inteligr8/alfresco-content-app
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-content-app.git synced 2025-05-12 17:04:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

Feature ACA-2646 local ids (#1179)

Browse Source 
* Update docker compose acs community deployment with SSO
This commit is contained in:
Martin Muller 2019-08-27 11:38:15 +02:00 committed by GitHub
parent 2aa44ac6d8
commit 87a8a7bd53
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 81 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

86
docker-compose-keycloak.yml
View File

@ -2,13 +2,12 @@ version: '2'
services:
alfresco:
image: alfresco/alfresco-content-repository-community:6.1.2-ga
image: alfresco/alfresco-content-repository-community:latest
mem_limit: 1500m
depends_on:
- postgres
- auth
environment:
AUTH_SERVER_URL: ${AUTH_SERVER_URL}
HOST_IP: ${HOST_IP}
JAVA_OPTS: '
-Ddb.driver=org.postgresql.Driver
-Ddb.username=alfresco
@ -21,15 +20,30 @@ services:
-Dindex.subsystem.name=solr6
-Dshare.host=localhost
-Dalfresco.port=8080
-Daos.baseUrlOverwrite=http://localhost:8080/alfresco/aos
-Daos.baseUrlOverwrite=http://${HOST_IP}:8080/alfresco/aos
-Dmessaging.broker.url="failover:(nio://activemq:61616)?timeout=3000&jms.useCompression=true"
-Ddeployment.method=DOCKER_COMPOSE
-Dcsrf.filter.enabled=false
-Xms1g -Xmx1g
-Dauthentication.chain=identity-service1:identity-service,alfrescoNtlm1:alfrescoNtlm
-Didentity-service.enable-basic-auth=true
-Dlocal.transform.service.enabled=true
-DlocalTransform.pdfrenderer.url=http://alfresco-pdf-renderer:8090/
-DlocalTransform.imagemagick.url=http://imagemagick:8090/
-DlocalTransform.libreoffice.url=http://libreoffice:8090/
-DlocalTransform.tika.url=http://tika:8090/
-DlocalTransform.misc.url=http://transform-misc:8090/
-Dlegacy.transform.service.enabled=true
-Dalfresco-pdf-renderer.url=http://alfresco-pdf-renderer:8090/
-Djodconverter.url=http://libreoffice:8090/
-Dimg.url=http://imagemagick:8090/
-Dtika.url=http://tika:8090/
-Dtransform.misc.url=http://transform-misc:8090/
-Dauthentication.chain=identity-service1:identity-service
-Didentity-service.enable-basic-auth=false
-Didentity-service.authentication.validation.failure.silent=false
-Didentity-service.auth-server-url=${AUTH_SERVER_URL}
-Didentity-service.auth-server-url=http://${HOST_IP}:8085/auth
-Didentity-service.realm=alfresco
-Didentity-service.resource=alfresco
'
@ -38,6 +52,51 @@ services:
ports:
- 8080:8080 #Browser port
alfresco-pdf-renderer:
image: alfresco/alfresco-pdf-renderer:2.1.0-EA4
environment:
JAVA_OPTS: ' -Xms256m -Xmx256m'
networks:
- internal
ports:
- 8090:8090
imagemagick:
image: alfresco/alfresco-imagemagick:2.1.0-EA4
environment:
JAVA_OPTS: ' -Xms256m -Xmx256m'
networks:
- internal
ports:
- 8091:8090
libreoffice:
image: alfresco/alfresco-libreoffice:2.1.0-EA4
environment:
JAVA_OPTS: ' -Xms256m -Xmx256m'
networks:
- internal
ports:
- 8092:8090
tika:
image: alfresco/alfresco-tika:2.1.0-EA4
environment:
JAVA_OPTS: ' -Xms256m -Xmx256m'
networks:
- internal
ports:
- 8093:8090
transform-misc:
image: alfresco/alfresco-transform-misc:2.1.0-EA4
environment:
JAVA_OPTS: ' -Xms256m -Xmx256m'
networks:
- internal
ports:
- 8094:8090
share:
image: alfresco/alfresco-share:6.1.0-RC3
mem_limit: 1g
@ -107,10 +166,10 @@ services:
APP_CONFIG_OAUTH2_REDIRECT_SILENT_IFRAME_URI: ${APP_CONFIG_OAUTH2_REDIRECT_SILENT_IFRAME_URI}
APP_CONFIG_OAUTH2_REDIRECT_LOGIN: ${APP_CONFIG_OAUTH2_REDIRECT_LOGIN}
APP_CONFIG_OAUTH2_REDIRECT_LOGOUT: ${APP_CONFIG_OAUTH2_REDIRECT_LOGOUT}
depends_on:
- alfresco
networks:
- internal
depends_on:
- alfresco
ports:
- 4001:80
# volumes:
@ -121,10 +180,15 @@ services:
image: nginx:stable-alpine
depends_on:
- content-app
- alfresco
volumes:
- ./docker/proxy/nginx.conf:/etc/nginx/conf.d/default.conf
networks:
- internal
links:
- content-app
- alfresco
- share
ports:
- 4000:80
@ -132,13 +196,13 @@ services:
image: jboss/keycloak:4.8.3.Final
volumes:
- ./docker/auth/alfresco-realm.json:/tmp/alfresco-realm.json
networks:
- internal
environment:
- KEYCLOAK_USER=admin
- KEYCLOAK_PASSWORD=admin
- KEYCLOAK_IMPORT=/tmp/alfresco-realm.json
- DB_VENDOR=h2
networks:
- internal
ports:
- 8085:8080

4
docker/proxy/nginx.conf
View File

@ -23,6 +23,10 @@ server {
proxy_pass http://alfresco:8080;
}
location /api-explorer/ {
proxy_pass http://alfresco:8080/api-explorer;
}
location /share/ {
proxy_pass http://share:8080;
}

5
start-sso.sh
View File

@ -1,9 +1,8 @@
export HOST_IP=$(ifconfig | grep -E "([0-9]{1,3}\.){3}[0-9]{1,3}" | grep -v 127.0.0.1 | awk '{ print $2 }' | cut -f2 -d: | head -n1)
export AUTH_SERVER_URL="http://${HOST_IP}:8085/auth"
export APP_URL="http://${HOST_IP}:4000"
export APP_CONFIG_AUTH_TYPE="OAUTH"
export APP_CONFIG_OAUTH2_HOST="${AUTH_SERVER_URL}/realms/alfresco"
export APP_CONFIG_OAUTH2_HOST="http://${HOST_IP}:8085/auth/realms/alfresco"
export APP_CONFIG_OAUTH2_CLIENTID="alfresco"
export APP_CONFIG_OAUTH2_REDIRECT_SILENT_IFRAME_URI="${APP_URL}/assets/silent-refresh.html"
export APP_CONFIG_OAUTH2_REDIRECT_LOGIN="/"
@ -14,6 +13,6 @@ docker-compose -f docker-compose-keycloak.yml up -d --build
echo "Waiting for the app..."
npm run wait:app
echo "Identity Service: ${AUTH_SERVER_URL}"
echo "HOST_IP: ${HOST_IP}"
echo "Realm: ${APP_CONFIG_OAUTH2_HOST}"
echo "Content Workspace: ${APP_URL}"