From 0a435c1af08a85048f0bace071ce798ca53ace31 Mon Sep 17 00:00:00 2001 From: mazano Date: Sun, 23 Oct 2022 07:44:19 +0200 Subject: [PATCH] Optimize (#451) * Install metadata plugins by default, fix some logic for some env variables and add extra env * fix configs * Use env file to store all variables * fix compose file and startup options * remove duplicated data * Fix a bug with libraries for the geoserver printing module * Restructure files * WIP * Fix build issues within the images * Add compose file for building image * Fix geowebcache sync issue * Delete env file * Optimise some logic and allow downloading extensions if they do not exists * Upgrade to Geoserver 2.19.0 and fix building with tomcat 10-jdk11-openjdk-slim-buster * Fix extensions to conform to version 2.19 * fix startup issues using jetty * fix war url * Clean some configs and sanitize running the image * fix build using latest image - Only using jetty * fix build using jetty * Use same functions and add recreate dir env for testing builds * optimise logic * fix build logic order * other optimisations related to configs * Add env and optimise dockerfile and other scripts to be standard * Small fix with clustering logic * Verbose to check if password env is working * some optimisations - wip * some optimisations - wip2 * Fix proxy values for non ssl connections * bump geoserver to 2.19.1 and install jetty staff only when running under jetty * Add random default password if one is not provided * fix startp env variable, password colours in logs * add figlet and remove verbose login * Fix logic for figlet * readme cleanup and remove empty spaces in files * Small fixes with scripts * small tweak - WIP * add build args for user and group name * further improvements * minor tweaks on the scripts * add logic for publishing postgres store using jndi * fix building iwth ssl where possible * add table of contents * add example for nginx reverse proxy * Bump version to 2.19.2 * fixes #285 * only show password in logs if it's a random one and move changing permission after script setup * WIP * WIP changes and updates * WIP - incremental changes * allow tomcat-server.xml to be mounted and add readme * fix update logic in update password and env * revert docker-compose logic * fix jndi pooling * fix logging logic * add logging info * fix errors in readme and improve grammar etc * switch usage of env variable ACTIVATE_ALL_COMMUNITY_EXTENTIONS and strong password for tomcat * update resetting credentials * upgrade version to 20.0 * fix mbstyle plugin * fix clustering for back ward compability * update broker.xml to use db backend * Fix spelling for some env variables and run code through bash checker * fix spelling mistakes in env variables * add https scheme * bump to version 2.20.1 * fix log4j error and add https scheme variable which was previously hardcoded * WIP * Fix build issues within the images * some optimisations - wip * some optimisations - wip2 * Add random default password if one is not provided * fix startp env variable, password colours in logs * further improvements * add logic for publishing postgres store using jndi * add example for nginx reverse proxy * WIP changes and updates * fix update logic in update password and env * revert docker-compose logic * upgrade version to 20.0 * fix mbstyle plugin * update broker.xml to use db backend * Fix some scripts (#259) minor tweaks on the scripts * FIx build with https (#265) * Fixes for jndi (#308) * fix jndi pooling and fix logging logic * update version to 20.0 (#317) * fix mbstyle plugin and upgrade to 20.0 * Added some additional notes to run local image in MacOS M1 Chip (#381) * some optimisations - wip2 * further improvements * add logic for publishing postgres store using jndi * add example for nginx reverse proxy * WIP changes and updates * fix update logic in update password and env * revert docker-compose logic * upgrade version to 20.0 * fix mbstyle plugin * update broker.xml to use db backend * some optimisations - wip2 * further improvements * add logic for publishing postgres store using jndi * WIP changes and updates * fix update logic in update password and env * revert docker-compose logic * upgrade version to 20.0 * fix mbstyle plugin * fix clustering for back ward compability * update broker.xml to use db backend * update documentaion * update db test in compose * update instructions for faster debugimh Co-authored-by: mazano Co-authored-by: celikn --- .env | 2 +- Dockerfile | 4 +-- build_data/web.xml | 17 +++++++--- docker-compose-build.yml | 2 ++ docker-compose.yml | 2 ++ scripts/entrypoint.sh | 4 +-- scripts/env-data.sh | 4 ++- scripts/functions.sh | 70 ++++++++++++++++++++++++++++++++++++---- scripts/setup.sh | 31 +++++++----------- scripts/start.sh | 1 + 10 files changed, 100 insertions(+), 37 deletions(-) diff --git a/.env b/.env index b1d81af5..99dbeebd 100644 --- a/.env +++ b/.env @@ -1,6 +1,6 @@ COMPOSE_PROJECT_NAME=kartozageoserver -IMAGE_VERSION=9.0-jdk11-openjdk-slim-buster +IMAGE_VERSION=9.0.65-jdk11-openjdk-slim-buster GS_VERSION=2.21.1 GEOSERVER_PORT=8600 # Build Arguments diff --git a/Dockerfile b/Dockerfile index 7d8750dc..7d31048b 100755 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,5 @@ #--------- Generic stuff all our Dockerfiles should start with so we get caching ------------ -ARG IMAGE_VERSION=9.0-jdk11-openjdk-slim-bullseye +ARG IMAGE_VERSION=9.0.65-jdk11-openjdk-slim-buster ARG JAVA_HOME=/usr/local/openjdk-11 FROM tomcat:$IMAGE_VERSION @@ -18,7 +18,7 @@ RUN set -eux; \ locales gnupg2 wget ca-certificates rpl pwgen software-properties-common iputils-ping \ apt-transport-https curl gettext fonts-cantarell lmodern ttf-aenigma \ ttf-bitstream-vera ttf-sjfonts tv-fonts libapr1-dev libssl-dev \ - wget zip unzip curl xsltproc certbot cabextract gettext postgresql-client figlet gosu; \ + wget zip unzip curl xsltproc certbot cabextract gettext postgresql-client figlet gosu gdal-bin; \ # Install gdal3 - bullseye doesn't build libgdal-java anymore so we can't upgrade curl https://deb.meteo.guru/velivole-keyring.asc | apt-key add - \ && echo "deb https://deb.meteo.guru/debian buster main" > /etc/apt/sources.list.d/meteo.guru.list \ diff --git a/build_data/web.xml b/build_data/web.xml index 8f667b5a..511cc3a6 100644 --- a/build_data/web.xml +++ b/build_data/web.xml @@ -461,13 +461,16 @@ - @@ -558,13 +561,12 @@ - + + + CorsFilter org.apache.catalina.filters.CorsFilter @@ -605,11 +611,12 @@ Access-Control-Allow-Origin,Access-Control-Allow-Credentials + CorsFilter /* - + diff --git a/docker-compose-build.yml b/docker-compose-build.yml index de05eb50..805208a7 100644 --- a/docker-compose-build.yml +++ b/docker-compose-build.yml @@ -34,4 +34,6 @@ services: - RECREATE_DATADIR=${RECREATE_DATADIR} - HTTP_PROXY_NAME - HTTP_PROXY_PORT + - STABLE_EXTENSIONS=${STABLE_EXTENSIONS} + - COMMUNITY_EXTENSIONS=${COMMUNITY_EXTENSIONS} diff --git a/docker-compose.yml b/docker-compose.yml index 85c198b6..bd68ce9c 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -35,6 +35,8 @@ services: - GEOSERVER_ADMIN_USER=${GEOSERVER_ADMIN_USER} - INITIAL_MEMORY=${INITIAL_MEMORY} - MAXIMUM_MEMORY=${MAXIMUM_MEMORY} + - STABLE_EXTENSIONS=${STABLE_EXTENSIONS} + - COMMUNITY_EXTENSIONS=${COMMUNITY_EXTENSIONS} depends_on: db: condition: service_healthy diff --git a/scripts/entrypoint.sh b/scripts/entrypoint.sh index 9d821d6f..e9f791d4 100644 --- a/scripts/entrypoint.sh +++ b/scripts/entrypoint.sh @@ -86,10 +86,10 @@ export JAVA_OPTS="${JAVA_OPTS} ${GEOSERVER_OPTS}" chown -R "${USER_NAME}":"${GEO_GROUP_NAME}" "${CATALINA_HOME}" "${FOOTPRINTS_DATA_DIR}" "${GEOSERVER_DATA_DIR}" \ "${CERT_DIR}" "${FONTS_DIR}" /home/"${USER_NAME}"/ "${COMMUNITY_PLUGINS_DIR}" "${STABLE_PLUGINS_DIR}" \ "${GEOSERVER_HOME}" "${EXTRA_CONFIG_DIR}" /usr/share/fonts/ /scripts /tomcat_apps.zip \ -/tmp/ "${GEOWEBCACHE_CACHE_DIR}";chmod o+rw "${CERT_DIR}" +/tmp/ "${GEOWEBCACHE_CACHE_DIR}";chmod o+rw "${CERT_DIR}";chmod 400 ${CATALINA_HOME}/conf/* if [[ -f ${GEOSERVER_HOME}/start.jar ]]; then - exec gosu ${USER_NAME} java "$JAVA_OPTS" -jar start.jar + exec gosu ${USER_NAME} ${GEOSERVER_HOME}/bin/startup.sh else exec gosu ${USER_NAME} /usr/local/tomcat/bin/catalina.sh run fi \ No newline at end of file diff --git a/scripts/env-data.sh b/scripts/env-data.sh index a4c5c25c..221f3b42 100644 --- a/scripts/env-data.sh +++ b/scripts/env-data.sh @@ -322,4 +322,6 @@ if [ -z "${FORCE_DOWNLOAD_COMMUNITY_EXTENSIONS}" ]; then FORCE_DOWNLOAD_COMMUNITY_EXTENSIONS=false fi - +if [ -z "${DISABLE_CORS}" ]; then + DISABLE_CORS=false +fi diff --git a/scripts/functions.sh b/scripts/functions.sh index d4438e50..5b7b0b99 100644 --- a/scripts/functions.sh +++ b/scripts/functions.sh @@ -80,6 +80,15 @@ function web_cors() { else # default values cp /build_data/web.xml "${CATALINA_HOME}"/conf/ + ### + # Deactivate CORS filter in web.xml if DISABLE_CORS=true + # Useful if CORS is handled outside of Tomcat (e.g. in a proxying webserver like nginx) + ### + if [[ "${DISABLE_CORS}" =~ [Tt][Rr][Uu][Ee] ]]; then + echo "Deactivating Tomcat CORS filter" + sed 's/\n/-->/' \ + ${CATALINA_HOME}/conf/web.xml + fi fi fi } @@ -111,21 +120,70 @@ function download_extension() { } +function validate_geo_install() { + DATA_PATH=$1 + # Check if geoserver is installed early so that we can fail early on + if [[ $(ls -A ${DATA_PATH}) ]]; then + echo "GeoServer install dir exist proceed with install" + else + exit 1 + fi + +} + + + +function unzip_geoserver() { + if [[ -f /tmp/geoserver/geoserver.war ]]; then + unzip /tmp/geoserver/geoserver.war -d "${CATALINA_HOME}"/webapps/geoserver && + validate_geo_install "${CATALINA_HOME}"/webapps/geoserver && \ + cp -r "${CATALINA_HOME}"/webapps/geoserver/data "${CATALINA_HOME}" && + mv "${CATALINA_HOME}"/data/security "${CATALINA_HOME}" && + rm -rf "${CATALINA_HOME}"/webapps/geoserver/data && + mv "${CATALINA_HOME}"/webapps/geoserver/WEB-INF/lib/postgresql-* "${CATALINA_HOME}"/postgres_config/ && + rm -rf /tmp/geoserver +else + cp -r /tmp/geoserver/* "${GEOSERVER_HOME}"/ && \ + validate_geo_install "${GEOSERVER_HOME}"/ && \ + cp -r "${GEOSERVER_HOME}"/data_dir "${CATALINA_HOME}"/data && + mv "${CATALINA_HOME}"/data/security "${CATALINA_HOME}" +fi + +} + + + # A little logic that will fetch the geoserver war zip file if it is not available locally in the resources dir -function download_geoserver() { +function package_geoserver() { -if [[ ! -f /tmp/resources/geoserver-${GS_VERSION}.zip ]]; then +if [[ ! -f /tmp/resources/geoserver-${GS_VERSION}.zip ]] || [[ ! -f /tmp/resources/geoserver-${GS_VERSION}-bin.zip ]]; then if [[ "${WAR_URL}" == *\.zip ]]; then - destination=/tmp/resources/geoserver-${GS_VERSION}.zip - ${request} "${WAR_URL}" -O "${destination}" - unzip /tmp/resources/geoserver-"${GS_VERSION}".zip -d /tmp/geoserver + if [[ "${WAR_URL}" == *\bin.zip ]];then + destination=/tmp/resources/geoserver-${GS_VERSION}-bin.zip + ${request} "${WAR_URL}" -O "${destination}" + unzip /tmp/resources/geoserver-${GS_VERSION}-bin.zip -d /tmp/geoserver && \ + unzip_geoserver + else + destination=/tmp/resources/geoserver-${GS_VERSION}.zip + ${request} "${WAR_URL}" -O "${destination}" + unzip /tmp/resources/geoserver-"${GS_VERSION}".zip -d /tmp/geoserver && \ + unzip_geoserver + fi else destination=/tmp/geoserver/geoserver.war mkdir -p /tmp/geoserver/ && ${request} "${WAR_URL}" -O ${destination} fi else - unzip /tmp/resources/geoserver-"${GS_VERSION}".zip -d /tmp/geoserver + if [[ -f /tmp/resources/geoserver-${GS_VERSION}.zip ]];then + unzip /tmp/resources/geoserver-"${GS_VERSION}".zip -d /tmp/geoserver && \ + unzip_geoserver + + elif [[ -f /tmp/resources/geoserver-${GS_VERSION}-bin.zip ]];then + unzip /tmp/resources/geoserver-"${GS_VERSION}".zip -d /tmp/geoserver && \ + unzip_geoserver + + fi fi } diff --git a/scripts/setup.sh b/scripts/setup.sh index db674c00..94862ccd 100644 --- a/scripts/setup.sh +++ b/scripts/setup.sh @@ -5,12 +5,20 @@ source /scripts/env-data.sh source /scripts/functions.sh resources_dir="/tmp/resources" +GS_VERSION=$(cat /scripts/geoserver_version.txt) create_dir ${resources_dir}/plugins/gdal create_dir /usr/share/fonts/opentype create_dir /tomcat_apps create_dir "${CATALINA_HOME}"/postgres_config create_dir "${STABLE_PLUGINS_DIR}" create_dir "${COMMUNITY_PLUGINS_DIR}" +create_dir "${GEOSERVER_HOME}" + +pushd "${CATALINA_HOME}" || exit + + +# Download geoserver and install it +package_geoserver # Copy config files cp /build_data/stable_plugins.txt /stable_plugins && cp /build_data/community_plugins.txt /community_plugins && \ @@ -75,33 +83,16 @@ done # Install libjpeg-turbo +system_architecture=$(dpkg --print-architecture) if [[ ! -f ${resources_dir}/libjpeg-turbo-official_2.1.3_amd64.deb ]]; then - validate_url https://liquidtelecom.dl.sourceforge.net/project/libjpeg-turbo/2.1.3/libjpeg-turbo-official_2.1.3_amd64.deb \ + validate_url https://tenet.dl.sourceforge.net/project/libjpeg-turbo/2.1.4/libjpeg-turbo-official_2.1.4_${system_architecture}.deb \ '-P /tmp/resources/' fi -dpkg -i ${resources_dir}/libjpeg-turbo-official_2.1.3_amd64.deb +dpkg -i ${resources_dir}/libjpeg-turbo-official_2.1.4_${system_architecture}.deb pushd "${CATALINA_HOME}" || exit -# Download geoserver -download_geoserver - -# Install geoserver in the tomcat dir -if [[ -f /tmp/geoserver/geoserver.war ]]; then - unzip /tmp/geoserver/geoserver.war -d "${CATALINA_HOME}"/webapps/geoserver && - cp -r "${CATALINA_HOME}"/webapps/geoserver/data "${CATALINA_HOME}" && - mv "${CATALINA_HOME}"/data/security "${CATALINA_HOME}" && - rm -rf "${CATALINA_HOME}"/webapps/geoserver/data && - mv "${CATALINA_HOME}"/webapps/geoserver/WEB-INF/lib/postgresql-* "${CATALINA_HOME}"/postgres_config/ && - rm -rf /tmp/geoserver -else - cp -r /tmp/geoserver/* "${GEOSERVER_HOME}"/ && - cp -r "${GEOSERVER_HOME}"/webapps/geoserver "${CATALINA_HOME}"/webapps/geoserver && - cp -r "${GEOSERVER_HOME}"/data_dir "${CATALINA_HOME}"/data && - mv "${CATALINA_HOME}"/data/security "${CATALINA_HOME}" -fi - # Install GeoServer plugins in correct install dir if [[ -f ${GEOSERVER_HOME}/start.jar ]]; then GEOSERVER_INSTALL_DIR=${GEOSERVER_HOME} diff --git a/scripts/start.sh b/scripts/start.sh index 60e1bbfc..eb2a9ca6 100644 --- a/scripts/start.sh +++ b/scripts/start.sh @@ -433,3 +433,4 @@ if [[ -z "${EXISTING_DATA_DIR}" ]]; then fi setup_logging +