mirror of
https://github.com/1C-Company/docker_fresh.git
synced 2025-03-17 20:47:56 +02:00
change clrf to lf
This commit is contained in:
parent
e09f63a6b4
commit
28308b42fc
@ -1,36 +1,36 @@
|
||||
FROM fresh/centos
|
||||
|
||||
ADD ./distr/license-tools /tmp/license-tools
|
||||
ADD ./distr/*.rpm /tmp/core/
|
||||
|
||||
RUN yum -y localinstall /tmp/core/*.rpm; \
|
||||
rm -rf /tmp/core; \
|
||||
sed -i '/User apache/ s//User usr1cv8/g' /etc/httpd/conf/httpd.conf; \
|
||||
sed -i '/Group apache/ s//Group grp1cv8/g' /etc/httpd/conf/httpd.conf; \
|
||||
sed -i '/#ServerName www.example.com:80/ s//ServerName localhost/g' /etc/httpd/conf/httpd.conf; \
|
||||
yum -y install x11vnc metacity net-tools gdb perl tar git jq; \
|
||||
yum -y install https://centos7.iuscommunity.org/ius-release.rpm; \
|
||||
yum -y --setopt=tsflags=nodocs install python36u python36u-devel python36u-pip; \
|
||||
yum -y install java-1.8.0-openjdk; \
|
||||
cert-sync /etc/pki/tls/certs/ca-bundle.crt; \
|
||||
oscript /usr/share/oscript/lib/opm/src/cmd/opm.os install deployka; \
|
||||
chmod +x /usr/bin/deployka; \
|
||||
chmod +x /tmp/license-tools/1ce-installer-cli; /tmp/license-tools/1ce-installer-cli install
|
||||
|
||||
ADD ./conf/conf.cfg /opt/1C/v8.3/x86_64/conf/
|
||||
ADD ./conf/logcfg.xml /opt/1C/v8.3/x86_64/conf/
|
||||
|
||||
ENV COREDATA /var/lib/1c/data
|
||||
ENV CORELOGS /var/log/1c
|
||||
ENV AGENTBASEDIR /var/lib/1c/agent_data
|
||||
ENV INFOBASECONNECTIONSTRING ""
|
||||
|
||||
VOLUME ["${COREDATA}", "${CORELOGS}", "${AGENTBASEDIR}"]
|
||||
|
||||
ADD ./entrypoint.sh /
|
||||
RUN chmod +x /entrypoint.sh
|
||||
|
||||
ADD ./dumper.py /usr/bin/dumper
|
||||
RUN chmod +x /usr/bin/dumper
|
||||
|
||||
FROM fresh/centos
|
||||
|
||||
ADD ./distr/license-tools /tmp/license-tools
|
||||
ADD ./distr/*.rpm /tmp/core/
|
||||
|
||||
RUN yum -y localinstall /tmp/core/*.rpm; \
|
||||
rm -rf /tmp/core; \
|
||||
sed -i '/User apache/ s//User usr1cv8/g' /etc/httpd/conf/httpd.conf; \
|
||||
sed -i '/Group apache/ s//Group grp1cv8/g' /etc/httpd/conf/httpd.conf; \
|
||||
sed -i '/#ServerName www.example.com:80/ s//ServerName localhost/g' /etc/httpd/conf/httpd.conf; \
|
||||
yum -y install x11vnc metacity net-tools gdb perl tar git jq; \
|
||||
yum -y install https://centos7.iuscommunity.org/ius-release.rpm; \
|
||||
yum -y --setopt=tsflags=nodocs install python36u python36u-devel python36u-pip; \
|
||||
yum -y install java-1.8.0-openjdk; \
|
||||
cert-sync /etc/pki/tls/certs/ca-bundle.crt; \
|
||||
oscript /usr/share/oscript/lib/opm/src/cmd/opm.os install deployka; \
|
||||
chmod +x /usr/bin/deployka; \
|
||||
chmod +x /tmp/license-tools/1ce-installer-cli; /tmp/license-tools/1ce-installer-cli install
|
||||
|
||||
ADD ./conf/conf.cfg /opt/1C/v8.3/x86_64/conf/
|
||||
ADD ./conf/logcfg.xml /opt/1C/v8.3/x86_64/conf/
|
||||
|
||||
ENV COREDATA /var/lib/1c/data
|
||||
ENV CORELOGS /var/log/1c
|
||||
ENV AGENTBASEDIR /var/lib/1c/agent_data
|
||||
ENV INFOBASECONNECTIONSTRING ""
|
||||
|
||||
VOLUME ["${COREDATA}", "${CORELOGS}", "${AGENTBASEDIR}"]
|
||||
|
||||
ADD ./entrypoint.sh /
|
||||
RUN chmod +x /entrypoint.sh
|
||||
|
||||
ADD ./dumper.py /usr/bin/dumper
|
||||
RUN chmod +x /usr/bin/dumper
|
||||
|
||||
ENTRYPOINT ["/entrypoint.sh"]
|
@ -1,2 +1,2 @@
|
||||
SystemLanguage=System
|
||||
SystemLanguage=System
|
||||
DisableUnsafeActionProtection=.*
|
@ -1,17 +1,17 @@
|
||||
<config xmlns="http://v8.1c.ru/v8/tech-log">
|
||||
<dump location="/var/log/1c/dumps" create="1" type="3"/>
|
||||
<log location="/var/log/1c/excp" history="1">
|
||||
<event>
|
||||
<eq property="name" value="EXCP"/>
|
||||
</event>
|
||||
<property name="all">
|
||||
</property>
|
||||
</log>
|
||||
<system level="Trace" class="OID2Log" />
|
||||
<log location="/var/log/1c/openid" history="1">
|
||||
<event>
|
||||
<eq property="class" value="OID2Log" />
|
||||
</event>
|
||||
<property name="all" />
|
||||
</log>
|
||||
</config>
|
||||
<config xmlns="http://v8.1c.ru/v8/tech-log">
|
||||
<dump location="/var/log/1c/dumps" create="1" type="3"/>
|
||||
<log location="/var/log/1c/excp" history="1">
|
||||
<event>
|
||||
<eq property="name" value="EXCP"/>
|
||||
</event>
|
||||
<property name="all">
|
||||
</property>
|
||||
</log>
|
||||
<system level="Trace" class="OID2Log" />
|
||||
<log location="/var/log/1c/openid" history="1">
|
||||
<event>
|
||||
<eq property="class" value="OID2Log" />
|
||||
</event>
|
||||
<property name="all" />
|
||||
</log>
|
||||
</config>
|
||||
|
@ -1,174 +1,174 @@
|
||||
#!/usr/bin/python3
|
||||
# -*- coding: utf-8 -*-
|
||||
|
||||
import glob
|
||||
import re
|
||||
import os
|
||||
import sys
|
||||
import subprocess
|
||||
import urllib
|
||||
import json
|
||||
import time
|
||||
import uuid
|
||||
|
||||
|
||||
# define regexps
|
||||
regex_process_pid = re.compile(r'/([^/.]+?)\.(\d+?)\.(\d+?)\.core')
|
||||
regex_offset = re.compile(r'#0\s+?([\dxa-f]+?)\s')
|
||||
regex_extension_replacement = re.compile(r'\.zip$')
|
||||
regex_extension_replacement2 = re.compile(r'\.core$')
|
||||
|
||||
|
||||
# BEGIN helper functions------------------------------------------------------------------------------------------------
|
||||
|
||||
def write_to_log(msg):
|
||||
msg = time.ctime() + ' ' + msg
|
||||
print(msg)
|
||||
|
||||
|
||||
def run_shell(cmd):
|
||||
pipe = subprocess.PIPE
|
||||
p = subprocess.Popen(cmd, shell=True, stdin=pipe, stdout=pipe, stderr=pipe, close_fds=True, cwd='/')
|
||||
return p.stdout.read(), p.stderr.read()
|
||||
|
||||
|
||||
def run_shell_get_result(cmd):
|
||||
result = subprocess.call(cmd, shell=True)
|
||||
return result
|
||||
|
||||
|
||||
def check_size_static(core_file):
|
||||
size_1 = os.path.getsize(core_file)
|
||||
time.sleep(5)
|
||||
size_2 = os.path.getsize(core_file)
|
||||
return size_1 == size_2
|
||||
|
||||
# END helper functions--------------------------------------------------------------------------------------------------
|
||||
|
||||
# BEGIN prepare date----------------------------------------------------------------------------------------------------
|
||||
|
||||
|
||||
def get_pid_process_ctime(core_file):
|
||||
rez = regex_process_pid.search(core_file)
|
||||
process = rez.groups()[0]
|
||||
ctime = rez.groups()[1]
|
||||
pid = rez.groups()[2]
|
||||
return process, ctime, pid
|
||||
|
||||
|
||||
def get_platform_offset(core_file, process):
|
||||
# run gdb for getting offset of core
|
||||
cmd = 'echo -e "bt\nexit" | gdb /opt/1C/v8.3/x86_64/' + process + ' ' + core_file
|
||||
(gdb_result, gdb_error) = run_shell(cmd)
|
||||
|
||||
if not gdb_result:
|
||||
offset = '000000000000'
|
||||
platform = '8.3.0.0000'
|
||||
write_to_log('cant work with gdb: ' + gdb_error)
|
||||
else:
|
||||
rez = regex_offset.search(gdb_result)
|
||||
if rez is None:
|
||||
offset = '000000000000'
|
||||
else:
|
||||
offset = rez.groups()[0]
|
||||
offset = offset[6:-1]
|
||||
# getting platform version
|
||||
cmd = 'strings /opt/1C/v8.3/x86_64/' + process + """ | grep -oP '[8-9]\.[3-90]\.\d\d?\.\d{2,4}' """
|
||||
(ver_result, ver_error) = run_shell(cmd)
|
||||
if ver_result:
|
||||
platform = ver_result.strip()
|
||||
else:
|
||||
platform = '8.3.0.0000'
|
||||
return platform, offset
|
||||
|
||||
|
||||
def get_creation_date_string(ctime):
|
||||
ctime_sturct = time.localtime(int(ctime))
|
||||
ctime_string = '_%.4d%.2d%.2d%.2d%.2d%.2d_' % (ctime_sturct[0], ctime_sturct[1], ctime_sturct[2], ctime_sturct[3],
|
||||
ctime_sturct[4], ctime_sturct[5])
|
||||
creation_date = '%.4d-%.2d-%.2dT%.2d:%.2d:%.2d' % (ctime_sturct[0], ctime_sturct[1], ctime_sturct[2],
|
||||
ctime_sturct[3], ctime_sturct[4], ctime_sturct[5])
|
||||
return ctime_string, creation_date
|
||||
|
||||
|
||||
def get_file_name(process, platform, offset, ctime_string, pid):
|
||||
return process + '_' + platform + '_' + offset + ctime_string + pid + '.core'
|
||||
|
||||
|
||||
def get_file_size_hostname(core_file):
|
||||
file_size = os.path.getsize(core_file)
|
||||
hostname = os.uname()[1]
|
||||
return file_size, hostname
|
||||
|
||||
|
||||
def make_libs_tar(core_file, process):
|
||||
if os.path.exists(libs_file):
|
||||
os.remove(libs_file)
|
||||
cmd = """echo -e "info shared\nq" | """
|
||||
cmd += """ gdb /opt/1C/v8.3/x86_64/""" + process + " " + core_file + """ 2>/dev/null | """
|
||||
cmd += """ grep 0x0000 | grep -v /opt/1C/v8.3 | grep -v ?? | perl -alne 'print $F[-1]' | """
|
||||
cmd += """ while read file; do tar --dereference --append -f """ + libs_file + """ $file 2> /dev/null ; done"""
|
||||
stdout, stderr = run_shell(cmd)
|
||||
|
||||
# Если стек не раскрылся, то создадим пустой файл
|
||||
if not os.path.exists(libs_file):
|
||||
cmd = 'touch ' + libs_file
|
||||
run_shell_get_result(cmd)
|
||||
|
||||
if stderr:
|
||||
write_to_log('cant work with gdb and make libs tar, result: ' + str(stderr))
|
||||
|
||||
if os.path.getsize(libs_file) == 0:
|
||||
write_to_log('libs_file size = 0.')
|
||||
|
||||
|
||||
def change_extension(core_gz_file):
|
||||
core_gz_file = regex_extension_replacement.sub('.tar.gz', core_gz_file)
|
||||
return regex_extension_replacement2.sub('.tar.gz', core_gz_file)
|
||||
|
||||
# END prepare date------------------------------------------------------------------------------------------------------
|
||||
|
||||
|
||||
def gz_core_file(core_file, file_name):
|
||||
# Костыль, меняем расшинерие на gz
|
||||
core_gz_file = os.path.basename(file_name)
|
||||
core_gz_file = change_extension(core_gz_file)
|
||||
|
||||
# Зипуем
|
||||
cmd = 'cd {} && mv {} {} && '.format(cores_dir, core_file, file_name)
|
||||
cmd += 'tar -czf {} {} {} 2>/dev/null && '.format(core_gz_file, file_name, libs_short_file)
|
||||
cmd += 'rm -f {} && rm -f {}'.format(file_name, libs_short_file)
|
||||
rez = run_shell_get_result(cmd)
|
||||
|
||||
# Если не получилось загзиповать, то выходим из процедуры
|
||||
if rez:
|
||||
write_to_log('cant work with tar')
|
||||
return
|
||||
|
||||
# BEGIN main program ---------------------------------------------------------------------------------------------------
|
||||
|
||||
|
||||
def work_with_dump(core_file):
|
||||
|
||||
while not check_size_static(core_file):
|
||||
print('{} file size: {}'.format(core_file, os.path.getsize(core_file)))
|
||||
|
||||
process, ctime, pid = get_pid_process_ctime(core_file)
|
||||
platform, offset = get_platform_offset(core_file, process)
|
||||
ctime_string, creation_date = get_creation_date_string(ctime)
|
||||
make_libs_tar(core_file, process)
|
||||
|
||||
file_name = get_file_name(process, platform, offset, ctime_string, pid)
|
||||
gz_core_file(core_file, file_name)
|
||||
|
||||
|
||||
cores_dir = '/tmp/cores/' # директория в которой должны лежать дампы
|
||||
libs_short_file = 'libs.tar'
|
||||
libs_file = os.path.join(cores_dir, 'libs.tar')
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
# finding core files
|
||||
cores_path = cores_dir + '*.core*'
|
||||
for file in glob.glob(cores_path):
|
||||
#!/usr/bin/python3
|
||||
# -*- coding: utf-8 -*-
|
||||
|
||||
import glob
|
||||
import re
|
||||
import os
|
||||
import sys
|
||||
import subprocess
|
||||
import urllib
|
||||
import json
|
||||
import time
|
||||
import uuid
|
||||
|
||||
|
||||
# define regexps
|
||||
regex_process_pid = re.compile(r'/([^/.]+?)\.(\d+?)\.(\d+?)\.core')
|
||||
regex_offset = re.compile(r'#0\s+?([\dxa-f]+?)\s')
|
||||
regex_extension_replacement = re.compile(r'\.zip$')
|
||||
regex_extension_replacement2 = re.compile(r'\.core$')
|
||||
|
||||
|
||||
# BEGIN helper functions------------------------------------------------------------------------------------------------
|
||||
|
||||
def write_to_log(msg):
|
||||
msg = time.ctime() + ' ' + msg
|
||||
print(msg)
|
||||
|
||||
|
||||
def run_shell(cmd):
|
||||
pipe = subprocess.PIPE
|
||||
p = subprocess.Popen(cmd, shell=True, stdin=pipe, stdout=pipe, stderr=pipe, close_fds=True, cwd='/')
|
||||
return p.stdout.read(), p.stderr.read()
|
||||
|
||||
|
||||
def run_shell_get_result(cmd):
|
||||
result = subprocess.call(cmd, shell=True)
|
||||
return result
|
||||
|
||||
|
||||
def check_size_static(core_file):
|
||||
size_1 = os.path.getsize(core_file)
|
||||
time.sleep(5)
|
||||
size_2 = os.path.getsize(core_file)
|
||||
return size_1 == size_2
|
||||
|
||||
# END helper functions--------------------------------------------------------------------------------------------------
|
||||
|
||||
# BEGIN prepare date----------------------------------------------------------------------------------------------------
|
||||
|
||||
|
||||
def get_pid_process_ctime(core_file):
|
||||
rez = regex_process_pid.search(core_file)
|
||||
process = rez.groups()[0]
|
||||
ctime = rez.groups()[1]
|
||||
pid = rez.groups()[2]
|
||||
return process, ctime, pid
|
||||
|
||||
|
||||
def get_platform_offset(core_file, process):
|
||||
# run gdb for getting offset of core
|
||||
cmd = 'echo -e "bt\nexit" | gdb /opt/1C/v8.3/x86_64/' + process + ' ' + core_file
|
||||
(gdb_result, gdb_error) = run_shell(cmd)
|
||||
|
||||
if not gdb_result:
|
||||
offset = '000000000000'
|
||||
platform = '8.3.0.0000'
|
||||
write_to_log('cant work with gdb: ' + gdb_error)
|
||||
else:
|
||||
rez = regex_offset.search(gdb_result)
|
||||
if rez is None:
|
||||
offset = '000000000000'
|
||||
else:
|
||||
offset = rez.groups()[0]
|
||||
offset = offset[6:-1]
|
||||
# getting platform version
|
||||
cmd = 'strings /opt/1C/v8.3/x86_64/' + process + """ | grep -oP '[8-9]\.[3-90]\.\d\d?\.\d{2,4}' """
|
||||
(ver_result, ver_error) = run_shell(cmd)
|
||||
if ver_result:
|
||||
platform = ver_result.strip()
|
||||
else:
|
||||
platform = '8.3.0.0000'
|
||||
return platform, offset
|
||||
|
||||
|
||||
def get_creation_date_string(ctime):
|
||||
ctime_sturct = time.localtime(int(ctime))
|
||||
ctime_string = '_%.4d%.2d%.2d%.2d%.2d%.2d_' % (ctime_sturct[0], ctime_sturct[1], ctime_sturct[2], ctime_sturct[3],
|
||||
ctime_sturct[4], ctime_sturct[5])
|
||||
creation_date = '%.4d-%.2d-%.2dT%.2d:%.2d:%.2d' % (ctime_sturct[0], ctime_sturct[1], ctime_sturct[2],
|
||||
ctime_sturct[3], ctime_sturct[4], ctime_sturct[5])
|
||||
return ctime_string, creation_date
|
||||
|
||||
|
||||
def get_file_name(process, platform, offset, ctime_string, pid):
|
||||
return process + '_' + platform + '_' + offset + ctime_string + pid + '.core'
|
||||
|
||||
|
||||
def get_file_size_hostname(core_file):
|
||||
file_size = os.path.getsize(core_file)
|
||||
hostname = os.uname()[1]
|
||||
return file_size, hostname
|
||||
|
||||
|
||||
def make_libs_tar(core_file, process):
|
||||
if os.path.exists(libs_file):
|
||||
os.remove(libs_file)
|
||||
cmd = """echo -e "info shared\nq" | """
|
||||
cmd += """ gdb /opt/1C/v8.3/x86_64/""" + process + " " + core_file + """ 2>/dev/null | """
|
||||
cmd += """ grep 0x0000 | grep -v /opt/1C/v8.3 | grep -v ?? | perl -alne 'print $F[-1]' | """
|
||||
cmd += """ while read file; do tar --dereference --append -f """ + libs_file + """ $file 2> /dev/null ; done"""
|
||||
stdout, stderr = run_shell(cmd)
|
||||
|
||||
# Если стек не раскрылся, то создадим пустой файл
|
||||
if not os.path.exists(libs_file):
|
||||
cmd = 'touch ' + libs_file
|
||||
run_shell_get_result(cmd)
|
||||
|
||||
if stderr:
|
||||
write_to_log('cant work with gdb and make libs tar, result: ' + str(stderr))
|
||||
|
||||
if os.path.getsize(libs_file) == 0:
|
||||
write_to_log('libs_file size = 0.')
|
||||
|
||||
|
||||
def change_extension(core_gz_file):
|
||||
core_gz_file = regex_extension_replacement.sub('.tar.gz', core_gz_file)
|
||||
return regex_extension_replacement2.sub('.tar.gz', core_gz_file)
|
||||
|
||||
# END prepare date------------------------------------------------------------------------------------------------------
|
||||
|
||||
|
||||
def gz_core_file(core_file, file_name):
|
||||
# Костыль, меняем расшинерие на gz
|
||||
core_gz_file = os.path.basename(file_name)
|
||||
core_gz_file = change_extension(core_gz_file)
|
||||
|
||||
# Зипуем
|
||||
cmd = 'cd {} && mv {} {} && '.format(cores_dir, core_file, file_name)
|
||||
cmd += 'tar -czf {} {} {} 2>/dev/null && '.format(core_gz_file, file_name, libs_short_file)
|
||||
cmd += 'rm -f {} && rm -f {}'.format(file_name, libs_short_file)
|
||||
rez = run_shell_get_result(cmd)
|
||||
|
||||
# Если не получилось загзиповать, то выходим из процедуры
|
||||
if rez:
|
||||
write_to_log('cant work with tar')
|
||||
return
|
||||
|
||||
# BEGIN main program ---------------------------------------------------------------------------------------------------
|
||||
|
||||
|
||||
def work_with_dump(core_file):
|
||||
|
||||
while not check_size_static(core_file):
|
||||
print('{} file size: {}'.format(core_file, os.path.getsize(core_file)))
|
||||
|
||||
process, ctime, pid = get_pid_process_ctime(core_file)
|
||||
platform, offset = get_platform_offset(core_file, process)
|
||||
ctime_string, creation_date = get_creation_date_string(ctime)
|
||||
make_libs_tar(core_file, process)
|
||||
|
||||
file_name = get_file_name(process, platform, offset, ctime_string, pid)
|
||||
gz_core_file(core_file, file_name)
|
||||
|
||||
|
||||
cores_dir = '/tmp/cores/' # директория в которой должны лежать дампы
|
||||
libs_short_file = 'libs.tar'
|
||||
libs_file = os.path.join(cores_dir, 'libs.tar')
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
# finding core files
|
||||
cores_path = cores_dir + '*.core*'
|
||||
for file in glob.glob(cores_path):
|
||||
work_with_dump(file)
|
@ -13,4 +13,3 @@ tar -xvf client_$DISTR_FILE_VERSION.rpm64.tar.gz $client_file_name -C /main_dir/
|
||||
tar -xvf rpm64_$DISTR_FILE_VERSION.tar.gz $common_file_name $server_file_name $ws_file_name -C /main_dir/distr
|
||||
|
||||
tar -xvf rpm64_$DISTR_FILE_VERSION.tar.gz "license-tools" -C /main_dir/distr/
|
||||
|
||||
|
@ -1,12 +1,12 @@
|
||||
FROM tomcat:7.0-jre8-alpine
|
||||
|
||||
ENV JAVA_OPTS "${JAVA_OPTS} -Xms512m -Xmx1024m -XX:+UseParallelGC -server"
|
||||
|
||||
RUN rm -rf /usr/local/tomcat/webapps/* && \
|
||||
mkdir -p /var/www/forum/{mess_files,logo}
|
||||
|
||||
COPY ./distr/forum/ROOT.war /usr/local/tomcat/webapps/
|
||||
|
||||
EXPOSE 8080
|
||||
|
||||
FROM tomcat:7.0-jre8-alpine
|
||||
|
||||
ENV JAVA_OPTS "${JAVA_OPTS} -Xms512m -Xmx1024m -XX:+UseParallelGC -server"
|
||||
|
||||
RUN rm -rf /usr/local/tomcat/webapps/* && \
|
||||
mkdir -p /var/www/forum/{mess_files,logo}
|
||||
|
||||
COPY ./distr/forum/ROOT.war /usr/local/tomcat/webapps/
|
||||
|
||||
EXPOSE 8080
|
||||
|
||||
CMD ["bin/catalina.sh", "run"]
|
@ -1,50 +1,50 @@
|
||||
<?xml version='1.0' encoding='utf-8'?>
|
||||
<!--
|
||||
Licensed to the Apache Software Foundation (ASF) under one or more
|
||||
contributor license agreements. See the NOTICE file distributed with
|
||||
this work for additional information regarding copyright ownership.
|
||||
The ASF licenses this file to You under the Apache License, Version 2.0
|
||||
(the "License"); you may not use this file except in compliance with
|
||||
the License. You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
-->
|
||||
<!-- The contents of this file will be loaded for each web application -->
|
||||
<Context>
|
||||
|
||||
<Resource
|
||||
name="jdbc/freshForumDS"
|
||||
auth="Container"
|
||||
type="javax.sql.DataSource"
|
||||
driverClassName="org.postgresql.Driver"
|
||||
url="jdbc:postgresql://db:5432/forum"
|
||||
username="forum"
|
||||
password="12345Qwerty"
|
||||
removeAbandoned="true"
|
||||
removeAbandonedTimeout="90"
|
||||
logAbandoned="true"
|
||||
maxActive="30"
|
||||
maxIdle="20"
|
||||
maxWait="-1"/>
|
||||
|
||||
<!-- Default set of monitored resources -->
|
||||
<WatchedResource>WEB-INF/web.xml</WatchedResource>
|
||||
|
||||
<!-- Uncomment this to disable session persistence across Tomcat restarts -->
|
||||
<!--
|
||||
<Manager pathname="" />
|
||||
-->
|
||||
|
||||
<!-- Uncomment this to enable Comet connection tacking (provides events
|
||||
on session expiration as well as webapp lifecycle) -->
|
||||
<!--
|
||||
<Valve className="org.apache.catalina.valves.CometConnectionManagerValve" />
|
||||
-->
|
||||
|
||||
<?xml version='1.0' encoding='utf-8'?>
|
||||
<!--
|
||||
Licensed to the Apache Software Foundation (ASF) under one or more
|
||||
contributor license agreements. See the NOTICE file distributed with
|
||||
this work for additional information regarding copyright ownership.
|
||||
The ASF licenses this file to You under the Apache License, Version 2.0
|
||||
(the "License"); you may not use this file except in compliance with
|
||||
the License. You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
-->
|
||||
<!-- The contents of this file will be loaded for each web application -->
|
||||
<Context>
|
||||
|
||||
<Resource
|
||||
name="jdbc/freshForumDS"
|
||||
auth="Container"
|
||||
type="javax.sql.DataSource"
|
||||
driverClassName="org.postgresql.Driver"
|
||||
url="jdbc:postgresql://db:5432/forum"
|
||||
username="forum"
|
||||
password="12345Qwerty"
|
||||
removeAbandoned="true"
|
||||
removeAbandonedTimeout="90"
|
||||
logAbandoned="true"
|
||||
maxActive="30"
|
||||
maxIdle="20"
|
||||
maxWait="-1"/>
|
||||
|
||||
<!-- Default set of monitored resources -->
|
||||
<WatchedResource>WEB-INF/web.xml</WatchedResource>
|
||||
|
||||
<!-- Uncomment this to disable session persistence across Tomcat restarts -->
|
||||
<!--
|
||||
<Manager pathname="" />
|
||||
-->
|
||||
|
||||
<!-- Uncomment this to enable Comet connection tacking (provides events
|
||||
on session expiration as well as webapp lifecycle) -->
|
||||
<!--
|
||||
<Valve className="org.apache.catalina.valves.CometConnectionManagerValve" />
|
||||
-->
|
||||
|
||||
</Context>
|
@ -1,147 +1,147 @@
|
||||
<?xml version='1.0' encoding='utf-8'?>
|
||||
<!--
|
||||
Licensed to the Apache Software Foundation (ASF) under one or more
|
||||
contributor license agreements. See the NOTICE file distributed with
|
||||
this work for additional information regarding copyright ownership.
|
||||
The ASF licenses this file to You under the Apache License, Version 2.0
|
||||
(the "License"); you may not use this file except in compliance with
|
||||
the License. You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
-->
|
||||
<!-- Note: A "Server" is not itself a "Container", so you may not
|
||||
define subcomponents such as "Valves" at this level.
|
||||
Documentation at /docs/config/server.html
|
||||
-->
|
||||
<Server port="8005" shutdown="SHUTDOWN">
|
||||
<Listener className="org.apache.catalina.startup.VersionLoggerListener" />
|
||||
<!-- Security listener. Documentation at /docs/config/listeners.html
|
||||
<Listener className="org.apache.catalina.security.SecurityListener" />
|
||||
-->
|
||||
<!--APR library loader. Documentation at /docs/apr.html -->
|
||||
<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
|
||||
<!--Initialize Jasper prior to webapps are loaded. Documentation at /docs/jasper-howto.html -->
|
||||
<Listener className="org.apache.catalina.core.JasperListener" />
|
||||
<!-- Prevent memory leaks due to use of particular java/javax APIs-->
|
||||
<Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
|
||||
<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
|
||||
<Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
|
||||
|
||||
<!-- Global JNDI resources
|
||||
Documentation at /docs/jndi-resources-howto.html
|
||||
-->
|
||||
<GlobalNamingResources>
|
||||
<!-- Editable user database that can also be used by
|
||||
UserDatabaseRealm to authenticate users
|
||||
-->
|
||||
<Resource name="UserDatabase" auth="Container"
|
||||
type="org.apache.catalina.UserDatabase"
|
||||
description="User database that can be updated and saved"
|
||||
factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
|
||||
pathname="conf/tomcat-users.xml" />
|
||||
</GlobalNamingResources>
|
||||
|
||||
<!-- A "Service" is a collection of one or more "Connectors" that share
|
||||
a single "Container" Note: A "Service" is not itself a "Container",
|
||||
so you may not define subcomponents such as "Valves" at this level.
|
||||
Documentation at /docs/config/service.html
|
||||
-->
|
||||
<Service name="Catalina">
|
||||
|
||||
<!--The connectors can use a shared executor, you can define one or more named thread pools-->
|
||||
<!--
|
||||
<Executor name="tomcatThreadPool" namePrefix="catalina-exec-"
|
||||
maxThreads="150" minSpareThreads="4"/>
|
||||
-->
|
||||
|
||||
|
||||
<!-- A "Connector" represents an endpoint by which requests are received
|
||||
and responses are returned. Documentation at :
|
||||
Java HTTP Connector: /docs/config/http.html (blocking & non-blocking)
|
||||
Java AJP Connector: /docs/config/ajp.html
|
||||
APR (HTTP/AJP) Connector: /docs/apr.html
|
||||
Define a non-SSL HTTP/1.1 Connector on port 8080
|
||||
-->
|
||||
<Connector port="8080" protocol="HTTP/1.1"
|
||||
connectionTimeout="20000"
|
||||
redirectPort="8443"
|
||||
proxyPort="443"
|
||||
scheme="https"
|
||||
secure="true"/>
|
||||
<!-- A "Connector" using the shared thread pool-->
|
||||
<!--
|
||||
<Connector executor="tomcatThreadPool"
|
||||
port="8080" protocol="HTTP/1.1"
|
||||
connectionTimeout="20000"
|
||||
redirectPort="8443" />
|
||||
-->
|
||||
<!-- Define a SSL HTTP/1.1 Connector on port 8443
|
||||
This connector uses the BIO implementation that requires the JSSE
|
||||
style configuration. When using the APR/native implementation, the
|
||||
OpenSSL style configuration is required as described in the APR/native
|
||||
documentation -->
|
||||
<!--
|
||||
<Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol"
|
||||
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
|
||||
clientAuth="false" sslProtocol="TLS" />
|
||||
-->
|
||||
|
||||
<!-- Define an AJP 1.3 Connector on port 8009 -->
|
||||
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
|
||||
|
||||
|
||||
<!-- An Engine represents the entry point (within Catalina) that processes
|
||||
every request. The Engine implementation for Tomcat stand alone
|
||||
analyzes the HTTP headers included with the request, and passes them
|
||||
on to the appropriate Host (virtual host).
|
||||
Documentation at /docs/config/engine.html -->
|
||||
|
||||
<!-- You should set jvmRoute to support load-balancing via AJP ie :
|
||||
<Engine name="Catalina" defaultHost="localhost" jvmRoute="jvm1">
|
||||
-->
|
||||
<Engine name="Catalina" defaultHost="localhost">
|
||||
|
||||
<!--For clustering, please take a look at documentation at:
|
||||
/docs/cluster-howto.html (simple how to)
|
||||
/docs/config/cluster.html (reference documentation) -->
|
||||
<!--
|
||||
<Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/>
|
||||
-->
|
||||
|
||||
<!-- Use the LockOutRealm to prevent attempts to guess user passwords
|
||||
via a brute-force attack -->
|
||||
<Realm className="org.apache.catalina.realm.LockOutRealm">
|
||||
<!-- This Realm uses the UserDatabase configured in the global JNDI
|
||||
resources under the key "UserDatabase". Any edits
|
||||
that are performed against this UserDatabase are immediately
|
||||
available for use by the Realm. -->
|
||||
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
|
||||
resourceName="UserDatabase"/>
|
||||
</Realm>
|
||||
|
||||
<Host name="localhost" appBase="webapps"
|
||||
unpackWARs="true" autoDeploy="true">
|
||||
|
||||
<!-- SingleSignOn valve, share authentication between web applications
|
||||
Documentation at: /docs/config/valve.html -->
|
||||
<!--
|
||||
<Valve className="org.apache.catalina.authenticator.SingleSignOn" />
|
||||
-->
|
||||
|
||||
<!-- Access log processes all example.
|
||||
Documentation at: /docs/config/valve.html
|
||||
Note: The pattern used is equivalent to using pattern="common" -->
|
||||
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
|
||||
prefix="localhost_access_log." suffix=".txt"
|
||||
pattern="%h %l %u %t "%r" %s %b" />
|
||||
|
||||
</Host>
|
||||
</Engine>
|
||||
</Service>
|
||||
<?xml version='1.0' encoding='utf-8'?>
|
||||
<!--
|
||||
Licensed to the Apache Software Foundation (ASF) under one or more
|
||||
contributor license agreements. See the NOTICE file distributed with
|
||||
this work for additional information regarding copyright ownership.
|
||||
The ASF licenses this file to You under the Apache License, Version 2.0
|
||||
(the "License"); you may not use this file except in compliance with
|
||||
the License. You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
-->
|
||||
<!-- Note: A "Server" is not itself a "Container", so you may not
|
||||
define subcomponents such as "Valves" at this level.
|
||||
Documentation at /docs/config/server.html
|
||||
-->
|
||||
<Server port="8005" shutdown="SHUTDOWN">
|
||||
<Listener className="org.apache.catalina.startup.VersionLoggerListener" />
|
||||
<!-- Security listener. Documentation at /docs/config/listeners.html
|
||||
<Listener className="org.apache.catalina.security.SecurityListener" />
|
||||
-->
|
||||
<!--APR library loader. Documentation at /docs/apr.html -->
|
||||
<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
|
||||
<!--Initialize Jasper prior to webapps are loaded. Documentation at /docs/jasper-howto.html -->
|
||||
<Listener className="org.apache.catalina.core.JasperListener" />
|
||||
<!-- Prevent memory leaks due to use of particular java/javax APIs-->
|
||||
<Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
|
||||
<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
|
||||
<Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
|
||||
|
||||
<!-- Global JNDI resources
|
||||
Documentation at /docs/jndi-resources-howto.html
|
||||
-->
|
||||
<GlobalNamingResources>
|
||||
<!-- Editable user database that can also be used by
|
||||
UserDatabaseRealm to authenticate users
|
||||
-->
|
||||
<Resource name="UserDatabase" auth="Container"
|
||||
type="org.apache.catalina.UserDatabase"
|
||||
description="User database that can be updated and saved"
|
||||
factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
|
||||
pathname="conf/tomcat-users.xml" />
|
||||
</GlobalNamingResources>
|
||||
|
||||
<!-- A "Service" is a collection of one or more "Connectors" that share
|
||||
a single "Container" Note: A "Service" is not itself a "Container",
|
||||
so you may not define subcomponents such as "Valves" at this level.
|
||||
Documentation at /docs/config/service.html
|
||||
-->
|
||||
<Service name="Catalina">
|
||||
|
||||
<!--The connectors can use a shared executor, you can define one or more named thread pools-->
|
||||
<!--
|
||||
<Executor name="tomcatThreadPool" namePrefix="catalina-exec-"
|
||||
maxThreads="150" minSpareThreads="4"/>
|
||||
-->
|
||||
|
||||
|
||||
<!-- A "Connector" represents an endpoint by which requests are received
|
||||
and responses are returned. Documentation at :
|
||||
Java HTTP Connector: /docs/config/http.html (blocking & non-blocking)
|
||||
Java AJP Connector: /docs/config/ajp.html
|
||||
APR (HTTP/AJP) Connector: /docs/apr.html
|
||||
Define a non-SSL HTTP/1.1 Connector on port 8080
|
||||
-->
|
||||
<Connector port="8080" protocol="HTTP/1.1"
|
||||
connectionTimeout="20000"
|
||||
redirectPort="8443"
|
||||
proxyPort="443"
|
||||
scheme="https"
|
||||
secure="true"/>
|
||||
<!-- A "Connector" using the shared thread pool-->
|
||||
<!--
|
||||
<Connector executor="tomcatThreadPool"
|
||||
port="8080" protocol="HTTP/1.1"
|
||||
connectionTimeout="20000"
|
||||
redirectPort="8443" />
|
||||
-->
|
||||
<!-- Define a SSL HTTP/1.1 Connector on port 8443
|
||||
This connector uses the BIO implementation that requires the JSSE
|
||||
style configuration. When using the APR/native implementation, the
|
||||
OpenSSL style configuration is required as described in the APR/native
|
||||
documentation -->
|
||||
<!--
|
||||
<Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol"
|
||||
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
|
||||
clientAuth="false" sslProtocol="TLS" />
|
||||
-->
|
||||
|
||||
<!-- Define an AJP 1.3 Connector on port 8009 -->
|
||||
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
|
||||
|
||||
|
||||
<!-- An Engine represents the entry point (within Catalina) that processes
|
||||
every request. The Engine implementation for Tomcat stand alone
|
||||
analyzes the HTTP headers included with the request, and passes them
|
||||
on to the appropriate Host (virtual host).
|
||||
Documentation at /docs/config/engine.html -->
|
||||
|
||||
<!-- You should set jvmRoute to support load-balancing via AJP ie :
|
||||
<Engine name="Catalina" defaultHost="localhost" jvmRoute="jvm1">
|
||||
-->
|
||||
<Engine name="Catalina" defaultHost="localhost">
|
||||
|
||||
<!--For clustering, please take a look at documentation at:
|
||||
/docs/cluster-howto.html (simple how to)
|
||||
/docs/config/cluster.html (reference documentation) -->
|
||||
<!--
|
||||
<Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/>
|
||||
-->
|
||||
|
||||
<!-- Use the LockOutRealm to prevent attempts to guess user passwords
|
||||
via a brute-force attack -->
|
||||
<Realm className="org.apache.catalina.realm.LockOutRealm">
|
||||
<!-- This Realm uses the UserDatabase configured in the global JNDI
|
||||
resources under the key "UserDatabase". Any edits
|
||||
that are performed against this UserDatabase are immediately
|
||||
available for use by the Realm. -->
|
||||
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
|
||||
resourceName="UserDatabase"/>
|
||||
</Realm>
|
||||
|
||||
<Host name="localhost" appBase="webapps"
|
||||
unpackWARs="true" autoDeploy="true">
|
||||
|
||||
<!-- SingleSignOn valve, share authentication between web applications
|
||||
Documentation at: /docs/config/valve.html -->
|
||||
<!--
|
||||
<Valve className="org.apache.catalina.authenticator.SingleSignOn" />
|
||||
-->
|
||||
|
||||
<!-- Access log processes all example.
|
||||
Documentation at: /docs/config/valve.html
|
||||
Note: The pattern used is equivalent to using pattern="common" -->
|
||||
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
|
||||
prefix="localhost_access_log." suffix=".txt"
|
||||
pattern="%h %l %u %t "%r" %s %b" />
|
||||
|
||||
</Host>
|
||||
</Engine>
|
||||
</Service>
|
||||
</Server>
|
@ -1,11 +1,11 @@
|
||||
FROM java:8-jre
|
||||
|
||||
COPY ./distr/appgate.deb /
|
||||
|
||||
RUN dpkg -i /appgate.deb; \
|
||||
rm /appgate.deb; \
|
||||
/opt/1C/1cfresh/appgate/setAuth.sh appgate 12345Qwer
|
||||
|
||||
EXPOSE 8080 9090
|
||||
|
||||
FROM java:8-jre
|
||||
|
||||
COPY ./distr/appgate.deb /
|
||||
|
||||
RUN dpkg -i /appgate.deb; \
|
||||
rm /appgate.deb; \
|
||||
/opt/1C/1cfresh/appgate/setAuth.sh appgate 12345Qwer
|
||||
|
||||
EXPOSE 8080 9090
|
||||
|
||||
CMD ["/opt/1C/1cfresh/appgate/appgate_wrapper.sh"]
|
@ -1,16 +1,16 @@
|
||||
FROM nginx:stable-alpine
|
||||
|
||||
ENV HOSTNAME host.1cfresh.dev
|
||||
|
||||
ENV SITE_HOST host.1cfresh.dev
|
||||
ENV BACKEND_HOST host.1cfresh.dev
|
||||
ENV GATE_HOST host.1cfresh.dev
|
||||
|
||||
ENV WORKER_PROCESSES 2
|
||||
|
||||
COPY ./entrypoint.sh /entrypoint.sh
|
||||
RUN chmod +x /entrypoint.sh
|
||||
|
||||
EXPOSE 80 443
|
||||
|
||||
ENTRYPOINT ["/bin/sh", "-c", "/entrypoint.sh"]
|
||||
FROM nginx:stable-alpine
|
||||
|
||||
ENV HOSTNAME host.1cfresh.dev
|
||||
|
||||
ENV SITE_HOST host.1cfresh.dev
|
||||
ENV BACKEND_HOST host.1cfresh.dev
|
||||
ENV GATE_HOST host.1cfresh.dev
|
||||
|
||||
ENV WORKER_PROCESSES 2
|
||||
|
||||
COPY ./entrypoint.sh /entrypoint.sh
|
||||
RUN chmod +x /entrypoint.sh
|
||||
|
||||
EXPOSE 80 443
|
||||
|
||||
ENTRYPOINT ["/bin/sh", "-c", "/entrypoint.sh"]
|
||||
|
@ -1,2 +1,2 @@
|
||||
include 1c_common.conf;
|
||||
proxy_set_header X-Forwarded-Port 443;
|
||||
include 1c_common.conf;
|
||||
proxy_set_header X-Forwarded-Port 443;
|
||||
|
@ -1,7 +1,7 @@
|
||||
proxy_connect_timeout 5s;
|
||||
proxy_read_timeout 75;
|
||||
proxy_next_upstream error;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_connect_timeout 5s;
|
||||
proxy_read_timeout 75;
|
||||
proxy_next_upstream error;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto https;
|
@ -1,6 +1,6 @@
|
||||
if ($http_user_agent = 1CV8C) {
|
||||
set $mode txt;
|
||||
}
|
||||
|
||||
error_page 407 410 411 413 414 415 416 500 501 502 503 504 505 /availability?url=$upstream_http_x_destination_id$request_uri&mode=$mode;
|
||||
error_page 420 =404 /availability?url=$upstream_http_x_destination_id$request_uri&mode=$mode&code=420;
|
||||
if ($http_user_agent = 1CV8C) {
|
||||
set $mode txt;
|
||||
}
|
||||
|
||||
error_page 407 410 411 413 414 415 416 500 501 502 503 504 505 /availability?url=$upstream_http_x_destination_id$request_uri&mode=$mode;
|
||||
error_page 420 =404 /availability?url=$upstream_http_x_destination_id$request_uri&mode=$mode&code=420;
|
||||
|
@ -1,5 +1,5 @@
|
||||
if ($http_user_agent = 1CV8C) {
|
||||
set $mode txt;
|
||||
}
|
||||
|
||||
error_page 500 501 502 503 504 505 /availability?url=$scheme://$host$request_uri&mode=$mode;
|
||||
if ($http_user_agent = 1CV8C) {
|
||||
set $mode txt;
|
||||
}
|
||||
|
||||
error_page 500 501 502 503 504 505 /availability?url=$scheme://$host$request_uri&mode=$mode;
|
||||
|
@ -1,2 +1,2 @@
|
||||
error_page 404 /availability?url=$scheme://$host$request_uri&code=404;
|
||||
error_page 400 401 402 403 405 406 407 408 409 410 411 412 413 414 415 416 417 500 501 502 503 504 505 /availability?url=$scheme://$host$request_uri;
|
||||
error_page 404 /availability?url=$scheme://$host$request_uri&code=404;
|
||||
error_page 400 401 402 403 405 406 407 408 409 410 411 412 413 414 415 416 417 500 501 502 503 504 505 /availability?url=$scheme://$host$request_uri;
|
||||
|
@ -1,2 +1,2 @@
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Connection "";
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Connection "";
|
||||
|
@ -1,15 +1,15 @@
|
||||
upstream backend83 {
|
||||
ip_hash;
|
||||
keepalive 16;
|
||||
server webwebweb:80;
|
||||
}
|
||||
|
||||
upstream gate {
|
||||
ip_hash;
|
||||
server gategategate:8080;
|
||||
}
|
||||
|
||||
|
||||
upstream upstream_availability {
|
||||
server sitesitesite:8080;
|
||||
}
|
||||
upstream backend83 {
|
||||
ip_hash;
|
||||
keepalive 16;
|
||||
server webwebweb:80;
|
||||
}
|
||||
|
||||
upstream gate {
|
||||
ip_hash;
|
||||
server gategategate:8080;
|
||||
}
|
||||
|
||||
|
||||
upstream upstream_availability {
|
||||
server sitesitesite:8080;
|
||||
}
|
||||
|
@ -1,123 +1,123 @@
|
||||
server {
|
||||
listen 443;
|
||||
server_name hosthosthost;
|
||||
|
||||
proxy_intercept_errors on;
|
||||
|
||||
ssl on;
|
||||
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
|
||||
ssl_ciphers RC4:HIGH:!aNULL:!MD5:!kEDH;
|
||||
ssl_prefer_server_ciphers on;
|
||||
ssl_certificate /etc/pki-custom/fullchain.crt;
|
||||
ssl_certificate_key /etc/pki-custom/privkey.key;
|
||||
ssl_session_cache shared:SSL:10m;
|
||||
ssl_session_timeout 10m;
|
||||
|
||||
location @start {
|
||||
rewrite ^(/a/[a-zA-Z0-9_]+/([0-9]+/)?).*$ $1 last;
|
||||
}
|
||||
|
||||
location /availability/ {
|
||||
include 1c_common.conf;
|
||||
recursive_error_pages on;
|
||||
error_page 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 500 501 502 503 504 505 /i/index.html;
|
||||
proxy_pass http://upstream_availability;
|
||||
}
|
||||
|
||||
location /i {
|
||||
alias /var/www/failover;
|
||||
}
|
||||
|
||||
|
||||
location ^~ /a/openid {
|
||||
include 1c_common.conf;
|
||||
include 1c_keepalive.conf;
|
||||
include 1c_error_openid.conf;
|
||||
proxy_pass http://backend83;
|
||||
}
|
||||
|
||||
location ^~ /a/adm/e1cib/start {
|
||||
include 1c_app.conf;
|
||||
include 1c_error.conf;
|
||||
include 1c_keepalive.conf;
|
||||
error_page 400 403 412 @start;
|
||||
proxy_pass http://backend83;
|
||||
}
|
||||
|
||||
location ^~ /a/adm {
|
||||
include 1c_app.conf;
|
||||
include 1c_error.conf;
|
||||
include 1c_keepalive.conf;
|
||||
proxy_pass http://backend83;
|
||||
}
|
||||
|
||||
location ^~ /a/extreg {
|
||||
include 1c_app.conf;
|
||||
include 1c_error.conf;
|
||||
include 1c_keepalive.conf;
|
||||
proxy_pass http://backend83;
|
||||
}
|
||||
|
||||
location ^~ /a/wcib/hs {
|
||||
include 1c_app.conf;
|
||||
include 1c_error.conf;
|
||||
keepalive_timeout 0;
|
||||
proxy_pass http://backend83;
|
||||
}
|
||||
|
||||
location ^~ /a/httpextreg/hs {
|
||||
include 1c_app.conf;
|
||||
include 1c_error.conf;
|
||||
keepalive_timeout 0;
|
||||
proxy_pass http://backend83;
|
||||
}
|
||||
|
||||
location ^~ /a/wcibprivate/hs {
|
||||
include 1c_app.conf;
|
||||
include 1c_error.conf;
|
||||
keepalive_timeout 0;
|
||||
proxy_pass http://backend83;
|
||||
}
|
||||
|
||||
location ~* /a/\w+/\d+/e1cib/start {
|
||||
include 1c_app.conf;
|
||||
include 1c_error.conf;
|
||||
error_page 400 403 412 @start;
|
||||
proxy_pass http://gate;
|
||||
}
|
||||
|
||||
location ~* /a/\w+/\d+/\w+/e1cib/oid2rp {
|
||||
include 1c_app.conf;
|
||||
include 1c_error.conf;
|
||||
error_page 400 403 404 412 @start;
|
||||
proxy_pass http://gate;
|
||||
}
|
||||
|
||||
location ~* /a/\w+/\d+/ws {
|
||||
include 1c_app.conf;
|
||||
proxy_intercept_errors off;
|
||||
proxy_pass http://gate;
|
||||
}
|
||||
|
||||
location ~* /a/\w+/\d+ {
|
||||
include 1c_app.conf;
|
||||
include 1c_error.conf;
|
||||
proxy_pass http://gate;
|
||||
}
|
||||
|
||||
location / {
|
||||
include 1c_common.conf;
|
||||
include 1c_keepalive.conf;
|
||||
include 1c_error_site.conf;
|
||||
proxy_pass http://sitesitesite:8080;
|
||||
}
|
||||
|
||||
location /resources/images/content {
|
||||
alias /var/www/content/media;
|
||||
}
|
||||
|
||||
location /extreg {
|
||||
alias /var/www/extreg;
|
||||
}
|
||||
|
||||
}
|
||||
server {
|
||||
listen 443;
|
||||
server_name hosthosthost;
|
||||
|
||||
proxy_intercept_errors on;
|
||||
|
||||
ssl on;
|
||||
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
|
||||
ssl_ciphers RC4:HIGH:!aNULL:!MD5:!kEDH;
|
||||
ssl_prefer_server_ciphers on;
|
||||
ssl_certificate /etc/pki-custom/fullchain.crt;
|
||||
ssl_certificate_key /etc/pki-custom/privkey.key;
|
||||
ssl_session_cache shared:SSL:10m;
|
||||
ssl_session_timeout 10m;
|
||||
|
||||
location @start {
|
||||
rewrite ^(/a/[a-zA-Z0-9_]+/([0-9]+/)?).*$ $1 last;
|
||||
}
|
||||
|
||||
location /availability/ {
|
||||
include 1c_common.conf;
|
||||
recursive_error_pages on;
|
||||
error_page 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 500 501 502 503 504 505 /i/index.html;
|
||||
proxy_pass http://upstream_availability;
|
||||
}
|
||||
|
||||
location /i {
|
||||
alias /var/www/failover;
|
||||
}
|
||||
|
||||
|
||||
location ^~ /a/openid {
|
||||
include 1c_common.conf;
|
||||
include 1c_keepalive.conf;
|
||||
include 1c_error_openid.conf;
|
||||
proxy_pass http://backend83;
|
||||
}
|
||||
|
||||
location ^~ /a/adm/e1cib/start {
|
||||
include 1c_app.conf;
|
||||
include 1c_error.conf;
|
||||
include 1c_keepalive.conf;
|
||||
error_page 400 403 412 @start;
|
||||
proxy_pass http://backend83;
|
||||
}
|
||||
|
||||
location ^~ /a/adm {
|
||||
include 1c_app.conf;
|
||||
include 1c_error.conf;
|
||||
include 1c_keepalive.conf;
|
||||
proxy_pass http://backend83;
|
||||
}
|
||||
|
||||
location ^~ /a/extreg {
|
||||
include 1c_app.conf;
|
||||
include 1c_error.conf;
|
||||
include 1c_keepalive.conf;
|
||||
proxy_pass http://backend83;
|
||||
}
|
||||
|
||||
location ^~ /a/wcib/hs {
|
||||
include 1c_app.conf;
|
||||
include 1c_error.conf;
|
||||
keepalive_timeout 0;
|
||||
proxy_pass http://backend83;
|
||||
}
|
||||
|
||||
location ^~ /a/httpextreg/hs {
|
||||
include 1c_app.conf;
|
||||
include 1c_error.conf;
|
||||
keepalive_timeout 0;
|
||||
proxy_pass http://backend83;
|
||||
}
|
||||
|
||||
location ^~ /a/wcibprivate/hs {
|
||||
include 1c_app.conf;
|
||||
include 1c_error.conf;
|
||||
keepalive_timeout 0;
|
||||
proxy_pass http://backend83;
|
||||
}
|
||||
|
||||
location ~* /a/\w+/\d+/e1cib/start {
|
||||
include 1c_app.conf;
|
||||
include 1c_error.conf;
|
||||
error_page 400 403 412 @start;
|
||||
proxy_pass http://gate;
|
||||
}
|
||||
|
||||
location ~* /a/\w+/\d+/\w+/e1cib/oid2rp {
|
||||
include 1c_app.conf;
|
||||
include 1c_error.conf;
|
||||
error_page 400 403 404 412 @start;
|
||||
proxy_pass http://gate;
|
||||
}
|
||||
|
||||
location ~* /a/\w+/\d+/ws {
|
||||
include 1c_app.conf;
|
||||
proxy_intercept_errors off;
|
||||
proxy_pass http://gate;
|
||||
}
|
||||
|
||||
location ~* /a/\w+/\d+ {
|
||||
include 1c_app.conf;
|
||||
include 1c_error.conf;
|
||||
proxy_pass http://gate;
|
||||
}
|
||||
|
||||
location / {
|
||||
include 1c_common.conf;
|
||||
include 1c_keepalive.conf;
|
||||
include 1c_error_site.conf;
|
||||
proxy_pass http://sitesitesite:8080;
|
||||
}
|
||||
|
||||
location /resources/images/content {
|
||||
alias /var/www/content/media;
|
||||
}
|
||||
|
||||
location /extreg {
|
||||
alias /var/www/extreg;
|
||||
}
|
||||
|
||||
}
|
||||
|
@ -1,8 +1,8 @@
|
||||
server {
|
||||
listen 80;
|
||||
server_name hosthosthost;
|
||||
|
||||
location / {
|
||||
return 301 https://$server_name$request_uri;
|
||||
}
|
||||
server {
|
||||
listen 80;
|
||||
server_name hosthosthost;
|
||||
|
||||
location / {
|
||||
return 301 https://$server_name$request_uri;
|
||||
}
|
||||
}
|
@ -1,41 +1,41 @@
|
||||
user nginx;
|
||||
worker_processes worker_processes_ENV;
|
||||
worker_rlimit_nofile 10240;
|
||||
error_log /var/log/nginx/error.log warn;
|
||||
pid /var/run/nginx.pid;
|
||||
|
||||
events {
|
||||
worker_connections 1024;
|
||||
use epoll;
|
||||
}
|
||||
|
||||
http {
|
||||
include /etc/nginx/mime.types;
|
||||
default_type application/octet-stream;
|
||||
|
||||
gzip on;
|
||||
sendfile on;
|
||||
tcp_nopush on;
|
||||
tcp_nodelay on;
|
||||
server_tokens off;
|
||||
|
||||
proxy_buffering on;
|
||||
proxy_buffer_size 32k;
|
||||
proxy_buffers 20 512k;
|
||||
proxy_connect_timeout 5;
|
||||
proxy_max_temp_file_size 0;
|
||||
|
||||
keepalive_timeout 300 300;
|
||||
server_names_hash_max_size 4096;
|
||||
server_names_hash_bucket_size 128;
|
||||
client_max_body_size 4096m;
|
||||
client_body_buffer_size 256k;
|
||||
|
||||
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
|
||||
'$status $body_bytes_sent ${request_time}ms "$http_referer" '
|
||||
'"$http_user_agent" "$http_x_forwarded_for" set_cookie: "$sent_http_set_cookie"';
|
||||
access_log /var/log/nginx/access.log main;
|
||||
|
||||
include /etc/nginx/1c_upstream.conf;
|
||||
include /etc/nginx/conf.d/*.conf;
|
||||
}
|
||||
user nginx;
|
||||
worker_processes worker_processes_ENV;
|
||||
worker_rlimit_nofile 10240;
|
||||
error_log /var/log/nginx/error.log warn;
|
||||
pid /var/run/nginx.pid;
|
||||
|
||||
events {
|
||||
worker_connections 1024;
|
||||
use epoll;
|
||||
}
|
||||
|
||||
http {
|
||||
include /etc/nginx/mime.types;
|
||||
default_type application/octet-stream;
|
||||
|
||||
gzip on;
|
||||
sendfile on;
|
||||
tcp_nopush on;
|
||||
tcp_nodelay on;
|
||||
server_tokens off;
|
||||
|
||||
proxy_buffering on;
|
||||
proxy_buffer_size 32k;
|
||||
proxy_buffers 20 512k;
|
||||
proxy_connect_timeout 5;
|
||||
proxy_max_temp_file_size 0;
|
||||
|
||||
keepalive_timeout 300 300;
|
||||
server_names_hash_max_size 4096;
|
||||
server_names_hash_bucket_size 128;
|
||||
client_max_body_size 4096m;
|
||||
client_body_buffer_size 256k;
|
||||
|
||||
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
|
||||
'$status $body_bytes_sent ${request_time}ms "$http_referer" '
|
||||
'"$http_user_agent" "$http_x_forwarded_for" set_cookie: "$sent_http_set_cookie"';
|
||||
access_log /var/log/nginx/access.log main;
|
||||
|
||||
include /etc/nginx/1c_upstream.conf;
|
||||
include /etc/nginx/conf.d/*.conf;
|
||||
}
|
||||
|
@ -1,13 +1,13 @@
|
||||
FROM tomcat:7.0-jre8-alpine
|
||||
|
||||
ENV JAVA_OPTS "${JAVA_OPTS} -Xms512m -Xmx1024m -XX:+UseParallelGC -server "
|
||||
|
||||
RUN rm -rf /usr/local/tomcat/webapps/* && \
|
||||
mkdir -p /var/www/content/searchIndex \
|
||||
mkdir -p /var/www/content/site_files
|
||||
|
||||
COPY ./distr/site/ROOT.war /usr/local/tomcat/webapps/
|
||||
|
||||
EXPOSE 8080
|
||||
|
||||
FROM tomcat:7.0-jre8-alpine
|
||||
|
||||
ENV JAVA_OPTS "${JAVA_OPTS} -Xms512m -Xmx1024m -XX:+UseParallelGC -server "
|
||||
|
||||
RUN rm -rf /usr/local/tomcat/webapps/* && \
|
||||
mkdir -p /var/www/content/searchIndex \
|
||||
mkdir -p /var/www/content/site_files
|
||||
|
||||
COPY ./distr/site/ROOT.war /usr/local/tomcat/webapps/
|
||||
|
||||
EXPOSE 8080
|
||||
|
||||
CMD ["catalina.sh", "run"]
|
@ -1,50 +1,50 @@
|
||||
<?xml version='1.0' encoding='utf-8'?>
|
||||
<!--
|
||||
Licensed to the Apache Software Foundation (ASF) under one or more
|
||||
contributor license agreements. See the NOTICE file distributed with
|
||||
this work for additional information regarding copyright ownership.
|
||||
The ASF licenses this file to You under the Apache License, Version 2.0
|
||||
(the "License"); you may not use this file except in compliance with
|
||||
the License. You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
-->
|
||||
<!-- The contents of this file will be loaded for each web application -->
|
||||
<Context>
|
||||
|
||||
<Resource
|
||||
name="jdbc/freshSiteDS"
|
||||
auth="Container"
|
||||
type="javax.sql.DataSource"
|
||||
driverClassName="org.postgresql.Driver"
|
||||
url="jdbc:postgresql://db:5432/site"
|
||||
username="site"
|
||||
password="12345Qwerty"
|
||||
removeAbandoned="true"
|
||||
removeAbandonedTimeout="90"
|
||||
logAbandoned="true"
|
||||
maxActive="30"
|
||||
maxIdle="20"
|
||||
maxWait="-1" />
|
||||
|
||||
<!-- Default set of monitored resources -->
|
||||
<WatchedResource>WEB-INF/web.xml</WatchedResource>
|
||||
|
||||
<!-- Uncomment this to disable session persistence across Tomcat restarts -->
|
||||
<!--
|
||||
<Manager pathname="" />
|
||||
-->
|
||||
|
||||
<!-- Uncomment this to enable Comet connection tacking (provides events
|
||||
on session expiration as well as webapp lifecycle) -->
|
||||
<!--
|
||||
<Valve className="org.apache.catalina.valves.CometConnectionManagerValve" />
|
||||
-->
|
||||
|
||||
<?xml version='1.0' encoding='utf-8'?>
|
||||
<!--
|
||||
Licensed to the Apache Software Foundation (ASF) under one or more
|
||||
contributor license agreements. See the NOTICE file distributed with
|
||||
this work for additional information regarding copyright ownership.
|
||||
The ASF licenses this file to You under the Apache License, Version 2.0
|
||||
(the "License"); you may not use this file except in compliance with
|
||||
the License. You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
-->
|
||||
<!-- The contents of this file will be loaded for each web application -->
|
||||
<Context>
|
||||
|
||||
<Resource
|
||||
name="jdbc/freshSiteDS"
|
||||
auth="Container"
|
||||
type="javax.sql.DataSource"
|
||||
driverClassName="org.postgresql.Driver"
|
||||
url="jdbc:postgresql://db:5432/site"
|
||||
username="site"
|
||||
password="12345Qwerty"
|
||||
removeAbandoned="true"
|
||||
removeAbandonedTimeout="90"
|
||||
logAbandoned="true"
|
||||
maxActive="30"
|
||||
maxIdle="20"
|
||||
maxWait="-1" />
|
||||
|
||||
<!-- Default set of monitored resources -->
|
||||
<WatchedResource>WEB-INF/web.xml</WatchedResource>
|
||||
|
||||
<!-- Uncomment this to disable session persistence across Tomcat restarts -->
|
||||
<!--
|
||||
<Manager pathname="" />
|
||||
-->
|
||||
|
||||
<!-- Uncomment this to enable Comet connection tacking (provides events
|
||||
on session expiration as well as webapp lifecycle) -->
|
||||
<!--
|
||||
<Valve className="org.apache.catalina.valves.CometConnectionManagerValve" />
|
||||
-->
|
||||
|
||||
</Context>
|
@ -1,148 +1,148 @@
|
||||
<?xml version='1.0' encoding='utf-8'?>
|
||||
<!--
|
||||
Licensed to the Apache Software Foundation (ASF) under one or more
|
||||
contributor license agreements. See the NOTICE file distributed with
|
||||
this work for additional information regarding copyright ownership.
|
||||
The ASF licenses this file to You under the Apache License, Version 2.0
|
||||
(the "License"); you may not use this file except in compliance with
|
||||
the License. You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
-->
|
||||
<!-- Note: A "Server" is not itself a "Container", so you may not
|
||||
define subcomponents such as "Valves" at this level.
|
||||
Documentation at /docs/config/server.html
|
||||
-->
|
||||
<Server port="8005" shutdown="SHUTDOWN">
|
||||
<Listener className="org.apache.catalina.startup.VersionLoggerListener" />
|
||||
<!-- Security listener. Documentation at /docs/config/listeners.html
|
||||
<Listener className="org.apache.catalina.security.SecurityListener" />
|
||||
-->
|
||||
<!--APR library loader. Documentation at /docs/apr.html -->
|
||||
<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
|
||||
<!--Initialize Jasper prior to webapps are loaded. Documentation at /docs/jasper-howto.html -->
|
||||
<Listener className="org.apache.catalina.core.JasperListener" />
|
||||
<!-- Prevent memory leaks due to use of particular java/javax APIs-->
|
||||
<Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
|
||||
<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
|
||||
<Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
|
||||
|
||||
<!-- Global JNDI resources
|
||||
Documentation at /docs/jndi-resources-howto.html
|
||||
-->
|
||||
<GlobalNamingResources>
|
||||
<!-- Editable user database that can also be used by
|
||||
UserDatabaseRealm to authenticate users
|
||||
-->
|
||||
<Resource name="UserDatabase" auth="Container"
|
||||
type="org.apache.catalina.UserDatabase"
|
||||
description="User database that can be updated and saved"
|
||||
factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
|
||||
pathname="conf/tomcat-users.xml" />
|
||||
</GlobalNamingResources>
|
||||
|
||||
<!-- A "Service" is a collection of one or more "Connectors" that share
|
||||
a single "Container" Note: A "Service" is not itself a "Container",
|
||||
so you may not define subcomponents such as "Valves" at this level.
|
||||
Documentation at /docs/config/service.html
|
||||
-->
|
||||
<Service name="Catalina">
|
||||
|
||||
<!--The connectors can use a shared executor, you can define one or more named thread pools-->
|
||||
<!--
|
||||
<Executor name="tomcatThreadPool" namePrefix="catalina-exec-"
|
||||
maxThreads="150" minSpareThreads="4"/>
|
||||
-->
|
||||
|
||||
|
||||
<!-- A "Connector" represents an endpoint by which requests are received
|
||||
and responses are returned. Documentation at :
|
||||
Java HTTP Connector: /docs/config/http.html (blocking & non-blocking)
|
||||
Java AJP Connector: /docs/config/ajp.html
|
||||
APR (HTTP/AJP) Connector: /docs/apr.html
|
||||
Define a non-SSL HTTP/1.1 Connector on port 8080
|
||||
-->
|
||||
<Connector port="8080" protocol="HTTP/1.1"
|
||||
connectionTimeout="20000"
|
||||
redirectPort="8443"
|
||||
proxyPort="443"
|
||||
scheme="https"
|
||||
secure="true"
|
||||
URIEncoding="UTF-8"/>
|
||||
<!-- A "Connector" using the shared thread pool-->
|
||||
<!--
|
||||
<Connector executor="tomcatThreadPool"
|
||||
port="8080" protocol="HTTP/1.1"
|
||||
connectionTimeout="20000"
|
||||
redirectPort="8443" />
|
||||
-->
|
||||
<!-- Define a SSL HTTP/1.1 Connector on port 8443
|
||||
This connector uses the BIO implementation that requires the JSSE
|
||||
style configuration. When using the APR/native implementation, the
|
||||
OpenSSL style configuration is required as described in the APR/native
|
||||
documentation -->
|
||||
<!--
|
||||
<Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol"
|
||||
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
|
||||
clientAuth="false" sslProtocol="TLS" />
|
||||
-->
|
||||
|
||||
<!-- Define an AJP 1.3 Connector on port 8009 -->
|
||||
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
|
||||
|
||||
|
||||
<!-- An Engine represents the entry point (within Catalina) that processes
|
||||
every request. The Engine implementation for Tomcat stand alone
|
||||
analyzes the HTTP headers included with the request, and passes them
|
||||
on to the appropriate Host (virtual host).
|
||||
Documentation at /docs/config/engine.html -->
|
||||
|
||||
<!-- You should set jvmRoute to support load-balancing via AJP ie :
|
||||
<Engine name="Catalina" defaultHost="localhost" jvmRoute="jvm1">
|
||||
-->
|
||||
<Engine name="Catalina" defaultHost="localhost">
|
||||
|
||||
<!--For clustering, please take a look at documentation at:
|
||||
/docs/cluster-howto.html (simple how to)
|
||||
/docs/config/cluster.html (reference documentation) -->
|
||||
<!--
|
||||
<Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/>
|
||||
-->
|
||||
|
||||
<!-- Use the LockOutRealm to prevent attempts to guess user passwords
|
||||
via a brute-force attack -->
|
||||
<Realm className="org.apache.catalina.realm.LockOutRealm">
|
||||
<!-- This Realm uses the UserDatabase configured in the global JNDI
|
||||
resources under the key "UserDatabase". Any edits
|
||||
that are performed against this UserDatabase are immediately
|
||||
available for use by the Realm. -->
|
||||
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
|
||||
resourceName="UserDatabase"/>
|
||||
</Realm>
|
||||
|
||||
<Host name="localhost" appBase="webapps"
|
||||
unpackWARs="true" autoDeploy="true">
|
||||
|
||||
<!-- SingleSignOn valve, share authentication between web applications
|
||||
Documentation at: /docs/config/valve.html -->
|
||||
<!--
|
||||
<Valve className="org.apache.catalina.authenticator.SingleSignOn" />
|
||||
-->
|
||||
|
||||
<!-- Access log processes all example.
|
||||
Documentation at: /docs/config/valve.html
|
||||
Note: The pattern used is equivalent to using pattern="common" -->
|
||||
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
|
||||
prefix="localhost_access_log." suffix=".txt"
|
||||
pattern="%h %l %u %t "%r" %s %b" />
|
||||
|
||||
</Host>
|
||||
</Engine>
|
||||
</Service>
|
||||
<?xml version='1.0' encoding='utf-8'?>
|
||||
<!--
|
||||
Licensed to the Apache Software Foundation (ASF) under one or more
|
||||
contributor license agreements. See the NOTICE file distributed with
|
||||
this work for additional information regarding copyright ownership.
|
||||
The ASF licenses this file to You under the Apache License, Version 2.0
|
||||
(the "License"); you may not use this file except in compliance with
|
||||
the License. You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
-->
|
||||
<!-- Note: A "Server" is not itself a "Container", so you may not
|
||||
define subcomponents such as "Valves" at this level.
|
||||
Documentation at /docs/config/server.html
|
||||
-->
|
||||
<Server port="8005" shutdown="SHUTDOWN">
|
||||
<Listener className="org.apache.catalina.startup.VersionLoggerListener" />
|
||||
<!-- Security listener. Documentation at /docs/config/listeners.html
|
||||
<Listener className="org.apache.catalina.security.SecurityListener" />
|
||||
-->
|
||||
<!--APR library loader. Documentation at /docs/apr.html -->
|
||||
<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
|
||||
<!--Initialize Jasper prior to webapps are loaded. Documentation at /docs/jasper-howto.html -->
|
||||
<Listener className="org.apache.catalina.core.JasperListener" />
|
||||
<!-- Prevent memory leaks due to use of particular java/javax APIs-->
|
||||
<Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
|
||||
<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
|
||||
<Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
|
||||
|
||||
<!-- Global JNDI resources
|
||||
Documentation at /docs/jndi-resources-howto.html
|
||||
-->
|
||||
<GlobalNamingResources>
|
||||
<!-- Editable user database that can also be used by
|
||||
UserDatabaseRealm to authenticate users
|
||||
-->
|
||||
<Resource name="UserDatabase" auth="Container"
|
||||
type="org.apache.catalina.UserDatabase"
|
||||
description="User database that can be updated and saved"
|
||||
factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
|
||||
pathname="conf/tomcat-users.xml" />
|
||||
</GlobalNamingResources>
|
||||
|
||||
<!-- A "Service" is a collection of one or more "Connectors" that share
|
||||
a single "Container" Note: A "Service" is not itself a "Container",
|
||||
so you may not define subcomponents such as "Valves" at this level.
|
||||
Documentation at /docs/config/service.html
|
||||
-->
|
||||
<Service name="Catalina">
|
||||
|
||||
<!--The connectors can use a shared executor, you can define one or more named thread pools-->
|
||||
<!--
|
||||
<Executor name="tomcatThreadPool" namePrefix="catalina-exec-"
|
||||
maxThreads="150" minSpareThreads="4"/>
|
||||
-->
|
||||
|
||||
|
||||
<!-- A "Connector" represents an endpoint by which requests are received
|
||||
and responses are returned. Documentation at :
|
||||
Java HTTP Connector: /docs/config/http.html (blocking & non-blocking)
|
||||
Java AJP Connector: /docs/config/ajp.html
|
||||
APR (HTTP/AJP) Connector: /docs/apr.html
|
||||
Define a non-SSL HTTP/1.1 Connector on port 8080
|
||||
-->
|
||||
<Connector port="8080" protocol="HTTP/1.1"
|
||||
connectionTimeout="20000"
|
||||
redirectPort="8443"
|
||||
proxyPort="443"
|
||||
scheme="https"
|
||||
secure="true"
|
||||
URIEncoding="UTF-8"/>
|
||||
<!-- A "Connector" using the shared thread pool-->
|
||||
<!--
|
||||
<Connector executor="tomcatThreadPool"
|
||||
port="8080" protocol="HTTP/1.1"
|
||||
connectionTimeout="20000"
|
||||
redirectPort="8443" />
|
||||
-->
|
||||
<!-- Define a SSL HTTP/1.1 Connector on port 8443
|
||||
This connector uses the BIO implementation that requires the JSSE
|
||||
style configuration. When using the APR/native implementation, the
|
||||
OpenSSL style configuration is required as described in the APR/native
|
||||
documentation -->
|
||||
<!--
|
||||
<Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol"
|
||||
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
|
||||
clientAuth="false" sslProtocol="TLS" />
|
||||
-->
|
||||
|
||||
<!-- Define an AJP 1.3 Connector on port 8009 -->
|
||||
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
|
||||
|
||||
|
||||
<!-- An Engine represents the entry point (within Catalina) that processes
|
||||
every request. The Engine implementation for Tomcat stand alone
|
||||
analyzes the HTTP headers included with the request, and passes them
|
||||
on to the appropriate Host (virtual host).
|
||||
Documentation at /docs/config/engine.html -->
|
||||
|
||||
<!-- You should set jvmRoute to support load-balancing via AJP ie :
|
||||
<Engine name="Catalina" defaultHost="localhost" jvmRoute="jvm1">
|
||||
-->
|
||||
<Engine name="Catalina" defaultHost="localhost">
|
||||
|
||||
<!--For clustering, please take a look at documentation at:
|
||||
/docs/cluster-howto.html (simple how to)
|
||||
/docs/config/cluster.html (reference documentation) -->
|
||||
<!--
|
||||
<Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/>
|
||||
-->
|
||||
|
||||
<!-- Use the LockOutRealm to prevent attempts to guess user passwords
|
||||
via a brute-force attack -->
|
||||
<Realm className="org.apache.catalina.realm.LockOutRealm">
|
||||
<!-- This Realm uses the UserDatabase configured in the global JNDI
|
||||
resources under the key "UserDatabase". Any edits
|
||||
that are performed against this UserDatabase are immediately
|
||||
available for use by the Realm. -->
|
||||
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
|
||||
resourceName="UserDatabase"/>
|
||||
</Realm>
|
||||
|
||||
<Host name="localhost" appBase="webapps"
|
||||
unpackWARs="true" autoDeploy="true">
|
||||
|
||||
<!-- SingleSignOn valve, share authentication between web applications
|
||||
Documentation at: /docs/config/valve.html -->
|
||||
<!--
|
||||
<Valve className="org.apache.catalina.authenticator.SingleSignOn" />
|
||||
-->
|
||||
|
||||
<!-- Access log processes all example.
|
||||
Documentation at: /docs/config/valve.html
|
||||
Note: The pattern used is equivalent to using pattern="common" -->
|
||||
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
|
||||
prefix="localhost_access_log." suffix=".txt"
|
||||
pattern="%h %l %u %t "%r" %s %b" />
|
||||
|
||||
</Host>
|
||||
</Engine>
|
||||
</Service>
|
||||
</Server>
|
Loading…
x
Reference in New Issue
Block a user