├── .gitignore ├── README.md ├── docker-compose.yml ├── env ├── back.env ├── conversion.env ├── db.env ├── es.env ├── front-ssl.json ├── front.json ├── kafka.env └── kibana.env ├── proxy ├── nginx.conf └── ssl │ ├── cert.crt │ ├── cert.key │ ├── rootCA.key │ ├── rootCA.pem │ └── rootCA.srl └── start.sh /.gitignore: -------------------------------------------------------------------------------- 1 | data/ 2 | keystore 3 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # DocDokuPLM Docker 2 | 3 | Easy setup for DocDokuPLM with docker-compose. 4 | 5 | ## Prerequisites 6 | 7 | * [Docker](https://docs.docker.com/get-docker/) 8 | * [Docker Compose](https://docs.docker.com/compose/install/) 9 | * Keytool (From any JRE, see https://openjdk.java.net/) 10 | * [Set vm.max_map_count to at least 262144](https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html#_set_vm_max_map_count_to_at_least_262144) 11 | 12 | ## Start DocDokuPLM: 13 | 14 | Clone or [download](https://github.com/docdoku/docdoku-plm-docker/archive/master.zip) this repository. 15 | 16 | ``` 17 | $ git clone https://github.com/docdoku/docdoku-plm-docker.git 18 | $ cd docdoku-plm-docker 19 | ``` 20 | 21 | Open a terminal and run 22 | 23 | ``` 24 | $ ./start.sh 25 | ``` 26 | 27 | You can now verify that all containers are up 28 | 29 | ``` 30 | $ docker-compose ps 31 | ``` 32 | 33 | Then you can access to http://localhost:8000 from your web browser 34 | 35 | ## Default port mapping 36 | 37 | ``` 38 | -------------------------- 39 | Port Service 40 | -------------------------- 41 | 8000 docdoku-plm-front 42 | 8001 docdoku-plm-server 43 | 8002 kibana 44 | 8003 mailhog 45 | 8004 adminer 46 | -------------------------- 47 | ``` 48 | 49 | ## SSL support (optional) 50 | 51 | You can get HTTPS on your localhost working out of the box. 52 | 53 | Create a new entry in /etc/hosts. Note: after editing this file you might have to restart your networking service depending on your OS. 54 | 55 | ``` 56 | 127.0.0.1 docdokuplm.local 57 | ``` 58 | 59 | Import the [rootCA](./proxy/ssl/rootCA.pem) sslcertificate to your browser trusted authorities. 60 | 61 | Make sure to edit the `docker-compose.yml` to use `front-ssl.json` instead of `front.json` and edit `env/back.env` to set `DOCDOKU_PLM_CODEBASE` to `https://docdokuplm.local:9000`, then recreate the `back` and `front` service if they are already running. 62 | 63 | ``` 64 | $ docker-compose up --force-recreate --no-deps front 65 | $ docker-compose up --force-recreate --no-deps back 66 | ``` 67 | 68 | Then you can access to https://docdokuplm.local:9000 from your web browser 69 | 70 | ## Cleaning every containers/volumes 71 | 72 | In case you want to start a new fresh install run this following commands. 73 | 74 | Note: this will delete all data stored (database, files, volumes) and containers. Make sure to backup everything first. 75 | 76 | ``` 77 | $ docker-compose rm --stop --force -v 78 | $ rm -rf ./data 79 | $ rm ./keystore 80 | $ docker volume rm docdoku-plm-server-volume 81 | $ ./start.sh 82 | ``` 83 | 84 | ## Running in production 85 | 86 | Make sure to edit all passwords in env files before you start the script. Please also consider using a firewall and remove any unnecessary port mapping from docker-compose.yml. 87 | -------------------------------------------------------------------------------- /docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3.7' 2 | 3 | networks: 4 | network: 5 | driver: bridge 6 | 7 | volumes: 8 | db-volume: 9 | es-volume: 10 | conversion-volume: 11 | docdoku-plm-server-volume: 12 | external: true 13 | 14 | services: 15 | 16 | front: 17 | image: docdoku/docdoku-plm-front:2.6.2 18 | networks: 19 | - network 20 | ports: 21 | - 8000:80 22 | volumes: 23 | - ./env/front.json:/usr/share/nginx/html/webapp.properties.json 24 | 25 | back: 26 | image: docdoku/docdoku-plm-server:2.6.2 27 | env_file: ./env/back.env 28 | volumes: 29 | - ./keystore:/opt/payara41/keystore 30 | - docdoku-plm-server-volume:/var/lib/docdoku/vault 31 | - conversion-volume:/var/lib/docdoku/conversions 32 | depends_on: 33 | - db 34 | - es 35 | - smtp 36 | networks: 37 | - network 38 | ports: 39 | - 8001:8080 40 | 41 | conversion: 42 | image: docdoku/docdoku-plm-conversion-service:2.6.2 43 | env_file: ./env/conversion.env 44 | networks: 45 | - network 46 | volumes: 47 | - docdoku-plm-server-volume:/data/vault 48 | - conversion-volume:/data/conversions 49 | depends_on: 50 | - kafka 51 | - back 52 | 53 | es: 54 | image: docker.elastic.co/elasticsearch/elasticsearch:6.6.1 55 | env_file: ./env/es.env 56 | ulimits: 57 | memlock: 58 | soft: -1 59 | hard: -1 60 | networks: 61 | - network 62 | volumes: 63 | - es-volume:/usr/share/elasticsearch/data 64 | 65 | kibana: 66 | image: docker.elastic.co/kibana/kibana:6.6.1 67 | env_file: ./env/kibana.env 68 | networks: 69 | - network 70 | depends_on: 71 | - es 72 | ports: 73 | - 8002:5601 74 | 75 | db: 76 | image: postgres:13.1-alpine 77 | env_file: ./env/db.env 78 | volumes: 79 | - db-volume:/var/lib/mysql 80 | networks: 81 | - network 82 | 83 | smtp: 84 | image: mailhog/mailhog:v1.0.1 85 | networks: 86 | - network 87 | ports: 88 | - 1025:1025 89 | - 8003:8025 90 | 91 | adminer: 92 | image: adminer:4.7.1-standalone 93 | networks: 94 | - network 95 | ports: 96 | - 8004:8080 97 | depends_on: 98 | - db 99 | 100 | zookeeper: 101 | image: wurstmeister/zookeeper:3.4.6 102 | networks: 103 | - network 104 | 105 | kafka: 106 | image: wurstmeister/kafka:2.13-2.7.0 107 | env_file: ./env/kafka.env 108 | networks: 109 | - network 110 | depends_on: 111 | - zookeeper 112 | 113 | ssl-proxy: 114 | image: nginx:1.19.1-alpine 115 | volumes: 116 | - ./proxy/ssl:/etc/nginx/ssl 117 | - ./proxy/nginx.conf:/etc/nginx/conf.d/default.conf 118 | ports: 119 | - 9000:443 120 | networks: 121 | - network 122 | depends_on: 123 | - front 124 | - back 125 | -------------------------------------------------------------------------------- /env/back.env: -------------------------------------------------------------------------------- 1 | # The application base url (front end URI) 2 | DOCDOKU_PLM_CODEBASE=http://localhost:8000 3 | 4 | # Database server name (change for production) 5 | DATABASE_SERVER_NAME=db 6 | 7 | # Database name (change for production) 8 | DATABASE_NAME=docdokuplm 9 | 10 | # Database user (change for production) 11 | DATABASE_USER=changeit 12 | 13 | # Database password (change for production) 14 | DATABASE_PWD=changeit 15 | 16 | # ElasticSearch URL (change for production) 17 | ES_SERVER_URI=http://es:9200 18 | 19 | # ElasticSearch index prefix (data isolation, change for production) 20 | ES_PREFIX=changeit 21 | 22 | # ElasticSearch user (change for production) 23 | ES_SERVER_USERNAME= 24 | 25 | # ElasticSearch password (change for production) 26 | ES_SERVER_PWD= 27 | 28 | # ElasticSearch aws settings 29 | ES_SERVER_AWS_SERVICE= 30 | ES_SERVER_AWS_REGION= 31 | ES_SERVER_AWS_KEY= 32 | ES_SERVER_AWS_SECRET= 33 | 34 | # Smtp settings 35 | SMTP_HOST=smtp 36 | SMTP_PORT=1025 37 | SMTP_USER=DocDokuPLM 38 | SMTP_FROM_ADDR=noreply@localhost 39 | 40 | # Enable JWT 41 | JWT_ENABLED=true 42 | 43 | # JWT KEY (change for production) 44 | JWT_KEY=changeit 45 | 46 | # Legacy auth modes 47 | SESSION_ENABLED=false 48 | BASIC_AUTH_ENABLED=false 49 | 50 | # Keystore settings (change for production, ) 51 | KEYSTORE_KEY_ALIAS=mykeyalias 52 | KEYSTORE_PASS=changeit 53 | KEYSTORE_KEY_PASS=changeit 54 | KEYSTORE_TYPE=PKCS12 55 | 56 | # Heap size to use 57 | HEAP_SIZE=2g 58 | 59 | # Debug settings 60 | DEBUG=false 61 | -------------------------------------------------------------------------------- /env/conversion.env: -------------------------------------------------------------------------------- 1 | # Callback API 2 | # ENDPOINT=http://back:8080/docdoku-plm-server-rest/api -------------------------------------------------------------------------------- /env/db.env: -------------------------------------------------------------------------------- 1 | POSTGRES_DB=docdokuplm 2 | POSTGRES_USER=changeit 3 | POSTGRES_PASSWORD=changeit -------------------------------------------------------------------------------- /env/es.env: -------------------------------------------------------------------------------- 1 | cluster.name=changeit 2 | bootstrap.memory_lock=true 3 | discovery.type=single-node 4 | ES_JAVA_OPTS=-Xms512m -Xmx512m -------------------------------------------------------------------------------- /env/front-ssl.json: -------------------------------------------------------------------------------- 1 | { 2 | "server": { 3 | "ssl": true, 4 | "domain": "docdokuplm.local", 5 | "port": 9000, 6 | "contextPath": "/docdoku-plm-server-rest", 7 | "wsDomain": "docdokuplm.local" 8 | }, 9 | "contextPath": "/", 10 | "preferLoginWith": false 11 | } -------------------------------------------------------------------------------- /env/front.json: -------------------------------------------------------------------------------- 1 | { 2 | "server": { 3 | "ssl": false, 4 | "domain": "localhost", 5 | "port": 8001, 6 | "contextPath": "/docdoku-plm-server-rest", 7 | "wsDomain": "localhost" 8 | }, 9 | "contextPath": "/", 10 | "preferLoginWith": false 11 | } -------------------------------------------------------------------------------- /env/kafka.env: -------------------------------------------------------------------------------- 1 | KAFKA_BROKER_ID=1 2 | KAFKA_ADVERTISED_HOST_NAME=kafka 3 | KAFKA_ZOOKEEPER_CONNECT=zookeeper:2181 4 | KAFKA_CREATE_TOPICS=CONVERT:1:1 5 | LOG_RETENTION_HOURS=1 6 | -------------------------------------------------------------------------------- /env/kibana.env: -------------------------------------------------------------------------------- 1 | SERVER_NAME=kibana 2 | ELASTICSEARCH_URL=http://es:9200 -------------------------------------------------------------------------------- /proxy/nginx.conf: -------------------------------------------------------------------------------- 1 | server { 2 | listen 443 ssl; 3 | ssl_certificate /etc/nginx/ssl/cert.crt; 4 | ssl_certificate_key /etc/nginx/ssl/cert.key; 5 | 6 | server_name docdokuplm.local; 7 | client_max_body_size 1024M; 8 | 9 | location / { 10 | add_header Last-Modified $date_gmt; 11 | add_header Cache-Control 'private no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0'; 12 | if_modified_since off; 13 | expires off; 14 | etag off; 15 | proxy_pass http://front; 16 | } 17 | 18 | location /docdoku-plm-server-rest/api { 19 | proxy_pass http://back:8080; 20 | } 21 | 22 | location /docdoku-plm-server-rest/ws { 23 | proxy_pass http://back:8080/docdoku-plm-server-rest/ws; 24 | proxy_http_version 1.1; 25 | proxy_set_header Upgrade $http_upgrade; 26 | proxy_set_header Connection "upgrade"; 27 | proxy_read_timeout 7200s; 28 | } 29 | } -------------------------------------------------------------------------------- /proxy/ssl/cert.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIEHTCCAwWgAwIBAgIUVZsWWEjQnhzgN01/XM9CA77VYjIwDQYJKoZIhvcNAQEL 3 | BQAwfDELMAkGA1UEBhMCR0IxDzANBgNVBAgMBkxvbmRvbjEPMA0GA1UEBwwGTG9u 4 | ZG9uMRgwFgYDVQQKDA9HbG9iYWwgU2VjdXJpdHkxFjAUBgNVBAsMDUlUIERlcGFy 5 | dG1lbnQxGTAXBgNVBAMMEGRvY2Rva3VwbG0ubG9jYWwwIBcNMjAwODExMTIyOTA1 6 | WhgPMzAxOTEyMTMxMjI5MDVaMIG4MQswCQYDVQQGEwJVUzEUMBIGA1UECAwLUmFu 7 | ZG9tU3RhdGUxEzARBgNVBAcMClJhbmRvbUNpdHkxGzAZBgNVBAoMElJhbmRvbU9y 8 | Z2FuaXphdGlvbjEfMB0GA1UECwwWUmFuZG9tT3JnYW5pemF0aW9uVW5pdDElMCMG 9 | CSqGSIb3DQEJARYWYWRtaW5AZG9jZG9rdXBsbS5sb2NhbDEZMBcGA1UEAwwQZG9j 10 | ZG9rdXBsbS5sb2NhbDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKUH 11 | 7HlNACJ3H4h6nfQerr0dhkK0Y2Ti3yFVoAftIxHbOxn8+6E4vyvKSD8wCV8mN6kw 12 | NvXBmY/BIRdKpLRmvDUqxs1Hi0/auSUkOs3CWDAufVBSO0ERSsPVLLqsP2qqSuaf 13 | k2AjwOvIiKv6KAAHcOGZkYaDbUVw+Mkcsogm19Sv7VvXAzcVNLgMkNM8VM67PXwZ 14 | tdmqeD4g2DF87cq4nnaTTPkKZqZRqv+9ESEy6n9BVhY1nEtfn1+K64HBEf9CIlQY 15 | 69Pe2XGWEypAjP7rTbZddlkG+5wjWsqh8faWStic6yeFfQMjOat1tiYT04TJglro 16 | PtG3E/tW7EaL7nNiApUCAwEAAaNYMFYwHwYDVR0jBBgwFoAUasfGdLcleW64rZhR 17 | zvs/iNO/tRYwCQYDVR0TBAIwADALBgNVHQ8EBAMCBPAwGwYDVR0RBBQwEoIQZG9j 18 | ZG9rdXBsbS5sb2NhbDANBgkqhkiG9w0BAQsFAAOCAQEAXZoL8DMzs8M9/ndqRisT 19 | ScHwFnqjaGpNll1zPhPHDHtTg3nyS44oymx9VLKzXoMgdpmdLrKUauV7xCJDooA9 20 | SzYGgAELwyDdxvcbM8WjbvRYiIHLnCc6tL7E3MqWEZWP/9hD0GpsRhcYIt3vIWwf 21 | i/b3MX+hTMsR3XNdt3qYYyuUYVh1UqbPpGyNI6PDaAG+xmwxSnmUI9HEN07FoCcY 22 | 0OB0j/ZH0uMaNn7PTmCCjLLMZHi/UP2KEsdsGoEpUp+9Nj9wo2tlATq0hLtAb3Y+ 23 | ubXAG/5PlU+p4UYh9Uq4CKTJ30zNOZA3np9IZSM2qBC9+Zj+YK2wansgCBJpCKMw 24 | Sg== 25 | -----END CERTIFICATE----- 26 | -------------------------------------------------------------------------------- /proxy/ssl/cert.key: -------------------------------------------------------------------------------- 1 | -----BEGIN PRIVATE KEY----- 2 | MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQClB+x5TQAidx+I 3 | ep30Hq69HYZCtGNk4t8hVaAH7SMR2zsZ/PuhOL8rykg/MAlfJjepMDb1wZmPwSEX 4 | SqS0Zrw1KsbNR4tP2rklJDrNwlgwLn1QUjtBEUrD1Sy6rD9qqkrmn5NgI8DryIir 5 | +igAB3DhmZGGg21FcPjJHLKIJtfUr+1b1wM3FTS4DJDTPFTOuz18GbXZqng+INgx 6 | fO3KuJ52k0z5CmamUar/vREhMup/QVYWNZxLX59fiuuBwRH/QiJUGOvT3tlxlhMq 7 | QIz+6022XXZZBvucI1rKofH2lkrYnOsnhX0DIzmrdbYmE9OEyYJa6D7RtxP7VuxG 8 | i+5zYgKVAgMBAAECggEABp4euW6BBuDH/u0L0HI6h5Lbg2lAYxdF40xPsoGr2ld0 9 | M0KVxI1F/TeLVh1TAuHBcaNhUNGGmuEftpNjr2g/O9KPTkQELhuTOQ4O3Zlhd+0l 10 | UUc64Q0Udm3h8Upe8KQLhNv5SO2mGs5bzKmnWPjzadiCoWY7x4EUONxRvGvyU7D5 11 | z//ZGA8QPkOnZIGMxlKJVvlRTo9fVBMYbVXOS4W5BGUGKTPRUIWl0BBZ8gpOxncr 12 | bdaT+fjgfZbDjvxdYsd0aCWuHAmlkKxjo4//jyeIxjY3rge+BDS9sBjrE0DSH3ZP 13 | qWLJkREQwE44rpmu1jyqtGF/+T8zZpfbbDNvhoi/AQKBgQDWN7NT7+w+ppQj7hS4 14 | kaY7WOILAqjD1bfJGegHbwHAdMPVu54HRL/Nh1og9c9ZD7xUZb/reU9jupm3T/MB 15 | wdy8sa331S0mNYx3lNAmVVtrsmNKrfpEVwDN2wRJB3Hs4Ae4h04FaSeCXc1DgLrS 16 | 4uAqtDf1aLfAPbkw+2V1uRYKcQKBgQDFOD1LiWKZl4UfVtc3uKsOdZB67MLJgLjj 17 | aM0LoqD+iApxkWUdG4is/KgZoQnegtAGRFTIiR2hfgzB209kGROmWuiXF0QNaERq 18 | GlhUCqxVkkwz06ErAEm4fsDPGmdAuD+PZFyWAicuA1W+7+4ZMC6bvOD1XirnogX2 19 | IAKmg7gkZQKBgQDUc9eZhpiRphnD7KqGRoVL1KISc2e3Ga21d8kEHlbpbaSPxAw9 20 | fzSOfQ+pIsCqvo10UpldyykuanFrOZJzirYGOl2kLrshavhN3Lv3WK5biEcrWJKd 21 | 1n/Iqc99MjIN0D44B5EckqaJh8g8i14+Kp5SG/xnmpyqv0x8xMdiUtcGMQKBgA0p 22 | ob2m37PMjw/2ZcrMQm5mnkv1/VIhizVySy0Zn5EdV0UZJRx6N/cDrdx4CQaWyHeC 23 | m/3+WMHsfcF6d6QAoHUb4CYlYV9btCU4uOhzBel4KCnVWA5cqI7ttsSbyIRjR6q0 24 | UhGY9zB0/IYP0V5Q/utaAdGehVKMV8WDgWnHpMSZAoGBAJmJvOJcRWBBn4Eec31+ 25 | kZOhuIW/P3TYHRtRjeK+7rRYrHtJ26ZmAghkSAVG2jWSqSuMla408lGkRtxu00I9 26 | 45bMddzSG9/FyAIYTYbRNvnZt1M5BM5kPt3qvDUkfoBZmpPW3PNBuDbY+3SA+xBz 27 | tCmj+jNc0qASaSRE+137a4KL 28 | -----END PRIVATE KEY----- 29 | -------------------------------------------------------------------------------- /proxy/ssl/rootCA.key: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | Proc-Type: 4,ENCRYPTED 3 | DEK-Info: DES-EDE3-CBC,9E64AF2431391297 4 | 5 | 4B2wlJcjZ7K7iErqM+Ji8J26KTbdQxutT8u3MF8n0PxAY4lVaNyciw9DRfHp9v1K 6 | 9TuBZ7cko3HuFSpsM2WkhujncYglwaOGacP//mn9AEr/RT1aH+qEKyVHc411ezf8 7 | I89Mg70aIrf6EJokQzVMOsB9RF/Hwbnym0HRmdC8BjDOB0zwqVTK9y16Nuan9QZn 8 | oGIeN4JRb6kZFdWRibNmXVa2MYHZW/yPpFRP7R9W1ihbbE8mfAABL9PXUtPhGicS 9 | s8uuE9oH5lnTM5AUCgaSY+B+uofKCdE9jaFz/xX7OFQEDm0NwdzaV4nBZpOR1FPE 10 | gFAWwIHiBCSAJv9yVLUdziPdFS7XCL/IrAbg6JoHjjIxdWdCCuDlm71knDVhLdIW 11 | 0qljan1B2D3rd8ORFHL0SN7An2PqReCE8buUxb3Pt7C3xzvJgfTq3T3U+25ZU0EU 12 | 0pc5a/Z+Z73/pYrX6MZ9qFabaMMlGB0HjKo8EHC/gus7CBhUSgzosbHh+sInEzCc 13 | hI0gS2fnlL40FiPp/vTIPYXbfzUwNxEc4e4nR5+C0at9teNoRYnyDxF3yaImgLOC 14 | DFkYZDtld0ZvvGOnQ337JiG0QLVpYefBWwj7R0JUA8k+BJ1HpnPQgWq5qxLJE72r 15 | svCnHvv+l8N18LRFy3q+oirpHn7DhzGqXr9EEuCvYsZzZYZsyc69fn9UqSKy8W+/ 16 | ZbK/xvfWKLKw3rzYAJmL2+uQhK0ugrMsiBKoGHMWWBluAsR7+etrsHiRBljWx3W2 17 | Nz8wYH3aOTGUoD90YGSSGbdeeBjwBZFuGRANRSPC/Jc2wJ0M5kkSNDTI3l/60hDr 18 | 0fknErBiccrOtF7vf24CNVrwljsrveNEd1WXfQ1hMj8FU8lOey9yLLdtfZaIQRNl 19 | opAF4A3GPtgH8LFGNl5OEcWA/Wsp0+B0iwNEIH+MRSuDIKJssiDqAzaetdo5sJRf 20 | mVmEEod0ZdYVe3HcfAcOGiNdCF591Ylh9yFH+1rL4qN+kWuqHhSscXy3CbDs9Ez7 21 | vU7Xk2MJMhhjM4OMNlH9Mbhl86WCNSzDBrwKXhxR6kT9LZd5Md9UGZe5/po5zsCo 22 | G9/gB8vTpySbSSq1mr8vzYnLPT15y1CH8pWPO/iyz6PgmbgdxCvzfvR1iu4p3CsW 23 | 9aVX5d5D7lZs9tV6N6A6VmpGDnb4xzzf+jh12k8ujy6gw0sm8as+wUjXgXU/0NJf 24 | TVzPTcVBZWstcqg5+nyGTGn1WQO7+cSpw75kcSU+RI7ZUI5wO2UavQhzX+hb/lk8 25 | 223d0lrVXLtcDqWoEHQblYcGLkRj+wTQiwqJSM34vtO6QKsVTSe6F+BY3jz2Qqqq 26 | foy1x9YVKZ89AwTNwBz7wPkhrOHOF1/ToKSSqBZ/Z5/7Qjir0xLnE8Sy4ZZHBZqA 27 | IMBi8os+lFX5BalsHYnPcLefSVsN9JTq4PB6nXU0rSOBJ7hfkUNqVPjQ/+1gJSg5 28 | UJ9e+K72Aphye6WUZ2VawtOuwLBlWrg0yXCiMmngInDKw1ZG9/b8Co/XL7ezhbcT 29 | i8R9eZb0oUdsbSx4FEXatcbRq6b2GY3noOK/S6+Ls27waY87oGr9vg== 30 | -----END RSA PRIVATE KEY----- 31 | -------------------------------------------------------------------------------- /proxy/ssl/rootCA.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIID2zCCAsOgAwIBAgIUMWX0CkU05KafStyA7raKxmcUvN8wDQYJKoZIhvcNAQEL 3 | BQAwfDELMAkGA1UEBhMCR0IxDzANBgNVBAgMBkxvbmRvbjEPMA0GA1UEBwwGTG9u 4 | ZG9uMRgwFgYDVQQKDA9HbG9iYWwgU2VjdXJpdHkxFjAUBgNVBAsMDUlUIERlcGFy 5 | dG1lbnQxGTAXBgNVBAMMEGRvY2Rva3VwbG0ubG9jYWwwIBcNMjAwODExMTIyOTA1 6 | WhgPMzAxOTEyMTMxMjI5MDVaMHwxCzAJBgNVBAYTAkdCMQ8wDQYDVQQIDAZMb25k 7 | b24xDzANBgNVBAcMBkxvbmRvbjEYMBYGA1UECgwPR2xvYmFsIFNlY3VyaXR5MRYw 8 | FAYDVQQLDA1JVCBEZXBhcnRtZW50MRkwFwYDVQQDDBBkb2Nkb2t1cGxtLmxvY2Fs 9 | MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnCv2UBFBWaCkp+FqRGM4 10 | JngyQafOTZvYRUNZNJrsgAR3UZglqTbehCKE+B8wC3x0MEIgXvYi6lgn1JJ1gqEq 11 | Ids9Yss5zXJQgAjRyUHG+p1fNg0TtSaNpjmeY9icEXjm1zxYLIN/VOtzo9BSsS5i 12 | HtyAaFya+A2NKekv6Tk9/8dTsmAstBXXMHsT9yGpslMI1xFZFETAlvZIXZqq6F5D 13 | btthd6RA2AyBRb8qjHf+QVhg3hALPFtTBFlRmUJS09zUBk1+ff5HEU9/oD+AuBvY 14 | 2Aut2IcC5fzqzGdPRHdNkivqtZMAGecaYO24ERuKJUaWT21ynSJ/sq1SEYWVdA+o 15 | iwIDAQABo1MwUTAdBgNVHQ4EFgQUasfGdLcleW64rZhRzvs/iNO/tRYwHwYDVR0j 16 | BBgwFoAUasfGdLcleW64rZhRzvs/iNO/tRYwDwYDVR0TAQH/BAUwAwEB/zANBgkq 17 | hkiG9w0BAQsFAAOCAQEADLEx4LTa/xBsuaSBDMFWJG40p3DEbwMA+dZtRSQ4spWs 18 | SjeiT4vmgewU6nvotlQ52x+2DLVndib+aSHPLAQ1yKWAGuRhkifLnPpwM5ufC8ti 19 | zLieJQFM5FXWtYrg+NCUQS5PbB9Ilr5hckbH0EhoheV3GpL7ssNA7nhj3rz48yx2 20 | 3XYemPw+ISp6QzCi751hXCFUigfwvTyrGJnnrW8/w4/WTISJufNyynSPNRXSNSUo 21 | ZPZJuMv4NZNLiNlDRBuh4dnFwXrkbXL9jjQtO+x2i4GDvblYrWPXLgI7IPEmdtLy 22 | vcXACKuHdni5PF6jeIMLKQFHonH3wToIrx2ZiG0OBQ== 23 | -----END CERTIFICATE----- 24 | -------------------------------------------------------------------------------- /proxy/ssl/rootCA.srl: -------------------------------------------------------------------------------- 1 | 559B165848D09E1CE0374D7F5CCF4203BED56232 2 | -------------------------------------------------------------------------------- /start.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # This script: 4 | # 5 | # - Creates the data directory (uploaded files) 6 | # - Generates a keystore (needed for docdoku-plm-server) 7 | # - Pull images and starts all containers 8 | 9 | # Exit on error 10 | set -e 11 | 12 | # Change this values in production 13 | STOREPASS=changeit 14 | KEYPASS=changeit 15 | KEYALIAS=mykeyalias 16 | STORETYPE=PKCS12 17 | KEYALG=AES 18 | KEYSIZE=256 19 | 20 | # 21 | # Script start 22 | # 23 | 24 | # Data directory check 25 | if [ -d data ]; 26 | then 27 | echo 'Data directory found' 28 | else 29 | echo 'Creating data directory and volume...' 30 | mkdir data 31 | docker volume create --driver local \ 32 | --opt type=none \ 33 | --opt device=$(pwd)/data \ 34 | --opt o=bind docdoku-plm-server-volume 35 | fi 36 | 37 | echo $(pwd)/data 38 | 39 | # Keystore check 40 | if [ -f keystore ]; 41 | then 42 | echo 'Keystore found' 43 | else 44 | echo 'Generating keystore...' 45 | keytool \ 46 | -genseckey \ 47 | -keystore $(pwd)/keystore \ 48 | -storetype ${STORETYPE} \ 49 | -alias ${KEYALIAS} \ 50 | -keyalg ${KEYALG} \ 51 | -keysize ${KEYSIZE} \ 52 | -storepass ${STOREPASS} \ 53 | -keypass ${KEYPASS} 54 | fi 55 | 56 | echo $(pwd)/keystore 57 | 58 | # Start the containers 59 | docker-compose pull 60 | docker-compose up -d --force-recreate --remove-orphans --------------------------------------------------------------------------------