Added bordered and more explanation

798a9d38 · Martin Weise · ae83fde8 · 798a9d38 · 798a9d38 · 798a9d38
Verified Commit 798a9d38 authored 1 year ago by Martin Weise
--- a/docs/deployment-docker-compose.md
+++ b/docs/deployment-docker-compose.md
@@ -6,11 +6,10 @@ author: Martin Weise
 ## TL;DR
-If you have [:simple-docker: Docker](https://docs.docker.com/engine/install/) already installed on your system, you can
+If you have [Docker](https://docs.docker.com/engine/install/) already installed on your system, you can install DBRepo with:
-install DBRepo with:
 ```shell
-curl -sSL https://gitlab.phaidra.org/fair-data-austria-db-repository/fda-services/-/raw/dev/install.sh | sudo bash
+curl -sSL https://gitlab.phaidra.org/fair-data-austria-db-repository/fda-services/-/raw/dev/install.sh | bash
 ```
 ## Architecture

--- a/docs/deployment-helm.md
+++ b/docs/deployment-helm.md
@@ -7,7 +7,7 @@ author: Martin Weise
 To install DBRepo in your existing cluster, download the sample [`values.yaml`](https://gitlab.phaidra.org/fair-data-austria-db-repository/fda-deployment/-/raw/master/charts/dbrepo-core/values.yaml?inline=false)
 for your deployment and update the variables `hostname` and `authAdminApiUrl` to your domain.
-If you have [:simple-helm: Helm](https://helm.sh/docs/intro/install/) already installed on your system, you can
+If you have [Helm](https://helm.sh/docs/intro/install/) already installed on your system, you can
 install DBRepo with:
 ```shell
@@ -26,59 +26,3 @@ helm upgrade --install dbrepo \
 ![Architecture Kubernetes Azure](images/architecture-core.svg)
 <figcaption>Architecture of the services on Kubernetes</figcaption>
 </figure>
-## Chart values
-| Key                             | Type   | Default                            | Description                                                                                                |
-|---------------------------------|--------|------------------------------------|------------------------------------------------------------------------------------------------------------|
-| `replicaCount`                  | int    | `1`                                | Number of replicas (pods) to launch.                                                                       |
-| `nameOverride`                  | string | `""`                               | A name in place of the chart name for `app:` labels.                                                       |
-| `fullnameOverride`              | string | `""`                               | A name to substitute for the full names of resources.                                                      |
-| `imagePullPolicy`               | string | `Always`                           | Override for the image pull policy, e.g. `IfNotPresent`                                                    |
-| `adminEmail`                    | string | `noreply@example.com`              | E-mail address for OAI-PMH metadata.                                                                       |
-| `repositoryName`                | string | `Database Repository`              | Repository name for OAI-PMH metadata.                                                                      |
-| `hostname`                      | string | `example.com`                      | Domain name for the deployment, should not contain `https://` or any path.                                 |
-| `uiLogo`                        | string | `/logo.png`                        | Path to the logo, you can mount the file via a configmap or volume.                                        |
-| `uiIcon`                        | string | `/favicon.ico`                     | Path to the favicon, you can mount the file via a configmap or volume.                                     |
-| `uiVersion`                     | string | `latest`                           | Subtitle of the repository displayed in the UI.                                                            |
-| `uiTitle`                       | string | `Database Repository`              | Title of the repository displayed in the UI.                                                               |
-| `uiKeycloakLoginUrl`            | string | `/api/auth/`                       | Link to the authentication service login page.                                                             |
-| `uiBrokerLoginUrl`              | string | `/broker/`                         | Link to the broker service login page.                                                                     |
-| `uiForceSsl`                    | bool   | `true`                             | Force SSL in the frontend on all resources and links. Disable this for insecure file uploads.              |
-| `uiUploadPath`                  | string | `/tmp/`                            | Path to upload files into the shared volume.                                                               |
-| `authClientId`                  | string | `dbrepo-client`                    | Id of the client within keycloak that the backend services should use for communication with keycloak.     |
-| `authClientSecret`              | string | `MUwRc7yfXSJwX8AdRMWaQC3Nep1VjwgG` | Secret of this client. This should be changed.                                                             |
-| `authUsername`                  | string | `fda`                              | Authentication service admin username that the backend services should use.                                |
-| `authPassword`                  | string | `fda`                              | Authentication service admin password that the backend services should use.                                |
-| `authAdminApiUrl`               | string | `https://example.com/api/auth`     | Backend authentication URL that points to the keycloak instance.                                           |
-| `brokerUsername`                | string | `broker`                           | Broker service admin username that the backend services should use.                                        |
-| `brokerPassword`                | string | `broker`                           | Broker service admin password that the backend services should use.                                        |
-| `brokerEndpoint`                | string | `http://broker-service`            | Endpoint URL of the broker service.                                                                        |
-| `datacitePassword`              | string | `""`                               | Password of a DataCite Fabrica user to mint DOIs (optional).                                               |
-| `datacitePrefix`                | string | `""`                               | DOI prefix (optional).                                                                                     |
-| `dataciteUrl`                   | string | `https://api.datacite.org`         | DataCite Fabrica API endpoint URL (optional).                                                              |
-| `dataciteUsername`              | string | `""`                               | Username of a DataCite Fabrica user to mint DOIs (optional).                                               |
-| `metadataDbDatabase`            | string | `fda`                              | Database name of the metadata database.                                                                    |
-| `metadataDbHost`                | string | `metadata-db`                      | Hostname of the metadata database, this can be a domain name for e.g. managed database deployments.        |
-| `metadataDbJdbcExtraArgs`       | string | `""`                               | Additional arguments for the JDBC protocol to e.g. enforce SSL with `?useSSL=true`                         |
-| `metadataDbPassword`            | string | `dbrepo`                           | Password of the root user that can access the metadata database.                                           |
-| `metadataDbUsername`            | string | `root`                             | Username of the root user that can access the metadata database.                                           |
-| `metadataDbReplicationUsername` | string | `replicator`                       | Replication username. Set to `""` if no replication pod should be started (e.g. in a managed environment). |
-| `metadataDbReplicationPassword` | string | `replicator`                       | Replication password. Set to `""` if no replication pod should be started (e.g. in a managed environment). |
-| `authDb`                        | string | `keycloak`                         | Database name of the authentication service database.                                                      |
-| `authDbHost`                    | string | `auth-db`                          | Hostname of the metadata database, this can be a domain name for e.g. managed database deployments.        |
-| `authDbType`                    | string | `mariadb`                          | JDBC database type for the authentication service (keycloak).                                              |
-| `authDbPassword`                | string | `dbrepo`                           | Password of the root user that can access the authentication database.                                     |
-| `authDbUsername`                | string | `root`                             | Username of the root user that can access the authentication database.                                     |
-| `authDbReplicationUsername`     | string | `replicator`                       | Replication username. Set to `""` if no replication pod should be started (e.g. in a managed environment). |
-| `authDbReplicationPassword`     | string | `replicator`                       | Replication password. Set to `""` if no replication pod should be started (e.g. in a managed environment). |
-| `dataDbPassword`                | string | `dbrepo`                           | Password of the root user that can access the data database.                                               |
-| `dataDbUsername`                | string | `root`                             | Username of the root user that can access the data database.                                               |
-| `dataDbReplicationUsername`     | string | `replicator`                       | Replication username. Set to `""` if no replication pod should be started (e.g. in a managed environment). |
-| `dataDbReplicationPassword`     | string | `replicator`                       | Replication password. Set to `""` if no replication pod should be started (e.g. in a managed environment). |
-| `searchPassword`                | string | `admin`                            | Password of the user that can read and write into the search database.                                     |
-| `searchUsername`                | string | `admin`                            | Username of the user that can read and write into the search database.                                     |
-| `additionalConfigMaps`          | string | `[]`                               | Array of additional config maps. Set to e.g. `[ name: my-config, data: [ key: value ] ]`.                  |
-| `additionalSecrets`             | string | `[]`                               | Array of additional secrets. Set to e.g. `[ name: my-secret, data: [ key: b64_enc_value ] ]`.              |
-| `premiumStorageClassName`       | string | `""`                               | StorageClass name for the shared volume. Must have `ReadWriteMany` capabilities.                           |
--- a/docs/deployment-kubernetes-azure.md
+++ b/docs/deployment-kubernetes-azure.md
@@ -12,7 +12,7 @@ with Microsoft Azure as infrastructure provider.
 ### Hardware
 For this small cloud, test deployment any public cloud provider would suffice, we recommend a 
-small [:simple-microsoftazure: Kubernetes Service](https://azure.microsoft.com/en-us/products/kubernetes-service)
+small [Kubernetes Service](https://azure.microsoft.com/en-us/products/kubernetes-service)
 with Kubernetes version *1.24.10* and node sizes *Standard_B4ms*
 - 4 vCPU cores
@@ -44,7 +44,7 @@ supports:
 2. Hardlinks (TUSd creates lockfiles during upload)
 You will need to use a *StorageClass* of either `managed-*` or `azureblob-*` (after enabling the 
-proprietary [:simple-microsoftazure: CSI driver for BLOB storage](https://learn.microsoft.com/en-us/azure/aks/azure-blob-csi?tabs=NFS#azure-blob-storage-csi-driver-features)
+proprietary [CSI driver for BLOB storage](https://learn.microsoft.com/en-us/azure/aks/azure-blob-csi?tabs=NFS#azure-blob-storage-csi-driver-features)
 in your Kubernetes Cluster).
 We recommend to create 

--- a/docs/images/opensearch-dashboards-reset-pw.png
+++ b/docs/images/opensearch-dashboards-reset-pw.png
--- a/docs/images/opensearch-dashboards.png
+++ b/docs/images/opensearch-dashboards.png
--- a/docs/images/ui.png
+++ b/docs/images/ui.png
--- a/docs/stylesheets/extra.css
+++ b/docs/stylesheets/extra.css
@@ -5,6 +5,10 @@
    --md-primary-fg-color--dark: #00537c /* darken 10% */;
 }
+figure img.img-border {
+    border: 1px solid #b3b3b3;
+}
 .md-main .md-content a:not(.action-button),
 .md-main .md-content a:not(.action-button) {
    color: var(--md-typeset-color);

--- a/docs/system-databases-search.md
+++ b/docs/system-databases-search.md
@@ -30,4 +30,10 @@ Database more efficient.
 ## Security
-(none)
+1. Change the default credentials in the [Search Database Dashboard](../system-other-search-dashboard) with the default
+   credentials `admin:admin` and navigate to your username on the top right and click "Reset password".
+<figure markdown>
+   ![Data ingest](images/opensearch-dashboards-reset-pw.png){ .img-border }
+   <figcaption>Reset the admin password in Opensearch Dashboards</figcaption>
+</figure>
--- a/docs/system-other-search-dashboard.md
+++ b/docs/system-other-search-dashboard.md
@@ -9,13 +9,18 @@ author: Martin Weise
 !!! debug "Debug Information"
    * Ports: 5601/tcp
-    * UI: `http://:5601/`
+    * UI: `http://:5601/admin/dashboard/`
 ## Overview
 It provides a *graphical user interface* (GUI) for an administrator to interact with 
 the [Search Database](../system-databases-search).
+<figure markdown>
+   ![Data ingest](images/opensearch-dashboards.png){ .img-border }
+   <figcaption>Opensearch Dashboards on first start</figcaption>
+</figure>
 ## Limitations
 (none)

--- a/docs/system-other-ui.md
+++ b/docs/system-other-ui.md
@@ -14,7 +14,12 @@ author: Martin Weise
 ## Overview
-It provides a *graphical user interface* (GUI) for a researcher to interact with the database repository's API.
+It provides a *user interface* (UI) for a researcher to interact with the database repository's API.
+<figure markdown>
+   ![Data ingest](images/ui.png){ .img-border }
+   <figcaption>User Interface</figcaption>
+</figure>
 <figure markdown>
 ![UI microservice architecture detailed](images/architecture-ui.png)