diff --git a/mifosx.sh b/mifosx.sh index 37cdc07..3294e83 100755 --- a/mifosx.sh +++ b/mifosx.sh @@ -1,55 +1,42 @@ -#!/bin/bash +#!/bin/sh SOURCE_DIR=$(realpath $(dirname "${0}"))/mifosx -# Download Mifos X -mkdir -p /srv/mifosx/fineract-provider -wget https://sourceforge.net/projects/mifos/files/latest/download -O /tmp/mifosx.zip -unzip /tmp/mifosx.zip -d /tmp -unzip /tmp/fineractplatform-17.07.01.RELEASE/fineract-provider.war -d /srv/mifosx/fineract-provider -mv /tmp/fineractplatform-17.07.01.RELEASE/apps/community-app /srv/mifosx/community-app -rm -f /tmp/mifosx.zip - -# Download Java library dependencies -wget http://central.maven.org/maven2/org/drizzle/jdbc/drizzle-jdbc/1.3/drizzle-jdbc-1.3.jar -O /var/lib/tomcat8/lib/drizzle-jdbc-1.3.jar +# Build Docker container +docker build -t mifosx ${SOURCE_DIR} # Create databases export MIFOSX_PWD=$(head -c 18 /dev/urandom | base64) -envsubst <${SOURCE_DIR}/tmp/mifosx-createdb.sql >/tmp/mifosx-createdb.sql -mysql /tmp/mifosx-schemapwd.sql -mysql mifosplatform-tenants /srv/mifosx/context.xml + +# Create Mifos X service +cp ${SOURCE_DIR}/etc/init.d/mifosx /etc/init.d/mifosx +rc-update add mifosx boot +service mifosx start # Update admin account +echo `date` '- Waiting for `mifostenant-default` database to be populated. This should take about a minute.' +until docker logs mifosx 2>&1 | grep -q 'Migrating schema `mifostenant-default` to version 5000'; do + sleep 1 +done export MIFOSX_ADMIN_USER=admin export MIFOSX_ADMIN_EMAIL=admin@example.com export MIFOSX_ADMIN_PWD=$(head -c 12 /dev/urandom | base64 | tr -d "+") export MIFOSX_ADMIN_HASH=$(echo -n "${MIFOSX_ADMIN_PWD}{1}" | sha256sum | awk '{print $1}') -envsubst <${SOURCE_DIR}/tmp/mifosx-adminpwd.sql >>/srv/mifosx/fineract-provider/WEB-INF/classes/sql/migrations/core_db/V3__mifosx-permissions-and-authorisation-utf8.sql +envsubst <${SOURCE_DIR}/adminpwd.sql | docker exec -i mariadb mysql mifostenant-default -# Configure Mifos X -envsubst <${SOURCE_DIR}/srv/mifosx/fineract-provider/META-INF/context.xml >/srv/mifosx/fineract-provider/META-INF/context.xml -cp ${SOURCE_DIR}/srv/mifosx/fineract-provider/WEB-INF/classes/application.properties /srv/mifosx/fineract-provider/WEB-INF/classes/application.properties -sed -i 's/requires-channel="https" //g' /srv/mifosx/fineract-provider/WEB-INF/classes/META-INF/spring/securityContext.xml -chown -R tomcat8:tomcat8 /srv/mifosx/fineract-provider -ln -s /srv/mifosx/fineract-provider /var/lib/tomcat8/webapps/fineract-provider - -# Create nginx site definition -cp ${SOURCE_DIR}/etc/nginx/apps-available/mifosx /etc/nginx/apps-available/mifosx -ln -s /etc/nginx/apps-available/mifosx /etc/nginx/apps-enabled/mifosx - -# Restart services -systemctl restart tomcat8 -systemctl restart nginx - -# Cleanup -rm -rf /tmp/fineractplatform-17.07.01.RELEASE +# Create nginx app definition +cp ${SOURCE_DIR}/etc/nginx/conf.d/mifosx.conf /etc/nginx/conf.d/mifosx.conf +service nginx reload # Add portal application definition -portal-app-manager mifosx "/mifosx/" "${MIFOSX_ADMIN_USER}" "${MIFOSX_ADMIN_PWD}" +portal-app-manager mifosx "https://{host}:8412/community-app/" "${MIFOSX_ADMIN_USER}" "${MIFOSX_ADMIN_PWD}" portal-app-manager mifosx-mobile diff --git a/mifosx/Dockerfile b/mifosx/Dockerfile new file mode 100644 index 0000000..ece6a29 --- /dev/null +++ b/mifosx/Dockerfile @@ -0,0 +1,46 @@ +FROM alpine:3.7 +MAINTAINER Disassembler + +RUN \ + # Install Java 1.8 JRE + apk --no-cache add openjdk8-jre-base paxctl \ + # Fix grsec attributes to loosen memory protection restrictions + && paxctl -cm /usr/lib/jvm/java-1.8-openjdk/jre/bin/java \ + && paxctl -cm /usr/lib/jvm/java-1.8-openjdk/bin/java \ + # Cleanup + && apk del paxctl + +RUN \ + # Install Tomcat 8 + wget http://mirror.dkm.cz/apache/tomcat/tomcat-8/v8.0.48/bin/apache-tomcat-8.0.48.tar.gz -O /tmp/apache-tomcat-8.tgz \ + && tar xf /tmp/apache-tomcat-8.tgz -C /srv \ + && mv /srv/apache-tomcat-8.0.48 /srv/tomcat \ + && rm -f /tmp/apache-tomcat-8.tgz \ + && rm -rf /srv/tomcat/webapps/ROOT /srv/tomcat/webapps/docs /srv/tomcat/webapps/examples /srv/tomcat/webapps/host-manager /srv/tomcat/webapps/manager \ + # Make catalina.sh available globally + && ln -s /srv/tomcat/bin/catalina.sh /usr/bin/catalina.sh + +RUN \ + # Install full-featured wget to work around sourceforge bugs + apk --no-cache add wget \ + # Download Mifos X + && wget https://sourceforge.net/projects/mifos/files/latest/download -O /tmp/mifosx.zip \ + && mkdir /srv/tomcat/webapps/fineract-provider \ + && unzip /tmp/mifosx.zip -d /tmp \ + && unzip /tmp/fineractplatform-17.07.01.RELEASE/fineract-provider.war -d /srv/tomcat/webapps/fineract-provider \ + && mv /tmp/fineractplatform-17.07.01.RELEASE/apps/community-app /srv/tomcat/webapps/community-app \ + && mv /tmp/fineractplatform-17.07.01.RELEASE/database/mifospltaform-tenants-first-time-install.sql /tmp/mifospltaform-tenants-first-time-install.sql \ + # Download Java library dependencies + && wget http://central.maven.org/maven2/org/drizzle/jdbc/drizzle-jdbc/1.3/drizzle-jdbc-1.3.jar -O /srv/tomcat/lib/drizzle-jdbc-1.3.jar \ + # Configure Tomcat port + Spring + && sed -i 's/port="8080"/port="8012"/g' /srv/tomcat/conf/server.xml \ + && echo -e '\r\nserver.port=8012' >> /srv/tomcat/webapps/fineract-provider/WEB-INF/classes/application.properties \ + && sed -i 's/requires-channel="https" //g' /srv/tomcat/webapps/fineract-provider/WEB-INF/classes/META-INF/spring/securityContext.xml \ + # Cleanup + && apk del wget \ + && rm -rf /tmp/fineractplatform-17.07.01.RELEASE /tmp/mifosx.zip + +EXPOSE 8012 + +#USER mifosx +CMD ["catalina.sh", "run"] diff --git a/mifosx/tmp/mifosx-adminpwd.sql b/mifosx/adminpwd.sql similarity index 97% rename from mifosx/tmp/mifosx-adminpwd.sql rename to mifosx/adminpwd.sql index 3a6cc04..a439999 100644 --- a/mifosx/tmp/mifosx-adminpwd.sql +++ b/mifosx/adminpwd.sql @@ -1,2 +1 @@ - UPDATE m_appuser SET username = "${MIFOSX_ADMIN_USER}", password = "${MIFOSX_ADMIN_HASH}", email = "${MIFOSX_ADMIN_EMAIL}" WHERE id = 1; diff --git a/mifosx/tmp/mifosx-createdb.sql b/mifosx/createdb.sql similarity index 100% rename from mifosx/tmp/mifosx-createdb.sql rename to mifosx/createdb.sql diff --git a/mifosx/etc/init.d/mifosx b/mifosx/etc/init.d/mifosx new file mode 100755 index 0000000..3171b3e --- /dev/null +++ b/mifosx/etc/init.d/mifosx @@ -0,0 +1,17 @@ +#!/sbin/openrc-run + +description="Mifos X docker container" + +depend() { + need docker net + use dns logger netmount + after mariadb +} + +start() { + /usr/bin/docker run -d --rm --name mifosx -h mifosx --link mariadb -p 127.0.0.1:9012:8012 -v /srv/mifosx/context.xml:/srv/tomcat/webapps/fineract-provider/META-INF/context.xml mifosx +} + +stop() { + /usr/bin/docker stop mifosx +} diff --git a/mifosx/etc/nginx/apps-available/mifosx b/mifosx/etc/nginx/apps-available/mifosx deleted file mode 100644 index 77cafec..0000000 --- a/mifosx/etc/nginx/apps-available/mifosx +++ /dev/null @@ -1,10 +0,0 @@ -location /mifosx { - alias /srv/mifosx/community-app; -} - -location /fineract-provider { - proxy_set_header X-Forwarded-For $remote_addr; - proxy_set_header X-Forwarded-Host $host:$server_port; - proxy_set_header X-Forwarded-Proto https; - proxy_pass http://127.0.0.1:9080; -} diff --git a/mifosx/etc/nginx/conf.d/mifosx.conf b/mifosx/etc/nginx/conf.d/mifosx.conf new file mode 100644 index 0000000..f61c1ea --- /dev/null +++ b/mifosx/etc/nginx/conf.d/mifosx.conf @@ -0,0 +1,14 @@ +server { + listen [::]:8012 ipv6only=off; + listen [::]:8412 ssl http2 ipv6only=off; + + access_log /var/log/nginx/mifosx.access.log; + error_log /var/log/nginx/mifosx.error.log; + + location / { + proxy_set_header X-Forwarded-For $remote_addr; + proxy_set_header X-Forwarded-Host $host:$server_port; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_pass http://127.0.0.1:9012; + } +} diff --git a/mifosx/schemapwd.sql b/mifosx/schemapwd.sql new file mode 100644 index 0000000..ea8ba10 --- /dev/null +++ b/mifosx/schemapwd.sql @@ -0,0 +1 @@ +UPDATE tenants SET timezone_id = "Europe/Prague", schema_server = "mariadb", schema_username = "mifosx", schema_password = "${MIFOSX_PWD}" WHERE identifier = "default"; diff --git a/mifosx/srv/mifosx/context.xml b/mifosx/srv/mifosx/context.xml new file mode 100644 index 0000000..f1eb457 --- /dev/null +++ b/mifosx/srv/mifosx/context.xml @@ -0,0 +1,14 @@ + + + + + diff --git a/mifosx/srv/mifosx/fineract-provider/META-INF/context.xml b/mifosx/srv/mifosx/fineract-provider/META-INF/context.xml deleted file mode 100644 index 9c61907..0000000 --- a/mifosx/srv/mifosx/fineract-provider/META-INF/context.xml +++ /dev/null @@ -1,35 +0,0 @@ - - - - - - - diff --git a/mifosx/srv/mifosx/fineract-provider/WEB-INF/classes/application.properties b/mifosx/srv/mifosx/fineract-provider/WEB-INF/classes/application.properties deleted file mode 100644 index 48d4b4d..0000000 --- a/mifosx/srv/mifosx/fineract-provider/WEB-INF/classes/application.properties +++ /dev/null @@ -1,21 +0,0 @@ -# -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. -# - -spring.profiles.default=basicauth -server.port=9080 diff --git a/mifosx/tmp/mifosx-schemapwd.sql b/mifosx/tmp/mifosx-schemapwd.sql deleted file mode 100644 index c841a9b..0000000 --- a/mifosx/tmp/mifosx-schemapwd.sql +++ /dev/null @@ -1 +0,0 @@ -UPDATE tenants SET schema_username = "mifosx", schema_password = "${MIFOSX_PWD}" WHERE identifier = "default";