diff options
author | Michael Dürre <michael.duerre@highstreet-technologies.com> | 2020-08-31 06:36:53 +0200 |
---|---|---|
committer | Michael Dürre <michael.duerre@highstreet-technologies.com> | 2020-08-31 08:31:42 +0200 |
commit | 4c984ce4f2cc4ef71b21134735b57d80ab09c6b1 (patch) | |
tree | c0370bf10b6dbd27ff9b5421c27be9203414efbd /installation/sdnc-web/src/main | |
parent | eef450e6f6c80c5d39517b0c84b9b5e01b5e65ae (diff) |
update sdnc-web image
cleanup installation and add more proxy fn
Issue-ID: SDNC-1337
Signed-off-by: Michael Dürre <michael.duerre@highstreet-technologies.com>
Change-Id: Id5fcee41dd43d4935b08b821521c6036c321b2e7
Signed-off-by: Michael Dürre <michael.duerre@highstreet-technologies.com>
Former-commit-id: c553802849a383176eca863fc35694426f9d31cb
Diffstat (limited to 'installation/sdnc-web/src/main')
-rw-r--r-- | installation/sdnc-web/src/main/docker/Dockerfile | 26 | ||||
-rw-r--r-- | installation/sdnc-web/src/main/resources/http_site.conf | 63 | ||||
-rw-r--r-- | installation/sdnc-web/src/main/resources/https_site.conf | 100 | ||||
-rw-r--r-- | installation/sdnc-web/src/main/scripts/configure.sh | 74 | ||||
-rw-r--r-- | installation/sdnc-web/src/main/scripts/run.sh | 15 |
5 files changed, 169 insertions, 109 deletions
diff --git a/installation/sdnc-web/src/main/docker/Dockerfile b/installation/sdnc-web/src/main/docker/Dockerfile index 5009a215..e4c594b2 100644 --- a/installation/sdnc-web/src/main/docker/Dockerfile +++ b/installation/sdnc-web/src/main/docker/Dockerfile @@ -27,26 +27,26 @@ MAINTAINER CCSDK Team (onap-ccsdk@lists.onap.org) COPY html /opt/bitnami/nginx/html # copy site conf files -COPY http_site.conf /opt/bitnami/nginx/conf/server_blocks/ -COPY https_site.conf /opt/bitnami/nginx/conf/server_blocks/ +COPY *.conf /opt/bitnami/nginx/conf/server_blocks/ # setup environment variables ENV WEBPROTOCOL="HTTP" \ - WEBPORT="8080" \ - SDNRPROTOCOL="HTTP" \ - SDNRHOST="172.18.0.3" \ - SDNRPORT="8181" \ - SSL_CERT_DIR="/app/cert" \ - SSL_CERTIFICATE="cert.pem" \ - SSL_CERTIFICATE_KEY="cert.key" + WEBPORT="8080" \ + SDNRPROTOCOL="HTTP" \ + SDNRHOST="172.18.0.3" \ + SDNRPORT="8181" \ + TRPCEURL="" \ + TOPOURL="" \ + TILEURL="" \ + SSL_CERT_DIR="/app/cert" \ + SSL_CERTIFICATE="cert.pem" \ + SSL_CERTIFICATE_KEY="cert.key" # Check if /app can be used. If so, create "custom" directory and copy the files there. -COPY bin/configure.sh /opt/bitnami/nginx/sbin -COPY bin/run.sh /opt/bitnami/nginx/sbin +COPY bin/*.sh /opt/bitnami/nginx/sbin/ USER root -RUN chmod +x /opt/bitnami/nginx/sbin/configure.sh -RUN chmod +x /opt/bitnami/nginx/sbin/run.sh +RUN chmod +x /opt/bitnami/nginx/sbin/configure.sh /opt/bitnami/nginx/sbin/run.sh # By default, docker copies files with the permissions of the build user. To avoid cases where build user # has 644 which can result in failure of certain commands RUN chmod -R g+w /opt/bitnami/nginx/html/odlux diff --git a/installation/sdnc-web/src/main/resources/http_site.conf b/installation/sdnc-web/src/main/resources/http_site.conf index 640668a1..70554ef0 100644 --- a/installation/sdnc-web/src/main/resources/http_site.conf +++ b/installation/sdnc-web/src/main/resources/http_site.conf @@ -40,33 +40,48 @@ # Default server configuration # server { - listen WEBPORT default_server ; - listen [::]:WEBPORT default_server; + listen WEBPORT default_server ; + listen [::]:WEBPORT default_server; -# root /var/www; +# root /var/www; - index index.html index.htm index.nginx-debian.html; + index index.html index.htm index.nginx-debian.html; - server_name _; - - location ~ ^/$ { - return 301 /odlux/index.html; - } - location ~ /help/$ { - try_files /help/$args.json $uri; - } - location / { - try_files $uri $uri/ @backend; - } - location /websocket { - proxy_pass SDNRPROTOCOL://SDNRHOST:SDNRPORT/websocket; - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - } - location @backend { - proxy_pass SDNRPROTOCOL://SDNRHOST:SDNRPORT; - } + server_name _; + location ~ ^/$ { + return 301 /odlux/index.html; + } + location ~ ^/help/$ { + try_files /help/$args.json $uri; + } + location ~ ^/transportpce { + if ($request_uri ~* "/transportpce/(.*)") { + proxy_pass TRPCEURL/$1; + } + } + location ~ ^/topology { + if ($request_uri ~* "/topology/(.*)") { + proxy_pass TOPOURL/$1; + } + } + location ~ ^/tiles/ { + resolver 1.1.1.1; + if ($request_uri ~* "/tiles/(.*)") { + proxy_pass TILEURL/$1; + } + } + location / { + try_files $uri $uri/ @backend; + } + location ^/websocket$ { + proxy_pass SDNRPROTOCOL://SDNRHOST:SDNRPORT/websocket; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + } + location @backend { + proxy_pass SDNRPROTOCOL://SDNRHOST:SDNRPORT; + } } diff --git a/installation/sdnc-web/src/main/resources/https_site.conf b/installation/sdnc-web/src/main/resources/https_site.conf index 5dc4cfba..335aef49 100644 --- a/installation/sdnc-web/src/main/resources/https_site.conf +++ b/installation/sdnc-web/src/main/resources/https_site.conf @@ -40,52 +40,70 @@ # Default server configuration # server { - listen WEBPORT ssl default_server ; - listen [::]:WEBPORT ssl default_server; + listen WEBPORT ssl default_server ; + listen [::]:WEBPORT ssl default_server; - # SSL configuration - # - # listen 443 ssl default_server; - # listen [::]:443 ssl default_server; - # - # Note: You should disable gzip for SSL traffic. - # See: https://bugs.debian.org/773332 - # - # Read up on ssl_ciphers to ensure a secure configuration. - # See: https://bugs.debian.org/765782 - # - # Self signed certs generated by the ssl-cert package - # Don't use them in a production server! - # - # include snippets/snakeoil.conf; + # SSL configuration + # + # listen 443 ssl default_server; + # listen [::]:443 ssl default_server; + # + # Note: You should disable gzip for SSL traffic. + # See: https://bugs.debian.org/773332 + # + # Read up on ssl_ciphers to ensure a secure configuration. + # See: https://bugs.debian.org/765782 + # + # Self signed certs generated by the ssl-cert package + # Don't use them in a production server! + # + # include snippets/snakeoil.conf; - ssl_certificate SSL_CERT_DIR/SSL_CERTIFICATE; - ssl_certificate_key SSL_CERT_DIR/SSL_CERTIFICATE_KEY; - -# root /var/www; + ssl_certificate SSL_CERT_DIR/SSL_CERTIFICATE; + ssl_certificate_key SSL_CERT_DIR/SSL_CERTIFICATE_KEY; - index index.html index.htm index.nginx-debian.html; +# root /var/www; - server_name _; + index index.html index.htm index.nginx-debian.html; - location ~ ^/$ { - return 301 /odlux/index.html; - } - location ~ /help/$ { - try_files /help/$args.json $uri; - } - location / { - try_files $uri $uri/ @backend; - } - location /websocket { - proxy_pass SDNRPROTOCOL://SDNRHOST:SDNRPORT/websocket; - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - } - location @backend { - proxy_pass SDNRPROTOCOL://SDNRHOST:SDNRPORT; - } + server_name _; + + location ~ ^/$ { + return 301 /odlux/index.html; + } + location ~ ^/help/$ { + try_files /help/$args.json $uri; + } + location ~ ^/transportpce { + try_files $uri $uri/ @backend-transportpce; + } + location ~ ^/topology { + try_files $uri $uri/ @backend-topology; + } + location ~ ^/tiles { + try_files $uri $uri/ @backend-tiles; + } + location / { + try_files $uri $uri/ @backend; + } + location ^/websocket$ { + proxy_pass SDNRPROTOCOL://SDNRHOST:SDNRPORT/websocket; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + } + location @backend { + proxy_pass SDNRPROTOCOL://SDNRHOST:SDNRPORT; + } + location @backend-transportpce { + proxy_pass TRPCEURL; + } + location @backend-topology { + proxy_pass TOPOURL; + } + location @backend-tiles { + proxy_pass TILEURL; + } } diff --git a/installation/sdnc-web/src/main/scripts/configure.sh b/installation/sdnc-web/src/main/scripts/configure.sh index ca2ea764..2a007672 100644 --- a/installation/sdnc-web/src/main/scripts/configure.sh +++ b/installation/sdnc-web/src/main/scripts/configure.sh @@ -26,37 +26,61 @@ sed -i 's/listen/\#listen/g' /opt/bitnami/nginx/conf/nginx.conf update_index_html() { - # Backup the index.html file - cp /opt/bitnami/nginx/html/odlux/index.html /opt/bitnami/nginx/html/odlux/index.html.backup - sed -z 's/<script>[^<]*<\/script>/<script>\n \/\/ run the application \n require\(\[\"connectApp\",\"faultApp\",\"maintenanceApp\",\"configurationApp\",\"performanceHistoryApp\",\"inventoryApp\",\"eventLogApp\",\"mediatorApp\",\"helpApp\",\"run\"\], function \(connectApp,faultApp,maintenanceApp,configurationApp,performanceHistoryApp,inventoryApp,eventLogApp,mediatorApp,helpApp,run\) \{ \n connectApp.register\(\); \n faultApp.register\(\);\n maintenanceApp.register\(\); \n configurationApp.register\(\);\n performanceHistoryApp.register\(\); \n inventoryApp.register\(\);\n eventLogApp.register\(\);\n mediatorApp.register\(\);\n helpApp.register\(\);\n run.runApplication();\n \}\);\n <\/script>/' -i /opt/bitnami/nginx/html/odlux/index.html + # Backup the index.html file + cp /opt/bitnami/nginx/html/odlux/index.html /opt/bitnami/nginx/html/odlux/index.html.backup + sed -z 's/<script>[^<]*<\/script>/<script>\n \/\/ run the application \n require\(\[\"connectApp\",\"faultApp\",\"maintenanceApp\",\"configurationApp\",\"performanceHistoryApp\",\"inventoryApp\",\"eventLogApp\",\"mediatorApp\",\"networkMapApp\",\"linkCalculationApp\",\"helpApp\",\"run\"\], function \(connectApp,faultApp,maintenanceApp,configurationApp,performanceHistoryApp,inventoryApp,eventLogApp,mediatorApp,networkMapApp,linkCalculationApp,helpApp,run\) \{ \n connectApp.register\(\); \n faultApp.register\(\);\n maintenanceApp.register\(\); \n configurationApp.register\(\);\n performanceHistoryApp.register\(\); \n inventoryApp.register\(\);\n eventLogApp.register\(\);\n mediatorApp.register\(\);\n networkMapApp.register\(\);\n linkCalculationApp.register\(\);\n helpApp.register\(\);\n run.runApplication();\n \}\);\n <\/script>/' -i /opt/bitnami/nginx/html/odlux/index.html } update_nginx_site_conf() { - - if [ "$WEBPROTOCOL" == "HTTPS" ] - then - - sed -i 's|WEBPORT|'$WEBPORT'|g' /opt/bitnami/nginx/conf/server_blocks/https_site.conf - sed -i 's|SSL_CERT_DIR|'$SSL_CERT_DIR'|g' /opt/bitnami/nginx/conf/server_blocks/https_site.conf - sed -i 's|\bSSL_CERTIFICATE\b|'$SSL_CERTIFICATE'|g' /opt/bitnami/nginx/conf/server_blocks/https_site.conf - sed -i 's|\bSSL_CERTIFICATE_KEY\b|'$SSL_CERTIFICATE_KEY'|g' /opt/bitnami/nginx/conf/server_blocks/https_site.conf - sed -i 's|SDNRPROTOCOL|'$SDNRPROTOCOL'|g' /opt/bitnami/nginx/conf/server_blocks/https_site.conf - sed -i 's|SDNRHOST|'$SDNRHOST'|g' /opt/bitnami/nginx/conf/server_blocks/https_site.conf - sed -i 's|SDNRPORT|'$SDNRPORT'|g' /opt/bitnami/nginx/conf/server_blocks/https_site.conf - - #cp /opt/bitnami/nginx/sbin/https_site.conf /opt/bitnami/nginx/conf/server_blocks - rm /opt/bitnami/nginx/conf/server_blocks/http_site.conf - elif [ "$WEBPROTOCOL" == "HTTP" ] - then - sed -i 's|WEBPORT|'$WEBPORT'|g' /opt/bitnami/nginx/conf/server_blocks/http_site.conf - sed -i 's|SDNRPROTOCOL|'$SDNRPROTOCOL'|g' /opt/bitnami/nginx/conf/server_blocks/http_site.conf - sed -i 's|SDNRHOST|'$SDNRHOST'|g' /opt/bitnami/nginx/conf/server_blocks/http_site.conf - sed -i 's|SDNRPORT|'$SDNRPORT'|g' /opt/bitnami/nginx/conf/server_blocks/http_site.conf - #cp /opt/bitnami/nginx/sbin/http_site.conf /opt/bitnami/nginx/conf/server_blocks - rm /opt/bitnami/nginx/conf/server_blocks/https_site.conf + + if [ "$WEBPROTOCOL" == "HTTPS" ] + then + FN=/opt/bitnami/nginx/conf/server_blocks/https_site.conf + rm /opt/bitnami/nginx/conf/server_blocks/http_site.conf + + sed -i 's|SSL_CERT_DIR|'$SSL_CERT_DIR'|g' $FN + sed -i 's|\bSSL_CERTIFICATE\b|'$SSL_CERTIFICATE'|g' $FN + sed -i 's|\bSSL_CERTIFICATE_KEY\b|'$SSL_CERTIFICATE_KEY'|g' $FN + + elif [ "$WEBPROTOCOL" == "HTTP" ] + then + FN=/opt/bitnami/nginx/conf/server_blocks/http_site.conf + rm /opt/bitnami/nginx/conf/server_blocks/https_site.conf fi + if [ -z "$FN" ]; then + echo "unknown env WEBPROTOCOL: $WEBPROTOCOL" + exit 1 + fi + + # replace needed parameters + sed -i 's|WEBPORT|'$WEBPORT'|g' $FN + sed -i 's|SDNRPROTOCOL|'$SDNRPROTOCOL'|g' $FN + sed -i 's|SDNRHOST|'$SDNRHOST'|g' $FN + sed -i 's|SDNRPORT|'$SDNRPORT'|g' $FN + + # handle optional parameters + if [ -z "$TRPCEURL" ]; then + echo "transportPCE forwarding disabled" + sed -i 's|proxy_pass TRPCEURL/$1;|return 404;|g' $FN + + else + sed -i 's|TRPCEURL|'$TRPCEURL'|g' $FN + fi + if [ -z "$TOPOURL" ]; then + echo "topology api forwarding disabled" + sed -i 's|proxy_pass TOPOURL/$1;|return 404;|g' $FN + else + sed -i 's|TOPOURL|'$TOPOURL'|g' $FN + fi + if [ -z "$TILEURL" ]; then + echo "tile server forwarding disabled" + sed -i 's|proxy_pass TILEURL/$1;|return 404;|g' $FN + else + sed -i 's|TILEURL|'$TILEURL'|g' $FN + fi + } update_index_html diff --git a/installation/sdnc-web/src/main/scripts/run.sh b/installation/sdnc-web/src/main/scripts/run.sh index 604ebdee..9d912a65 100644 --- a/installation/sdnc-web/src/main/scripts/run.sh +++ b/installation/sdnc-web/src/main/scripts/run.sh @@ -25,12 +25,15 @@ echo "starting sdnc-web" echo "=================" -echo " WEBPROTOCOL: $WEBPROTOCOL" -echo " WEBPORT: $WEBPORT" -echo " SDNRPROTOCOL: $SDNRPROTOCOL" -echo " SDNRHOST: $SDNRHOST" -echo " SDNRPORT: $SDNRPORT" -echo " SSL_CERT_DIR: $SSL_CERT_DIR" +echo " WEBPROTOCOL : $WEBPROTOCOL" +echo " WEBPORT : $WEBPORT" +echo " SDNRPROTOCOL : $SDNRPROTOCOL" +echo " SDNRHOST : $SDNRHOST" +echo " SDNRPORT : $SDNRPORT" +echo " TRPCEURL : $TRPCEURL" +echo " TOPOURL : $TOPOURL" +echo " TILEURL : $TILEURL" +echo " SSL_CERT_DIR : $SSL_CERT_DIR" echo -n " SSL_CERTIFICATE: $SSL_CERTIFICATE" if [ -f "$SSL_CERTIFICATE" ]; then echo " (exists)" |