Alpinize + Dockerize Mifos X
This commit is contained in:
parent
8ad7513007
commit
44cf422960
61
mifosx.sh
61
mifosx.sh
@ -1,55 +1,42 @@
|
||||
#!/bin/bash
|
||||
#!/bin/sh
|
||||
|
||||
SOURCE_DIR=$(realpath $(dirname "${0}"))/mifosx
|
||||
|
||||
# Download Mifos X
|
||||
mkdir -p /srv/mifosx/fineract-provider
|
||||
wget https://sourceforge.net/projects/mifos/files/latest/download -O /tmp/mifosx.zip
|
||||
unzip /tmp/mifosx.zip -d /tmp
|
||||
unzip /tmp/fineractplatform-17.07.01.RELEASE/fineract-provider.war -d /srv/mifosx/fineract-provider
|
||||
mv /tmp/fineractplatform-17.07.01.RELEASE/apps/community-app /srv/mifosx/community-app
|
||||
rm -f /tmp/mifosx.zip
|
||||
|
||||
# Download Java library dependencies
|
||||
wget http://central.maven.org/maven2/org/drizzle/jdbc/drizzle-jdbc/1.3/drizzle-jdbc-1.3.jar -O /var/lib/tomcat8/lib/drizzle-jdbc-1.3.jar
|
||||
# Build Docker container
|
||||
docker build -t mifosx ${SOURCE_DIR}
|
||||
|
||||
# Create databases
|
||||
export MIFOSX_PWD=$(head -c 18 /dev/urandom | base64)
|
||||
envsubst <${SOURCE_DIR}/tmp/mifosx-createdb.sql >/tmp/mifosx-createdb.sql
|
||||
mysql </tmp/mifosx-createdb.sql
|
||||
rm -f /tmp/mifosx-createdb.sql
|
||||
envsubst <${SOURCE_DIR}/createdb.sql | docker exec -i mariadb mysql
|
||||
|
||||
# Populate database
|
||||
mysql mifosplatform-tenants </tmp/fineractplatform-17.07.01.RELEASE/database/mifospltaform-tenants-first-time-install.sql
|
||||
envsubst <${SOURCE_DIR}/tmp/mifosx-schemapwd.sql >/tmp/mifosx-schemapwd.sql
|
||||
mysql mifosplatform-tenants </tmp/mifosx-schemapwd.sql
|
||||
rm -f /tmp/mifosx-schemapwd.sql
|
||||
docker run --rm -h mifosx mifosx cat /tmp/mifospltaform-tenants-first-time-install.sql | docker exec -i mariadb mysql mifosplatform-tenants
|
||||
envsubst <${SOURCE_DIR}/schemapwd.sql | docker exec -i mariadb mysql mifosplatform-tenants
|
||||
|
||||
# Configure Mifos X
|
||||
mkdir /srv/mifosx
|
||||
envsubst <${SOURCE_DIR}/srv/mifosx/context.xml >/srv/mifosx/context.xml
|
||||
|
||||
# Create Mifos X service
|
||||
cp ${SOURCE_DIR}/etc/init.d/mifosx /etc/init.d/mifosx
|
||||
rc-update add mifosx boot
|
||||
service mifosx start
|
||||
|
||||
# Update admin account
|
||||
echo `date` '- Waiting for `mifostenant-default` database to be populated. This should take about a minute.'
|
||||
until docker logs mifosx 2>&1 | grep -q 'Migrating schema `mifostenant-default` to version 5000'; do
|
||||
sleep 1
|
||||
done
|
||||
export MIFOSX_ADMIN_USER=admin
|
||||
export MIFOSX_ADMIN_EMAIL=admin@example.com
|
||||
export MIFOSX_ADMIN_PWD=$(head -c 12 /dev/urandom | base64 | tr -d "+")
|
||||
export MIFOSX_ADMIN_HASH=$(echo -n "${MIFOSX_ADMIN_PWD}{1}" | sha256sum | awk '{print $1}')
|
||||
envsubst <${SOURCE_DIR}/tmp/mifosx-adminpwd.sql >>/srv/mifosx/fineract-provider/WEB-INF/classes/sql/migrations/core_db/V3__mifosx-permissions-and-authorisation-utf8.sql
|
||||
envsubst <${SOURCE_DIR}/adminpwd.sql | docker exec -i mariadb mysql mifostenant-default
|
||||
|
||||
# Configure Mifos X
|
||||
envsubst <${SOURCE_DIR}/srv/mifosx/fineract-provider/META-INF/context.xml >/srv/mifosx/fineract-provider/META-INF/context.xml
|
||||
cp ${SOURCE_DIR}/srv/mifosx/fineract-provider/WEB-INF/classes/application.properties /srv/mifosx/fineract-provider/WEB-INF/classes/application.properties
|
||||
sed -i 's/requires-channel="https" //g' /srv/mifosx/fineract-provider/WEB-INF/classes/META-INF/spring/securityContext.xml
|
||||
chown -R tomcat8:tomcat8 /srv/mifosx/fineract-provider
|
||||
ln -s /srv/mifosx/fineract-provider /var/lib/tomcat8/webapps/fineract-provider
|
||||
|
||||
# Create nginx site definition
|
||||
cp ${SOURCE_DIR}/etc/nginx/apps-available/mifosx /etc/nginx/apps-available/mifosx
|
||||
ln -s /etc/nginx/apps-available/mifosx /etc/nginx/apps-enabled/mifosx
|
||||
|
||||
# Restart services
|
||||
systemctl restart tomcat8
|
||||
systemctl restart nginx
|
||||
|
||||
# Cleanup
|
||||
rm -rf /tmp/fineractplatform-17.07.01.RELEASE
|
||||
# Create nginx app definition
|
||||
cp ${SOURCE_DIR}/etc/nginx/conf.d/mifosx.conf /etc/nginx/conf.d/mifosx.conf
|
||||
service nginx reload
|
||||
|
||||
# Add portal application definition
|
||||
portal-app-manager mifosx "/mifosx/" "${MIFOSX_ADMIN_USER}" "${MIFOSX_ADMIN_PWD}"
|
||||
portal-app-manager mifosx "https://{host}:8412/community-app/" "${MIFOSX_ADMIN_USER}" "${MIFOSX_ADMIN_PWD}"
|
||||
portal-app-manager mifosx-mobile
|
||||
|
46
mifosx/Dockerfile
Normal file
46
mifosx/Dockerfile
Normal file
@ -0,0 +1,46 @@
|
||||
FROM alpine:3.7
|
||||
MAINTAINER Disassembler <disassembler@dasm.cz>
|
||||
|
||||
RUN \
|
||||
# Install Java 1.8 JRE
|
||||
apk --no-cache add openjdk8-jre-base paxctl \
|
||||
# Fix grsec attributes to loosen memory protection restrictions
|
||||
&& paxctl -cm /usr/lib/jvm/java-1.8-openjdk/jre/bin/java \
|
||||
&& paxctl -cm /usr/lib/jvm/java-1.8-openjdk/bin/java \
|
||||
# Cleanup
|
||||
&& apk del paxctl
|
||||
|
||||
RUN \
|
||||
# Install Tomcat 8
|
||||
wget http://mirror.dkm.cz/apache/tomcat/tomcat-8/v8.0.48/bin/apache-tomcat-8.0.48.tar.gz -O /tmp/apache-tomcat-8.tgz \
|
||||
&& tar xf /tmp/apache-tomcat-8.tgz -C /srv \
|
||||
&& mv /srv/apache-tomcat-8.0.48 /srv/tomcat \
|
||||
&& rm -f /tmp/apache-tomcat-8.tgz \
|
||||
&& rm -rf /srv/tomcat/webapps/ROOT /srv/tomcat/webapps/docs /srv/tomcat/webapps/examples /srv/tomcat/webapps/host-manager /srv/tomcat/webapps/manager \
|
||||
# Make catalina.sh available globally
|
||||
&& ln -s /srv/tomcat/bin/catalina.sh /usr/bin/catalina.sh
|
||||
|
||||
RUN \
|
||||
# Install full-featured wget to work around sourceforge bugs
|
||||
apk --no-cache add wget \
|
||||
# Download Mifos X
|
||||
&& wget https://sourceforge.net/projects/mifos/files/latest/download -O /tmp/mifosx.zip \
|
||||
&& mkdir /srv/tomcat/webapps/fineract-provider \
|
||||
&& unzip /tmp/mifosx.zip -d /tmp \
|
||||
&& unzip /tmp/fineractplatform-17.07.01.RELEASE/fineract-provider.war -d /srv/tomcat/webapps/fineract-provider \
|
||||
&& mv /tmp/fineractplatform-17.07.01.RELEASE/apps/community-app /srv/tomcat/webapps/community-app \
|
||||
&& mv /tmp/fineractplatform-17.07.01.RELEASE/database/mifospltaform-tenants-first-time-install.sql /tmp/mifospltaform-tenants-first-time-install.sql \
|
||||
# Download Java library dependencies
|
||||
&& wget http://central.maven.org/maven2/org/drizzle/jdbc/drizzle-jdbc/1.3/drizzle-jdbc-1.3.jar -O /srv/tomcat/lib/drizzle-jdbc-1.3.jar \
|
||||
# Configure Tomcat port + Spring
|
||||
&& sed -i 's/port="8080"/port="8012"/g' /srv/tomcat/conf/server.xml \
|
||||
&& echo -e '\r\nserver.port=8012' >> /srv/tomcat/webapps/fineract-provider/WEB-INF/classes/application.properties \
|
||||
&& sed -i 's/requires-channel="https" //g' /srv/tomcat/webapps/fineract-provider/WEB-INF/classes/META-INF/spring/securityContext.xml \
|
||||
# Cleanup
|
||||
&& apk del wget \
|
||||
&& rm -rf /tmp/fineractplatform-17.07.01.RELEASE /tmp/mifosx.zip
|
||||
|
||||
EXPOSE 8012
|
||||
|
||||
#USER mifosx
|
||||
CMD ["catalina.sh", "run"]
|
@ -1,2 +1 @@
|
||||
|
||||
UPDATE m_appuser SET username = "${MIFOSX_ADMIN_USER}", password = "${MIFOSX_ADMIN_HASH}", email = "${MIFOSX_ADMIN_EMAIL}" WHERE id = 1;
|
17
mifosx/etc/init.d/mifosx
Executable file
17
mifosx/etc/init.d/mifosx
Executable file
@ -0,0 +1,17 @@
|
||||
#!/sbin/openrc-run
|
||||
|
||||
description="Mifos X docker container"
|
||||
|
||||
depend() {
|
||||
need docker net
|
||||
use dns logger netmount
|
||||
after mariadb
|
||||
}
|
||||
|
||||
start() {
|
||||
/usr/bin/docker run -d --rm --name mifosx -h mifosx --link mariadb -p 127.0.0.1:9012:8012 -v /srv/mifosx/context.xml:/srv/tomcat/webapps/fineract-provider/META-INF/context.xml mifosx
|
||||
}
|
||||
|
||||
stop() {
|
||||
/usr/bin/docker stop mifosx
|
||||
}
|
@ -1,10 +0,0 @@
|
||||
location /mifosx {
|
||||
alias /srv/mifosx/community-app;
|
||||
}
|
||||
|
||||
location /fineract-provider {
|
||||
proxy_set_header X-Forwarded-For $remote_addr;
|
||||
proxy_set_header X-Forwarded-Host $host:$server_port;
|
||||
proxy_set_header X-Forwarded-Proto https;
|
||||
proxy_pass http://127.0.0.1:9080;
|
||||
}
|
14
mifosx/etc/nginx/conf.d/mifosx.conf
Normal file
14
mifosx/etc/nginx/conf.d/mifosx.conf
Normal file
@ -0,0 +1,14 @@
|
||||
server {
|
||||
listen [::]:8012 ipv6only=off;
|
||||
listen [::]:8412 ssl http2 ipv6only=off;
|
||||
|
||||
access_log /var/log/nginx/mifosx.access.log;
|
||||
error_log /var/log/nginx/mifosx.error.log;
|
||||
|
||||
location / {
|
||||
proxy_set_header X-Forwarded-For $remote_addr;
|
||||
proxy_set_header X-Forwarded-Host $host:$server_port;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_pass http://127.0.0.1:9012;
|
||||
}
|
||||
}
|
1
mifosx/schemapwd.sql
Normal file
1
mifosx/schemapwd.sql
Normal file
@ -0,0 +1 @@
|
||||
UPDATE tenants SET timezone_id = "Europe/Prague", schema_server = "mariadb", schema_username = "mifosx", schema_password = "${MIFOSX_PWD}" WHERE identifier = "default";
|
14
mifosx/srv/mifosx/context.xml
Normal file
14
mifosx/srv/mifosx/context.xml
Normal file
@ -0,0 +1,14 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
|
||||
<Context>
|
||||
<Resource type="javax.sql.DataSource" name="jdbc/mifosplatform-tenants"
|
||||
factory="org.apache.tomcat.jdbc.pool.DataSourceFactory"
|
||||
driverClassName="org.drizzle.jdbc.DrizzleDriver"
|
||||
url="jdbc:mysql:thin://mariadb:3306/mifosplatform-tenants"
|
||||
username="mifosx" password="${MIFOSX_PWD}" initialSize="3" maxActive="10"
|
||||
maxIdle="6" minIdle="3" validationQuery="SELECT 1"
|
||||
testOnBorrow="true" testOnReturn="true" testWhileIdle="true"
|
||||
timeBetweenEvictionRunsMillis="30000" minEvictableIdleTimeMillis="60000"
|
||||
logAbandoned="true" suspectTimeout="60"
|
||||
/>
|
||||
</Context>
|
@ -1,35 +0,0 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
|
||||
Licensed to the Apache Software Foundation (ASF) under one
|
||||
or more contributor license agreements. See the NOTICE file
|
||||
distributed with this work for additional information
|
||||
regarding copyright ownership. The ASF licenses this file
|
||||
to you under the Apache License, Version 2.0 (the
|
||||
"License"); you may not use this file except in compliance
|
||||
with the License. You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing,
|
||||
software distributed under the License is distributed on an
|
||||
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
KIND, either express or implied. See the License for the
|
||||
specific language governing permissions and limitations
|
||||
under the License.
|
||||
|
||||
-->
|
||||
|
||||
|
||||
<Context>
|
||||
<Resource type="javax.sql.DataSource" name="jdbc/mifosplatform-tenants"
|
||||
factory="org.apache.tomcat.jdbc.pool.DataSourceFactory"
|
||||
driverClassName="org.drizzle.jdbc.DrizzleDriver"
|
||||
url="jdbc:mysql:thin://localhost:3306/mifosplatform-tenants"
|
||||
username="mifosx" password="${MIFOSX_PWD}" initialSize="3" maxActive="10"
|
||||
maxIdle="6" minIdle="3" validationQuery="SELECT 1"
|
||||
testOnBorrow="true" testOnReturn="true" testWhileIdle="true"
|
||||
timeBetweenEvictionRunsMillis="30000" minEvictableIdleTimeMillis="60000"
|
||||
logAbandoned="true" suspectTimeout="60"
|
||||
/>
|
||||
</Context>
|
@ -1,21 +0,0 @@
|
||||
#
|
||||
# Licensed to the Apache Software Foundation (ASF) under one
|
||||
# or more contributor license agreements. See the NOTICE file
|
||||
# distributed with this work for additional information
|
||||
# regarding copyright ownership. The ASF licenses this file
|
||||
# to you under the Apache License, Version 2.0 (the
|
||||
# "License"); you may not use this file except in compliance
|
||||
# with the License. You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing,
|
||||
# software distributed under the License is distributed on an
|
||||
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
# KIND, either express or implied. See the License for the
|
||||
# specific language governing permissions and limitations
|
||||
# under the License.
|
||||
#
|
||||
|
||||
spring.profiles.default=basicauth
|
||||
server.port=9080
|
@ -1 +0,0 @@
|
||||
UPDATE tenants SET schema_username = "mifosx", schema_password = "${MIFOSX_PWD}" WHERE identifier = "default";
|
Loading…
x
Reference in New Issue
Block a user