diff --git a/SECURITY.md b/SECURITY.md index 91aed179a..ff01daa05 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -6,7 +6,8 @@ We are currently providing security updates for: | Version | Supported | | ------- | ------------------ | -| 0.3.0 | :white_check_mark: | +| 0.4.0 | :white_check_mark: | +| 0.3.0 | :x: | | 0.2.0 | :x: | | 0.1.0 | :x: | diff --git a/deploy/single-script-install.sh b/deploy/single-script-install.sh index adb380463..2ebade589 100755 --- a/deploy/single-script-install.sh +++ b/deploy/single-script-install.sh @@ -138,7 +138,7 @@ else git clone https://github.com/INTO-CPS-Association/DTaaS.git DTaaS cd DTaaS || exit git fetch --all - git checkout feature/distributed-demo + git checkout release-v0.4 fi TOP_DIR=$(pwd) diff --git a/docker/.env b/docker/.env deleted file mode 100644 index 07a7962a7..000000000 --- a/docker/.env +++ /dev/null @@ -1,9 +0,0 @@ -DTAAS_DIR='/home/Desktop/DTaaS' -SERVER_DNS='foo.com' -OAUTH_URL='https://gitlab.foo.com' -CLIENT_ID='xx' -CLIENT_SECRET='xx' -OAUTH_SECRET='random-secret-string' -CLIENT_CONFIG='/home/Desktop/DTaaS/deploy/config/client/env.local.js' -username1='user1' -username2='user2' \ No newline at end of file diff --git a/docker/README.md b/docker/README.md deleted file mode 100644 index 1b7b506e1..000000000 --- a/docker/README.md +++ /dev/null @@ -1,168 +0,0 @@ -# Docker Compose for DTaaS with Backend Authorization - -This directory contains docker compose files for running the DTaaS with -backend authorization. The authorization happens at traefik using -[Traefik forward-auth](https://github.com/thomseddon/traefik-forward-auth). -The Traefik forward-auth uses OAuth2 for protecting all routes to user workspaces. - -## Design - -An illustration of the docker containers used and the authorization -setup is shown here. - -![Traefik OAuth](./traefik-forward-auth.png) - -In the new application configuration, there are two OAuth2 applications. - -- The React single page application (SPA). The details of - this Oauth2 app are in - [client docs](../../docs/admin/client/auth.md). -- The Oauth2 server-side or web application for traefik forward-auth container. - The details are in [server docs](../../docs/admin/servers/auth.md). - -## Requirements - -The installation requirements to run this docker version of the DTaaS are: - -- docker with compose plugin -- [gitlab oauth provider](https://docs.gitlab.com/ee/integration/oauth_provider.html#create-an-instance-wide-application) -- DNS name (optional, required only when the DTaaS is to be deployed on a web server) -- User accounts - -### Create User Accounts - -Create user accounts in gitlab for all the usernames mentioned in -`.env` and `conf` files. -The _trial_ installation script comes with two default -usernames - _user1_ and _user2_. For all other installation scenarios, -accounts with specific usernames need to be created on gitlab. - -## Configuration - -### Traefik forward-auth - -The first step is to finish the configuration for -the traefik forward-auth container. -The details are in [server docs](../../docs/admin/servers/auth.md). - -### Docker Compose - -The docker compose configuration is in `.env`; it is a sample file. -It contains environment variables -that are used by the docker compose files. - -Edit all the fields according to your specific case. - - | URL Path | Access Granted to |Access Granted to | - |:------------|:---------------|:---------------| - | DTAAS_DIR | '/home/Desktop/DTaaS' | Full path to the DTaaS directory. This is an absolute path with no trailing slash. | - | SERVER_DNS | _foo.com_ or _localhost_ | The server DNS, if you are deploying with a dedicated server. Remember not use http(s) at the beginning of the DNS string | - | BASE_URL | _gitlab.foo.com_ | The URL of your Gitlab instance | - | CLIENT_ID | 'xx' | The ID of your OAuth application | - | CLIENT_SECRET | 'xx' | The Secret of your OAuth application | - | OAUTH_SECRET | 'random-secret-string' | Any private random string | - | username1 | 'user1' | The gitlab instance username of a user of DTaaS | - | username2 | 'user2' | The gitlab instance username of a user of DTaaS | - | CLIENT_CONFIG | '/home/Desktop/DTaaS/deploy/config/client/env.js' | Full path to env.js file for client | - -Note: The Server DNS can also be an IP address. -However, for proper working it is neccessary to use the -same convention (IP/DNS) in the `CLIENT_CONFIG` file as well. - -### Website Client - -- Assign the correct client config file to `CLIENT_CONFIG` and - update the values. - - | Deployment Scenario | client env file | - |:-------|:------| - | localhost | deploy/config/client/env.local.js | - | trial | deploy/config/client/env.trial.js | - - This file has to be configured properly. - - Further explanation on the client configuration is available in - [client config page](../../docs/admin/client/CLIENT.md). - -### Lib MS - -No configuration change is needed for a general use case to bring up the LibMS. - -In a specific case, -you can change the configuration of the LibMS by editing the file: - -- deploy/config/lib.docker - -This is not recommended for a general use. -It should be done with care, making relevant changes -in all other related files, -and the compose file being used. - -### Caveat - -The usernames in the `.env` file need to match those in the conf file. -The conf.local is used by compose.local.yml and -conf.server is used by compose.server.yml. - -Traefik routes are controlled by the `.env` file -Authentication on these routes is controlled by the `conf` file. -If a route is not specified in `conf` file but an authorisation is -requested by traefik for this unknown route, the default behavior of -traefik forward-auth kicks in. This default behavior is to enable -endpoint being available to any signed in user. - -If there are extra routes in `conf` file but these are not in `.env` file, -such routes are not served by traefik; it will give **404 server response**. - -## Run - -There are two usage scenarios, namely **localhost** and **trial** installation. - -Both the installation scenarios use the images already built and -deployed on docker hub, for the ML-workspace, client, and LibMS. -Both incorporate traefik forward-auth microservice for backend authorization. - -### Localhost - -The commands to start and stop the appliation are: - -```bash -docker compose -f compose.local.yml --env-file .env up -d -docker compose -f compose.local.yml --env-file .env down -``` - -To restart only a specific container, for example `client`` - -```bash -docker compose -f compose.local.yml --env-file .env up -d --force-recreate client -``` - -## Trial Server Installation - -The commands to start and stop the appliation are: - -```bash -docker compose -f compose.server.yml --env-file .env up -d -docker compose -f compose.server.yml --env-file .env down -``` - -To restart only a specific container, for example `client`` - -```bash -docker compose -f compose.server.yml --env-file .env up -d --force-recreate client -``` - -## Use - -| Deployment Scenario | URL | -|:----|:----| -| localhost | _localhost_ | -| trial server | _foo.com_ | - -Sign in to gitlab instance with the your account. - -All the functionality of DTaaS should be available to you -through the single page client now. - -You may have to click Sign in to Gitlab on the Client page -and authorize access to the shown application. diff --git a/docker/compose.local.yml b/docker/compose.local.yml deleted file mode 100644 index 88c212671..000000000 --- a/docker/compose.local.yml +++ /dev/null @@ -1,94 +0,0 @@ -version: '3' -services: - traefik: - image: traefik:v2.10 - command: - - "--api.insecure=true" - - "--providers.docker=true" - - "--entryPoints.web.address=:80" - - "--entrypoints.web.forwardedHeaders.insecure=true" - - "--entrypoints.web.proxyProtocol.insecure=true" - ports: - - "80:80" - volumes: - - /var/run/docker.sock:/var/run/docker.sock - - libms: - image: intocps/libms:latest - volumes: - - ${DTAAS_DIR}/deploy/config/lib.docker:/dtaas/libms/.env - - ${DTAAS_DIR}/files:/dtaas/libms/files - labels: - - "traefik.enable=true" - - "traefik.http.routers.libms.entryPoints=web" - - "traefik.http.services.libms.loadbalancer.server.port=4001" - - "traefik.http.routers.libms.rule= PathPrefix(`/lib`)" - - "traefik.http.routers.libms.middlewares=traefik-forward-auth" - - client: - image: intocps/dtaas-web:latest - volumes: - - ${CLIENT_CONFIG}:/dtaas/client/build/env.js - labels: - - "traefik.enable=true" - - "traefik.http.routers.client.entryPoints=web" - - "traefik.http.services.client.loadbalancer.server.port=4000" - - "traefik.http.routers.client.middlewares=traefik-forward-auth" - - "traefik.http.routers.client.rule=PathPrefix(`/`)" - - user1: - image: mltooling/ml-workspace-minimal:0.13.2 - volumes: - - ${DTAAS_DIR}/files/common:/workspace/common - - ${DTAAS_DIR}/files/${username1}:/workspace - environment: - - AUTHENTICATE_VIA_JUPYTER= - - WORKSPACE_BASE_URL=${username1} - shm_size: 512m - labels: - - "traefik.enable=true" - - "traefik.http.routers.u1.entryPoints=web" - - "traefik.http.routers.u1.rule=PathPrefix(`/${username1}`) " - - "traefik.http.routers.u1.middlewares=traefik-forward-auth" - - user2: - image: mltooling/ml-workspace-minimal:0.13.2 - volumes: - - ${DTAAS_DIR}/files/common:/workspace/common - - ${DTAAS_DIR}/files/${username2}:/workspace - environment: - - AUTHENTICATE_VIA_JUPYTER= - - WORKSPACE_BASE_URL=${username2} - shm_size: 512m - labels: - - "traefik.enable=true" - - "traefik.http.routers.u2.entryPoints=web" - - "traefik.http.routers.u2.rule=PathPrefix(`/${username2}`) " - - "traefik.http.routers.u2.middlewares=traefik-forward-auth" - - traefik-forward-auth: - image: thomseddon/traefik-forward-auth:latest - volumes: - - ${DTAAS_DIR}/docker/conf.local:/conf - environment: - - DEFAULT_PROVIDER=generic-oauth - - PROVIDERS_GENERIC_OAUTH_AUTH_URL=${OAUTH_URL}/oauth/authorize - - PROVIDERS_GENERIC_OAUTH_TOKEN_URL=${OAUTH_URL}/oauth/token - - PROVIDERS_GENERIC_OAUTH_USER_URL=${OAUTH_URL}/api/v4/user - - PROVIDERS_GENERIC_OAUTH_CLIENT_ID=${CLIENT_ID} - - PROVIDERS_GENERIC_OAUTH_CLIENT_SECRET=${CLIENT_SECRET} - - PROVIDERS_GENERIC_OAUTH_SCOPE=read_user - - SECRET= ${OAUTH_SECRET} - # INSECURE_COOKIE is required if not using a https entrypoint - - INSECURE_COOKIE=true - - CONFIG=/conf - labels: - - "traefik.enable=true" - - - "traefik.http.routers.redirect.entryPoints=web" - - "traefik.http.routers.redirect.rule=PathPrefix(`/_oauth`)" - - "traefik.http.routers.redirect.middlewares=traefik-forward-auth" - - - "traefik.http.middlewares.traefik-forward-auth.forwardauth.address=http://traefik-forward-auth:4181" - - "traefik.http.middlewares.traefik-forward-auth.forwardauth.authResponseHeaders=X-Forwarded-User" - - "traefik.http.services.traefik-forward-auth.loadbalancer.server.port=4181" diff --git a/docker/compose.server.yml b/docker/compose.server.yml deleted file mode 100644 index 9848d088a..000000000 --- a/docker/compose.server.yml +++ /dev/null @@ -1,94 +0,0 @@ -version: '3' -services: - traefik: - image: traefik:v2.10 - command: - - "--api.insecure=true" - - "--providers.docker=true" - - "--entryPoints.web.address=:80" - - "--entrypoints.web.forwardedHeaders.insecure=true" - - "--entrypoints.web.proxyProtocol.insecure=true" - ports: - - "80:80" - volumes: - - /var/run/docker.sock:/var/run/docker.sock - - libms: - image: intocps/libms:latest - volumes: - - ${DTAAS_DIR}/deploy/config/lib.docker:/dtaas/libms/.env - - ${DTAAS_DIR}/files:/dtaas/libms/files - labels: - - "traefik.enable=true" - - "traefik.http.routers.libms.entryPoints=web" - - "traefik.http.services.libms.loadbalancer.server.port=4001" - - "traefik.http.routers.libms.rule=Host(`${SERVER_DNS}`)&&PathPrefix(`/lib`)" - - "traefik.http.routers.libms.middlewares=traefik-forward-auth" - - client: - image: intocps/dtaas-web:latest - volumes: - - ${CLIENT_CONFIG}:/dtaas/client/build/env.js - labels: - - "traefik.enable=true" - - "traefik.http.routers.client.entryPoints=web" - - "traefik.http.services.client.loadbalancer.server.port=4000" - - "traefik.http.routers.client.middlewares=traefik-forward-auth" - - "traefik.http.routers.client.rule=Host(`${SERVER_DNS}`)&&PathPrefix(`/`)" - - user1: - image: mltooling/ml-workspace-minimal:0.13.2 - volumes: - - ${DTAAS_DIR}/files/common:/workspace/common - - ${DTAAS_DIR}/files/${username1}:/workspace - environment: - - AUTHENTICATE_VIA_JUPYTER= - - WORKSPACE_BASE_URL=${username1} - shm_size: 512m - labels: - - "traefik.enable=true" - - "traefik.http.routers.u1.entryPoints=web" - - "traefik.http.routers.u1.rule=Host(`${SERVER_DNS}`)&&PathPrefix(`/${username1}`)" - - "traefik.http.routers.u1.middlewares=traefik-forward-auth" - - user2: - image: mltooling/ml-workspace-minimal:0.13.2 - volumes: - - ${DTAAS_DIR}/files/common:/workspace/common - - ${DTAAS_DIR}/files/${username2}:/workspace - environment: - - AUTHENTICATE_VIA_JUPYTER= - - WORKSPACE_BASE_URL=${username2} - shm_size: 512m - labels: - - "traefik.enable=true" - - "traefik.http.routers.u2.entryPoints=web" - - "traefik.http.routers.u2.rule=Host(`${SERVER_DNS}`)&&PathPrefix(`/${username2}`)" - - "traefik.http.routers.u2.middlewares=traefik-forward-auth" - - traefik-forward-auth: - image: thomseddon/traefik-forward-auth:latest - volumes: - - ${DTAAS_DIR}/docker/conf.server:/conf - environment: - - DEFAULT_PROVIDER=generic-oauth - - PROVIDERS_GENERIC_OAUTH_AUTH_URL=${OAUTH_URL}/oauth/authorize - - PROVIDERS_GENERIC_OAUTH_TOKEN_URL=${OAUTH_URL}/oauth/token - - PROVIDERS_GENERIC_OAUTH_USER_URL=${OAUTH_URL}/api/v4/user - - PROVIDERS_GENERIC_OAUTH_CLIENT_ID=${CLIENT_ID} - - PROVIDERS_GENERIC_OAUTH_CLIENT_SECRET=${CLIENT_SECRET} - - PROVIDERS_GENERIC_OAUTH_SCOPE=read_user - - SECRET= ${OAUTH_SECRET} - # INSECURE_COOKIE is required if not using a https entrypoint - - INSECURE_COOKIE=true - - CONFIG=/conf - labels: - - "traefik.enable=true" - - - "traefik.http.routers.redirect.entryPoints=web" - - "traefik.http.routers.redirect.rule=Host(`${SERVER_DNS}`)&&PathPrefix(`/_oauth`)" - - "traefik.http.routers.redirect.middlewares=traefik-forward-auth" - - - "traefik.http.middlewares.traefik-forward-auth.forwardauth.address=http://traefik-forward-auth:4181" - - "traefik.http.middlewares.traefik-forward-auth.forwardauth.authResponseHeaders=X-Forwarded-User" - - "traefik.http.services.traefik-forward-auth.loadbalancer.server.port=4181" diff --git a/docker/conf.local b/docker/conf.local deleted file mode 100644 index 971d212a3..000000000 --- a/docker/conf.local +++ /dev/null @@ -1,8 +0,0 @@ -rule.libms.action=allow -rule.libms.rule=PathPrefix(`/lib`) - -rule.onlyu1.action=allow -rule.onlyu1.rule=PathPrefix(`/user1`) - -rule.onlyu2.action=allow -rule.onlyu2.rule=PathPrefix(`/user2`) \ No newline at end of file diff --git a/docker/conf.server b/docker/conf.server deleted file mode 100644 index 32add3506..000000000 --- a/docker/conf.server +++ /dev/null @@ -1,10 +0,0 @@ -rule.libms.action=auth -rule.libms.rule=PathPrefix(`/lib`) - -rule.onlyu1.action=auth -rule.onlyu1.rule=PathPrefix(`/user1`) -rule.onlyu1.whitelist = user1@emailservice.com - -rule.onlyu2.action=auth -rule.onlyu2.rule=PathPrefix(`/user2`) -rule.onlyu2.whitelist = user2@emailservice.com \ No newline at end of file diff --git a/docker/dev/.env b/docker/dev/.env deleted file mode 100644 index 80b1ec640..000000000 --- a/docker/dev/.env +++ /dev/null @@ -1,9 +0,0 @@ -DTAAS_DIR='/home/Desktop/DTaaS' -SERVER_DNS='foo.com' -OAUTH_URL='https://gitlab.foo.com' -CLIENT_ID='xx' -CLIENT_SECRET='xx' -OAUTH_SECRET='random-secret-string' -OAUTH_CONF_FILEPATH='/home/Desktop/DTaaS/docker/conf.local' -username1='user1' -username2='user2' diff --git a/docker/dev/README.md b/docker/dev/README.md deleted file mode 100644 index 450667fa7..000000000 --- a/docker/dev/README.md +++ /dev/null @@ -1,86 +0,0 @@ -# Docker workflow for DTaaS - -This readme will explain the building and use of different docker files -for use in development and installation of the DTaaS software. - -**NOTE**: A local docker and docker-compose installation is a pre-requisite -for using docker workflows. - -## Folder Structure - -There are two dockerfiles for building the containers: - -- **client.dockerfile**: Dockerfile for building - the client application container. -- **libms.dockerfile**: Dockerfile for building the library microservice container. - -There is a specific compose file for development: - -- **compose.dev.yml:** Docker Compose configuration for development environment. - -## Build and Publish Docker Images - -### Users - -Build and publish the docker images. This step is required only for -the publication of images to Docker Hub. This publishing step is managed -only by project maintainers. Regular users can skip this step. - -```sh -docker login -u -p -docker build -t intocps/libms:latest -f ./docker/libms.dockerfile . -docker tag intocps/libms:latest intocps/libms:version -docker push intocps/libms:latest -docker push intocps/libms:version - -docker build -t intocps/dtaas-web:latest -f ./docker/client.dockerfile . -docker tag intocps/dtaas-web:latest intocps/dtaas-web:version -docker push intocps/dtaas-web:latest -docker push intocps/dtaas-web:version -``` - -To tag version 0.3.1 for example, use - -```sh -docker tag intocps/dtaas-web:latest intocps/dtaas-web:0.3.1 -``` - -### Developers - -Use of docker images is handy for developers as well. It is suggested -that developers build the required images locally on their computer and -use them for development purposes. The images can be built using - -```sh -docker-compose -f compose.dev.yml build -``` - -## Running Docker Containers - -Follow these steps to use the application with docker. - -The DTaaS application requires multiple configuration files. The list of -configuration files to be modified are given for each scenario. - -### Development Environment - -This scenario is for software developers: - -### Client Website & Lib Configuration - -The configuration files to be updated are: - -1. client/config/local.js -1. deploy/config/lib.docker (optional) - -The relevant docker commands are: - -```bash -docker-compose -f compose.dev.yml up -d #start the application -docker-compose -f compose.dev.yml down #terminate the application -``` - -### Access the Application - -You should access the application through the PORT mapped to the Traefik container. -e.g. `localhost` diff --git a/docker/dev/client.dockerfile b/docker/dev/client.dockerfile deleted file mode 100644 index 6a5c37f7d..000000000 --- a/docker/dev/client.dockerfile +++ /dev/null @@ -1,28 +0,0 @@ -#! docker should be run from the root directory of the project -FROM node:20.10.0-slim as build - -# Set the working directory inside the container -WORKDIR /dtaas/client - -# Copy package.json and package-lock.json to the working directory -COPY ./client/package.json ./ - -# Install dependencies -RUN yarn install --immutable --immutable-cache --check-cache - -# Copy the rest of the application code to the working directory -COPY ./client/ . - -# Build the React app -RUN yarn build - - -FROM node:20.10.0-slim -# Copy the build output to serve -COPY --from=build /dtaas/client/build /dtaas/client/build -COPY --from=build /dtaas/client/package.json /dtaas/client/package.json - -WORKDIR /dtaas/client -RUN npm i -g serve -# Define the command to run your app -CMD ["yarn", "start"] \ No newline at end of file diff --git a/docker/dev/compose.dev.yml b/docker/dev/compose.dev.yml deleted file mode 100644 index 02f206a9f..000000000 --- a/docker/dev/compose.dev.yml +++ /dev/null @@ -1,99 +0,0 @@ -version: '3' -services: - traefik: - image: traefik:v2.10 - command: - - "--api.insecure=true" - - "--providers.docker=true" - - "--entryPoints.web.address=:80" - - "--entrypoints.web.forwardedHeaders.insecure=true" - - "--entrypoints.web.proxyProtocol.insecure=true" - ports: - - "80:80" - volumes: - - /var/run/docker.sock:/var/run/docker.sock - - client: - build: - context: ${DTAAS_DIR}/ - dockerfile: ${DTAAS_DIR}/docker/dev/client.dockerfile - volumes: - - "${DTAAS_DIR}/client/config/local.js:/dtaas/client/build/env.js" - labels: - - "traefik.enable=true" - - "traefik.http.routers.client.entryPoints=web" - - "traefik.http.services.client.loadbalancer.server.port=4000" - - "traefik.http.routers.client.middlewares=traefik-forward-auth" - - "traefik.http.routers.client.rule=PathPrefix(`/`)" - - libms: - image: intocps/libms:latest - build: - context: ${DTAAS_DIR}/ - dockerfile: ${DTAAS_DIR}/docker/libms.dockerfile - volumes: - - ${DTAAS_DIR}/deploy/config/lib.docker:/dtaas/libms/.env - - ${DTAAS_DIR}/files:/dtaas/libms/files - labels: - - "traefik.enable=true" - - "traefik.http.routers.libms.entryPoints=web" - - "traefik.http.services.libms.loadbalancer.server.port=4001" - - "traefik.http.routers.libms.rule= PathPrefix(`/lib`)" - - "traefik.http.routers.libms.middlewares=traefik-forward-auth" - - user1: - image: mltooling/ml-workspace-minimal:0.13.2 - volumes: - - ${DTAAS_DIR}/files/common:/workspace/common - - ${DTAAS_DIR}/files/${username1}:/workspace - environment: - - AUTHENTICATE_VIA_JUPYTER= - - WORKSPACE_BASE_URL=${username1} - shm_size: 512m - labels: - - "traefik.enable=true" - - "traefik.http.routers.u1.entryPoints=web" - - "traefik.http.routers.u1.rule=PathPrefix(`/${username1}`) " - - "traefik.http.routers.u1.middlewares=traefik-forward-auth" - - user2: - image: mltooling/ml-workspace-minimal:0.13.2 - volumes: - - ${DTAAS_DIR}/files/common:/workspace/common - - ${DTAAS_DIR}/files/${username2}:/workspace - environment: - - AUTHENTICATE_VIA_JUPYTER= - - WORKSPACE_BASE_URL=${username2} - shm_size: 512m - labels: - - "traefik.enable=true" - - "traefik.http.routers.u2.entryPoints=web" - - "traefik.http.routers.u2.rule=PathPrefix(`/${username2}`) " - - "traefik.http.routers.u2.middlewares=traefik-forward-auth" - - traefik-forward-auth: - image: thomseddon/traefik-forward-auth:latest - volumes: - - ${OAUTH_CONF_FILEPATH}:/conf - environment: - - DEFAULT_PROVIDER=generic-oauth - - PROVIDERS_GENERIC_OAUTH_AUTH_URL=${OAUTH_URL}/oauth/authorize - - PROVIDERS_GENERIC_OAUTH_TOKEN_URL=${OAUTH_URL}/oauth/token - - PROVIDERS_GENERIC_OAUTH_USER_URL=${OAUTH_URL}/api/v4/user - - PROVIDERS_GENERIC_OAUTH_CLIENT_ID=${CLIENT_ID} - - PROVIDERS_GENERIC_OAUTH_CLIENT_SECRET=${CLIENT_SECRET} - - PROVIDERS_GENERIC_OAUTH_SCOPE=read_user - - SECRET= ${OAUTH_SECRET} - # INSECURE_COOKIE is required if not using a https entrypoint - - INSECURE_COOKIE=true - - CONFIG=/conf - labels: - - "traefik.enable=true" - - - "traefik.http.routers.redirect.entryPoints=web" - - "traefik.http.routers.redirect.rule=PathPrefix(`/_oauth`)" - - "traefik.http.routers.redirect.middlewares=traefik-forward-auth" - - - "traefik.http.middlewares.traefik-forward-auth.forwardauth.address=http://traefik-forward-auth:4181" - - "traefik.http.middlewares.traefik-forward-auth.forwardauth.authResponseHeaders=X-Forwarded-User" - - "traefik.http.services.traefik-forward-auth.loadbalancer.server.port=4181" diff --git a/docker/dev/libms.dockerfile b/docker/dev/libms.dockerfile deleted file mode 100644 index 45e5ab5d2..000000000 --- a/docker/dev/libms.dockerfile +++ /dev/null @@ -1,14 +0,0 @@ -FROM node:20.10.0-slim - -#! docker should be run from the root directory of the project - -# Set the working directory inside the container -WORKDIR /dtaas/libms - -# pull the libms package from npm registry -RUN npm i -g @into-cps-association/libms@0.3.1 - -COPY ./deploy/config/lib . - -# Define the command to run your app -CMD ["libms"] diff --git a/docker/traefik-forward-auth.png b/docker/traefik-forward-auth.png deleted file mode 100644 index d1eb11623..000000000 Binary files a/docker/traefik-forward-auth.png and /dev/null differ diff --git a/docs/redirect-page.html b/docs/redirect-page.html index d53a7ed1d..742a397bb 100644 --- a/docs/redirect-page.html +++ b/docs/redirect-page.html @@ -60,6 +60,11 @@ Online PDF + + Version 0.4.0 + Online + PDF + Version 0.3.0 Online