adjusment

2025-07-27 09:25:55 +07:00
parent a4ce1d248e
commit 0754ebd64c
13 changed files with 176 additions and 172 deletions
--- a/.env
+++ b/.env
@@ -0,0 +1,6 @@
 CATALINA_HOME=/opt/tomcat9
 SC_PUBLISHED_HOST=smartconnect.internal.yel.or.id
 SC_FILESTORE_LOCATION=/data/SMARTConnect
 SC_SERVER_ADMIN=hendra@yel.or.id
 DNS_CLOUDFLARE_API_TOKEN=3WedMWHhoDPxge5yMPJgQPFhRXCTp6zpasTIlaIu
 POSTGRES_PASSWORD=Sm@rtConnIX3
--- a/57
+++ b/57
@@ -4,17 +4,33 @@ LABEL org.opencontainers.image.authors="Hazza"
 ENV DOCKER_NAME="docker-smartconnect7"
 ARG CATALINA_HOME
 ARG SC_PUBLISHED_HOST
 ARG SC_FILESTORE_LOCATION
 ARG SC_SERVER_ADMIN
 ARG DNS_CLOUDFLARE_API_TOKEN
 ENV TIME_ZONE="Asia/Jakarta"
-ENV CATALINA_HOME /opt/tomcat9
+ENV CATALINA_HOME=$CATALINA_HOME
-ENV PATH $CATALINA_HOME/bin:$PATH
+ENV PATH=$CATALINA_HOME/bin:$PATH
-RUM mkdir /data
+RUN mkdir /app && mkdir -p $SC_FILESTORE_LOCATION
-WORKDIR /data
+WORKDIR /app
-ENV SMARTCONNECT_DATA /data/SMARTConnect
+ADD ./app /app/
 ENV SMARTCONNECT_DATA=$SC_FILESTORE_LOCATION
 RUN apt update
 RUN apt install postgresql-client certbot python3-certbot-dns-cloudflare -y && apt clean && rm -rf /var/lib/apt/lists/*
 RUN set -eux; \
 export TOMCAT_VERSION=$(curl --silent https://dlcdn.apache.org/tomcat/tomcat-9/ | grep v9 | tail -n 1 | grep -oE 'v[0-9]+\.[0-9]+\.[0-9]+' | tail -n 1); \
@@ -30,15 +46,32 @@ RUN set -eux; \
 echo ">>> $HASH"; \
 echo $HASH | sha512sum -c; \
 mkdir -p "$CATALINA_HOME"; \
-	tar --extract \
+tar --extract --file "$TOMCAT_FILE" --directory "$CATALINA_HOME" --strip-components 1 --no-same-owner; \
 		--file "$TOMCAT_FILE" \
 		--directory "$CATALINA_HOME" \
 		--strip-components 1 \
 		--no-same-owner \
 	; \
 rm "$TOMCAT_FILE"; \
 echo "[$(date)]  [$DOCKER_NAME] [$TOMCAT_URL]" >> /.components;
-EXPOSE 8080
+RUN mkdir -p ~/.secrets/certbot && printf "dns_cloudflare_api_token=$DNS_CLOUDFLARE_API_TOKEN" >>  ~/.secrets/certbot/cloudflare.ini && chmod 600 ~/.secrets/certbot/cloudflare.ini
 RUN printf "pgsql-postgis:5432:*:postgres:${POSTGRES_PASSWORD}" >>  ~/.pgpass && chmod 600 ~/.pgpass
 RUN psql -h pgsql-postgis -p 5432 -U postgres -f db/db_preparation.sql
 RUN psql -h pgsql-postgis -p 5432 -d yel_scdb -U postgres -f db/scdb_import.sql
 RUN certbot certonly \
 -a dns-cloudflare --dns-cloudflare-credentials ~/.secrets/certbot/cloudflare.ini \
 --non-interactive --agree-tos --no-eff-email -m $SC_SERVER_ADMIN \
 -d $SC_PUBLISHED_HOST
 RUN rm -rf $CATALINA_HOME/webapps && mkdir $CATALINA_HOME/conf/cert && cp -f conf/server.xml $CATALINA_HOME/conf/ && cp webapps $CATALINA_HOME/ && cp lib/* $CATALINA_HOME/lib/
 RUN cp -Lf /etc/letsencrypt/live/$SC_PUBLISHED_HOST/{cert,chain,privkey}.pem $CATALINA_HOME/conf/cert/
 RUN printf "#!/bin/sh\n\n\
 cp -Lf /etc/letsencrypt/live/$SC_PUBLISHED_HOST/{cert,chain,privkey}.pem /opt/tomcat9/conf/cert/\n" >> /etc/letsencrypt/renewal-hooks/deploy/sc7_certbot_deploy.sh \
 && chmod 750 /etc/letsencrypt/renewal-hooks/deploy/sc7_certbot_deploy.sh
 CMD ["sh"]
--- a/app/conf/server.xml
+++ b/app/conf/server.xml
@@ -0,0 +1,80 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <Server port="-1" shutdown="SHUTDOWN">
 	<Listener className="org.apache.catalina.startup.VersionLoggerListener"/>
 	<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on"/>
 	<Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener"/>
 	<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener"/>
 	<Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener"/>
 	<GlobalNamingResources>
 		<Resource auth="Container"
 			driverClassName="org.postgresql.Driver"
 			type="javax.sql.DataSource"
 			factory="org.apache.tomcat.jdbc.pool.DataSourceFactory"
 			name="org.wcs.smart.connect.datasource.postgresql"
 			username="scadmin"
 			password="Sm@rtConnIX3"
 			url="jdbc:postgresql://pgsql-postgis:5432/yel_scdb"
 			alternateUsernameAllowed="true"
 			maxActive="20"
 			maxIdle="10"
 			minIdle="2"
 			socketTimeout="6000"
 			initialSize="2"
 			validationQuery = "SELECT 1;"
 			testWhileIdle = "true"
 			testOnBorrow = "true"
 			testOnConnect = "true"
 			testOnReturn = "true"
 			timeBetweenEvictionRunsMillis = "34000"
 			minEvictableIdleTimeMillis = "55000"
 			validationInterval = "15000"
 			removeAbandoned = "false"
 			removeAbandonedTimeout = "6000"
 			logAbandoned = "true"
 			initSQL = "SELECT 1;"
 			logValidationErrors = "true"
 			logSlow = "true"
 			logFailed = "true"/>
 		<Environment name="smartconnect.filestorelocation" value="/opt/SMARTConnect/Data" type="java.lang.String" override="false"/>
 		<Environment name="smartconnect.gfw_cleanup_days" value="30" type="java.lang.Integer" override="false"/>
 		<Environment name="smartconnect.dataqueue_cleanup_days" value="2" type="java.lang.Integer" override="false"/>
 		<Environment name="smartconnect.spatial_ref_sys_table" value="public.spatial_ref_sys" type="java.lang.String" override="false"/>
 		<Environment name="smartconnect.number_background_threads" value="5" type="java.lang.Integer" override="false"/>
 		<Environment name="smartconnect.work_item_history_days_available" value="5" type="java.lang.Integer" override="false"/>
 		<Environment name="smartconnect.changelog_cleanup_days" value="5" type="java.lang.Integer" override="false"/>
 		<Environment name="smartconnect.ca_export_days_available" value="5" type="java.lang.Integer" override="false"/>
 		<Environment name="smartconnect.sync_download_hours_available" value="5" type="java.lang.Integer" override="false"/>
 		<Environment name="smartconnect.cleanup_task_interval_hours value="5" type="java.lang.Integer" override="false"/>
 		<Resource name="mail/Session"
 			auth="Container"
 			type="javax.mail.Session"
 			mail.smtp.auth="true"
 			mail.smtp.from="no_reply@yel.or.id"
 			mail.smtp.host="smtp.gmail.com"
 			mail.smtp.starttls.enable="true"
 			mail.smtp.port="587"
 			mail.smtp.user="no_reply@yel.or.id"
 			password="aeynxbgypznsxmdz"/>
 	</GlobalNamingResources>
 	<Service name="Catalina">
 		<Engine name="Catalina" defaultHost="smartconnect.internal.yel.or.id">
 			<Realm className="org.apache.catalina.realm.LockOutRealm">
 				<Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase"/>
 			</Realm>
 			<Host name="smartconnect.internal.yel.or.id" appBase="webapps" unpackWARs="true" autoDeploy="true">
 				<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" prefix="sc_access" suffix=".log" pattern="%h %l %u %t &quot;%r&quot; %s %b"/>
 			</Host>
 		</Engine>
 		<Connector port="443" protocol="org.apache.coyote.http11.Http11NioProtocol" maxThreads="300" processorCache="300" SSLEnabled="true">
 			<SSLHostConfig>
 				<Certificate certificateFile="conf/cert/cert.pem" certificateKeyFile="conf/cert/privkey.pem" certificateChainFile="conf/cert/chain.pem"/>
 			</SSLHostConfig>
 		</Connector>
 	</Service>
 </Server>
--- a/app/db/db_preparation.sql
+++ b/app/db/db_preparation.sql
@@ -0,0 +1,17 @@
 -- SMART7 database preparation
 -- 1) install postgis extension
 -- Not Needed: already installed because we use postgis/postgis:11-2.5 docker image
 -- CREATE EXTENSION postgis;
 -- 2) install uuid-ossp extension
 CREATE EXTENSION "uuid-ossp";
 -- 3) Create Specific User for SMARTConnect 7 with password
 CREATE USER scadmin PASSWORD 'Sm@rtConnIX3';
 -- 4) Create DB for SMARTConnect 7 and make newly created user above as the owner
 CREATE DATABASE yel_scdb WITH OWNER scadmin;
 -- 5) Grant all privileges on database yel_scdb to scadmin
 GRANT ALL PRIVILEGES ON DATABASE yel_scdb TO scadmin;
--- a/app/db/scdb_import.sql
+++ b/app/db/scdb_import.sql
--- a/app/lib/jBCrypt-0.4.jar
+++ b/app/lib/jBCrypt-0.4.jar
--- a/app/lib/javax.activation-1.2.0.jar
+++ b/app/lib/javax.activation-1.2.0.jar
--- a/app/lib/javax.mail-1.6.2.jar
+++ b/app/lib/javax.mail-1.6.2.jar
--- a/app/lib/postgresql-42.7.7.jar
+++ b/app/lib/postgresql-42.7.7.jar
--- a/app/lib/smart-bcrypt.jar
+++ b/app/lib/smart-bcrypt.jar
--- a/app/webapps/ROOT.war
+++ b/app/webapps/ROOT.war
--- a/conf/server.xml
+++ b/conf/server.xml
@@ -1,138 +0,0 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <Server port="-1" shutdown="SHUTDOWN">
 	<Listener className="org.apache.catalina.startup.VersionLoggerListener"/>
 	<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on"/>
 	<Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener"/>
 	<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener"/>
 	<Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener"/>
 	<GlobalNamingResources>
 		<Resource name="UserDatabase"
 			auth="Container"
 			type="org.apache.catalina.UserDatabase"
 			description="User database that can be updated and saved"
 			factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
 			pathname="conf/tomcat-users.xml"/>
 		<Resource auth="Container"
 			driverClassName="org.postgresql.Driver"
 			type="javax.sql.DataSource"
 			factory="org.apache.tomcat.jdbc.pool.DataSourceFactory"
 			name="org.wcs.smart.connect.datasource.postgresql"
 			username="postgres"
 			password="smart1234"
 			url="jdbc:postgresql://localhost:5432/connectsmart"
 			alternateUsernameAllowed="true"
 			maxActive="20"
 			maxIdle="10"
 			minIdle="2"
 			socketTimeout="6000"
 			initialSize="2"
 			validationQuery = "SELECT 1;"
 			testWhileIdle = "true"
 			testOnBorrow = "true"
 			testOnConnect = "true"
 			testOnReturn = "true"
 			timeBetweenEvictionRunsMillis = "34000"
 			minEvictableIdleTimeMillis = "55000"
 			validationInterval = "15000"
 			removeAbandoned = "false"
 			removeAbandonedTimeout = "6000"
 			logAbandoned = "true"
 			initSQL = "SELECT 1;"
 			logValidationErrors = "true"
 			logSlow = "true"
 			logFailed = "true"/>
 		<Environment name="smartconnect.filestorelocation"
 			value="/opt/SMARTConnect/Data"
 			type="java.lang.String"
 			override="false"/>
 		<Environment name="smartconnect.gfw_cleanup_days"
 		             value="30"
 		             type="java.lang.Integer"
 		             override="false"/>
 		<Environment name="smartconnect.dataqueue_cleanup_days"
 		             value="2"
 		             type="java.lang.Integer"
 		             override="false"/>
 		<Environment name="smartconnect.spatial_ref_sys_table"
 		             value="public.spatial_ref_sys"
 		             type="java.lang.String"
 		             override="false"/>
 		<Environment name="smartconnect.number_background_threads"
 		             value="5"
 		             type="java.lang.Integer"
 		             override="false"/>
 		<Environment name="smartconnect.work_item_history_days_available"
 		             value="5"
 		             type="java.lang.Integer"
 		             override="false"/>
 		<Environment name="smartconnect.changelog_cleanup_days"
 		             value="5"
 		             type="java.lang.Integer"
 		             override="false"/>
 		<Environment name="smartconnect.ca_export_days_available"
 		             value="5"
 		             type="java.lang.Integer"
 		             override="false"/>
 		<Environment name="smartconnect.sync_download_hours_available"
 		             value="5"
 		             type="java.lang.Integer"
 		             override="false"/>
 		<Environment name="smartconnect.cleanup_task_interval_hours"
 		             value="5"
 		             type="java.lang.Integer"
 		             override="false"/>
 		<Resource name="mail/Session"
 			auth="Container"
 			type="javax.mail.Session"
 			mail.smtp.auth="true"
 			mail.smtp.from="no_reply@yel.or.id"
 			mail.smtp.host="smtp.gmail.com"
 			mail.smtp.socketFactory.class="javax.net.ssl.SSLSocketFactory"
 			mail.transport.protocol="smtp"
 			mail.smtp.port="465"
 			mail.smtp.user="no_reply@yel.or.id"
 			password="aeynxbgypznsxmdz"
 			mail.smtp.starttls.enable="true"/>
 	</GlobalNamingResources>
 	<Service name="Catalina">
 		<Engine name="Catalina" defaultHost="smartconnect.internal.yel.or.id">
 			<Realm className="org.apache.catalina.realm.LockOutRealm">
 				<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
 					resourceName="UserDatabase"/>
 			</Realm>
 			<Host name="smartconnect.internal.yel.or.id"
 				appBase="webapps"
 				unpackWARs="true"
 				autoDeploy="true">
 				<Valve className="org.apache.catalina.valves.AccessLogValve"
 					directory="logs"
 					prefix="smartconnect.internal.yel.or.id_access_log"
 					suffix=".txt"
 					pattern="%h %l %u %t &quot;%r&quot; %s %b"/>
 			</Host>
 		</Engine>
 		<Connector port="443"
 			protocol="org.apache.coyote.http11.Http11NioProtocol"
 			maxThreads="300"
 			processorCache="300"
 			SSLEnabled="true">
 			<SSLHostConfig>
 				<Certificate certificateKeystoreFile="conf/smartconnect.jks"
 					certificateKeystorePassword="smartIX3"
 					certificateKeyAlias="tomcat"
 					certificateKeystoreType="PKCS12"
 					type="RSA"/>
 			</SSLHostConfig>
 		</Connector>
 	</Service>
 </Server>
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -2,15 +2,21 @@ services:
  smartconnect7:
    build:
      context: .
      args:
        - CATALINA_HOME=${CATALINA_HOME}
        - SC_PUBLISHED_HOST=${SC_PUBLISHED_HOST}
        - SC_FILESTORE_LOCATION=${SC_FILESTORE_LOCATION}
        - SC_SERVER_ADMIN=${SC_SERVER_ADMIN}
        - DNS_CLOUDFLARE_API_TOKEN=${DNS_CLOUDFLARE_API_TOKEN}
    container_name: SMARTConnect7
    volumes:
-      - catalina_home:/opt/tomcat9
+      - catalina_home:${CATALINA_HOME}
-      - smart_data:/data/SMARTConnect
+      - sc_filestore:${SC_FILESTORE_LOCATION}
      - letsencrypt:/etc/letsencrypt 
    networks:
      - frontend
      - backend
    ports:
      - "8080:8080"
      - "8443:8443"
    stdin_open: true
    tty: true
@@ -19,14 +25,13 @@ services:
    image: postgis/postgis:11-2.5
    environment:
      PGDATA: /pgdata
-      POSTGRES_PASSWORD: dspace
+      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
    volumes:
      - pgdata:/pgdata
    networks:
      - backend
    ports:
-      - "8080:8080"
+      - "5432:5432"
      - "8443:8443"
    stdin_open: true
    tty: true
@@ -36,5 +41,6 @@ networks:
 volumes:
  catalina_home:
-  smart_data:
+  sc_filestore:
  letsencrypt:
  pgdata: