diff --git a/docker-stacks/01-traefik/docker-compose.dev-lb.yml b/docker-stacks/01-traefik/docker-compose.dev-lb.yml index a8ce9bf4..72bb4256 100644 --- a/docker-stacks/01-traefik/docker-compose.dev-lb.yml +++ b/docker-stacks/01-traefik/docker-compose.dev-lb.yml @@ -31,7 +31,6 @@ services: SIMVA_TRAEFIK_SHLINK_KEY_FILENAME: ${SIMVA_TRAEFIK_SHLINK_KEY_FILENAME:-privkey.pem} #EXTERNAL SERVER LIST NAME SIMVA_EXTERNAL_DOMAIN: ${SIMVA_EXTERNAL_DOMAIN:-external.test} - SIMVA_SERVER_LIST_NAME: ${SIMVA_SERVER_LIST_NAME:-simva-servers} SIMVA_MINIO_HOST_SUBDOMAIN: ${SIMVA_MINIO_HOST_SUBDOMAIN:-minio} #INTERNAL USE HOST SUBDOMAINS SIMVA_INTERNAL_DOMAIN: ${SIMVA_INTERNAL_DOMAIN:-internal.test} @@ -41,7 +40,8 @@ services: SIMVA_WHOAMI_NGINX_HOST_SUBDOMAIN: ${SIMVA_WHOAMI_NGINX_HOST_SUBDOMAIN:-nginx-whoami} volumes: - /etc/localtime:/etc/localtime:ro - - "${SIMVA_CONFIG_TEMPLATE_HOME:-/home/vagrant/docker-stacks/config-template}/traefik/nginx:/etc/nginx/templates:ro" + - "${SIMVA_CONFIG_TEMPLATE_HOME:-/home/vagrant/docker-stacks/config-template}/traefik/nginx/default.conf.template:/etc/nginx/templates/default.conf.template:ro" + - "${SIMVA_DATA_HOME:?Data home folder required}/traefik/nginx_upstream_hosts.txt:/etc/nginx/templates/nginx_upstream_hosts.txt:ro" - "${SIMVA_TLS_HOME:?TLS home folder required}:/etc/traefik/ssl:ro" depends_on: - traefik diff --git a/docker-stacks/01-traefik/etc/hooks/before-start.d/00-check-rootCA.sh b/docker-stacks/01-traefik/etc/hooks/before-start.d/00-check-rootCA.sh index 85df5b62..2be61948 100755 --- a/docker-stacks/01-traefik/etc/hooks/before-start.d/00-check-rootCA.sh +++ b/docker-stacks/01-traefik/etc/hooks/before-start.d/00-check-rootCA.sh @@ -33,7 +33,7 @@ if [[ -f "${SIMVA_ROOT_CA_FILE}" ]] && [[ "$rootCA_updated" == "false" ]]; then "$SIMVA_HOME/simva" backup "$CURRENT_STACK"; "${HELPERS_STACK_HOME}/01-install-rootCA.sh" rootCA_updated=true; - else + else echo "The root CA certificate is expired. Please update it before starting the stack." exit 1 fi diff --git a/docker-stacks/01-traefik/etc/hooks/before-start.d/20-nginx.sh b/docker-stacks/01-traefik/etc/hooks/before-start.d/20-nginx.sh index 72d20325..2a6c54ac 100755 --- a/docker-stacks/01-traefik/etc/hooks/before-start.d/20-nginx.sh +++ b/docker-stacks/01-traefik/etc/hooks/before-start.d/20-nginx.sh @@ -10,7 +10,7 @@ if [[ "${SIMVA_DEV_LOAD_BALANCER}" == "false" ]]; then fi OUTPUT_FILE="${SIMVA_DATA_HOME}/traefik/nginx_upstream_hosts.txt" mkdir -p "$(dirname "$OUTPUT_FILE")" -echo "${SIMVA_EXTERNAL_DOMAIN};" > "$OUTPUT_FILE" +echo "" > "$OUTPUT_FILE" for var in $(compgen -v | grep '^SIMVA_.*_HOST_SUBDOMAIN$'); do if [[ "$var" == *"NGINX"* ]] || [[ "$var" == *"MINIO_HOST"* ]] || [[ "$var" == *"SHLINK"* && $SIMVA_SHLINK_USE_SIMVA_EXTERNAL_DOMAIN == false ]]; then continue @@ -21,4 +21,5 @@ for var in $(compgen -v | grep '^SIMVA_.*_HOST_SUBDOMAIN$'); do fi fi done -export SIMVA_SERVER_LIST_NAME=$(cat "$OUTPUT_FILE"); \ No newline at end of file +echo "Generated Nginx upstream hosts configuration:" +cat "$OUTPUT_FILE" \ No newline at end of file diff --git a/docker-stacks/01-traefik/etc/hooks/helpers.d/02bis-install-shlink-wildcard-certificate.sh b/docker-stacks/01-traefik/etc/hooks/helpers.d/02bis-install-shlink-wildcard-certificate.sh index 86254fc6..06022fe5 100755 --- a/docker-stacks/01-traefik/etc/hooks/helpers.d/02bis-install-shlink-wildcard-certificate.sh +++ b/docker-stacks/01-traefik/etc/hooks/helpers.d/02bis-install-shlink-wildcard-certificate.sh @@ -3,24 +3,31 @@ set -euo pipefail [[ "${DEBUG:-false}" == "true" ]] && set -x if [[ $SIMVA_SHLINK_USE_SIMVA_EXTERNAL_DOMAIN == "false" ]]; then - if [[ "${SIMVA_TLS_GENERATE_SELF_SIGNED}" == "true" ]]; then - if [[ ! -e "${SIMVA_TRAEFIK_SHLINK_CERT_FILE}" ]]; then - mkcert \ - -cert-file "${SIMVA_TRAEFIK_SHLINK_CERT_FILE}" \ - -key-file "${SIMVA_TRAEFIK_SHLINK_KEY_FILE}" \ - "${SIMVA_SHLINK_EXTERNAL_DOMAIN}" \ - "localhost" \ - "127.0.0.1" \ - "${SIMVA_HOST_EXTERNAL_IP}" - chmod ${SIMVA_CERT_FILE_MOD} "${SIMVA_TRAEFIK_SHLINK_KEY_FILE}" - chmod ${SIMVA_CERT_FILE_MOD} "${SIMVA_TRAEFIK_SHLINK_CERT_FILE}" - source ${SIMVA_HOME}/bin/check-checksum.sh; - set +e - _check_checksum $SIMVA_TLS_HOME "${SIMVA_TRAEFIK_SHLINK_SHA256SUMS_FILE}" "${SIMVA_TRAEFIK_SHLINK_CERT_FILENAME}" - set -e - fi + if [[ -f "${SIMVA_TRAEFIK_SHLINK_CERT_FILE}" && -f "${SIMVA_TRAEFIK_SHLINK_KEY_FILE}" ]]; then + echo "Shlink cert file and key file already exist at '${SIMVA_TRAEFIK_SHLINK_CERT_FILE}' and '${SIMVA_TRAEFIK_SHLINK_KEY_FILE}' respectively. Skipping certificate generation." else - echo "Please insert your shlink cert file at '${SIMVA_TRAEFIK_SHLINK_CERT_FILE}' and shlink key file at '${SIMVA_TRAEFIK_SHLINK_KEY_FILE}' or run using SIMVA_TLS_GENERATE_SELF_SIGNED=true to self generate your certificates." - exit 1; + if [[ "${SIMVA_TLS_GENERATE_SELF_SIGNED}" == "true" ]]; then + if [[ ! -e "${SIMVA_TRAEFIK_SHLINK_CERT_FILE}" ]]; then + mkcert \ + -cert-file "${SIMVA_TRAEFIK_SHLINK_CERT_FILE}" \ + -key-file "${SIMVA_TRAEFIK_SHLINK_KEY_FILE}" \ + "${SIMVA_SHLINK_EXTERNAL_DOMAIN}" \ + "localhost" \ + "127.0.0.1" \ + "${SIMVA_HOST_EXTERNAL_IP}" + chmod ${SIMVA_CERT_FILE_MOD} "${SIMVA_TRAEFIK_SHLINK_KEY_FILE}" + chmod ${SIMVA_CERT_FILE_MOD} "${SIMVA_TRAEFIK_SHLINK_CERT_FILE}" + source ${SIMVA_HOME}/bin/check-checksum.sh; + set +e + _check_checksum $SIMVA_TLS_HOME "${SIMVA_TRAEFIK_SHLINK_SHA256SUMS_FILE}" "${SIMVA_TRAEFIK_SHLINK_CERT_FILENAME}" + set -e + else + echo "Please insert your shlink cert file at '${SIMVA_TRAEFIK_SHLINK_CERT_FILE}' and shlink key file at '${SIMVA_TRAEFIK_SHLINK_KEY_FILE}' or run using SIMVA_TLS_GENERATE_SELF_SIGNED=true to self generate your certificates." + exit 1; + fi + else + echo "Please insert your shlink cert file at '${SIMVA_TRAEFIK_SHLINK_CERT_FILE}' and shlink key file at '${SIMVA_TRAEFIK_SHLINK_KEY_FILE}' or run using SIMVA_TLS_GENERATE_SELF_SIGNED=true to self generate your certificates." + exit 1; + fi fi fi \ No newline at end of file diff --git a/docker-stacks/02-keycloak/etc/hooks/after-migrate.d/10-migrate-realm-user-client.sh b/docker-stacks/02-keycloak/etc/hooks/after-upgrade.d/10-migrate-realm-user-client.sh similarity index 100% rename from docker-stacks/02-keycloak/etc/hooks/after-migrate.d/10-migrate-realm-user-client.sh rename to docker-stacks/02-keycloak/etc/hooks/after-upgrade.d/10-migrate-realm-user-client.sh diff --git a/docker-stacks/02-keycloak/etc/hooks/before-migrate.d/10-remove-simva-realm-data.sh b/docker-stacks/02-keycloak/etc/hooks/before-migrate.d/10-remove-simva-realm-data.sh index 2234eb25..a2c7ea35 100755 --- a/docker-stacks/02-keycloak/etc/hooks/before-migrate.d/10-remove-simva-realm-data.sh +++ b/docker-stacks/02-keycloak/etc/hooks/before-migrate.d/10-remove-simva-realm-data.sh @@ -7,7 +7,4 @@ ${SIMVA_BIN_HOME}/purge-folder-contents.sh \ ${SIMVA_BIN_HOME}/purge-file-if-exist.sh \ "${SIMVA_CONFIG_HOME}/keycloak/realm-data.dev.yml" \ - "${SIMVA_CONFIG_HOME}/keycloak/realm-data.prod.yml" - -touch "${SIMVA_CONFIG_HOME}/keycloak/simva-realm-export/.exportinprogress" -touch "${SIMVA_CONFIG_HOME}/keycloak/.migration" \ No newline at end of file + "${SIMVA_CONFIG_HOME}/keycloak/realm-data.prod.yml" \ No newline at end of file diff --git a/docker-stacks/02-keycloak/etc/hooks/before-upgrade.d/upgrade.sh b/docker-stacks/02-keycloak/etc/hooks/before-upgrade.d/upgrade.sh new file mode 100644 index 00000000..3b0b0203 --- /dev/null +++ b/docker-stacks/02-keycloak/etc/hooks/before-upgrade.d/upgrade.sh @@ -0,0 +1,9 @@ +#!/usr/bin/env bash +set -euo pipefail +[[ "${DEBUG:-false}" == "true" ]] && set -x + +if [[ ${SIMVA_KEYCLOAK_VERSION%%.*} -gt 18 ]]; then + exit 0 +fi +touch "${SIMVA_CONFIG_HOME}/keycloak/simva-realm-export/.exportinprogress" +echo "$SIMVA_KEYCLOAK_VERSION" > "${SIMVA_CONFIG_HOME}/keycloak/.migration" \ No newline at end of file diff --git a/docker-stacks/02-keycloak/etc/hooks/helpers.d/keycloak-functions.sh b/docker-stacks/02-keycloak/etc/hooks/helpers.d/keycloak-functions.sh index d7036583..0934997c 100755 --- a/docker-stacks/02-keycloak/etc/hooks/helpers.d/keycloak-functions.sh +++ b/docker-stacks/02-keycloak/etc/hooks/helpers.d/keycloak-functions.sh @@ -25,6 +25,9 @@ function __keycloak_login() { admin_user_file="$SIMVA_DATA_HOME/keycloak/.master_admin_user_created" echo "--- Checking Keycloak admin user status ---" + # Always use lowercase for admin username + admin_user_lc="${SIMVA_KEYCLOAK_ADMIN_USER,,}" + if [[ -f "$admin_user_file" ]]; then echo "Admin user already persisted previously." else @@ -40,13 +43,13 @@ function __keycloak_login() { set +e "${SIMVA_HOME}/bin/run-command.sh" /opt/keycloak/bin/kcadm.sh config credentials \ --server "https://${SIMVA_SSO_HOST_SUBDOMAIN}.${SIMVA_EXTERNAL_DOMAIN}" \ - --realm "master" --user "${SIMVA_KEYCLOAK_ADMIN_USER}" \ + --realm "master" --user "$admin_user_lc" \ --password "${SIMVA_KEYCLOAK_ADMIN_PASSWORD}" ret=$? set -e echo $ret if [[ $ret != 0 ]]; then - echo "Either temp admin '${SIMVA_KEYCLOAK_TMP_ADMIN_USER}' user and admin '${SIMVA_KEYCLOAK_ADMIN_USER}' user can't connect to Keycloak with the current password '${SIMVA_KEYCLOAK_ADMIN_PASSWORD}'." + echo "Either temp admin '${SIMVA_KEYCLOAK_TMP_ADMIN_USER}' user and admin '$admin_user_lc' user can't connect to Keycloak with the current password." echo "Please update your simva-env.sh with the correct password configuration. Exiting..." exit 1 else @@ -55,11 +58,11 @@ function __keycloak_login() { else echo "Checking if admin user exists in Keycloak..." - admin_user_present=$( + admin_user_present=$(\ "${SIMVA_HOME}/bin/run-command.sh" /opt/keycloak/bin/kcadm.sh get users \ - -r master -q username="${SIMVA_KEYCLOAK_ADMIN_USER}" -q exact=true --fields id,username 2>/dev/null + -r master -q username="$admin_user_lc" -q exact=true --fields id,username 2>/dev/null ) - if echo "$admin_user_present" | grep -q "\"username\" : \"${SIMVA_KEYCLOAK_ADMIN_USER}\""; then + if echo "$admin_user_present" | grep -iq "\"username\" *: *\"$admin_user_lc\""; then echo "Admin exists" echo "$admin_user_present" echo "Admin user already exists in Keycloak." @@ -67,18 +70,30 @@ function __keycloak_login() { echo "Admin NOT found" echo "Admin user doesn't exist. Creating through TMP admin login..." "${SIMVA_HOME}/bin/run-command.sh" /opt/keycloak/bin/kcadm.sh create users \ - -r master -s username="${SIMVA_KEYCLOAK_ADMIN_USER}" -s enabled=true + -r master -s username="$admin_user_lc" -s enabled=true echo "Admin user created." + fi + + # Check if the user already has the 'admin' role before adding + has_admin_role=$( \ + "${SIMVA_HOME}/bin/run-command.sh" /opt/keycloak/bin/kcadm.sh get users \ + -r master -q username="$admin_user_lc" -q exact=true --fields id 2>/dev/null | \ + jq -r '.[0].id' | \ + xargs -I{} "${SIMVA_HOME}/bin/run-command.sh" /opt/keycloak/bin/kcadm.sh get users/{}/role-mappings/realm -r master 2>/dev/null | \ + jq -r '.[] | select(.name=="admin") | .name' ) + if [[ "$has_admin_role" != "admin" ]]; then "${SIMVA_HOME}/bin/run-command.sh" /opt/keycloak/bin/kcadm.sh add-roles \ - -r master --uusername "${SIMVA_KEYCLOAK_ADMIN_USER}" --rolename admin + -r master --uusername "$admin_user_lc" --rolename admin + else + echo "Admin user already has the 'admin' role." fi - + "${SIMVA_HOME}/bin/run-command.sh" /opt/keycloak/bin/kcadm.sh set-password \ - -r master --username "${SIMVA_KEYCLOAK_ADMIN_USER}" \ + -r master --username "$admin_user_lc" \ --new-password "${SIMVA_KEYCLOAK_ADMIN_PASSWORD}" # Delete the temporary admin user - tmp_user_json=$( + tmp_user_json=$(\ "${SIMVA_HOME}/bin/run-command.sh" /opt/keycloak/bin/kcadm.sh get users \ -r master -q username="${SIMVA_KEYCLOAK_TMP_ADMIN_USER}" -q exact=true --fields id 2>/dev/null ) @@ -97,11 +112,11 @@ function __keycloak_login() { touch "$admin_user_file" fi - # Now always login using the actual admin + # Now always login using the actual admin (lowercase) echo "--- Logging into Keycloak with the final admin ---" "${SIMVA_HOME}/bin/run-command.sh" /opt/keycloak/bin/kcadm.sh config credentials \ --server "https://${SIMVA_SSO_HOST_SUBDOMAIN}.${SIMVA_EXTERNAL_DOMAIN}" \ - --realm "master" --user "${SIMVA_KEYCLOAK_ADMIN_USER}" \ + --realm "master" --user "$admin_user_lc" \ --password "${SIMVA_KEYCLOAK_ADMIN_PASSWORD}" export KEYCLOAK_LOGIN_ON=true diff --git a/docker-stacks/02-keycloak/etc/hooks/purge.d/01-remove-data-and-config.sh b/docker-stacks/02-keycloak/etc/hooks/purge.d/01-remove-data-and-config.sh index c88ebf35..061a4cdb 100755 --- a/docker-stacks/02-keycloak/etc/hooks/purge.d/01-remove-data-and-config.sh +++ b/docker-stacks/02-keycloak/etc/hooks/purge.d/01-remove-data-and-config.sh @@ -17,7 +17,7 @@ ${SIMVA_BIN_HOME}/purge-file-if-exist.sh \ "${SIMVA_DATA_HOME}/keycloak/.version" \ "${SIMVA_DATA_HOME}/keycloak/.master_admin_user_created" \ "${SIMVA_DATA_HOME}/keycloak/simva-realm-export\.exportinprogress" \ - "${SIMVA_DATA_HOME}/keycloak/.migration" + "${SIMVA_CONFIG_HOME}/keycloak/.migration" "${SIMVA_BIN_HOME}/volumectl.sh" delete "kc_maria_db_data" "${SIMVA_BIN_HOME}/volumectl.sh" delete "kc_maria_db_backup_data" \ No newline at end of file diff --git a/docker-stacks/04-minio/etc/hooks/after-start.d/20-add-policy.sh b/docker-stacks/04-minio/etc/hooks/after-start.d/20-add-policy.sh index ccd63fce..16fc6e18 100644 --- a/docker-stacks/04-minio/etc/hooks/after-start.d/20-add-policy.sh +++ b/docker-stacks/04-minio/etc/hooks/after-start.d/20-add-policy.sh @@ -49,7 +49,9 @@ else -c "mc config host add simva-minio ${minio_url} ${SIMVA_MINIO_ACCESS_KEY} ${SIMVA_MINIO_SECRET_KEY} ${extra_config} && mc ready simva-minio && $code && - mc --debug mb --ignore-existing simva-minio/${SIMVA_TRACES_BUCKET_NAME}" + mc --debug mb --ignore-existing simva-minio/${SIMVA_TRACES_BUCKET_NAME} + && + mc --debug mb --ignore-existing simva-minio/${SIMVA_BACKUP_BUCKET_NAME}" touch "${SIMVA_DATA_HOME}/minio/.minio-initialized"; fi fi \ No newline at end of file diff --git a/docker-stacks/07-simva/MIGRATION_MONGO_SQLITE.MD b/docker-stacks/07-simva/MIGRATION_MONGO_SQLITE.MD new file mode 100644 index 00000000..d9785f81 --- /dev/null +++ b/docker-stacks/07-simva/MIGRATION_MONGO_SQLITE.MD @@ -0,0 +1,2 @@ +To test the migration script to debug it run : +./simva uninstall 07-simva/ && rm -rf data/simva/sqlite_init && docker volume rm simva_sqlite_data && ./simva start 07-simva/ \ No newline at end of file diff --git a/docker-stacks/07-simva/docker-compose.dev.yml b/docker-stacks/07-simva/docker-compose.dev.yml index ee850d6d..105ce655 100644 --- a/docker-stacks/07-simva/docker-compose.dev.yml +++ b/docker-stacks/07-simva/docker-compose.dev.yml @@ -12,43 +12,40 @@ x-default-opts: services: simva-api: - build: ${SIMVA_API_GIT_REPO:-/home/vagrant/docker-stacks/data/simva/simva-api} + build: ${SIMVA_API_GIT_REPO:-/home/vagrant/simva} restart: unless-stopped environment: LOG_LEVEL: "debug" + JSTRACKER_LOCAL_DEPLOYMENT: "${SIMVA_JSTRACKER_LIBRARY_LOCAL_DEPLOYMENT}" + JSTRACKER_LOCAL_PATH: "/home/node/js-tracker" + JSTRACKER_ENTRYPOINT_SCRIPT: "/home/node/entrypoint.d/setup-local-deps.js" volumes: - - ${SIMVA_API_GIT_REPO:-/home/vagrant/docker-stacks/data/simva/simva-api}/src:/home/node/app/src - - ${SIMVA_API_GIT_REPO:-/home/vagrant/docker-stacks/data/simva/simva-api}/tests:/home/node/app/tests - - ${SIMVA_API_GIT_REPO:-/home/vagrant/docker-stacks/data/simva/simva-api}/public:/home/node/app/public - - ${SIMVA_API_GIT_REPO:-/home/vagrant/docker-stacks/data/simva/simva-api}/package.json:/home/node/app/package.json - - ${SIMVA_API_GIT_REPO:-/home/vagrant/docker-stacks/data/simva/simva-api}/package-lock.json:/home/node/app/package-lock.json - - ${SIMVA_API_GIT_REPO:-/home/vagrant/docker-stacks/data/simva/simva-api}/jest.config.cjs:/home/node/app/jest.config.cjs - - ${SIMVA_API_GIT_REPO:-/home/vagrant/docker-stacks/data/simva/simva-api}/tsconfig.jest.json:/home/node/app/tsconfig.jest.json - - ${SIMVA_API_GIT_REPO:-/home/vagrant/docker-stacks/data/simva/simva-api}/tsconfig.json:/home/node/app/tsconfig.json - - ${SIMVA_API_GIT_REPO:-/home/vagrant/docker-stacks/data/simva/simva-api}/coverage:/home/node/app/coverage - - ${SIMVA_API_GIT_REPO:-/home/vagrant/docker-stacks/data/simva/simva-api}:/home/node/app/ + - ${SIMVA_API_GIT_REPO:-/home/vagrant/simva}:/home/node/app/ + - ${SIMVA_JSTRACKER_LIBRARY_LOCAL_PATH:-/home/vagrant/js-tracker}:/home/node/js-tracker + - /home/node/js-tracker/node_modules # Exclude node_modules - /home/node/app/node_modules # Exclude node_modules + - ${STACK_HOME?STACK home folder required}/etc/entrypoint.d/setup-local-deps.js:/home/node/entrypoint.d/setup-local-deps.js ports: - "127.0.0.1:9229:9229" - "127.0.0.1:9232:9230" simva-front: - build: ${SIMVA_FRONT_GIT_REPO:-/home/vagrant/docker-stacks/data/simva/simva-front} + build: ${SIMVA_FRONT_GIT_REPO:-/home/vagrant/simva-front} restart: unless-stopped environment: LOG_LEVEL: "debug" volumes: - - ${SIMVA_FRONT_GIT_REPO:-/home/vagrant/docker-stacks/data/simva/simva-front}:/home/node/app/ + - ${SIMVA_FRONT_GIT_REPO:-/home/vagrant/simva-front}:/home/node/app/ - /home/node/app/node_modules # Exclude node_modules ports: - "127.0.0.1:9230:9229" - "127.0.0.1:9233:9230" simva-trace-allocator: - build: ${SIMVA_TRACE_ALLOCATOR_GIT_REPO:-/home/vagrant/docker-stacks/data/simva/simva-trace-allocator} + build: ${SIMVA_TRACE_ALLOCATOR_GIT_REPO:-/home/vagrant/simva-trace-allocator} restart: unless-stopped environment: LOG_LEVEL: "debug" volumes: - - ${SIMVA_TRACE_ALLOCATOR_GIT_REPO:-/home/vagrant/docker-stacks/data/simva/simva-trace-allocator}:/home/node/app/ + - ${SIMVA_TRACE_ALLOCATOR_GIT_REPO:-/home/vagrant/simva-trace-allocator}:/home/node/app/ - /home/node/app/node_modules # Exclude node_modules ports: - "127.0.0.1:9231:9229" \ No newline at end of file diff --git a/docker-stacks/07-simva/docker-compose.yml b/docker-stacks/07-simva/docker-compose.yml index d417d5b4..e1505d35 100644 --- a/docker-stacks/07-simva/docker-compose.yml +++ b/docker-stacks/07-simva/docker-compose.yml @@ -115,6 +115,9 @@ services: SHLINK_PORT: ${SIMVA_SHLINK_PORT:-443} SHLINK_PROTOCOL: ${SIMVA_SHLINK_EXTERNAL_PROTOCOL:-https} SHLINK_SERVER_API_KEY: ${SIMVA_SHLINK_API_KEY:-password} + LRS_ENDPOINT: "https://${SIMVA_LRS_HOST_SUBDOMAIN:-lrs}.${SIMVA_EXTERNAL_DOMAIN:-external.test}/" + LRS_API_KEY_DEFAULT: "${SIMVA_LRS_API_KEY_DEFAULT:-my_api_key}" + LRS_API_SECRET_DEFAULT: "${SIMVA_LRS_API_SECRET_DEFAULT:-my_api_secret}" volumes: - /etc/localtime:/etc/localtime:ro - ${SIMVA_TLS_HOME?TLS home folder required}:/var/lib/simva/tls diff --git a/docker-stacks/07-simva/etc/entrypoint.d/docker-startup-api.sh b/docker-stacks/07-simva/etc/entrypoint.d/docker-startup-api.sh index a36bab7c..71eed722 100755 --- a/docker-stacks/07-simva/etc/entrypoint.d/docker-startup-api.sh +++ b/docker-stacks/07-simva/etc/entrypoint.d/docker-startup-api.sh @@ -7,6 +7,8 @@ cd /home/node/app #start api echo "${NODE_ENV}" if [[ "${NODE_ENV}" == "development" ]]; then + # Setup local dependencies if needed (js-tracker) + node ${JSTRACKER_ENTRYPOINT_SCRIPT:-/home/node/entrypoint.d/setup-local-deps.js} if [[ "${ENABLE_DEBUG_PROFILING:-false}" == "true" ]]; then if [[ ! -e ${PROFILING_FOLDER} ]]; then mkdir -p ${PROFILING_FOLDER} diff --git a/docker-stacks/07-simva/etc/entrypoint.d/setup-local-deps.js b/docker-stacks/07-simva/etc/entrypoint.d/setup-local-deps.js new file mode 100644 index 00000000..fdfd5380 --- /dev/null +++ b/docker-stacks/07-simva/etc/entrypoint.d/setup-local-deps.js @@ -0,0 +1,85 @@ +#!/usr/bin/env node + +/** + * Setup script to handle local dependency deployment + * Checks environment variables and installs local packages if enabled + */ + +const fs = require('fs'); +const os = require('os'); +const path = require('path'); +const { execSync } = require('child_process'); + +const JSTRACKER_LOCAL_PATH = process.env.JSTRACKER_LOCAL_PATH || '/home/node/js-tracker'; +const JSTRACKER_LOCAL_DEPLOYMENT = process.env.JSTRACKER_LOCAL_DEPLOYMENT === 'true'; +const APP_DIR = process.env.SIMVA_APP_DIR || '/home/node/app'; + +console.log('[Setup] Starting local dependency setup...'); +console.log(`[Setup] JSTRACKER_LOCAL_DEPLOYMENT: ${process.env.JSTRACKER_LOCAL_DEPLOYMENT}`); +console.log(`[Setup] JSTRACKER_LOCAL_PATH: ${process.env.JSTRACKER_LOCAL_PATH}`); + +if (JSTRACKER_LOCAL_DEPLOYMENT) { + const jsTrackerPath = path.resolve(__dirname, JSTRACKER_LOCAL_PATH); + const appDir = APP_DIR; + + console.log(`[Setup] Resolving local js-tracker path: ${jsTrackerPath}`); + + if (fs.existsSync(jsTrackerPath)) { + console.log(`[Setup] ✓ Local js-tracker found at: ${jsTrackerPath}`); + const tempBuildDir = fs.mkdtempSync(path.join(os.tmpdir(), 'js-tracker-build-')); + + console.log(`[Setup] Copying local js-tracker to writable temp dir: ${tempBuildDir}`); + + try { + // Build in a temp copy to avoid permission issues on host-mounted folders. + fs.cpSync(jsTrackerPath, tempBuildDir, { + recursive: true, + force: true, + filter: (src) => !src.includes(`${path.sep}node_modules${path.sep}`) && path.basename(src) !== 'node_modules' + }); + + console.log('[Setup] Installing js-tracker dependencies...'); + execSync('npm install', { + cwd: tempBuildDir, + stdio: 'inherit' + }); + + console.log('[Setup] Building local js-tracker...'); + execSync('npm run build', { + cwd: tempBuildDir, + stdio: 'inherit' + }); + + console.log('[Setup] Installing local js-tracker into simva-api...'); + // Pack first to force a real copy into node_modules (not a symlink to tempBuildDir). + const tarballName = execSync('npm pack --silent', { + cwd: tempBuildDir, + stdio: ['ignore', 'pipe', 'inherit'] + }).toString().trim(); + const tarballPath = path.join(tempBuildDir, tarballName); + + // Install only into node_modules without mutating app manifests. + execSync(`npm install --no-save --no-package-lock file:${tarballPath}`, { + cwd: appDir, + stdio: 'inherit' + }); + console.log('[Setup] ✓ Successfully installed local js-tracker'); + } catch (error) { + console.error('[Setup] ✗ Failed to install local js-tracker:', error.message); + process.exit(1); + } finally { + try { + fs.rmSync(tempBuildDir, { recursive: true, force: true }); + } catch (cleanupError) { + console.warn(`[Setup] ⚠ Failed to cleanup temp dir: ${cleanupError.message}`); + } + } + } else { + console.warn(`[Setup] ⚠ JSTRACKER_LOCAL_DEPLOYMENT enabled but path not found: ${jsTrackerPath}`); + console.warn('[Setup] Proceeding with npm registry version'); + } +} else { + console.log('[Setup] Using default js-tracker from npm registry (GitHub)'); +} + +console.log('[Setup] Local dependency setup completed'); \ No newline at end of file diff --git a/docker-stacks/07-simva/etc/hooks/after-start.d/30-wait-container-finished-migration.sh b/docker-stacks/07-simva/etc/hooks/after-start.d/00-wait-container-finished-migration.sh similarity index 100% rename from docker-stacks/07-simva/etc/hooks/after-start.d/30-wait-container-finished-migration.sh rename to docker-stacks/07-simva/etc/hooks/after-start.d/00-wait-container-finished-migration.sh diff --git a/docker-stacks/07-simva/etc/hooks/after-start.d/00-install-cert.sh b/docker-stacks/07-simva/etc/hooks/after-start.d/10-install-cert.sh similarity index 100% rename from docker-stacks/07-simva/etc/hooks/after-start.d/00-install-cert.sh rename to docker-stacks/07-simva/etc/hooks/after-start.d/10-install-cert.sh diff --git a/docker-stacks/07-simva/etc/hooks/after-start.d/10-wait-simva-simva-api-available.sh b/docker-stacks/07-simva/etc/hooks/after-start.d/20-wait-simva-simva-api-available.sh similarity index 100% rename from docker-stacks/07-simva/etc/hooks/after-start.d/10-wait-simva-simva-api-available.sh rename to docker-stacks/07-simva/etc/hooks/after-start.d/20-wait-simva-simva-api-available.sh diff --git a/docker-stacks/07-simva/etc/hooks/after-start.d/20-wait-simva-simva-front-available.sh b/docker-stacks/07-simva/etc/hooks/after-start.d/30-wait-simva-simva-front-available.sh similarity index 100% rename from docker-stacks/07-simva/etc/hooks/after-start.d/20-wait-simva-simva-front-available.sh rename to docker-stacks/07-simva/etc/hooks/after-start.d/30-wait-simva-simva-front-available.sh diff --git a/docker-stacks/07-simva/etc/hooks/before-start.d/10-checkout-code.sh b/docker-stacks/07-simva/etc/hooks/before-start.d/10-checkout-code.sh index 96b71471..96c06e17 100755 --- a/docker-stacks/07-simva/etc/hooks/before-start.d/10-checkout-code.sh +++ b/docker-stacks/07-simva/etc/hooks/before-start.d/10-checkout-code.sh @@ -5,10 +5,6 @@ set -euo pipefail RUNCHECKOUTCODE=false RUNBUILDCODE=false CHECKLOCALDEPLOYMENT=false -if [[ -f "$SIMVA_DATA_HOME/simva/migration_sqlite_in_progress" ]]; then - echo "Migration of the data in progress. Pass the execution." - exit 0 -fi if [[ ! -e "${SIMVA_DATA_HOME}/simva/.initialized" ]]; then echo "SIMVA it is not initialized, initializing checkout code." RUNCHECKOUTCODE=true diff --git a/docker-stacks/07-simva/etc/simva.d/simva-env.sh b/docker-stacks/07-simva/etc/simva.d/simva-env.sh index 73dd14d4..31638d71 100644 --- a/docker-stacks/07-simva/etc/simva.d/simva-env.sh +++ b/docker-stacks/07-simva/etc/simva.d/simva-env.sh @@ -2,8 +2,11 @@ set -euo pipefail [[ "${DEBUG:-false}" == "true" ]] && set -x -export SIMVA_LIMESURVEY_VERSION_NUMBER=${SIMVA_LIMESURVEY_VERSION%.*} +# Remove any '-apache' compose files from the stack +export SIMVA_LIMESURVEY_VERSION_NUMBER="${SIMVA_LIMESURVEY_VERSION//-.*/}" +export SIMVA_LIMESURVEY_VERSION_NUMBER=${SIMVA_LIMESURVEY_VERSION_NUMBER%-*} export SIMVA_LIMESURVEY_USE_NEW_VERSION=$([[ ${SIMVA_LIMESURVEY_VERSION_NUMBER} -gt 5 ]] && echo "true" || echo "false") +echo "Using LimeSurvey version ${SIMVA_LIMESURVEY_VERSION_NUMBER}, use new version: ${SIMVA_LIMESURVEY_USE_NEW_VERSION}" if [[ -f "$SIMVA_DATA_HOME/simva/migration_sqlite_in_progress" ]]; then export COMPOSE_FILE="docker-compose.migrate_mongo.yml:docker-compose.mongo.yml" if [[ "${SIMVA_ENVIRONMENT}" = "development" ]]; then @@ -14,7 +17,7 @@ else export COMPOSE_FILE="docker-compose.simva.sqlite.yml:docker-compose.mongo.yml:docker-compose.simva.mongo.yml" if [[ "${SIMVA_ENVIRONMENT}" = "development" ]]; then export COMPOSE_FILE="$COMPOSE_FILE:docker-compose.dev.sqlite.yml:docker-compose.dev.mongo.yml" - if [[ $SIMVA_SIMVA_DATABASE_CHECK == "true" ]]; then + if [[ ${SIMVA_SIMVA_DATABASE_CHECK:-false} == "true" ]]; then export COMPOSE_FILE="$COMPOSE_FILE:docker-compose.migrate_mongo.yml:docker-compose.mongo.yml" fi fi diff --git a/docker-stacks/11-lrs/README.md b/docker-stacks/11-lrs/README.md new file mode 100644 index 00000000..6e11c488 --- /dev/null +++ b/docker-stacks/11-lrs/README.md @@ -0,0 +1,5 @@ +Manage OIDC OAuth2 with keycloak +https://yetanalytics.github.io/lrsql/oidc.html + +Manage OIDC Authority OAuth2 +https://yetanalytics.github.io/lrsql/authority.html diff --git a/docker-stacks/11-lrs/docker-compose.yml b/docker-stacks/11-lrs/docker-compose.yml new file mode 100644 index 00000000..a47c988a --- /dev/null +++ b/docker-stacks/11-lrs/docker-compose.yml @@ -0,0 +1,87 @@ +version: '3.7' + +x-default-opts: + &default-opts + logging: + options: + max-size: "${SIMVA_LOGGING_MAX_FILE_SIZE}" + max-file: "${SIMVA_LOGGING_MAX_FILES}" + # driver: "gelf" + # options: + # gelf-address: "udp://127.0.0.1:5000" + +networks: + traefik_services: + name: "${SIMVA_SERVICE_NETWORK:-traefik_services}" + external: true + +services: + db: + << : *default-opts + image: postgres:18 + restart: unless-stopped + environment: + POSTGRES_DB: ${SIMVA_LRS_DB_NAME:-lrs} + POSTGRES_USER: ${SIMVA_LRS_DB_USER:-lrs} + POSTGRES_PASSWORD: ${SIMVA_LRS_DB_PASSWORD:-lrs} + networks: + default: + aliases: + - db-lrs.${SIMVA_INTERNAL_DOMAIN:-internal.test} + traefik_services: + aliases: + - db-lrs.${SIMVA_INTERNAL_DOMAIN:-internal.test} + volumes: + - pgdata:/var/lib/postgresql + lrs: + << : *default-opts + image: ${SIMVA_LRS_IMAGE:-yetanalytics/lrsql}:${SIMVA_LRS_VERSION:-v0.9.5} + command: + - /bin/sh + - -ec + - | + mkdir -p /lrsql/config + cat > /lrsql/config/authority.json.template < /dev/null || { + echo "The root CA certificate for ${SIMVA_EXTERNAL_DOMAIN} is expired. Please update it before starting the stack." + exit 1 + } + if [[ ! -f "${SIMVA_HOME}/../../${SIMVA_EXTERNAL_DOMAIN}-privkey.pem" ]]; then + echo "The private key ${SIMVA_EXTERNAL_DOMAIN}-privkey.pem is missing. Please provide a new one to update the certificates." + exit 1 + fi + if [[ ! -f "${SIMVA_HOME}/../../${SIMVA_EXTERNAL_DOMAIN}-fullchain.pem" ]]; then + echo "The full chain certificate ${SIMVA_EXTERNAL_DOMAIN}-fullchain.pem is missing. Please provide a new one to update the certificates." + exit 1 + fi + cp "${SIMVA_HOME}/../../${SIMVA_EXTERNAL_DOMAIN}.pem" "${SIMVA_TLS_HOME}/${SIMVA_TRAEFIK_CERT_FILENAME}" + cp "${SIMVA_HOME}/../../${SIMVA_EXTERNAL_DOMAIN}-privkey.pem" "${SIMVA_TLS_HOME}/${SIMVA_TRAEFIK_KEY_FILENAME}" + cp "${SIMVA_HOME}/../../${SIMVA_EXTERNAL_DOMAIN}-fullchain.pem" "${SIMVA_TLS_HOME}/${SIMVA_TRAEFIK_FULLCHAIN_CERT_FILENAME}" + else + echo "The root CA certificate ${SIMVA_EXTERNAL_DOMAIN}.pem is missing. Please provide a new one to update the certificates." + exit 1 + fi + if [[ ${SIMVA_SHLINK_USE_SIMVA_EXTERNAL_DOMAIN} ]]; then + if [[ -f "${SIMVA_HOME}/../../${SIMVA_SHLINK_EXTERNAL_DOMAIN}.pem" ]]; then + openssl x509 -checkend 0 -noout -in "${SIMVA_HOME}/../../${SIMVA_SHLINK_EXTERNAL_DOMAIN}.pem" > /dev/null || { + echo "The root CA certificate for ${SIMVA_SHLINK_EXTERNAL_DOMAIN} is expired. Please update it before starting the stack." + exit 1 + } + if [[ ! -f "${SIMVA_HOME}/../../${SIMVA_SHLINK_EXTERNAL_DOMAIN}-privkey.pem" ]]; then + echo "The private key ${SIMVA_SHLINK_EXTERNAL_DOMAIN}-privkey.pem is missing. Please provide a new one to update the certificates." + exit 1 + fi + if [[ ! -f "${SIMVA_HOME}/../../${SIMVA_SHLINK_EXTERNAL_DOMAIN}-fullchain.pem" ]]; then + echo "The full chain certificate ${SIMVA_SHLINK_EXTERNAL_DOMAIN}-fullchain.pem is missing. Please provide a new one to update the certificates." + exit 1 + fi + cp "${SIMVA_HOME}/../../${SIMVA_SHLINK_EXTERNAL_DOMAIN}.pem" "${SIMVA_TLS_HOME}/${SIMVA_TRAEFIK_SHLINK_CERT_FILENAME}" + cp "${SIMVA_HOME}/../../${SIMVA_SHLINK_EXTERNAL_DOMAIN}-fullchain.pem" "${SIMVA_TLS_HOME}/${SIMVA_TRAEFIK_SHLINK_FULLCHAIN_CERT_FILENAME}" + cp "${SIMVA_HOME}/../../${SIMVA_SHLINK_EXTERNAL_DOMAIN}-privkey.pem" "${SIMVA_TLS_HOME}/${SIMVA_TRAEFIK_SHLINK_KEY_FILENAME}" + else + echo "The root CA certificate ${SIMVA_SHLINK_EXTERNAL_DOMAIN}.pem is missing. Please provide a new one to update the certificates." + exit 1 + fi + fi +fi +echo "Certificates updated successfully." \ No newline at end of file diff --git a/docker-stacks/config-template/limesurvey/etc/config.php b/docker-stacks/config-template/limesurvey/etc/config.php index fee8ceca..f2c8bbef 100644 --- a/docker-stacks/config-template/limesurvey/etc/config.php +++ b/docker-stacks/config-template/limesurvey/etc/config.php @@ -122,7 +122,16 @@ 'display_name_key' => 'preferred_username', 'display_separator_display_name' => ' ', 'autocreate_users' => 'true', - 'autocreate_permissions' => '{ "users": { "create": false, "read": false, "update": false, "delete": false }, "usergroups": { "create": false, "read": false,"update": false, "delete": false }, "labelsets": { "create": false, "read": false, "update": false, "delete": false, "import": false, "export": false }, "templates": { "create": false, "read": false, "update": false, "delete": false, "import": false, "export": false }, "settings": { "read": false, "update": false, "import": false }, "surveys": { "create": true, "read": true, "update": true, "delete": true, "export": true }, "participantpanel": { "create": false, "read": false, "update": false, "delete": false, "import": false, "export": false }, "auth_db": { "read": false } }' + 'auto_create_participant_panel' => [], + 'auto_create_labelsets' => [], + 'auto_create_settings_plugins' => [], + 'auto_create_surveys_groups' => [], + 'auto_create_surveys' => ['create_p', 'update_p', 'delete_p', 'import_p', 'export_p'], + 'auto_create_templates' => ['create_p', 'update_p', 'delete_p', 'import_p', 'export_p'], + 'auto_create_user_groups' => [], + 'roles_removetext' => '', + 'autocreate_roles' => [], + ], 'hidden' => ['client_id','client_secret'], 'debug' => '{{ .plugins.oauth2.debug }}', diff --git a/docker-stacks/config-template/traefik/nginx/default.conf.template b/docker-stacks/config-template/traefik/nginx/default.conf.template index 63b95eae..47caccf1 100644 --- a/docker-stacks/config-template/traefik/nginx/default.conf.template +++ b/docker-stacks/config-template/traefik/nginx/default.conf.template @@ -161,7 +161,8 @@ server { listen 443 ssl; listen [::]:443 ssl; - server_name ${SIMVA_SERVER_LIST_NAME}; + # Use file-based include for all server_name lines + include /etc/nginx/templates/nginx_upstream_hosts.txt; ssl_certificate /etc/traefik/ssl/${SIMVA_TRAEFIK_FULLCHAIN_CERT_FILENAME}; ssl_certificate_key /etc/traefik/ssl/${SIMVA_TRAEFIK_KEY_FILENAME}; diff --git a/docker-stacks/data/lrs/.gitignore b/docker-stacks/data/lrs/.gitignore new file mode 100644 index 00000000..f329ad24 --- /dev/null +++ b/docker-stacks/data/lrs/.gitignore @@ -0,0 +1,3 @@ +.version +.externaldomain +.initialized \ No newline at end of file diff --git a/docker-stacks/etc/simva.d/simva-env.dev.sh b/docker-stacks/etc/simva.d/simva-env.dev.sh index ddab5a35..5fb0eb12 100644 --- a/docker-stacks/etc/simva.d/simva-env.dev.sh +++ b/docker-stacks/etc/simva.d/simva-env.dev.sh @@ -30,6 +30,7 @@ export SIMVA_KAFKA_UI_HOST_SUBDOMAIN="kafka-ui" export SIMVA_ZOONAVIGATOR_HOST_SUBDOMAIN="zoonavigator" #SIMVA MONGO DB export SIMVA_MONGO_UI_HOST_SUBDOMAIN="simva-mongo-ui" +export SIMVA_SQLITE_UI_HOST_SUBDOMAIN="simva-sqlite-ui" #SHLINK export SIMVA_SHLINK_ADMIN_HOST_SUBDOMAIN="shlink-admin" #Jupyter Notebook @@ -42,19 +43,19 @@ export SIMVA_PORTAINER_HOST_SUBDOMAIN="portainer" ####################### #Git reference branch export CSP_REPORTER_GIT_REF="master" -branch="dev" -export SIMVA_API_GIT_REF=$branch -export SIMVA_FRONT_GIT_REF=$branch -export SIMVA_TRACE_ALLOCATOR_GIT_REF=$branch -export SIMVA_PUMVA_GIT_REF=$branch -export SIMVA_PUMVA_FRONT_GIT_REF=$branch -export SIMVA_LIMESURVEY_DOCKER_GIT_REF="remotecontrol-patch" -export SIMVA_TMON_GIT_REF="plotly-dash" -export SIMVA_TMON_ANACONDA_GIT_REF="master-jupyter-notebook" +export SIMVA_API_GIT_REF="v2.0.0-alpha" +export SIMVA_FRONT_GIT_REF="v2.0.0-alpha" +export SIMVA_TRACE_ALLOCATOR_GIT_REF="v1.1.0" +export SIMVA_PUMVA_GIT_REF="v0.0.1-alpha" +export SIMVA_PUMVA_FRONT_GIT_REF="v0.0.1-alpha" +export SIMVA_LIMESURVEY_DOCKER_GIT_REF="6.16.16-apache" +export SIMVA_TMON_GIT_REF="v1.0.0-alpha" +export SIMVA_TMON_ANACONDA_GIT_REF="v0.0.1" export SIMVA_KEYCLOAK_EXTENSION_LOCAL_DEPLOYMENT=false export SIMVA_KAFKA_EXTENSION_LOCAL_DEPLOYMENT=false export SIMVA_LIMESURVEY_PLUGIN_LOCAL_DEPLOYMENT=false +export SIMVA_JSTRACKER_LIBRARY_LOCAL_DEPLOYMENT=false ################################################ # Database migration check for SIMVA and PUMVA # diff --git a/docker-stacks/etc/simva.d/simva-env.sh b/docker-stacks/etc/simva.d/simva-env.sh index a12afba6..126a9a33 100644 --- a/docker-stacks/etc/simva.d/simva-env.sh +++ b/docker-stacks/etc/simva.d/simva-env.sh @@ -81,6 +81,8 @@ export SIMVA_PUMVA_API_HOST_SUBDOMAIN="pumva-api" export SIMVA_PUMVA_HOST_SUBDOMAIN="pumva" #LOGS export SIMVA_DOZZLE_HOST_SUBDOMAIN="logs" +#LRS +export SIMVA_LRS_HOST_SUBDOMAIN="lrs" ##################### # Socket Proxy info # @@ -152,6 +154,7 @@ export SIMVA_MINIO_PRESIGNED_URL_FILE_EXPIRATION_TIME="1h" ############## export SIMVA_KAFKA_NETWORK="kafka_services" export SIMVA_TRACES_BUCKET_NAME="traces" +export SIMVA_BACKUP_BUCKET_NAME="backup" export SIMVA_SINK_TOPICS_DIR="kafka-topics" export SIMVA_TRACES_TOPIC="traces" export SIMVA_SINK_OUTPUTS_DIR="outputs" @@ -193,6 +196,15 @@ export SIMVA_TRACE_ALLOCATOR_KAFKA_GROUP_ID="simva_trace_allocator" export SIMVA_TIMEZONE="Europe/Madrid" +######################################### +# LRS/DB ENVIRONMENT VARIABLES (from docker-compose.yml) +######################################### +# Postgres DB +export SIMVA_LRS_DB_NAME="lrs" + +# LRS Service +export SIMVA_LRS_SUPPORTED_VERSIONS="1.0.3,2.0.0" + #################################################################### ######## Authentification username and password (TO MODIFY) ######## #################################################################### @@ -255,6 +267,18 @@ export SIMVA_SHLINK_API_KEY="password" export SIMVA_DOZZLE_USERNAME="simva" export SIMVA_DOZZLE_PASSWORD="password" +# Postgres DB +export SIMVA_LRS_DB_USER="lrs" +export SIMVA_LRS_DB_PASSWORD="lrs" + +# LRS Service +export SIMVA_LRS_API_KEY_DEFAULT="my_api_key" +export SIMVA_LRS_API_SECRET_DEFAULT="my_api_secret" + +# LRS Service Admin user +export SIMVA_LRS_ADMIN_USER_DEFAULT="admin" +export SIMVA_LRS_ADMIN_PASS_DEFAULT="admin_password" + #################################################################### # ######################### KEYCLOAK USERS ######################### # ACCESS_KEY AND SECRET_KEY VARIABLES FOR KEYCLOAK CLIENTS CREATION diff --git a/docker-stacks/etc/simva.install.d/simva-env.dev.sh b/docker-stacks/etc/simva.install.d/simva-env.dev.sh index e46e394f..46eaa6cf 100644 --- a/docker-stacks/etc/simva.install.d/simva-env.dev.sh +++ b/docker-stacks/etc/simva.install.d/simva-env.dev.sh @@ -77,6 +77,7 @@ export SIMVA_TMON_GIT_REPO="${base_for_tmon_repos}/t-mon" export SIMVA_KEYCLOAK_EXTENSIONS_LOCAL_PATH="${SIMVA_HOME}/../../keycloak-extensions" export SIMVA_KAFKA_EXTENSIONS_LOCAL_PATH="${SIMVA_HOME}/../../kafka-extensions" export SIMVA_LIMESURVEY_PLUGINS_LOCAL_PATH="${SIMVA_HOME}/../.." +export SIMVA_JSTRACKER_LIBRARY_LOCAL_PATH="${SIMVA_HOME}/../../js-tracker" ########################### # SIMVA Load Balancer IPs # diff --git a/docker-stacks/etc/simva.install.d/simva-env.sh b/docker-stacks/etc/simva.install.d/simva-env.sh index a17ee462..9a0a327a 100644 --- a/docker-stacks/etc/simva.install.d/simva-env.sh +++ b/docker-stacks/etc/simva.install.d/simva-env.sh @@ -2,7 +2,7 @@ ################ # SIMVA STACKS # ################ -export SIMVA_STACKS="00-network 01-traefik 09-logs 02-keycloak 03-limesurvey 04-minio 05-kafka 06-shlink 07-simva 08-tmon 10-pumva" +export SIMVA_STACKS="00-network 01-traefik 09-logs 02-keycloak 03-limesurvey 04-minio 05-kafka 06-shlink 11-lrs 07-simva 08-tmon 10-pumva" ############################# # SIMVA installation folder # @@ -177,6 +177,10 @@ export SIMVA_LOGS_TOP_DIR_MODE="755" #rwxr-xr-x export SIMVA_LOGS_DIR_MODE="755" #rwxr-xr-x export SIMVA_LOGS_FILE_MODE="644" #rw-r--r-- +#LRS IMAGE +export SIMVA_LRS_IMAGE="yetanalytics/lrsql" +export SIMVA_LRS_VERSION="v0.9.5" + ########################## # Extensions and Plugins # ########################## @@ -192,9 +196,9 @@ export SIMVA_CONFLUENCE_CONNECT_S3_REPO="confluentinc/kafka-connect-s3" export SIMVA_CONFLUENCE_CONNECT_S3_VERSION="11.0.1" #Git reference tag version release branch for Limesurvey Plugins -export SIMVA_LIMESURVEY_AUTHOAUTH2_PLUGIN_VERSION="1.5.0" +export SIMVA_LIMESURVEY_AUTHOAUTH2_PLUGIN_VERSION="1.6.0" export SIMVA_LIMESURVEY_WEBHOOK_PLUGIN_VERSION="1.1.0" -export SIMVA_LIMESURVEY_XAPITRACKER_PLUGIN_VERSION="1.0.0" +export SIMVA_LIMESURVEY_XAPITRACKER_PLUGIN_VERSION="1.0.2" ################################# # OS and Architecture detection # diff --git a/docker-stacks/simva b/docker-stacks/simva index ea3141e9..bcd1016e 100755 --- a/docker-stacks/simva +++ b/docker-stacks/simva @@ -97,6 +97,12 @@ function main() { install "1" "true" ${@%/} exit 0 ;; + "updatecerts") + check_docker_launched + setExecutable_scripts_from_folder ${SIMVA_BIN_HOME} + "${SIMVA_BIN_HOME}/update-certs.sh" + exit 0 + ;; "uninstall") check_docker_launched uninstall "1" ${@%/} @@ -608,6 +614,8 @@ See ${SIMVA_PROJECT_URL} for details. OPERATION one of the following: install: Install SIMVA locally (download docker images, build required tools, etc.) + updatecerts: + Update if SIMVA_TLS_GENERATE_SELF_SIGNED = false the root CA certificate and its fullchain in case it is expired from ${SIMVA_HOME}/../${SIMVA_EXTERNAL_DOMAIN}.pem;-key.pem;-fullchain.pem if exist and from ${SIMVA_HOME}/../${SIMVA_SHLINK_EXTERNAL_DOMAIN}.pem;-key.pem;-fullchain.pem if exist. uninstall: Stop and remove containers, without removing docker external volumes and data. purge: @@ -764,6 +772,7 @@ compare_versions() { # Migrate DB stack function migrate_db() { echo "Migrate DB : $@" + shift if [[ $# -lt 1 ]]; then echo >&2 "missing wait_time" exit 1 @@ -796,6 +805,8 @@ function migrate_db() { execute_after_hooks ${phase} ${stack} echo "Migrate DB ${stack} done!" done + echo "Restarting migrated stack(s): ${stacks}" + start "${wait_time}" "false" ${stacks} echo "Migrate DB done!" } diff --git a/vagrant/helpers/installation.sh b/vagrant/helpers/installation.sh index 6fcb5e3d..6998213d 100644 --- a/vagrant/helpers/installation.sh +++ b/vagrant/helpers/installation.sh @@ -165,6 +165,16 @@ if [ ! -d /home/vagrant/simva-front ]; then git clone --depth 1 --branch ${SIMVA_FRONT_GIT_REF} https://github.com/e-ucm/simva-front.git /home/vagrant/simva-front chown -R vagrant:vagrant /home/vagrant/simva-front fi +if [ ! -d /home/vagrant/pumva ]; then + mkdir -p /home/vagrant/pumva + git clone --depth 1 --branch ${SIMVA_PUMVA_GIT_REF} https://github.com/e-ucm/pumva.git /home/vagrant/pumva + chown -R vagrant:vagrant /home/vagrant/pumva +fi +if [ ! -d /home/vagrant/pumva-front ]; then + mkdir -p /home/vagrant/pumva-front + git clone --depth 1 --branch ${SIMVA_PUMVA_FRONT_GIT_REF} https://github.com/e-ucm/pumva-front.git /home/vagrant/pumva-front + chown -R vagrant:vagrant /home/vagrant/pumva-front +fi if [ ! -d /home/vagrant/simva-trace-allocator ]; then mkdir -p /home/vagrant/simva-trace-allocator git clone --depth 1 --branch ${SIMVA_TRACE_ALLOCATOR_GIT_REF} https://github.com/e-ucm/simva-trace-allocator.git /home/vagrant/simva-trace-allocator @@ -180,6 +190,36 @@ if [ ! -d /home/vagrant/docker-limesurvey ]; then git clone --depth 1 --branch ${SIMVA_LIMESURVEY_DOCKER_GIT_REF} https://github.com/e-ucm/docker-limesurvey.git /home/vagrant/docker-limesurvey chown -R vagrant:vagrant /home/vagrant/docker-limesurvey fi +if [ ! -d /home/vagrant/LimesurveyXAPITracker ]; then + mkdir -p /home/vagrant/LimesurveyXAPITracker + git clone --depth 1 --branch v${SIMVA_LIMESURVEY_XAPITRACKER_PLUGIN_VERSION} https://github.com/e-ucm/LimesurveyXAPITracker.git /home/vagrant/LimesurveyXAPITracker + chown -R vagrant:vagrant /home/vagrant/LimesurveyXAPITracker +fi +if [ ! -d /home/vagrant/LimesurveyWebhook ]; then + mkdir -p /home/vagrant/LimesurveyWebhook + git clone --depth 1 --branch v${SIMVA_LIMESURVEY_WEBHOOK_PLUGIN_VERSION} https://github.com/e-ucm/LimesurveyWebhook.git /home/vagrant/LimesurveyWebhook + chown -R vagrant:vagrant /home/vagrant/LimesurveyWebhook +fi +if [ ! -d /home/vagrant/AuthOAuth2 ]; then + mkdir -p /home/vagrant/AuthOAuth2 + git clone --depth 1 --branch v${SIMVA_LIMESURVEY_AUTHOAUTH2_PLUGIN_VERSION} https://github.com/e-ucm/AuthOAuth2.git /home/vagrant/AuthOAuth2 + chown -R vagrant:vagrant /home/vagrant/AuthOAuth2 +fi +if [ ! -d /home/vagrant/js-tracker ]; then + mkdir -p /home/vagrant/js-tracker + git clone --depth 1 --branch "master" https://github.com/e-ucm/js-tracker.git /home/vagrant/js-tracker + chown -R vagrant:vagrant /home/vagrant/js-tracker +fi +if [ ! -d /home/vagrant/keycloak-extensions ]; then + mkdir -p /home/vagrant/keycloak-extensions + git clone --depth 1 --branch v${SIMVA_KEYCLOAK_EXTENSIONS_VERSION} https://github.com/e-ucm/keycloak-extensions.git /home/vagrant/keycloak-extensions + chown -R vagrant:vagrant /home/vagrant/keycloak-extensions +fi +if [ ! -d /home/vagrant/kafka-extensions ]; then + mkdir -p /home/vagrant/kafka-extensions + git clone --depth 1 --branch v${SIMVA_KAFKA_EXTENSIONS_VERSION} https://github.com/e-ucm/kafka-extensions.git /home/vagrant/kafka-extensions + chown -R vagrant:vagrant /home/vagrant/kafka-extensions +fi ls /home/vagrant/ #Make the simva script executation