From bfa65c999ec00e6b4c65427b3237996e859cd250 Mon Sep 17 00:00:00 2001 From: Brian Long Date: Wed, 16 Dec 2020 23:40:20 -0500 Subject: [PATCH 01/14] added share unconfigured service --- docker-compose.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/docker-compose.yml b/docker-compose.yml index dc160fe..2082de0 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -7,6 +7,9 @@ services: alfresco: image: alfresco/alfresco-content-repository:latest + share: + image: alfresco/alfresco-share:latest + postgres-acs: image: postgres:latest From 00e0a17249b887b015b446a1ab66dc7d652d58d3 Mon Sep 17 00:00:00 2001 From: Brian Long Date: Wed, 16 Dec 2020 23:42:47 -0500 Subject: [PATCH 02/14] added share to proxy --- docker-compose.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/docker-compose.yml b/docker-compose.yml index 2082de0..b4cea6d 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -20,5 +20,6 @@ services: image: alfresco/alfresco-acs-nginx:latest depends_on: - alfresco + - share ports: - 8080:8080 From 055119eeb5e5e8d005eeccf2cfab672a0a5a58bc Mon Sep 17 00:00:00 2001 From: Brian Long Date: Thu, 17 Dec 2020 14:24:15 -0500 Subject: [PATCH 03/14] added share config --- docker-compose.yml | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/docker-compose.yml b/docker-compose.yml index 5f81426..0ba37ec 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -15,6 +15,8 @@ services: -Ddb.url=jdbc:postgresql://postgres-acs:5432/alfresco -Dindex.subsystem.name=solr6 -Dsolr.host=search + -Dshare.host=localhost + -Dshare.port=8080 -Dalfresco.host=localhost -Dalfresco.port=8080 -Daos.baseUrlOverwrite=http://localhost:8080/alfresco/aos @@ -34,9 +36,14 @@ services: - activemq share: - image: alfresco/alfresco-share:latest + image: alfresco/alfresco-share:6.2.2 + mem_limit: 512m environment: REPO_HOST: "platform" + JAVA_OPTS: " + -Dalfresco.host=localhost + -Dalfresco.port=8080 + " postgres-acs: image: postgres:11.7 From ff5442c869091362ea96f8bd99fe54702e901d98 Mon Sep 17 00:00:00 2001 From: Brian Long Date: Thu, 17 Dec 2020 16:32:32 -0500 Subject: [PATCH 04/14] added share to nginx --- docker-compose.yml | 2 +- nginx-ingress/entrypoint.sh | 4 ++++ nginx-ingress/nginx.conf | 7 +++++++ 3 files changed, 12 insertions(+), 1 deletion(-) diff --git a/docker-compose.yml b/docker-compose.yml index 9eb0a72..f9499b3 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -28,7 +28,7 @@ services: proxy: build: ./nginx-ingress - image: local/nginx-ingress:acs + image: local/nginx-ingress:acs-share ports: - 8080:8080 depends_on: diff --git a/nginx-ingress/entrypoint.sh b/nginx-ingress/entrypoint.sh index 3dc2e8e..48f44e8 100644 --- a/nginx-ingress/entrypoint.sh +++ b/nginx-ingress/entrypoint.sh @@ -4,6 +4,10 @@ if [[ $ACS_PLATFORM_URL ]]; then sed -i s%http:\/\/platform:8080%"$ACS_PLATFORM_URL"%g /etc/nginx/nginx.conf fi +if [[ $ACS_SHARE_URL ]]; then + sed -i s%http:\/\/share:8080%"$ACS_SHARE_URL"%g /etc/nginx/nginx.conf +fi + if [[ $ACCESS_LOG ]]; then sed -i s%\#ENV_ACCESS_LOG%"access_log $ACCESS_LOG;"%g /etc/nginx/nginx.conf fi diff --git a/nginx-ingress/nginx.conf b/nginx-ingress/nginx.conf index 0bbab22..005cadc 100644 --- a/nginx-ingress/nginx.conf +++ b/nginx-ingress/nginx.conf @@ -47,5 +47,12 @@ http { # If using external proxy / load balancer (for initial redirect if no trailing slash) absolute_redirect off; } + + location /share/ { + proxy_pass http://share:8080; + + # If using external proxy / load balancer (for initial redirect if no trailing slash) + absolute_redirect off; + } } } From 68fcb3cbef83194b1e5b712c0536f5f45ff45629 Mon Sep 17 00:00:00 2001 From: Brian Long Date: Sat, 26 Dec 2020 11:20:42 -0500 Subject: [PATCH 05/14] added proxy config to share --- docker-compose.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/docker-compose.yml b/docker-compose.yml index b0e705b..478ee1c 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -26,6 +26,11 @@ services: image: alfresco/alfresco-share:latest environment: REPO_HOST: "platform" + JAVA_OPTS: " + -Dalfresco.host=${PROXY_PLATFORM_HOST} + -Dalfresco.port=${PROXY_PLATFORM_PORT} + -Dalfresco.protocol=${PROXY_PLATFORM_PROTOCOL} + " postgres-acs: image: postgres:latest From 2367651a7ee1c8d0eca7b449decfb40af5a91c54 Mon Sep 17 00:00:00 2001 From: Brian Long Date: Sat, 26 Dec 2020 13:52:17 -0500 Subject: [PATCH 06/14] added share context removed from acs-base --- docker-compose.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/docker-compose.yml b/docker-compose.yml index a7a9dbb..478ee1c 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -10,6 +10,9 @@ services: JAVA_OPTS: " -Ddb.driver=org.postgresql.Driver -Ddb.url=jdbc:postgresql://postgres-acs:5432/alfresco + -Dshare.host=${PROXY_SHARE_HOST} + -Dshare.port=${PROXY_SHARE_PORT} + -Dshare.protocol=${PROXY_SHARE_PROTOCOL} -Dalfresco.host=${PROXY_PLATFORM_HOST} -Dalfresco.port=${PROXY_PLATFORM_PORT} -Dalfresco.protocol=${PROXY_PLATFORM_PROTOCOL} From 89ffe20aeef147e8d637d575cbb3cb1ccec72e30 Mon Sep 17 00:00:00 2001 From: Brian Long Date: Sat, 26 Dec 2020 15:10:13 -0500 Subject: [PATCH 07/14] added CSRF --- docker-compose.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docker-compose.yml b/docker-compose.yml index 9a221f7..2668f47 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -26,6 +26,8 @@ services: image: alfresco/alfresco-share:latest environment: REPO_HOST: "platform" + CSRF_FILTER_REFERER: "${PROXY_PROTOCOL}://${PROXY_HOST}(:${PROXY_PORT})?/?.*" + CSRF_FILTER_ORIGIN: "${PROXY_PROTOCOL}://${PROXY_HOST}(:${PROXY_PORT})?" JAVA_OPTS: " -Dalfresco.host=${PROXY_HOST} -Dalfresco.port=${PROXY_PORT} From 4afdf95b446d91291d61f44d5564c46a72be7ac1 Mon Sep 17 00:00:00 2001 From: Brian Long Date: Wed, 6 Jan 2021 10:45:23 -0500 Subject: [PATCH 08/14] added share context to share config --- docker-compose.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/docker-compose.yml b/docker-compose.yml index 2668f47..c1d955c 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -29,6 +29,9 @@ services: CSRF_FILTER_REFERER: "${PROXY_PROTOCOL}://${PROXY_HOST}(:${PROXY_PORT})?/?.*" CSRF_FILTER_ORIGIN: "${PROXY_PROTOCOL}://${PROXY_HOST}(:${PROXY_PORT})?" JAVA_OPTS: " + -Dshare.host=${PROXY_HOST} + -Dshare.port=${PROXY_PORT} + -Dshare.protocol=${PROXY_PROTOCOL} -Dalfresco.host=${PROXY_HOST} -Dalfresco.port=${PROXY_PORT} -Dalfresco.protocol=${PROXY_PROTOCOL} From ca420b43e222509760070a50b0b9378e45c1e95c Mon Sep 17 00:00:00 2001 From: Brian Long Date: Thu, 14 Jan 2021 09:40:28 -0500 Subject: [PATCH 09/14] added aims config to platform/share --- docker-compose.yml | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/docker-compose.yml b/docker-compose.yml index 8ca7203..26f6f34 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -36,6 +36,10 @@ services: -XX:MinRAMPercentage=50 -XX:MaxRAMPercentage=80 -Dtransform.service.enabled=false + + -Dauthentication.chain=aims:identity-service,builtin:alfrescoNtlm + -Didentity-service.authentication.defaultAdministratorUserNames=admin.1 + -Didentity-service.auth-server-url=http://identity:8080/auth -Dsystem.content.eagerOrphanCleanup=true -Dsystem.content.orphanProtectDays=0 @@ -62,6 +66,16 @@ services: -Dalfresco.host=${PROXY_HOST} -Dalfresco.port=${PROXY_PORT} -Dalfresco.protocol=${PROXY_PROTOCOL} + -Daims.enabled=true + -Daims.realm=alfresco + -Daims.resource=alfresco + -Daims.authServerUrl=http://identity:8080/auth + -Daims.sslRequired=none + -Daims.publicClient=true + -Daims.autodetectBearerOnly=true + -Daims.alwaysRefreshToken=true + -Daims.principalAttribute=preferred_username + -Daims.enableBasicAuth=true " postgres-acs: From 0be038fe07319ea8ebd166d1711aab85a1371afb Mon Sep 17 00:00:00 2001 From: Brian Long Date: Thu, 14 Jan 2021 11:19:01 -0500 Subject: [PATCH 10/14] added acs platform/share AIMS config after testing --- docker-compose.yml | 6 +++--- keycloak-alfresco-realm.json | 15 +++++++++++++++ 2 files changed, 18 insertions(+), 3 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index c5412db..cc2c49d 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -39,7 +39,7 @@ services: -Dauthentication.chain=aims:identity-service,builtin:alfrescoNtlm -Didentity-service.authentication.defaultAdministratorUserNames=admin.1 - -Didentity-service.auth-server-url=http://identity:8080/auth + -Didentity-service.auth-server-url=${IDENTITY_SERVICE_BASEURL}/auth -Dsystem.content.eagerOrphanCleanup=true -Dsystem.content.orphanProtectDays=0 @@ -68,8 +68,8 @@ services: -Dalfresco.protocol=${PROXY_PROTOCOL} -Daims.enabled=true -Daims.realm=alfresco - -Daims.resource=alfresco - -Daims.authServerUrl=http://identity:8080/auth + -Daims.resource=acs-share + -Daims.authServerUrl=${IDENTITY_SERVICE_BASEURL}/auth -Daims.sslRequired=none -Daims.publicClient=true -Daims.autodetectBearerOnly=true diff --git a/keycloak-alfresco-realm.json b/keycloak-alfresco-realm.json index 198f54a..43cb8ae 100644 --- a/keycloak-alfresco-realm.json +++ b/keycloak-alfresco-realm.json @@ -27,6 +27,21 @@ "attributes": { "login_theme": "alfresco" } + }, + { + "clientId": "acs-share", + "name": "ACS Share", + "enabled": true, + "alwaysDisplayInConsole": false, + "redirectUris": [ "*" ], + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "publicClient": true, + "protocol": "openid-connect", + "attributes": { + "login_theme": "alfresco" + } } ], "requiredCredentials": [ "password" ], From 171f67daf029db5fc98ada97e920ebec031d64f1 Mon Sep 17 00:00:00 2001 From: Brian Long Date: Thu, 6 May 2021 14:18:02 -0400 Subject: [PATCH 11/14] added identity service as dependency to platform --- docker-compose.yml | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index 2c7f493..9e71b0d 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -46,8 +46,12 @@ services: -Djodconverter.enabled=false " depends_on: - - postgres-acs - - activemq + postgres-acs: + condition: service_started + activemq: + condition: service_started + identity: + condition: service_healthy transform-core-aio: image: alfresco/alfresco-transform-core-aio:2.3.6 From dfb0f61088449bcfda0a9e551d822f5281c13d99 Mon Sep 17 00:00:00 2001 From: Brian Long Date: Tue, 22 Jun 2021 09:23:05 -0400 Subject: [PATCH 12/14] changed URLs to use split envvars --- docker-compose.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index 7cfb3fe..8ec926e 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -39,7 +39,7 @@ services: -Dauthentication.chain=aims:identity-service,builtin:alfrescoNtlm -Didentity-service.authentication.defaultAdministratorUserNames=admin.1 - -Didentity-service.auth-server-url=${IDENTITY_SERVICE_BASEURL}/auth + -Didentity-service.auth-server-url=${IDENTITY_SERVICE_PROTOCOL}://${IDENTITY_SERVICE_HOST}:${IDENTITY_SERVICE_PORT}/auth -Dsystem.content.eagerOrphanCleanup=true -Dsystem.content.orphanProtectDays=0 @@ -73,7 +73,7 @@ services: -Daims.enabled=true -Daims.realm=alfresco -Daims.resource=acs-share - -Daims.authServerUrl=${IDENTITY_SERVICE_BASEURL}/auth + -Daims.authServerUrl=${IDENTITY_SERVICE_PROTOCOL}://${IDENTITY_SERVICE_HOST}:${IDENTITY_SERVICE_PORT}/auth -Daims.sslRequired=none -Daims.publicClient=true -Daims.autodetectBearerOnly=true From fcd12627211127f7417027f20437eae6b0d79d30 Mon Sep 17 00:00:00 2001 From: "Brian M. Long" Date: Tue, 1 Nov 2022 15:03:04 -0400 Subject: [PATCH 13/14] parameterized ACS share version --- .env | 1 + docker-compose.yml | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/.env b/.env index 43cc336..16ae058 100644 --- a/.env +++ b/.env @@ -8,3 +8,4 @@ PROXY_PORT=8080 ACS_TAG=7.3.0 AAMQ_TAG=5.17.1-jre17-centos7 POSTGRES_TAG=13 +ACS_SHARE_TAG=7.3.0 diff --git a/docker-compose.yml b/docker-compose.yml index 9e06735..639298f 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -31,7 +31,7 @@ services: - activemq share: - image: alfresco/alfresco-share:latest + image: alfresco/alfresco-share:${ACS_SHARE_TAG} environment: REPO_HOST: "platform" CSRF_FILTER_REFERER: "${PROXY_PROTOCOL}://${PROXY_HOST}(:${PROXY_PORT})?/?.*" From 23b3057329787f23395410242e07cf49b33076f7 Mon Sep 17 00:00:00 2001 From: "Brian M. Long" Date: Wed, 25 Oct 2023 20:19:43 -0400 Subject: [PATCH 14/14] ACS share v7.4.1.2 --- .env | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.env b/.env index 98a80a5..d0ffea4 100644 --- a/.env +++ b/.env @@ -8,4 +8,4 @@ PROXY_PORT=8080 ACS_TAG=7.4.1.1 AAMQ_TAG=latest POSTGRES_TAG=13 -ACS_SHARE_TAG=7.3.0 +ACS_SHARE_TAG=7.4.1.2