf} | 23 +- config/browsers.json | 31 - config/create-databases.sh | 12 - config/docker-compose.secdb.yaml | 12 - config/docker-compose.selenoid.yaml | 28 - config/docker-compose.tests.yaml | 41 -- config/docker-compose.yaml | 25 +- config/entrypoint.sh | 48 +- config/micord.env | 7 + config/patches/add-logger-database.cli | 3 - config/patches/default.cli | 30 - config/patches/system/add-demo-user.sh | 1 - .../patches/system/add-postgresql-driver.cli | 5 - config/patches/system/init.cli | 14 - config/secdb.sql | 25 - config/standalone/dev/standalone.xml | 560 ------------------ config/testing.env | 37 -- config/tomcat/etc/tomcat/conf.d/db.conf | 8 + config/{ => tomcat/etc/tomcat}/context.xml | 6 +- config/tomcat/etc/tomcat/tomcat-users.xml | 39 ++ config/tomcat/etc/tomcat/tomcat.conf | 52 ++ config/tomcat/etc/tomcat/webbpm.properties | 20 + .../webapps/manager/META-INF/context.xml | 26 + 33 files changed, 351 insertions(+), 938 deletions(-) delete mode 100644 Dockerfile create mode 100644 config/Dockerfile.TC create mode 100644 config/Dockerfile.alt create mode 100644 config/Dockerfile.backend delete mode 100644 config/Dockerfile.build delete mode 100644 config/Dockerfile.secdb delete mode 100644 config/JDK_version rename config/{nginx.conf => angie.conf} (73%) delete mode 100644 config/browsers.json delete mode 100644 config/create-databases.sh delete mode 100644 config/docker-compose.secdb.yaml delete mode 100644 config/docker-compose.selenoid.yaml delete mode 100644 config/docker-compose.tests.yaml create mode 100644 config/micord.env delete mode 100644 config/patches/add-logger-database.cli delete mode 100644 config/patches/default.cli delete mode 100644 config/patches/system/add-demo-user.sh delete mode 100644 config/patches/system/add-postgresql-driver.cli delete mode 100644 config/patches/system/init.cli delete mode 100644 config/secdb.sql delete mode 100644 config/standalone/dev/standalone.xml delete mode 100644 config/testing.env create mode 100644 config/tomcat/etc/tomcat/conf.d/db.conf rename config/{ => tomcat/etc/tomcat}/context.xml (85%) create mode 100644 config/tomcat/etc/tomcat/tomcat-users.xml create mode 100644 config/tomcat/etc/tomcat/tomcat.conf create mode 100644 config/tomcat/etc/tomcat/webbpm.properties create mode 100644 config/tomcat/var/lib/tomcat/webapps/manager/META-INF/context.xml diff --git a/Dockerfile b/Dockerfile deleted file mode 100644 index 455dbbc..0000000 --- a/Dockerfile +++ /dev/null @@ -1,18 +0,0 @@ -FROM tomee:8.0.15-jre17-webprofile - -RUN \ - rm -rf /usr/local/tomee/webapps/ROOT && \ - echo "fias.enable=false" >> /usr/local/tomee/conf/catalina.properties && \ - echo "webbpm.jbpm.hibernate_statistics.enabled=false" >> /usr/local/tomee/conf/catalina.properties && \ - echo "webbpm.mode=production" >> /usr/local/tomee/conf/catalina.properties && \ - echo "authentication.method=form" >> /usr/local/tomee/conf/catalina.properties && \ - echo "webbpm.cache.hazelcast.hosts=127.0.0.1" >> /usr/local/tomee/conf/catalina.properties && \ - echo "webbpm.cache.hazelcast.outbound_port_definitions=5801-5820" >> /usr/local/tomee/conf/catalina.properties && \ - echo "gar.enable=false" >> /usr/local/tomee/conf/catalina.properties && \ - echo "reset_password.mail.template.path=mail/reset_password.html" >> /usr/local/tomee/conf/catalina.properties && \ - echo "security.password.regex=^(?=.*[a-zA-Z])(?=.*[0-9])[a-zA-Z0-9]+$" >> /usr/local/tomee/conf/catalina.properties && \ - echo "bpmn.enable=false" >> /usr/local/tomee/conf/catalina.properties -COPY config/context.xml /usr/local/tomee/conf/ -#COPY config/tomcat-users.xml /usr/local/tomee/conf/ -COPY frontend/dist/ /usr/local/tomee/webapps/ROOT -COPY backend/target/*.war /usr/local/tomee/webapps/fl.war diff --git a/config/.gitignore b/config/.gitignore index ba9a786..1952cfe 100644 --- a/config/.gitignore +++ b/config/.gitignore @@ -1,2 +1,3 @@ /*.ear /*.jar +/*.war diff --git a/config/Dockerfile b/config/Dockerfile index d7b47fa..650380e 100644 --- a/config/Dockerfile +++ b/config/Dockerfile @@ -1,22 +1,49 @@ -FROM gitlab.micord.ru:5050/common/base/webbpm/webbpm:26.1.3.Final-jdk17 +ARG BUILDER_IMAGE=registry.altlinux.org/basealt/altsp:c10f1 +ARG BACKEND_IMAGE=repo.micord.ru/alt/alt-tomcat:c10f1-9.0.59-20240903 +ARG FRONTEND_IMAGE=docker.angie.software/angie:latest -USER jboss -WORKDIR $JBOSS_HOME -ENV JAVA_ARGS=-Xmx3g +FROM $BUILDER_IMAGE AS builder -ARG POSTGRES_DRIVER_VERSION=42.7.3 +ARG MVN_FLAGS="-Pprod" -COPY --chown=jboss entrypoint.sh . -COPY --chown=jboss patches patches -RUN (cd patches && wget https://repo.micord.ru/repository/libs-releases-local/org/jboss/ironjacamar/ironjacamar-core-impl/1.5.3.Final/ironjacamar-core-impl-1.5.3.Final.jar) -RUN (cd patches/system && wget https://repo1.maven.org/maven2/org/postgresql/postgresql/$POSTGRES_DRIVER_VERSION/postgresql-$POSTGRES_DRIVER_VERSION.jar -O postgresql-driver.jar) +RUN apt-get update \ + && apt-get -y install git glibc-locales java-17-openjdk-devel maven node \ + && apt-get clean -RUN chmod -R +x patches && \ - chmod +x entrypoint.sh && \ - ./entrypoint.sh && \ - rm -rf patches +ENV JAVA_HOME=/usr/lib/jvm/java +ENV LANG=ru_RU.UTF-8 +ENV LANGUAGE=ru_RU.UTF-8 +ENV LC_ALL=ru_RU.UTF-8 -ENV SERVER_START=true -COPY --chown=jboss *.ear $JBOSS_HOME/standalone/deployments/ +WORKDIR /app +COPY . . +RUN mkdir -p $HOME/.m2 \ +# && cp -f config/pgs-settings.xml $HOME/.m2/settings.xml \ +# && cp -f config/pgs-npmrc frontend/.npmrc \ + && mvn clean \ + && mvn package -T4C ${MVN_FLAGS} -HEALTHCHECK --timeout=3s --start-period=3600s CMD curl --fail 127.0.0.1:8080/fl/version || exit 1 + +FROM $BACKEND_IMAGE AS backend +ARG ADMIN_PASSWORD=Secr3t + +USER root + +COPY config/tomcat / + +RUN cat /etc/tomcat/webbpm.properties >> /etc/tomcat/catalina.properties \ + && sed -i -r "s//$ADMIN_PASSWORD/g" /etc/tomcat/tomcat-users.xml \ + && chown root:tomcat /var/lib/tomcat/webapps \ + && chmod g+rw /var/lib/tomcat/webapps + +USER tomcat + +COPY --from=builder /app/backend/target/fl.war /var/lib/tomcat/webapps/fl.war + +FROM backend AS combo +COPY --from=builder /app/frontend/target/frontend*.war /var/lib/tomcat/webapps/ROOT.war + +FROM $FRONTEND_IMAGE AS frontend + +COPY config/angie.conf /etc/angie/angie.conf +COPY --from=builder /app/frontend/dist /frontend diff --git a/config/Dockerfile.TC b/config/Dockerfile.TC new file mode 100644 index 0000000..3bda42c --- /dev/null +++ b/config/Dockerfile.TC @@ -0,0 +1,22 @@ +#Dockerfile for TeamCity build "run in docker" + +FROM repo.micord.ru/alt/alt-tomcat:c10f1-9.0.59-20240903 +ARG ADMIN_PASSWORD=Secr3t + +USER root + +COPY tomcat / + +RUN cat /etc/tomcat/webbpm.properties >> /etc/tomcat/catalina.properties \ + && sed -i -r "s//$ADMIN_PASSWORD/g" /etc/tomcat/tomcat-users.xml \ + && chown root:tomcat /var/lib/tomcat/webapps \ + && chmod g+rw /var/lib/tomcat/webapps + +COPY frontend.war /var/lib/tomcat/webapps/ROOT.war +COPY fl.war /var/lib/tomcat/webapps/fl.war + +USER tomcat + +EXPOSE 8080 + +ENTRYPOINT ["/entrypoint.sh"] diff --git a/config/Dockerfile.alt b/config/Dockerfile.alt new file mode 100644 index 0000000..bb507fa --- /dev/null +++ b/config/Dockerfile.alt @@ -0,0 +1,49 @@ +ARG BUILDER_IMAGE=registry.altlinux.org/basealt/altsp:c10f1 +ARG RUNTIME_IMAGE=registry.altlinux.org/basealt/altsp:c10f1 + +FROM $BUILDER_IMAGE AS builder + +ARG MVN_FLAGS="-Pprod" + +RUN apt-get update \ + && apt-get -y install git glibc-locales java-17-openjdk-devel maven node \ + && apt-get clean + +WORKDIR /app + +COPY . . + +ENV JAVA_HOME=/usr/lib/jvm/java +ENV LANG ru_RU.UTF-8 +ENV LANGUAGE ru_RU.UTF-8 +ENV LC_ALL ru_RU.UTF-8 + +RUN mvn clean \ + && mvn package -T4C ${MVN_FLAGS} + +FROM $RUNTIME_IMAGE +ARG ADMIN_PASSWORD=Secr3t + +COPY config/entrypoint.sh /entrypoint.sh + +RUN apt-get update \ + && apt-get -y install glibc-locales java-17-openjdk-headless mc \ + tomcat tomcat-admin-webapps \ + && apt-get clean \ + && chmod +x /entrypoint.sh + +COPY config/tomcat / + +RUN cat /etc/tomcat/webbpm.properties >> /etc/tomcat/catalina.properties \ + && sed -i -r "s//$ADMIN_PASSWORD/g" /etc/tomcat/tomcat-users.xml \ + && chown root:tomcat /var/lib/tomcat/webapps \ + && chmod g+rw /var/lib/tomcat/webapps + +COPY --from=builder /app/frontend/target/frontend*.war /var/lib/tomcat/webapps/ROOT.war +COPY --from=builder /app/backend/target/fl*.war /var/lib/tomcat/webapps/fl.war + +USER tomcat + +EXPOSE 8080 + +ENTRYPOINT ["/entrypoint.sh"] diff --git a/config/Dockerfile.backend b/config/Dockerfile.backend new file mode 100644 index 0000000..491e6c0 --- /dev/null +++ b/config/Dockerfile.backend @@ -0,0 +1,40 @@ +ARG BUILDER_IMAGE=registry.altlinux.org/basealt/altsp:c10f1 +ARG RUNTIME_IMAGE=repo.micord.ru/alt/alt-tomcat:c10f1-9.0.59-20240903 + +FROM $BUILDER_IMAGE AS builder + +ARG MVN_FLAGS="-Pprod" + +RUN apt-get update \ + && apt-get -y install git glibc-locales java-17-openjdk-devel maven node \ + && apt-get clean + +ENV JAVA_HOME=/usr/lib/jvm/java +ENV LANG=ru_RU.UTF-8 +ENV LANGUAGE=ru_RU.UTF-8 +ENV LC_ALL=ru_RU.UTF-8 + +WORKDIR /app +COPY . . +RUN mkdir -p $HOME/.m2 \ +# && cp -f config/pgs-settings.xml $HOME/.m2/settings.xml \ +# && cp -f config/pgs-npmrc frontend/.npmrc \ + && mvn clean \ + && mvn package -T4C ${MVN_FLAGS} + + +FROM $RUNTIME_IMAGE +ARG ADMIN_PASSWORD=Secr3t + +USER root + +COPY config/tomcat / + +RUN cat /etc/tomcat/webbpm.properties >> /etc/tomcat/catalina.properties \ + && sed -i -r "s//$ADMIN_PASSWORD/g" /etc/tomcat/tomcat-users.xml \ + && chown root:tomcat /var/lib/tomcat/webapps \ + && chmod g+rw /var/lib/tomcat/webapps + +USER tomcat + +COPY --from=builder /app/backend/target/fl*.war /var/lib/tomcat/webapps/fl.war diff --git a/config/Dockerfile.build b/config/Dockerfile.build deleted file mode 100644 index 00cefb8..0000000 --- a/config/Dockerfile.build +++ /dev/null @@ -1,10 +0,0 @@ -FROM maven:3-jdk-11-slim -RUN apt update \ - && apt upgrade -y \ - && curl -fsSL https://deb.nodesource.com/setup_14.x | bash - \ - && apt install -y git nodejs \ - && rm -rf /var/lib/apt/lists/* - -WORKDIR /app -COPY ../ . -RUN mvn clean -T4C && mvn package -T4C diff --git a/config/Dockerfile.frontend b/config/Dockerfile.frontend index f9e0a66..3c84d78 100644 --- a/config/Dockerfile.frontend +++ b/config/Dockerfile.frontend @@ -1,4 +1,29 @@ -FROM repo.micord.ru/nginx/nginx-krb:1.24.0 +ARG BUILDER_IMAGE=registry.altlinux.org/basealt/altsp:c10f1 +ARG RUNTIME_IMAGE=docker.angie.software/angie:latest -COPY nginx.conf /etc/nginx/nginx.conf -COPY ./frontend /frontend +FROM $BUILDER_IMAGE AS builder + +ARG MVN_FLAGS="-Pprod" + +RUN apt-get update \ + && apt-get -y install git glibc-locales java-17-openjdk-devel maven node \ + && apt-get clean + +ENV JAVA_HOME=/usr/lib/jvm/java +ENV LANG=ru_RU.UTF-8 +ENV LANGUAGE=ru_RU.UTF-8 +ENV LC_ALL=ru_RU.UTF-8 + +WORKDIR /app +COPY . . +RUN mkdir -p $HOME/.m2 \ +# && cp config/pgs-settings.xml $HOME/.m2/settings.xml \ +# && cp -f config/pgs-npmrc frontend/.npmrc \ + && mvn clean \ + && mvn package -T4C ${MVN_FLAGS} + + +FROM $RUNTIME_IMAGE + +COPY config/angie.conf /etc/angie/angie.conf +COPY --from=builder /app/frontend/dist /frontend diff --git a/config/Dockerfile.secdb b/config/Dockerfile.secdb deleted file mode 100644 index f9eeaac..0000000 --- a/config/Dockerfile.secdb +++ /dev/null @@ -1,5 +0,0 @@ -FROM postgres:11-alpine - -COPY secdb.sql . - -CMD psql "postgresql://${DB_SEC_USERNAME:-security}:${DB_SEC_PASSWORD:-secpassword}@${DB_SEC_HOST:-db}/${DB_SEC_NAME:-security}" < secdb.sql diff --git a/config/JDK_version b/config/JDK_version deleted file mode 100644 index 98d9bcb..0000000 --- a/config/JDK_version +++ /dev/null @@ -1 +0,0 @@ -17 diff --git a/config/nginx.conf b/config/angie.conf similarity index 73% rename from config/nginx.conf rename to config/angie.conf index 0ea8d11..18b7f40 100644 --- a/config/nginx.conf +++ b/config/angie.conf @@ -1,24 +1,17 @@ -# load dynamic nginx modules -include /etc/nginx/modules-enabled.d/*.conf; - -# see http://nginx.net for info & docs +include /etc/angie/modules-enabled.d/*.conf; worker_processes 10; -error_log /var/log/nginx/error.log; +error_log /var/log/angie/error.log; events { worker_connections 1024; } -include /etc/nginx/conf-enabled.d/*.conf; +include /etc/angie/conf-enabled.d/*.conf; http { -# proxy_temp_path /var/spool/nginx/tmp/proxy; -# fastcgi_temp_path /var/spool/nginx/tmp/fastcgi; -# client_body_temp_path /var/spool/nginx/tmp/client; - - include /etc/nginx/mime.types; + include /etc/angie/mime.types; default_type application/octet-stream; sendfile on; @@ -29,9 +22,9 @@ http { gzip_types text/plain text/css text/xml application/x-javascript application/atom+xml; # gzip_comp_level 9; - include /etc/nginx/sites-enabled.d/*.conf; + include /etc/angie/sites-enabled.d/*.conf; - log_format nginx_main + log_format angie_main '$remote_addr - $remote_user [$time_local] $request ' '"$status" $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for" ' @@ -40,8 +33,8 @@ http { server { listen 80 default; - access_log /var/log/nginx/access.log nginx_main; - error_log /var/log/nginx/error.log error; + access_log /var/log/angie/access.log angie_main; + error_log /var/log/angie/error.log error; charset utf-8; diff --git a/config/browsers.json b/config/browsers.json deleted file mode 100644 index 68edc1e..0000000 --- a/config/browsers.json +++ /dev/null @@ -1,31 +0,0 @@ -{ - "firefox": { - "default": "112.0", - "versions": { - "112.0": { - "image": "selenoid/firefox:112.0", - "port": "4444", - "path": "/wd/hub", - "tmpfs": { - "/tmp": "size=512m" - }, - "env" : ["LANG=ru_RU.UTF-8", "LANGUAGE=ru:en", "LC_ALL=ru_RU.UTF-8"], - "shmSize": 1073741824 - } - } - }, - "chrome": { - "default": "121.0", - "versions": { - "121.0": { - "image": "selenoid/chrome:121.0", - "port": "4444", - "tmpfs": { - "/tmp": "size=512m" - }, - "env" : ["LANG=ru_RU.UTF-8", "LANGUAGE=ru:en", "LC_ALL=ru_RU.UTF-8"], - "shmSize": 1073741824 - } - } - } -} \ No newline at end of file diff --git a/config/create-databases.sh b/config/create-databases.sh deleted file mode 100644 index 7550486..0000000 --- a/config/create-databases.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/bash -set -e - -IFS=',' -for databases in $WILDFLY_DATABASES - do - IFS=':' read name user password <<< $databases - psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL - CREATE USER $user WITH PASSWORD '$password'; - CREATE DATABASE $name WITH OWNER $user; -EOSQL -done diff --git a/config/docker-compose.secdb.yaml b/config/docker-compose.secdb.yaml deleted file mode 100644 index 2f6671b..0000000 --- a/config/docker-compose.secdb.yaml +++ /dev/null @@ -1,12 +0,0 @@ -version: "3" -services: - secdb: - build: - context: . - dockerfile: Dockerfile.secdb - depends_on: - - db - env_file: - - testing.env - labels: - - "tmp=true" diff --git a/config/docker-compose.selenoid.yaml b/config/docker-compose.selenoid.yaml deleted file mode 100644 index f284e11..0000000 --- a/config/docker-compose.selenoid.yaml +++ /dev/null @@ -1,28 +0,0 @@ -version: "3" - services: - selenoid: - network_mode: bridge - image: aerokube/selenoid:latest-release - container_name: "selenoid" - environment: - - OVERRIDE_VIDEO_OUTPUT_DIR=$PWD/video - volumes: - - ".:/etc/selenoid/:ro" - - "/var/run/docker.sock:/var/run/docker.sock" - - "./logs:/opt/selenoid/logs/" - - "./video/:/opt/selenoid/video/" - command: -session-attempt-timeout 1m -retry-count 3 -limit ${LIMIT:-4} -save-all-logs -log-output-dir /opt/selenoid/logs -video-output-dir /opt/selenoid/video - ports: - - "4444:4444" - -selenoid-ui: -image: aerokube/selenoid-ui -container_name: "selenoid-ui" -network_mode: bridge -depends_on: - - selenoid -links: - - "selenoid:selenoid" -ports: - - "8080:8080" -command: --selenoid-uri http://selenoid:4444` \ No newline at end of file diff --git a/config/docker-compose.tests.yaml b/config/docker-compose.tests.yaml deleted file mode 100644 index bd0a2ed..0000000 --- a/config/docker-compose.tests.yaml +++ /dev/null @@ -1,41 +0,0 @@ -version: "3" -services: - db: - ports: - - 5432:5432 - environment: - - WILDFLY_DATABASES=app:app_user:apppassword,security:security_user:secpassword,jbpm:jbpm:jbpmpassword - - webbpm-app: - env_file: - - testing.env - - selenoid: - network_mode: bridge - image: aerokube/selenoid:latest-release - container_name: "selenoid" - environment: - - OVERRIDE_VIDEO_OUTPUT_DIR=$PWD/video - volumes: - - "$PWD:/etc/selenoid/:ro" - - "/var/run/docker.sock:/var/run/docker.sock" - - "$PWD/logs:/opt/selenoid/logs/" - - "$PWD/video/:/opt/selenoid/video/" - command: -session-attempt-timeout 1m -retry-count 3 -limit ${LIMIT:-4} -save-all-logs -log-output-dir /opt/selenoid/logs -video-output-dir /opt/selenoid/video - ports: - - "4444:4444" - depends_on: - - webbpm-app - - selenoid-ui: - image: aerokube/selenoid-ui - container_name: "selenoid-ui" - network_mode: bridge - depends_on: - - selenoid - links: - - "selenoid:selenoid" - ports: - - "8080:8080" - command: --selenoid-uri http://selenoid:4444 - diff --git a/config/docker-compose.yaml b/config/docker-compose.yaml index 34a2959..ba88f57 100644 --- a/config/docker-compose.yaml +++ b/config/docker-compose.yaml @@ -1,31 +1,10 @@ version: "3" services: - db: - image: postgres:15 - volumes: - - ./create-databases.sh:/docker-entrypoint-initdb.d/create-databases.sh - command: - - "--max_prepared_transactions=100" - ports: - - 5432 - environment: - - WILDFLY_DATABASES=security:security_user:secpassword,jbpm:jbpm:jbpmpassword - - POSTGRES_PASSWORD=supersecretpassword - labels: - - "tmp=true" - webbpm-app: build: context: . - dockerfile: Dockerfile - depends_on: - - db + dockerfile: Dockerfile.TC ports: - - 9990 - 8080 - - 8787 - - 12345 env_file: - - testing.env - labels: - - "tmp=true" + - micord.env diff --git a/config/entrypoint.sh b/config/entrypoint.sh index 7178804..3021636 100644 --- a/config/entrypoint.sh +++ b/config/entrypoint.sh @@ -1,48 +1,6 @@ #! /bin/bash -set -e -function wait_for_server() { - until `$JBOSS_HOME/bin/jboss-cli.sh -c ":read-attribute(name=server-state)" 2> /dev/null | grep -q running`; do - echo "Retry ..." - done -} +. /etc/tomcat/tomcat.conf +. /etc/sysconfig/tomcat -echo "dump environment variables to env.properties file" -printenv > env.properties - -echo "starting JBoss" -nohup $JBOSS_HOME/bin/standalone.sh --admin-only 1>&2 2>/dev/null & - -# running system patches -wait_for_server -$JBOSS_HOME/bin/jboss-cli.sh --connect --file="./patches/system/init.cli" --properties=env.properties -$JBOSS_HOME/bin/jboss-cli.sh --connect --file="./patches/system/add-postgresql-driver.cli" --properties=env.properties -bash "./patches/system/add-demo-user.sh" - -# running project patches -find ./patches/ -type f -name '*.cli' -not -path './patches/system/*' -print0 | -while IFS= read -r -d '' f; do - wait_for_server - echo "running $f" - $JBOSS_HOME/bin/jboss-cli.sh --connect --file="$f" --properties=env.properties -done; - -find ./patches/ -type f -name '*.sh' -not -path './patches/system/*' -print0 | -while IFS= read -r -d '' f; do - wait_for_server - echo "running $f" - bash "$f" -done - -echo "stopping JBoss" -wait_for_server -$JBOSS_HOME/bin/jboss-cli.sh --connect --command=:shutdown - -if ! [[ -z $SERVER_START ]]; then - echo "starting JBoss in standalone" - sleep 10 # without this occurs error "address already in use" - /opt/jboss/wildfly/bin/standalone.sh -c standalone.xml -b 0.0.0.0 -bmanagement 0.0.0.0 -else - echo "cleaning up JBoss logs" - rm -rf $JBOSS_HOME/standalone/log -fi +/usr/libexec/tomcat/server start diff --git a/config/micord.env b/config/micord.env new file mode 100644 index 0000000..ac7ed02 --- /dev/null +++ b/config/micord.env @@ -0,0 +1,7 @@ +TZ=Europe/Moscow +# App datasource +DB_APP_USERNAME=ervu-lkrp-fl +DB_APP_PASSWORD=ervu-lkrp-fl +DB_APP_HOST=10.10.31.119 +DB_APP_PORT=5432 +DB_APP_NAME=ervu-lkrp-fl diff --git a/config/patches/add-logger-database.cli b/config/patches/add-logger-database.cli deleted file mode 100644 index 83ee893..0000000 --- a/config/patches/add-logger-database.cli +++ /dev/null @@ -1,3 +0,0 @@ -/subsystem=logging/logger=org.jooq.tools:add() -/subsystem=logging/logger=org.jooq.tools:write-attribute(name=level, value=DEBUG) -/subsystem=logging/logger=org.jooq.tools:add-handler(name=CONSOLE) \ No newline at end of file diff --git a/config/patches/default.cli b/config/patches/default.cli deleted file mode 100644 index 53fec6c..0000000 --- a/config/patches/default.cli +++ /dev/null @@ -1,30 +0,0 @@ -xa-data-source add \ - --name=AppDS \ - --enabled=true \ - --driver-name=postgresql \ - --jndi-name=java:/webbpm/AppDS \ - --user-name=${env.DB_APP_USERNAME:app_user} \ - --password=${env.DB_APP_PASSWORD:apppassword} \ - --use-ccm=true \ - --valid-connection-checker-class-name=org.jboss.jca.adapters.jdbc.extensions.postgres.PostgreSQLValidConnectionChecker \ - --validate-on-match=false \ - --background-validation=true \ - --background-validation-millis=5000 \ - --exception-sorter-class-name=org.jboss.jca.adapters.jdbc.extensions.postgres.PostgreSQLExceptionSorter \ - --statistics-enabled=true \ - --max-pool-size=50 \ - --query-timeout=300 \ - --xa-datasource-properties=ServerName=${env.DB_APP_HOST:db},PortNumber=${env.DB_APP_PORT:5432},DatabaseName=${env.DB_APP_NAME:app} - -/system-property=ldap.mapping.login.param:add(value=${env.WEBBPM_LDAP_LOGIN_ATTR:uid}) -/system-property=ldap.mapping.org.code.param:add(value=${env.WEBBPM_LDAP_ORGANIZATION_ATTR:ou}) -/system-property=jboss.as.management.blocking.timeout:add(value=900) -/subsystem=undertow/server=default-server/http-listener=default/:write-attribute(name=record-request-start-time,value=true) -/subsystem=undertow/server=default-server/host=default-host/setting=access-log:add(pattern=%h %t "%r" %s %b %D) -/system-property=webbpm.cache.hazelcast.hosts:add(value="127.0.0.1") -/system-property=webbpm.cache.hazelcast.outbound_port_definitions:add(value="5801-5820") -/system-property=webbpm.security.session.active.count:add(value="20") -/system-property=gar.enable:add(value=false) -/system-property=security.password.regex:add(value="^((?=(.*\\d){1,})(?=.*[a-zа-яё])(?=.*[A-ZА-ЯЁ]).{8,})$") -/system-property=fias.enable:add(value=false) -/system-property=bpmn.enable:add(value=false) diff --git a/config/patches/system/add-demo-user.sh b/config/patches/system/add-demo-user.sh deleted file mode 100644 index 32b2986..0000000 --- a/config/patches/system/add-demo-user.sh +++ /dev/null @@ -1 +0,0 @@ -$JBOSS_HOME/bin/add-user.sh demo@example.com demo diff --git a/config/patches/system/add-postgresql-driver.cli b/config/patches/system/add-postgresql-driver.cli deleted file mode 100644 index 66566bf..0000000 --- a/config/patches/system/add-postgresql-driver.cli +++ /dev/null @@ -1,5 +0,0 @@ -/subsystem=datasources/jdbc-driver=postgresql:add( \ - driver-name="postgresql", \ - driver-module-name="org.postgresql", \ - driver-xa-datasource-class-name="org.postgresql.xa.PGXADataSource" \ -) diff --git a/config/patches/system/init.cli b/config/patches/system/init.cli deleted file mode 100644 index 100c4d3..0000000 --- a/config/patches/system/init.cli +++ /dev/null @@ -1,14 +0,0 @@ -/system-property=webbpm.mode:add(value=production) -/system-property=authentication.method:add(value=form) -/subsystem=undertow/configuration=filter/gzip=gzipFilter:add() -/subsystem=undertow/server=default-server/host=default-host/\ - filter-ref=gzipFilter:add(predicate="exists('%{o,Content-Type}') and regex(pattern='(?:application/javascript|text/css|text/html|text/xml|application/json)(;.*)?', value=%{o,Content-Type}, full-match=true)") -/subsystem=undertow/configuration=filter/response-header=vary-header:add(header-name="Vary", header-value="Accept-Encoding") -/subsystem=undertow/server=default-server/host=default-host/filter-ref=vary-header:add() -/subsystem=undertow/server=default-server/http-listener=default/:write-attribute(name=max-post-size,value=${env.MAX_POST_SIZE:104857600}) -data-source remove --name=ExampleDS -/subsystem=ee/service=default-bindings:remove -/system-property=jboss.bind.address.management:add(value=0.0.0.0) -/system-property=jboss.bind.address:add(value=0.0.0.0) -module add --name=org.postgresql --resources=./patches/system/postgresql-driver.jar --dependencies=javax.api,javax.transaction.api -shutdown --restart diff --git a/config/secdb.sql b/config/secdb.sql deleted file mode 100644 index 46856aa..0000000 --- a/config/secdb.sql +++ /dev/null @@ -1,25 +0,0 @@ -INSERT INTO security.user_group(user_group_id, name, created, updated, access_level_id) VALUES (uuid_in(md5(random()::text || now()::text)::cstring), 'Example', '2019-07-04 11:12:01.263+03', '2019-08-26 16:40:11.953+03', (SELECT access_level_id FROM security.access_level where level = 0)) ON CONFLICT DO NOTHING; -INSERT INTO security.link_user_group_user_role(link_user_group_user_role_id, user_group_id, user_role_id) SELECT uuid_in(md5(random()::text || now()::text)::cstring), (SELECT user_group_id FROM security.user_group where name = 'Example'), user_role_id FROM security.user_role WHERE name = 'Example' ON CONFLICT DO NOTHING; -INSERT INTO security.link_user_group_user_role(link_user_group_user_role_id, user_group_id, user_role_id) SELECT uuid_in(md5(random()::text || now()::text)::cstring), (SELECT user_group_id FROM security.user_group where name = 'Demo'), user_role_id FROM security.user_role WHERE name = 'Example' ON CONFLICT DO NOTHING; - -INSERT INTO security.user_group(user_group_id, name, created, updated, access_level_id) VALUES (uuid_in(md5(random()::text || now()::text)::cstring), 'Example', '2019-07-04 11:12:01.263+03', '2019-08-26 16:40:11.953+03', (SELECT access_level_id FROM security.access_level where level = 0)) ON CONFLICT DO NOTHING; -INSERT INTO security.link_user_group_user_role(link_user_group_user_role_id, user_group_id, user_role_id) SELECT uuid_in(md5(random()::text || now()::text)::cstring), (SELECT user_group_id FROM security.user_group where name = 'Example'), user_role_id FROM security.user_role WHERE name = 'Example' ON CONFLICT DO NOTHING; -INSERT INTO security.link_user_group_user_role(link_user_group_user_role_id, user_group_id, user_role_id) SELECT uuid_in(md5(random()::text || now()::text)::cstring), (SELECT user_group_id FROM security.user_group where name = 'Demo'), user_role_id FROM security.user_role WHERE name = 'Example' ON CONFLICT DO NOTHING; - -INSERT INTO security.user_account(user_account_id, email, first_name, last_name, middle_name, created, updated, locked, org_unit_id, username) VALUES (uuid_in(md5(random()::text || now()::text)::cstring), 'qa_test@micord.ru', 'Пользователь', 'Основной-Тестовый', NULL, '2020-01-20 08:41:25.526+03', '2020-01-20 09:57:07.25+03', false, (SELECT id from security.org_unit where code = 'DEFAULT'), 'qa_test') ON CONFLICT DO NOTHING; -INSERT INTO security.simple_credentials( user_account_id, password, password_expires, password_updated) VALUES ((SELECT user_account_id from security.user_account where username = 'qa_test'), '$2a$11$uTzaeewDp2NehwjmfRe/euxP.cy.4ecl5nYA.E5TV9AGjjDKdJwI2', NULL, '2020-01-20 05:41:25.746') ON CONFLICT DO NOTHING; -INSERT INTO security.link_user_account_user_group(link_user_account_user_group_id, user_account_id, user_group_id) VALUES (uuid_in(md5(random()::text || now()::text)::cstring), (SELECT user_account_id from security.user_account where username = 'qa_test'), (SELECT user_group_id FROM security.user_group where name = 'Security Admin')) ON CONFLICT DO NOTHING; -INSERT INTO security.link_user_account_user_group(link_user_account_user_group_id, user_account_id, user_group_id) VALUES (uuid_in(md5(random()::text || now()::text)::cstring), (SELECT user_account_id from security.user_account where username = 'qa_test'), (SELECT user_group_id FROM security.user_group where name = 'BPMN Superuser')) ON CONFLICT DO NOTHING; -INSERT INTO security.link_user_account_user_group(link_user_account_user_group_id, user_account_id, user_group_id) VALUES (uuid_in(md5(random()::text || now()::text)::cstring), (SELECT user_account_id from security.user_account where username = 'qa_test'), (SELECT user_group_id FROM security.user_group where name = 'BPMN Admin')) ON CONFLICT DO NOTHING; -INSERT INTO security.link_user_account_user_group(link_user_account_user_group_id, user_account_id, user_group_id) VALUES (uuid_in(md5(random()::text || now()::text)::cstring), (SELECT user_account_id from security.user_account where username = 'qa_test'), (SELECT user_group_id FROM security.user_group where name = 'Example')) ON CONFLICT DO NOTHING; -INSERT INTO security.link_user_account_user_group(link_user_account_user_group_id, user_account_id, user_group_id) VALUES (uuid_in(md5(random()::text || now()::text)::cstring), (SELECT user_account_id from security.user_account where username = 'qa_test'), (SELECT user_group_id FROM security.user_group where name = 'BPMN User')) ON CONFLICT DO NOTHING; -INSERT INTO security.link_user_account_user_group(link_user_account_user_group_id, user_account_id, user_group_id) VALUES (uuid_in(md5(random()::text || now()::text)::cstring), (SELECT user_account_id from security.user_account where username = 'qa_test'), (SELECT user_group_id FROM security.user_group where name = 'Demo')) ON CONFLICT DO NOTHING; - -INSERT INTO security.user_account(user_account_id, email, first_name, last_name, middle_name, created, updated, locked, org_unit_id, username) VALUES (uuid_in(md5(random()::text || now()::text)::cstring), 'qa_admin@micord.ru', 'qa_admin', 'qa_admin', NULL, '2020-01-20 08:41:25.526+03', '2020-01-20 09:57:07.25+03', false, (SELECT id from security.org_unit where code = 'DEFAULT'), 'qa_admin') ON CONFLICT DO NOTHING; -INSERT INTO security.simple_credentials( user_account_id, password, password_expires, password_updated) VALUES ((SELECT user_account_id from security.user_account where username = 'qa_admin'), '$2a$11$Zzmuga/xw1c1UnUe9nP9c.aqJ2O.OAI/AbmphOm2jurxMI0S6VAcy', NULL, '2020-01-20 05:41:25.746') ON CONFLICT DO NOTHING; -INSERT INTO security.link_user_account_user_group(link_user_account_user_group_id, user_account_id, user_group_id) VALUES (uuid_in(md5(random()::text || now()::text)::cstring), (SELECT user_account_id from security.user_account where username = 'qa_admin'), (SELECT user_group_id FROM security.user_group where name = 'Security Admin')) ON CONFLICT DO NOTHING; -INSERT INTO security.link_user_account_user_group(link_user_account_user_group_id, user_account_id, user_group_id) VALUES (uuid_in(md5(random()::text || now()::text)::cstring), (SELECT user_account_id from security.user_account where username = 'qa_admin'), (SELECT user_group_id FROM security.user_group where name = 'BPMN Superuser')) ON CONFLICT DO NOTHING; -INSERT INTO security.link_user_account_user_group(link_user_account_user_group_id, user_account_id, user_group_id) VALUES (uuid_in(md5(random()::text || now()::text)::cstring), (SELECT user_account_id from security.user_account where username = 'qa_admin'), (SELECT user_group_id FROM security.user_group where name = 'BPMN Admin')) ON CONFLICT DO NOTHING; -INSERT INTO security.link_user_account_user_group(link_user_account_user_group_id, user_account_id, user_group_id) VALUES (uuid_in(md5(random()::text || now()::text)::cstring), (SELECT user_account_id from security.user_account where username = 'qa_admin'), (SELECT user_group_id FROM security.user_group where name = 'Example')) ON CONFLICT DO NOTHING; -INSERT INTO security.link_user_account_user_group(link_user_account_user_group_id, user_account_id, user_group_id) VALUES (uuid_in(md5(random()::text || now()::text)::cstring), (SELECT user_account_id from security.user_account where username = 'qa_admin'), (SELECT user_group_id FROM security.user_group where name = 'BPMN User')) ON CONFLICT DO NOTHING; -INSERT INTO security.link_user_account_user_group(link_user_account_user_group_id, user_account_id, user_group_id) VALUES (uuid_in(md5(random()::text || now()::text)::cstring), (SELECT user_account_id from security.user_account where username = 'qa_admin'), (SELECT user_group_id FROM security.user_group where name = 'Demo')) ON CONFLICT DO NOTHING; diff --git a/config/standalone/dev/standalone.xml b/config/standalone/dev/standalone.xml deleted file mode 100644 index e3b7d41..0000000 --- a/config/standalone/dev/standalone.xml +++ /dev/null @@ -1,560 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - jdbc:h2:mem:jbpm;DB_CLOSE_DELAY=-1 - h2 - - ${env.DB_JBPM_USERNAME:sa} - ${env.DB_JBPM_PASSWORD:sa} - - - 300 - - - - 10.10.31.119 - 5432 - ervu-lkrp-fl - postgresql-driver - - ervu-lkrp-fl-sec - ervu-lkrp-fl-sec - - - - false - true - 5000 - - - - - - org.h2.jdbcx.JdbcDataSource - - - org.postgresql.xa.PGXADataSource - - - - - - - - - - - - - - - - - false - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ${jboss.bind.address:127.0.0.1} - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - \ No newline at end of file diff --git a/config/testing.env b/config/testing.env deleted file mode 100644 index 82f59de..0000000 --- a/config/testing.env +++ /dev/null @@ -1,37 +0,0 @@ -# Security datasource -DB_SEC_USERNAME=ervu-lkrp-fl-sec -DB_SEC_PASSWORD=ervu-lkrp-fl-sec -DB_SEC_HOST=10.10.31.119 -DB_SEC_PORT=5432 -DB_SEC_NAME=ervu-lkrp-fl -# App datasource -DB_APP_USERNAME=ervu-lkrp-fl -DB_APP_PASSWORD=ervu-lkrp-fl -DB_APP_HOST=10.10.31.119 -DB_APP_PORT=5432 -DB_APP_NAME=ervu-lkrp-fl -# jBPM datasorce -DB_JBPM_USERNAME=jbpm-ervu-fl -DB_JBPM_PASSWORD=jbpm-ervu-fl -DB_JBPM_HOST=10.10.31.119 -DB_JBPM_PORT=5432 -DB_JBPM_NAME=jbpm-ervu-fl -# Elasticsearch -WEBBPM_ELASTIC_HOST= -WEBBPM_ELASTIC_USER_PASSWORD= -# LDAP -WEBBPM_LDAP_URL= -WEBBPM_LDAP_BASE= -WEBBPM_LDAP_USER= -WEBBPM_LDAP_PASSWORD= -WEBBPM_LDAP_SYNC_ENABLED=false -WEBBPM_LDAP_SYNC_CRON=0 0 * * * * -WEBBPM_LDAP_LOGIN_ATTR=uid -WEBBPM_LDAP_ORGANIZATION_ATTR=ou -# JIRA -WEBBPM_JIRA_URL=https:/jira.com -WEBBPM_JIRA_USER=jiraUser -WEBBPM_JIRA_PASSWORD=jiraPass -TZ=Europe/Moscow -WEBBPM_TELEGRAM_BOT_TOKEN= -WEBBPM_TELEGRAM_BOT_NAME= \ No newline at end of file diff --git a/config/tomcat/etc/tomcat/conf.d/db.conf b/config/tomcat/etc/tomcat/conf.d/db.conf new file mode 100644 index 0000000..8d7facd --- /dev/null +++ b/config/tomcat/etc/tomcat/conf.d/db.conf @@ -0,0 +1,8 @@ +JDK_JAVA_OPTIONS="$JDK_JAVA_OPTIONS \ + -Ddb.app.host=${DB_APP_HOST:-db} \ + -Ddb.app.port=${DB_APP_PORT:-5432} \ + -Ddb.app.name=${DB_APP_NAME:-app} \ + -Ddb.app.username=${DB_APP_USERNAME:-app_user} \ + -Ddb.app.password=${DB_APP_PASSWORD:-apppassword} \ +" +export JDK_JAVA_OPTIONS \ No newline at end of file diff --git a/config/context.xml b/config/tomcat/etc/tomcat/context.xml similarity index 85% rename from config/context.xml rename to config/tomcat/etc/tomcat/context.xml index 942478e..9b2a765 100644 --- a/config/context.xml +++ b/config/tomcat/etc/tomcat/context.xml @@ -29,8 +29,8 @@ --> - + url="jdbc:postgresql://${db.app.host}:${db.app.port}/${db.app.name}" + username="${db.app.username}" password="${db.app.password}" maxTotal="20" maxIdle="10" maxWaitMillis="-1"/> diff --git a/config/tomcat/etc/tomcat/tomcat-users.xml b/config/tomcat/etc/tomcat/tomcat-users.xml new file mode 100644 index 0000000..4a9631c --- /dev/null +++ b/config/tomcat/etc/tomcat/tomcat-users.xml @@ -0,0 +1,39 @@ + + + + + + diff --git a/config/tomcat/etc/tomcat/tomcat.conf b/config/tomcat/etc/tomcat/tomcat.conf new file mode 100644 index 0000000..c4090b2 --- /dev/null +++ b/config/tomcat/etc/tomcat/tomcat.conf @@ -0,0 +1,52 @@ +# System-wide configuration file for tomcat services +# This will be loaded by systemd as an environment file, +# so please keep the syntax. For shell expansion support +# place your custom files as /etc/tomcat/conf.d/*.conf +# +# There are 2 "classes" of startup behavior in this package. +# The old one, the default service named tomcat.service. +# The new named instances are called tomcat@instance.service. +# +# Use this file to change default values for all services. +# Change the service specific ones to affect only one service. +# For tomcat.service it's /etc/sysconfig/tomcat, for +# tomcat@instance it's /etc/sysconfig/tomcat@instance. + +# This variable is used to figure out if config is loaded or not. +TOMCAT_CFG_LOADED="1" + +# In new-style instances, if CATALINA_BASE isn't specified, it will +# be constructed by joining TOMCATS_BASE and NAME. +TOMCATS_BASE="/var/lib/tomcats/" + +# Where your java installation lives +JAVA_HOME="/usr/lib/jvm/jre" + +# Where your tomcat installation lives +CATALINA_HOME="/usr/share/tomcat" + +# System-wide tmp +CATALINA_TMPDIR="/var/cache/tomcat/temp" + +# You can pass some parameters to java here if you wish to +#JAVA_OPTS="-Xminf0.1 -Xmaxf0.3" + +# Use JAVA_OPTS to set java.library.path for libtcnative.so +#JAVA_OPTS="-Djava.library.path=/usr/lib" + +# Set default javax.sql.DataSource factory to apache commons one. See rhbz#1214381 +#JAVA_OPTS="-Djavax.sql.DataSource.Factory=org.apache.commons.dbcp.BasicDataSourceFactory" +JAVA_OPTS="-Djavax.sql.DataSource.Factory=org.apache.tomcat.dbcp.dbcp2.BasicDataSourceFactory" + +# You can change your tomcat locale here +#LANG="en_US" + +# Run tomcat under the Java Security Manager +SECURITY_MANAGER="false" + +# SHUTDOWN_WAIT has been deprecated. To change the shutdown wait time, set +# TimeoutStopSec in tomcat.service. + +# If you wish to further customize your tomcat environment, +# put your own definitions here +# (i.e. LD_LIBRARY_PATH for some jdbc drivers) diff --git a/config/tomcat/etc/tomcat/webbpm.properties b/config/tomcat/etc/tomcat/webbpm.properties new file mode 100644 index 0000000..7224ec5 --- /dev/null +++ b/config/tomcat/etc/tomcat/webbpm.properties @@ -0,0 +1,20 @@ + +# +# WebBPM properties +# + +authentication.method=form + +bpmn.enable=false +fias.enable=false +gar.enable=false + +mail.jndi.resource.name= + +reset_password.mail.template.path=mail/reset_password.html +security.password.regex=^(?=.*[a-zA-Z])(?=.*[0-9])[a-zA-Z0-9]+$ + +webbpm.mode=production +webbpm.jbpm.hibernate_statistics.enabled=false +webbpm.cache.hazelcast.hosts=127.0.0.1 +webbpm.cache.hazelcast.outbound_port_definitions=5801-5820 diff --git a/config/tomcat/var/lib/tomcat/webapps/manager/META-INF/context.xml b/config/tomcat/var/lib/tomcat/webapps/manager/META-INF/context.xml new file mode 100644 index 0000000..82a93f3 --- /dev/null +++ b/config/tomcat/var/lib/tomcat/webapps/manager/META-INF/context.xml @@ -0,0 +1,26 @@ + + + + + + +