Fix OpenDataKit URL confusion, closes #224
This commit is contained in:
parent
580a0258a7
commit
955a178767
GPG Key ID:
524BD33A0EE29499
@ -20,8 +20,6 @@ export OPENDATAKIT_ADMIN_REALM=spotter
|
||||
mkdir -p /srv/opendatakit/conf
|
||||
envsubst <${SOURCE_DIR}/srv/opendatakit/conf/jdbc.properties >/srv/opendatakit/conf/jdbc.properties
|
||||
envsubst <${SOURCE_DIR}/srv/opendatakit/conf/security.properties >/srv/opendatakit/conf/security.properties
|
||||
cp ${SOURCE_DIR}/srv/opendatakit/conf/server.xml /srv/opendatakit/conf/server.xml
|
||||
cp ${SOURCE_DIR}/srv/opendatakit/update-ip.sh /srv/opendatakit/update-ip.sh
|
||||
chown -R 8015:8015 /srv/opendatakit/conf
|
||||
|
||||
# Create OpenDataKit service
|
||||
|
||||
@ -13,6 +13,8 @@ RUN \
|
||||
# Deploy web archive
|
||||
&& mkdir /srv/tomcat/webapps/aggregate \
|
||||
&& unzip build/libs/aggregate-*.war -d /srv/tomcat/webapps/aggregate \
|
||||
# Configure Tomcat port
|
||||
&& sed -i 's/port="8080"/port="8015"/g' /srv/tomcat/conf/server.xml \
|
||||
# Create OS user
|
||||
&& addgroup -S -g 8015 odk \
|
||||
&& adduser -S -u 8015 -h /srv/tomcat -s /bin/false -g odk -G odk odk \
|
||||
|
||||
@ -7,10 +7,6 @@ depend() {
|
||||
use dns logger netmount postfix
|
||||
}
|
||||
|
||||
start_pre() {
|
||||
/srv/opendatakit/update-ip.sh
|
||||
}
|
||||
|
||||
start() {
|
||||
/usr/bin/docker run -d --rm \
|
||||
--name opendatakit \
|
||||
@ -18,7 +14,6 @@ start() {
|
||||
--link postfix \
|
||||
--link postgres \
|
||||
-p 127.0.0.1:8015:8015 \
|
||||
-v /srv/opendatakit/conf/server.xml:/srv/tomcat/conf/server.xml \
|
||||
-v /srv/opendatakit/conf/jdbc.properties:/srv/tomcat/webapps/aggregate/WEB-INF/classes/jdbc.properties \
|
||||
-v /srv/opendatakit/conf/security.properties:/srv/tomcat/webapps/aggregate/WEB-INF/classes/security.properties \
|
||||
opendatakit
|
||||
|
||||
@ -12,15 +12,12 @@ security.server.deviceAuthentication=basic
|
||||
# do get set for a specific http: or https: scheme and are not transferrable.
|
||||
#
|
||||
# should be REQUIRES_SECURE_CHANNEL but can't unless SSL is available.
|
||||
security.server.secureChannelType=REQUIRES_INSECURE_CHANNEL
|
||||
security.server.secureChannelType=REQUIRES_SECURE_CHANNEL
|
||||
|
||||
#security.server.secureChannelType=REQUIRES_SECURE_CHANNEL
|
||||
# either REQUIRES_INSECURE_CHANNEL to secure nothing
|
||||
# or REQUIRES_SECURE_CHANNEL to secure everything
|
||||
# or perhaps ANY_CHANNEL when running through a proxy server
|
||||
security.server.channelType=REQUIRES_INSECURE_CHANNEL
|
||||
#security.server.channelType=REQUIRES_SECURE_CHANNEL
|
||||
|
||||
|
||||
# When running under Tomcat, you need to set the hostname and port for
|
||||
# the server so that the background tasks can generate properly-constructed
|
||||
|
||||
@ -1,143 +0,0 @@
|
||||
<?xml version='1.0' encoding='utf-8'?>
|
||||
<!--
|
||||
Licensed to the Apache Software Foundation (ASF) under one or more
|
||||
contributor license agreements. See the NOTICE file distributed with
|
||||
this work for additional information regarding copyright ownership.
|
||||
The ASF licenses this file to You under the Apache License, Version 2.0
|
||||
(the "License"); you may not use this file except in compliance with
|
||||
the License. You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
-->
|
||||
<!-- Note: A "Server" is not itself a "Container", so you may not
|
||||
define subcomponents such as "Valves" at this level.
|
||||
Documentation at /docs/config/server.html
|
||||
-->
|
||||
<Server port="8005" shutdown="SHUTDOWN">
|
||||
<Listener className="org.apache.catalina.startup.VersionLoggerListener" />
|
||||
<!-- Security listener. Documentation at /docs/config/listeners.html
|
||||
<Listener className="org.apache.catalina.security.SecurityListener" />
|
||||
-->
|
||||
<!--APR library loader. Documentation at /docs/apr.html -->
|
||||
<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
|
||||
<!-- Prevent memory leaks due to use of particular java/javax APIs-->
|
||||
<Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
|
||||
<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
|
||||
<Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
|
||||
|
||||
<!-- Global JNDI resources
|
||||
Documentation at /docs/jndi-resources-howto.html
|
||||
-->
|
||||
<GlobalNamingResources>
|
||||
<!-- Editable user database that can also be used by
|
||||
UserDatabaseRealm to authenticate users
|
||||
-->
|
||||
<Resource name="UserDatabase" auth="Container"
|
||||
type="org.apache.catalina.UserDatabase"
|
||||
description="User database that can be updated and saved"
|
||||
factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
|
||||
pathname="conf/tomcat-users.xml" />
|
||||
</GlobalNamingResources>
|
||||
|
||||
<!-- A "Service" is a collection of one or more "Connectors" that share
|
||||
a single "Container" Note: A "Service" is not itself a "Container",
|
||||
so you may not define subcomponents such as "Valves" at this level.
|
||||
Documentation at /docs/config/service.html
|
||||
-->
|
||||
<Service name="Catalina">
|
||||
|
||||
<!--The connectors can use a shared executor, you can define one or more named thread pools-->
|
||||
<!--
|
||||
<Executor name="tomcatThreadPool" namePrefix="catalina-exec-"
|
||||
maxThreads="150" minSpareThreads="4"/>
|
||||
-->
|
||||
|
||||
|
||||
<!-- A "Connector" represents an endpoint by which requests are received
|
||||
and responses are returned. Documentation at :
|
||||
Java HTTP Connector: /docs/config/http.html (blocking & non-blocking)
|
||||
Java AJP Connector: /docs/config/ajp.html
|
||||
APR (HTTP/AJP) Connector: /docs/apr.html
|
||||
Define a non-SSL/TLS HTTP/1.1 Connector on port 8080
|
||||
-->
|
||||
<Connector port="8015" protocol="HTTP/1.1"
|
||||
connectionTimeout="20000"
|
||||
proxyName="127.0.0.1"
|
||||
redirectPort="8443" />
|
||||
<!-- A "Connector" using the shared thread pool-->
|
||||
<!--
|
||||
<Connector executor="tomcatThreadPool"
|
||||
port="8080" protocol="HTTP/1.1"
|
||||
connectionTimeout="20000"
|
||||
redirectPort="8443" />
|
||||
-->
|
||||
<!-- Define a SSL/TLS HTTP/1.1 Connector on port 8443
|
||||
This connector uses the NIO implementation that requires the JSSE
|
||||
style configuration. When using the APR/native implementation, the
|
||||
OpenSSL style configuration is required as described in the APR/native
|
||||
documentation -->
|
||||
<!--
|
||||
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
|
||||
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
|
||||
clientAuth="false" sslProtocol="TLS" />
|
||||
-->
|
||||
|
||||
<!-- Define an AJP 1.3 Connector on port 8009 -->
|
||||
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
|
||||
|
||||
|
||||
<!-- An Engine represents the entry point (within Catalina) that processes
|
||||
every request. The Engine implementation for Tomcat stand alone
|
||||
analyzes the HTTP headers included with the request, and passes them
|
||||
on to the appropriate Host (virtual host).
|
||||
Documentation at /docs/config/engine.html -->
|
||||
|
||||
<!-- You should set jvmRoute to support load-balancing via AJP ie :
|
||||
<Engine name="Catalina" defaultHost="localhost" jvmRoute="jvm1">
|
||||
-->
|
||||
<Engine name="Catalina" defaultHost="localhost">
|
||||
|
||||
<!--For clustering, please take a look at documentation at:
|
||||
/docs/cluster-howto.html (simple how to)
|
||||
/docs/config/cluster.html (reference documentation) -->
|
||||
<!--
|
||||
<Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/>
|
||||
-->
|
||||
|
||||
<!-- Use the LockOutRealm to prevent attempts to guess user passwords
|
||||
via a brute-force attack -->
|
||||
<Realm className="org.apache.catalina.realm.LockOutRealm">
|
||||
<!-- This Realm uses the UserDatabase configured in the global JNDI
|
||||
resources under the key "UserDatabase". Any edits
|
||||
that are performed against this UserDatabase are immediately
|
||||
available for use by the Realm. -->
|
||||
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
|
||||
resourceName="UserDatabase"/>
|
||||
</Realm>
|
||||
|
||||
<Host name="localhost" appBase="webapps"
|
||||
unpackWARs="true" autoDeploy="true">
|
||||
|
||||
<!-- SingleSignOn valve, share authentication between web applications
|
||||
Documentation at: /docs/config/valve.html -->
|
||||
<!--
|
||||
<Valve className="org.apache.catalina.authenticator.SingleSignOn" />
|
||||
-->
|
||||
|
||||
<!-- Access log processes all example.
|
||||
Documentation at: /docs/config/valve.html
|
||||
Note: The pattern used is equivalent to using pattern="common" -->
|
||||
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
|
||||
prefix="localhost_access_log" suffix=".txt"
|
||||
pattern="%h %l %u %t "%r" %s %b" />
|
||||
|
||||
</Host>
|
||||
</Engine>
|
||||
</Service>
|
||||
</Server>
|
||||
@ -1,4 +0,0 @@
|
||||
#!/bin/sh
|
||||
|
||||
URL=$(ip route get 1 | awk '{print $NF;exit}')
|
||||
sed -i "s|\(^\s\+proxyName\).*|\1=\"${URL}\"|" /srv/opendatakit/conf/server.xml
|
||||
Loading…
Reference in New Issue
Block a user