diff --git a/docker-compose/docker-compose.yml b/docker-compose/docker-compose.yml index e7d94ea..afa6642 100644 --- a/docker-compose/docker-compose.yml +++ b/docker-compose/docker-compose.yml @@ -13,7 +13,7 @@ services: image: solr:8.7.0 container_name: solr1 ports: - - "8981:8983" + - "8981:8983" environment: - ZK_HOST=zoo1:2181,zoo2:2181,zoo3:2181 networks: @@ -27,7 +27,7 @@ services: image: solr:8.7.0 container_name: solr2 ports: - - "8982:8983" + - "8982:8983" environment: - ZK_HOST=zoo1:2181,zoo2:2181,zoo3:2181 networks: @@ -41,7 +41,7 @@ services: image: solr:8.7.0 container_name: solr3 ports: - - "8983:8983" + - "8983:8983" environment: - ZK_HOST=zoo1:2181,zoo2:2181,zoo3:2181 networks: @@ -51,6 +51,26 @@ services: - zoo2 - zoo3 + # Add a basic auth to the solr cluster, so that you can upload your own schema config + # default user/password is solr/SolrRocks + # See: https://solr.apache.org/guide/8_7/basic-authentication-plugin.html + solrEnableAuth: + image: solr:8.7.0 + container_name: solrEnableAuth + ports: + - "8984:8983" + environment: + - ZK_HOST=zoo1:2181,zoo2:2181,zoo3:2181 + networks: + - solr + volumes: + - ./security.json:/opt/solr/server/solr/security.json + command: bash -c "solr zk cp /opt/solr/server/solr/security.json zk:/security.json" + depends_on: + - zoo1 + - zoo2 + - zoo3 + zoo1: image: zookeeper:3.6.2 container_name: zoo1 diff --git a/docker-compose/security.json b/docker-compose/security.json new file mode 100644 index 0000000..3d59250 --- /dev/null +++ b/docker-compose/security.json @@ -0,0 +1,23 @@ +{ + "authentication": { + "blockUnknown": true, + "class": "solr.BasicAuthPlugin", + "credentials": { + "solr": "IV0EHq1OnNrj6gvRCwvFwTrZ1+z1oBbnQdiVC3otuq0= Ndd7LKvVBAaZIF0QAVi1ekCfAJXr1GGfLtRUXhgrF8c=" + }, + "realm": "My Solr users", + "forwardCredentials": false + }, + "authorization": { + "class": "solr.RuleBasedAuthorizationPlugin", + "permissions": [ + { + "name": "security-edit", + "role": "admin" + } + ], + "user-role": { + "solr": "admin" + } + } +}