From 6f9fc905cae35432ca01e355fc4974ed7018e13b Mon Sep 17 00:00:00 2001 From: Julio SANTILARIO BERTHILIER <62715763+jujusb@users.noreply.github.com> Date: Tue, 28 Apr 2026 09:48:10 +0800 Subject: [PATCH 01/33] Add LRS service configuration and environment variables to Docker setup Update LRS service configuration in Docker Compose and add .gitignore for LRS data Update 10-wait-lrs-available.sh Ensure LRS service restarts unless stopped in Docker Compose --- docker-stacks/07-simva/docker-compose.yml | 3 + docker-stacks/11-lrs/docker-compose.yml | 70 +++++++++++++++++++ .../after-start.d/10-wait-lrs-available.sh | 5 ++ docker-stacks/11-lrs/etc/simva.d/simva-env.sh | 5 ++ docker-stacks/data/lrs/.gitignore | 3 + docker-stacks/etc/simva.d/simva-env.sh | 23 ++++++ .../etc/simva.install.d/simva-env.sh | 2 +- 7 files changed, 110 insertions(+), 1 deletion(-) create mode 100644 docker-stacks/11-lrs/docker-compose.yml create mode 100644 docker-stacks/11-lrs/etc/hooks/after-start.d/10-wait-lrs-available.sh create mode 100644 docker-stacks/11-lrs/etc/simva.d/simva-env.sh create mode 100644 docker-stacks/data/lrs/.gitignore diff --git a/docker-stacks/07-simva/docker-compose.yml b/docker-stacks/07-simva/docker-compose.yml index d417d5b4..b3ddd05a 100644 --- a/docker-stacks/07-simva/docker-compose.yml +++ b/docker-stacks/07-simva/docker-compose.yml @@ -115,6 +115,9 @@ services: SHLINK_PORT: ${SIMVA_SHLINK_PORT:-443} SHLINK_PROTOCOL: ${SIMVA_SHLINK_EXTERNAL_PROTOCOL:-https} SHLINK_SERVER_API_KEY: ${SIMVA_SHLINK_API_KEY:-password} + LRS_ENDPOINT: "https://${SIMVA_LRS_HOST_SUBDOMAIN:-lrs}.${SIMVA_EXTERNAL_DOMAIN:-external.test}/" + LRS_API_KEY: "${SIMVA_LRS_API_KEY_DEFAULT:-my_api_key}" + LRS_API_SECRET: "${SIMVA_LRS_API_SECRET_DEFAULT:-my_api_secret}" volumes: - /etc/localtime:/etc/localtime:ro - ${SIMVA_TLS_HOME?TLS home folder required}:/var/lib/simva/tls diff --git a/docker-stacks/11-lrs/docker-compose.yml b/docker-stacks/11-lrs/docker-compose.yml new file mode 100644 index 00000000..b0501a10 --- /dev/null +++ b/docker-stacks/11-lrs/docker-compose.yml @@ -0,0 +1,70 @@ +version: '3.7' + +x-default-opts: + &default-opts + logging: + options: + max-size: "${SIMVA_LOGGING_MAX_FILE_SIZE}" + max-file: "${SIMVA_LOGGING_MAX_FILES}" + # driver: "gelf" + # options: + # gelf-address: "udp://127.0.0.1:5000" + +networks: + traefik_services: + name: "${SIMVA_SERVICE_NETWORK:-traefik_services}" + external: true + +services: + db: + image: postgres:18 + restart: unless-stopped + environment: + POSTGRES_DB: ${SIMVA_LRS_DB_NAME:-lrs} + POSTGRES_USER: ${SIMVA_LRS_DB_USER:-lrs} + POSTGRES_PASSWORD: ${SIMVA_LRS_DB_PASSWORD:-lrs} + networks: + default: + aliases: + - db-lrs.${SIMVA_INTERNAL_DOMAIN:-internal.test} + traefik_services: + aliases: + - db-lrs.${SIMVA_INTERNAL_DOMAIN:-internal.test} + volumes: + - pgdata:/var/lib/postgresql + lrs: + image: yetanalytics/lrsql:latest + command: ["/lrsql/bin/run_postgres.sh"] # 🔥 IMPORTANT FIX + restart: unless-stopped + depends_on: + - db + environment: + LRSQL_LOG_LEVEL: info + LRSQL_DB_TYPE: postgres + LRSQL_DB_HOST: db-lrs.${SIMVA_INTERNAL_DOMAIN:-internal.test} + LRSQL_DB_PORT: 5432 + LRSQL_DB_NAME: ${SIMVA_LRS_DB_NAME:-lrs} + LRSQL_DB_USER: ${SIMVA_LRS_DB_USER:-lrs} + LRSQL_DB_PASSWORD: ${SIMVA_LRS_DB_PASSWORD:-lrs} + LRSQL_API_KEY_DEFAULT: ${SIMVA_LRS_API_KEY_DEFAULT:-my_api_key} + LRSQL_API_SECRET_DEFAULT: ${SIMVA_LRS_API_SECRET_DEFAULT:-my_api_secret} + LRSQL_ADMIN_USER_DEFAULT: ${SIMVA_LRS_ADMIN_USER_DEFAULT:-admin} + LRSQL_ADMIN_PASS_DEFAULT: ${SIMVA_LRS_ADMIN_PASS_DEFAULT:-admin_password} + LRSQL_SUPPORTED_VERSIONS: ${SIMVA_LRS_SUPPORTED_VERSIONS:-1.0.3,1.0.2,1.0.1,1.0.0} + LRSQL_ALLOWED_ORIGINS: "https://${SIMVA_LRS_HOST_SUBDOMAIN:-lrs}.${SIMVA_EXTERNAL_DOMAIN:-external.test},https://${SIMVA_EXTERNAL_DOMAIN:-external.test}" + LRSQL_HTTP_HOST: 0.0.0.0 + LRSQL_HTTP_PORT: 8080 + networks: + default: + aliases: + - ${SIMVA_LRS_HOST_SUBDOMAIN:-lrs}.${SIMVA_INTERNAL_DOMAIN:-internal.test} + traefik_services: + aliases: + - ${SIMVA_LRS_HOST_SUBDOMAIN:-lrs}.${SIMVA_INTERNAL_DOMAIN:-internal.test} + labels: + traefik.enable: "true" + traefik.http.services.lrs.loadbalancer.server.port: "8080" + traefik.http.routers.lrs.rule: "Host(`${SIMVA_LRS_HOST_SUBDOMAIN:-lrs}.${SIMVA_EXTERNAL_DOMAIN:-external.test}`)" + +volumes: + pgdata: \ No newline at end of file diff --git a/docker-stacks/11-lrs/etc/hooks/after-start.d/10-wait-lrs-available.sh b/docker-stacks/11-lrs/etc/hooks/after-start.d/10-wait-lrs-available.sh new file mode 100644 index 00000000..aa174866 --- /dev/null +++ b/docker-stacks/11-lrs/etc/hooks/after-start.d/10-wait-lrs-available.sh @@ -0,0 +1,5 @@ +#!/usr/bin/env bash +set -euo pipefail +[[ "${DEBUG:-false}" == "true" ]] && set -x + +${SIMVA_BIN_HOME}/wait-available.sh "LRS" "https://${SIMVA_LRS_HOST_SUBDOMAIN:-lrs}.${SIMVA_EXTERNAL_DOMAIN}/admin/ui" "false" "$SIMVA_TRAEFIK_FULLCHAIN_CERT_FILE" \ No newline at end of file diff --git a/docker-stacks/11-lrs/etc/simva.d/simva-env.sh b/docker-stacks/11-lrs/etc/simva.d/simva-env.sh new file mode 100644 index 00000000..9c476d3e --- /dev/null +++ b/docker-stacks/11-lrs/etc/simva.d/simva-env.sh @@ -0,0 +1,5 @@ +#!/usr/bin/env bash +set -euo pipefail +[[ "${DEBUG:-false}" == "true" ]] && set -x + +export COMPOSE_FILE="docker-compose.yml" \ No newline at end of file diff --git a/docker-stacks/data/lrs/.gitignore b/docker-stacks/data/lrs/.gitignore new file mode 100644 index 00000000..f329ad24 --- /dev/null +++ b/docker-stacks/data/lrs/.gitignore @@ -0,0 +1,3 @@ +.version +.externaldomain +.initialized \ No newline at end of file diff --git a/docker-stacks/etc/simva.d/simva-env.sh b/docker-stacks/etc/simva.d/simva-env.sh index a12afba6..8c131345 100644 --- a/docker-stacks/etc/simva.d/simva-env.sh +++ b/docker-stacks/etc/simva.d/simva-env.sh @@ -81,6 +81,8 @@ export SIMVA_PUMVA_API_HOST_SUBDOMAIN="pumva-api" export SIMVA_PUMVA_HOST_SUBDOMAIN="pumva" #LOGS export SIMVA_DOZZLE_HOST_SUBDOMAIN="logs" +#LRS +export SIMVA_LRS_HOST_SUBDOMAIN="lrs" ##################### # Socket Proxy info # @@ -193,6 +195,15 @@ export SIMVA_TRACE_ALLOCATOR_KAFKA_GROUP_ID="simva_trace_allocator" export SIMVA_TIMEZONE="Europe/Madrid" +######################################### +# LRS/DB ENVIRONMENT VARIABLES (from docker-compose.yml) +######################################### +# Postgres DB +export SIMVA_LRS_DB_NAME="lrs" + +# LRS Service +export SIMVA_LRS_SUPPORTED_VERSIONS="1.0.3,2.0.0" + #################################################################### ######## Authentification username and password (TO MODIFY) ######## #################################################################### @@ -255,6 +266,18 @@ export SIMVA_SHLINK_API_KEY="password" export SIMVA_DOZZLE_USERNAME="simva" export SIMVA_DOZZLE_PASSWORD="password" +# Postgres DB +export SIMVA_LRS_DB_USER="lrs" +export SIMVA_LRS_DB_PASSWORD="lrs" + +# LRS Service +export SIMVA_LRS_API_KEY_DEFAULT="my_api_key" +export SIMVA_LRS_API_SECRET_DEFAULT="my_api_secret" + +# LRS Service Admin user +export SIMVA_LRS_ADMIN_USER_DEFAULT="admin" +export SIMVA_LRS_ADMIN_PASS_DEFAULT="admin_password" + #################################################################### # ######################### KEYCLOAK USERS ######################### # ACCESS_KEY AND SECRET_KEY VARIABLES FOR KEYCLOAK CLIENTS CREATION diff --git a/docker-stacks/etc/simva.install.d/simva-env.sh b/docker-stacks/etc/simva.install.d/simva-env.sh index a17ee462..5f228aae 100644 --- a/docker-stacks/etc/simva.install.d/simva-env.sh +++ b/docker-stacks/etc/simva.install.d/simva-env.sh @@ -2,7 +2,7 @@ ################ # SIMVA STACKS # ################ -export SIMVA_STACKS="00-network 01-traefik 09-logs 02-keycloak 03-limesurvey 04-minio 05-kafka 06-shlink 07-simva 08-tmon 10-pumva" +export SIMVA_STACKS="00-network 01-traefik 09-logs 02-keycloak 03-limesurvey 04-minio 05-kafka 06-shlink 11-lrs 07-simva 08-tmon 10-pumva" ############################# # SIMVA installation folder # From abd48e71c9b80ae88ab473fadbdcd58a3c1ec7c9 Mon Sep 17 00:00:00 2001 From: Julio SANTILARIO BERTHILIER Date: Thu, 7 May 2026 07:47:09 +0200 Subject: [PATCH 02/33] Update allowed origins for LRS service in Docker Compose --- docker-stacks/11-lrs/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-stacks/11-lrs/docker-compose.yml b/docker-stacks/11-lrs/docker-compose.yml index b0501a10..ddd28b75 100644 --- a/docker-stacks/11-lrs/docker-compose.yml +++ b/docker-stacks/11-lrs/docker-compose.yml @@ -51,7 +51,7 @@ services: LRSQL_ADMIN_USER_DEFAULT: ${SIMVA_LRS_ADMIN_USER_DEFAULT:-admin} LRSQL_ADMIN_PASS_DEFAULT: ${SIMVA_LRS_ADMIN_PASS_DEFAULT:-admin_password} LRSQL_SUPPORTED_VERSIONS: ${SIMVA_LRS_SUPPORTED_VERSIONS:-1.0.3,1.0.2,1.0.1,1.0.0} - LRSQL_ALLOWED_ORIGINS: "https://${SIMVA_LRS_HOST_SUBDOMAIN:-lrs}.${SIMVA_EXTERNAL_DOMAIN:-external.test},https://${SIMVA_EXTERNAL_DOMAIN:-external.test}" + LRSQL_ALLOWED_ORIGINS: "https://${SIMVA_LRS_HOST_SUBDOMAIN:-lrs}.${SIMVA_EXTERNAL_DOMAIN:-external.test},https://${SIMVA_API_HOST_SUBDOMAIN:-api}.${SIMVA_EXTERNAL_DOMAIN:-external.test}" LRSQL_HTTP_HOST: 0.0.0.0 LRSQL_HTTP_PORT: 8080 networks: From 9fb6739f1af1bee0e9a9dcb02b4fba4570823c9c Mon Sep 17 00:00:00 2001 From: Julio SANTILARIO BERTHILIER Date: Thu, 7 May 2026 16:27:03 +0200 Subject: [PATCH 03/33] Refactor LRS service environment variables and update permissions for wait script --- docker-stacks/07-simva/docker-compose.dev.yml | 9 --------- docker-stacks/07-simva/docker-compose.yml | 4 ++-- .../etc/hooks/after-start.d/10-wait-lrs-available.sh | 0 3 files changed, 2 insertions(+), 11 deletions(-) mode change 100644 => 100755 docker-stacks/11-lrs/etc/hooks/after-start.d/10-wait-lrs-available.sh diff --git a/docker-stacks/07-simva/docker-compose.dev.yml b/docker-stacks/07-simva/docker-compose.dev.yml index ee850d6d..1f238d6d 100644 --- a/docker-stacks/07-simva/docker-compose.dev.yml +++ b/docker-stacks/07-simva/docker-compose.dev.yml @@ -17,15 +17,6 @@ services: environment: LOG_LEVEL: "debug" volumes: - - ${SIMVA_API_GIT_REPO:-/home/vagrant/docker-stacks/data/simva/simva-api}/src:/home/node/app/src - - ${SIMVA_API_GIT_REPO:-/home/vagrant/docker-stacks/data/simva/simva-api}/tests:/home/node/app/tests - - ${SIMVA_API_GIT_REPO:-/home/vagrant/docker-stacks/data/simva/simva-api}/public:/home/node/app/public - - ${SIMVA_API_GIT_REPO:-/home/vagrant/docker-stacks/data/simva/simva-api}/package.json:/home/node/app/package.json - - ${SIMVA_API_GIT_REPO:-/home/vagrant/docker-stacks/data/simva/simva-api}/package-lock.json:/home/node/app/package-lock.json - - ${SIMVA_API_GIT_REPO:-/home/vagrant/docker-stacks/data/simva/simva-api}/jest.config.cjs:/home/node/app/jest.config.cjs - - ${SIMVA_API_GIT_REPO:-/home/vagrant/docker-stacks/data/simva/simva-api}/tsconfig.jest.json:/home/node/app/tsconfig.jest.json - - ${SIMVA_API_GIT_REPO:-/home/vagrant/docker-stacks/data/simva/simva-api}/tsconfig.json:/home/node/app/tsconfig.json - - ${SIMVA_API_GIT_REPO:-/home/vagrant/docker-stacks/data/simva/simva-api}/coverage:/home/node/app/coverage - ${SIMVA_API_GIT_REPO:-/home/vagrant/docker-stacks/data/simva/simva-api}:/home/node/app/ - /home/node/app/node_modules # Exclude node_modules ports: diff --git a/docker-stacks/07-simva/docker-compose.yml b/docker-stacks/07-simva/docker-compose.yml index b3ddd05a..e1505d35 100644 --- a/docker-stacks/07-simva/docker-compose.yml +++ b/docker-stacks/07-simva/docker-compose.yml @@ -116,8 +116,8 @@ services: SHLINK_PROTOCOL: ${SIMVA_SHLINK_EXTERNAL_PROTOCOL:-https} SHLINK_SERVER_API_KEY: ${SIMVA_SHLINK_API_KEY:-password} LRS_ENDPOINT: "https://${SIMVA_LRS_HOST_SUBDOMAIN:-lrs}.${SIMVA_EXTERNAL_DOMAIN:-external.test}/" - LRS_API_KEY: "${SIMVA_LRS_API_KEY_DEFAULT:-my_api_key}" - LRS_API_SECRET: "${SIMVA_LRS_API_SECRET_DEFAULT:-my_api_secret}" + LRS_API_KEY_DEFAULT: "${SIMVA_LRS_API_KEY_DEFAULT:-my_api_key}" + LRS_API_SECRET_DEFAULT: "${SIMVA_LRS_API_SECRET_DEFAULT:-my_api_secret}" volumes: - /etc/localtime:/etc/localtime:ro - ${SIMVA_TLS_HOME?TLS home folder required}:/var/lib/simva/tls diff --git a/docker-stacks/11-lrs/etc/hooks/after-start.d/10-wait-lrs-available.sh b/docker-stacks/11-lrs/etc/hooks/after-start.d/10-wait-lrs-available.sh old mode 100644 new mode 100755 From ba6e13a14472dbd689eb862204bf194f352b2b0d Mon Sep 17 00:00:00 2001 From: Julio SANTILARIO BERTHILIER Date: Wed, 13 May 2026 05:25:19 +0200 Subject: [PATCH 04/33] Add local js-tracker setup and update Docker configurations for local development --- docker-stacks/07-simva/docker-compose.dev.yml | 17 ++++--- .../etc/entrypoint.d/docker-startup-api.sh | 2 + .../etc/entrypoint.d/setup-local-deps.js | 48 +++++++++++++++++++ docker-stacks/etc/simva.d/simva-env.dev.sh | 1 + .../etc/simva.install.d/simva-env.dev.sh | 1 + .../etc/simva.install.d/simva-env.sh | 2 +- vagrant/helpers/installation.sh | 40 ++++++++++++++++ 7 files changed, 104 insertions(+), 7 deletions(-) create mode 100644 docker-stacks/07-simva/etc/entrypoint.d/setup-local-deps.js diff --git a/docker-stacks/07-simva/docker-compose.dev.yml b/docker-stacks/07-simva/docker-compose.dev.yml index 1f238d6d..a1eadf0e 100644 --- a/docker-stacks/07-simva/docker-compose.dev.yml +++ b/docker-stacks/07-simva/docker-compose.dev.yml @@ -12,34 +12,39 @@ x-default-opts: services: simva-api: - build: ${SIMVA_API_GIT_REPO:-/home/vagrant/docker-stacks/data/simva/simva-api} + build: ${SIMVA_API_GIT_REPO:-/home/vagrant/simva} restart: unless-stopped environment: LOG_LEVEL: "debug" + JSTRACKER_LOCAL_DEPLOYMENT: "${SIMVA_JSTRACKER_LIBRARY_LOCAL_DEPLOYMENT}" + JSTRACKER_LOCAL_PATH: "/home/node/js-tracker" + JSTRACKER_ENTRYPOINT_SCRIPT: "/home/node/entrypoint.d/setup-local-deps.js" volumes: - - ${SIMVA_API_GIT_REPO:-/home/vagrant/docker-stacks/data/simva/simva-api}:/home/node/app/ + - ${SIMVA_API_GIT_REPO:-/home/vagrant/simva}:/home/node/app/ + - ${SIMVA_JSTRACKER_LIBRARY_LOCAL_PATH:-/home/vagrant/js-tracker}:/home/node/js-tracker - /home/node/app/node_modules # Exclude node_modules + - ${STACK_HOME?STACK home folder required}/etc/entrypoint.d/setup-local-deps.js:/home/node/entrypoint.d/setup-local-deps.js ports: - "127.0.0.1:9229:9229" - "127.0.0.1:9232:9230" simva-front: - build: ${SIMVA_FRONT_GIT_REPO:-/home/vagrant/docker-stacks/data/simva/simva-front} + build: ${SIMVA_FRONT_GIT_REPO:-/home/vagrant/simva-front} restart: unless-stopped environment: LOG_LEVEL: "debug" volumes: - - ${SIMVA_FRONT_GIT_REPO:-/home/vagrant/docker-stacks/data/simva/simva-front}:/home/node/app/ + - ${SIMVA_FRONT_GIT_REPO:-/home/vagrant/simva-front}:/home/node/app/ - /home/node/app/node_modules # Exclude node_modules ports: - "127.0.0.1:9230:9229" - "127.0.0.1:9233:9230" simva-trace-allocator: - build: ${SIMVA_TRACE_ALLOCATOR_GIT_REPO:-/home/vagrant/docker-stacks/data/simva/simva-trace-allocator} + build: ${SIMVA_TRACE_ALLOCATOR_GIT_REPO:-/home/vagrant/simva-trace-allocator} restart: unless-stopped environment: LOG_LEVEL: "debug" volumes: - - ${SIMVA_TRACE_ALLOCATOR_GIT_REPO:-/home/vagrant/docker-stacks/data/simva/simva-trace-allocator}:/home/node/app/ + - ${SIMVA_TRACE_ALLOCATOR_GIT_REPO:-/home/vagrant/simva-trace-allocator}:/home/node/app/ - /home/node/app/node_modules # Exclude node_modules ports: - "127.0.0.1:9231:9229" \ No newline at end of file diff --git a/docker-stacks/07-simva/etc/entrypoint.d/docker-startup-api.sh b/docker-stacks/07-simva/etc/entrypoint.d/docker-startup-api.sh index a36bab7c..71eed722 100755 --- a/docker-stacks/07-simva/etc/entrypoint.d/docker-startup-api.sh +++ b/docker-stacks/07-simva/etc/entrypoint.d/docker-startup-api.sh @@ -7,6 +7,8 @@ cd /home/node/app #start api echo "${NODE_ENV}" if [[ "${NODE_ENV}" == "development" ]]; then + # Setup local dependencies if needed (js-tracker) + node ${JSTRACKER_ENTRYPOINT_SCRIPT:-/home/node/entrypoint.d/setup-local-deps.js} if [[ "${ENABLE_DEBUG_PROFILING:-false}" == "true" ]]; then if [[ ! -e ${PROFILING_FOLDER} ]]; then mkdir -p ${PROFILING_FOLDER} diff --git a/docker-stacks/07-simva/etc/entrypoint.d/setup-local-deps.js b/docker-stacks/07-simva/etc/entrypoint.d/setup-local-deps.js new file mode 100644 index 00000000..0c29db65 --- /dev/null +++ b/docker-stacks/07-simva/etc/entrypoint.d/setup-local-deps.js @@ -0,0 +1,48 @@ +#!/usr/bin/env node + +/** + * Setup script to handle local dependency deployment + * Checks environment variables and installs local packages if enabled + */ + +const fs = require('fs'); +const path = require('path'); +const { execSync } = require('child_process'); + +const JSTRACKER_LOCAL_PATH = process.env.JSTRACKER_LOCAL_PATH || '/home/node/js-tracker'; +const JSTRACKER_LOCAL_DEPLOYMENT = process.env.JSTRACKER_LOCAL_DEPLOYMENT === 'true'; + +console.log('[Setup] Starting local dependency setup...'); +console.log(`[Setup] JSTRACKER_LOCAL_DEPLOYMENT: ${process.env.JSTRACKER_LOCAL_DEPLOYMENT}`); +console.log(`[Setup] JSTRACKER_LOCAL_PATH: ${process.env.JSTRACKER_LOCAL_PATH}`); + +if (JSTRACKER_LOCAL_DEPLOYMENT) { + const jsTrackerPath = path.resolve(__dirname, JSTRACKER_LOCAL_PATH); + const appDir = path.resolve(__dirname, '..'); + + console.log(`[Setup] Resolving local js-tracker path: ${jsTrackerPath}`); + + if (fs.existsSync(jsTrackerPath)) { + console.log(`[Setup] ✓ Local js-tracker found at: ${jsTrackerPath}`); + console.log(`[Setup] Installing local js-tracker...`); + + try { + // Install the local js-tracker using file: protocol + execSync(`npm install file:${jsTrackerPath}`, { + cwd: appDir, + stdio: 'inherit' + }); + console.log('[Setup] ✓ Successfully installed local js-tracker'); + } catch (error) { + console.error('[Setup] ✗ Failed to install local js-tracker:', error.message); + process.exit(1); + } + } else { + console.warn(`[Setup] ⚠ JSTRACKER_LOCAL_DEPLOYMENT enabled but path not found: ${jsTrackerPath}`); + console.warn('[Setup] Proceeding with npm registry version'); + } +} else { + console.log('[Setup] Using default js-tracker from npm registry (GitHub)'); +} + +console.log('[Setup] Local dependency setup completed'); \ No newline at end of file diff --git a/docker-stacks/etc/simva.d/simva-env.dev.sh b/docker-stacks/etc/simva.d/simva-env.dev.sh index ddab5a35..ddebddca 100644 --- a/docker-stacks/etc/simva.d/simva-env.dev.sh +++ b/docker-stacks/etc/simva.d/simva-env.dev.sh @@ -55,6 +55,7 @@ export SIMVA_TMON_ANACONDA_GIT_REF="master-jupyter-notebook" export SIMVA_KEYCLOAK_EXTENSION_LOCAL_DEPLOYMENT=false export SIMVA_KAFKA_EXTENSION_LOCAL_DEPLOYMENT=false export SIMVA_LIMESURVEY_PLUGIN_LOCAL_DEPLOYMENT=false +export SIMVA_JSTRACKER_LIBRARY_LOCAL_DEPLOYMENT=false ################################################ # Database migration check for SIMVA and PUMVA # diff --git a/docker-stacks/etc/simva.install.d/simva-env.dev.sh b/docker-stacks/etc/simva.install.d/simva-env.dev.sh index e46e394f..46eaa6cf 100644 --- a/docker-stacks/etc/simva.install.d/simva-env.dev.sh +++ b/docker-stacks/etc/simva.install.d/simva-env.dev.sh @@ -77,6 +77,7 @@ export SIMVA_TMON_GIT_REPO="${base_for_tmon_repos}/t-mon" export SIMVA_KEYCLOAK_EXTENSIONS_LOCAL_PATH="${SIMVA_HOME}/../../keycloak-extensions" export SIMVA_KAFKA_EXTENSIONS_LOCAL_PATH="${SIMVA_HOME}/../../kafka-extensions" export SIMVA_LIMESURVEY_PLUGINS_LOCAL_PATH="${SIMVA_HOME}/../.." +export SIMVA_JSTRACKER_LIBRARY_LOCAL_PATH="${SIMVA_HOME}/../../js-tracker" ########################### # SIMVA Load Balancer IPs # diff --git a/docker-stacks/etc/simva.install.d/simva-env.sh b/docker-stacks/etc/simva.install.d/simva-env.sh index 5f228aae..d760a37b 100644 --- a/docker-stacks/etc/simva.install.d/simva-env.sh +++ b/docker-stacks/etc/simva.install.d/simva-env.sh @@ -194,7 +194,7 @@ export SIMVA_CONFLUENCE_CONNECT_S3_VERSION="11.0.1" #Git reference tag version release branch for Limesurvey Plugins export SIMVA_LIMESURVEY_AUTHOAUTH2_PLUGIN_VERSION="1.5.0" export SIMVA_LIMESURVEY_WEBHOOK_PLUGIN_VERSION="1.1.0" -export SIMVA_LIMESURVEY_XAPITRACKER_PLUGIN_VERSION="1.0.0" +export SIMVA_LIMESURVEY_XAPITRACKER_PLUGIN_VERSION="1.0.1" ################################# # OS and Architecture detection # diff --git a/vagrant/helpers/installation.sh b/vagrant/helpers/installation.sh index 6fcb5e3d..059b02db 100644 --- a/vagrant/helpers/installation.sh +++ b/vagrant/helpers/installation.sh @@ -165,6 +165,16 @@ if [ ! -d /home/vagrant/simva-front ]; then git clone --depth 1 --branch ${SIMVA_FRONT_GIT_REF} https://github.com/e-ucm/simva-front.git /home/vagrant/simva-front chown -R vagrant:vagrant /home/vagrant/simva-front fi +if [ ! -d /home/vagrant/pumva ]; then + mkdir -p /home/vagrant/pumva + git clone --depth 1 --branch ${SIMVA_PUMVA_API_GIT_REF} https://github.com/e-ucm/pumva.git /home/vagrant/pumva + chown -R vagrant:vagrant /home/vagrant/pumva +fi +if [ ! -d /home/vagrant/pumva-front ]; then + mkdir -p /home/vagrant/pumva-front + git clone --depth 1 --branch ${SIMVA_PUMVA_FRONT_GIT_REF} https://github.com/e-ucm/pumva-front.git /home/vagrant/pumva-front + chown -R vagrant:vagrant /home/vagrant/pumva-front +fi if [ ! -d /home/vagrant/simva-trace-allocator ]; then mkdir -p /home/vagrant/simva-trace-allocator git clone --depth 1 --branch ${SIMVA_TRACE_ALLOCATOR_GIT_REF} https://github.com/e-ucm/simva-trace-allocator.git /home/vagrant/simva-trace-allocator @@ -180,6 +190,36 @@ if [ ! -d /home/vagrant/docker-limesurvey ]; then git clone --depth 1 --branch ${SIMVA_LIMESURVEY_DOCKER_GIT_REF} https://github.com/e-ucm/docker-limesurvey.git /home/vagrant/docker-limesurvey chown -R vagrant:vagrant /home/vagrant/docker-limesurvey fi +if [ ! -d /home/vagrant/LimesurveyXAPITracker ]; then + mkdir -p /home/vagrant/LimesurveyXAPITracker + git clone --depth 1 --branch v${SIMVA_LIMESURVEY_XAPITRACKER_PLUGIN_VERSION} https://github.com/e-ucm/LimesurveyXAPITracker.git /home/vagrant/LimesurveyXAPITracker + chown -R vagrant:vagrant /home/vagrant/LimesurveyXAPITracker +fi +if [ ! -d /home/vagrant/LimesurveyWebhook ]; then + mkdir -p /home/vagrant/LimesurveyWebhook + git clone --depth 1 --branch v${SIMVA_LIMESURVEY_WEBHOOK_PLUGIN_VERSION} https://github.com/e-ucm/LimesurveyWebhook.git /home/vagrant/LimesurveyWebhook + chown -R vagrant:vagrant /home/vagrant/LimesurveyWebhook +fi +if [ ! -d /home/vagrant/AuthOAuth2 ]; then + mkdir -p /home/vagrant/AuthOAuth2 + git clone --depth 1 --branch v${SIMVA_LIMESURVEY_AUTHOAUTH2_PLUGIN_VERSION} https://github.com/e-ucm/AuthOAuth2.git /home/vagrant/AuthOAuth2 + chown -R vagrant:vagrant /home/vagrant/AuthOAuth2 +fi +if [ ! -d /home/vagrant/js-tracker ]; then + mkdir -p /home/vagrant/js-tracker + git clone --depth 1 --branch "master" https://github.com/e-ucm/js-tracker.git /home/vagrant/js-tracker + chown -R vagrant:vagrant /home/vagrant/js-tracker +fi +if [ ! -d /home/vagrant/keycloak-extensions ]; then + mkdir -p /home/vagrant/keycloak-extensions + git clone --depth 1 --branch v${SIMVA_KEYCLOAK_EXTENSIONS_VERSION} https://github.com/e-ucm/keycloak-extensions.git /home/vagrant/keycloak-extensions + chown -R vagrant:vagrant /home/vagrant/keycloak-extensions +fi +if [ ! -d /home/vagrant/kafka-extensions ]; then + mkdir -p /home/vagrant/kafka-extensions + git clone --depth 1 --branch v${SIMVA_KAFKA_EXTENSIONS_VERSION} https://github.com/e-ucm/kafka-extensions.git /home/vagrant/kafka-extensions + chown -R vagrant:vagrant /home/vagrant/kafka-extensions +fi ls /home/vagrant/ #Make the simva script executation From ebf5511eda4945520e408dbda1c9f5aa356b06a1 Mon Sep 17 00:00:00 2001 From: Julio SANTILARIO BERTHILIER Date: Wed, 13 May 2026 05:35:57 +0200 Subject: [PATCH 05/33] Enhance local js-tracker setup by excluding node_modules and improving installation process --- docker-stacks/07-simva/docker-compose.dev.yml | 1 + .../etc/entrypoint.d/setup-local-deps.js | 40 ++++++++++++++++--- 2 files changed, 36 insertions(+), 5 deletions(-) diff --git a/docker-stacks/07-simva/docker-compose.dev.yml b/docker-stacks/07-simva/docker-compose.dev.yml index a1eadf0e..105ce655 100644 --- a/docker-stacks/07-simva/docker-compose.dev.yml +++ b/docker-stacks/07-simva/docker-compose.dev.yml @@ -22,6 +22,7 @@ services: volumes: - ${SIMVA_API_GIT_REPO:-/home/vagrant/simva}:/home/node/app/ - ${SIMVA_JSTRACKER_LIBRARY_LOCAL_PATH:-/home/vagrant/js-tracker}:/home/node/js-tracker + - /home/node/js-tracker/node_modules # Exclude node_modules - /home/node/app/node_modules # Exclude node_modules - ${STACK_HOME?STACK home folder required}/etc/entrypoint.d/setup-local-deps.js:/home/node/entrypoint.d/setup-local-deps.js ports: diff --git a/docker-stacks/07-simva/etc/entrypoint.d/setup-local-deps.js b/docker-stacks/07-simva/etc/entrypoint.d/setup-local-deps.js index 0c29db65..02211927 100644 --- a/docker-stacks/07-simva/etc/entrypoint.d/setup-local-deps.js +++ b/docker-stacks/07-simva/etc/entrypoint.d/setup-local-deps.js @@ -6,11 +6,13 @@ */ const fs = require('fs'); +const os = require('os'); const path = require('path'); const { execSync } = require('child_process'); const JSTRACKER_LOCAL_PATH = process.env.JSTRACKER_LOCAL_PATH || '/home/node/js-tracker'; const JSTRACKER_LOCAL_DEPLOYMENT = process.env.JSTRACKER_LOCAL_DEPLOYMENT === 'true'; +const APP_DIR = process.env.SIMVA_APP_DIR || '/home/node/app'; console.log('[Setup] Starting local dependency setup...'); console.log(`[Setup] JSTRACKER_LOCAL_DEPLOYMENT: ${process.env.JSTRACKER_LOCAL_DEPLOYMENT}`); @@ -18,24 +20,52 @@ console.log(`[Setup] JSTRACKER_LOCAL_PATH: ${process.env.JSTRACKER_LOCAL_PATH}`) if (JSTRACKER_LOCAL_DEPLOYMENT) { const jsTrackerPath = path.resolve(__dirname, JSTRACKER_LOCAL_PATH); - const appDir = path.resolve(__dirname, '..'); + const appDir = APP_DIR; console.log(`[Setup] Resolving local js-tracker path: ${jsTrackerPath}`); if (fs.existsSync(jsTrackerPath)) { console.log(`[Setup] ✓ Local js-tracker found at: ${jsTrackerPath}`); - console.log(`[Setup] Installing local js-tracker...`); + const tempBuildDir = fs.mkdtempSync(path.join(os.tmpdir(), 'js-tracker-build-')); + + console.log(`[Setup] Copying local js-tracker to writable temp dir: ${tempBuildDir}`); try { - // Install the local js-tracker using file: protocol - execSync(`npm install file:${jsTrackerPath}`, { + // Build in a temp copy to avoid permission issues on host-mounted folders. + fs.cpSync(jsTrackerPath, tempBuildDir, { + recursive: true, + force: true, + filter: (src) => !src.includes(`${path.sep}node_modules${path.sep}`) + }); + + console.log('[Setup] Installing js-tracker dependencies...'); + execSync('npm install', { + cwd: tempBuildDir, + stdio: 'inherit' + }); + + console.log('[Setup] Building local js-tracker...'); + execSync('npm run build', { + cwd: tempBuildDir, + stdio: 'inherit' + }); + + console.log('[Setup] Installing local js-tracker into simva-api...'); + // Install only into node_modules without mutating app manifests. + execSync(`npm install --no-save --no-package-lock file:${tempBuildDir}`, { cwd: appDir, - stdio: 'inherit' + stdio: 'inherit' }); console.log('[Setup] ✓ Successfully installed local js-tracker'); } catch (error) { console.error('[Setup] ✗ Failed to install local js-tracker:', error.message); process.exit(1); + } finally { + try { + fs.rmSync(tempBuildDir, { recursive: true, force: true }); + } catch (cleanupError) { + console.warn(`[Setup] ⚠ Failed to cleanup temp dir: ${cleanupError.message}`); + } } } else { console.warn(`[Setup] ⚠ JSTRACKER_LOCAL_DEPLOYMENT enabled but path not found: ${jsTrackerPath}`); From c6f25e169ee818380191a0697a3abb429f686f32 Mon Sep 17 00:00:00 2001 From: Julio SANTILARIO BERTHILIER Date: Wed, 13 May 2026 06:19:48 +0200 Subject: [PATCH 06/33] Improve local js-tracker installation by packing before installation to avoid symlinks --- .../07-simva/etc/entrypoint.d/setup-local-deps.js | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/docker-stacks/07-simva/etc/entrypoint.d/setup-local-deps.js b/docker-stacks/07-simva/etc/entrypoint.d/setup-local-deps.js index 02211927..7738d3e3 100644 --- a/docker-stacks/07-simva/etc/entrypoint.d/setup-local-deps.js +++ b/docker-stacks/07-simva/etc/entrypoint.d/setup-local-deps.js @@ -51,8 +51,15 @@ if (JSTRACKER_LOCAL_DEPLOYMENT) { }); console.log('[Setup] Installing local js-tracker into simva-api...'); + // Pack first to force a real copy into node_modules (not a symlink to tempBuildDir). + const tarballName = execSync('npm pack --silent', { + cwd: tempBuildDir, + stdio: ['ignore', 'pipe', 'inherit'] + }).toString().trim(); + const tarballPath = path.join(tempBuildDir, tarballName); + // Install only into node_modules without mutating app manifests. - execSync(`npm install --no-save --no-package-lock file:${tempBuildDir}`, { + execSync(`npm install --no-save --no-package-lock file:${tarballPath}`, { cwd: appDir, stdio: 'inherit' }); From 71154c4fa77d7aa269e6fb4b1af0bae0fc052452 Mon Sep 17 00:00:00 2001 From: Julio SANTILARIO BERTHILIER Date: Wed, 13 May 2026 06:20:30 +0200 Subject: [PATCH 07/33] Fix LRS service command to create authority configuration and ensure proper startup --- docker-stacks/11-lrs/docker-compose.yml | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/docker-stacks/11-lrs/docker-compose.yml b/docker-stacks/11-lrs/docker-compose.yml index ddd28b75..7f3fee28 100644 --- a/docker-stacks/11-lrs/docker-compose.yml +++ b/docker-stacks/11-lrs/docker-compose.yml @@ -34,7 +34,21 @@ services: - pgdata:/var/lib/postgresql lrs: image: yetanalytics/lrsql:latest - command: ["/lrsql/bin/run_postgres.sh"] # 🔥 IMPORTANT FIX + command: + - /bin/sh + - -ec + - | + mkdir -p /lrsql/config + cat > /lrsql/config/authority.json.template <<'EOF' + { + "account": { + "homePage": "{{authority-url}}", + "name": "${SIMVA_LRSMANAGER_USER:-lrs-manager}" + }, + "objectType": "Agent" + } + EOF + exec /lrsql/bin/run_postgres.sh restart: unless-stopped depends_on: - db @@ -51,7 +65,8 @@ services: LRSQL_ADMIN_USER_DEFAULT: ${SIMVA_LRS_ADMIN_USER_DEFAULT:-admin} LRSQL_ADMIN_PASS_DEFAULT: ${SIMVA_LRS_ADMIN_PASS_DEFAULT:-admin_password} LRSQL_SUPPORTED_VERSIONS: ${SIMVA_LRS_SUPPORTED_VERSIONS:-1.0.3,1.0.2,1.0.1,1.0.0} - LRSQL_ALLOWED_ORIGINS: "https://${SIMVA_LRS_HOST_SUBDOMAIN:-lrs}.${SIMVA_EXTERNAL_DOMAIN:-external.test},https://${SIMVA_API_HOST_SUBDOMAIN:-api}.${SIMVA_EXTERNAL_DOMAIN:-external.test}" + LRSQL_AUTHORITY_URL: "${SIMVA_EXTERNAL_PROTOCOL:-https}://${SIMVA_EXTERNAL_DOMAIN:-external.test}" + LRSQL_ALLOWED_ORIGINS: "https://${SIMVA_LRS_HOST_SUBDOMAIN:-lrs}.${SIMVA_EXTERNAL_DOMAIN:-external.test},https://${SIMVA_SIMVA_API_HOST_SUBDOMAIN:-simva-api}.${SIMVA_EXTERNAL_DOMAIN:-external.test}" LRSQL_HTTP_HOST: 0.0.0.0 LRSQL_HTTP_PORT: 8080 networks: From f64fb6eb032d37527a1dd13e8f2ee99de46886ae Mon Sep 17 00:00:00 2001 From: Julio SANTILARIO BERTHILIER Date: Wed, 13 May 2026 06:32:03 +0200 Subject: [PATCH 08/33] Add README documentation for managing OIDC OAuth2 with Keycloak and Authority --- docker-stacks/11-lrs/README.md | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 docker-stacks/11-lrs/README.md diff --git a/docker-stacks/11-lrs/README.md b/docker-stacks/11-lrs/README.md new file mode 100644 index 00000000..6e11c488 --- /dev/null +++ b/docker-stacks/11-lrs/README.md @@ -0,0 +1,5 @@ +Manage OIDC OAuth2 with keycloak +https://yetanalytics.github.io/lrsql/oidc.html + +Manage OIDC Authority OAuth2 +https://yetanalytics.github.io/lrsql/authority.html From c2b87221d141473c7e2a602c8c18debede9b9f4c Mon Sep 17 00:00:00 2001 From: Julio SANTILARIO BERTHILIER Date: Sun, 17 May 2026 09:07:30 +0200 Subject: [PATCH 09/33] Update LimeSurvey configuration for auto-creation settings and bump OAuth2 plugin version to 1.6.0 --- docker-stacks/config-template/limesurvey/etc/config.php | 7 ++++++- docker-stacks/etc/simva.install.d/simva-env.sh | 2 +- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/docker-stacks/config-template/limesurvey/etc/config.php b/docker-stacks/config-template/limesurvey/etc/config.php index fee8ceca..cd663a63 100644 --- a/docker-stacks/config-template/limesurvey/etc/config.php +++ b/docker-stacks/config-template/limesurvey/etc/config.php @@ -122,7 +122,12 @@ 'display_name_key' => 'preferred_username', 'display_separator_display_name' => ' ', 'autocreate_users' => 'true', - 'autocreate_permissions' => '{ "users": { "create": false, "read": false, "update": false, "delete": false }, "usergroups": { "create": false, "read": false,"update": false, "delete": false }, "labelsets": { "create": false, "read": false, "update": false, "delete": false, "import": false, "export": false }, "templates": { "create": false, "read": false, "update": false, "delete": false, "import": false, "export": false }, "settings": { "read": false, "update": false, "import": false }, "surveys": { "create": true, "read": true, "update": true, "delete": true, "export": true }, "participantpanel": { "create": false, "read": false, "update": false, "delete": false, "import": false, "export": false }, "auth_db": { "read": false } }' + 'auto_create_surveys' => 'create_p,update_p,delete_p,import_p,export_p', + 'auto_create_templates' => 'create_p,update_p,delete_p,import_p,export_p', + 'auto_create_user_groups' => '', + 'auto_create_settings_plugins' => '', + 'auto_create_participant_panel' => '', + 'auto_create_labelsets' => '', ], 'hidden' => ['client_id','client_secret'], 'debug' => '{{ .plugins.oauth2.debug }}', diff --git a/docker-stacks/etc/simva.install.d/simva-env.sh b/docker-stacks/etc/simva.install.d/simva-env.sh index d760a37b..0e92d4a5 100644 --- a/docker-stacks/etc/simva.install.d/simva-env.sh +++ b/docker-stacks/etc/simva.install.d/simva-env.sh @@ -192,7 +192,7 @@ export SIMVA_CONFLUENCE_CONNECT_S3_REPO="confluentinc/kafka-connect-s3" export SIMVA_CONFLUENCE_CONNECT_S3_VERSION="11.0.1" #Git reference tag version release branch for Limesurvey Plugins -export SIMVA_LIMESURVEY_AUTHOAUTH2_PLUGIN_VERSION="1.5.0" +export SIMVA_LIMESURVEY_AUTHOAUTH2_PLUGIN_VERSION="1.6.0" export SIMVA_LIMESURVEY_WEBHOOK_PLUGIN_VERSION="1.1.0" export SIMVA_LIMESURVEY_XAPITRACKER_PLUGIN_VERSION="1.0.1" From 4a47041dac568b42c6d0cde588e03b78132436d9 Mon Sep 17 00:00:00 2001 From: Julio SANTILARIO BERTHILIER Date: Mon, 18 May 2026 06:00:07 +0200 Subject: [PATCH 10/33] Refactor auto-creation settings in LimeSurvey configuration to use arrays for better structure and clarity --- .../config-template/limesurvey/etc/config.php | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/docker-stacks/config-template/limesurvey/etc/config.php b/docker-stacks/config-template/limesurvey/etc/config.php index cd663a63..f2c8bbef 100644 --- a/docker-stacks/config-template/limesurvey/etc/config.php +++ b/docker-stacks/config-template/limesurvey/etc/config.php @@ -122,12 +122,16 @@ 'display_name_key' => 'preferred_username', 'display_separator_display_name' => ' ', 'autocreate_users' => 'true', - 'auto_create_surveys' => 'create_p,update_p,delete_p,import_p,export_p', - 'auto_create_templates' => 'create_p,update_p,delete_p,import_p,export_p', - 'auto_create_user_groups' => '', - 'auto_create_settings_plugins' => '', - 'auto_create_participant_panel' => '', - 'auto_create_labelsets' => '', + 'auto_create_participant_panel' => [], + 'auto_create_labelsets' => [], + 'auto_create_settings_plugins' => [], + 'auto_create_surveys_groups' => [], + 'auto_create_surveys' => ['create_p', 'update_p', 'delete_p', 'import_p', 'export_p'], + 'auto_create_templates' => ['create_p', 'update_p', 'delete_p', 'import_p', 'export_p'], + 'auto_create_user_groups' => [], + 'roles_removetext' => '', + 'autocreate_roles' => [], + ], 'hidden' => ['client_id','client_secret'], 'debug' => '{{ .plugins.oauth2.debug }}', From ccbe7fa93ed9d45d4188f923b0aa7ae9a10ad03f Mon Sep 17 00:00:00 2001 From: Julio SANTILARIO BERTHILIER <62715763+jujusb@users.noreply.github.com> Date: Wed, 20 May 2026 04:19:32 +0200 Subject: [PATCH 11/33] Add checks for existing Shlink certificate and key files in installation script --- .../02bis-install-shlink-wildcard-certificate.sh | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/docker-stacks/01-traefik/etc/hooks/helpers.d/02bis-install-shlink-wildcard-certificate.sh b/docker-stacks/01-traefik/etc/hooks/helpers.d/02bis-install-shlink-wildcard-certificate.sh index 86254fc6..18044cab 100755 --- a/docker-stacks/01-traefik/etc/hooks/helpers.d/02bis-install-shlink-wildcard-certificate.sh +++ b/docker-stacks/01-traefik/etc/hooks/helpers.d/02bis-install-shlink-wildcard-certificate.sh @@ -3,6 +3,13 @@ set -euo pipefail [[ "${DEBUG:-false}" == "true" ]] && set -x if [[ $SIMVA_SHLINK_USE_SIMVA_EXTERNAL_DOMAIN == "false" ]]; then + if [[ -f "${SIMVA_TRAEFIK_SHLINK_CERT_FILE}" && -f "${SIMVA_TRAEFIK_SHLINK_KEY_FILE}" ]]; then + echo "Shlink cert file and key file already exist at '${SIMVA_TRAEFIK_SHLINK_CERT_FILE}' and '${SIMVA_TRAEFIK_SHLINK_KEY_FILE}' respectively. Skipping certificate generation." + else + echo "Please insert your shlink cert file at '${SIMVA_TRAEFIK_SHLINK_CERT_FILE}' and shlink key file at '${SIMVA_TRAEFIK_SHLINK_KEY_FILE}' or run using SIMVA_TLS_GENERATE_SELF_SIGNED=true to self generate your certificates." + exit 1; + fi +else if [[ "${SIMVA_TLS_GENERATE_SELF_SIGNED}" == "true" ]]; then if [[ ! -e "${SIMVA_TRAEFIK_SHLINK_CERT_FILE}" ]]; then mkcert \ @@ -19,8 +26,5 @@ if [[ $SIMVA_SHLINK_USE_SIMVA_EXTERNAL_DOMAIN == "false" ]]; then _check_checksum $SIMVA_TLS_HOME "${SIMVA_TRAEFIK_SHLINK_SHA256SUMS_FILE}" "${SIMVA_TRAEFIK_SHLINK_CERT_FILENAME}" set -e fi - else - echo "Please insert your shlink cert file at '${SIMVA_TRAEFIK_SHLINK_CERT_FILE}' and shlink key file at '${SIMVA_TRAEFIK_SHLINK_KEY_FILE}' or run using SIMVA_TLS_GENERATE_SELF_SIGNED=true to self generate your certificates." - exit 1; fi fi \ No newline at end of file From 600442cd1a662ab97a64261eda253603791660bf Mon Sep 17 00:00:00 2001 From: Julio SANTILARIO BERTHILIER <62715763+jujusb@users.noreply.github.com> Date: Wed, 20 May 2026 04:27:18 +0200 Subject: [PATCH 12/33] Refactor certificate generation logic in Shlink installation script for improved clarity --- ...bis-install-shlink-wildcard-certificate.sh | 38 +++++++++---------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/docker-stacks/01-traefik/etc/hooks/helpers.d/02bis-install-shlink-wildcard-certificate.sh b/docker-stacks/01-traefik/etc/hooks/helpers.d/02bis-install-shlink-wildcard-certificate.sh index 18044cab..23511a7d 100755 --- a/docker-stacks/01-traefik/etc/hooks/helpers.d/02bis-install-shlink-wildcard-certificate.sh +++ b/docker-stacks/01-traefik/etc/hooks/helpers.d/02bis-install-shlink-wildcard-certificate.sh @@ -6,25 +6,25 @@ if [[ $SIMVA_SHLINK_USE_SIMVA_EXTERNAL_DOMAIN == "false" ]]; then if [[ -f "${SIMVA_TRAEFIK_SHLINK_CERT_FILE}" && -f "${SIMVA_TRAEFIK_SHLINK_KEY_FILE}" ]]; then echo "Shlink cert file and key file already exist at '${SIMVA_TRAEFIK_SHLINK_CERT_FILE}' and '${SIMVA_TRAEFIK_SHLINK_KEY_FILE}' respectively. Skipping certificate generation." else - echo "Please insert your shlink cert file at '${SIMVA_TRAEFIK_SHLINK_CERT_FILE}' and shlink key file at '${SIMVA_TRAEFIK_SHLINK_KEY_FILE}' or run using SIMVA_TLS_GENERATE_SELF_SIGNED=true to self generate your certificates." - exit 1; - fi -else - if [[ "${SIMVA_TLS_GENERATE_SELF_SIGNED}" == "true" ]]; then - if [[ ! -e "${SIMVA_TRAEFIK_SHLINK_CERT_FILE}" ]]; then - mkcert \ - -cert-file "${SIMVA_TRAEFIK_SHLINK_CERT_FILE}" \ - -key-file "${SIMVA_TRAEFIK_SHLINK_KEY_FILE}" \ - "${SIMVA_SHLINK_EXTERNAL_DOMAIN}" \ - "localhost" \ - "127.0.0.1" \ - "${SIMVA_HOST_EXTERNAL_IP}" - chmod ${SIMVA_CERT_FILE_MOD} "${SIMVA_TRAEFIK_SHLINK_KEY_FILE}" - chmod ${SIMVA_CERT_FILE_MOD} "${SIMVA_TRAEFIK_SHLINK_CERT_FILE}" - source ${SIMVA_HOME}/bin/check-checksum.sh; - set +e - _check_checksum $SIMVA_TLS_HOME "${SIMVA_TRAEFIK_SHLINK_SHA256SUMS_FILE}" "${SIMVA_TRAEFIK_SHLINK_CERT_FILENAME}" - set -e + if [[ "${SIMVA_TLS_GENERATE_SELF_SIGNED}" == "true" ]]; then + if [[ ! -e "${SIMVA_TRAEFIK_SHLINK_CERT_FILE}" ]]; then + mkcert \ + -cert-file "${SIMVA_TRAEFIK_SHLINK_CERT_FILE}" \ + -key-file "${SIMVA_TRAEFIK_SHLINK_KEY_FILE}" \ + "${SIMVA_SHLINK_EXTERNAL_DOMAIN}" \ + "localhost" \ + "127.0.0.1" \ + "${SIMVA_HOST_EXTERNAL_IP}" + chmod ${SIMVA_CERT_FILE_MOD} "${SIMVA_TRAEFIK_SHLINK_KEY_FILE}" + chmod ${SIMVA_CERT_FILE_MOD} "${SIMVA_TRAEFIK_SHLINK_CERT_FILE}" + source ${SIMVA_HOME}/bin/check-checksum.sh; + set +e + _check_checksum $SIMVA_TLS_HOME "${SIMVA_TRAEFIK_SHLINK_SHA256SUMS_FILE}" "${SIMVA_TRAEFIK_SHLINK_CERT_FILENAME}" + set -e + else + echo "Please insert your shlink cert file at '${SIMVA_TRAEFIK_SHLINK_CERT_FILE}' and shlink key file at '${SIMVA_TRAEFIK_SHLINK_KEY_FILE}' or run using SIMVA_TLS_GENERATE_SELF_SIGNED=true to self generate your certificates." + exit 1; + fi fi fi fi \ No newline at end of file From e7376d86f9aba61a4bb7cc11c83d41377ec6ce01 Mon Sep 17 00:00:00 2001 From: Julio SANTILARIO BERTHILIER Date: Wed, 20 May 2026 05:25:32 +0200 Subject: [PATCH 13/33] Refactor Nginx configuration to use file-based includes for server_name and update related scripts --- docker-stacks/01-traefik/docker-compose.dev-lb.yml | 4 ++-- .../01-traefik/etc/hooks/before-start.d/20-nginx.sh | 5 +++-- .../config-template/traefik/nginx/default.conf.template | 3 ++- 3 files changed, 7 insertions(+), 5 deletions(-) diff --git a/docker-stacks/01-traefik/docker-compose.dev-lb.yml b/docker-stacks/01-traefik/docker-compose.dev-lb.yml index a8ce9bf4..72bb4256 100644 --- a/docker-stacks/01-traefik/docker-compose.dev-lb.yml +++ b/docker-stacks/01-traefik/docker-compose.dev-lb.yml @@ -31,7 +31,6 @@ services: SIMVA_TRAEFIK_SHLINK_KEY_FILENAME: ${SIMVA_TRAEFIK_SHLINK_KEY_FILENAME:-privkey.pem} #EXTERNAL SERVER LIST NAME SIMVA_EXTERNAL_DOMAIN: ${SIMVA_EXTERNAL_DOMAIN:-external.test} - SIMVA_SERVER_LIST_NAME: ${SIMVA_SERVER_LIST_NAME:-simva-servers} SIMVA_MINIO_HOST_SUBDOMAIN: ${SIMVA_MINIO_HOST_SUBDOMAIN:-minio} #INTERNAL USE HOST SUBDOMAINS SIMVA_INTERNAL_DOMAIN: ${SIMVA_INTERNAL_DOMAIN:-internal.test} @@ -41,7 +40,8 @@ services: SIMVA_WHOAMI_NGINX_HOST_SUBDOMAIN: ${SIMVA_WHOAMI_NGINX_HOST_SUBDOMAIN:-nginx-whoami} volumes: - /etc/localtime:/etc/localtime:ro - - "${SIMVA_CONFIG_TEMPLATE_HOME:-/home/vagrant/docker-stacks/config-template}/traefik/nginx:/etc/nginx/templates:ro" + - "${SIMVA_CONFIG_TEMPLATE_HOME:-/home/vagrant/docker-stacks/config-template}/traefik/nginx/default.conf.template:/etc/nginx/templates/default.conf.template:ro" + - "${SIMVA_DATA_HOME:?Data home folder required}/traefik/nginx_upstream_hosts.txt:/etc/nginx/templates/nginx_upstream_hosts.txt:ro" - "${SIMVA_TLS_HOME:?TLS home folder required}:/etc/traefik/ssl:ro" depends_on: - traefik diff --git a/docker-stacks/01-traefik/etc/hooks/before-start.d/20-nginx.sh b/docker-stacks/01-traefik/etc/hooks/before-start.d/20-nginx.sh index 72d20325..2a6c54ac 100755 --- a/docker-stacks/01-traefik/etc/hooks/before-start.d/20-nginx.sh +++ b/docker-stacks/01-traefik/etc/hooks/before-start.d/20-nginx.sh @@ -10,7 +10,7 @@ if [[ "${SIMVA_DEV_LOAD_BALANCER}" == "false" ]]; then fi OUTPUT_FILE="${SIMVA_DATA_HOME}/traefik/nginx_upstream_hosts.txt" mkdir -p "$(dirname "$OUTPUT_FILE")" -echo "${SIMVA_EXTERNAL_DOMAIN};" > "$OUTPUT_FILE" +echo "" > "$OUTPUT_FILE" for var in $(compgen -v | grep '^SIMVA_.*_HOST_SUBDOMAIN$'); do if [[ "$var" == *"NGINX"* ]] || [[ "$var" == *"MINIO_HOST"* ]] || [[ "$var" == *"SHLINK"* && $SIMVA_SHLINK_USE_SIMVA_EXTERNAL_DOMAIN == false ]]; then continue @@ -21,4 +21,5 @@ for var in $(compgen -v | grep '^SIMVA_.*_HOST_SUBDOMAIN$'); do fi fi done -export SIMVA_SERVER_LIST_NAME=$(cat "$OUTPUT_FILE"); \ No newline at end of file +echo "Generated Nginx upstream hosts configuration:" +cat "$OUTPUT_FILE" \ No newline at end of file diff --git a/docker-stacks/config-template/traefik/nginx/default.conf.template b/docker-stacks/config-template/traefik/nginx/default.conf.template index 63b95eae..47caccf1 100644 --- a/docker-stacks/config-template/traefik/nginx/default.conf.template +++ b/docker-stacks/config-template/traefik/nginx/default.conf.template @@ -161,7 +161,8 @@ server { listen 443 ssl; listen [::]:443 ssl; - server_name ${SIMVA_SERVER_LIST_NAME}; + # Use file-based include for all server_name lines + include /etc/nginx/templates/nginx_upstream_hosts.txt; ssl_certificate /etc/traefik/ssl/${SIMVA_TRAEFIK_FULLCHAIN_CERT_FILENAME}; ssl_certificate_key /etc/traefik/ssl/${SIMVA_TRAEFIK_KEY_FILENAME}; From 5c62f772105e44c6830cde604fae5250ecb0e7ac Mon Sep 17 00:00:00 2001 From: Julio SANTILARIO BERTHILIER <62715763+jujusb@users.noreply.github.com> Date: Wed, 20 May 2026 05:27:51 +0200 Subject: [PATCH 14/33] Refactor Keycloak login function to use lowercase for admin username and improve role assignment logic --- .../etc/hooks/helpers.d/keycloak-functions.sh | 39 +++++++++++++------ 1 file changed, 27 insertions(+), 12 deletions(-) diff --git a/docker-stacks/02-keycloak/etc/hooks/helpers.d/keycloak-functions.sh b/docker-stacks/02-keycloak/etc/hooks/helpers.d/keycloak-functions.sh index d7036583..b8259b4b 100755 --- a/docker-stacks/02-keycloak/etc/hooks/helpers.d/keycloak-functions.sh +++ b/docker-stacks/02-keycloak/etc/hooks/helpers.d/keycloak-functions.sh @@ -25,6 +25,9 @@ function __keycloak_login() { admin_user_file="$SIMVA_DATA_HOME/keycloak/.master_admin_user_created" echo "--- Checking Keycloak admin user status ---" + # Always use lowercase for admin username + admin_user_lc="${SIMVA_KEYCLOAK_ADMIN_USER,,}" + if [[ -f "$admin_user_file" ]]; then echo "Admin user already persisted previously." else @@ -40,13 +43,13 @@ function __keycloak_login() { set +e "${SIMVA_HOME}/bin/run-command.sh" /opt/keycloak/bin/kcadm.sh config credentials \ --server "https://${SIMVA_SSO_HOST_SUBDOMAIN}.${SIMVA_EXTERNAL_DOMAIN}" \ - --realm "master" --user "${SIMVA_KEYCLOAK_ADMIN_USER}" \ + --realm "master" --user "$admin_user_lc" \ --password "${SIMVA_KEYCLOAK_ADMIN_PASSWORD}" ret=$? set -e echo $ret if [[ $ret != 0 ]]; then - echo "Either temp admin '${SIMVA_KEYCLOAK_TMP_ADMIN_USER}' user and admin '${SIMVA_KEYCLOAK_ADMIN_USER}' user can't connect to Keycloak with the current password '${SIMVA_KEYCLOAK_ADMIN_PASSWORD}'." + echo "Either temp admin '${SIMVA_KEYCLOAK_TMP_ADMIN_USER}' user and admin '$admin_user_lc' user can't connect to Keycloak with the current password '${SIMVA_KEYCLOAK_ADMIN_PASSWORD}'." echo "Please update your simva-env.sh with the correct password configuration. Exiting..." exit 1 else @@ -55,11 +58,11 @@ function __keycloak_login() { else echo "Checking if admin user exists in Keycloak..." - admin_user_present=$( + admin_user_present=$(\ "${SIMVA_HOME}/bin/run-command.sh" /opt/keycloak/bin/kcadm.sh get users \ - -r master -q username="${SIMVA_KEYCLOAK_ADMIN_USER}" -q exact=true --fields id,username 2>/dev/null + -r master -q username="$admin_user_lc" -q exact=true --fields id,username 2>/dev/null ) - if echo "$admin_user_present" | grep -q "\"username\" : \"${SIMVA_KEYCLOAK_ADMIN_USER}\""; then + if echo "$admin_user_present" | grep -iq "\"username\" *: *\"$admin_user_lc\""; then echo "Admin exists" echo "$admin_user_present" echo "Admin user already exists in Keycloak." @@ -67,18 +70,30 @@ function __keycloak_login() { echo "Admin NOT found" echo "Admin user doesn't exist. Creating through TMP admin login..." "${SIMVA_HOME}/bin/run-command.sh" /opt/keycloak/bin/kcadm.sh create users \ - -r master -s username="${SIMVA_KEYCLOAK_ADMIN_USER}" -s enabled=true + -r master -s username="$admin_user_lc" -s enabled=true echo "Admin user created." + fi + + # Check if the user already has the 'admin' role before adding + has_admin_role=$( \ + "${SIMVA_HOME}/bin/run-command.sh" /opt/keycloak/bin/kcadm.sh get users \ + -r master -q username="$admin_user_lc" -q exact=true --fields id 2>/dev/null | \ + jq -r '.[0].id' | \ + xargs -I{} "${SIMVA_HOME}/bin/run-command.sh" /opt/keycloak/bin/kcadm.sh get users/{}/role-mappings/realm -r master 2>/dev/null | \ + jq -r '.[] | select(.name=="admin") | .name' ) + if [[ "$has_admin_role" != "admin" ]]; then "${SIMVA_HOME}/bin/run-command.sh" /opt/keycloak/bin/kcadm.sh add-roles \ - -r master --uusername "${SIMVA_KEYCLOAK_ADMIN_USER}" --rolename admin + -r master --uusername "$admin_user_lc" --rolename admin + else + echo "Admin user already has the 'admin' role." fi - + "${SIMVA_HOME}/bin/run-command.sh" /opt/keycloak/bin/kcadm.sh set-password \ - -r master --username "${SIMVA_KEYCLOAK_ADMIN_USER}" \ + -r master --username "$admin_user_lc" \ --new-password "${SIMVA_KEYCLOAK_ADMIN_PASSWORD}" # Delete the temporary admin user - tmp_user_json=$( + tmp_user_json=$(\ "${SIMVA_HOME}/bin/run-command.sh" /opt/keycloak/bin/kcadm.sh get users \ -r master -q username="${SIMVA_KEYCLOAK_TMP_ADMIN_USER}" -q exact=true --fields id 2>/dev/null ) @@ -97,11 +112,11 @@ function __keycloak_login() { touch "$admin_user_file" fi - # Now always login using the actual admin + # Now always login using the actual admin (lowercase) echo "--- Logging into Keycloak with the final admin ---" "${SIMVA_HOME}/bin/run-command.sh" /opt/keycloak/bin/kcadm.sh config credentials \ --server "https://${SIMVA_SSO_HOST_SUBDOMAIN}.${SIMVA_EXTERNAL_DOMAIN}" \ - --realm "master" --user "${SIMVA_KEYCLOAK_ADMIN_USER}" \ + --realm "master" --user "$admin_user_lc" \ --password "${SIMVA_KEYCLOAK_ADMIN_PASSWORD}" export KEYCLOAK_LOGIN_ON=true From 0102cc9b09935ebd5ed127f3a7a227c7a110867e Mon Sep 17 00:00:00 2001 From: Julio SANTILARIO BERTHILIER <62715763+jujusb@users.noreply.github.com> Date: Wed, 20 May 2026 05:51:05 +0200 Subject: [PATCH 15/33] Remove migration check from checkout script to streamline initialization process --- .../07-simva/etc/hooks/before-start.d/10-checkout-code.sh | 4 ---- 1 file changed, 4 deletions(-) diff --git a/docker-stacks/07-simva/etc/hooks/before-start.d/10-checkout-code.sh b/docker-stacks/07-simva/etc/hooks/before-start.d/10-checkout-code.sh index 96b71471..96c06e17 100755 --- a/docker-stacks/07-simva/etc/hooks/before-start.d/10-checkout-code.sh +++ b/docker-stacks/07-simva/etc/hooks/before-start.d/10-checkout-code.sh @@ -5,10 +5,6 @@ set -euo pipefail RUNCHECKOUTCODE=false RUNBUILDCODE=false CHECKLOCALDEPLOYMENT=false -if [[ -f "$SIMVA_DATA_HOME/simva/migration_sqlite_in_progress" ]]; then - echo "Migration of the data in progress. Pass the execution." - exit 0 -fi if [[ ! -e "${SIMVA_DATA_HOME}/simva/.initialized" ]]; then echo "SIMVA it is not initialized, initializing checkout code." RUNCHECKOUTCODE=true From b6824a13d9fadc7b9bb70e54a76a5137aab10a7f Mon Sep 17 00:00:00 2001 From: Julio SANTILARIO BERTHILIER Date: Wed, 20 May 2026 05:59:57 +0200 Subject: [PATCH 16/33] Add SQLite UI host subdomain to development environment configuration --- docker-stacks/etc/simva.d/simva-env.dev.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/docker-stacks/etc/simva.d/simva-env.dev.sh b/docker-stacks/etc/simva.d/simva-env.dev.sh index ddebddca..22515705 100644 --- a/docker-stacks/etc/simva.d/simva-env.dev.sh +++ b/docker-stacks/etc/simva.d/simva-env.dev.sh @@ -30,6 +30,7 @@ export SIMVA_KAFKA_UI_HOST_SUBDOMAIN="kafka-ui" export SIMVA_ZOONAVIGATOR_HOST_SUBDOMAIN="zoonavigator" #SIMVA MONGO DB export SIMVA_MONGO_UI_HOST_SUBDOMAIN="simva-mongo-ui" +export SIMVA_SQLITE_UI_HOST_SUBDOMAIN="simva-sqlite-ui" #SHLINK export SIMVA_SHLINK_ADMIN_HOST_SUBDOMAIN="shlink-admin" #Jupyter Notebook From 9182433f1b1b569a5505ae542249120a0e59119c Mon Sep 17 00:00:00 2001 From: Julio SANTILARIO BERTHILIER <62715763+jujusb@users.noreply.github.com> Date: Wed, 20 May 2026 08:50:32 +0200 Subject: [PATCH 17/33] Add migration checks to startup scripts and enhance LimeSurvey version handling --- ...gration.sh => 00-wait-container-finished-migration.sh} | 0 .../{00-install-cert.sh => 10-install-cert.sh} | 0 ...-available.sh => 20-wait-simva-simva-api-available.sh} | 0 ...vailable.sh => 30-wait-simva-simva-front-available.sh} | 0 docker-stacks/07-simva/etc/simva.d/simva-env.sh | 8 ++++++-- 5 files changed, 6 insertions(+), 2 deletions(-) rename docker-stacks/07-simva/etc/hooks/after-start.d/{30-wait-container-finished-migration.sh => 00-wait-container-finished-migration.sh} (100%) rename docker-stacks/07-simva/etc/hooks/after-start.d/{00-install-cert.sh => 10-install-cert.sh} (100%) rename docker-stacks/07-simva/etc/hooks/after-start.d/{10-wait-simva-simva-api-available.sh => 20-wait-simva-simva-api-available.sh} (100%) rename docker-stacks/07-simva/etc/hooks/after-start.d/{20-wait-simva-simva-front-available.sh => 30-wait-simva-simva-front-available.sh} (100%) diff --git a/docker-stacks/07-simva/etc/hooks/after-start.d/30-wait-container-finished-migration.sh b/docker-stacks/07-simva/etc/hooks/after-start.d/00-wait-container-finished-migration.sh similarity index 100% rename from docker-stacks/07-simva/etc/hooks/after-start.d/30-wait-container-finished-migration.sh rename to docker-stacks/07-simva/etc/hooks/after-start.d/00-wait-container-finished-migration.sh diff --git a/docker-stacks/07-simva/etc/hooks/after-start.d/00-install-cert.sh b/docker-stacks/07-simva/etc/hooks/after-start.d/10-install-cert.sh similarity index 100% rename from docker-stacks/07-simva/etc/hooks/after-start.d/00-install-cert.sh rename to docker-stacks/07-simva/etc/hooks/after-start.d/10-install-cert.sh diff --git a/docker-stacks/07-simva/etc/hooks/after-start.d/10-wait-simva-simva-api-available.sh b/docker-stacks/07-simva/etc/hooks/after-start.d/20-wait-simva-simva-api-available.sh similarity index 100% rename from docker-stacks/07-simva/etc/hooks/after-start.d/10-wait-simva-simva-api-available.sh rename to docker-stacks/07-simva/etc/hooks/after-start.d/20-wait-simva-simva-api-available.sh diff --git a/docker-stacks/07-simva/etc/hooks/after-start.d/20-wait-simva-simva-front-available.sh b/docker-stacks/07-simva/etc/hooks/after-start.d/30-wait-simva-simva-front-available.sh similarity index 100% rename from docker-stacks/07-simva/etc/hooks/after-start.d/20-wait-simva-simva-front-available.sh rename to docker-stacks/07-simva/etc/hooks/after-start.d/30-wait-simva-simva-front-available.sh diff --git a/docker-stacks/07-simva/etc/simva.d/simva-env.sh b/docker-stacks/07-simva/etc/simva.d/simva-env.sh index 73dd14d4..e113e8c2 100644 --- a/docker-stacks/07-simva/etc/simva.d/simva-env.sh +++ b/docker-stacks/07-simva/etc/simva.d/simva-env.sh @@ -2,8 +2,12 @@ set -euo pipefail [[ "${DEBUG:-false}" == "true" ]] && set -x -export SIMVA_LIMESURVEY_VERSION_NUMBER=${SIMVA_LIMESURVEY_VERSION%.*} +# Remove any '-apache' compose files from the stack +export SIMVA_LIMESURVEY_VERSION_NUMBER="${SIMVA_LIMESURVEY_VERSION//-.*/}" +export SIMVA_LIMESURVEY_VERSION_NUMBER=${SIMVA_LIMESURVEY_VERSION_NUMBER%-*} export SIMVA_LIMESURVEY_USE_NEW_VERSION=$([[ ${SIMVA_LIMESURVEY_VERSION_NUMBER} -gt 5 ]] && echo "true" || echo "false") +echo "Using LimeSurvey version ${SIMVA_LIMESURVEY_VERSION_NUMBER}, use new version: ${SIMVA_LIMESURVEY_USE_NEW_VERSION}" +exit 1 if [[ -f "$SIMVA_DATA_HOME/simva/migration_sqlite_in_progress" ]]; then export COMPOSE_FILE="docker-compose.migrate_mongo.yml:docker-compose.mongo.yml" if [[ "${SIMVA_ENVIRONMENT}" = "development" ]]; then @@ -14,7 +18,7 @@ else export COMPOSE_FILE="docker-compose.simva.sqlite.yml:docker-compose.mongo.yml:docker-compose.simva.mongo.yml" if [[ "${SIMVA_ENVIRONMENT}" = "development" ]]; then export COMPOSE_FILE="$COMPOSE_FILE:docker-compose.dev.sqlite.yml:docker-compose.dev.mongo.yml" - if [[ $SIMVA_SIMVA_DATABASE_CHECK == "true" ]]; then + if [[ ${SIMVA_SIMVA_DATABASE_CHECK:-false} == "true" ]]; then export COMPOSE_FILE="$COMPOSE_FILE:docker-compose.migrate_mongo.yml:docker-compose.mongo.yml" fi fi From 439a10bc1b419b2e7038470cd2428596ad47577c Mon Sep 17 00:00:00 2001 From: Julio SANTILARIO BERTHILIER <62715763+jujusb@users.noreply.github.com> Date: Wed, 20 May 2026 08:59:33 +0200 Subject: [PATCH 18/33] Remove exit command from LimeSurvey version initialization script --- docker-stacks/07-simva/etc/simva.d/simva-env.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/docker-stacks/07-simva/etc/simva.d/simva-env.sh b/docker-stacks/07-simva/etc/simva.d/simva-env.sh index e113e8c2..31638d71 100644 --- a/docker-stacks/07-simva/etc/simva.d/simva-env.sh +++ b/docker-stacks/07-simva/etc/simva.d/simva-env.sh @@ -7,7 +7,6 @@ export SIMVA_LIMESURVEY_VERSION_NUMBER="${SIMVA_LIMESURVEY_VERSION//-.*/}" export SIMVA_LIMESURVEY_VERSION_NUMBER=${SIMVA_LIMESURVEY_VERSION_NUMBER%-*} export SIMVA_LIMESURVEY_USE_NEW_VERSION=$([[ ${SIMVA_LIMESURVEY_VERSION_NUMBER} -gt 5 ]] && echo "true" || echo "false") echo "Using LimeSurvey version ${SIMVA_LIMESURVEY_VERSION_NUMBER}, use new version: ${SIMVA_LIMESURVEY_USE_NEW_VERSION}" -exit 1 if [[ -f "$SIMVA_DATA_HOME/simva/migration_sqlite_in_progress" ]]; then export COMPOSE_FILE="docker-compose.migrate_mongo.yml:docker-compose.mongo.yml" if [[ "${SIMVA_ENVIRONMENT}" = "development" ]]; then From 6af87f040b62d94875de8d00113154e31cbdb3ae Mon Sep 17 00:00:00 2001 From: Julio SANTILARIO BERTHILIER Date: Thu, 21 May 2026 09:28:13 +0200 Subject: [PATCH 19/33] Update LimeSurvey XAPI Tracker plugin version to 1.0.2 --- docker-stacks/etc/simva.install.d/simva-env.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-stacks/etc/simva.install.d/simva-env.sh b/docker-stacks/etc/simva.install.d/simva-env.sh index 0e92d4a5..0529db06 100644 --- a/docker-stacks/etc/simva.install.d/simva-env.sh +++ b/docker-stacks/etc/simva.install.d/simva-env.sh @@ -194,7 +194,7 @@ export SIMVA_CONFLUENCE_CONNECT_S3_VERSION="11.0.1" #Git reference tag version release branch for Limesurvey Plugins export SIMVA_LIMESURVEY_AUTHOAUTH2_PLUGIN_VERSION="1.6.0" export SIMVA_LIMESURVEY_WEBHOOK_PLUGIN_VERSION="1.1.0" -export SIMVA_LIMESURVEY_XAPITRACKER_PLUGIN_VERSION="1.0.1" +export SIMVA_LIMESURVEY_XAPITRACKER_PLUGIN_VERSION="1.0.2" ################################# # OS and Architecture detection # From 624cd0352eec8479c5e9d50c93d924cf14288bf9 Mon Sep 17 00:00:00 2001 From: Julio SANTILARIO BERTHILIER Date: Wed, 3 Jun 2026 04:05:06 +0200 Subject: [PATCH 20/33] Enhance Keycloak migration scripts to only update keycloak from full file if version is previous to 18. --- .../01-traefik/etc/hooks/before-start.d/00-check-rootCA.sh | 2 +- .../10-migrate-realm-user-client.sh | 0 .../etc/hooks/before-migrate.d/10-remove-simva-realm-data.sh | 5 +---- .../02-keycloak/etc/hooks/before-upgrade.d/upgrade.sh | 5 +++++ .../etc/hooks/purge.d/01-remove-data-and-config.sh | 2 +- 5 files changed, 8 insertions(+), 6 deletions(-) rename docker-stacks/02-keycloak/etc/hooks/{after-migrate.d => after-upgrate.d}/10-migrate-realm-user-client.sh (100%) create mode 100644 docker-stacks/02-keycloak/etc/hooks/before-upgrade.d/upgrade.sh diff --git a/docker-stacks/01-traefik/etc/hooks/before-start.d/00-check-rootCA.sh b/docker-stacks/01-traefik/etc/hooks/before-start.d/00-check-rootCA.sh index 85df5b62..2be61948 100755 --- a/docker-stacks/01-traefik/etc/hooks/before-start.d/00-check-rootCA.sh +++ b/docker-stacks/01-traefik/etc/hooks/before-start.d/00-check-rootCA.sh @@ -33,7 +33,7 @@ if [[ -f "${SIMVA_ROOT_CA_FILE}" ]] && [[ "$rootCA_updated" == "false" ]]; then "$SIMVA_HOME/simva" backup "$CURRENT_STACK"; "${HELPERS_STACK_HOME}/01-install-rootCA.sh" rootCA_updated=true; - else + else echo "The root CA certificate is expired. Please update it before starting the stack." exit 1 fi diff --git a/docker-stacks/02-keycloak/etc/hooks/after-migrate.d/10-migrate-realm-user-client.sh b/docker-stacks/02-keycloak/etc/hooks/after-upgrate.d/10-migrate-realm-user-client.sh similarity index 100% rename from docker-stacks/02-keycloak/etc/hooks/after-migrate.d/10-migrate-realm-user-client.sh rename to docker-stacks/02-keycloak/etc/hooks/after-upgrate.d/10-migrate-realm-user-client.sh diff --git a/docker-stacks/02-keycloak/etc/hooks/before-migrate.d/10-remove-simva-realm-data.sh b/docker-stacks/02-keycloak/etc/hooks/before-migrate.d/10-remove-simva-realm-data.sh index 2234eb25..a2c7ea35 100755 --- a/docker-stacks/02-keycloak/etc/hooks/before-migrate.d/10-remove-simva-realm-data.sh +++ b/docker-stacks/02-keycloak/etc/hooks/before-migrate.d/10-remove-simva-realm-data.sh @@ -7,7 +7,4 @@ ${SIMVA_BIN_HOME}/purge-folder-contents.sh \ ${SIMVA_BIN_HOME}/purge-file-if-exist.sh \ "${SIMVA_CONFIG_HOME}/keycloak/realm-data.dev.yml" \ - "${SIMVA_CONFIG_HOME}/keycloak/realm-data.prod.yml" - -touch "${SIMVA_CONFIG_HOME}/keycloak/simva-realm-export/.exportinprogress" -touch "${SIMVA_CONFIG_HOME}/keycloak/.migration" \ No newline at end of file + "${SIMVA_CONFIG_HOME}/keycloak/realm-data.prod.yml" \ No newline at end of file diff --git a/docker-stacks/02-keycloak/etc/hooks/before-upgrade.d/upgrade.sh b/docker-stacks/02-keycloak/etc/hooks/before-upgrade.d/upgrade.sh new file mode 100644 index 00000000..cf58688a --- /dev/null +++ b/docker-stacks/02-keycloak/etc/hooks/before-upgrade.d/upgrade.sh @@ -0,0 +1,5 @@ +if [[ ${SIMVA_KEYCLOAK_VERSION:0:2} -gt 18 ]]; then + exit 0 +fi +touch "${SIMVA_CONFIG_HOME}/keycloak/simva-realm-export/.exportinprogress" +echo "$SIMVA_KEYCLOAK_VERSION" > "${SIMVA_CONFIG_HOME}/keycloak/.migration" \ No newline at end of file diff --git a/docker-stacks/02-keycloak/etc/hooks/purge.d/01-remove-data-and-config.sh b/docker-stacks/02-keycloak/etc/hooks/purge.d/01-remove-data-and-config.sh index c88ebf35..061a4cdb 100755 --- a/docker-stacks/02-keycloak/etc/hooks/purge.d/01-remove-data-and-config.sh +++ b/docker-stacks/02-keycloak/etc/hooks/purge.d/01-remove-data-and-config.sh @@ -17,7 +17,7 @@ ${SIMVA_BIN_HOME}/purge-file-if-exist.sh \ "${SIMVA_DATA_HOME}/keycloak/.version" \ "${SIMVA_DATA_HOME}/keycloak/.master_admin_user_created" \ "${SIMVA_DATA_HOME}/keycloak/simva-realm-export\.exportinprogress" \ - "${SIMVA_DATA_HOME}/keycloak/.migration" + "${SIMVA_CONFIG_HOME}/keycloak/.migration" "${SIMVA_BIN_HOME}/volumectl.sh" delete "kc_maria_db_data" "${SIMVA_BIN_HOME}/volumectl.sh" delete "kc_maria_db_backup_data" \ No newline at end of file From 575b106d2d26f94fd52bb07f8277ea1798769e1a Mon Sep 17 00:00:00 2001 From: Julio SANTILARIO BERTHILIER Date: Wed, 3 Jun 2026 04:05:40 +0200 Subject: [PATCH 21/33] Add update-certs command to update TLS certificates and enhance error handling --- docker-stacks/bin/update-certs.sh | 46 +++++++++++++++++++++++++++++++ docker-stacks/simva | 10 ++++++- 2 files changed, 55 insertions(+), 1 deletion(-) create mode 100755 docker-stacks/bin/update-certs.sh diff --git a/docker-stacks/bin/update-certs.sh b/docker-stacks/bin/update-certs.sh new file mode 100755 index 00000000..68b91f93 --- /dev/null +++ b/docker-stacks/bin/update-certs.sh @@ -0,0 +1,46 @@ +if [[ ${SIMVA_TLS_GENERATE_SELF_SIGNED} == "false" ]]; then + echo "Updating certificates..." + if [[ -f "${SIMVA_HOME}/../../${SIMVA_EXTERNAL_DOMAIN}.pem" ]]; then + openssl x509 -checkend 0 -noout -in "${SIMVA_HOME}/../../${SIMVA_EXTERNAL_DOMAIN}.pem" > /dev/null || { + echo "The root CA certificate for ${SIMVA_EXTERNAL_DOMAIN} is expired. Please update it before starting the stack." + exit 1 + } + if [[ ! -f "${SIMVA_HOME}/../../${SIMVA_EXTERNAL_DOMAIN}-privkey.pem" ]]; then + echo "The private key ${SIMVA_EXTERNAL_DOMAIN}-privkey.pem is missing. Please provide a new one to update the certificates." + exit 1 + fi + if [[ ! -f "${SIMVA_HOME}/../../${SIMVA_EXTERNAL_DOMAIN}-fullchain.pem" ]]; then + echo "The full chain certificate ${SIMVA_EXTERNAL_DOMAIN}-fullchain.pem is missing. Please provide a new one to update the certificates." + exit 1 + fi + cp "${SIMVA_HOME}/../../${SIMVA_EXTERNAL_DOMAIN}.pem" "${SIMVA_TLS_HOME}/${SIMVA_TRAEFIK_CERT_FILENAME}" + cp "${SIMVA_HOME}/../../${SIMVA_EXTERNAL_DOMAIN}-privkey.pem" "${SIMVA_TLS_HOME}/${SIMVA_TRAEFIK_KEY_FILENAME}" + cp "${SIMVA_HOME}/../../${SIMVA_EXTERNAL_DOMAIN}-fullchain.pem" "${SIMVA_TLS_HOME}/${SIMVA_TRAEFIK_FULLCHAIN_CERT_FILENAME}" + else + echo "The root CA certificate ${SIMVA_EXTERNAL_DOMAIN}.pem is missing. Please provide a new one to update the certificates." + exit 1 + fi + if [[ ${SIMVA_SHLINK_USE_SIMVA_EXTERNAL_DOMAIN} ]]; then + if [[ -f "${SIMVA_HOME}/../../${SIMVA_SHLINK_EXTERNAL_DOMAIN}.pem" ]]; then + openssl x509 -checkend 0 -noout -in "${SIMVA_HOME}/../../${SIMVA_SHLINK_EXTERNAL_DOMAIN}.pem" > /dev/null || { + echo "The root CA certificate for ${SIMVA_SHLINK_EXTERNAL_DOMAIN} is expired. Please update it before starting the stack." + exit 1 + } + if [[ ! -f "${SIMVA_HOME}/../../${SIMVA_SHLINK_EXTERNAL_DOMAIN}-privkey.pem" ]]; then + echo "The private key ${SIMVA_SHLINK_EXTERNAL_DOMAIN}-privkey.pem is missing. Please provide a new one to update the certificates." + exit 1 + fi + if [[ ! -f "${SIMVA_HOME}/../../${SIMVA_SHLINK_EXTERNAL_DOMAIN}-fullchain.pem" ]]; then + echo "The full chain certificate ${SIMVA_SHLINK_EXTERNAL_DOMAIN}-fullchain.pem is missing. Please provide a new one to update the certificates." + exit 1 + fi + cp "${SIMVA_HOME}/../../${SIMVA_SHLINK_EXTERNAL_DOMAIN}.pem" "${SIMVA_TLS_HOME}/${SIMVA_TRAEFIK_SHLINK_CERT_FILENAME}" + cp "${SIMVA_HOME}/../../${SIMVA_SHLINK_EXTERNAL_DOMAIN}-fullchain.pem" "${SIMVA_TLS_HOME}/${SIMVA_TRAEFIK_SHLINK_FULLCHAIN_CERT_FILENAME}" + cp "${SIMVA_HOME}/../../${SIMVA_SHLINK_EXTERNAL_DOMAIN}-privkey.pem" "${SIMVA_TLS_HOME}/${SIMVA_TRAEFIK_SHLINK_KEY_FILENAME}" + else + echo "The root CA certificate ${SIMVA_SHLINK_EXTERNAL_DOMAIN}.pem is missing. Please provide a new one to update the certificates." + exit 1 + fi + fi +fi +echo "Certificates updated successfully." \ No newline at end of file diff --git a/docker-stacks/simva b/docker-stacks/simva index ea3141e9..f4bc67bc 100755 --- a/docker-stacks/simva +++ b/docker-stacks/simva @@ -97,6 +97,12 @@ function main() { install "1" "true" ${@%/} exit 0 ;; + "updatecerts") + check_docker_launched + setExecutable_scripts_from_folder ${SIMVA_BIN_HOME} + "${SIMVA_BIN_HOME}/update-certs.sh" + exit 0 + ;; "uninstall") check_docker_launched uninstall "1" ${@%/} @@ -608,6 +614,8 @@ See ${SIMVA_PROJECT_URL} for details. OPERATION one of the following: install: Install SIMVA locally (download docker images, build required tools, etc.) + updatecerts: + Update if SIMVA_TLS_GENERATE_SELF_SIGNED = false the root CA certificate and its fullchain in case it is expired from ${SIMVA_HOME}/../${SIMVA_EXTERNAL_DOMAIN}.pem;-key.pem;-fullchain.pem if exist and from ${SIMVA_HOME}/../${SIMVA_SHLINK_EXTERNAL_DOMAIN}.pem;-key.pem;-fullchain.pem if exist. uninstall: Stop and remove containers, without removing docker external volumes and data. purge: @@ -1216,7 +1224,7 @@ function start() { echo "Variable $var_name is not set." fi; fi; - docker_compose_stacks "${stack}" "${wait_time}" "up -d --remove-orphans" + docker_compose_stacks "${stack}" "${wait_time}" "up -d --remove-orphans --force-recreate" if [[ ! -e "${SIMVA_DATA_HOME}/${stack_name}/.initialized" ]]; then wait_time=$previous_wait_time; fi From 4cea4017f1b6df1b534468876b6597bda4cd16aa Mon Sep 17 00:00:00 2001 From: Julio SANTILARIO BERTHILIER <62715763+jujusb@users.noreply.github.com> Date: Wed, 3 Jun 2026 11:35:06 +0800 Subject: [PATCH 22/33] Fix git clone branch reference for pumva repository in installation script --- vagrant/helpers/installation.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vagrant/helpers/installation.sh b/vagrant/helpers/installation.sh index 059b02db..6998213d 100644 --- a/vagrant/helpers/installation.sh +++ b/vagrant/helpers/installation.sh @@ -167,7 +167,7 @@ if [ ! -d /home/vagrant/simva-front ]; then fi if [ ! -d /home/vagrant/pumva ]; then mkdir -p /home/vagrant/pumva - git clone --depth 1 --branch ${SIMVA_PUMVA_API_GIT_REF} https://github.com/e-ucm/pumva.git /home/vagrant/pumva + git clone --depth 1 --branch ${SIMVA_PUMVA_GIT_REF} https://github.com/e-ucm/pumva.git /home/vagrant/pumva chown -R vagrant:vagrant /home/vagrant/pumva fi if [ ! -d /home/vagrant/pumva-front ]; then From b9a2e257de1208b931d838cdf5f21bd1c27d967d Mon Sep 17 00:00:00 2001 From: Julio SANTILARIO BERTHILIER <62715763+jujusb@users.noreply.github.com> Date: Wed, 3 Jun 2026 17:07:13 +0800 Subject: [PATCH 23/33] Apply suggestions from code review Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> --- .../helpers.d/02bis-install-shlink-wildcard-certificate.sh | 3 +++ .../02-keycloak/etc/hooks/before-upgrade.d/upgrade.sh | 6 +++++- docker-stacks/11-lrs/docker-compose.yml | 2 +- docker-stacks/simva | 2 +- 4 files changed, 10 insertions(+), 3 deletions(-) diff --git a/docker-stacks/01-traefik/etc/hooks/helpers.d/02bis-install-shlink-wildcard-certificate.sh b/docker-stacks/01-traefik/etc/hooks/helpers.d/02bis-install-shlink-wildcard-certificate.sh index 23511a7d..06022fe5 100755 --- a/docker-stacks/01-traefik/etc/hooks/helpers.d/02bis-install-shlink-wildcard-certificate.sh +++ b/docker-stacks/01-traefik/etc/hooks/helpers.d/02bis-install-shlink-wildcard-certificate.sh @@ -25,6 +25,9 @@ if [[ $SIMVA_SHLINK_USE_SIMVA_EXTERNAL_DOMAIN == "false" ]]; then echo "Please insert your shlink cert file at '${SIMVA_TRAEFIK_SHLINK_CERT_FILE}' and shlink key file at '${SIMVA_TRAEFIK_SHLINK_KEY_FILE}' or run using SIMVA_TLS_GENERATE_SELF_SIGNED=true to self generate your certificates." exit 1; fi + else + echo "Please insert your shlink cert file at '${SIMVA_TRAEFIK_SHLINK_CERT_FILE}' and shlink key file at '${SIMVA_TRAEFIK_SHLINK_KEY_FILE}' or run using SIMVA_TLS_GENERATE_SELF_SIGNED=true to self generate your certificates." + exit 1; fi fi fi \ No newline at end of file diff --git a/docker-stacks/02-keycloak/etc/hooks/before-upgrade.d/upgrade.sh b/docker-stacks/02-keycloak/etc/hooks/before-upgrade.d/upgrade.sh index cf58688a..3b0b0203 100644 --- a/docker-stacks/02-keycloak/etc/hooks/before-upgrade.d/upgrade.sh +++ b/docker-stacks/02-keycloak/etc/hooks/before-upgrade.d/upgrade.sh @@ -1,4 +1,8 @@ -if [[ ${SIMVA_KEYCLOAK_VERSION:0:2} -gt 18 ]]; then +#!/usr/bin/env bash +set -euo pipefail +[[ "${DEBUG:-false}" == "true" ]] && set -x + +if [[ ${SIMVA_KEYCLOAK_VERSION%%.*} -gt 18 ]]; then exit 0 fi touch "${SIMVA_CONFIG_HOME}/keycloak/simva-realm-export/.exportinprogress" diff --git a/docker-stacks/11-lrs/docker-compose.yml b/docker-stacks/11-lrs/docker-compose.yml index 7f3fee28..24a43139 100644 --- a/docker-stacks/11-lrs/docker-compose.yml +++ b/docker-stacks/11-lrs/docker-compose.yml @@ -33,7 +33,7 @@ services: volumes: - pgdata:/var/lib/postgresql lrs: - image: yetanalytics/lrsql:latest + image: yetanalytics/lrsql:${SIMVA_LRS_VERSION:-latest} command: - /bin/sh - -ec diff --git a/docker-stacks/simva b/docker-stacks/simva index f4bc67bc..9f5dcd47 100755 --- a/docker-stacks/simva +++ b/docker-stacks/simva @@ -1224,7 +1224,7 @@ function start() { echo "Variable $var_name is not set." fi; fi; - docker_compose_stacks "${stack}" "${wait_time}" "up -d --remove-orphans --force-recreate" + docker_compose_stacks "${stack}" "${wait_time}" "up -d --remove-orphans" if [[ ! -e "${SIMVA_DATA_HOME}/${stack_name}/.initialized" ]]; then wait_time=$previous_wait_time; fi From 584ba38a0aa52f5240727cd858ca797c09dadd12 Mon Sep 17 00:00:00 2001 From: Julio SANTILARIO BERTHILIER Date: Wed, 3 Jun 2026 11:11:59 +0200 Subject: [PATCH 24/33] Fix PostgreSQL data volume path in docker-compose.yml --- docker-stacks/11-lrs/docker-compose.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docker-stacks/11-lrs/docker-compose.yml b/docker-stacks/11-lrs/docker-compose.yml index 24a43139..09946790 100644 --- a/docker-stacks/11-lrs/docker-compose.yml +++ b/docker-stacks/11-lrs/docker-compose.yml @@ -23,6 +23,7 @@ services: POSTGRES_DB: ${SIMVA_LRS_DB_NAME:-lrs} POSTGRES_USER: ${SIMVA_LRS_DB_USER:-lrs} POSTGRES_PASSWORD: ${SIMVA_LRS_DB_PASSWORD:-lrs} + PGDATA: /var/lib/postgresql/data networks: default: aliases: @@ -31,7 +32,7 @@ services: aliases: - db-lrs.${SIMVA_INTERNAL_DOMAIN:-internal.test} volumes: - - pgdata:/var/lib/postgresql + - pgdata:/var/lib/postgresql/data lrs: image: yetanalytics/lrsql:${SIMVA_LRS_VERSION:-latest} command: From fba64af8e3bcf808d1f5f38f6c7e2bb7e42ba7d1 Mon Sep 17 00:00:00 2001 From: Julio SANTILARIO BERTHILIER Date: Wed, 3 Jun 2026 11:13:21 +0200 Subject: [PATCH 25/33] Fix PostgreSQL data volume path in docker-compose.yml If starting fresh:Target the base /var/lib/postgresql volume so that containers can natively store multiple major versions. --- docker-stacks/11-lrs/docker-compose.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/docker-stacks/11-lrs/docker-compose.yml b/docker-stacks/11-lrs/docker-compose.yml index 09946790..24a43139 100644 --- a/docker-stacks/11-lrs/docker-compose.yml +++ b/docker-stacks/11-lrs/docker-compose.yml @@ -23,7 +23,6 @@ services: POSTGRES_DB: ${SIMVA_LRS_DB_NAME:-lrs} POSTGRES_USER: ${SIMVA_LRS_DB_USER:-lrs} POSTGRES_PASSWORD: ${SIMVA_LRS_DB_PASSWORD:-lrs} - PGDATA: /var/lib/postgresql/data networks: default: aliases: @@ -32,7 +31,7 @@ services: aliases: - db-lrs.${SIMVA_INTERNAL_DOMAIN:-internal.test} volumes: - - pgdata:/var/lib/postgresql/data + - pgdata:/var/lib/postgresql lrs: image: yetanalytics/lrsql:${SIMVA_LRS_VERSION:-latest} command: From 97875887ed6c5445a5d94fb9c9cae7a2e798cf90 Mon Sep 17 00:00:00 2001 From: Julio SANTILARIO BERTHILIER Date: Wed, 3 Jun 2026 11:19:40 +0200 Subject: [PATCH 26/33] fix folder name after-upgrade --- .../10-migrate-realm-user-client.sh | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename docker-stacks/02-keycloak/etc/hooks/{after-upgrate.d => after-upgrade.d}/10-migrate-realm-user-client.sh (100%) diff --git a/docker-stacks/02-keycloak/etc/hooks/after-upgrate.d/10-migrate-realm-user-client.sh b/docker-stacks/02-keycloak/etc/hooks/after-upgrade.d/10-migrate-realm-user-client.sh similarity index 100% rename from docker-stacks/02-keycloak/etc/hooks/after-upgrate.d/10-migrate-realm-user-client.sh rename to docker-stacks/02-keycloak/etc/hooks/after-upgrade.d/10-migrate-realm-user-client.sh From 874285e1021fad89d0cea563dc20ad4f4780d09d Mon Sep 17 00:00:00 2001 From: Julio SANTILARIO BERTHILIER Date: Wed, 3 Jun 2026 11:28:57 +0200 Subject: [PATCH 27/33] Update Keycloak error message and enhance js-tracker dependency setup; specify LRS image and version in environment script --- .../02-keycloak/etc/hooks/helpers.d/keycloak-functions.sh | 2 +- docker-stacks/07-simva/etc/entrypoint.d/setup-local-deps.js | 2 +- docker-stacks/11-lrs/docker-compose.yml | 2 +- docker-stacks/etc/simva.install.d/simva-env.sh | 4 ++++ 4 files changed, 7 insertions(+), 3 deletions(-) diff --git a/docker-stacks/02-keycloak/etc/hooks/helpers.d/keycloak-functions.sh b/docker-stacks/02-keycloak/etc/hooks/helpers.d/keycloak-functions.sh index b8259b4b..0934997c 100755 --- a/docker-stacks/02-keycloak/etc/hooks/helpers.d/keycloak-functions.sh +++ b/docker-stacks/02-keycloak/etc/hooks/helpers.d/keycloak-functions.sh @@ -49,7 +49,7 @@ function __keycloak_login() { set -e echo $ret if [[ $ret != 0 ]]; then - echo "Either temp admin '${SIMVA_KEYCLOAK_TMP_ADMIN_USER}' user and admin '$admin_user_lc' user can't connect to Keycloak with the current password '${SIMVA_KEYCLOAK_ADMIN_PASSWORD}'." + echo "Either temp admin '${SIMVA_KEYCLOAK_TMP_ADMIN_USER}' user and admin '$admin_user_lc' user can't connect to Keycloak with the current password." echo "Please update your simva-env.sh with the correct password configuration. Exiting..." exit 1 else diff --git a/docker-stacks/07-simva/etc/entrypoint.d/setup-local-deps.js b/docker-stacks/07-simva/etc/entrypoint.d/setup-local-deps.js index 7738d3e3..fdfd5380 100644 --- a/docker-stacks/07-simva/etc/entrypoint.d/setup-local-deps.js +++ b/docker-stacks/07-simva/etc/entrypoint.d/setup-local-deps.js @@ -35,7 +35,7 @@ if (JSTRACKER_LOCAL_DEPLOYMENT) { fs.cpSync(jsTrackerPath, tempBuildDir, { recursive: true, force: true, - filter: (src) => !src.includes(`${path.sep}node_modules${path.sep}`) + filter: (src) => !src.includes(`${path.sep}node_modules${path.sep}`) && path.basename(src) !== 'node_modules' }); console.log('[Setup] Installing js-tracker dependencies...'); diff --git a/docker-stacks/11-lrs/docker-compose.yml b/docker-stacks/11-lrs/docker-compose.yml index 24a43139..94b26601 100644 --- a/docker-stacks/11-lrs/docker-compose.yml +++ b/docker-stacks/11-lrs/docker-compose.yml @@ -33,7 +33,7 @@ services: volumes: - pgdata:/var/lib/postgresql lrs: - image: yetanalytics/lrsql:${SIMVA_LRS_VERSION:-latest} + image: ${SIMVA_LRS_IMAGE:-yetanalytics/lrsql}:${SIMVA_LRS_VERSION:-v0.9.5} command: - /bin/sh - -ec diff --git a/docker-stacks/etc/simva.install.d/simva-env.sh b/docker-stacks/etc/simva.install.d/simva-env.sh index 0529db06..9a0a327a 100644 --- a/docker-stacks/etc/simva.install.d/simva-env.sh +++ b/docker-stacks/etc/simva.install.d/simva-env.sh @@ -177,6 +177,10 @@ export SIMVA_LOGS_TOP_DIR_MODE="755" #rwxr-xr-x export SIMVA_LOGS_DIR_MODE="755" #rwxr-xr-x export SIMVA_LOGS_FILE_MODE="644" #rw-r--r-- +#LRS IMAGE +export SIMVA_LRS_IMAGE="yetanalytics/lrsql" +export SIMVA_LRS_VERSION="v0.9.5" + ########################## # Extensions and Plugins # ########################## From 798ec1cc6d4278882022b11806554db117a2ad65 Mon Sep 17 00:00:00 2001 From: Julio SANTILARIO BERTHILIER <62715763+jujusb@users.noreply.github.com> Date: Wed, 3 Jun 2026 18:05:05 +0800 Subject: [PATCH 28/33] Apply suggestions from code review in docker compose of lrs Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> --- docker-stacks/11-lrs/docker-compose.yml | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/docker-stacks/11-lrs/docker-compose.yml b/docker-stacks/11-lrs/docker-compose.yml index 94b26601..4c0deaba 100644 --- a/docker-stacks/11-lrs/docker-compose.yml +++ b/docker-stacks/11-lrs/docker-compose.yml @@ -17,6 +17,7 @@ networks: services: db: + << : *default-opts image: postgres:18 restart: unless-stopped environment: @@ -33,17 +34,14 @@ services: volumes: - pgdata:/var/lib/postgresql lrs: + << : *default-opts image: ${SIMVA_LRS_IMAGE:-yetanalytics/lrsql}:${SIMVA_LRS_VERSION:-v0.9.5} command: - /bin/sh - -ec - | mkdir -p /lrsql/config - cat > /lrsql/config/authority.json.template <<'EOF' - { - "account": { - "homePage": "{{authority-url}}", - "name": "${SIMVA_LRSMANAGER_USER:-lrs-manager}" + cat > /lrsql/config/authority.json.template < Date: Wed, 3 Jun 2026 12:38:35 +0200 Subject: [PATCH 29/33] Update Git reference branches in simva-env.dev.sh for consistency --- docker-stacks/etc/simva.d/simva-env.dev.sh | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/docker-stacks/etc/simva.d/simva-env.dev.sh b/docker-stacks/etc/simva.d/simva-env.dev.sh index 22515705..5fb0eb12 100644 --- a/docker-stacks/etc/simva.d/simva-env.dev.sh +++ b/docker-stacks/etc/simva.d/simva-env.dev.sh @@ -43,15 +43,14 @@ export SIMVA_PORTAINER_HOST_SUBDOMAIN="portainer" ####################### #Git reference branch export CSP_REPORTER_GIT_REF="master" -branch="dev" -export SIMVA_API_GIT_REF=$branch -export SIMVA_FRONT_GIT_REF=$branch -export SIMVA_TRACE_ALLOCATOR_GIT_REF=$branch -export SIMVA_PUMVA_GIT_REF=$branch -export SIMVA_PUMVA_FRONT_GIT_REF=$branch -export SIMVA_LIMESURVEY_DOCKER_GIT_REF="remotecontrol-patch" -export SIMVA_TMON_GIT_REF="plotly-dash" -export SIMVA_TMON_ANACONDA_GIT_REF="master-jupyter-notebook" +export SIMVA_API_GIT_REF="v2.0.0-alpha" +export SIMVA_FRONT_GIT_REF="v2.0.0-alpha" +export SIMVA_TRACE_ALLOCATOR_GIT_REF="v1.1.0" +export SIMVA_PUMVA_GIT_REF="v0.0.1-alpha" +export SIMVA_PUMVA_FRONT_GIT_REF="v0.0.1-alpha" +export SIMVA_LIMESURVEY_DOCKER_GIT_REF="6.16.16-apache" +export SIMVA_TMON_GIT_REF="v1.0.0-alpha" +export SIMVA_TMON_ANACONDA_GIT_REF="v0.0.1" export SIMVA_KEYCLOAK_EXTENSION_LOCAL_DEPLOYMENT=false export SIMVA_KAFKA_EXTENSION_LOCAL_DEPLOYMENT=false From 648fb226487c271006fb166cd291d9872c8065ab Mon Sep 17 00:00:00 2001 From: Julio SANTILARIO BERTHILIER Date: Wed, 3 Jun 2026 12:57:44 +0200 Subject: [PATCH 30/33] Fix migrate_db function to handle wait_time argument correctly --- docker-stacks/simva | 1 + 1 file changed, 1 insertion(+) diff --git a/docker-stacks/simva b/docker-stacks/simva index 9f5dcd47..04565eca 100755 --- a/docker-stacks/simva +++ b/docker-stacks/simva @@ -772,6 +772,7 @@ compare_versions() { # Migrate DB stack function migrate_db() { echo "Migrate DB : $@" + shift if [[ $# -lt 1 ]]; then echo >&2 "missing wait_time" exit 1 From 9259c6c6302be87ee9483a46260cb14fdf01e0ac Mon Sep 17 00:00:00 2001 From: Julio SANTILARIO BERTHILIER Date: Wed, 3 Jun 2026 14:51:39 +0200 Subject: [PATCH 31/33] Add backup bucket name to environment variables and update MinIO policy script --- .../04-minio/etc/hooks/after-start.d/20-add-policy.sh | 4 +++- docker-stacks/07-simva/MIGRATION_MONGO_SQLITE.MD | 2 ++ docker-stacks/etc/simva.d/simva-env.sh | 1 + 3 files changed, 6 insertions(+), 1 deletion(-) create mode 100644 docker-stacks/07-simva/MIGRATION_MONGO_SQLITE.MD diff --git a/docker-stacks/04-minio/etc/hooks/after-start.d/20-add-policy.sh b/docker-stacks/04-minio/etc/hooks/after-start.d/20-add-policy.sh index ccd63fce..16fc6e18 100644 --- a/docker-stacks/04-minio/etc/hooks/after-start.d/20-add-policy.sh +++ b/docker-stacks/04-minio/etc/hooks/after-start.d/20-add-policy.sh @@ -49,7 +49,9 @@ else -c "mc config host add simva-minio ${minio_url} ${SIMVA_MINIO_ACCESS_KEY} ${SIMVA_MINIO_SECRET_KEY} ${extra_config} && mc ready simva-minio && $code && - mc --debug mb --ignore-existing simva-minio/${SIMVA_TRACES_BUCKET_NAME}" + mc --debug mb --ignore-existing simva-minio/${SIMVA_TRACES_BUCKET_NAME} + && + mc --debug mb --ignore-existing simva-minio/${SIMVA_BACKUP_BUCKET_NAME}" touch "${SIMVA_DATA_HOME}/minio/.minio-initialized"; fi fi \ No newline at end of file diff --git a/docker-stacks/07-simva/MIGRATION_MONGO_SQLITE.MD b/docker-stacks/07-simva/MIGRATION_MONGO_SQLITE.MD new file mode 100644 index 00000000..d9785f81 --- /dev/null +++ b/docker-stacks/07-simva/MIGRATION_MONGO_SQLITE.MD @@ -0,0 +1,2 @@ +To test the migration script to debug it run : +./simva uninstall 07-simva/ && rm -rf data/simva/sqlite_init && docker volume rm simva_sqlite_data && ./simva start 07-simva/ \ No newline at end of file diff --git a/docker-stacks/etc/simva.d/simva-env.sh b/docker-stacks/etc/simva.d/simva-env.sh index 8c131345..126a9a33 100644 --- a/docker-stacks/etc/simva.d/simva-env.sh +++ b/docker-stacks/etc/simva.d/simva-env.sh @@ -154,6 +154,7 @@ export SIMVA_MINIO_PRESIGNED_URL_FILE_EXPIRATION_TIME="1h" ############## export SIMVA_KAFKA_NETWORK="kafka_services" export SIMVA_TRACES_BUCKET_NAME="traces" +export SIMVA_BACKUP_BUCKET_NAME="backup" export SIMVA_SINK_TOPICS_DIR="kafka-topics" export SIMVA_TRACES_TOPIC="traces" export SIMVA_SINK_OUTPUTS_DIR="outputs" From bc1e5c009d0b363f91aac8eb4cc2559d8eb81698 Mon Sep 17 00:00:00 2001 From: Julio SANTILARIO BERTHILIER Date: Mon, 8 Jun 2026 06:40:56 +0200 Subject: [PATCH 32/33] fix authority.json.template configuration for LRS manager --- docker-stacks/11-lrs/docker-compose.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/docker-stacks/11-lrs/docker-compose.yml b/docker-stacks/11-lrs/docker-compose.yml index 4c0deaba..a47c988a 100644 --- a/docker-stacks/11-lrs/docker-compose.yml +++ b/docker-stacks/11-lrs/docker-compose.yml @@ -42,6 +42,10 @@ services: - | mkdir -p /lrsql/config cat > /lrsql/config/authority.json.template < Date: Mon, 8 Jun 2026 06:46:12 +0200 Subject: [PATCH 33/33] Fix migrate_db function to restart migrated stacks and handle wait_time argument --- docker-stacks/simva | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docker-stacks/simva b/docker-stacks/simva index 04565eca..bcd1016e 100755 --- a/docker-stacks/simva +++ b/docker-stacks/simva @@ -805,6 +805,8 @@ function migrate_db() { execute_after_hooks ${phase} ${stack} echo "Migrate DB ${stack} done!" done + echo "Restarting migrated stack(s): ${stacks}" + start "${wait_time}" "false" ${stacks} echo "Migrate DB done!" }