From a7fa111930854c77db40b8fda7f2ecdfd905836d Mon Sep 17 00:00:00 2001 From: Brian Long Date: Tue, 22 Jun 2021 09:11:00 -0400 Subject: [PATCH 1/3] split AIS url into parts for reuse --- .env | 4 +++- docker-compose.yml | 6 +++--- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/.env b/.env index a74a230..2cbfe36 100644 --- a/.env +++ b/.env @@ -1,4 +1,6 @@ PROXY_PROTOCOL=http PROXY_HOST=localhost PROXY_PORT=8080 -IDENTITY_SERVICE_BASEURL=http://auth.example.org:8080 +IDENTITY_SERVICE_PROTOCOL=http +IDENTITY_SERVICE_HOST=auth.example.org +IDENTITY_SERVICE_PORT=8080 diff --git a/docker-compose.yml b/docker-compose.yml index e10fd08..4baec46 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,7 +1,7 @@ # Sourced from https://github.com/Alfresco/acs-deployment/blob/4.0.3/docker-compose/docker-compose.yml # # Using version 2 as 3 does not support resource constraint options (cpu_*, mem_* limits) for non swarm mode in Compose -version: "2" +version: "2.1" services: @@ -11,13 +11,13 @@ services: environment: KEYCLOAK_USER: admin KEYCLOAK_PASSWORD: admin - KEYCLOAK_HOSTNAME: auth.example.org + KEYCLOAK_HOSTNAME: ${IDENTITY_SERVICE_HOST} KEYCLOAK_IMPORT: /tmp/keycloak-alfresco-realm.json KEYCLOAK_STATISTICS: enabled networks: default: aliases: - - "auth.example.org" + - "${IDENTITY_SERVICE_HOST}" healthcheck: test: ["CMD", "curl", "-f", "http://localhost:8080/auth"] interval: 10s From dfb0f61088449bcfda0a9e551d822f5281c13d99 Mon Sep 17 00:00:00 2001 From: Brian Long Date: Tue, 22 Jun 2021 09:23:05 -0400 Subject: [PATCH 2/3] changed URLs to use split envvars --- docker-compose.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index 7cfb3fe..8ec926e 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -39,7 +39,7 @@ services: -Dauthentication.chain=aims:identity-service,builtin:alfrescoNtlm -Didentity-service.authentication.defaultAdministratorUserNames=admin.1 - -Didentity-service.auth-server-url=${IDENTITY_SERVICE_BASEURL}/auth + -Didentity-service.auth-server-url=${IDENTITY_SERVICE_PROTOCOL}://${IDENTITY_SERVICE_HOST}:${IDENTITY_SERVICE_PORT}/auth -Dsystem.content.eagerOrphanCleanup=true -Dsystem.content.orphanProtectDays=0 @@ -73,7 +73,7 @@ services: -Daims.enabled=true -Daims.realm=alfresco -Daims.resource=acs-share - -Daims.authServerUrl=${IDENTITY_SERVICE_BASEURL}/auth + -Daims.authServerUrl=${IDENTITY_SERVICE_PROTOCOL}://${IDENTITY_SERVICE_HOST}:${IDENTITY_SERVICE_PORT}/auth -Daims.sslRequired=none -Daims.publicClient=true -Daims.autodetectBearerOnly=true From 8894180ea1f08f5f2289daef96fc9903a06f1bac Mon Sep 17 00:00:00 2001 From: Brian Long Date: Tue, 22 Jun 2021 09:24:40 -0400 Subject: [PATCH 3/3] changed URLs to use split envvars --- docker-compose.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index 4917b8a..115ce3e 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -156,7 +156,7 @@ services: -Drepo.port=8080 -Ddw.server.applicationConnectors[0].type=http -XX:MinRAMPercentage=50 -XX:MaxRAMPercentage=80 - -Didentity-service.auth-server-url=${IDENTITY_SERVICE_BASEURL}/auth + -Didentity-service.auth-server-url=${IDENTITY_SERVICE_PROTOCOL}://${IDENTITY_SERVICE_HOST}:${IDENTITY_SERVICE_PORT}/auth -Didentity-service.resource=acs-sync " depends_on: @@ -171,7 +171,7 @@ services: APP_CONFIG_ECM_HOST: "${PROXY_PROTOCOL}://${PROXY_HOST}:${PROXY_PORT}" APP_BASE_SHARE_URL: "${PROXY_PROTOCOL}://${PROXY_HOST}:${PROXY_PORT}/#/preview/s" APP_CONFIG_AUTH_TYPE: OAUTH - APP_CONFIG_OAUTH2_HOST: "${IDENTITY_SERVICE_BASEURL}/auth/realms/alfresco" + APP_CONFIG_OAUTH2_HOST: "${IDENTITY_SERVICE_PROTOCOL}://${IDENTITY_SERVICE_HOST}:${IDENTITY_SERVICE_PORT}/auth/realms/alfresco" APP_CONFIG_OAUTH2_CLIENTID: alfresco APP_CONFIG_OAUTH2_IMPLICIT_FLOW: "true" APP_CONFIG_OAUTH2_REDIRECT_LOGIN: "/workspace/"