Add web server to dev image
This commit is contained in:
Arthur Barr
@@ -12,19 +12,45 @@
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
###############################################################################
|
||||
# Build stage to build Go code
|
||||
###############################################################################
|
||||
FROM golang:1.9 as builder
|
||||
WORKDIR /go/src/github.com/ibm-messaging/mq-container/
|
||||
COPY cmd/ ./cmd
|
||||
COPY internal/ ./internal
|
||||
COPY vendor/ ./vendor
|
||||
# Re-build runmqserver, with code tagged with 'mqdev' enabled
|
||||
RUN go build --tags 'mqdev' ./cmd/runmqserver
|
||||
RUN go build ./cmd/runmqdevserver/
|
||||
# Run all unit tests
|
||||
RUN go test -v ./cmd/runmqdevserver/...
|
||||
|
||||
###############################################################################
|
||||
# Main build stage
|
||||
###############################################################################
|
||||
FROM mqadvanced-server-dev-base:9.0.4.0-x86_64-ubuntu-16.04
|
||||
|
||||
# Enable MQ developer default configuration
|
||||
ENV MQ_DEV=true
|
||||
|
||||
# Default administrator password
|
||||
ENV MQ_ADMIN_PASSWORD=passw0rd
|
||||
|
||||
## Add admin and app users, and set a default password for admin
|
||||
RUN useradd admin -G mqm \
|
||||
&& groupadd mqclient \
|
||||
&& useradd app -G mqclient,mqm \
|
||||
&& echo admin:passw0rd | chpasswd
|
||||
&& echo admin:$MQ_ADMIN_PASSWORD | chpasswd
|
||||
|
||||
COPY dev.mqsc /etc/mqm/
|
||||
COPY entrypoint.sh /usr/local/bin/
|
||||
RUN chmod +x /usr/local/bin/entrypoint.sh
|
||||
COPY --from=builder /go/src/github.com/ibm-messaging/mq-container/runmqserver /usr/local/bin/
|
||||
COPY --from=builder /go/src/github.com/ibm-messaging/mq-container/runmqdevserver /usr/local/bin/
|
||||
# Copy template MQSC for default developer configuration
|
||||
COPY incubating/mqadvanced-server-dev/dev.mqsc.tpl /etc/mqm/
|
||||
# Copy web XML files for default developer configuration
|
||||
COPY incubating/mqadvanced-server-dev/web /etc/mqm/web
|
||||
RUN chmod +x /usr/local/bin/runmq*
|
||||
|
||||
# Enable MQ developer default configuration
|
||||
ENV MQ_DEV=true
|
||||
EXPOSE 9443
|
||||
|
||||
ENTRYPOINT ["entrypoint.sh"]
|
||||
ENTRYPOINT ["runmqdevserver"]
|
||||
@@ -1,4 +1,4 @@
|
||||
* © Copyright IBM Corporation 2017
|
||||
* © Copyright IBM Corporation 2017, 2018
|
||||
*
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
@@ -38,7 +38,7 @@ DEFINE CHANNEL('DEV.APP.SVRCONN') CHLTYPE(SVRCONN) REPLACE
|
||||
|
||||
* Developer channel authentication rules
|
||||
SET CHLAUTH('*') TYPE(ADDRESSMAP) ADDRESS('*') USERSRC(NOACCESS) DESCR('Back-stop rule - Blocks everyone') ACTION(REPLACE)
|
||||
SET CHLAUTH('DEV.APP.SVRCONN') TYPE(ADDRESSMAP) ADDRESS('*') USERSRC(CHANNEL) CHCKCLNT(REQUIRED) DESCR('Allows connection via APP channel') ACTION(REPLACE)
|
||||
SET CHLAUTH('DEV.APP.SVRCONN') TYPE(ADDRESSMAP) ADDRESS('*') USERSRC(CHANNEL) CHCKCLNT({{ .ChckClnt }}) DESCR('Allows connection via APP channel') ACTION(REPLACE)
|
||||
SET CHLAUTH('DEV.ADMIN.SVRCONN') TYPE(BLOCKUSER) USERLIST('nobody') DESCR('Allows admins on ADMIN channel') ACTION(REPLACE)
|
||||
SET CHLAUTH('DEV.ADMIN.SVRCONN') TYPE(USERMAP) CLNTUSER('admin') USERSRC(CHANNEL) DESCR('Allows admin user to connect via ADMIN channel') ACTION(REPLACE)
|
||||
|
||||
@@ -0,0 +1,30 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<server>
|
||||
<featureManager>
|
||||
<feature>appSecurity-2.0</feature>
|
||||
<feature>basicAuthenticationMQ-1.0</feature>
|
||||
</featureManager>
|
||||
<enterpriseApplication id="com.ibm.mq.console">
|
||||
<application-bnd>
|
||||
<security-role name="MQWebAdmin">
|
||||
<group name="MQWebUI" realm="defaultRealm"/>
|
||||
</security-role>
|
||||
</application-bnd>
|
||||
</enterpriseApplication>
|
||||
<enterpriseApplication id="com.ibm.mq.rest">
|
||||
<application-bnd>
|
||||
<security-role name="MQWebAdmin">
|
||||
<group name="MQWebUI" realm="defaultRealm"/>
|
||||
</security-role>
|
||||
</application-bnd>
|
||||
</enterpriseApplication>
|
||||
<basicRegistry id="basic" realm="defaultRealm">
|
||||
<user name="admin" password="${env.MQ_ADMIN_PASSWORD}"/>
|
||||
<group name="MQWebUI">
|
||||
<member name="admin"/>
|
||||
</group>
|
||||
</basicRegistry>
|
||||
<variable name="httpHost" value="*"/>
|
||||
<httpDispatcher enableWelcomePage="false" appOrContextRootMissingMessage='Redirecting to console.<script>document.location.href="/ibmmq/console";</script>' />
|
||||
<include location="tls.xml"/>
|
||||
</server>
|
||||
@@ -0,0 +1,4 @@
|
||||
<keyStore id="MQWebKeyStore" location="/var/mqm/web/installations/Installation1/servers/mqweb/key.jks" type="JKS" password="${env.MQ_TLS_PASSPHRASE}"/>
|
||||
<keyStore id="MQWebTrustStore" location="/var/mqm/web/installations/Installation1/servers/mqweb/trust.jks" type="JKS" password="${env.MQ_TLS_PASSPHRASE}"/>
|
||||
<ssl id="thisSSLConfig" clientAuthenticationSupported="true" keyStoreRef="MQWebKeyStore" trustStoreRef="MQWebTrustStore" sslProtocol="TLSv1.2" serverKeyAlias="webcert"/>
|
||||
<sslDefault sslRef="thisSSLConfig"/>
|
||||
@@ -0,0 +1 @@
|
||||
<sslDefault sslRef="mqDefaultSSLConfig"/>
|
||||
Reference in New Issue
Block a user