Updated docs

87cd3aee · Martin Weise · 987d67f7 · 87cd3aee · 87cd3aee · 87cd3aee
Unverified Commit 87cd3aee authored May 30, 2023 by Martin Weise
--- a/dockerhub/_header.md
+++ b/dockerhub/_header.md
@@ -6,7 +6,7 @@

 * **Where to get help**:

-  [the official documentation](https://dbrepo-docs.ossdip.at/),
+  [the official documentation](https://www.ifs.tuwien.ac.at/infrastructures/dbrepo/),
  [ICoDSE'22 paper](https://doi.org/10.1109/ICoDSE56892.2022.9971958),
  [IJDC'22 paper](https://doi.org/10.2218/ijdc.v17i1.825),
  [iPRES'21 paper](https://doi.org/10.17605/OSF.IO/B7NX5)
@@ -32,6 +32,10 @@
  [docs repo's `dockerhub/` directory](https://gitlab.phaidra.org/fair-data-austria-db-repository/fda-docs/-/tree/master/dockerhub)
  ([history](https://gitlab.phaidra.org/fair-data-austria-db-repository/fda-docs/-/commits/master/dockerhub))

+* **Verify image signature**
+
+  [`mweise.pub`](https://www.ifs.tuwien.ac.at/infrastructures/dbrepo/docker/mweise.pub)
+
 # What is DBRepo?

 We present a database repository system that allows researchers to ingest data into a central, versioned repository

--- a/dockerhub/fda-analyse-service.md
+++ b/dockerhub/fda-analyse-service.md
 # How to use this image

 ```console
-$ docker run -v /var/run/docker.sock:/var/run/docker.sock -v /tmp:/tmp -p 5000:5000
+$ docker run -v /var/run/docker.sock:/var/run/docker.sock -v /tmp:/tmp -p 5000:5000 dbrepo/analyse-service:1.3
 ```

 ## Customization
@@ -26,13 +26,9 @@ Change the default behavior by setting the following environment variables to di

 * `HOSTNAME`, default: `analyse-service`

-  The name that is used at the [Discovery Service](https://hub.docker.com/r/dbrepo/discovery-service) to register the
+  The name that is used at the [discovery service](https://hub.docker.com/r/dbrepo/discovery-service) to register the
  Analyse Service.

-* `EUREKA_SERVER`, default: `http://discovery-service:9090/eureka/`
-
-  Needs to point to the [Discovery Service](https://hub.docker.com/r/dbrepo/discovery-service).
-
 ## Swagger Endpoints

 * **OpenAPI**:

--- a/dockerhub/fda-authentication-service.md
+++ b/dockerhub/fda-authentication-service.md
+
 # How to use this image

 ```console  
-$ docker run -p 9097:9097 -e SPRING_PROFILES_ACTIVE=docker
+$ docker run -p 8443:8443 -p 8080:8080 dbrepo/authentication-service:1.3
 ```  

 ## Customization

 Change the default behavior by setting the following environment variables to different values:

-* `METADATA_DB`, default: `fda`
-
-  The [Metadata Database](https://hub.docker.com/r/dbrepo/metadata-db) database name.
-
 * `METADATA_USERNAME`, default: `root`

-  The [Metadata Database](https://hub.docker.com/r/dbrepo/metadata-db) database username.
+  The [metadata database](https://hub.docker.com/r/dbrepo/metadata-db) database username.

 * `METADATA_PASSWORD`, default: `dbrepo`

-  The [Metadata Database](https://hub.docker.com/r/dbrepo/metadata-db) database password.
-
-* `BROKER_USERNAME`, default: `fda`
-
-  The [Broker Service](https://hub.docker.com/r/dbrepo/broker-service) username of a user that has `administrator` tags
-  associated to the account.
-
-* `BROKER_PASSWORD`, default: `fda`
-
-  The [Broker Service](https://hub.docker.com/r/dbrepo/broker-service) password of a user that has `administrator` tags
-  associated to the account.
-
-* `WEBSITE`, default: `http://example.com`
-
-  The public endpoint of the [User Interface](https://hub.docker.com/r/dbrepo/ui). Internally, it is used to redirect
-  when a user verifies the e-mail address.
-
-* `GATEWAY_ENDPOINT`, default: `http://gateway-service:9095`
-
-  The gateway endpoint.
-
-* `MAIL_FROM`, default: `Database Repository <noreply@example.com>`
-
-  When users verify their e-mail addresses, this is used to declare where the mail is coming from.
-
-* `MAIL_REPLY_TO`, default: `Somebody <somebody@example.com>`
-
-  When users verify their e-mail addresses, this is used to declare where to reply to.
-
-* `MAIL_VERIFY`, default: `false`
-
-  When set to `1`, the service requires all users to verify their e-mail before they can use the repository system, e.g.
-  they cannot log in without clicking the link in the e-mail.
-
-* `JWT_ISSUER`, default: `dbrepo`
-
-  The Java Web Token issuer name.
-
-* `JWT_SECRET`, default: `secret`
-
-  The Java Web Token secret that is used to sign the token generated by the system. This should be treated like with the
-  same caution as a private key.
-
-* `JWT_EXPIRATION`, default: `86400000`
-
-  By default, the Java Web Token expire after 1 day.
-
-* `SMTP_HOST`, optional
-
-  The e-mail server that sends e-mails to the users. Specify the hostname.
-
-* `SMTP_PORT`, optional
-
-  The e-mail server that sends e-mails to the users. Specify the port.
-
-* `SMTP_USERNAME`, optional
-
-  The e-mail server that sends e-mails to the users. Specify the username.
-
-* `SMTP_PASSWORD`, optional
-
-  The e-mail server that sends e-mails to the users. Specify the password.
+  The [metadata database](https://hub.docker.com/r/dbrepo/metadata-db) database password.

-* `LOG_LEVEL`, default: `debug`
+* `KEYCLOAK_ADMIN`, default: `fda`

-  The minimum logging level for the service.
+  The admin user account username. It is **important** to change this value for public deployments.

-## Swagger Endpoints
+* `KEYCLOAK_ADMIN_PASSWORD`, default: `fda`

-* **OpenAPI**:
+  The admin user account password. It is **important** to change this value for public deployments.

-  http://localhost:9097/swagger-ui/index.html
+* `KEYCLOAK_IMPORT`, default: `/opt/keycloak/data/import/dbrepo-realm.json`

-* **OpenAPI `.json`**:
+  The default realm "dbrepo" that is pre-configured with the roles from the backend services. Only change this value  
+  if you want to not use the pre-configured realm and want to use your own. In this case, set the `KEYCLOAK_IMPORT=`  
+  to empty.

-  http://localhost:9097/v3/api-docs/
+## Keycloak Endpoints

-* **OpenAPI `.yaml`**:
+* **Admin Console**:

-  http://localhost:9097/v3/api-docs.yaml
+  https://localhost:8443/admin/master/console/
--- a/dockerhub/fda-broker-service.md
+++ b/dockerhub/fda-broker-service.md
+
 # How to use this image

 ```console  
-$ docker run -v ./fda-broker-service-data:/var/lib/rabbitmq/ -p 9098:9098 -p 5672:5672 -p 15672:15672
+$ docker run -v ./fda-broker-service-data:/var/lib/rabbitmq/ -p 5672:5672 -p 15672:15672 dbrepo/broker-service:1.3
 ```  

 ## Customization

-Change the default behavior by setting the following variables in `rabbitmq.conf` to different values:
+Change the default behavior by setting the following environment variables to different values:

-* `default_user`, default: `fda`
+* `RABBITMQ_DEFAULT_VHOST`, default `dbrepo`

-  The Broker Service username.
+  The backend services are configured to listen by default to the `dbrepo` virtual host.

-* `default_pass`, default: `fda`
+* `JWT_PUBKEY`, default `MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqnHQ2BWWW9vDNLRCcxD++xZg/16oqMo/c1l+lcFEjjAIJjJp/HqrPYU/U9GvquGE6PbVFtTzW1KcKawOW+FJNOA3CGo8Q1TFEfz43B8rZpKsFbJKvQGVv1Z4HaKPvLUm7iMm8Hv91cLduuoWx6Q3DPe2vg13GKKEZe7UFghF+0T9u8EKzA/XqQ0OiICmsmYPbwvf9N3bCKsB/Y10EYmZRb8IhCoV9mmO5TxgWgiuNeCTtNCv2ePYqL/U0WvyGFW0reasIK8eg3KrAUj8DpyOgPOVBn3lBGf+3KFSYi+0bwZbJZWqbC/Xlk20Go1YfeJPRIt7ImxD27R/lNjgDO/MwIDAQAB`

-  The Broker Service password.
+  This value needs to be changed to the RS256 public key from the [authentication-service](https://hub.docker.com/r/dbrepo/authentication-service) in the admin console for public deployments under:

-## Swagger Endpoints
+  *dbrepo > Realm settings > Keys > Algorithm > RS256 > Public key*

-* **OpenAPI**:
+* `JWT_CERT`, default `MIICmzCCAYMCBgGG3GWyBTANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDDAZkYnJlcG8wHhcNMjMwMzEzMTkxMzE3WhcNMzMwMzEzMTkxNDU3WjARMQ8wDQYDVQQDDAZkYnJlcG8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqqcdDYFZZb28M0tEJzEP77FmD/Xqioyj9zWX6VwUSOMAgmMmn8eqs9hT9T0a+q4YTo9tUW1PNbUpwprA5b4Uk04DcIajxDVMUR/PjcHytmkqwVskq9AZW/Vngdoo+8tSbuIybwe/3Vwt266hbHpDcM97a+DXcYooRl7tQWCEX7RP27wQrMD9epDQ6IgKayZg9vC9/03dsIqwH9jXQRiZlFvwiEKhX2aY7lPGBaCK414JO00K/Z49iov9TRa/IYVbSt5qwgrx6DcqsBSPwOnI6A85UGfeUEZ/7coVJiL7RvBlsllapsL9eWTbQajVh94k9Ei3sibEPbtH+U2OAM78zAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAASnN1Cuif1sdfEK2kWAURSXGJCohCROLWdKFjaeHPRaEfpbFJsgxW0Yj3nwX5O3bUlOWoTyENwnXSsXMQsqnNi+At32CKaKO8+AkhAbgQL9F0B+KeJwmYv3cUj5N/LYkJjBvZBzUZ4Ugu5dcxH0k7AktLAIwimkyEnxTNolOA3UyrGGpREr8MCKWVr10RFuOpF/0CsJNNwbHXzalO9D756EUcRWZ9VSg6QVNso0YYRKTnILWDn9hcTRnqGy3SHo3anFTqQZ+BB57YbgFWy6udC0LYRB3zdp6zNti87eu/VEymiDY/mmo1AB8Tm0b6vxFz4AKcL3ax5qS6YnZ9efSzk=`

-  http://localhost:9098/swagger-ui/index.html
+  This value needs to be changed to the RS256 certificate from the [authentication-service](https://hub.docker.com/r/dbrepo/authentication-service) in the admin console for public deployments under:

-* **OpenAPI `.json`**:
+  *dbrepo > Realm settings > Keys > Algorithm > RS256 > Certificate*

-  http://localhost:9098/v3/api-docs/
+Also change the values of the `rabbitmq.conf` file:

-* **OpenAPI `.yaml`**:
+* `default_user`, default: `fda`

-  http://localhost:9098/v3/api-docs.yaml
+  The Broker Service username.
+
+* `default_pass`, default: `fda`
+
+  The Broker Service password.

 ## RabbitMQ Endpoints

-* **Management**:
+* **Management Plugin**:

  http://localhost:15672/
--- a/dockerhub/fda-container-service.md
+++ b/dockerhub/fda-container-service.md
 # How to use this image

 ```console
-$ docker run -p 9091:9091 -v /var/run/docker.sock:/var/run/docker.sock -e SPRING_PROFILES_ACTIVE=docker
+$ docker run -p 9091:9091 -v /var/run/docker.sock:/var/run/docker.sock dbrepo/container-service:1.3
 ```

 ## Customization
@@ -42,6 +42,41 @@ Change the default behavior by setting the following environment variables to di

  The minimum logging level for the service.

+* `CLIENT_ID`, default: `dbrepo-client`
+
+  The client id of the [authentication service](https://hub.docker.com/r/dbrepo/authentication-service).
+
+* `DBREPO_CLIENT_SECRET`, default: `MUwRc7yfXSJwX8AdRMWaQC3Nep1VjwgG`
+
+  The client secret of the client with the above client id. This value needs to be changed by regenerating the client
+  secret in the [authentication service](https://hub.docker.com/r/dbrepo/authentication-service):
+
+  *Realm dbrepo > Clients > dbrepo-client > Credentials > Client Secret > Regenerate*
+
+* `JWT_ISSUER`, default: `http://localhost/realms/dbrepo`
+
+  The address in the `iss` (issuer) field of the JWT token must match this value.
+
+* `JWT_PUBKEY`, default: `MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqnHQ2BWWW9vDNLRCcxD++xZg/16oqMo/c1l+lcFEjjAIJjJp/HqrPYU/U9GvquGE6PbVFtTzW1KcKawOW+FJNOA3CGo8Q1TFEfz43B8rZpKsFbJKvQGVv1Z4HaKPvLUm7iMm8Hv91cLduuoWx6Q3DPe2vg13GKKEZe7UFghF+0T9u8EKzA/XqQ0OiICmsmYPbwvf9N3bCKsB/Y10EYmZRb8IhCoV9mmO5TxgWgiuNeCTtNCv2ePYqL/U0WvyGFW0reasIK8eg3KrAUj8DpyOgPOVBn3lBGf+3KFSYi+0bwZbJZWqbC/Xlk20Go1YfeJPRIt7ImxD27R/lNjgDO/MwIDAQAB`
+
+  This value needs to be changed to the RS256 public key from the [authentication-service](https://hub.docker.com/r/dbrepo/authentication-service) in the admin console for public deployments under:
+
+  *dbrepo > Realm settings > Keys > Algorithm > RS256 > Public key*
+
+## Actuator Endpoints
+
+* **Info Actuator**:
+
+  http://localhost:9091/actuator/info
+
+* **Health Actuator**:
+
+  http://localhost:9091/actuator/health
+
+* **Prometheus Actuator**:
+
+  http://localhost:9091/actuator/prometheus
+
 ## Swagger Endpoints

 * **OpenAPI**:

--- a/dockerhub/fda-database-service.md
+++ b/dockerhub/fda-database-service.md
 # How to use this image

 ```console
-$ docker run -p 9092:9092 -v /var/run/docker.sock:/var/run/docker.sock -e SPRING_PROFILES_ACTIVE=docker
+$ docker run -p 9092:9092 -v /var/run/docker.sock:/var/run/docker.sock dbrepo/database-service:1.3
 ```

 ## Customization
@@ -10,31 +10,35 @@ Change the default behavior by setting the following environment variables to di

 * `METADATA_DB`, default: `fda`

-  The [Metadata Database](https://hub.docker.com/r/dbrepo/metadata-db) database name.
+  The [metadata database](https://hub.docker.com/r/dbrepo/metadata-db) database name.

 * `METADATA_USERNAME`, default: `root`

-  The [Metadata Database](https://hub.docker.com/r/dbrepo/metadata-db) database username.
+  The [metadata database](https://hub.docker.com/r/dbrepo/metadata-db) database username.

 * `METADATA_PASSWORD`, default: `mariadb`

-  The [Metadata Database](https://hub.docker.com/r/dbrepo/metadata-db) database password.
+  The [metadata database](https://hub.docker.com/r/dbrepo/metadata-db) database password.

 * `BROKER_USERNAME`, default: `fda`

-  The [Broker Service](https://hub.docker.com/r/dbrepo/broker-service) username of a user that has `administrator` tags
+  The [broker service](https://hub.docker.com/r/dbrepo/broker-service) username of a user that has `administrator` tags
  associated to the account.

 * `BROKER_PASSWORD`, default: `fda`

-  The [Broker Service](https://hub.docker.com/r/dbrepo/broker-service) password of a user that has `administrator` tags
+  The [broker service](https://hub.docker.com/r/dbrepo/broker-service) password of a user that has `administrator` tags
  associated to the account.

-* `SEARCH_ENDPOINT`, default `search-service`
+* `ELASTIC_USERNAME`, default `elastic`

-  Container hostname of the Search Service.
+  The username of the user that can create the search indexes and update them in the search database.

-* `GATEWAY_ENDPOINT`, default: http://gateway-service:9095
+* `ELASTIC_PASSWORD`, default `elastic`
+
+  The password of the user that can create the search indexes and update them in the search database.
+
+* `GATEWAY_ENDPOINT`, default: http://gateway-service

  The gateway endpoint.

@@ -42,6 +46,41 @@ Change the default behavior by setting the following environment variables to di

  The minimum logging level for the service.

+* `CLIENT_ID`, default: `dbrepo-client`
+
+  The client id of the [authentication service](https://hub.docker.com/r/dbrepo/authentication-service).
+
+* `DBREPO_CLIENT_SECRET`, default: `MUwRc7yfXSJwX8AdRMWaQC3Nep1VjwgG`
+
+  The client secret of the client with the above client id. This value needs to be changed by regenerating the client
+  secret in the [authentication service](https://hub.docker.com/r/dbrepo/authentication-service):
+
+  *Realm dbrepo > Clients > dbrepo-client > Credentials > Client Secret > Regenerate*
+
+* `JWT_ISSUER`, default: `http://localhost/realms/dbrepo`
+
+  The address in the `iss` (issuer) field of the JWT token must match this value.
+
+* `JWT_PUBKEY`, default: `MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqnHQ2BWWW9vDNLRCcxD++xZg/16oqMo/c1l+lcFEjjAIJjJp/HqrPYU/U9GvquGE6PbVFtTzW1KcKawOW+FJNOA3CGo8Q1TFEfz43B8rZpKsFbJKvQGVv1Z4HaKPvLUm7iMm8Hv91cLduuoWx6Q3DPe2vg13GKKEZe7UFghF+0T9u8EKzA/XqQ0OiICmsmYPbwvf9N3bCKsB/Y10EYmZRb8IhCoV9mmO5TxgWgiuNeCTtNCv2ePYqL/U0WvyGFW0reasIK8eg3KrAUj8DpyOgPOVBn3lBGf+3KFSYi+0bwZbJZWqbC/Xlk20Go1YfeJPRIt7ImxD27R/lNjgDO/MwIDAQAB`
+
+  This value needs to be changed to the RS256 public key from the [authentication-service](https://hub.docker.com/r/dbrepo/authentication-service) in the admin console for public deployments under:
+
+  *dbrepo > Realm settings > Keys > Algorithm > RS256 > Public key*
+
+## Actuator Endpoints
+
+* **Info Actuator**:
+
+  http://localhost:9092/actuator/info
+
+* **Health Actuator**:
+
+  http://localhost:9092/actuator/health
+
+* **Prometheus Actuator**:
+
+  http://localhost:9092/actuator/prometheus
+
 ## Swagger Endpoints

 * **OpenAPI**:

--- a/dockerhub/fda-discovery-service.md
+++ b/dockerhub/fda-discovery-service.md
-# How to use this image
-
-```console
-$ docker run -p 9090:9090 -e SPRING_PROFILES_ACTIVE=docker
-```
-
-## Customization
-
-Change the default behavior by setting the following environment variables to different values:
-
-* `METADATA_DB`, default: `fda`
-
-  The [Metadata Database](https://hub.docker.com/r/dbrepo/metadata-db) database name.
-
-* `METADATA_USERNAME`, default: `root`
-
-  The [Metadata Database](https://hub.docker.com/r/dbrepo/metadata-db) database username.
-
-* `METADATA_PASSWORD`, default: `dbrepo`
-
-  The [Metadata Database](https://hub.docker.com/r/dbrepo/metadata-db) database password.
-
-* `LOG_LEVEL`, default: `debug`
-
-  The minimum logging level for the service.
\ No newline at end of file
--- a/dockerhub/fda-gateway-service.md
+++ b/dockerhub/fda-gateway-service.md
-# How to use this image
-
-```console
-$ docker run -p 9095:9095 -e SPRING_PROFILES_ACTIVE=docker
-```
-
-## Customization
-
-Change the default behavior by setting the following environment variables to different values:
-
-* `METADATA_DB`, default: `fda`
-
-  The [Metadata Database](https://hub.docker.com/r/dbrepo/metadata-db) database name.
-
-* `METADATA_USERNAME`, default: `root`
-
-  The [Metadata Database](https://hub.docker.com/r/dbrepo/metadata-db) database username.
-
-* `METADATA_PASSWORD`, default: `mariadb`
-
-  The [Metadata Database](https://hub.docker.com/r/dbrepo/metadata-db) database password.
-
-* `GATEWAY_ENDPOINT`, default: `http://gateway-service:9095`
-
-  The gateway endpoint.
-
-* `LOG_LEVEL`, default: `debug`
-
-  The minimum logging level for the service.
\ No newline at end of file
--- a/dockerhub/fda-identifier-service.md
+++ b/dockerhub/fda-identifier-service.md
 # How to use this image

 ```console
-$ docker run -p 9096:9096 -e SPRING_PROFILES_ACTIVE=docker
+$ docker run -p 9096:9096 -v /tmp:/tmp dbrepo/database-service:1.3
 ```

 ## Customization
@@ -10,21 +10,21 @@ Change the default behavior by setting the following environment variables to di

 * `METADATA_DB`, default: `fda`

-  The [Metadata Database](https://hub.docker.com/r/dbrepo/metadata-db) database name.
+  The [metadata database](https://hub.docker.com/r/dbrepo/metadata-db) database name.

 * `METADATA_USERNAME`, default: `root`

-  The [Metadata Database](https://hub.docker.com/r/dbrepo/metadata-db) database username.
+  The [metadata database](https://hub.docker.com/r/dbrepo/metadata-db) database username.

 * `METADATA_PASSWORD`, default: `dbrepo`

-  The [Metadata Database](https://hub.docker.com/r/dbrepo/metadata-db) database password.
+  The [metadata database](https://hub.docker.com/r/dbrepo/metadata-db) database password.

-* `GATEWAY_ENDPOINT`, default: `http://gateway-service:9095`
+* `GATEWAY_ENDPOINT`, default: `http://gateway-service`

  The gateway endpoint.

-* `WEBSITE`, default: `http://localhost:3000`
+* `WEBSITE`, default: `http://localhost`

  The absolute url to the front end for redirecting PID lookups.

@@ -32,6 +32,41 @@ Change the default behavior by setting the following environment variables to di

  The minimum logging level for the service.

+* `CLIENT_ID`, default: `dbrepo-client`
+
+  The client id of the [authentication service](https://hub.docker.com/r/dbrepo/authentication-service).
+
+* `DBREPO_CLIENT_SECRET`, default: `MUwRc7yfXSJwX8AdRMWaQC3Nep1VjwgG`
+
+  The client secret of the client with the above client id. This value needs to be changed by regenerating the client
+  secret in the [authentication service](https://hub.docker.com/r/dbrepo/authentication-service):
+
+  *Realm dbrepo > Clients > dbrepo-client > Credentials > Client Secret > Regenerate*
+
+* `JWT_ISSUER`, default: `http://localhost/realms/dbrepo`
+
+  The address in the `iss` (issuer) field of the JWT token must match this value.
+
+* `JWT_PUBKEY`, default: `MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqnHQ2BWWW9vDNLRCcxD++xZg/16oqMo/c1l+lcFEjjAIJjJp/HqrPYU/U9GvquGE6PbVFtTzW1KcKawOW+FJNOA3CGo8Q1TFEfz43B8rZpKsFbJKvQGVv1Z4HaKPvLUm7iMm8Hv91cLduuoWx6Q3DPe2vg13GKKEZe7UFghF+0T9u8EKzA/XqQ0OiICmsmYPbwvf9N3bCKsB/Y10EYmZRb8IhCoV9mmO5TxgWgiuNeCTtNCv2ePYqL/U0WvyGFW0reasIK8eg3KrAUj8DpyOgPOVBn3lBGf+3KFSYi+0bwZbJZWqbC/Xlk20Go1YfeJPRIt7ImxD27R/lNjgDO/MwIDAQAB`
+
+  This value needs to be changed to the RS256 public key from the [authentication-service](https://hub.docker.com/r/dbrepo/authentication-service) in the admin console for public deployments under:
+
+  *dbrepo > Realm settings > Keys > Algorithm > RS256 > Public key*
+
+## Actuator Endpoints
+
+* **Info Actuator**:
+
+  http://localhost:9096/actuator/info
+
+* **Health Actuator**:
+
+  http://localhost:9096/actuator/health
+
+* **Prometheus Actuator**:
+
+  http://localhost:9096/actuator/prometheus
+
 ## Swagger Endpoints

 * **OpenAPI**:

--- a/dockerhub/fda-metadata-db.md
+++ b/dockerhub/fda-metadata-db.md
 # How to use this image

 ```console
-$ docker run -v ./data:/var/lib/postgresql/data -p 5432:5432 -e POSTGRES_USER=postgres -e POSTGRES_PASSWORD=postgres -e POSTGRES_DB=fda
+$ docker run -v ./metadata-db-data:/var/lib/mysql -p 3306:3306 dbrepo/metadata-db:1.3
 ```

 ## Customization
@@ -10,12 +10,24 @@ Change the default behavior by setting the following environment variables to di

 * `METADATA_DB`, default: fda

-  The [Metadata Database](https://hub.docker.com/r/dbrepo/metadata-db) database name.
+  The [metadata database](https://hub.docker.com/r/dbrepo/metadata-db) database name.

 * `METADATA_USERNAME`, default: postgres

-  The [Metadata Database](https://hub.docker.com/r/dbrepo/metadata-db) database username.
+  The [metadata database](https://hub.docker.com/r/dbrepo/metadata-db) database username.

 * `METADATA_PASSWORD`, default: postgres

-  The [Metadata Database](https://hub.docker.com/r/dbrepo/metadata-db) database password.
\ No newline at end of file
+  The [metadata database](https://hub.docker.com/r/dbrepo/metadata-db) database password.
+
+## Actuator Endpoints
+
+* **Prometheus Actuator**:
+
+  http://localhost:9100/actuator/prometheus
+
+## Other Endpoints
+
+* **JDBC Endpoint**:
+
+  `jdbc:mariadb://localhost:3306/fda`
--- a/dockerhub/fda-metadata-service.md
+++ b/dockerhub/fda-metadata-service.md
 # How to use this image

 ```console
-$ docker run -p 9099:9099 -e SPRING_PROFILES_ACTIVE=docker
+$ docker run -p 9099:9099 dbrepo/metadata-service:1.3
 ```

 ## Customization
@@ -10,15 +10,47 @@ Change the default behavior by setting the following environment variables to di

 * `METADATA_DB`, default: `fda`

-  The [Metadata Database](https://hub.docker.com/r/dbrepo/metadata-db) database name.
+  The [metadata database](https://hub.docker.com/r/dbrepo/metadata-db) database name.

 * `METADATA_USERNAME`, default: `root`

-  The [Metadata Database](https://hub.docker.com/r/dbrepo/metadata-db) database username.
+  The [metadata database](https://hub.docker.com/r/dbrepo/metadata-db) database username.

 * `METADATA_PASSWORD`, default: `mariadb`

-  The [Metadata Database](https://hub.docker.com/r/dbrepo/metadata-db) database password.
+  The [metadata database](https://hub.docker.com/r/dbrepo/metadata-db) database password.
+
+* `GATEWAY_ENDPOINT`, default: `http://gateway-service`
+
+  The gateway endpoint.
+
+* `PID_BASE`, default: `http://localhost/pid/`
+
+  The base redirect endpoint for persistent identifiers in the OAI-PMH protocol.
+
+* `REPOSITORY_NAME`, default: `Example Repository`
+
+  The name of the repository for the OAI-PMH protocol.
+
+* `BASE_URL`, default: `http://localhost`
+
+  The base url of the repository for the OAI-PMH protocol.
+
+* `ADMIN_EMAIL`, default: `noreply@localhost`
+
+  The administrator contact e-mail for the OAI-PMH protocol.
+
+* `EARLIEST_DATESTAMP`, default: `2022-09-17T18:23:00Z`
+
+  The first date and time where the repository was providing information to the public.
+
+* `DELETED_RECORD`, default: `persistent`
+
+  Information for the OAI-PMH protocol on the deletion policy of records.
+
+* `GRANULARITY`, default: `YYYY-MM-DDThh:mm:ssZ`
+
+  Denomination of the record granularity for the OAI-PMH protocol.

 * `LOG_LEVEL`, default: `debug`


--- a/dockerhub/fda-query-service.md
+++ b/dockerhub/fda-query-service.md
 # How to use this image

 ```console
-$ docker run -p 9093:9093 -e SPRING_PROFILES_ACTIVE=docker
+$ docker run -p 9093:9093 -v /tmp:/tmp dbrepo/query-service:1.3
 ```

 ## Customization
@@ -10,27 +10,27 @@ Change the default behavior by setting the following environment variables to di

 * `METADATA_DB`, default: `fda`

-  The [Metadata Database](https://hub.docker.com/r/dbrepo/metadata-db) database name.
+  The [metadata database](https://hub.docker.com/r/dbrepo/metadata-db) database name.

 * `METADATA_USERNAME`, default: `root`

-  The [Metadata Database](https://hub.docker.com/r/dbrepo/metadata-db) database username.
+  The [metadata database](https://hub.docker.com/r/dbrepo/metadata-db) database username.

 * `METADATA_PASSWORD`, default: `dbrepo`

-  The [Metadata Database](https://hub.docker.com/r/dbrepo/metadata-db) database password.
+  The [metadata database](https://hub.docker.com/r/dbrepo/metadata-db) database password.

 * `BROKER_USERNAME`, default: `fda`

-  The [Broker Service](https://hub.docker.com/r/dbrepo/broker-service) username of a user that has `administrator` tags
+  The [broker service](https://hub.docker.com/r/dbrepo/broker-service) username of a user that has `administrator` tags
  associated to the account.

 * `BROKER_PASSWORD`, default: `fda`

-  The [Broker Service](https://hub.docker.com/r/dbrepo/broker-service) password of a user that has `administrator` tags
+  The [broker service](https://hub.docker.com/r/dbrepo/broker-service) password of a user that has `administrator` tags
  associated to the account.

-* `GATEWAY_ENDPOINT`, default: `http://gateway-service:9095`
+* `GATEWAY_ENDPOINT`, default: `http://gateway-service`

  The gateway endpoint.

@@ -40,17 +40,52 @@ Change the default behavior by setting the following environment variables to di

 * `BROKER_CONSUMERS`, default: `2`

-  Number of consumers each queue in the [Broker Service](https://hub.docker.com/r/dbrepo/broker-service) should 
-  maintain in the Query Service. Minimum 1.
+  Number of consumers each queue in the [broker service](https://hub.docker.com/r/dbrepo/broker-service) should 
+  maintain. Minimum 1.

 * `LOG_LEVEL`, default: `debug`

  The minimum logging level for the service.

+* `CLIENT_ID`, default: `dbrepo-client`
+
+  The client id of the [authentication service](https://hub.docker.com/r/dbrepo/authentication-service).
+
+* `DBREPO_CLIENT_SECRET`, default: `MUwRc7yfXSJwX8AdRMWaQC3Nep1VjwgG`
+
+  The client secret of the client with the above client id. This value needs to be changed by regenerating the client
+  secret in the [authentication service](https://hub.docker.com/r/dbrepo/authentication-service):
+
+  *Realm dbrepo > Clients > dbrepo-client > Credentials > Client Secret > Regenerate*
+
+* `JWT_ISSUER`, default: `http://localhost/realms/dbrepo`
+
+  The address in the `iss` (issuer) field of the JWT token must match this value.
+
+* `JWT_PUBKEY`, default: `MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqnHQ2BWWW9vDNLRCcxD++xZg/16oqMo/c1l+lcFEjjAIJjJp/HqrPYU/U9GvquGE6PbVFtTzW1KcKawOW+FJNOA3CGo8Q1TFEfz43B8rZpKsFbJKvQGVv1Z4HaKPvLUm7iMm8Hv91cLduuoWx6Q3DPe2vg13GKKEZe7UFghF+0T9u8EKzA/XqQ0OiICmsmYPbwvf9N3bCKsB/Y10EYmZRb8IhCoV9mmO5TxgWgiuNeCTtNCv2ePYqL/U0WvyGFW0reasIK8eg3KrAUj8DpyOgPOVBn3lBGf+3KFSYi+0bwZbJZWqbC/Xlk20Go1YfeJPRIt7ImxD27R/lNjgDO/MwIDAQAB`
+
+  This value needs to be changed to the RS256 public key from the [authentication-service](https://hub.docker.com/r/dbrepo/authentication-service) in the admin console for public deployments under:
+
+  *dbrepo > Realm settings > Keys > Algorithm > RS256 > Public key*
+
 * `NOT_SUPPORTED_KEYWORDS`, default: `*,AVG,BIT_AND,BIT_OR,BIT_XOR,COUNT,COUNTDISTINCT,GROUP_CONCAT,JSON_ARRAYAGG,JSON_OBJECTAGG,MAX,MIN,STD,STDDEV,STDDEV_POP,STDDEV_SAMP,SUM,VARIANCE,VAR_POP,VAR_SAMP,--`

  Comma-separated list of (key-)words that are not allowed in any query or view. The case does not matter.

+## Actuator Endpoints
+
+* **Info Actuator**:
+
+  http://localhost:9093/actuator/info
+
+* **Health Actuator**:
+
+  http://localhost:9093/actuator/health
+
+* **Prometheus Actuator**:
+
+  http://localhost:9093/actuator/prometheus
+
 ## Swagger Endpoints

 * **OpenAPI**:

--- a/dockerhub/fda-search-service.md
+++ b/dockerhub/fda-search-service.md
-# How to use this image
-
-```console
-$ docker run -p 9200:9200 dbrepo/search-service:latest
-```
-
-## Customization
-
-Change the default behavior by setting the following environment variables to different values:
-
-* `ELASTIC_PASSWORD`, default: `elastic`
-
-  The password for the username `elastic`. By default the credentials are `elastic:elastic`.
-
-## Elastic Search Endpoints
-
-* **Index**:
-
-  http://localhost:9200/
--- a/dockerhub/fda-semantics-service.md
+++ b/dockerhub/fda-semantics-service.md
 # How to use this image

 ```console
-$ docker run -p 5010:5010 -e SPRING_PROFILES_ACTIVE=docker
+$ docker run -p 9097:9097 -v /var/run/docker.sock:/var/run/docker.sock -v /tmp:/tmp dbrepo/semantics-service:1.3
 ```

 ## Customization
-
 Change the default behavior by setting the following environment variables to different values:

-* `FLASK_APP`, default: `app.py`
+* `METADATA_DB`, default: `fda`

-  The file that represents a flask app in the container.
+  The [metadata database](https://hub.docker.com/r/dbrepo/metadata-db) database name.

-* `FLASK_RUN_HOST`, default: `0.0.0.0`
+* `METADATA_USERNAME`, default: `root`

-  The bind address for the flask server.
+  The [metadata database](https://hub.docker.com/r/dbrepo/metadata-db) database username.

-* `PORT_APP`, default: `5010`
+* `METADATA_PASSWORD`, default: `dbrepo`

-  The bind port for the flask server.
+  The [metadata database](https://hub.docker.com/r/dbrepo/metadata-db) database password.

-* `FLASK_ENV`, default: `production`
+* `LOG_LEVEL`, default: `debug`

-  The flask environment mode.
+  The minimum logging level for the service.

-* `HOSTNAME`, default: `units-service`
+* `JWT_ISSUER`, default: `http://localhost/realms/dbrepo`

-  The name that is used at the [Discovery Service](https://hub.docker.com/r/dbrepo/discovery-service) to register the
-  Units Service.
+  The address in the `iss` (issuer) field of the JWT token must match this value.

-* `EUREKA_SERVER`, default: `http://discovery-service:9090/eureka/`
+* `JWT_PUBKEY`, default: `MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqnHQ2BWWW9vDNLRCcxD++xZg/16oqMo/c1l+lcFEjjAIJjJp/HqrPYU/U9GvquGE6PbVFtTzW1KcKawOW+FJNOA3CGo8Q1TFEfz43B8rZpKsFbJKvQGVv1Z4HaKPvLUm7iMm8Hv91cLduuoWx6Q3DPe2vg13GKKEZe7UFghF+0T9u8EKzA/XqQ0OiICmsmYPbwvf9N3bCKsB/Y10EYmZRb8IhCoV9mmO5TxgWgiuNeCTtNCv2ePYqL/U0WvyGFW0reasIK8eg3KrAUj8DpyOgPOVBn3lBGf+3KFSYi+0bwZbJZWqbC/Xlk20Go1YfeJPRIt7ImxD27R/lNjgDO/MwIDAQAB`

-  Needs to point to the [Discovery Service](https://hub.docker.com/r/dbrepo/discovery-service).
+  This value needs to be changed to the RS256 public key from the [authentication-service](https://hub.docker.com/r/dbrepo/authentication-service) in the admin console for public deployments under:

-* `READY_FILE`, default: `/ready`
+  *dbrepo > Realm settings > Keys > Algorithm > RS256 > Public key*

-  The full path to the file with filename where to place a file when the service is ready.
+## Actuator Endpoints

-* `LOG_LEVEL`, default: `debug`
+* **Info Actuator**:

-  The minimum logging level for the service.
+  http://localhost:9097/actuator/info

-* `METADATA_DB`, default: `fda`
-
-  The [Metadata Database](https://hub.docker.com/r/dbrepo/metadata-db) database name.
-
-* `METADATA_USERNAME`, default: `root`
+* **Health Actuator**:

-  The [Metadata Database](https://hub.docker.com/r/dbrepo/metadata-db) database username.
+  http://localhost:9097/actuator/health

-* `METADATA_PASSWORD`, default: `mariadb`
+* **Prometheus Actuator**:

-  The [Metadata Database](https://hub.docker.com/r/dbrepo/metadata-db) database password.
+  http://localhost:9097/actuator/prometheus

 ## Swagger Endpoints

 * **OpenAPI**:

-  http://localhost:5010/swagger-ui/
+  http://localhost:9097/swagger-ui/index.html

 * **OpenAPI `.json`**:

-  http://localhost:5010/api-analyze.json
+  http://localhost:9097/v3/api-docs/
+
+* **OpenAPI `.yaml`**:
+
+  http://localhost:9097/v3/api-docs.yaml
--- a/dockerhub/fda-table-service.md
+++ b/dockerhub/fda-table-service.md
 # How to use this image

 ```console
-$ docker run -v /var/run/docker.sock:/var/run/docker.sock -v /tmp:/tmp -p 9094:9094 -e SPRING_PROFILES_ACTIVE=docker
+$ docker run -p 9094:9094 -v /var/run/docker.sock:/var/run/docker.sock -v /tmp:/tmp dbrepo/table-service:1.3
 ```

 ## Customization
@@ -10,38 +10,73 @@ Change the default behavior by setting the following environment variables to di

 * `METADATA_DB`, default: fda

-  The [Metadata Database](https://hub.docker.com/r/dbrepo/metadata-db) database name.
+  The [metadata database](https://hub.docker.com/r/dbrepo/metadata-db) database name.

 * `METADATA_USERNAME`, default: `root`

-  The [Metadata Database](https://hub.docker.com/r/dbrepo/metadata-db) database username.
+  The [metadata database](https://hub.docker.com/r/dbrepo/metadata-db) database username.

 * `METADATA_PASSWORD`, default: `dbrepo`

-  The [Metadata Database](https://hub.docker.com/r/dbrepo/metadata-db) database password.
+  The [metadata database](https://hub.docker.com/r/dbrepo/metadata-db) database password.

 * `BROKER_USERNAME`, default: `fda`

-  The [Broker Service](https://hub.docker.com/r/dbrepo/broker-service) username of a user that has `administrator` tags
+  The [broker service](https://hub.docker.com/r/dbrepo/broker-service) username of a user that has `administrator` tags
  associated to the account.

 * `BROKER_PASSWORD`, default: `fda`

-  The [Broker Service](https://hub.docker.com/r/dbrepo/broker-service) password of a user that has `administrator` tags
+  The [broker service](https://hub.docker.com/r/dbrepo/broker-service) password of a user that has `administrator` tags
  associated to the account.

-* `GATEWAY_ENDPOINT`, default: `http://gateway-service:9095`
+* `SHARED_FILESYSTEM`, default: `/tmp`

-  The gateway endpoint.
+  The folder that has a shared filesystem among services.

-* `multipart.location`, default: `/tmp`
+* `USER_NETWORK`, default: `userdb`

-  The folder that has a shared filesystem among services.
+  The Docker network that user-generated databases are connected to when created.

 * `LOG_LEVEL`, default: `debug`

  The minimum logging level for the service.

+* `CLIENT_ID`, default: `dbrepo-client`
+
+  The client id of the [authentication service](https://hub.docker.com/r/dbrepo/authentication-service).
+
+* `DBREPO_CLIENT_SECRET`, default: `MUwRc7yfXSJwX8AdRMWaQC3Nep1VjwgG`
+
+  The client secret of the client with the above client id. This value needs to be changed by regenerating the client
+  secret in the [authentication service](https://hub.docker.com/r/dbrepo/authentication-service):
+
+  *Realm dbrepo > Clients > dbrepo-client > Credentials > Client Secret > Regenerate*
+
+* `JWT_ISSUER`, default: `http://localhost/realms/dbrepo`
+
+  The address in the `iss` (issuer) field of the JWT token must match this value.
+
+* `JWT_PUBKEY`, default: `MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqnHQ2BWWW9vDNLRCcxD++xZg/16oqMo/c1l+lcFEjjAIJjJp/HqrPYU/U9GvquGE6PbVFtTzW1KcKawOW+FJNOA3CGo8Q1TFEfz43B8rZpKsFbJKvQGVv1Z4HaKPvLUm7iMm8Hv91cLduuoWx6Q3DPe2vg13GKKEZe7UFghF+0T9u8EKzA/XqQ0OiICmsmYPbwvf9N3bCKsB/Y10EYmZRb8IhCoV9mmO5TxgWgiuNeCTtNCv2ePYqL/U0WvyGFW0reasIK8eg3KrAUj8DpyOgPOVBn3lBGf+3KFSYi+0bwZbJZWqbC/Xlk20Go1YfeJPRIt7ImxD27R/lNjgDO/MwIDAQAB`
+
+  This value needs to be changed to the RS256 public key from the [authentication-service](https://hub.docker.com/r/dbrepo/authentication-service) in the admin console for public deployments under:
+
+  *dbrepo > Realm settings > Keys > Algorithm > RS256 > Public key*
+
+## Actuator Endpoints
+
+* **Info Actuator**:
+
+  http://localhost:9094/actuator/info
+
+* **Health Actuator**:
+
+  http://localhost:9094/actuator/health
+
+* **Prometheus Actuator**:
+
+  http://localhost:9094/actuator/prometheus
+
 ## Swagger Endpoints

 * **OpenAPI**:

--- a/dockerhub/fda-ui.md
+++ b/dockerhub/fda-ui.md
 # How to use this image

 ```console
-$ docker run -v /tmp:/tmp -p 3000:3000 -e HOST=0.0.0.0 -e API=http://fda-gateway-service:9095
+$ docker run -v /tmp:/tmp -p 3000:3000 dbrepo/ui:1.3
 ```

 ## Customization

 Change the default behavior by setting the following environment variables to different values:

-* `API`, default: `http://gateway-service:9095`
+* `NODE_ENV`, default: `production`

-  The [Gateway Service](https://hub.docker.com/r/dbrepo/gateway-service) endpoint.
+  The environment for node.js.
+
+* `HOST`, default: `0.0.0.0`
+
+  The interface the frontend should bind to and be available at.
+
+* `API`, default: `http://:80`
+
+  The default API endpoint.
+
+* `BASE_URL`, default: `http://:80`
+
+  The base URL for the frontend.

 * `BROKER_USERNAME`, default: `fda`

-  The [Broker Service](https://hub.docker.com/r/dbrepo/broker-service) username of a user that has `administrator` tags
+  The [broker service](https://hub.docker.com/r/dbrepo/broker-service) username of a user that has `administrator` tags
  associated to the account.

 * `BROKER_PASSWORD`, default: `fda`

-  The [Broker Service](https://hub.docker.com/r/dbrepo/broker-service) password of a user that has `administrator` tags
+  The [broker service](https://hub.docker.com/r/dbrepo/broker-service) password of a user that has `administrator` tags
  associated to the account.

-* `SANDBOX`, default: `false`
-
-  When set to `1`, the interface displays a warning not to include production data.
-
 * `SEARCH`, default: `http://search-service:9200`

  The endpoint of the Search Service.
@@ -34,19 +42,46 @@ Change the default behavior by setting the following environment variables to di

  The folder that has a shared filesystem among services.

-* `VERSION`, default: `1.1`
+* `LOGO`, default: `/logo.png`
+
+  The file that is used to display the logo on the left navigation drawer. Change this to your organization's logo by
+  mounting it with the `-v` flag, e.g. `docker run -v /path/to/your_logo.png:/logo.png ...`.
+
+* `ELASTIC_USERNAME`, default `elastic`
+
+  The username of the user that can create the search indexes and update them in the search database.
+
+* `ELASTIC_PASSWORD`, default `elastic`
+
+  The password of the user that can create the search indexes and update them in the search database.
+
+* `VERSION`, default: `latest`

  The version number to display on the left navigation drawer.

-* `LOGO`, default: `/logo.png`
+* `TITLE`, default: `Database Repository`
+
+  The title of the repository.
+
+* `ICON`, default: `/favicon.ico`
+
+  Path to the logo displayed on the left navigation drawer. Change this to your organization's logo by mounting it
+  with the `-v` flag, e.g. `docker run -v /path/to/your_logo.ico:/favicon.ico ...`.
+
+* `CLIENT_ID`, default: `dbrepo-client`
+
+  The client id of the [authentication service](https://hub.docker.com/r/dbrepo/authentication-service).
+
+* `DBREPO_CLIENT_SECRET`, default: `MUwRc7yfXSJwX8AdRMWaQC3Nep1VjwgG`
+
+  The client secret of the client with the above client id. This value needs to be changed by regenerating the client
+  secret in the [authentication service](https://hub.docker.com/r/dbrepo/authentication-service):

-  The file that is used to display the logo on the left navigation drawer. Tip: place the file in `/app`.
+  *Realm dbrepo > Clients > dbrepo-client > Credentials > Client Secret > Regenerate*

-* `MAIL_VERIFY`, default: `false`
+* `GIT_HASH`, default: `deadbeef`

-  If set to `true`, a mail will be sent via
-  the [Authentication Service](https://hub.docker.com/r/dbrepo/authentication-service) endpoint and it will be mandatory
-  to click a link in the e-mail before proceeding to login.
+  The automatically inserted git hash of the latest commit.

 ## Graphical Endpoints


--- a/dockerhub/fda-user-service.md
+++ b/dockerhub/fda-user-service.md
+# How to use this image
+
+```console
+$ docker run -p 9098:9098 dbrepo/user-service:1.3
+```
+
+## Customization
+
+Change the default behavior by setting the following environment variables to different values:
+
+* `METADATA_DB`, default: fda
+
+  The [metadata database](https://hub.docker.com/r/dbrepo/metadata-db) database name.
+
+* `METADATA_USERNAME`, default: `root`
+
+  The [metadata database](https://hub.docker.com/r/dbrepo/metadata-db) database username.
+
+* `METADATA_PASSWORD`, default: `dbrepo`
+
+  The [metadata database](https://hub.docker.com/r/dbrepo/metadata-db) database password.
+
+* `GATEWAY_ENDPOINT`, default: `http://gateway-service`
+
+  The gateway endpoint.
+
+* `JWT_ISSUER`, default: `http://localhost/realms/dbrepo`
+
+  The address in the `iss` (issuer) field of the JWT token must match this value.
+
+* `JWT_PUBKEY`, default: `MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqnHQ2BWWW9vDNLRCcxD++xZg/16oqMo/c1l+lcFEjjAIJjJp/HqrPYU/U9GvquGE6PbVFtTzW1KcKawOW+FJNOA3CGo8Q1TFEfz43B8rZpKsFbJKvQGVv1Z4HaKPvLUm7iMm8Hv91cLduuoWx6Q3DPe2vg13GKKEZe7UFghF+0T9u8EKzA/XqQ0OiICmsmYPbwvf9N3bCKsB/Y10EYmZRb8IhCoV9mmO5TxgWgiuNeCTtNCv2ePYqL/U0WvyGFW0reasIK8eg3KrAUj8DpyOgPOVBn3lBGf+3KFSYi+0bwZbJZWqbC/Xlk20Go1YfeJPRIt7ImxD27R/lNjgDO/MwIDAQAB`
+
+  This value needs to be changed to the RS256 public key from the [authentication-service](https://hub.docker.com/r/dbrepo/authentication-service) in the admin console for public deployments under:
+
+  *dbrepo > Realm settings > Keys > Algorithm > RS256 > Public key*
+
+* `LOG_LEVEL`, default: `debug`
+
+  The minimum logging level for the service.
+
+* `DEFAULT_ROLE`, default: `default-researcher-roles`
+
+  The default (composite) role of newly created users.
+
+* `ELASTIC_PASSWORD`, default `elastic`
+
+  The password of the user that can create the search indexes and update them in the search database.
+
+## Actuator Endpoints
+
+* **Info Actuator**:
+
+  http://localhost:9094/actuator/info
+
+* **Health Actuator**:
+
+  http://localhost:9094/actuator/health
+
+* **Prometheus Actuator**:
+
+  http://localhost:9094/actuator/prometheus
+
+## Swagger Endpoints
+
+* **OpenAPI**:
+
+  http://localhost:9094/swagger-ui/index.html
+
+* **OpenAPI `.json`**:
+
+  http://localhost:9094/v3/api-docs/
+
+* **OpenAPI `.yaml`**:
+
+  http://localhost:9094/v3/api-docs.yaml
--- a/dockerhub/mweise.pub
+++ b/dockerhub/mweise.pub
+-----BEGIN PUBLIC KEY-----
+role: mweise
+
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEiF4l7rlcaope9LGiodp6yHRtsUek
+WjYX8mVi3AAcuoXvKtnbRZTwX78FOID2zZiQSsHWIcuMDOKJfubNzWrtMw==
+-----END PUBLIC KEY-----
--- a/dockerhub/trust_key.sh
+++ b/dockerhub/trust_key.sh
+#!/bin/bash
+
+TAG=latest
+DOCKER_CONTENT_TRUST=1
+DOCKER_CONTENT_TRUST_ROOT_PASSPHRASE=
+DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE=
+
+# generate key
+#docker trust key generate mweise
+
+# trust
+docker trust signer add --key mweise.pub mweise dbrepo/analyse-service
+docker trust signer add --key mweise.pub mweise dbrepo/broker-service
+docker trust signer add --key mweise.pub mweise dbrepo/container-service
+docker trust signer add --key mweise.pub mweise dbrepo/database-service
+docker trust signer add --key mweise.pub mweise dbrepo/identifier-service
+docker trust signer add --key mweise.pub mweise dbrepo/metadata-db
+docker trust signer add --key mweise.pub mweise dbrepo/metadata-service
+docker trust signer add --key mweise.pub mweise dbrepo/query-service
+docker trust signer add --key mweise.pub mweise dbrepo/semantics-service
+docker trust signer add --key mweise.pub mweise dbrepo/table-service
+docker trust signer add --key mweise.pub mweise dbrepo/ui
+docker trust signer add --key mweise.pub mweise dbrepo/user-service
+
+# sign
+docker trust sign dbrepo/analyse-service:${TAG}
+docker trust sign dbrepo/broker-service:${TAG}
+docker trust sign dbrepo/container-service:${TAG}
+docker trust sign dbrepo/database-service:${TAG}
+docker trust sign dbrepo/identifier-service:${TAG}
+docker trust sign dbrepo/metadata-db:${TAG}
+docker trust sign dbrepo/metadata-service:${TAG}
+docker trust sign dbrepo/query-service:${TAG}
+docker trust sign dbrepo/semantics-service:${TAG}
+docker trust sign dbrepo/table-service:${TAG}
+docker trust sign dbrepo/ui:${TAG}
+docker trust sign dbrepo/user-service:${TAG}
+
+# push
+docker push dbrepo/analyse-service:${TAG}
+docker push dbrepo/broker-service:${TAG}
+docker push dbrepo/container-service:${TAG}
+docker push dbrepo/database-service:${TAG}
+docker push dbrepo/identifier-service:${TAG}
+docker push dbrepo/metadata-db:${TAG}
+docker push dbrepo/metadata-service:${TAG}
+docker push dbrepo/query-service:${TAG}
+docker push dbrepo/semantics-service:${TAG}
+docker push dbrepo/table-service:${TAG}
+docker push dbrepo/ui:${TAG}
+docker push dbrepo/user-service:${TAG}
--- a/docs/docker/mweise.pub
+++ b/docs/docker/mweise.pub
+-----BEGIN PUBLIC KEY-----
+role: mweise
+
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEiF4l7rlcaope9LGiodp6yHRtsUek
+WjYX8mVi3AAcuoXvKtnbRZTwX78FOID2zZiQSsHWIcuMDOKJfubNzWrtMw==
+-----END PUBLIC KEY-----