Initial Docker impl

docker-compose.yml

@@ -0,0 +1,41 @@
+version: '3.1'
+
+services:
+
+  vm:
+    build:
+      context: ./docker/vm
+    container_name: vm
+    ports:
+      - 8000:8000
+      - 8080:8080
+      - 3306:3306
+      - 5432:5432
+      - 8983:8983
+      - 8161:8161
+    networks:
+      - islandora
+    privileged: true  
+    volumes:
+      - keys:/root/.ssh
+
+  ansible:
+    container_name: ansible
+    build:
+      context: ./docker/ansible
+    networks:
+      - islandora
+    depends_on: 
+      - vm
+    volumes:
+      - keys:/root/.ssh
+      - ./:/root/playbook:Z
+
+networks:
+  islandora:
+    driver: bridge
+
+volumes:
+  keys:
+    driver: local
+

docker/ansible/Dockerfile

@@ -0,0 +1,15 @@
+FROM centos:7.6.1810
+
+ENV ISLANDORA_DISTRO="centos/7" \
+    ANSIBLE_CONFIG=/root/playbook/ansible.cfg 
+
+WORKDIR /root/playbook
+
+RUN yum -y install epel-release && \
+    yum -y install git ansible openssh-clients
+
+COPY entrypoint.sh /bin/
+
+RUN chmod 700 /bin/entrypoint.sh
+
+ENTRYPOINT [ "/bin/entrypoint.sh" ]

docker/ansible/entrypoint.sh

@@ -0,0 +1,7 @@
+#!/bin/sh
+
+ssh-keyscan -H vm > /root/.ssh/known_hosts
+
+ansible-galaxy install --role-file=/root/playbook/requirements.yml --roles-path=roles/external
+ansible-playbook -i /root/playbook/inventory/docker /root/playbook/playbook.yml
+tail -f /dev/null

docker/vm/Dockerfile

@@ -0,0 +1,40 @@
+FROM centos:7.6.1810
+
+ENV container docker
+
+COPY sestatus /bin/
+
+RUN chmod 700 /bin/sestatus
+
+RUN (cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == systemd-tmpfiles-setup.service ] || rm -f $i; done); \
+rm -f /lib/systemd/system/multi-user.target.wants/*;\
+rm -f /etc/systemd/system/*.wants/*;\
+rm -f /lib/systemd/system/local-fs.target.wants/*; \
+rm -f /lib/systemd/system/sockets.target.wants/*udev*; \
+rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \
+rm -f /lib/systemd/system/basic.target.wants/*;\
+rm -f /lib/systemd/system/anaconda.target.wants/*;
+
+RUN yum -y install \
+            --setopt=tsflags=nodocs \
+			--disableplugin=fastestmirror \
+		openssh-clients \
+		openssh-server \
+		openssl \
+		sudo \
+		initscripts
+
+# Authorize SSH Host
+RUN mkdir -p /root/.ssh && \
+    chmod 0700 /root/.ssh
+
+
+# Add the keys and set permissions
+RUN cat /dev/zero | ssh-keygen -q -N "" && \
+    chmod 600 /root/.ssh/id_rsa && \
+    chmod 600 /root/.ssh/id_rsa.pub && \
+	cat /root/.ssh/id_rsa.pub > /root/.ssh/authorized_keys
+
+VOLUME [ "/sys/fs/cgroup" ]
+
+CMD ["/usr/sbin/init"]

docker/vm/sestatus

@@ -0,0 +1,3 @@
+#!/bin/sh
+
+echo "Current mode:                   permissive"

inventory/docker/group_vars/all/main.yml

@@ -0,0 +1,43 @@
+---
+
+ansible_user: root
+ansible_ssh_user: root
+
+# Change selinux status to permissive
+disable_selinux: yes
+
+islandora_extra_ubuntu_packages:
+  - wget
+  - curl
+  - htop
+  - tree
+  - zsh
+  - fish
+  - unzip
+  - build-essential
+  - vim
+
+islandora_extra_centos_packages:
+  - wget
+  - curl
+  - tree
+  - zsh
+  - unzip
+  - vim
+  - make
+  - automake
+  - gcc
+  - gcc-c++
+  - kernel-devel
+
+postgresql_user: postgres
+
+mysql_users:
+  - name: "{{ drupal_db_user }}"
+    host: "%"
+    password: "{{ drupal_db_password }}"
+    priv: "{{ drupal_db_name }}.*:ALL"
+
+# Used by both the webserver and crayfish role for CentOS.
+php_enablerepo: "remi-php72"
+php_packages_state: "latest"

inventory/docker/group_vars/all/passwords.yml

@@ -0,0 +1,17 @@
+---
+
+# Drupal
+drupal_db_password: islandora
+drupal_account_pass: islandora
+
+# MySQL/Postgres
+islandora_db_root_password: islandora
+
+# Tomcat
+islandora_tomcat_password: islandora
+
+# Syn
+islandora_syn_token: islandora
+
+# Cantaloupe
+cantaloupe_admin_password: islandora

inventory/docker/group_vars/crayfish.yml

@@ -0,0 +1,6 @@
+---
+
+crayfish_db: "{{ claw_db }}"
+
+crayfish_milliner_drupal_base_url: http://localhost:8000
+crayfish_milliner_gemini_base_url: http://localhost:8000/gemini

inventory/docker/group_vars/database.yml

@@ -0,0 +1,10 @@
+mysql_root_username: root
+mysql_root_password: "{{ islandora_db_root_password  }}"
+
+postgresql_users:
+  - name: "{{ drupal_db_user }}"
+    password: "{{ islandora_db_root_password  }}"
+    db: "{{ drupal_db_name }}"
+
+postgresql_databases:
+  - name: "{{ drupal_db_name }}"

inventory/docker/group_vars/karaf.yml

@@ -0,0 +1,6 @@
+---
+
+# Comment in to build Alpaca from source
+# alpaca_from_source: yes
+# alpaca_version: your-branch-name
+# alpaca_clone_directory: /opt/alpaca

inventory/docker/group_vars/solr.yml

@@ -0,0 +1,6 @@
+#solr_version: "6.6.0"
+
+solr_cores:
+  - CLAW
+
+solr_install_path: /opt/solr

inventory/docker/group_vars/tomcat.yml

@@ -0,0 +1,66 @@
+---
+
+tomcat8_users:
+  - username: islandora
+    password: "{{ islandora_tomcat_password }}"
+    roles:
+      - manager-gui
+
+tomcat8_java_opts:
+  - -Djava.awt.headless=true
+  - -Dfile.encoding=UTF-8
+  - -server
+  - -Xms512m
+  - -Xmx1024m
+  - -XX:NewSize=256m
+  - -XX:MaxNewSize=256m
+  - -XX:PermSize=256m
+  - -XX:MaxPermSize=256m
+  - -Dfcrepo.home={{ fcrepo_home_dir }}
+  - -Dfcrepo.modeshape.configuration=file://{{ fcrepo_home_dir }}/configs/repository.json
+  - -Dfcrepo.activemq.configuration=file://{{ fcrepo_config_dir }}/activemq.xml
+  - -Dfcrepo.spring.configuration=file://{{ fcrepo_home_dir }}/configs/fcrepo-config.xml
+  - -Dfcrepo.external.content.allowed={{ fcrepo_allowed_external_content_file }}
+  - -Dcom.bigdata.rdf.sail.webapp.ConfigParams.propertyFile={{ blazegraph_home_dir }}/conf/RWStore.properties
+  - -Dcantaloupe.config={{ cantaloupe_symlink }}/cantaloupe.properties
+  - -Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true
+
+fcrepo_syn_tomcat_home: "{{ tomcat8_home }}"
+fcrepo_syn_default_public_key_path: "{{ fcrepo_syn_tomcat_home }}/conf/public.key"
+
+fcrepo_syn_sites:
+  - algorithm: RS256
+    encoding: PEM
+    anonymous: true
+    default: true
+    path: "{{ fcrepo_syn_default_public_key_path }}"
+
+fcrepo_syn_tokens:
+  - user: admin
+    roles:
+      - admin
+      - fedoraAdmin
+    token: "{{ islandora_syn_token }}"
+
+fcrepo_version: "5.0.0"
+fcrepo_auth_header_name: "X-Islandora"
+fcrepo_syn_auth_header: "X-Islandora"
+
+cantaloupe_deploy_war: yes
+cantaloupe_deploy_war_path: "{{ tomcat8_home }}/webapps"
+cantaloupe_user: tomcat8
+cantaloupe_group: tomcat8
+cantaloupe_admin_enabled: "true"
+cantaloupe_OpenJpegProcessor_path_to_binaries: /usr/local/bin
+cantaloupe_log_application_ConsoleAppender_enabled: "false"
+cantaloupe_log_application_FileAppender_enabled: "true"
+cantaloupe_log_application_FileAppender_pathname: "{{ cantaloupe_log_path }}/application.log"
+cantaloupe_log_access_FileAppender_enabled: "true"
+cantaloupe_log_access_FileAppender_pathname: "{{ cantaloupe_log_path }}/access.log"
+cantaloupe_FilesystemResolver_BasicLookupStrategy_path_prefix: /var/www/html/drupal/web/
+cantaloupe_processor_jp2: OpenJpegProcessor
+cantaloupe_cache_source: FilesystemCache
+cantaloupe_cache_derivative: FilesystemCache
+cantaloupe_create_FilesystemCache_dir: yes
+cantaloupe_resolver_static: HttpResolver
+cantaloupe_HttpResolver_BasicLookupStrategy_url_prefix: http://localhost:8000/

inventory/docker/group_vars/webserver/apache.yml

@@ -0,0 +1,11 @@
+---
+
+apache_listen_port: 8000
+apache_create_vhosts: true
+apache_vhosts_filename: "islandora.conf"
+apache_remove_default_vhost: true
+apache_vhosts:
+  - servername: "claw.dev"
+    documentroot: "/var/www/html/drupal/web"
+    allow_override: All
+    options: -Indexes +FollowSymLinks

inventory/docker/group_vars/webserver/drupal.yml

@@ -0,0 +1,60 @@
+---
+
+drupal_build_composer_project: true
+drupal_composer_install_dir: /var/www/html/drupal
+drupal_core_owner: "{{ ansible_user }}"
+drupal_composer_dependencies:
+  - "zaporylie/composer-drupal-optimizations:^1.0"
+  - "drupal/console:~1.0"
+  - "drupal/devel:^2.0"
+  - "drupal/rdfui:^1.0-beta1"
+  - "drupal/restui:^1.16"
+  - "drupal/search_api_solr:^2.0"
+  - "drupal/facets:^1.3"
+  - "drupal/content_browser:^1.0@alpha"
+  - "drupal/matomo:^1.7"
+  - "drupal/pdf:1.x-dev"
+  - "islandora/carapace:1.0.0"
+  - "islandora/islandora_defaults:1.0.0"
+drupal_composer_project_package: "islandora/drupal-project:8.6.10"
+drupal_composer_project_options: "--prefer-dist --stability dev --no-interaction"
+drupal_core_path: "{{ drupal_composer_install_dir }}/web"
+drupal_db_user: drupal8
+drupal_db_name: drupal8
+drupal_db_backend: "{{ claw_db }}"
+drupal_db_host: "127.0.0.1"
+drupal_domain: "claw.dev"
+drupal_site_name: "Islandora 8"
+drupal_install_profile: standard
+drupal_account_name: admin
+drupal_enable_modules:
+  - rdf
+  - responsive_image
+  - syslog
+  - serialization
+  - basic_auth
+  - rest
+  - simpletest
+  - restui
+  - devel
+  - search_api_solr
+  - search_api_solr_defaults
+  - facets
+  - content_browser
+  - matomo
+  - pdf
+  - islandora_core_feature
+  - controlled_access_terms_defaults
+drupal_trusted_hosts:
+  - ^localhost$
+drupal_trusted_hosts_file: "{{ drupal_core_path }}/sites/default/settings.php"
+drupal_public_filesystem: "{{ drupal_core_path }}/sites/default/files"
+drupal_external_libraries_directory: "{{ drupal_core_path }}/libraries"
+fedora_base_url: "http://localhost:8080/fcrepo/rest/"
+drupal_jsonld_remove_format: true
+drupal_gemini_pseudo_bundles:
+  - islandora_object:node
+  - image:media
+  - file:media
+  - audio:media
+  - video:media

inventory/docker/group_vars/webserver/general.yml

@@ -0,0 +1,5 @@
+---
+
+webserver_app: yes
+openseadragon_iiiv_set_var: yes
+openseadragon_iiiv_server: http://localhost:8080/cantaloupe/iiif/2

inventory/docker/hosts

@@ -0,0 +1,21 @@
+# Generated by Vagrant
+
+default ansible_ssh_host=vm
+
+[karaf]
+default
+
+[database]
+default
+
+[webserver]
+default
+
+[tomcat]
+default
+
+[solr]
+default
+
+[crayfish]
+default