diff options
author | Rotundo, Alfred (ar3165) <ar3165@att.com> | 2018-11-20 19:31:46 +0000 |
---|---|---|
committer | Timoney, Dan (dt5972) <dtimoney@att.com> | 2019-04-09 15:34:18 -0400 |
commit | 67710454be20dbff2330dde919f837d850ed50ed (patch) | |
tree | 141d3dc44929f7b6d4d06e64b9f9f68b9f719693 | |
parent | f3c9e00fd74a3db4a5e4b9cfeaf6cc88bbe45e55 (diff) |
Add new HTTPS listener on port 8443
Changes made:
expose port 8443 from container
added new listener to listen on that port
added cert when starting up
Change-Id: I5106192d55d51fd340f28b9eace0c5ea83afcd99
Issue-ID: SDNC-528
Signed-off-by: Rotundo, Alfred (ar3165) <ar3165@att.com>
Former-commit-id: 77710f34952c5ac8d6f8250d90b03b43de1a4a5b
-rw-r--r-- | admportal/config/admportal.json | 6 | ||||
-rwxr-xr-x | admportal/shell/www | 44 | ||||
-rw-r--r-- | installation/admportal/pom.xml | 21 | ||||
-rw-r--r-- | installation/admportal/src/main/docker/Dockerfile | 2 | ||||
-rwxr-xr-x | installation/src/main/properties/admportal.json | 4 | ||||
-rw-r--r-- | installation/src/main/yaml/docker-compose.yml | 2 |
6 files changed, 64 insertions, 15 deletions
diff --git a/admportal/config/admportal.json b/admportal/config/admportal.json index 830b7629..38fd043b 100644 --- a/admportal/config/admportal.json +++ b/admportal/config/admportal.json @@ -25,7 +25,7 @@ "docker0": "172.17.0.1", "virbr0": "192.168.122.1" }, - "svclogicPropertiesDb01": "/opt/openecomp/sdnc/data/properties/svclogic.properties.sdnctldb01", + "svclogicPropertiesDb01": "/opt/onap/sdnc/data/properties/svclogic.properties.sdnctldb01", "databases": [ "dbhost|sdnctldb01" ], @@ -45,8 +45,8 @@ "odlConexusPort": "8181", "odlUser": "admin", "odlPasswd": "admin", - "ConexusNetwork_sslCert": "", - "ConexusNetwork_sslKey": "", + "ConexusNetwork_sslCert": "/opt/onap/sdnc/data/stores/org.onap.sdnc.p12", + "ConexusNetwork_sslKey": "?w5&!M;8v1XF;:Xd;g*%S$IY", "AppNetwork_sslCert": "", "AppNetwork_sslKey": "", "hostnameList": [ diff --git a/admportal/shell/www b/admportal/shell/www index 29710dbb..5c639e8f 100755 --- a/admportal/shell/www +++ b/admportal/shell/www @@ -1,14 +1,42 @@ #!/usr/bin/env node var debug = require('debug')('admportal'); var app = require('../server/app'); +var constants = require('constants'); var properties = require(process.env.SDNC_CONFIG_DIR + '/admportal.json'); -var out_file = "/opt/openecomp/sdnc/admportal/logs/http_admportal.log"; -var error_file = "/opt/openecomp/sdnc/admportal/logs/error_http_admportal.log"; -var cwd = "/opt/openecomp/sdnc/admportal"; +var out_file = "/opt/onap/sdnc/admportal/logs/http_admportal.log"; +var error_file = "/opt/onap/sdnc/admportal/logs/error_http_admportal.log"; +var cwd = "/opt/onap/sdnc/admportal"; -app.set('port', properties.nonSslPort || 8181 ); +var fs = require('fs.extra'); +var https = require('https'); +var http_port = properties.nonSslPort; +var https_port = properties.ConexusNetworkPort; +var cert_pswd = process.env.CERT_PSWD; -var server = app.listen(app.get('port'), function() { - console.log('Express server listening on port ' + server.address().port); - debug('Express server listening on port ' + server.address().port); -}); +if (typeof http_port != 'undefined' && http_port.length > 0) +{ + app.set('port', http_port ); + var server = app.listen(app.get('port'), function() + { + console.log('Express server listening on port ' + server.address().port); + debug('Express server listening on port ' + server.address().port); + }); +} + +if (typeof https_port != 'undefined' && https_port.length > 0) +{ + var sslOptions = { + pfx: fs.readFileSync(properties.ConexusNetwork_sslCert), + passphrase: properties.ConexusNetwork_sslKey, + secureOptions: constants.SSL_OP_NO_TLSv1|constants.SSL_OP_NO_SSLv2|constants.SSL_OP_NO_SSLv3, + ciphers: [ "AES128-GCM-SHA256","!RC4","HIGH","!MD5","!aNULL","!EDH","!3DES" ].join(':'), + honorCipherOrder: true, + requestCert: true, + rejectUnauthorized: false + }; + app.set('port', https_port); + var secureServer = https.createServer(sslOptions,app).listen(app.get('port'), function(){ + console.log('Express server (https) listening on port ' + secureServer.address().port); + debug('Express server (https) listening on port ' + secureServer.address().port); + }); +} diff --git a/installation/admportal/pom.xml b/installation/admportal/pom.xml index a7b49678..180cb92d 100644 --- a/installation/admportal/pom.xml +++ b/installation/admportal/pom.xml @@ -69,7 +69,7 @@ <executions> <execution> <id>generate-images</id> - <phase>generate-sources</phase> + <phase>process-sources</phase> <goals> <goal>build</goal> </goals> @@ -129,6 +129,25 @@ </resources> </configuration> </execution> + <execution> + <id>copy-keystores</id> + <goals> + <goal>copy-resources</goal> + </goals><!-- here the phase you need --> + <phase>validate</phase> + <configuration> + <outputDirectory>${basedir}/target/docker-stage/opt/onap/sdnc/data/stores</outputDirectory> + <resources> + <resource> + <directory>../src/main/stores</directory> + <includes> + <include>*.p12</include> + </includes> + <filtering>false</filtering> + </resource> + </resources> + </configuration> + </execution> </executions> </plugin> <plugin> diff --git a/installation/admportal/src/main/docker/Dockerfile b/installation/admportal/src/main/docker/Dockerfile index abaa056f..21cd7a30 100644 --- a/installation/admportal/src/main/docker/Dockerfile +++ b/installation/admportal/src/main/docker/Dockerfile @@ -9,4 +9,4 @@ MAINTAINER SDN-C Team (sdnc@lists.openecomp.org) COPY opt /opt #ENTRYPOINT exec /opt/openecomp/sdnc/admportal/shell/startssl.sh -EXPOSE 8843 +EXPOSE 8843 8443 diff --git a/installation/src/main/properties/admportal.json b/installation/src/main/properties/admportal.json index 8d567d0c..38fd043b 100755 --- a/installation/src/main/properties/admportal.json +++ b/installation/src/main/properties/admportal.json @@ -45,8 +45,8 @@ "odlConexusPort": "8181", "odlUser": "admin", "odlPasswd": "admin", - "ConexusNetwork_sslCert": "", - "ConexusNetwork_sslKey": "", + "ConexusNetwork_sslCert": "/opt/onap/sdnc/data/stores/org.onap.sdnc.p12", + "ConexusNetwork_sslKey": "?w5&!M;8v1XF;:Xd;g*%S$IY", "AppNetwork_sslCert": "", "AppNetwork_sslKey": "", "hostnameList": [ diff --git a/installation/src/main/yaml/docker-compose.yml b/installation/src/main/yaml/docker-compose.yml index 12ca37bb..4e0de9b9 100644 --- a/installation/src/main/yaml/docker-compose.yml +++ b/installation/src/main/yaml/docker-compose.yml @@ -81,6 +81,7 @@ services: - "cd /opt/onap/sdnc/admportal/shell && ./start_portal.sh" ports: - "8843:8843" + - "8443:8443" links: - db:dbhost - db:sdnctldb01 @@ -89,6 +90,7 @@ services: environment: - MYSQL_ROOT_PASSWORD=openECOMP1.0 - SDNC_CONFIG_DIR=/opt/onap/sdnc/data/properties + - CERT_PSWD=onap3.0 logging: driver: "json-file" options: |