Alpinize + Dockerize Mifos X

This commit is contained in:
Disassembler 2018-01-19 20:32:16 +01:00
parent 8ad7513007
commit 44cf422960
No known key found for this signature in database
GPG Key ID: 524BD33A0EE29499
12 changed files with 116 additions and 105 deletions

View File

@ -1,55 +1,42 @@
#!/bin/bash
#!/bin/sh
SOURCE_DIR=$(realpath $(dirname "${0}"))/mifosx
# Download Mifos X
mkdir -p /srv/mifosx/fineract-provider
wget https://sourceforge.net/projects/mifos/files/latest/download -O /tmp/mifosx.zip
unzip /tmp/mifosx.zip -d /tmp
unzip /tmp/fineractplatform-17.07.01.RELEASE/fineract-provider.war -d /srv/mifosx/fineract-provider
mv /tmp/fineractplatform-17.07.01.RELEASE/apps/community-app /srv/mifosx/community-app
rm -f /tmp/mifosx.zip
# Download Java library dependencies
wget http://central.maven.org/maven2/org/drizzle/jdbc/drizzle-jdbc/1.3/drizzle-jdbc-1.3.jar -O /var/lib/tomcat8/lib/drizzle-jdbc-1.3.jar
# Build Docker container
docker build -t mifosx ${SOURCE_DIR}
# Create databases
export MIFOSX_PWD=$(head -c 18 /dev/urandom | base64)
envsubst <${SOURCE_DIR}/tmp/mifosx-createdb.sql >/tmp/mifosx-createdb.sql
mysql </tmp/mifosx-createdb.sql
rm -f /tmp/mifosx-createdb.sql
envsubst <${SOURCE_DIR}/createdb.sql | docker exec -i mariadb mysql
# Populate database
mysql mifosplatform-tenants </tmp/fineractplatform-17.07.01.RELEASE/database/mifospltaform-tenants-first-time-install.sql
envsubst <${SOURCE_DIR}/tmp/mifosx-schemapwd.sql >/tmp/mifosx-schemapwd.sql
mysql mifosplatform-tenants </tmp/mifosx-schemapwd.sql
rm -f /tmp/mifosx-schemapwd.sql
docker run --rm -h mifosx mifosx cat /tmp/mifospltaform-tenants-first-time-install.sql | docker exec -i mariadb mysql mifosplatform-tenants
envsubst <${SOURCE_DIR}/schemapwd.sql | docker exec -i mariadb mysql mifosplatform-tenants
# Configure Mifos X
mkdir /srv/mifosx
envsubst <${SOURCE_DIR}/srv/mifosx/context.xml >/srv/mifosx/context.xml
# Create Mifos X service
cp ${SOURCE_DIR}/etc/init.d/mifosx /etc/init.d/mifosx
rc-update add mifosx boot
service mifosx start
# Update admin account
echo `date` '- Waiting for `mifostenant-default` database to be populated. This should take about a minute.'
until docker logs mifosx 2>&1 | grep -q 'Migrating schema `mifostenant-default` to version 5000'; do
sleep 1
done
export MIFOSX_ADMIN_USER=admin
export MIFOSX_ADMIN_EMAIL=admin@example.com
export MIFOSX_ADMIN_PWD=$(head -c 12 /dev/urandom | base64 | tr -d "+")
export MIFOSX_ADMIN_HASH=$(echo -n "${MIFOSX_ADMIN_PWD}{1}" | sha256sum | awk '{print $1}')
envsubst <${SOURCE_DIR}/tmp/mifosx-adminpwd.sql >>/srv/mifosx/fineract-provider/WEB-INF/classes/sql/migrations/core_db/V3__mifosx-permissions-and-authorisation-utf8.sql
envsubst <${SOURCE_DIR}/adminpwd.sql | docker exec -i mariadb mysql mifostenant-default
# Configure Mifos X
envsubst <${SOURCE_DIR}/srv/mifosx/fineract-provider/META-INF/context.xml >/srv/mifosx/fineract-provider/META-INF/context.xml
cp ${SOURCE_DIR}/srv/mifosx/fineract-provider/WEB-INF/classes/application.properties /srv/mifosx/fineract-provider/WEB-INF/classes/application.properties
sed -i 's/requires-channel="https" //g' /srv/mifosx/fineract-provider/WEB-INF/classes/META-INF/spring/securityContext.xml
chown -R tomcat8:tomcat8 /srv/mifosx/fineract-provider
ln -s /srv/mifosx/fineract-provider /var/lib/tomcat8/webapps/fineract-provider
# Create nginx site definition
cp ${SOURCE_DIR}/etc/nginx/apps-available/mifosx /etc/nginx/apps-available/mifosx
ln -s /etc/nginx/apps-available/mifosx /etc/nginx/apps-enabled/mifosx
# Restart services
systemctl restart tomcat8
systemctl restart nginx
# Cleanup
rm -rf /tmp/fineractplatform-17.07.01.RELEASE
# Create nginx app definition
cp ${SOURCE_DIR}/etc/nginx/conf.d/mifosx.conf /etc/nginx/conf.d/mifosx.conf
service nginx reload
# Add portal application definition
portal-app-manager mifosx "/mifosx/" "${MIFOSX_ADMIN_USER}" "${MIFOSX_ADMIN_PWD}"
portal-app-manager mifosx "https://{host}:8412/community-app/" "${MIFOSX_ADMIN_USER}" "${MIFOSX_ADMIN_PWD}"
portal-app-manager mifosx-mobile

46
mifosx/Dockerfile Normal file
View File

@ -0,0 +1,46 @@
FROM alpine:3.7
MAINTAINER Disassembler <disassembler@dasm.cz>
RUN \
# Install Java 1.8 JRE
apk --no-cache add openjdk8-jre-base paxctl \
# Fix grsec attributes to loosen memory protection restrictions
&& paxctl -cm /usr/lib/jvm/java-1.8-openjdk/jre/bin/java \
&& paxctl -cm /usr/lib/jvm/java-1.8-openjdk/bin/java \
# Cleanup
&& apk del paxctl
RUN \
# Install Tomcat 8
wget http://mirror.dkm.cz/apache/tomcat/tomcat-8/v8.0.48/bin/apache-tomcat-8.0.48.tar.gz -O /tmp/apache-tomcat-8.tgz \
&& tar xf /tmp/apache-tomcat-8.tgz -C /srv \
&& mv /srv/apache-tomcat-8.0.48 /srv/tomcat \
&& rm -f /tmp/apache-tomcat-8.tgz \
&& rm -rf /srv/tomcat/webapps/ROOT /srv/tomcat/webapps/docs /srv/tomcat/webapps/examples /srv/tomcat/webapps/host-manager /srv/tomcat/webapps/manager \
# Make catalina.sh available globally
&& ln -s /srv/tomcat/bin/catalina.sh /usr/bin/catalina.sh
RUN \
# Install full-featured wget to work around sourceforge bugs
apk --no-cache add wget \
# Download Mifos X
&& wget https://sourceforge.net/projects/mifos/files/latest/download -O /tmp/mifosx.zip \
&& mkdir /srv/tomcat/webapps/fineract-provider \
&& unzip /tmp/mifosx.zip -d /tmp \
&& unzip /tmp/fineractplatform-17.07.01.RELEASE/fineract-provider.war -d /srv/tomcat/webapps/fineract-provider \
&& mv /tmp/fineractplatform-17.07.01.RELEASE/apps/community-app /srv/tomcat/webapps/community-app \
&& mv /tmp/fineractplatform-17.07.01.RELEASE/database/mifospltaform-tenants-first-time-install.sql /tmp/mifospltaform-tenants-first-time-install.sql \
# Download Java library dependencies
&& wget http://central.maven.org/maven2/org/drizzle/jdbc/drizzle-jdbc/1.3/drizzle-jdbc-1.3.jar -O /srv/tomcat/lib/drizzle-jdbc-1.3.jar \
# Configure Tomcat port + Spring
&& sed -i 's/port="8080"/port="8012"/g' /srv/tomcat/conf/server.xml \
&& echo -e '\r\nserver.port=8012' >> /srv/tomcat/webapps/fineract-provider/WEB-INF/classes/application.properties \
&& sed -i 's/requires-channel="https" //g' /srv/tomcat/webapps/fineract-provider/WEB-INF/classes/META-INF/spring/securityContext.xml \
# Cleanup
&& apk del wget \
&& rm -rf /tmp/fineractplatform-17.07.01.RELEASE /tmp/mifosx.zip
EXPOSE 8012
#USER mifosx
CMD ["catalina.sh", "run"]

View File

@ -1,2 +1 @@
UPDATE m_appuser SET username = "${MIFOSX_ADMIN_USER}", password = "${MIFOSX_ADMIN_HASH}", email = "${MIFOSX_ADMIN_EMAIL}" WHERE id = 1;

17
mifosx/etc/init.d/mifosx Executable file
View File

@ -0,0 +1,17 @@
#!/sbin/openrc-run
description="Mifos X docker container"
depend() {
need docker net
use dns logger netmount
after mariadb
}
start() {
/usr/bin/docker run -d --rm --name mifosx -h mifosx --link mariadb -p 127.0.0.1:9012:8012 -v /srv/mifosx/context.xml:/srv/tomcat/webapps/fineract-provider/META-INF/context.xml mifosx
}
stop() {
/usr/bin/docker stop mifosx
}

View File

@ -1,10 +0,0 @@
location /mifosx {
alias /srv/mifosx/community-app;
}
location /fineract-provider {
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Host $host:$server_port;
proxy_set_header X-Forwarded-Proto https;
proxy_pass http://127.0.0.1:9080;
}

View File

@ -0,0 +1,14 @@
server {
listen [::]:8012 ipv6only=off;
listen [::]:8412 ssl http2 ipv6only=off;
access_log /var/log/nginx/mifosx.access.log;
error_log /var/log/nginx/mifosx.error.log;
location / {
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Host $host:$server_port;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://127.0.0.1:9012;
}
}

1
mifosx/schemapwd.sql Normal file
View File

@ -0,0 +1 @@
UPDATE tenants SET timezone_id = "Europe/Prague", schema_server = "mariadb", schema_username = "mifosx", schema_password = "${MIFOSX_PWD}" WHERE identifier = "default";

View File

@ -0,0 +1,14 @@
<?xml version="1.0" encoding="UTF-8"?>
<Context>
<Resource type="javax.sql.DataSource" name="jdbc/mifosplatform-tenants"
factory="org.apache.tomcat.jdbc.pool.DataSourceFactory"
driverClassName="org.drizzle.jdbc.DrizzleDriver"
url="jdbc:mysql:thin://mariadb:3306/mifosplatform-tenants"
username="mifosx" password="${MIFOSX_PWD}" initialSize="3" maxActive="10"
maxIdle="6" minIdle="3" validationQuery="SELECT 1"
testOnBorrow="true" testOnReturn="true" testWhileIdle="true"
timeBetweenEvictionRunsMillis="30000" minEvictableIdleTimeMillis="60000"
logAbandoned="true" suspectTimeout="60"
/>
</Context>

View File

@ -1,35 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<Context>
<Resource type="javax.sql.DataSource" name="jdbc/mifosplatform-tenants"
factory="org.apache.tomcat.jdbc.pool.DataSourceFactory"
driverClassName="org.drizzle.jdbc.DrizzleDriver"
url="jdbc:mysql:thin://localhost:3306/mifosplatform-tenants"
username="mifosx" password="${MIFOSX_PWD}" initialSize="3" maxActive="10"
maxIdle="6" minIdle="3" validationQuery="SELECT 1"
testOnBorrow="true" testOnReturn="true" testWhileIdle="true"
timeBetweenEvictionRunsMillis="30000" minEvictableIdleTimeMillis="60000"
logAbandoned="true" suspectTimeout="60"
/>
</Context>

View File

@ -1,21 +0,0 @@
#
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
#
spring.profiles.default=basicauth
server.port=9080

View File

@ -1 +0,0 @@
UPDATE tenants SET schema_username = "mifosx", schema_password = "${MIFOSX_PWD}" WHERE identifier = "default";