Compare commits
4 Commits
propagate/
...
proxy
| Author | SHA1 | Date | |
|---|---|---|---|
| 241a3e47ea | |||
| c2a9679ede | |||
| 9e1a819e8b | |||
| 10e7f81163 |
3
.env
3
.env
@@ -1,6 +1,3 @@
|
||||
ALFRESCO_DIR=~/alfresco
|
||||
ALFRESCO_LICENSE_DIR=~/alfresco/license
|
||||
|
||||
PROXY_PROTOCOL=http
|
||||
PROXY_HOST=localhost
|
||||
PROXY_PORT=8080
|
||||
|
||||
@@ -1,16 +0,0 @@
|
||||
FROM alfresco/alfresco-content-repository:latest
|
||||
|
||||
ARG USERNAME=alfresco
|
||||
ARG TOMCAT_DIR=/usr/local/tomcat
|
||||
|
||||
USER root
|
||||
|
||||
COPY catalina.policy /tmp/catalina.policy.ext
|
||||
COPY tomcat-platform-context.xml ${TOMCAT_DIR}/conf/Catalina/localhost/alfresco.xml
|
||||
COPY *.amp ${TOMCAT_DIR}/amps/
|
||||
|
||||
RUN java -jar ${TOMCAT_DIR}/alfresco-mmt/alfresco-mmt*.jar install ${TOMCAT_DIR}/amps ${TOMCAT_DIR}/webapps/alfresco -nobackup -directory && \
|
||||
mkdir -p ${TOMCAT_DIR}/modules && \
|
||||
cat /tmp/catalina.policy.ext >> ${TOMCAT_DIR}/conf/catalina.policy
|
||||
|
||||
USER ${USERNAME}
|
||||
@@ -1,3 +0,0 @@
|
||||
## Usage
|
||||
|
||||
Download all AMP files needed into this directory. All of them will be copied into a new Docker image and installed into the Alfresco Platform web application.
|
||||
@@ -1,4 +0,0 @@
|
||||
grant codeBase "file:${catalina.base}/modules/-" {
|
||||
permission java.security.AllPermission;
|
||||
};
|
||||
|
||||
@@ -1,7 +0,0 @@
|
||||
<?xml version="1.0" encoding="utf-8" ?>
|
||||
<Context>
|
||||
<Resources>
|
||||
<PreResources base="${catalina.base}/modules" className="org.apache.catalina.webresources.DirResourceSet" webAppMount="/WEB-INF/lib" readOnly="true" />
|
||||
</Resources>
|
||||
</Context>
|
||||
|
||||
@@ -1,3 +0,0 @@
|
||||
## Usage
|
||||
|
||||
Download all JAR module files needed into this directory. All of them will be dynamically loaded into the Docker container and loaded into the Alfresco Platform web application.
|
||||
@@ -1,37 +1,10 @@
|
||||
# Sourced from https://github.com/Alfresco/acs-deployment/blob/4.0.3/docker-compose/docker-compose.yml
|
||||
# Originally sourced from https://github.com/Alfresco/acs-deployment/blob/4.0.3/docker-compose/docker-compose.yml
|
||||
#
|
||||
# Using version 2 as 3 does not support resource constraint options (cpu_*, mem_* limits) for non swarm mode in Compose
|
||||
version: "2"
|
||||
version: "3"
|
||||
|
||||
services:
|
||||
platform:
|
||||
build: ./alfresco-content-repository/docker
|
||||
image: local/alfresco-content-repository:latest
|
||||
environment:
|
||||
JAVA_OPTS: "
|
||||
-Ddb.driver=org.postgresql.Driver
|
||||
-Ddb.url=jdbc:postgresql://postgres-acs:5432/alfresco
|
||||
-Dalfresco.host=${PROXY_HOST}
|
||||
-Dalfresco.port=${PROXY_PORT}
|
||||
-Dalfresco.protocol=${PROXY_PROTOCOL}
|
||||
-Dmessaging.broker.url=\"failover:(nio://activemq:61616)?timeout=3000&jms.useCompression=true\"
|
||||
"
|
||||
depends_on:
|
||||
- postgres-acs
|
||||
- activemq
|
||||
volumes:
|
||||
- "./alfresco-content-repository/modules:/usr/local/tomcat/modules:ro"
|
||||
|
||||
postgres-acs:
|
||||
image: postgres:latest
|
||||
|
||||
activemq:
|
||||
image: alfresco/alfresco-activemq:latest
|
||||
|
||||
proxy:
|
||||
build: ./nginx-ingress
|
||||
image: local/nginx-ingress:acs
|
||||
image: local/nginx-ingress:base
|
||||
ports:
|
||||
- 8080:8080
|
||||
depends_on:
|
||||
- platform
|
||||
|
||||
@@ -1,9 +1,5 @@
|
||||
#!/bin/sh
|
||||
|
||||
if [[ $ACS_PLATFORM_URL ]]; then
|
||||
sed -i s%http:\/\/platform:8080%"$ACS_PLATFORM_URL"%g /etc/nginx/nginx.conf
|
||||
fi
|
||||
|
||||
if [[ $ACCESS_LOG ]]; then
|
||||
sed -i s%\#ENV_ACCESS_LOG%"access_log $ACCESS_LOG;"%g /etc/nginx/nginx.conf
|
||||
fi
|
||||
|
||||
@@ -25,28 +25,5 @@ http {
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_pass_header Set-Cookie;
|
||||
|
||||
# Protect access to SOLR APIs
|
||||
location ~ ^(/.*/service/api/solr/.*)$ {return 403;}
|
||||
location ~ ^(/.*/s/api/solr/.*)$ {return 403;}
|
||||
location ~ ^(/.*/wcservice/api/solr/.*)$ {return 403;}
|
||||
location ~ ^(/.*/wcs/api/solr/.*)$ {return 403;}
|
||||
|
||||
location ~ ^(/.*/proxy/alfresco/api/solr/.*)$ {return 403 ;}
|
||||
location ~ ^(/.*/-default-/proxy/alfresco/api/.*)$ {return 403;}
|
||||
|
||||
# Protect access to Prometheus endpoint
|
||||
location ~ ^(/.*/s/prometheus)$ {return 403;}
|
||||
|
||||
location / {
|
||||
proxy_pass http://platform:8080;
|
||||
}
|
||||
|
||||
location /alfresco/ {
|
||||
proxy_pass http://platform:8080;
|
||||
|
||||
# If using external proxy / load balancer (for initial redirect if no trailing slash)
|
||||
absolute_redirect off;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user