Merge branch 'dbp-aims' into dbp-persist-aims

2021-06-22 09:31:10 -04:00 · 2021-06-22 09:31:10 -04:00 · 925d05e41b
commit 925d05e41b
parent 3d14c54688 99c9621a9f
2 changed files with 30 additions and 13 deletions
--- a/.env
+++ b/.env
@ -4,4 +4,6 @@ ALFRESCO_LICENSE_DIR=~/alfresco/license
 PROXY_PROTOCOL=http
 PROXY_HOST=localhost
 PROXY_PORT=8080
-IDENTITY_SERVICE_BASEURL=http://auth.example.org:8080
+IDENTITY_SERVICE_PROTOCOL=http
+IDENTITY_SERVICE_HOST=auth.example.org
+IDENTITY_SERVICE_PORT=8080
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -1,7 +1,7 @@
 # Sourced from https://github.com/Alfresco/acs-deployment/blob/4.0.3/docker-compose/docker-compose.yml
 #
 # Using version 2 as 3 does not support resource constraint options (cpu_*, mem_* limits) for non swarm mode in Compose
-version: "2"
+version: "2.1"

 services:
    platform:
@ -50,16 +50,21 @@ services:

                -Dauthentication.chain=aims:identity-service,builtin:alfrescoNtlm
                -Didentity-service.authentication.defaultAdministratorUserNames=admin.1
-                -Didentity-service.auth-server-url=${IDENTITY_SERVICE_BASEURL}/auth
+                -Didentity-service.auth-server-url=${IDENTITY_SERVICE_PROTOCOL}://${IDENTITY_SERVICE_HOST}:${IDENTITY_SERVICE_PORT}/auth
                
                -Dsystem.content.eagerOrphanCleanup=true
                -Dsystem.content.orphanProtectDays=0
                -Djodconverter.enabled=false
                "
        depends_on:
-            - postgres-acs
-            - activemq
-            - shared-file-store
+            postgres-acs:
+                condition: service_started
+            activemq:
+                condition: service_started
+            shared-file-store:
+                condition: service_started
+            identity:
+                condition: service_healthy
        volumes:
            - "$ALFRESCO_LICENSE_DIR/acs:/usr/local/tomcat/shared/classes/alfresco/extension/license:ro"
            - acsbin-volume:/usr/local/tomcat/alf_data:rw
@ -105,7 +110,7 @@ services:
                -Daims.enabled=true
                -Daims.realm=alfresco
                -Daims.resource=acs-share
-                -Daims.authServerUrl=${IDENTITY_SERVICE_BASEURL}/auth
+                -Daims.authServerUrl=${IDENTITY_SERVICE_PROTOCOL}://${IDENTITY_SERVICE_HOST}:${IDENTITY_SERVICE_PORT}/auth
                -Daims.sslRequired=none
                -Daims.publicClient=true
                -Daims.autodetectBearerOnly=true
@ -158,7 +163,7 @@ services:
                -Drepo.port=8080
                -Ddw.server.applicationConnectors[0].type=http
                -XX:MinRAMPercentage=50 -XX:MaxRAMPercentage=80
-                -Didentity-service.auth-server-url=${IDENTITY_SERVICE_BASEURL}/auth
+                -Didentity-service.auth-server-url=${IDENTITY_SERVICE_PROTOCOL}://${IDENTITY_SERVICE_HOST}:${IDENTITY_SERVICE_PORT}/auth
                -Didentity-service.resource=acs-sync
                "
        depends_on:
@ -171,9 +176,13 @@ services:
        environment:
            BASE_PATH: ./
            APP_CONFIG_ECM_HOST: "${PROXY_PROTOCOL}://${PROXY_HOST}:${PROXY_PORT}"
-            APP_BASE_SHARE_URL: "${PROXY_PROTOCOL}://${PROXY_HOST}:${PROXY_PORT}/#/preview/s"
+            APP_CONFIG_BPM_HOST: "${PROXY_PROTOCOL}://${PROXY_HOST}:${PROXY_PORT}"
+            APP_BASE_SHARE_URL: "${PROXY_PROTOCOL}://${PROXY_HOST}:${PROXY_PORT}/workspace/#/preview/s"
+            APP_CONFIG_PROVIDER: "ALL"
+            APP_CONFIG_PLUGIN_PROCESS_SERVICE: "true"
+            #APP_CONFIG_PLUGIN_PROCESS_AUTOMATION: "true"
            APP_CONFIG_AUTH_TYPE: OAUTH
-            APP_CONFIG_OAUTH2_HOST: "${IDENTITY_SERVICE_BASEURL}/auth/realms/alfresco"
+            APP_CONFIG_OAUTH2_HOST: "${IDENTITY_SERVICE_PROTOCOL}://${IDENTITY_SERVICE_HOST}:${IDENTITY_SERVICE_PORT}/auth/realms/alfresco"
            APP_CONFIG_OAUTH2_CLIENTID: alfresco
            APP_CONFIG_OAUTH2_IMPLICIT_FLOW: "true"
            APP_CONFIG_OAUTH2_REDIRECT_LOGIN: "/workspace/"
@ -193,7 +202,7 @@ services:
            ACTIVITI_ES_REST_CLIENT_PORT: 9200
            ACTIVITI_ES_REST_CLIENT_SCHEMA: http
            IDENTITY_SERVICE_ENABLED: "true"
-            IDENTITY_SERVICE_AUTH: $IDENTITY_SERVICE_BASEURL/auth
+            IDENTITY_SERVICE_AUTH: ${IDENTITY_SERVICE_PROTOCOL}://${IDENTITY_SERVICE_HOST}:${IDENTITY_SERVICE_PORT}/auth
            JAVA_OPTS: "-XX:MinRAMPercentage=50 -XX:MaxRAMPercentage=80"
        depends_on:
            - postgres-aps
@ -260,13 +269,19 @@ services:
        environment:
            KEYCLOAK_USER: admin
            KEYCLOAK_PASSWORD: admin
-            KEYCLOAK_HOSTNAME: auth.example.org
+            KEYCLOAK_HOSTNAME: ${IDENTITY_SERVICE_HOST}
            KEYCLOAK_IMPORT: /tmp/keycloak-alfresco-realm.json
            KEYCLOAK_STATISTICS: enabled
        networks:
            default:
                aliases:
-                    - "auth.example.org"
+                    - "${IDENTITY_SERVICE_HOST}"
+        healthcheck:
+            test: ["CMD", "curl", "-f", "http://localhost:8080/auth"]
+            interval: 10s
+            timeout: 10s
+            # Really long startup times on Windows
+            retries: 18
        volumes:
            - ./keycloak-alfresco-realm.json:/tmp/keycloak-alfresco-realm.json:ro
            - keycloak-volume:/opt/jboss/keycloak/standalone/data:rw