diff --git a/dbrepo-data-service/services/src/main/java/at/tuwien/mapper/DataMapper.java b/dbrepo-data-service/services/src/main/java/at/tuwien/mapper/DataMapper.java
index 904d867643f33decdfc59a5a7e094024c7603f87..c6e14875fea73e2bbb49950e6dc5137fcccdda77 100644
--- a/dbrepo-data-service/services/src/main/java/at/tuwien/mapper/DataMapper.java
+++ b/dbrepo-data-service/services/src/main/java/at/tuwien/mapper/DataMapper.java
@@ -202,6 +202,9 @@ public interface DataMapper {
.resultHash(data.getString(6))
.resultNumber(data.getLong(7))
.isPersisted(data.getBoolean(8))
+ .owner(UserBriefDto.builder()
+ .id(UUID.fromString(data.getString(3)))
+ .build())
.execution(LocalDateTime.parse(data.getString(9), mariaDbFormatter)
.atZone(ZoneId.of("UTC"))
.toInstant())
diff --git a/dbrepo-data-service/services/src/main/java/at/tuwien/service/impl/SubsetServiceMariaDbImpl.java b/dbrepo-data-service/services/src/main/java/at/tuwien/service/impl/SubsetServiceMariaDbImpl.java
index 1b9757659f1f7fad1824034fcffb5c5f0949cc11..bfd52d5d5010f2bafdb897a1061143105d865fef 100644
--- a/dbrepo-data-service/services/src/main/java/at/tuwien/service/impl/SubsetServiceMariaDbImpl.java
+++ b/dbrepo-data-service/services/src/main/java/at/tuwien/service/impl/SubsetServiceMariaDbImpl.java
@@ -9,6 +9,7 @@ import at.ac.tuwien.ifs.dbrepo.core.exception.*;
import at.tuwien.gateway.MetadataServiceGateway;
import at.tuwien.mapper.DataMapper;
import at.tuwien.mapper.MariaDbMapper;
+import at.tuwien.mapper.MetadataMapper;
import at.tuwien.service.SubsetService;
import com.mchange.v2.c3p0.ComboPooledDataSource;
import lombok.extern.log4j.Log4j2;
@@ -34,15 +35,18 @@ public class SubsetServiceMariaDbImpl extends DataConnector implements SubsetSer
private final DataMapper dataMapper;
private final SparkSession sparkSession;
private final MariaDbMapper mariaDbMapper;
+ private final MetadataMapper metadataMapper;
private final MetadataServiceGateway metadataServiceGateway;
@Autowired
public SubsetServiceMariaDbImpl(DSLContext context, DataMapper dataMapper, MariaDbMapper mariaDbMapper,
- SparkSession sparkSession, MetadataServiceGateway metadataServiceGateway) {
+ SparkSession sparkSession, MetadataMapper metadataMapper,
+ MetadataServiceGateway metadataServiceGateway) {
this.context = context;
this.dataMapper = dataMapper;
this.sparkSession = sparkSession;
this.mariaDbMapper = mariaDbMapper;
+ this.metadataMapper = metadataMapper;
this.metadataServiceGateway = metadataServiceGateway;
}
@@ -134,8 +138,8 @@ public class SubsetServiceMariaDbImpl extends DataConnector implements SubsetSer
}
@Override
- public QueryDto findById(DatabaseDto database, UUID queryId) throws QueryNotFoundException,
- SQLException, RemoteUnavailableException, DatabaseNotFoundException, MetadataServiceException {
+ public QueryDto findById(DatabaseDto database, UUID queryId) throws QueryNotFoundException, SQLException,
+ UserNotFoundException, RemoteUnavailableException, MetadataServiceException {
final ComboPooledDataSource dataSource = getDataSource(database);
final Connection connection = dataSource.getConnection();
try {
@@ -148,7 +152,8 @@ public class SubsetServiceMariaDbImpl extends DataConnector implements SubsetSer
throw new QueryNotFoundException("Failed to find query");
}
final QueryDto query = dataMapper.resultSetToQueryDto(resultSet);
- query.setOwner(database.getOwner());
+ query.setOwner(metadataMapper.userDtoToUserBriefDto(metadataServiceGateway.getUserById(query.getOwner()
+ .getId())));
query.setDatabaseId(database.getId());
return query;
} catch (SQLException e) {
diff --git a/helm/dbrepo/README.md b/helm/dbrepo/README.md
index 50e41787d0092f7e3b425c1f6f8d5c15a8203c42..36f522551ea77839f686efe378b4bb77b0c11cf6 100644
--- a/helm/dbrepo/README.md
+++ b/helm/dbrepo/README.md
@@ -408,12 +408,12 @@ mqtt.prefetch = 10
### Dashboard UI
-| Name | Description | Value |
-| ---------------------------------------- | ---------------------------------------------------------------------------------------------------------------------- | -------------------------- |
-| `dashboardui.enabled` | Enable the Dashboard UI. | `true` |
-| `dashboardui.metrics.enabled` | Enable the metrics sidecar. | `true` |
-| `dashboardui.endpoint` | The endpoint for the microservices. | `http://dashboard-ui:3000` |
-| `dashboardui.dashboardsProvider.enabled` | Enable the default dashboard provisioning provider to routinely import dashboards from /opt/bitnami/grafana/dashboards | `true` |
+| Name | Description | Value |
+| ---------------------------------------- | ---------------------------------------------------------------------------------------------------------------------- |-----------------------|
+| `dashboardui.enabled` | Enable the Dashboard UI. | `true` |
+| `dashboardui.metrics.enabled` | Enable the metrics sidecar. | `true` |
+| `dashboardui.endpoint` | The endpoint for the microservices. | `http://dashboard-ui` |
+| `dashboardui.dashboardsProvider.enabled` | Enable the default dashboard provisioning provider to routinely import dashboards from /opt/bitnami/grafana/dashboards | `true` |
### Metric Service
diff --git a/helm/dbrepo/templates/auth-secret.yaml b/helm/dbrepo/templates/auth-secret.yaml
deleted file mode 100644
index 0d1b5625c5f289c749ad8d1f565212516d7359b6..0000000000000000000000000000000000000000
--- a/helm/dbrepo/templates/auth-secret.yaml
+++ /dev/null
@@ -1,94 +0,0 @@
-{{- if .Values.authservice.enabled }}
-{{/*openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -sha256 -days 3650 -nodes -subj "/C=XX/ST=StateName/L=CityName/O=CompanyName/OU=CompanySectionName/CN=CommonNameOrHostname"*/}}
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: auth-service-secret
- namespace: {{ include "common.names.namespace" . | quote }}
-stringData:
- tls.key: |-
- -----BEGIN PRIVATE KEY-----
- MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQDdgSRp+M9I4b/Y
- c21SXAnRpjq85U2u4zvB3tcRSvZpyWtsBuwHY2OEGUVClPEYvT8QhRRMdcKiXA78
- Q5FiXPGidc3kJhgt2PE4R5GaoLG5vGGQimnASE31f94y+zDWhvNxCluix08FM7Z2
- VHpYQHWZFveltP1jf68gmQDgu99hZ/Zri9ig8b99q9xITXMw6gbmdesadlNLaAET
- wjBJe44+Y/uQ3VHQUCIPQxgPPzEivceR1beUpnfcmVYmO8O4f0u5OvyN1BbIhdjt
- VVt29s/V8QPDsE8McnImoTLN10cACq66volnDTrlM9x5Grg89GlzbpQsPkBMltY9
- NTP3+NFSrpfu7VjEVYO/O5k6JFFfMlqHUtygaNi7dOeOY3IiytL7rvxWLGUQYB7b
- e662ETK8nw5F+yGiae6spZPf7nmI2iLs8ja5QneU6mQrKfqO/KRJBehwZP2771nj
- RO3BIyJPm1oygnihWG+jTy9zDYCguJrPZ1f1hvUzfmpCKtyqaxGmxPA8YDu4dyL9
- rJgf3oT5fYv3nDpMePDYh3Z18YeqYJf4pmDv53Wus5CoXURfc3NRRTqMQKLKOYvV
- WTiM4odY4+VkbgOUOrLxOK5llZSB6bO52KccKpQnQLt30okGQXDlsR1hbFIDAI1N
- WilFsry4JpVcxjTJGQMV2W0TcG+fkQIDAQABAoICAD84Sb1ZP0hM7mWH5E7aaA8H
- Q8KAK+DbiEW4JWgRHi1pSJinjRw6uL+OOt9bBUkLUoGTigycm7WdUsWbP1Z0sp6s
- wtv4J3SGc6qdeqhIbxFU+/+2EaLIwD9uhGvGl9TS5Y6A51CZVCtm7A/v4o9nrmjI
- TlxkQOHyInjKUp7R4Fq7wnBFlMmy1fW3ZILaYCM42ElUpIqD9RgTkiMijIeclSen
- f7iEAoLTLDVw7+ACKDMDOX+dIO1zachzl0wISL9SzbkLZePRAcOvuA9dCmL05LLq
- PCnRG26xB3WREp//botLgT1ZfnwEIagjWizSfH0hQSuqBu5twgpaDsGferqusIdB
- hbikXR4TdobvUfkg/pNqcpx8HuqTR1QYTUOp3Bw7lpHKihuDLcjhXs0d+7c/sFFd
- OZmBCrbV8DKhGXfQ/Uz1BnROVchbzkrIVWVBMx1QZxGDt6xiAF0yCdkDQI2cQxn3
- scRSg8AQjBqo+yb7YYVcegIFLV4xXnYei25D+GITR1XppNZ/8wdMtQt0IiWqzTax
- Z4UDMUeE0Z1ce8VCZ3Qkg4gPAEPiAoCfZLZIgMFLIvMAf+6SegnkZTsL+TYRXxC2
- nFE41iBEUvd3wsIwOCOJXrb4ftL/ivEllpy+Uwy39cSV5+YymeG174+KJPTeN6v7
- 1b0NlTuFYqcrKNkzefQlAoIBAQD+WOTR5Cr9A/TtJCLI6fhzFefMHiGiVu24jM0k
- lcguOxW633F8odoSzxyXt5Fa8muJV4qBE9j/wsV6xoSuFCqh+YPd/WCa4WIBR9qe
- KqNrA+I0G/ORJgZxMm3FvW9dtiT1JHTs6mczh0SGtGB/uDINOqmeuT/Nz4/easL+
- B7Ih6wqnNUnCntWEzJ5WfIiOofQ5YjSlrskggC1Mn8Ygo24XQoVTq/+QV/Ju/PnQ
- nRZWKN6O8C9akbKjJ9DeEK3Qj6Lhja+blrKyopL5eAppKq1MlzZ+RU0q/SfAlmbq
- IkThiSOcdeCqSGjJU3sYk5x8IQBp9EDrb4snhm6TtaAyxOWnAoIBAQDe8Z1QjCWb
- f5tdbmuACDxY1x72R++dhKwyLIX/EpPL80MSpesrfsfIsmATWWgxZEiGBekchP69
- qB/rcpBAefrr85QD8y5zvAv6gNhjE7pqKgDtyNF+osulLD+ZattqZlHH5S74aOyi
- oGtOCHcETGJhGHrePSLRwm9e/q2e2zXLyyD32a9WWvhwA0uLMDEFshXw9kE41jrZ
- MqeBf6HsEAKWAhuE2Tj0lYWbULhDgBPV6f/rgNU41Rm+cs5j98ONkNEuP1jjyc8J
- Cg/JrBzcUUDkTa7RRtcN9g2FilpZRi6CErKpK4u6OLu8VXz+zY4gQFiVZRUvXGCF
- E4k0098VYugHAoIBAQDsV+n4Z47SoTScjzGLhG4LctV7xJv4X9Jx5NRTJKNo4hpl
- FXA9IaCkTbQB/t+gpRbr/l6DZtADiRc76PAtWivraxHv25xDDx+klQI+atyDeo5d
- YYPI4o6l7Pg4ALlVWQWqjX/hDkdriExS55Wr2JsZ0+L9zKHPOwoy4P3kU35hKiky
- CsBJipJZ3lFbiEjUUQXBtNG7C1l1S+XMB8NxXKvWDUga4f6OQErUe1ofUXkKAtwb
- 8m/uNujJ1xus3c7FuFLgSGpfp37Ro2PzUGpMIw3516EZYIg+ZBLmUFu9QK7E7Ewc
- /SQQ10wXl+0Qf0mvxnK+Aeu5WmLyDWb+9oyv4GqNAoIBAQC9v8DYBGAhx+sRC2D9
- eIT8TCOzE6jSVVBF5/UoEsSuKl5k6ciNnXsmywLQlSEEIMlFIJS2TE+QVh7MwxYZ
- enhhCFBrSDe6E0vSqoUBVpIrt5JQz8HWWXKgI1gCGJulJG7ohpyCmrME+yo5ISVD
- CEwXPcGdk0UmaKlnnbVh5ksUJ8/og2MjSYv3siZC0gJ3SYo5Ky551IQDxoQgyOOk
- yj+ZMzP+zu8V5IjxlzMtaD35rA7Af0d69ozRtl8JYKAUxjPze8EJJwNKO0ESsaVi
- stlbNu7aecOhw1Dg3s9k+kGtPYLITyK+nXjTo6MeLw+PTZTXmk/8nlAcE3OM/eL6
- DdNTAoIBAEib9d8V1gTNWecBxmWbGnxqb+08tcvlhyVe055ndmu1S2kQb0tcfcc+
- y0YIXnN/d8poHPCoaO7CXgh0AOlznayywzwncuEP9Cngcq285rkjCpq1YxU9c1rq
- iKUEjCATBZ1QqQoElmsAffU3N1bQdSv5u2lWxQ2VBZYjubv3DPSRAY9amYbHA+Dy
- xW7FY9haFX71aQNquN8nGjF0q46JrMgi1BSh+rLMdLqLUJ8kjpEO3nExEnYrzHgF
- o+PzcyNgP6N0bkSlUc19p18LKkCU1yimA54CMGNk5bcB9pylJQsV3ldv+Ra6JJux
- Px0kzVCk41nBfNgjXe3s2BLlEhh3Lrk=
- -----END PRIVATE KEY-----
- tls.crt: |-
- -----BEGIN CERTIFICATE-----
- MIIFDzCCAvegAwIBAgIUCRgz8OLg6bHay9kWHFgSp9SF3RAwDQYJKoZIhvcNAQEL
- BQAwFzEVMBMGA1UEAwwMYXV0aC1zZXJ2aWNlMB4XDTI1MDMwNDE5NDUxOVoXDTM1
- MDMwMjE5NDUxOVowFzEVMBMGA1UEAwwMYXV0aC1zZXJ2aWNlMIICIjANBgkqhkiG
- 9w0BAQEFAAOCAg8AMIICCgKCAgEA3YEkafjPSOG/2HNtUlwJ0aY6vOVNruM7wd7X
- EUr2aclrbAbsB2NjhBlFQpTxGL0/EIUUTHXColwO/EORYlzxonXN5CYYLdjxOEeR
- mqCxubxhkIppwEhN9X/eMvsw1obzcQpbosdPBTO2dlR6WEB1mRb3pbT9Y3+vIJkA
- 4LvfYWf2a4vYoPG/favcSE1zMOoG5nXrGnZTS2gBE8IwSXuOPmP7kN1R0FAiD0MY
- Dz8xIr3HkdW3lKZ33JlWJjvDuH9LuTr8jdQWyIXY7VVbdvbP1fEDw7BPDHJyJqEy
- zddHAAquur6JZw065TPceRq4PPRpc26ULD5ATJbWPTUz9/jRUq6X7u1YxFWDvzuZ
- OiRRXzJah1LcoGjYu3TnjmNyIsrS+678VixlEGAe23uuthEyvJ8ORfshomnurKWT
- 3+55iNoi7PI2uUJ3lOpkKyn6jvykSQXocGT9u+9Z40TtwSMiT5taMoJ4oVhvo08v
- cw2AoLiaz2dX9Yb1M35qQircqmsRpsTwPGA7uHci/ayYH96E+X2L95w6THjw2Id2
- dfGHqmCX+KZg7+d1rrOQqF1EX3NzUUU6jECiyjmL1Vk4jOKHWOPlZG4DlDqy8Tiu
- ZZWUgemzudinHCqUJ0C7d9KJBkFw5bEdYWxSAwCNTVopRbK8uCaVXMY0yRkDFdlt
- E3Bvn5ECAwEAAaNTMFEwHQYDVR0OBBYEFBWE851rO2U9WR+0md9lfAbkAtevMB8G
- A1UdIwQYMBaAFBWE851rO2U9WR+0md9lfAbkAtevMA8GA1UdEwEB/wQFMAMBAf8w
- DQYJKoZIhvcNAQELBQADggIBAI2dI9hT/xfnwtYAdBlyIJRW1IMn1vVo6Xm/UVrl
- PPmbB2vQ13Z07vWi0Djwou+BwUhFSq6YRIe+bhQjg6On8O2581aNve97K1AwwB3O
- YZztiyyJ5Moccrkb9Wy2MyfUiPqNY3O8Q0BRl793Tbv9G0gyNudO6FmmdWpfu/VT
- ZAfiKRvNycC0BZp7A7tkvbtYWOQ7cGa9qpcVSBHvALj+3b+RKwDVf7K+YBkOXamT
- Y2xE6KhHz0FJmFNTIkdwjA2M3CCh5M3QVHyXRDApNKiav5yU6TWBT7JQqZA6GV/+
- jrVNl5fZwT5AHQmwQB0k1q1azjFREMLQXzgkfuSK5AiW+70KRpILxOMzx616FoZH
- 2D+7sZ5EXnBVZmAL5WLSraOjwia+jyOUrTIUY8t+4kabxdKhQMhwOATUe4dAxIZK
- VGHVHKNJ9+ktZ+j56AUUUNRWNx85LoMjh46e4T3rYm4CG9cBQAHGEXSn1i4bt14q
- j4+9BNow4f/66XcUOsvPmiQGqPNWFYVj0QIq84yakzzVWdMm6MEu4WtlVPGlZmRV
- OUHuaqiSmdGcHRVGdmqkTTpRUGASw7HR/7nPn3YFwP3yfZFUa44hbtAdQQll1O5Z
- IuuDir8s195hl0UJ+9HilYEuOVjB7bS0Wc3sZxOP2U/98CBa4UzMuVDMhJ/WKs5U
- znPt
- -----END CERTIFICATE-----
-{{- end }}
diff --git a/helm/dbrepo/templates/dashboard-secret.yaml b/helm/dbrepo/templates/dashboard-secret.yaml
index e01e30f77e366e2660575641beea1d02efad5af9..21ae5b1311667b43383a17c0246d22d432e00d93 100644
--- a/helm/dbrepo/templates/dashboard-secret.yaml
+++ b/helm/dbrepo/templates/dashboard-secret.yaml
@@ -11,6 +11,7 @@ stringData:
AUTH_SERVICE_ENDPOINT: "{{ .Values.authservice.endpoint }}"
BASE_URL: "{{ .Values.gateway }}"
DASHBOARD_UI_ENDPOINT: "{{ .Values.dashboardui.endpoint }}"
+ METADATA_SERVICE_ENDPOINT: "{{ .Values.metadataservice.endpoint }}"
SYSTEM_USERNAME: "{{ .Values.identityservice.users }}"
SYSTEM_PASSWORD: "{{ .Values.identityservice.userPasswords }}"
{{- end }}
diff --git a/helm/dbrepo/templates/gateway-configmap.yaml b/helm/dbrepo/templates/gateway-configmap.yaml
index 6405e801f1d5e313eb38e7b907976b4fd76d1c9e..3cd70ab487609393ac239c4f7289f5aaddfe0a59 100644
--- a/helm/dbrepo/templates/gateway-configmap.yaml
+++ b/helm/dbrepo/templates/gateway-configmap.yaml
@@ -30,60 +30,81 @@ data:
autoindex_localtime on;
}
- location /dashboard {
+ location /dashboard/ {
rewrite ^/dashboard/(.*) /$1 break;
- proxy_set_header Host $host;
+ proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-For $proxy_protocol_addr;
proxy_set_header X-Forwarded-Proto $scheme;
- proxy_pass http://dashboard-service:3000;
+ proxy_pass http://dashboard-ui;
proxy_read_timeout 90;
}
# Proxy Grafana Live WebSocket connections.
- location /dashboard/api/live {
- proxy_set_header Host $host;
+ location /dashboard/api/live/ {
+ rewrite ^/dashboard/(.*) /$1 break;
+ proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-For $proxy_protocol_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_http_version 1.1;
- proxy_pass http://dashboard-service:3000;
+ proxy_pass http://dashboard-ui;
proxy_read_timeout 90;
}
+ # Proxy Keycloak OIDC connections, c.f. https://www.keycloak.org/server/reverseproxy#_exposed_path_recommendations
location /realms {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-For $proxy_protocol_addr;
proxy_set_header X-Forwarded-Proto $scheme;
- proxy_pass https://auth-service;
+ proxy_pass http://auth-service;
proxy_read_timeout 90;
}
+ # Proxy Keycloak assets, c.f. https://www.keycloak.org/server/reverseproxy#_exposed_path_recommendations
location /resources {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-For $proxy_protocol_addr;
proxy_set_header X-Forwarded-Proto $scheme;
- proxy_pass https://auth-service;
+ proxy_pass http://auth-service;
proxy_read_timeout 90;
}
location /api/search {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-For $proxy_protocol_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://search-service;
proxy_read_timeout 90;
}
+ location /api/datasource {
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-For $proxy_protocol_addr;
+ proxy_set_header X-Forwarded-Proto $scheme;
+ proxy_pass http://dashboard-service;
+ proxy_read_timeout 90;
+ }
+
+ location /api/dashboard {
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-For $proxy_protocol_addr;
+ proxy_set_header X-Forwarded-Proto $scheme;
+ proxy_pass http://dashboard-service;
+ proxy_read_timeout 90;
+ }
+
location /api/upload {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-For $proxy_protocol_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_pass http://data-service;
@@ -97,25 +118,25 @@ data:
location /api/analyse {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-For $proxy_protocol_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://analyse-service;
proxy_read_timeout 90;
}
- location ~ "/api/database/([0-9a-f]{8}-[0-9a-f]{4}-[4][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12})/table/([0-9a-f]{8}-[0-9a-f]{4}-[4][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12})/(data|history)" {
+ location ~ "/api/database/([0-9a-f]{8}-[0-9a-f]{4}-[4][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12})/table/([0-9a-f]{8}-[0-9a-f]{4}-[4][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12})/(data|statistic|history)" {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-For $proxy_protocol_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://data-service;
proxy_read_timeout 90;
}
- location ~ "/api/database/([0-9a-f]{8}-[0-9a-f]{4}-[4][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12})/view/([0-9a-f]{8}-[0-9a-f]{4}-[4][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12})/data" {
+ location ~ "/api/database/([0-9a-f]{8}-[0-9a-f]{4}-[4][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12})/view/([0-9a-f]{8}-[0-9a-f]{4}-[4][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12})/(data|statistic)" {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-For $proxy_protocol_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://data-service;
proxy_read_timeout 90;
@@ -124,7 +145,7 @@ data:
location ~ "/api/database/([0-9a-f]{8}-[0-9a-f]{4}-[4][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12})/view" {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-For $proxy_protocol_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://metadata-service;
proxy_read_timeout 90;
@@ -133,7 +154,7 @@ data:
location ~ "/api/database/([0-9a-f]{8}-[0-9a-f]{4}-[4][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12})/subset" {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-For $proxy_protocol_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://data-service;
proxy_read_timeout 600;
@@ -142,7 +163,7 @@ data:
location ~ "/api/(database|concept|container|identifier|image|message|license|oai|ontology|unit|user)" {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-For $proxy_protocol_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://metadata-service;
proxy_read_timeout 90;
@@ -151,7 +172,7 @@ data:
location ~ "/api/identifier/([0-9a-f]{8}-[0-9a-f]{4}-[4][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12})" {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-For $proxy_protocol_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://metadata-service;
proxy_read_timeout 90;
@@ -161,7 +182,7 @@ data:
rewrite /pid/(.*) /api/identifier/$1 break;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-For $proxy_protocol_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://metadata-service;
proxy_read_timeout 90;
@@ -170,7 +191,7 @@ data:
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-For $proxy_protocol_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://ui;
proxy_read_timeout 90;
diff --git a/helm/dbrepo/templates/metadata-secret.yaml b/helm/dbrepo/templates/metadata-secret.yaml
index 84b0b614e35bd0833b0ff81ab21f94f7b4c66dbb..7ab8533f4541361946d96dcab9b43bd444aff5fc 100644
--- a/helm/dbrepo/templates/metadata-secret.yaml
+++ b/helm/dbrepo/templates/metadata-secret.yaml
@@ -24,6 +24,7 @@ stringData:
BROKER_USERNAME: "{{ .Values.brokerservice.auth.username }}"
BROKER_VIRTUALHOST: "{{ .Values.brokerservice.virtualHost }}"
CROSSREF_ENDPOINT: "{{ .Values.metadataservice.crossref.endpoint}}"
+ DASHBOARD_SERVICE_ENDPOINT: "{{ .Values.dashboardservice.endpoint }}"
DATA_SERVICE_ENDPOINT: "{{ .Values.dataservice.endpoint }}"
DATACITE_URL: "{{ .Values.metadataservice.datacite.url }}"
DATACITE_PREFIX: "{{ .Values.metadataservice.datacite.prefix | toString }}"
diff --git a/helm/dbrepo/values.yaml b/helm/dbrepo/values.yaml
index b84f6c1e6c45c1e22b7ee04b3fde7802038bd76c..5d46570ed672f9bad84d757f367b855cfc79bdf4 100644
--- a/helm/dbrepo/values.yaml
+++ b/helm/dbrepo/values.yaml
@@ -85,26 +85,18 @@ authservice:
debug: false
## @param authservice.endpoint The hostname for the microservices.
endpoint: http://auth-service
+ extraStartupArgs: --hostname-strict false --proxy-headers xforwarded
## @skip authservice.postgresql
postgresql:
enabled: true
fullnameOverride: auth-db
auth:
postgresPassword: postgres
- ## @param authservice.production Start Keycloak with production profile.
- production: true
## @param authservice.resourcesPreset The container resource presets
resourcesPreset: "small"
jwt:
## @param authservice.jwt.pubkey The JWT public key from the `dbrepo-client`.
pubkey: "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqnHQ2BWWW9vDNLRCcxD++xZg/16oqMo/c1l+lcFEjjAIJjJp/HqrPYU/U9GvquGE6PbVFtTzW1KcKawOW+FJNOA3CGo8Q1TFEfz43B8rZpKsFbJKvQGVv1Z4HaKPvLUm7iMm8Hv91cLduuoWx6Q3DPe2vg13GKKEZe7UFghF+0T9u8EKzA/XqQ0OiICmsmYPbwvf9N3bCKsB/Y10EYmZRb8IhCoV9mmO5TxgWgiuNeCTtNCv2ePYqL/U0WvyGFW0reasIK8eg3KrAUj8DpyOgPOVBn3lBGf+3KFSYi+0bwZbJZWqbC/Xlk20Go1YfeJPRIt7ImxD27R/lNjgDO/MwIDAQAB"
- tls:
- ## @param authservice.tls.enabled Enable TLS/SSL communication. Required for HTTPS.
- enabled: true
- ## @param authservice.tls.existingSecret The secret containing the `tls.crt`, `tls.key` and `ca.crt`.
- existingSecret: auth-service-secret
- ## @skip authservice.tls.usePem
- usePem: true
metrics:
## @skip authservice.metrics.enabled
enabled: true
@@ -902,8 +894,10 @@ dashboardservice:
## @param dashboardservice.enabled Enable the Dashboard Service.
enabled: true
image:
- ## @skip dashboardservice.image.name
+ ## @skip dashboardservice.image.name
name: registry.datalab.tuwien.ac.at/dbrepo/auth-service-init:1.8.0
+ ## @param dashboardservice.endpoint The endpoint for the microservices.
+ endpoint: http://dashboard-service
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
podSecurityContext:
## @param dashboardservice.podSecurityContext.enabled Enable pods' Security Context
@@ -976,7 +970,7 @@ dashboardui:
## @param dashboardui.metrics.enabled Enable the metrics sidecar.
enabled: true
## @param dashboardui.endpoint The endpoint for the microservices.
- endpoint: http://dashboard-ui:3000
+ endpoint: http://dashboard-ui
ldap:
## @skip dashboardui.ldap.enabled
enabled: true
@@ -990,6 +984,9 @@ dashboardui:
type: Recreate
## @skip dashboardui.grafana.extraEnvVarsSecret
extraEnvVarsSecret: dashboard-ui-secret
+ service:
+ ports:
+ grafana: 80
datasources:
## @skip dashboardui.datasources.secretName
secretName: "dashboard-ui-prov-datasources-secret"
@@ -1035,7 +1032,7 @@ metricdb:
- job_name: 'dashboard scrape'
metrics_path: '/dashboard/metrics'
static_configs:
- - targets: [ 'dashboard-service:3000' ]
+ - targets: [ 'dashboard-service' ]
## @section Gateway Service