...
Pré-requis
- Docker
- Docker-compose
- Git
- Java 17
- maven
...
Clonage du dêpot
| Bloc de code |
|---|
|
git clone https://github.com/EsupPortail/esup-signature.git |
...
Création du fichier de configuration pour docker
Créer un fichier fichier src/main/resources/application-docker.yml à partir du fichier application.yml fourni ou et y copier l'exemple suivant :
| Bloc de code |
|---|
|
global:
root-url: http://localhost:8080
domain: univ-ville.fr
nexu-url: http://localhost:9795
nexu-version: 1.23-SNAPSHOT
nexu-download-url: /downloads/nexu-bundle.zip
hide-wizard: false
hide-auto-sign: false
hide-send-sign-request: false
hide-wizard-except-roles:
hide-auto-sign-except-roles:
hide-send-sign-except-roles:
# archive-uri: smb://serveur_fichier/archives
# delay-before-cleaning : 0
enable-su: false
enable-splash: true
application-email: esup.signature@univ-ville.fr
hours-before-refresh-notif: 24
share-mode: 1
infinite-scrolling: true
return-to-home-after-sign: false
naming-template: "[title]"
signed-suffix: "_signé"
trash-keep-delay: -1
disable-cert-storage: false
bouncycastel-max-mr-tests: 0
#tomcat:
# ajp:
# port: 6009
info:
app:
name: esup-signature
description: Instance de production
tags:
environment: PROD
management:
endpoints:
jmx:
exposure:
include: '*'
web:
exposure:
include: '*'
endpoint:
health:
show-details: always
spring:
session:
jdbc:
initialize-schema: always
save-mode: always
data:
ldap:
repositories:
enabled: true
datasource:
driver-class-name: org.postgresql.Driver
url: jdbc:postgresql://localhostpostgres:5432/esupsignature
password: esup
username: esupsignature
jdbc-url: ${spring.datasource.url}
hikari:
auto-commit: false
jpa:
hibernate:
ddl-auto: update
properties:
hibernate:
jdbc:
lob:
non_contextual_creation: true
show-sql: false
open-in-view: false
ldap:
# base: dc=univ-ville,dc=fr
# password: ldap-password
# urls: ldap://ldap.univ-ville.fr
# username: cn=consult,dc=univ-ville,dc=fr
mail:
host: smtp.univ-ville.fr
messages:
basename: i18n/messages
encoding: UTF-8
fallback-to-system-locale: false
servlet:
multipart:
enabled: true
max-file-size: 1280KB
max-request-size: 1280KB
resolve-lazily: true
thymeleaf:
cache: false
encoding: UTF-8
mode: HTML
servlet:
produce-partial-output-while-processing: false
web:
resources:
cache:
cachecontrol:
max-age: 1d
cache-public: true
static-locations: classpath:/static
mvc:
static-path-pattern: /**
ldap:
# search-base: ou=people
# group-search-base: ou=groups
# group-search-filter: member={0}
# user-id-search-filter: (uid={0})
# member-search-filter: (&(uid={0})({1}))
# mapping-filters-groups:
# student : "(eduPersonAffiliation:=student)"
# staff : "(eduPersonAffiliation:=staff)"
# affiliate : "(eduPersonAffiliation:=affiliate)"
mail:
from: no-reply.esup-signature@univ-ville.fr
sms:
enable-sms : false
# service-name: SMSU
# url: https://smsu-api.univ-ville.fr/
# username: sms-account
# password: sms-password
dss:
cache-data-source-driver-class-name: org.hsqldb.jdbc.JDBCDriver
cache-data-source-url: jdbc:hsqldb:mem:cachedb
cache-password:
cache-username: sa
default-validation-policy: policy/constraint.xml
server-signing-keystore-filename: validate_service.p12
server-signing-keystore-password: password
server-signing-keystore-type: PKCS12
tsp-server: http://timestamp.sectigo.com
lotl-country-code: EU
lotl-url: https://ec.europa.eu/tools/lotl/eu-lotl.xml
oj-url: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=uriserv:OJ.C_.2019.276.01.0001.01.ENG
fs:
# smb-login: esup-signature
# smb-password: password
# smb-test-uri: smb://smb.univ-ville.fr
vfs-test-uri: /tmp
# cmis-test-uri: https://esup-signature.univ-ville.fr/nuxeo
# cmis-login: Administrator
# cmis-password: Administrator
# cmis-respository-id: default
# cmis-root-path: /default-domain/workspaces
pdf:
convert-to-pdf-a: true
pdf-a-level: 3
path-to-g-s: /usr/bin/gs
path-to-fonts : /usr/share/fonts
pdf-to-image-dpi: 72
security:
cas:
# service: https://esup-signature.univ-ville.fr/login/cas
# title: Compte Université (CAS)
# url: https://cas.univ-ville.fr
shib:
dev:
enable: true
credentials-request-header: MEMBER
idp-url: https://idp.univ-ville.fr
principal-request-header: REMOTE_USER
title: Compte d’un autre établissement (Shibboleth)
domains-white-list-url: https://eduspot.renater.fr/eduspot/whitelist-eduspot.txt
web:
group-to-role-filter-pattern: for.esup-signature.role.(\w*)
mapping-groups-roles:
for.esup-signature.admin: ROLE_ADMIN
for.esup-signature.user: ROLE_USER
ws-access-authorize-ips: 127.0.0.1
group-mapping-spel:
for.esup-signature.user: "true"
for.esup-signature.admin: "true"
server:
servlet:
session:
tracking-modes: COOKIE
error:
include-stacktrace: always
port: 8080
tomcat:
mbeanregistry:
enabled: true
remoteip:
remote-ip-header: X-Forwarded-For
basedir: ./temp
sign:
aes-key : "0000000000000000"
cades-digest-algorithm: SHA256
cades-signature-level: CAdES_BASELINE_T
container-type: ASiC_E
default-signature-form: XAdES
pades-digest-algorithm: SHA256
pades-signature-level: PAdES_BASELINE_T
password-timeout: 60000
signature-packaging: ENVELOPED
xades-digest-algorithm: SHA256
xades-signature-level: XAdES_BASELINE_T
logging:
file:
name: logs/esup-signature.log
level:
root: info
org.esupportail.esupsignature: info
org.verapdf: error
org.apache.pdfbox: error
eu.europa.esig.dss: error
org.springframework.web.filter.CommonsRequestLoggingFilter: error
# config: classpath:logback-prod.xml
springdoc:
api-docs:
enabled: true
swagger-ui:
enabled: true
supported-submit-methods: []
disable-swagger-default-url: true
packages-to-scan: org.esupportail.esupsignature.web.ws
|
...
| Bloc de code |
|---|
|
mvn clean package -DskipTestDskipTests |
...
Docker compose
Création du docker à l'aide de docker compose
| Bloc de code |
|---|
|
sudo docker-compose build esup-signature |
Lancement du docker
| Bloc de code |
|---|
|
docker run --net=host -it esup-signature |
| Astuce |
|---|
L'application est disponible à l'adresse : http://localhost:8080 L'utilisateur testju@esup-portail.org est aussi administrateur de l'application |