Page MenuHomeDevCentral
Files F3779854

D3123.id7963.diff
No OneTemporary
Actions

D3123.id7963.diff
View Options

diff --git a/PORTS b/PORTS
--- a/PORTS
+++ b/PORTS
@@ -17,6 +17,7 @@
paas-docker
5000 Docker registry HTTP
9090 Openfire HTTP
+ 16080 Orbeon HTTP
17080 Penpot - back-end
17300 Penpot - exporter
19080 Nasqueron API - Datasources
diff --git a/pillar/paas/docker/dwellers/orbeon.sls b/pillar/paas/docker/dwellers/orbeon.sls
new file mode 100644
--- /dev/null
+++ b/pillar/paas/docker/dwellers/orbeon.sls
@@ -0,0 +1,19 @@
+# -------------------------------------------------------------
+# Salt — Provision Docker engine
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# License: Trivial work, not eligible to copyright
+# Service: Orbeon
+# -------------------------------------------------------------
+
+docker_images:
+ - nasqueron/orbeon
+
+docker_containers:
+ orbeon:
+ orbeon_nasqueron:
+ hostname: forms.nasqueron.org
+ app_port: 16080
+ tomcat:
+ users:
+ dereckson: nasqueron/orbeon/users/dereckson
diff --git a/roles/paas-docker/containers/files/_tomcat/tomcat-users.xml b/roles/paas-docker/containers/files/_tomcat/tomcat-users.xml
new file mode 100644
--- /dev/null
+++ b/roles/paas-docker/containers/files/_tomcat/tomcat-users.xml
@@ -0,0 +1,29 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+ Tomcat :: Users configuration
+ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+ Project: Nasqueron
+ License: Trivial enough, not eligible to copyright
+ Source file: roles/paas-docker/containers/files/_tomcat/tomcat-users.xml
+ _____________________________________________________________
+
+ <auto-generated>
+ This file is managed by our rOPS SaltStack repository.
+
+ Changes to this file may cause incorrect behavior
+ and will be lost if the state is redeployed.
+ </auto-generated>
+-->
+<tomcat-users xmlns="http://tomcat.apache.org/xml"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://tomcat.apache.org/xml tomcat-users.xsd"
+ version="1.0">
+ {% for username, user_args in users.items() %}
+ <user
+ username="{{ username }}"
+ password="{{ user_args.password }}"
+ roles="{{ user_args.roles }}"
+ />
+ {% endfor %}
+</tomcat-users>
diff --git a/roles/paas-docker/containers/files/orbeon/nasqueron_forms/form-builder-permissions.xml b/roles/paas-docker/containers/files/orbeon/nasqueron_forms/form-builder-permissions.xml
new file mode 100644
--- /dev/null
+++ b/roles/paas-docker/containers/files/orbeon/nasqueron_forms/form-builder-permissions.xml
@@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+ Orbeon :: Configuration
+ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+ Project: Nasqueron
+ License: Trivial work, not eligible to copyright
+ Source file: roles/paas-docker/containers/files/orbeon/nasqueron_forms/form-builder-permissions.xml
+ _____________________________________________________________
+
+ <auto-generated>
+ This file is managed by our rOPS SaltStack repository.
+
+ Changes to this file may cause incorrect behavior
+ and will be lost if the state is redeployed.
+ </auto-generated>
+-->
+
+<roles>
+ <role name="orbeon-admin" app="*" form="*"/>
+</roles>
diff --git a/roles/paas-docker/containers/files/orbeon/nasqueron_forms/properties-local.xml b/roles/paas-docker/containers/files/orbeon/nasqueron_forms/properties-local.xml
new file mode 100644
--- /dev/null
+++ b/roles/paas-docker/containers/files/orbeon/nasqueron_forms/properties-local.xml
@@ -0,0 +1,55 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+ Orbeon :: Configuration
+ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+ Project: Nasqueron
+ License: Trivial work, not eligible to copyright
+ Source file: roles/paas-docker/containers/files/orbeon/nasqueron_forms/properties-local.xml
+ _____________________________________________________________
+
+ <auto-generated>
+ This file is managed by our rOPS SaltStack repository.
+
+ Changes to this file may cause incorrect behavior
+ and will be lost if the state is redeployed.
+ </auto-generated>
+-->
+
+<properties xmlns:xs="http://www.w3.org/2001/XMLSchema"
+ xmlns:oxf="http://www.orbeon.com/oxf/processors"
+ xmlns:fr="http://orbeon.org/oxf/xml/form-runner">
+
+ <!-- Users configuration -->
+
+ <property as="xs:string" name="oxf.fr.authentication.container.roles"
+ value="orbeon-admin"/>
+
+
+ <!-- Database configuration -->
+
+ <property as="xs:string" name="oxf.fr.persistence.provider.*.*.*"
+ value="postgresql"/>
+
+ <property as="xs:string" name="oxf.fr.persistence.postgresql.datasource"
+ value="postgresql" />
+
+ <property as="xs:boolean" name="oxf.fr.persistence.exist.active"
+ value="false"/>
+
+
+ <!-- Form properties :: nasqueron-join :: contact -->
+
+ <property as="xs:string" name="oxf.fr.detail.buttons.nasqueron-join.contact">
+ save-progress send
+ </property>
+
+ <property
+ as="xs:string"
+ name="oxf.fr.detail.process.send.nasqueron-join.contact"
+ value='require-valid
+ then email
+ then navigate("https://join.nasqueron.org/contact-success.html")
+ recover navigate("https://join.nasqueron.org/contact-failure.html")' />
+
+</properties>
diff --git a/roles/paas-docker/containers/files/orbeon/nasqueron_forms/web.xml b/roles/paas-docker/containers/files/orbeon/nasqueron_forms/web.xml
new file mode 100644
--- /dev/null
+++ b/roles/paas-docker/containers/files/orbeon/nasqueron_forms/web.xml
@@ -0,0 +1,398 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+ Orbeon :: Configuration
+ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+ Project: Nasqueron
+ License: Trivial work, not eligible to copyright
+ Source file: roles/paas-docker/containers/files/orbeon/nasqueron_forms/properties-local.xml
+ _____________________________________________________________
+
+ <auto-generated>
+ This file is managed by our rOPS SaltStack repository.
+
+ Changes to this file may cause incorrect behavior
+ and will be lost if the state is redeployed.
+ </auto-generated>
+-->
+
+<web-app
+ xmlns="http://xmlns.jcp.org/xml/ns/javaee"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"
+ version="3.1">
+
+ <display-name>Orbeon Forms</display-name>
+ <description>
+ Orbeon Forms is an open source, standard-based web forms solution, which
+ includes Form Builder, a WYSIWYG browser-based authoring tool, and Form
+ Runner, a runtime environment which facilitates the deployment and
+ integration of a large number of complex forms. Orbeon Forms implements
+ different technologies, such as XForms and Ajax, with no need for
+ client-side software or plug-ins.
+ </description>
+ <!-- "A web application that is written so that it can be deployed in a web container distributed
+ across multiple Java virtual machines running on the same host or different hosts." -->
+ <!--Distributable when replication is enabled-->
+ <distributable/>
+ <!--Initialize main resource manager-->
+ <context-param>
+ <param-name>oxf.resources.factory</param-name>
+ <param-value>org.orbeon.oxf.resources.PriorityResourceManagerFactory</param-value>
+ </context-param>
+ <!--Web application resource manager for resources-->
+ <context-param>
+ <param-name>oxf.resources.priority.2</param-name>
+ <param-value>org.orbeon.oxf.resources.WebAppResourceManagerFactory</param-value>
+ </context-param>
+ <context-param>
+ <param-name>oxf.resources.priority.2.oxf.resources.webapp.rootdir</param-name>
+ <param-value>/WEB-INF/resources</param-value>
+ </context-param>
+ <!--Classloader resource manager-->
+ <context-param>
+ <param-name>oxf.resources.priority.6</param-name>
+ <param-value>org.orbeon.oxf.resources.ClassLoaderResourceManagerFactory</param-value>
+ </context-param>
+ <!--Set run mode ("dev" or "prod")-->
+ <context-param>
+ <param-name>oxf.run-mode</param-name>
+ <param-value>prod</param-value>
+ </context-param>
+ <!--Set location of properties.xml-->
+ <context-param>
+ <param-name>oxf.properties</param-name>
+ <param-value>oxf:/config/properties-${oxf.run-mode}.xml</param-value>
+ </context-param>
+ <!--Determine whether logging initialization must take place-->
+ <context-param>
+ <param-name>oxf.initialize-logging</param-name>
+ <param-value>true</param-value>
+ </context-param>
+ <!--Set context listener processors-->
+ <!-- Uncomment this for the context listener processors -->
+ <!--
+ <context-param>
+ <param-name>oxf.context-initialized-processor.name</param-name>
+ <param-value>{http://www.orbeon.com/oxf/processors}pipeline</param-value>
+ </context-param>
+ <context-param>
+ <param-name>oxf.context-initialized-processor.input.config</param-name>
+ <param-value>oxf:/apps/context/context-initialized.xpl</param-value>
+ </context-param>
+ <context-param>
+ <param-name>oxf.context-destroyed-processor.name</param-name>
+ <param-value>{http://www.orbeon.com/oxf/processors}pipeline</param-value>
+ </context-param>
+ <context-param>
+ <param-name>oxf.context-destroyed-processor.input.config</param-name>
+ <param-value>oxf:/apps/context/context-destroyed.xpl</param-value>
+ </context-param>-->
+ <!-- End context listener processors -->
+ <!--Set session listener processors-->
+ <!-- Uncomment this for the session listener processors -->
+ <!--
+ <context-param>
+ <param-name>oxf.session-created-processor.name</param-name>
+ <param-value>{http://www.orbeon.com/oxf/processors}pipeline</param-value>
+ </context-param>
+ <context-param>
+ <param-name>oxf.session-created-processor.input.config</param-name>
+ <param-value>oxf:/apps/context/session-created.xpl</param-value>
+ </context-param>
+ <context-param>
+ <param-name>oxf.session-destroyed-processor.name</param-name>
+ <param-value>{http://www.orbeon.com/oxf/processors}pipeline</param-value>
+ </context-param>
+ <context-param>
+ <param-name>oxf.session-destroyed-processor.input.config</param-name>
+ <param-value>oxf:/apps/context/session-destroyed.xpl</param-value>
+ </context-param>-->
+ <!-- End session listener processors -->
+ <!--Security filter for eXist-->
+ <filter>
+ <filter-name>orbeon-exist-filter</filter-name>
+ <filter-class>org.orbeon.oxf.servlet.TokenSecurityFilter</filter-class>
+ </filter>
+ <filter-mapping>
+ <filter-name>orbeon-exist-filter</filter-name>
+ <url-pattern>/exist/*</url-pattern>
+ <dispatcher>REQUEST</dispatcher>
+ <dispatcher>FORWARD</dispatcher>
+ </filter-mapping>
+ <!--Limit concurrent access to Form Runner-->
+ <filter>
+ <filter-name>orbeon-limiter-filter</filter-name>
+ <filter-class>org.orbeon.oxf.servlet.LimiterFilter</filter-class>
+ <!--Include Form Runner pages and XForms Ajax requests-->
+ <init-param>
+ <param-name>include</param-name>
+ <param-value>(/fr/.*)|(/xforms-server)</param-value>
+ </init-param>
+ <!--Exclude resources not produced by services-->
+ <init-param>
+ <param-name>exclude</param-name>
+ <param-value>(?!/([^/]+)/service/).+\.(gif|css|pdf|json|js|coffee|map|png|jpg|xsd|htc|ico|swf|html|htm|txt)</param-value>
+ </init-param>
+ <!--Minimum, requested, and maximum number of concurrent threads allowed-->
+ <!--The `x` prefix specifies a multiple of the number of CPU cores reported by the JVM-->
+ <init-param>
+ <param-name>min-threads</param-name>
+ <param-value>1</param-value>
+ </init-param>
+ <init-param>
+ <param-name>num-threads</param-name>
+ <param-value>x1</param-value>
+ </init-param>
+ <init-param>
+ <param-name>max-threads</param-name>
+ <param-value>x1</param-value>
+ </init-param>
+ </filter>
+ <filter-mapping>
+ <filter-name>orbeon-limiter-filter</filter-name>
+ <url-pattern>/*</url-pattern>
+ <dispatcher>REQUEST</dispatcher>
+ </filter-mapping>
+ <!--Add internal Orbeon-* headers for auth-->
+ <filter>
+ <filter-name>orbeon-form-runner-auth-servlet-filter</filter-name>
+ <filter-class>org.orbeon.oxf.servlet.FormRunnerAuthFilter</filter-class>
+ <!--
+ <init-param>
+ <param-name>content-security-policy</param-name>
+ <param-value>default-src 'self'; img-src 'self' data:</param-value>
+ </init-param>
+ -->
+ </filter>
+ <filter-mapping>
+ <filter-name>orbeon-form-runner-auth-servlet-filter</filter-name>
+ <url-pattern>/*</url-pattern>
+ <dispatcher>REQUEST</dispatcher>
+ <dispatcher>FORWARD</dispatcher>
+ </filter-mapping>
+ <!--All JSP files under /xforms-jsp go through the XForms filter-->
+ <filter>
+ <filter-name>orbeon-xforms-filter</filter-name>
+ <filter-class>org.orbeon.oxf.servlet.OrbeonXFormsFilter</filter-class>
+ <!-- Uncomment this for the separate WAR deployment -->
+ <!--
+ <init-param>
+ <param-name>oxf.xforms.renderer.context</param-name>
+ <param-value>/orbeon</param-value>
+ </init-param>
+ <init-param>
+ <param-name>oxf.xforms.renderer.default-encoding</param-name>
+ <param-value>UTF-8</param-value>
+ </init-param>-->
+ <!-- End separate WAR deployment -->
+ </filter>
+ <filter-mapping>
+ <filter-name>orbeon-xforms-filter</filter-name>
+ <url-pattern>/xforms-jsp/*</url-pattern>
+ <!--Servlet 2.4 configuration allowing the filter to run upon forward in addition to request-->
+ <dispatcher>REQUEST</dispatcher>
+ <dispatcher>FORWARD</dispatcher>
+ </filter-mapping>
+ <!--Orbeon context listener-->
+ <listener>
+ <listener-class>org.orbeon.oxf.webapp.OrbeonServletContextListener</listener-class>
+ </listener>
+ <!--Context listener for deployment with replication-->
+ <listener>
+ <listener-class>org.orbeon.oxf.xforms.ReplicationServletContextListener</listener-class>
+ </listener>
+ <!--XForms session listener-->
+ <listener>
+ <listener-class>org.orbeon.oxf.xforms.XFormsServletContextListener</listener-class>
+ </listener>
+ <!--General-purpose session listener-->
+ <listener>
+ <listener-class>org.orbeon.oxf.webapp.OrbeonSessionListener</listener-class>
+ </listener>
+ <!--Ehcache shutdown listener-->
+ <listener>
+ <listener-class>net.sf.ehcache.constructs.web.ShutdownListener</listener-class>
+ </listener>
+ <!--This is the main Orbeon Forms servlet-->
+ <servlet>
+ <servlet-name>orbeon-main-servlet</servlet-name>
+ <servlet-class>org.orbeon.oxf.servlet.OrbeonServlet</servlet-class>
+ <!--Set main processor-->
+ <init-param>
+ <param-name>oxf.main-processor.name</param-name>
+ <param-value>{http://www.orbeon.com/oxf/processors}pipeline</param-value>
+ </init-param>
+ <init-param>
+ <param-name>oxf.main-processor.input.config</param-name>
+ <param-value>oxf:/config/prologue-servlet.xpl</param-value>
+ </init-param>
+ <!--Set error processor-->
+ <init-param>
+ <param-name>oxf.error-processor.name</param-name>
+ <param-value>{http://www.orbeon.com/oxf/processors}page-flow</param-value>
+ </init-param>
+ <init-param>
+ <param-name>oxf.error-processor.input.controller</param-name>
+ <param-value>oxf:/config/error-page-flow.xml</param-value>
+ </init-param>
+ <!--Set supported methods-->
+ <init-param>
+ <param-name>oxf.http.accept-methods</param-name>
+ <param-value>get,post,head,put,delete,lock,unlock</param-value>
+ </init-param>
+ <!--Set servlet initialization and destruction listeners-->
+ <!-- Uncomment this for the servlet listener processors -->
+ <!--
+ <init-param>
+ <param-name>oxf.servlet-initialized-processor.name</param-name>
+ <param-value>{http://www.orbeon.com/oxf/processors}pipeline</param-value>
+ </init-param>
+ <init-param>
+ <param-name>oxf.servlet-initialized-processor.input.config</param-name>
+ <param-value>oxf:/apps/context/servlet-initialized.xpl</param-value>
+ </init-param>
+ <init-param>
+ <param-name>oxf.servlet-destroyed-processor.name</param-name>
+ <param-value>{http://www.orbeon.com/oxf/processors}pipeline</param-value>
+ </init-param>
+ <init-param>
+ <param-name>oxf.servlet-destroyed-processor.input.config</param-name>
+ <param-value>oxf:/apps/context/servlet-destroyed.xpl</param-value>
+ </init-param>-->
+ <!-- End servlet listener processors -->
+ </servlet>
+ <!--This is the XForms Renderer servlet, used to deploy Orbeon Forms as a separate WAR-->
+ <servlet>
+ <servlet-name>orbeon-renderer-servlet</servlet-name>
+ <servlet-class>org.orbeon.oxf.servlet.OrbeonServlet</servlet-class>
+ <!--Set main processor-->
+ <init-param>
+ <param-name>oxf.main-processor.name</param-name>
+ <param-value>{http://www.orbeon.com/oxf/processors}page-flow</param-value>
+ </init-param>
+ <init-param>
+ <param-name>oxf.main-processor.input.controller</param-name>
+ <param-value>oxf:/ops/xforms/xforms-renderer-page-flow.xml</param-value>
+ </init-param>
+ <!--Set error processor-->
+ <init-param>
+ <param-name>oxf.error-processor.name</param-name>
+ <param-value>{http://www.orbeon.com/oxf/processors}pipeline</param-value>
+ </init-param>
+ <init-param>
+ <param-name>oxf.error-processor.input.config</param-name>
+ <param-value>oxf:/config/error.xpl</param-value>
+ </init-param>
+ </servlet>
+ <!-- Uncomment this for the eXist XMLRPC support -->
+ <!--
+ <servlet>
+ <servlet-name>exist-xmlrpc-servlet</servlet-name>
+ <servlet-class>org.exist.xmlrpc.RpcServlet</servlet-class>
+ </servlet>-->
+ <!-- End eXist XMLRPC support -->
+ <servlet>
+ <servlet-name>exist-rest-servlet</servlet-name>
+ <servlet-class>org.exist.http.servlets.EXistServlet</servlet-class>
+ <init-param>
+ <param-name>basedir</param-name>
+ <param-value>WEB-INF/</param-value>
+ </init-param>
+ <init-param>
+ <param-name>configuration</param-name>
+ <param-value>exist-conf.xml</param-value>
+ </init-param>
+ <init-param>
+ <param-name>start</param-name>
+ <param-value>true</param-value>
+ </init-param>
+ </servlet>
+ <servlet-mapping>
+ <servlet-name>orbeon-main-servlet</servlet-name>
+ <url-pattern>/</url-pattern>
+ </servlet-mapping>
+ <servlet-mapping>
+ <servlet-name>orbeon-renderer-servlet</servlet-name>
+ <url-pattern>/xforms-renderer</url-pattern>
+ </servlet-mapping>
+ <servlet-mapping>
+ <servlet-name>exist-rest-servlet</servlet-name>
+ <url-pattern>/exist/rest/*</url-pattern>
+ </servlet-mapping>
+ <!-- Uncomment this for the eXist XMLRPC support -->
+ <!--
+ <servlet-mapping>
+ <servlet-name>exist-xmlrpc-servlet</servlet-name>
+ <url-pattern>/exist/xmlrpc/*</url-pattern>
+ </servlet-mapping>-->
+ <!-- End eXist XMLRPC support -->
+ <!-- Uncomment this for the relational persistence, and change oracle if necessary -->
+ <!--
+ <resource-ref>
+ <description>DataSource</description>
+ <res-ref-name>jdbc/oracle</res-ref-name>
+ <res-type>javax.sql.DataSource</res-type>
+ <res-auth>Container</res-auth>
+ </resource-ref>-->
+ <!-- End relational persistence, and change oracle if necessary -->
+ <!-- Form Runner authentication -->
+ <!-- Require the security role on /fr/auth by default. To protect everything this must be changed. -->
+ <security-constraint>
+ <web-resource-collection>
+ <web-resource-name>Form Runner</web-resource-name>
+ <url-pattern>/fr/auth</url-pattern>
+ </web-resource-collection>
+ <auth-constraint>
+ <role-name>orbeon-user</role-name>
+ </auth-constraint>
+ </security-constraint>
+ <!-- The following pages and services are allowed without constraints by default -->
+ <security-constraint>
+ <web-resource-collection>
+ <web-resource-name>Form Runner services and public pages and resources</web-resource-name>
+ <url-pattern>/fr/service/*</url-pattern>
+ <url-pattern>/fr/style/*</url-pattern>
+ <url-pattern>/fr/not-found</url-pattern>
+ <url-pattern>/fr/error</url-pattern>
+ <url-pattern>/fr/login</url-pattern>
+ <url-pattern>/fr/login-error</url-pattern>
+ </web-resource-collection>
+ </security-constraint>
+ <!-- This will cause redirect from HTTP to HTTPS but not for eXist -->
+ <!--
+ <security-constraint>
+ <web-resource-collection>
+ <web-resource-name>Entire Application</web-resource-name>
+ <url-pattern>/*</url-pattern>
+ </web-resource-collection>
+ <user-data-constraint>
+ <transport-guarantee>CONFIDENTIAL</transport-guarantee>
+ </user-data-constraint>
+ </security-constraint>
+ <security-constraint>
+ <web-resource-collection>
+ <web-resource-name>eXist</web-resource-name>
+ <url-pattern>/exist/*</url-pattern>
+ </web-resource-collection>
+ <user-data-constraint>
+ <transport-guarantee>NONE</transport-guarantee>
+ </user-data-constraint>
+ </security-constraint>
+ -->
+ <!-- Use the form-based method by default -->
+ <login-config>
+ <auth-method>FORM</auth-method>
+ <form-login-config>
+ <form-login-page>/fr/login</form-login-page>
+ <form-error-page>/fr/login-error</form-error-page>
+ </form-login-config>
+ </login-config>
+ <!-- Default security role, which can be changed as needed -->
+ <security-role>
+ <role-name>orbeon-user</role-name>
+ </security-role>
+ <session-config>
+ <session-timeout>60</session-timeout>
+ </session-config>
+</web-app>
diff --git a/roles/paas-docker/containers/orbeon.sls b/roles/paas-docker/containers/orbeon.sls
new file mode 100644
--- /dev/null
+++ b/roles/paas-docker/containers/orbeon.sls
@@ -0,0 +1,75 @@
+# -------------------------------------------------------------
+# Salt — Provision Docker engine
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# License: Trivial work, not eligible to copyright
+# -------------------------------------------------------------
+
+{% set has_selinux = salt['grains.get']('selinux:enabled', False) %}
+
+{% for instance, container in pillar['docker_containers']['orbeon'].items() %}
+
+# -------------------------------------------------------------
+# Storage directory
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+/srv/orbeon/{{ instance }}:
+ file.directory:
+ - makedirs: True
+
+{% if has_selinux %}
+selinux_context_{{ instance }}_data:
+ selinux.fcontext_policy_present:
+ - name: /srv/orbeon/{{ instance }}
+ - sel_type: container_file_t
+
+selinux_context_{{ instance }}_data_applied:
+ selinux.fcontext_policy_applied:
+ - name: /srv/orbeon/{{ instance }}
+{% endif %}
+
+# -------------------------------------------------------------
+# Configuration files
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+/srv/orbeon/{{ instance }}/conf/tomcat-users.xml:
+ file.managed:
+ - source: salt://roles/paas-docker/containers/files/_tomcat/tomcat-users.xml
+ - mode: 400
+ - makedirs: True
+ - template: jinja
+ - context:
+ users:
+ {% for user, credential in container["tomcat"]["users"].items() %}
+ {{ user }}:
+ password: {{ salt["credentials.get_password"](credential) }}
+ role: orbeon-admin
+ {% endfor %}
+
+/srv/orbeon/{{ instance }}/conf:
+ file.directory
+
+{% for config_file in ["properties-local.xml", "web.xml", "form-builder-permissions.xml"] %}
+/srv/orbeon/{{ instance }}/conf/{{ config_file }}:
+ file.managed:
+ - source: salt://roles/paas-docker/containers/files/orbeon/{{ instance }}{ config_file }}
+{% endfor %}
+
+# -------------------------------------------------------------
+# Container
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+{{ instance }}:
+ docker_container.running:
+ - detach: True
+ - interactive: True
+ - image: nasqueron/orbeon
+ - binds:
+ - /srv/orbeon/{{ instance }}/conf/tomcat-users.xml:/usr/local/tomcat/conf/tomcat-users.xml
+ - /srv/orbeon/{{ instance }}/conf/web.xml:/usr/local/tomcat/webapps/orbeon/WEB-INF/web.xml
+ - /srv/orbeon/{{ instance }}/conf/form-builder-permissions.xml:/usr/local/tomcat/webapps/orbeon/WEB-INF/resources/config/form-builder-permissions.xml
+ - /srv/orbeon/{{ instance }}/conf/properties-local.xml:/usr/local/tomcat/webapps/orbeon/WEB-INF/resources/config/properties-local.xml
+ - ports:
+ - 8080
+ - port_bindings:
+ - {{ container['app_port'] }}:8080

File Metadata

Mime Type
text/plain
Expires
Tue, Nov 26, 10:19 (22 h, 5 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2264471
Default Alt Text
D3123.id7963.diff (26 KB)

Event Timeline

Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator