From 3b401e8ea16773a6353c477c354ecd4cbd29691f Mon Sep 17 00:00:00 2001 From: Tom Close Date: Mon, 16 Oct 2017 17:15:06 +0200 Subject: [PATCH 01/21] added mounts for plugins folder and docker.sock --- .gitignore | 3 +++ docker-compose.yml | 2 ++ 2 files changed, 5 insertions(+) diff --git a/.gitignore b/.gitignore index bfa6a22..3240332 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,4 @@ # Created by .ignore support plugin (hsz.mobi) +/plugins +/webapps +/postgres-data diff --git a/docker-compose.yml b/docker-compose.yml index 21b825c..563fce6 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -6,6 +6,8 @@ services: - "8081:8080" volumes: - ./webapps:/opt/tomcat/webapps + - ./plugins:/data/xnat/home/plugins + - /var/run/docker.sock:/var/run/docker.sock expose: - "8080" links: From 41e7f37a0755160b127b83cabb43cbd7c749d1cd Mon Sep 17 00:00:00 2001 From: Ubuntu Date: Tue, 5 Dec 2017 15:21:09 +1100 Subject: [PATCH 02/21] updated Readme --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 7338068..2b41bc5 100644 --- a/README.md +++ b/README.md @@ -19,7 +19,7 @@ This repository contains files to bootstrap XNAT deployment. The build creates f ## Usage -1. Clone the [xnat-docker-compose](https://github.com/NrgXnat/xnat-docker-compose) repository. +1. Clone the [xnat-docker-compose](https://github.com/mbi-image/xnat-docker-compose) repository. 2. Configurations: The default configuration is sufficient to run the deployment. The following files can be modified if you want to change the default configuration - **docker-compose.yml**: How the different containers are deployed. From 61e6811bb1583f73948c856a9a80190fe1d9eced Mon Sep 17 00:00:00 2001 From: Ubuntu Date: Tue, 5 Dec 2017 15:22:51 +1100 Subject: [PATCH 03/21] added scripts to download plugins and container --- add-plugins.sh | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 add-plugins.sh diff --git a/add-plugins.sh b/add-plugins.sh new file mode 100644 index 0000000..3a21efe --- /dev/null +++ b/add-plugins.sh @@ -0,0 +1,5 @@ +#!/bin/bash + +wget --quiet --no-cookies https://gitlab.erc.monash.edu.au/mbi-image/xnat-non-dicom-upload-plugin/builds/1251/artifacts/file/out/artifacts/non-dicom-uploader/non-dicom-uploader.jar -O /data/xnat/home/plugins/non-dicom-uploader.jar + +docker pull manishkumr/xnat-qc-pipeline From b29b092017978bc396953a72553e029cd7c5156d Mon Sep 17 00:00:00 2001 From: Ubuntu Date: Tue, 5 Dec 2017 15:28:48 +1100 Subject: [PATCH 04/21] updated instructions to add plugins --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 2b41bc5..824201e 100644 --- a/README.md +++ b/README.md @@ -74,6 +74,8 @@ xnat-web_1 | INFO: Server startup in 84925 ms Your XNAT will soon be available at http://localhost/xnat. +## Installing plugins and pipeline +Run add-plugin.sh script ## Troubleshooting From b45d3bcaa9162d205cc1dc6549fe86c5232eab57 Mon Sep 17 00:00:00 2001 From: Ubuntu Date: Tue, 5 Dec 2017 15:30:57 +1100 Subject: [PATCH 05/21] updated Readme --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 824201e..81132ca 100644 --- a/README.md +++ b/README.md @@ -75,7 +75,7 @@ xnat-web_1 | INFO: Server startup in 84925 ms Your XNAT will soon be available at http://localhost/xnat. ## Installing plugins and pipeline -Run add-plugin.sh script +Run add-plugins.sh script ## Troubleshooting From aea420a44e067712f792d7f9b0c9e10a7f225258 Mon Sep 17 00:00:00 2001 From: Ubuntu Date: Mon, 22 Jan 2018 14:52:00 +1100 Subject: [PATCH 06/21] added port for Dicom listener --- docker-compose.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docker-compose.yml b/docker-compose.yml index 563fce6..5a6ef30 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -4,6 +4,7 @@ services: build: ./tomcat ports: - "8081:8080" + - "8104:8104" volumes: - ./webapps:/opt/tomcat/webapps - ./plugins:/data/xnat/home/plugins @@ -22,6 +23,7 @@ services: build: ./nginx ports: - "80:80" + - "443:443" expose: - "80" links: From 4a159abe621a9abe66abb34151dcb2e4edd77c79 Mon Sep 17 00:00:00 2001 From: Ubuntu Date: Tue, 30 Jan 2018 04:03:51 +0000 Subject: [PATCH 07/21] Added override file which overrided nginx settings to include ssl certs --- docker-compose.override.yml | 6 +++++ nginx/nginx-ssl.conf | 44 +++++++++++++++++++++++++++++++++++++ 2 files changed, 50 insertions(+) create mode 100644 docker-compose.override.yml create mode 100644 nginx/nginx-ssl.conf diff --git a/docker-compose.override.yml b/docker-compose.override.yml new file mode 100644 index 0000000..9bcee8a --- /dev/null +++ b/docker-compose.override.yml @@ -0,0 +1,6 @@ +version: '3' +services: + xnat-nginx: + volumes: + - ./nginx/certs:/etc/nginx/ + - ./nginx/nginx-ssl.conf:/etc/nginx/nginx.conf diff --git a/nginx/nginx-ssl.conf b/nginx/nginx-ssl.conf new file mode 100644 index 0000000..952e30c --- /dev/null +++ b/nginx/nginx-ssl.conf @@ -0,0 +1,44 @@ + +# Redirect http requests to https +server { + listen 80 default_server; + listen [::]:80 default_server; + server_name change.me; + return 301 https://$server_name$request_uri; +} + +server { +# see https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ +# to see why we hardwire the IP address + listen 443 ssl; + server_name change.me; + ssl on; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + + + ssl_certificate /etc/nginx/certs/cert.crt; + ssl_certificate_key /etc/nginx/certs/private/key.key; + + root /var/lib/tomcat7/webapps/ROOT; + + location / { + + proxy_pass http://xnat-web:8080; + proxy_redirect http://xnat-web:8080 $scheme://localhost; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-Server $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_connect_timeout 150; + proxy_send_timeout 100; + proxy_read_timeout 100; + proxy_buffers 4 32k; + client_max_body_size 0; + client_body_buffer_size 128k; + } + + access_log /var/log/nginx/customsite.access_ssl.log; + error_log /var/log/nginx/customsite.error_ssl.log; +} From 25801b841e050b7e6affd1f996d7c1c7028627ec Mon Sep 17 00:00:00 2001 From: Ubuntu Date: Wed, 31 Jan 2018 02:34:03 +0000 Subject: [PATCH 08/21] updated certificates key file path --- nginx/nginx-ssl.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nginx/nginx-ssl.conf b/nginx/nginx-ssl.conf index 952e30c..9ec629e 100644 --- a/nginx/nginx-ssl.conf +++ b/nginx/nginx-ssl.conf @@ -17,7 +17,7 @@ server { ssl_certificate /etc/nginx/certs/cert.crt; - ssl_certificate_key /etc/nginx/certs/private/key.key; + ssl_certificate_key /etc/nginx/certs/key.key; root /var/lib/tomcat7/webapps/ROOT; From 95a1fb53365ba739dd6c070a2341732fa2fa9a5b Mon Sep 17 00:00:00 2001 From: Manish Kumar Date: Fri, 2 Feb 2018 00:20:24 +0000 Subject: [PATCH 09/21] updated compose file format to 3.0 --- docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose.yml b/docker-compose.yml index 5a6ef30..17e44ee 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,4 +1,4 @@ -version: '2' +version: '3' services: xnat-web: build: ./tomcat From 517955400f1b4da63e37c0fd6744e03a6a475ea7 Mon Sep 17 00:00:00 2001 From: Manish Kumar Date: Fri, 2 Feb 2018 00:24:36 +0000 Subject: [PATCH 10/21] updated nginx-ssl config --- nginx/nginx-ssl.conf | 42 +++++++++++++++++++++++++++++++++++++++++- 1 file changed, 41 insertions(+), 1 deletion(-) diff --git a/nginx/nginx-ssl.conf b/nginx/nginx-ssl.conf index 9ec629e..76bc492 100644 --- a/nginx/nginx-ssl.conf +++ b/nginx/nginx-ssl.conf @@ -1,4 +1,43 @@ - +#user www-data; +worker_processes auto; +events { + worker_connections 1024; + # multi_accept on; +} +http { + ## + # Basic Settings + ## + sendfile on; + tcp_nopush on; + tcp_nodelay on; + keepalive_timeout 65; + types_hash_max_size 2048; + # server_tokens off; + # server_names_hash_bucket_size 64; + # server_name_in_redirect off; + #include /etc/nginx/mime.types; + default_type application/octet-stream; + ## + # SSL Settings + ## + #ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE + #ssl_prefer_server_ciphers on; + ## + # Logging Settings + ## + access_log /var/log/nginx/access.log; + error_log /var/log/nginx/error.log; + ## + # Gzip Settings + ## + gzip on; + gzip_disable "msie6"; + ## + # Virtual Host Configs + ## + #include /etc/nginx/conf.d/*.conf; + #include /etc/nginx/sites-enabled/*; # Redirect http requests to https server { listen 80 default_server; @@ -42,3 +81,4 @@ server { access_log /var/log/nginx/customsite.access_ssl.log; error_log /var/log/nginx/customsite.error_ssl.log; } +} From da0ddf855e00f3590e44702f147de31efff24dd1 Mon Sep 17 00:00:00 2001 From: Manish Kumar Date: Fri, 2 Feb 2018 03:30:28 +0000 Subject: [PATCH 11/21] updated mount path for nginx ssl certs and key --- docker-compose.override.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docker-compose.override.yml b/docker-compose.override.yml index 9bcee8a..44a612a 100644 --- a/docker-compose.override.yml +++ b/docker-compose.override.yml @@ -2,5 +2,6 @@ version: '3' services: xnat-nginx: volumes: - - ./nginx/certs:/etc/nginx/ + - ./nginx/certs/cert.crt:/etc/nginx/certs/cert.crt + - ./nginx/certs/key.key:/etc/nginx/certs/key.key - ./nginx/nginx-ssl.conf:/etc/nginx/nginx.conf From 620739465de5066e34464ce7fdd319b8f2261759 Mon Sep 17 00:00:00 2001 From: Manish Kumar Date: Fri, 2 Feb 2018 15:15:44 +1100 Subject: [PATCH 12/21] Updated instructions in readme file for adding SSL certificates --- README.md | 23 ++++++++++++++++++++++- 1 file changed, 22 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 81132ca..7626c95 100644 --- a/README.md +++ b/README.md @@ -23,6 +23,7 @@ This repository contains files to bootstrap XNAT deployment. The build creates f 2. Configurations: The default configuration is sufficient to run the deployment. The following files can be modified if you want to change the default configuration - **docker-compose.yml**: How the different containers are deployed. + - **docker-compose.override.yml**: Overrides/extends default settings in docker-compose.yml(e.g: setting up SSL certificates) - **postgres/XNAT.sql**: Database configuration. Mainly used to customize the database user or password. See [Configuring PostgreSQL for XNAT](https://wiki.xnat.org/documentation/getting-started-with-xnat-1-7/installing-xnat-1-7/configuring-postgresql-for-xnat). - **tomcat/Dockerfile**: Builds the tomcat image, into which the XNAT war will be deployed. - **tomcat/setenv.sh**: Tomcat's launch arguments, set through the `JAVA_OPTS` environment variable. @@ -41,7 +42,7 @@ wget --quiet --no-cookies https://bintray.com/nrgxnat/applications/download_file ``` $ cd xnat-docker-compose -$ docker-compose up -d +$ docker-compose -f docker-compose.yml up -d ``` Note that at this point, if you go to `localhost/xnat` you won't see a working web application. It takes upwards of a minute @@ -77,6 +78,26 @@ Your XNAT will soon be available at http://localhost/xnat. ## Installing plugins and pipeline Run add-plugins.sh script +## Setting up SSL certificates for NginX +Bring down instance if already running +``` +docker-compose down +``` +Change working directory to `xnat-docker-compose/nginx/` + +Create a directory named as `certs` +``` +mkdir certs +``` +Copy SSL certificate file(with root and intermediate certificates as one file) to this directory and name it as `cert.crt` and copy key file to this directory and name it as `key.key` + + +Start the system +``` +docker-compose up -d + +``` + ## Troubleshooting From 06002bd3a54289b9eb526be2e0b9f4efa44aaf79 Mon Sep 17 00:00:00 2001 From: Manish Kumar Date: Wed, 28 Feb 2018 00:54:43 +0000 Subject: [PATCH 13/21] updated to download simple upload plugin from latest release --- add-plugins.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) mode change 100644 => 100755 add-plugins.sh diff --git a/add-plugins.sh b/add-plugins.sh old mode 100644 new mode 100755 index 3a21efe..9bb2b1d --- a/add-plugins.sh +++ b/add-plugins.sh @@ -1,5 +1,7 @@ #!/bin/bash -wget --quiet --no-cookies https://gitlab.erc.monash.edu.au/mbi-image/xnat-non-dicom-upload-plugin/builds/1251/artifacts/file/out/artifacts/non-dicom-uploader/non-dicom-uploader.jar -O /data/xnat/home/plugins/non-dicom-uploader.jar +SIMPLE_UPLOAD_LATEST_RELEASE=$(curl -s https://api.github.com/repos/mbi-image/xnat-simple-upload-plugin/releases/latest | grep browser_download_url | cut -d '"' -f 4) +echo $SIMPLE_UPLOAD_LATEST_RELEASE +sudo wget --quiet --no-cookies $SIMPLE_UPLOAD_LATEST_RELEASE -O plugins/non-dicom-uploader.jar docker pull manishkumr/xnat-qc-pipeline From c3894a6fefd17a2b19da1b271dc3463cdc94abb5 Mon Sep 17 00:00:00 2001 From: Manish Kumar Date: Wed, 28 Feb 2018 05:36:44 +0000 Subject: [PATCH 14/21] added log for tomcat --- docker-compose.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/docker-compose.yml b/docker-compose.yml index 17e44ee..b3c84fa 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -9,6 +9,7 @@ services: - ./webapps:/opt/tomcat/webapps - ./plugins:/data/xnat/home/plugins - /var/run/docker.sock:/var/run/docker.sock + - ./logs/tomcat:/opt/tomcat/logs expose: - "8080" links: From ded8d5b86c1d1f83b5c3c82aa688594603e9e30c Mon Sep 17 00:00:00 2001 From: Manish Kumar Date: Wed, 28 Feb 2018 05:39:48 +0000 Subject: [PATCH 15/21] added log for nginx --- docker-compose.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index b3c84fa..0f1ca54 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -25,10 +25,12 @@ services: ports: - "80:80" - "443:443" + volumes: + - ./logs/nginx:/var/log/nginx expose: - - "80" + - "80" links: - - xnat-web + - xnat-web prometheus: image: prom/prometheus From 9bbf4dd603869624d138b1ac70c098060cce1791 Mon Sep 17 00:00:00 2001 From: Manish Kumar Date: Thu, 1 Mar 2018 00:15:54 +0000 Subject: [PATCH 16/21] added config for postgres logging --- docker-compose.yml | 2 ++ postgres/Dockerfile | 4 ++++ 2 files changed, 6 insertions(+) diff --git a/docker-compose.yml b/docker-compose.yml index 0f1ca54..a1424fe 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -16,10 +16,12 @@ services: - xnat-db xnat-db: build: ./postgres + command: postgres -c logging_collector=on -c log_destination=stderr -c log_directory=/logs expose: - "5432" volumes: - ./postgres-data:/var/lib/postgresql/data + - ./postgres-data/logs:/logs xnat-nginx: build: ./nginx ports: diff --git a/postgres/Dockerfile b/postgres/Dockerfile index 3bb8e64..bca86b6 100644 --- a/postgres/Dockerfile +++ b/postgres/Dockerfile @@ -1,3 +1,7 @@ FROM postgres:9.4-alpine COPY XNAT.sql /docker-entrypoint-initdb.d/ + +#for logging to a volume +RUN mkdir /logs +RUN chown postgres:postgres /logs From 76af7cbf93fda3a69286251d277810b496d89c12 Mon Sep 17 00:00:00 2001 From: Manish Kumar Date: Thu, 1 Mar 2018 00:29:46 +0000 Subject: [PATCH 17/21] updated readme to add desription for reading logs from docker host --- README.md | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 7626c95..8756029 100644 --- a/README.md +++ b/README.md @@ -142,7 +142,14 @@ View a particular log, if you don't want to use docker-compose. ``` docker exec -it $NAME cat /opt/tomcat/logs/catalina.2017-10-24.log ``` - +Logs are wriiten on docker host for tomcat,nginx and postgres under follow directories + + Postgres : xnat-docker-compose/postgres-data/logs + + Nginx : xnat-docker-compose/logs/nginx + + Tomcat : xnat-docker-compose/logs/tomcat + ### Controlling Instances #### Stop Instances From 3955165e980b2281f9bf4428196bc3a3932b3758 Mon Sep 17 00:00:00 2001 From: Manish Kumar Date: Thu, 1 Mar 2018 00:33:08 +0000 Subject: [PATCH 18/21] Fixed typos in README --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 8756029..9b6d4dc 100644 --- a/README.md +++ b/README.md @@ -142,7 +142,7 @@ View a particular log, if you don't want to use docker-compose. ``` docker exec -it $NAME cat /opt/tomcat/logs/catalina.2017-10-24.log ``` -Logs are wriiten on docker host for tomcat,nginx and postgres under follow directories +Logs are written on docker host for tomcat,nginx and postgres under following directories: Postgres : xnat-docker-compose/postgres-data/logs From 51c21cc2e7ec1c7cee3712fe8321444299fffdb1 Mon Sep 17 00:00:00 2001 From: Ubuntu Date: Thu, 3 May 2018 12:31:38 +1000 Subject: [PATCH 19/21] update to java 8 --- tomcat/Dockerfile | 34 +++++++++++++++++++++++----------- 1 file changed, 23 insertions(+), 11 deletions(-) diff --git a/tomcat/Dockerfile b/tomcat/Dockerfile index fce3c5a..d450b6a 100644 --- a/tomcat/Dockerfile +++ b/tomcat/Dockerfile @@ -1,21 +1,35 @@ -FROM manishkumr/ubuntu_jdk7_image +FROM ubuntu:16.04 MAINTAINER Manish Kumar ENV TOMCAT_VERSION 7.0.79 -RUN apt-get -qq update && \ - apt-get -q -y upgrade && \ - apt-get install -y sudo curl wget locales +RUN \ +apt-get -qq update && \ +apt-get install -y sudo curl wget locales # Set locales RUN locale-gen en_AU.UTF-8 -ENV LANG en_AU.UTF-8 -ENV LANGUAGE en_AU.UTF-8 -ENV LC_ALL en_AU.UTF-8 +ENV LANG en_AU.UTF-8 +ENV LANGUAGE en_AU.UTF-8 +ENV LC_ALL en_AU.UTF-8 -# Fix sh -RUN rm /bin/sh && ln -s /bin/bash /bin/sh + +RUN \ +apt-get update && \ +apt-get install -y git build-essential curl wget software-properties-common + +#JDK 8 + +RUN \ +echo oracle-java8-installer shared/accepted-oracle-license-v1-1 select true | debconf-set-selections && \ +add-apt-repository -y ppa:webupd8team/java && \ +apt-get update && \ +apt-get install -y oracle-java8-installer unzip tar && \ +rm -rf /var/lib/apt/lists/* && \ +rm -rf /var/cache/oracle-jdk8-installer + +ENV JAVA_HOME /usr/lib/jvm/java-8-oracle ENV TOMCAT_MAJOR 7 ENV TOMCAT_VERSION 7.0.82 @@ -79,5 +93,3 @@ CMD ["/opt/tomcat/bin/catalina.sh", "run"] #move xnat war to webapps #RUN mv /opt/tomcat/xnat-web-1.7.0.war /opt/tomcat/webapps - - From 73ae395a7896d88b14ff897434075d56f859c42d Mon Sep 17 00:00:00 2001 From: Ubuntu Date: Thu, 3 May 2018 12:35:54 +1000 Subject: [PATCH 20/21] removed logging for postgres --- postgres/Dockerfile | 4 ---- 1 file changed, 4 deletions(-) diff --git a/postgres/Dockerfile b/postgres/Dockerfile index bca86b6..3bb8e64 100644 --- a/postgres/Dockerfile +++ b/postgres/Dockerfile @@ -1,7 +1,3 @@ FROM postgres:9.4-alpine COPY XNAT.sql /docker-entrypoint-initdb.d/ - -#for logging to a volume -RUN mkdir /logs -RUN chown postgres:postgres /logs From f5b95f6932a576d9ce78fa2ed19967625eb3ee44 Mon Sep 17 00:00:00 2001 From: Ubuntu Date: Thu, 3 May 2018 12:37:48 +1000 Subject: [PATCH 21/21] added openid-auth properties and removed postgres logging --- docker-compose.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index a1424fe..008f324 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -10,18 +10,18 @@ services: - ./plugins:/data/xnat/home/plugins - /var/run/docker.sock:/var/run/docker.sock - ./logs/tomcat:/opt/tomcat/logs + - ./logs/xnat:/data/xnat/home/logs + - ./auth-provider.properties:/data/xnat/home/config/auth/auth-provider.properties expose: - "8080" links: - xnat-db xnat-db: build: ./postgres - command: postgres -c logging_collector=on -c log_destination=stderr -c log_directory=/logs expose: - "5432" volumes: - ./postgres-data:/var/lib/postgresql/data - - ./postgres-data/logs:/logs xnat-nginx: build: ./nginx ports: