diff --git a/.travis.yml b/.travis.yml index 82559599c..11e974e9d 100644 --- a/.travis.yml +++ b/.travis.yml @@ -24,3 +24,9 @@ script: - ./setup-env.sh - cd ../ - bin/radar-docker install && sleep 120 && bin/radar-docker ps && [ -z "$(bin/radar-docker ps | tail -n +3 | grep " Exit " | grep -v "kafka-init_1")" ] + + # Firebase messaging stack + - cd ../firebase-app-server + - cp etc/env.template .env + - sudo $DOCKER_COMPOSE up -d --build && sleep 15 && [ -z "$(sudo $DOCKER_COMPOSE ps | tail -n +3 | grep " Exit ")" ] + - sudo $DOCKER_COMPOSE down diff --git a/README.md b/README.md index 8dc910b4d..e2240e39b 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -# RADAR-Docker 2.0.1 +# RADAR-Docker 2.1.0 The dockerized RADAR stack for deploying the RADAR-base platform. Component repositories can be found at [RADAR-base DockerHub org](https://hub.docker.com/u/radarbase/dashboard/) diff --git a/dcompose-stack/.gitignore b/dcompose-stack/.gitignore new file mode 100644 index 000000000..e43b0f988 --- /dev/null +++ b/dcompose-stack/.gitignore @@ -0,0 +1 @@ +.DS_Store diff --git a/dcompose-stack/firebase-app-server/.gitignore b/dcompose-stack/firebase-app-server/.gitignore new file mode 100644 index 000000000..4c49bd78f --- /dev/null +++ b/dcompose-stack/firebase-app-server/.gitignore @@ -0,0 +1 @@ +.env diff --git a/dcompose-stack/firebase-app-server/README.md b/dcompose-stack/firebase-app-server/README.md new file mode 100644 index 000000000..44ed436d5 --- /dev/null +++ b/dcompose-stack/firebase-app-server/README.md @@ -0,0 +1,50 @@ +# Firebase Notification server + +This directory provides services and accompanying files required to run the FCM notifications server. Currently, [XMPP App server](https://github.com/RADAR-base/fcmxmppserverv2) is provided but this may later change to the [RADAR-AppServer](https://github.com/RADAR-base/RADAR-Appserver). + +## Configuration + +Copy `etc/env.template` to `.env`. Set the values of the new file to the desired values. + +```sh +FCM_XMPP_APP_SERVER_DB_PATH= # The path on the host where to store database files +FCM_XMPP_APP_SERVER_LOGS_PATH= # The path on the host where to store the log files generated by the server +FCM_SENDER_KEY= # The Firebase Cloud Messaging Sender ID +FCM_SERVER_KEY= # # The Firebase Cloud Messaging Server Key +``` + +For more information, take a look at the instruction in the [README](https://github.com/RADAR-base/fcmxmppserverv2). + +If the server is not running in a secure environment, it may be essential to explicitly add username and password to the database. +This can be done by changing the `server.database.n` properties in the [server.properties](/etc/server.properties) file and appending with your username and password as stated [here](http://hsqldb.org/doc/guide/guide.html#N15798). Then add the same to the environment of the `xmppserver` in [docker-compose.yml](/docker-compose.yml) file with keys `RADAR_XMPP_DB_USER` and `RADAR_XMPP_DB_PASS`. + +## Usage + +Since the App Server does not depend on any other services, it can be run separately by running - + +```sh +bin/start-xmpp -d +``` + +It can be further controlled with `docker-compose` and `docker` commands. + +## Extras + +There are some extra scripts provided for convenience when administering the server in `bin/` folder. + +- `get-subject-data.sh` - this can be used for getting the notifications, and other data for a particular subject using their subject Id. Note that this will require the [sqltool.jar](http://hsqldb.org/doc/2.0/util-guide/sqltool-chapt.html) from hsqldb. You will also need to update any settings in (sqltool.rc)[/etc/sqltool.rc] according to your DB setup. Once configured, The script can be used as follows - + ```sh + ./get-subject-data.sh + ``` + +- `log-parser.py` - This is used for parsing information out of the logs files generated by the server. This is supposed to be run as a cron job for creating CSV files for Execution, delivery and error messages for each notification request over a long period of time. This can be run in cron per day as follows - + ```sh + 0 16 * * * python3 /home/ubuntu/xmpp-server-extras/logs-parser/log-parser.py /usr/local/var/lib/radar/xmpp/hsql/logs/ /home/ubuntu/xmpp-server-extras/logs-parser/files >> /home/ubuntu/log-parser-run.log 2>&1 + ``` + This will output the CSV files in the directory `/home/ubuntu/xmpp-server-extras/logs-parser/files` which contain three files for each day (One for Executions, One for Delivery and One for Errors). + +- `install-systemd` Run the xmpp server in a systemd environment as part of system startup. + +## Other information + +If you are in a development environment, It may be worth trying to use the new and improved [RADAR-AppServer](https://github.com/RADAR-base/RADAR-Appserver/tree/dev). It exposes REST endpoints along with supporting the legacy XMPP and has secure integration with the Management Portal. diff --git a/dcompose-stack/firebase-app-server/bin/get-subject-data.sh b/dcompose-stack/firebase-app-server/bin/get-subject-data.sh new file mode 100755 index 000000000..7271ec5fc --- /dev/null +++ b/dcompose-stack/firebase-app-server/bin/get-subject-data.sh @@ -0,0 +1,14 @@ +#!/bin/bash + +raw_subject=${1} +#echo $HOME +if [[ $raw_subject = 'help' ]];then + sudo docker-compose -f ../xmpp-server/docker-compose.yml exec hsqldb sh -c "java -jar /opt/hsqldb/lib/sqltool.jar --help" +else + match="-" + repl="\\002d" + subject=${raw_subject//$match/$repl} +# echo $subject + java -jar ${2} --rcFile=../etc/sqltool.rc --debug --sql=" + select status_info.subject_id, notification_info.title, notification_info.ttl_seconds, notification_info.message, notification_info.execution_time from notification_info inner join status_info on notification_info.notification_task_uuid = status_info.notification_task_uuid where status_info.subject_id=U&'${subject}';" db +fi diff --git a/dcompose-stack/firebase-app-server/bin/install-systemd b/dcompose-stack/firebase-app-server/bin/install-systemd new file mode 100755 index 000000000..38031665d --- /dev/null +++ b/dcompose-stack/firebase-app-server/bin/install-systemd @@ -0,0 +1,30 @@ +#!/bin/bash + +cd "$( dirname "${BASH_SOURCE[0]}" )/.." +echo $(pwd) + +. ../radar-cp-hadoop-stack/lib/util.sh +. .env + +if [ "$(id -un)" == "root" ] || id -Gn | grep -qe '\'; then + BASE=/etc/systemd/system + SYSTEMCTL_OPTS=() +else + BASE=$HOME/.config/systemd/user + mkdir -p $BASE + SYSTEMCTL_OPTS=(--user) + export XDG_RUNTIME_DIR=${XDG_RUNTIME_DIR:-/run/user/$UID} +fi + +echo "==> Copying templates" +copy_template $BASE/radar-xmpp-server.service lib/systemd/radar-xmpp-server.service.template + +echo "==> Inlining variables" +inline_variable 'WorkingDirectory=' "$PWD" $BASE/radar-xmpp-server.service +inline_variable 'ExecStart=' "$PWD/bin/start-xmpp" $BASE/radar-xmpp-server.service + +echo "==> Reloading systemd" +systemctl "${SYSTEMCTL_OPTS[@]}" daemon-reload +systemctl "${SYSTEMCTL_OPTS[@]}" enable radar-xmpp-server +systemctl "${SYSTEMCTL_OPTS[@]}" start radar-xmpp-server + diff --git a/dcompose-stack/firebase-app-server/bin/log-parser.py b/dcompose-stack/firebase-app-server/bin/log-parser.py new file mode 100755 index 000000000..f33a02ab6 --- /dev/null +++ b/dcompose-stack/firebase-app-server/bin/log-parser.py @@ -0,0 +1,79 @@ +#!/usr/bin/env python3 + +import sys, csv, json +import os +import os.path + +def parse_logs(input_directory, output_directory): + subject_token = {} + + for log_file in os.listdir(input_directory): + # Finding out the executed ones + if not log_file.endswith('.log'): + continue + + print("Parsing {}...".format(log_file)) + + output_file_name = log_file.split('.')[0] + log_path = os.path.join(input_directory, log_file) + exec_path = os.path.join(output_directory, "{}_executions.csv".format(output_file_name)) + delivery_path = os.path.join(output_directory, "{}_delivery.csv".format(output_file_name)) + error_path = os.path.join(output_directory, "{}_error.csv".format(output_file_name)) + + with open(log_path) as f,\ + open(exec_path, 'w') as exec_output,\ + open(delivery_path, 'w') as delivery_output,\ + open(error_path, 'w') as error_output: + exec_writer = csv.writer(exec_output, delimiter=',', + quotechar='|', quoting=csv.QUOTE_MINIMAL) + delivery_writer = csv.writer(delivery_output, delimiter=',', + quotechar='|', quoting=csv.QUOTE_MINIMAL) + error_writer = csv.writer(error_output, delimiter=',', + quotechar='|', quoting=csv.QUOTE_MINIMAL) + + exec_writer.writerow(['date', 'time', 'subject_id', 'fcm_token', 'scheduled_time', 'executed?']) + delivery_writer.writerow(['date', 'time', 'subject_id', 'fcm_token', 'message_sent_timestamp', 'message_status']) + for line in f: + data = line.split() + if len(data) < 2: + continue + date = data[0] + time = data[1] + if "Executing Execution" in line: + #print(line) + #print(str(data)) + ids = data[7].split('=')[1].split('+') + fcm_token = ids[0] + subject_id = ids[1] + scheduled_time = data[8].split('=')[1].split(',')[0] + subject_token[fcm_token] = subject_id + exec_writer.writerow([date, time, subject_id, fcm_token, scheduled_time, 'true']) + #print(str(ids)) + #break + elif "message_type\":\"receipt" in line: + #print(line) + parsed_data = data[9].split('>')[1].split('<')[0] + json_data = json.loads(parsed_data) + message_status = json_data['data']['message_status'] + message_sent_timestamp = json_data['data']['message_sent_timestamp'] + fcm_token = json_data['data']['device_registration_id'] + try: + subject_id = subject_token[fcm_token] + except KeyError: + subject_id = 'unknown' + pass + #print(message_status, message_sent_timestamp, fcm_token, subject_id) + delivery_writer.writerow([date, time, subject_id, fcm_token, message_sent_timestamp, message_status]) + elif 'message_type":"nack' in line: + error_writer.writerow([line]) + print(line) + + +if __name__ == '__main__': + if len(sys.argv) != 3: + print("Usage: {} ".format(sys.argv[0])) + sys.exit(1) + + input_directory = sys.argv[1] + output_directory = sys.argv[2] + parse_logs(input_directory, output_directory) diff --git a/dcompose-stack/firebase-app-server/bin/start-xmpp b/dcompose-stack/firebase-app-server/bin/start-xmpp new file mode 100755 index 000000000..e920f1252 --- /dev/null +++ b/dcompose-stack/firebase-app-server/bin/start-xmpp @@ -0,0 +1,17 @@ +#!/bin/bash + +cd "$( dirname "${BASH_SOURCE[0]}" )/.." + +. ../radar-cp-hadoop-stack/lib/util.sh + +copy_template_if_absent .env etc/env.template + +. .env + +ensure_env_password FCM_SENDER_KEY "Firebase Cloud Messaging Sender ID" +ensure_env_password FCM_SERVER_KEY "Firebase Cloud Messaging Server Key" + +mkdir -p "$FCM_XMPP_APP_SERVER_DB_PATH" +chown -R 9999:999 "$FCM_XMPP_APP_SERVER_DB_PATH" + +exec docker-compose up "$@" diff --git a/dcompose-stack/firebase-app-server/docker-compose.yml b/dcompose-stack/firebase-app-server/docker-compose.yml new file mode 100644 index 000000000..9313da0a4 --- /dev/null +++ b/dcompose-stack/firebase-app-server/docker-compose.yml @@ -0,0 +1,38 @@ +version: '2.1' + +networks: + db: + driver: bridge + internal: true + +services: + hsqldb: + build: ../../images/hsqldb/ + image: radarbase/hsqldb:2.5.0 + restart: always + networks: + - db + - default + ports: + - 9001:9001 + volumes: + - ${FCM_XMPP_APP_SERVER_DB_PATH}:/var/opt/hsqldb/data + - ./etc/server.properties:/etc/opt/hsqldb/conf/server.properties + + xmppserver: + image: radarbase/fcmxmppserverv2:0.1.5 + restart: always + networks: + - default + - db + depends_on: + - hsqldb + volumes: + - ${FCM_XMPP_APP_SERVER_LOGS_PATH}:/usr/local/radar/xmpp-server/logs/ + environment: + RADAR_XMPP_FCM_SENDER_KEY: ${FCM_SENDER_KEY} + RADAR_XMPP_FCM_SERVER_KEY: ${FCM_SERVER_KEY} + RADAR_XMPP_SCHEDULER_TYPE: "server" + RADAR_XMPP_DB_PATH: "//hsqldb:9001/notification" + RADAR_XMPP_CACHE_EXPIRY: 300 + JAVA_OPTS: "-Xms256m -Xmx1G" diff --git a/dcompose-stack/firebase-app-server/etc/env.template b/dcompose-stack/firebase-app-server/etc/env.template new file mode 100644 index 000000000..3af856f84 --- /dev/null +++ b/dcompose-stack/firebase-app-server/etc/env.template @@ -0,0 +1,4 @@ +FCM_XMPP_APP_SERVER_DB_PATH=/usr/local/var/lib/radar/xmpp/hsql +FCM_XMPP_APP_SERVER_LOGS_PATH=/usr/local/var/lib/radar/xmpp/hsql/logs/ +FCM_SENDER_KEY= +FCM_SERVER_KEY= diff --git a/dcompose-stack/firebase-app-server/etc/server.properties b/dcompose-stack/firebase-app-server/etc/server.properties new file mode 100644 index 000000000..6160dbd01 --- /dev/null +++ b/dcompose-stack/firebase-app-server/etc/server.properties @@ -0,0 +1,5 @@ +server.database.0=file:/var/opt/hsqldb/data/notification +server.dbname.0=notification + +server.database.1=file:/var/opt/hsqldb/data/status +server.dbname.1=status diff --git a/dcompose-stack/firebase-app-server/etc/sqltool.rc b/dcompose-stack/firebase-app-server/etc/sqltool.rc new file mode 100644 index 000000000..e1c1b1980 --- /dev/null +++ b/dcompose-stack/firebase-app-server/etc/sqltool.rc @@ -0,0 +1,4 @@ +urlid db +url jdbc:hsqldb:hsql://hsqldb/status +username SA +password diff --git a/dcompose-stack/firebase-app-server/lib/systemd/radar-xmpp-server.service.template b/dcompose-stack/firebase-app-server/lib/systemd/radar-xmpp-server.service.template new file mode 100644 index 000000000..d0a3bab64 --- /dev/null +++ b/dcompose-stack/firebase-app-server/lib/systemd/radar-xmpp-server.service.template @@ -0,0 +1,25 @@ +[Unit] +Description=RADAR FCM XMPP service + +[Service] +TimeoutStartSec=0 +TimeoutStopSec=90 +Restart=always +RestartSec=10 + +StandardOutput=syslog +StandardError=syslog +SyslogIdentifier=radar-xmpp-server + +WorkingDirectory= + +ExecStart=./bin/start-xmpp.sh + +ExecReload=/usr/local/bin/docker-compose restart + +ExecStop=/usr/local/bin/docker-compose down + +NotifyAccess=all + +[Install] +WantedBy=default.target diff --git a/dcompose-stack/radar-cp-hadoop-stack/Migrating-ManagementPortal-from-0.5.3-to-higher.md b/dcompose-stack/radar-cp-hadoop-stack/Migrating-ManagementPortal-from-0.5.3-to-higher.md new file mode 100644 index 000000000..3a58e4cbe --- /dev/null +++ b/dcompose-stack/radar-cp-hadoop-stack/Migrating-ManagementPortal-from-0.5.3-to-higher.md @@ -0,0 +1,117 @@ +# Migrating from ManagementPortal:0.5.3 to higher versions + +If you are setting up a new environment of RADAR-Base using RADAR-Docker, we highly recommend to use `radarbase/management-portal:0.5.5` or higher with `radarbase/radar-gateway:0.3.8` or higher. +If you are using this version of RADAR-Docker, then these versions are packaged and should work with current configurations. + +## Background +`radarbase/management-portal::0.5.4` or higher has important security dependency upgrades. During this upgrades we have also improved how we verify JWT tokens. +Current method complies to the standards of OpenID connect to share valid public-keys of tokens using `/oauth/token_key` endpoint. + +Verifying components can use the latest `'org.radarcns:radar-auth:0.5.7'` library to use these features to verify tokens. +This enables ManagementPortal to be the single point of truth to validate token signatures. + +By default, the `/oauth/token_key` endpoint will share all public-keys added to the keystore mounted to ManagementPortal service. + +If you wish to add additional public-keys or use older public-keys, then the user should move existing `radar-is.yml` from `etc/gateway` to `etc/managementportal/config` to enable ManagementPortal to still support old public-keys. +This can also be automatically done by running `bin/keystore-init`. This will regenerate the public-keys and create the file at the correct location. + +You should also perform an additional change to explicitly state to use additional public-keys from radar-is.yml. +This can be done by adding these two environment variables + ``` + MANAGEMENTPORTAL_OAUTH_ENABLE_PUBLIC_KEY_VERIFIERS: "true" + RADAR_IS_CONFIG_LOCATION: /mp-includes/config/radar-is.yml + ``` + +## Migrating from ManagementPortal:0.5.3 to higher +If you already have an environment where you are using ManagementPortal:0.5.3 or lower and wish to upgrade to higher versions, please follow these steps. + +**Please make a back-up of the `etc/gateway/radar-is.yml` before modifying the environment.** + +1. Upgrade your environment to latest RADAR-Docker. +2. Move existing radar-is.yml from `etc/gateway/radar-is.yml` to `etc/managementportal/config/radar-is.yml`. +3. Modify the `resourceName` of `etc/managementportal/config/radar-is.yml` to `res_ManagementPortal` +4. Modify service definition of `managementportal-app` on your `docker-compose.yml` + + 4.1 Add these two environment variables to your `docker-copmose.yml` + MANAGEMENTPORTAL_OAUTH_ENABLE_PUBLIC_KEY_VERIFIERS: "true" + RADAR_IS_CONFIG_LOCATION: /mp-includes/config/radar-is.yml + + Your `managementportal-app` service definition would look like below in your `docker-compose.yml` + + ```yaml + #---------------------------------------------------------------------------# + # Management Portal # + #---------------------------------------------------------------------------# + managementportal-app: + image: radarbase/management-portal:0.5.6 + networks: + - default + - api + - management + - mail + depends_on: + - radarbase-postgresql + - smtp + - catalog-server + environment: + SPRING_PROFILES_ACTIVE: prod,swagger + SPRING_DATASOURCE_URL: jdbc:postgresql://radarbase-postgresql:5432/managementportal + SPRING_DATASOURCE_USERNAME: ${POSTGRES_USER} + SPRING_DATASOURCE_PASSWORD: ${POSTGRES_PASSWORD} + MANAGEMENTPORTAL_MAIL_FROM: ${FROM_EMAIL} + MANAGEMENTPORTAL_COMMON_BASEURL: https://${SERVER_NAME} + MANAGEMENTPORTAL_COMMON_MANAGEMENT_PORTAL_BASE_URL: https://${SERVER_NAME}/managementportal + MANAGEMENTPORTAL_FRONTEND_CLIENT_SECRET: ${MANAGEMENTPORTAL_FRONTEND_CLIENT_SECRET} + MANAGEMENTPORTAL_OAUTH_CLIENTS_FILE: /mp-includes/config/oauth_client_details.csv + MANAGEMENTPORTAL_CATALOGUE_SERVER_ENABLE_AUTO_IMPORT: ${MANAGEMENTPORTAL_CATALOGUE_SERVER_ENABLE_AUTO_IMPORT} + MANAGEMENTPORTAL_CATALOGUE_SERVER_SERVER_URL: http://catalog-server:9010/source-types + MANAGEMENTPORTAL_COMMON_ADMIN_PASSWORD: ${MANAGEMENTPORTAL_COMMON_ADMIN_PASSWORD} + MANAGEMENTPORTAL_COMMON_PRIVACY_POLICY_URL: ${MANAGEMENTPORTAL_COMMON_PRIVACY_POLICY_URL} + MANAGEMENTPORTAL_OAUTH_META_TOKEN_TIMEOUT: PT2H + MANAGEMENTPORTAL_OAUTH_ENABLE_PUBLIC_KEY_VERIFIERS: "true" + RADAR_IS_CONFIG_LOCATION: /mp-includes/config/radar-is.yml + MANAGEMENTPORTAL_COMMON_ACTIVATION_KEY_TIMEOUT_IN_SECONDS: 172800 + SPRING_APPLICATION_JSON: '{"managementportal":{"oauth":{"checkingKeyAliases":["${MANAGEMENTPORTAL_OAUTH_CHECKING_KEY_ALIASES_0}","${MANAGEMENTPORTAL_OAUTH_CHECKING_KEY_ALIASES_1}"]}}}' + JHIPSTER_SLEEP: 10 # gives time for the database to boot before the application + JAVA_OPTS: -Xms256m -Xmx512m # maximum heap size for the JVM running ManagementPortal, increase this as necessary + volumes: + - ./etc/managementportal/:/mp-includes/ + healthcheck: + test: ["CMD", "wget", "--spider", "localhost:8080/managementportal/oauth/token_key"] + interval: 1m30s + timeout: 5s + retries: 3 + ``` + +5. Modify service definition of `gateway` in your `docker-compose.yml` as follows + 5.1 Remove `RADAR_IS_CONFIG_LOCATION` environment variable from gateway definition. + + Your `gateway` definiton on `docker-compose.yml` may look like below. + ```yaml + + #---------------------------------------------------------------------------# + # RADAR Gateway # + #---------------------------------------------------------------------------# + gateway: + image: radarbase/radar-gateway:dev + networks: + - api + - kafka + depends_on: + - rest-proxy-1 + volumes: + - ./etc/gateway:/etc/radar-gateway + command: ["radar-gateway", "/etc/radar-gateway/gateway.yml"] + healthcheck: + # should give an unauthenticated response, rather than a 404 + test: ["CMD-SHELL", "curl -I localhost/radar-gateway/topics 2>&1 | grep -q 401 || exit 1"] + interval: 1m30s + timeout: 5s + retries: 3 + + ``` +6. Restart both services. + `bin/radar-docker restart managementportal-app gateway` + + +7. To make sure the upgrade is working, verify if a participant who is already enrolled to a study can still send data. \ No newline at end of file diff --git a/dcompose-stack/radar-cp-hadoop-stack/README.md b/dcompose-stack/radar-cp-hadoop-stack/README.md index caa4c9439..6cb1da43c 100644 --- a/dcompose-stack/radar-cp-hadoop-stack/README.md +++ b/dcompose-stack/radar-cp-hadoop-stack/README.md @@ -128,6 +128,12 @@ sudo rm /etc/rsyslog.d/00-radar.conf /etc/logrotate.d/radar /etc/cron.hourly/log sudo systemctl restart rsyslog ``` +## Upgrading the environment to the latest versions. +You can upgrade to the latest set-up by simply pulling latest version of RADAR-Docker. +Then run `bin/radar-docker install` and take necessary steps based on the command line logs. + +**NOTE:** If you are upgrading from **ManagementPortal version 0.5.3 to higher** or **from [RADAR-Docker:2.0.2](https://github.com/RADAR-base/RADAR-Docker/releases/tag/v2.0.2) or lower to higher version**, read the [migration-guide](Migrating-ManagementPortal-from-0.5.3-to-higher.md) to follow the steps manually. + ### Monitoring a topic To see current data coming out of a Kafka topic, run diff --git a/dcompose-stack/radar-cp-hadoop-stack/bin/keystore-init b/dcompose-stack/radar-cp-hadoop-stack/bin/keystore-init index 87bf9e0a9..9c65f36bf 100755 --- a/dcompose-stack/radar-cp-hadoop-stack/bin/keystore-init +++ b/dcompose-stack/radar-cp-hadoop-stack/bin/keystore-init @@ -48,7 +48,7 @@ function writeKeys() { FILE=$1 RES=$2 - echo "--> Updating gateway signature keys" + echo "--> Updating public keys of signatures" echo "resourceName: $RES" > "$FILE" echo "publicKeys:" >> "$FILE" @@ -80,5 +80,4 @@ export KEYTOOL_OPTS="-keystore ${keystorefile} -storepass radarbase -keypass rad createKeyStore "$keystorefile" -writeKeys etc/gateway/radar-is.yml res_gateway -writeKeys etc/rest-api/radar-is.yml res_RestApi +writeKeys etc/managementportal/config/radar-is.yml res_ManagementPortal diff --git a/dcompose-stack/radar-cp-hadoop-stack/docker-compose.yml b/dcompose-stack/radar-cp-hadoop-stack/docker-compose.yml index b36b2a3d8..d58f5b26f 100644 --- a/dcompose-stack/radar-cp-hadoop-stack/docker-compose.yml +++ b/dcompose-stack/radar-cp-hadoop-stack/docker-compose.yml @@ -636,7 +636,7 @@ services: # Docker Monitoring # #---------------------------------------------------------------------------# portainer: - image: portainer/portainer:1.19.1 + image: portainer/portainer:1.22.0 command: --admin-password '${PORTAINER_PASSWORD_HASH}' networks: - monitor @@ -681,7 +681,7 @@ services: # Management Portal # #---------------------------------------------------------------------------# managementportal-app: - image: radarbase/management-portal:0.5.3 + image: radarbase/management-portal:0.5.5 networks: - default - api @@ -767,7 +767,7 @@ services: # RADAR Gateway # #---------------------------------------------------------------------------# gateway: - image: radarbase/radar-gateway:0.3.3 + image: radarbase/radar-gateway:0.3.9 networks: - api - kafka @@ -776,8 +776,6 @@ services: volumes: - ./etc/gateway:/etc/radar-gateway command: ["radar-gateway", "/etc/radar-gateway/gateway.yml"] - environment: - RADAR_IS_CONFIG_LOCATION: /etc/radar-gateway/radar-is.yml healthcheck: # should give an unauthenticated response, rather than a 404 test: ["CMD-SHELL", "wget --spider localhost/radar-gateway/topics 2>&1 | grep -q 401 || exit 1"] diff --git a/dcompose-stack/radar-cp-hadoop-stack/lib/systemd/radar-renew-certificate.timer.template b/dcompose-stack/radar-cp-hadoop-stack/lib/systemd/radar-renew-certificate.timer.template index 60a27325e..bdbc3d4c6 100644 --- a/dcompose-stack/radar-cp-hadoop-stack/lib/systemd/radar-renew-certificate.timer.template +++ b/dcompose-stack/radar-cp-hadoop-stack/lib/systemd/radar-renew-certificate.timer.template @@ -6,7 +6,7 @@ BindsTo=radar-docker.service OnCalendar=daily RandomizedDelaySec=12h Persistent=true -Unit=radar-check-health.service +Unit=radar-renew-certificate.service [Install] WantedBy=default.target diff --git a/images/hsqldb/Dockerfile b/images/hsqldb/Dockerfile new file mode 100644 index 000000000..557cf7a12 --- /dev/null +++ b/images/hsqldb/Dockerfile @@ -0,0 +1,30 @@ +FROM openjdk:12-oracle + +MAINTAINER yatharth.ranjan@kcl.ac.uk + +# Reuse directory layout between images +RUN mkdir -p /opt/hsqldb/lib /etc/opt/hsqldb/conf /var/opt/hsqldb/data && \ + groupadd --system -g 999 hsqldb && \ + useradd --system -g hsqldb -u 9999 hsqldb && \ + chown hsqldb:hsqldb -R /var/opt/hsqldb + +ENV MVN_CENTRAL_URL http://central.maven.org/maven2 +ENV HSQLDB_MVN_GRP org/hsqldb +ENV HSQLDB_VERSION 2.5.0 +ENV LOG4J_VERSION 1.2.17 + +ENV SERVER_PROPERTY_PATH /etc/opt/hsqldb/conf/server.properties +ENV SQL_TOOL_RC_PATH /etc/opt/hsqldb/conf/sqltool.rc + +RUN curl -#o /opt/hsqldb/lib/hsqldb.jar \ + "${MVN_CENTRAL_URL}/${HSQLDB_MVN_GRP}/hsqldb/${HSQLDB_VERSION}/hsqldb-${HSQLDB_VERSION}.jar" && \ + curl -#o /opt/hsqldb/lib/sqltool.jar \ + "${MVN_CENTRAL_URL}/${HSQLDB_MVN_GRP}/sqltool/${HSQLDB_VERSION}/sqltool-${HSQLDB_VERSION}.jar" && \ + curl -#o /opt/hsqldb/lib/log4j.jar \ + "${MVN_CENTRAL_URL}/log4j/log4j/${LOG4J_VERSION}/log4j-${LOG4J_VERSION}.jar" + +EXPOSE 9001 +USER hsqldb +WORKDIR /var/opt/hsqldb/data + +CMD java -cp /opt/hsqldb/lib/*:/etc/opt/hsqldb/conf org.hsqldb.server.Server --props ${SERVER_PROPERTY_PATH} diff --git a/images/hsqldb/README.md b/images/hsqldb/README.md new file mode 100644 index 000000000..65faa2900 --- /dev/null +++ b/images/hsqldb/README.md @@ -0,0 +1,7 @@ +# HSQLDB image + +Image for HSQLDB. This exposes port 9001 for database connections and uses `file:/var/opt/hsqldb/data` for database files. If this directory is mounted, change ownership of the local mount path before running the tool: + +```sh +chown -R 9999:999 +```