diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 88eb3dcbc16a7cea54a474d5809eaed1c39851e0..1d672ee7776b5541b5c30359bb3ca9e5bea6964c 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -301,6 +301,26 @@ scan-ui:
reports:
container_scanning: ./.trivy/trivy-ui-report.json
+scan-log-service:
+ stage: scan-docker
+ needs:
+ - build-docker
+ only:
+ refs:
+ - dev
+ - master
+ allow_failure: true
+ script:
+ - make scan-log-service
+ cache:
+ paths:
+ - .trivycache/
+ artifacts:
+ when: always
+ expire_in: 1 days
+ reports:
+ container_scanning: ./.trivy/trivy-log-service-report.json
+
release-latest:
stage: release-docker
needs:
@@ -313,6 +333,7 @@ release-latest:
- scan-data-db
- scan-search-db
- scan-ui
+ - scan-log-service
only:
refs:
- dev
diff --git a/Makefile b/Makefile
index 9477d1fb72351f8bacd3881efeda6edf859f3b05..d334607fa25308f1ad4dbf9cd82557c4cbbf33fa 100644
--- a/Makefile
+++ b/Makefile
@@ -22,6 +22,7 @@ build-analyse-service:
build-docker:
docker build -t dbrepo-metadata-service:build --target build dbrepo-metadata-service
docker build -t dbrepo-search-sync-agent:build --target build dbrepo-search-sync-agent
+ docker build ./dbrepo-log-service -t dbrepo-log-service
docker compose build --parallel
build-frontend:
@@ -31,7 +32,7 @@ build-frontend:
build-clients:
bash ./.gitlab/swagger/generate.sh
-tag: tag-analyse-service tag-authentication-service tag-metadata-db tag-ui tag-broker-service tag-metadata-service tag-search-sync-agent
+tag: tag-analyse-service tag-authentication-service tag-metadata-db tag-ui tag-broker-service tag-metadata-service tag-search-sync-agent tag-log-service
tag-analyse-service:
docker tag dbrepo-analyse-service:latest "dbrepo/analyse-service:${TAG}"
@@ -65,7 +66,11 @@ tag-search-db:
docker tag dbrepo-search-db:latest "dbrepo/search-db:${TAG}"
docker tag dbrepo-search-db:latest "${AZURE_REPO}/dbrepo/search-db:${TAG}"
-release: build-docker tag release-analyse-service release-authentication-service release-metadata-db release-ui release-broker-service release-metadata-service release-search-sync-agent
+tag-log-service:
+ docker tag dbrepo-log-service:latest "dbrepo/log-service:${TAG}"
+ docker tag dbrepo-log-service:latest "${AZURE_REPO}/dbrepo/log-service:${TAG}"
+
+release: build-docker tag release-analyse-service release-authentication-service release-metadata-db release-ui release-broker-service release-metadata-service release-search-sync-agent release-log-service
release-analyse-service: tag-analyse-service
docker push "dbrepo/analyse-service:${TAG}"
@@ -91,10 +96,18 @@ release-broker-service: tag-broker-service
docker push "dbrepo/broker-service:${TAG}"
docker push "${AZURE_REPO}/dbrepo/broker-service:${TAG}"
+release-search-db: tag-search-db
+ docker push "dbrepo/search-db:${TAG}"
+ docker push "${AZURE_REPO}/dbrepo/search-db:${TAG}"
+
release-metadata-service: tag-metadata-service
docker push "dbrepo/metadata-service:${TAG}"
docker push "${AZURE_REPO}/dbrepo/metadata-service:${TAG}"
+release-log-service: tag-log-service
+ docker push "dbrepo/log-service:${TAG}"
+ docker push "${AZURE_REPO}/dbrepo/log-service:${TAG}"
+
test-backend: test-metadata-service test-analyse-service test-search-sync-agent
test-search-sync-agent: build-search-sync-agent
@@ -106,7 +119,7 @@ test-metadata-service: build-metadata-service teardown
test-analyse-service: build-analyse-service
bash ./dbrepo-analyse-service/test.sh
-scan: scan-analyse-service scan-authentication-service scan-broker-service scan-gateway-service scan-metadata-db scan-metadata-service scan-search-db scan-ui scan-search-sync-agent scan-data-db
+scan: scan-analyse-service scan-authentication-service scan-broker-service scan-gateway-service scan-metadata-db scan-metadata-service scan-search-db scan-ui scan-search-sync-agent scan-data-db scan-log-service
scan-analyse-service:
trivy image --insecure --exit-code 0 --format template --template "@.trivy/gitlab.tpl" -o ./.trivy/trivy-analyse-service-report.json dbrepo-analyse-service:latest
@@ -160,6 +173,11 @@ scan-ui:
trivy image --insecure --exit-code 0 dbrepo-ui:latest
trivy image --insecure --exit-code 1 --severity CRITICAL dbrepo-ui:latest
+scan-log-service:
+ trivy image --insecure --exit-code 0 --format template --template "@.trivy/gitlab.tpl" -o ./.trivy/trivy-log-service-report.json dbrepo-log-service:latest
+ trivy image --insecure --exit-code 0 dbrepo-log-service:latest
+ trivy image --insecure --exit-code 1 --severity CRITICAL dbrepo-log-service:latest
+
coverage-frontend: build-frontend
yarn --cwd ./dbrepo-ui run coverage || true
diff --git a/dbrepo-gateway-service/dbrepo.conf b/dbrepo-gateway-service/dbrepo.conf
index 68abcdeb0fbaaf2ebeadca382e60c2aad6b96056..febc598168359b86944d59d8a577e744b91ca768 100644
--- a/dbrepo-gateway-service/dbrepo.conf
+++ b/dbrepo-gateway-service/dbrepo.conf
@@ -30,10 +30,23 @@ upstream upload {
server upload-service:1080;
}
+upstream search-db-dashboard {
+ server search-db-dashboard:5601;
+}
+
server {
listen 80 default_server;
server_name _;
+ location /admin/dashboard {
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-Proto $scheme;
+ proxy_pass http://search-db-dashboard;
+ proxy_read_timeout 90;
+ }
+
location /admin/broker {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
diff --git a/dbrepo-log-service/Dockerfile b/dbrepo-log-service/Dockerfile
new file mode 100644
index 0000000000000000000000000000000000000000..c5bdb326eb8c2c6b8219da1f1c9169c2cab05aab
--- /dev/null
+++ b/dbrepo-log-service/Dockerfile
@@ -0,0 +1,13 @@
+FROM fluentd:v1.16-1
+
+USER root
+
+RUN gem install fluent-plugin-opensearch
+RUN fluent-gem install fluent-plugin-rewrite-tag-filter fluent-plugin-multi-format-parser
+
+USER fluent
+
+COPY ./fluent.conf /fluentd/etc/fluent.conf
+
+EXPOSE 24224/tcp
+EXPOSE 24224/udp
\ No newline at end of file
diff --git a/dbrepo-log-service/README.md b/dbrepo-log-service/README.md
new file mode 100644
index 0000000000000000000000000000000000000000..23a63f37127a23dcdcde78fae11686a0053e3f06
--- /dev/null
+++ b/dbrepo-log-service/README.md
@@ -0,0 +1,5 @@
+# Log Service
+
+## Sink
+
+`24224/tcp` and `24224/udp`
\ No newline at end of file
diff --git a/dbrepo-log-service/dashboard/README.md b/dbrepo-log-service/dashboard/README.md
new file mode 100644
index 0000000000000000000000000000000000000000..a829276bedb0220817b1a4ee512be1b7438b23b2
--- /dev/null
+++ b/dbrepo-log-service/dashboard/README.md
@@ -0,0 +1,5 @@
+# Log Dashboard
+
+## Dashboard
+
+Visit [http://localhost:5601/admin/dasboard](http://localhost:5601/admin/dasboard)
\ No newline at end of file
diff --git a/dbrepo-log-service/dashboard/opensearch_dashboards.yml b/dbrepo-log-service/dashboard/opensearch_dashboards.yml
new file mode 100644
index 0000000000000000000000000000000000000000..618147ea32adfd22e0fe2ca86319c57b3d2fd600
--- /dev/null
+++ b/dbrepo-log-service/dashboard/opensearch_dashboards.yml
@@ -0,0 +1,7 @@
+server.basePath: "/admin/dashboard"
+server.rewriteBasePath: true
+server.name: log-dashboard
+server.host: "0.0.0.0"
+opensearch.hosts: http://search-db:9200
+opensearch.username: admin
+opensearch.password: admin
diff --git a/dbrepo-log-service/fluent.conf b/dbrepo-log-service/fluent.conf
new file mode 100644
index 0000000000000000000000000000000000000000..4c2e0411e5d7bb8de55f52349e52f6f837dfd24b
--- /dev/null
+++ b/dbrepo-log-service/fluent.conf
@@ -0,0 +1,28 @@
+<source>
+ @type forward
+ port 24224
+ bind 0.0.0.0
+</source>
+
+<match *.**>
+ @type copy
+
+ <store>
+ @type opensearch
+ host search-db
+ port 9200
+ user admin
+ password admin
+ index_name dbrepo-logs
+ logstash_format true
+ logstash_prefix fluentd
+ logstash_dateformat %Y%m%d
+ include_tag_key true
+ tag_key @log_name
+ flush_interval 1s
+ </store>
+
+ <store>
+ @type stdout
+ </store>
+</match>
diff --git a/dbrepo-search-db/Dockerfile b/dbrepo-search-db/Dockerfile
index c89670d3a09d14b58642fdf628a224ca2b7a5265..4c67c63dfb405f5b359fd89d6c315e33ec0ac98f 100644
--- a/dbrepo-search-db/Dockerfile
+++ b/dbrepo-search-db/Dockerfile
@@ -4,16 +4,33 @@ USER root
RUN yum install -y jq
-USER opensearch
-
-WORKDIR /app
-
COPY ./limits.conf /etc/security/limits.conf
-COPY ./indices/*.json .
+WORKDIR /app
COPY ./create-indices.sh ./create-indices.sh
COPY ./docker-entrypoint.sh ./docker-entrypoint.sh
-COPY ./healthcheck.sh ./healthcheck.sh
-ENTRYPOINT [ "bash", "./docker-entrypoint.sh" ]
\ No newline at end of file
+WORKDIR /usr/share/opensearch
+
+RUN chmod 0700 ./config
+COPY --chown=opensearch:opensearch ./opensearch.yml ./config/opensearch.yml
+COPY --chown=opensearch:opensearch ./config.yml ./config/opensearch-security/config.yml
+COPY --chown=opensearch:opensearch ./internal_users.yml ./config/opensearch-security/internal_users.yml
+RUN chmod 0600 ./config/opensearch-security/internal_users.yml
+
+COPY --chown=opensearch:opensearch ./pem/admin.pem ./config/admin.pem
+COPY --chown=opensearch:opensearch ./pem/admin-key.pem ./config/admin-key.pem
+RUN chmod 0600 ./config/admin*.pem
+COPY --chown=opensearch:opensearch ./pem/node1.pem ./config/node1.pem
+COPY --chown=opensearch:opensearch ./pem/node1-key.pem ./config/node1-key.pem
+RUN chmod 0600 ./config/node1*.pem
+COPY --chown=opensearch:opensearch ./pem/root-ca.pem ./config/root-ca.pem
+COPY --chown=opensearch:opensearch ./pem/root-ca-key.pem ./config/root-ca-key.pem
+RUN chmod 0600 ./config/root-ca*.pem
+
+USER opensearch
+
+ENV DISABLE_INSTALL_DEMO_CONFIG=true
+
+ENTRYPOINT [ "bash", "/app/docker-entrypoint.sh" ]
\ No newline at end of file
diff --git a/dbrepo-search-db/README.md b/dbrepo-search-db/README.md
index 541ebd85974b41a2072a20127cd55d6de2f2a491..c80ca169e98b28d6c97a09c14b4c1f4996ed48c2 100644
--- a/dbrepo-search-db/README.md
+++ b/dbrepo-search-db/README.md
@@ -1,10 +1,6 @@
# Search Database
-## How to run
+## REST
-Increase memory for Docker to at least 4GB:
-
-```console
-sudo sysctl -w vm.max_map_count=262144
-```
\ No newline at end of file
+View all indices [http://localhost:9200/_cat/indices](http://localhost:9200/_cat/indices)
\ No newline at end of file
diff --git a/dbrepo-search-db/config.yml b/dbrepo-search-db/config.yml
new file mode 100644
index 0000000000000000000000000000000000000000..44c8e845cf181fbf577d05ea4bcf5cda398a34d3
--- /dev/null
+++ b/dbrepo-search-db/config.yml
@@ -0,0 +1,57 @@
+---
+
+_meta:
+ type: "config"
+ config_version: 2
+
+config:
+ dynamic:
+ http:
+ # Either enables or disables anonymous authentication. When true, HTTP authenticators try to find user credentials in
+ # the HTTP request. If credentials are found, the user is authenticated. If none are found, the user is authenticated
+ # as an “anonymous” user. This user then has the username “anonymous” and one role named “anonymous_backendrole”.
+ # When you enable anonymous authentication, all defined HTTP authenticators are non-challenging. Also see The
+ # challenge setting.
+ anonymous_auth_enabled: true
+ xff:
+ enabled: false
+ authc:
+ basic_internal_auth_domain:
+ description: "Authenticate via HTTP Basic against internal users database"
+ http_enabled: true
+ transport_enabled: true
+ order: 0
+ http_authenticator:
+ type: basic
+ challenge: true
+ authentication_backend:
+ type: intern
+ jwt_auth_domain:
+ description: "Authenticate via Json Web Token"
+ # Enables or disables authentication on the REST layer. Default is true (enabled).
+ http_enabled: true
+ # Enables or disables authentication on the transport layer. Default is true (enabled).
+ transport_enabled: true
+ # Determines the order in which an authentication domain is queried with an authentication request when multiple
+ # backends are configured in combination. Once authentication succeeds, any remaining domains do not need to be
+ # queried. Its value is an integer.
+ order: 1
+ http_authenticator:
+ # https://opensearch.org/docs/latest/security/authentication-backends/openid-connect/#configure-openid-connect-integration
+ type: openid
+ challenge: false
+ config:
+ # The HTTP header that stores the token. Typically the Authorization header with the
+ # Bearer schema: Authorization: Bearer <token>. Optional. Default is Authorization.
+ jwt_header: Authorization
+ # The key in the JSON payload that stores the user’s name. If not defined, the subject registered claim is
+ # used. Most IdP providers use the preferred_username claim. Optional.
+ subject_key: client_id
+ # The key in the JSON payload that stores the user’s roles. The value of this key must be a comma-separated
+ # list of roles. Required only if you want to use roles in the JWT.
+ roles_key: roles
+ jwks_uri: https://test.dbrepo.tuwien.ac.at/api/auth/realms/dbrepo/protocol/openid-connect/certs
+ authentication_backend:
+ # No further authentication against any backend system is performed. Use noop if the HTTP authenticator has
+ # already authenticated the user completely, as in the case of JWT or client certificate authentication.
+ type: noop
diff --git a/dbrepo-search-db/generate-pki.sh b/dbrepo-search-db/generate-pki.sh
new file mode 100644
index 0000000000000000000000000000000000000000..6aff5a819eda145fbdc88995b713b90fbe23af00
--- /dev/null
+++ b/dbrepo-search-db/generate-pki.sh
@@ -0,0 +1,20 @@
+#!/bin/bash
+
+# Generate the private key of the root CA
+openssl genrsa -out ./pem/root-ca-key.pem 4096
+# Generate the self-signed root CA certificate
+openssl req -x509 -sha256 -new -nodes -key ./pem/root-ca-key.pem -days 3650 -out ./pem/root-ca.pem -subj "/C=AT/O=Technische Universität Wien/CN=test.dbrepo.tuwien.ac.at"
+
+# Create the certificate key
+openssl genrsa -out ./pem/admin-key.pem 4096
+# Create the signing (csr)
+openssl req -new -sha256 -key ./pem/admin-key.pem -subj "/C=AT/O=Technische Universität Wien/CN=test.dbrepo.tuwien.ac.at" -out ./pem/admin.csr
+# Generate the certificate using the csr and key along with the CA Root key
+openssl x509 -req -in ./pem/admin.csr -CA ./pem/root-ca.pem -CAkey ./pem/root-ca-key.pem -CAcreateserial -out ./pem/admin.pem -days 365 -sha256
+
+# Create the certificate key
+openssl genrsa -out ./pem/node1-key.pem 4096
+# Create the signing (csr)
+openssl req -new -sha256 -key ./pem/node1-key.pem -subj "/C=AT/O=Technische Universität Wien/CN=test.dbrepo.tuwien.ac.at" -out ./pem/node1.csr
+# Generate the certificate using the csr and key along with the CA Root key
+openssl x509 -req -in ./pem/node1.csr -CA ./pem/root-ca.pem -CAkey ./pem/root-ca-key.pem -CAcreateserial -out ./pem/node1.pem -days 365 -sha256
\ No newline at end of file
diff --git a/dbrepo-search-db/healthcheck.sh b/dbrepo-search-db/healthcheck.sh
deleted file mode 100644
index 6f35d6cc293f7981e85cb8ba23f99026e340d82f..0000000000000000000000000000000000000000
--- a/dbrepo-search-db/healthcheck.sh
+++ /dev/null
@@ -1,8 +0,0 @@
-#!/bin/bash
-INDICES=$(curl -sSL http://localhost:9200/_cat/indices | awk '{ if ($6) { print $3 } }')
-for index in "user" "view" "database" "identifier" "concept" "column" "table" "unit"; do
- if [ ! $(echo $INDICES | grep $index) ]; then
- echo "[healtcheck.sh] Index $index does not exist"
- exit 1
- fi
-done
\ No newline at end of file
diff --git a/dbrepo-search-db/internal_users.yml b/dbrepo-search-db/internal_users.yml
new file mode 100644
index 0000000000000000000000000000000000000000..db93ae09edbe45261b686b2ce384625df024d4aa
--- /dev/null
+++ b/dbrepo-search-db/internal_users.yml
@@ -0,0 +1,14 @@
+---
+# This is the internal user database
+# The hash value is a bcrypt hash and can be generated with plugin/tools/hash.sh
+
+_meta:
+ type: "internalusers"
+ config_version: 2
+
+admin:
+ hash: "$2y$12$d1Gx2n13.EJMLPIB6jQwDeE4p4E6SPvUUH6aKICV1vYOuJIY5Xebq" # admin
+ reserved: true
+ backend_roles:
+ - "admin"
+ description: "Default admin user"
\ No newline at end of file
diff --git a/dbrepo-search-db/opensearch.yml b/dbrepo-search-db/opensearch.yml
new file mode 100644
index 0000000000000000000000000000000000000000..f0333feb0ff7906be6c08a70b3f333df14427053
--- /dev/null
+++ b/dbrepo-search-db/opensearch.yml
@@ -0,0 +1,23 @@
+---
+cluster.name: search-db
+
+# Bind to all interfaces because we don't know what IP address Docker will assign to us.
+network.host: 0.0.0.0
+
+# Setting network.host to a non-loopback address enables the annoying bootstrap checks. "Single-node" mode disables them again.
+discovery.type: single-node
+
+plugins.security.ssl.transport.pemcert_filepath: /usr/share/opensearch/config/node1.pem
+plugins.security.ssl.transport.pemkey_filepath: /usr/share/opensearch/config/node1-key.pem
+plugins.security.ssl.transport.pemtrustedcas_filepath: /usr/share/opensearch/config/root-ca.pem
+plugins.security.ssl.http.pemcert_filepath: /usr/share/opensearch/config/node1.pem
+plugins.security.ssl.http.pemkey_filepath: /usr/share/opensearch/config/node1-key.pem
+plugins.security.ssl.http.pemtrustedcas_filepath: r/usr/share/opensearch/config/root-ca.pem
+plugins.security.allow_default_init_securityindex: true
+plugins.security.audit.type: internal_opensearch
+plugins.security.enable_snapshot_restore_privilege: true
+plugins.security.check_snapshot_restore_write_privileges: true
+plugins.security.restapi.roles_enabled: ["all_access", "security_rest_api_access"]
+cluster.routing.allocation.disk.threshold_enabled: false
+opendistro_security.audit.config.disabled_rest_categories: NONE
+opendistro_security.audit.config.disabled_transport_categories: NONE
diff --git a/dbrepo-search-db/pem/admin-key.pem b/dbrepo-search-db/pem/admin-key.pem
new file mode 100644
index 0000000000000000000000000000000000000000..8315244358bf43d093295b290326e5510be22e2c
--- /dev/null
+++ b/dbrepo-search-db/pem/admin-key.pem
@@ -0,0 +1,51 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIJKQIBAAKCAgEAulg+zSSPHujMckFPkrgJDvlRMLNbWf5R7z6Yr0mGMir5IXs8
+ELP3GOTTPJNAtCqZVkeuLAuiv1rsRtMO5tXRiGcgkJrPjP1/F70d4NCx1F7AWMyM
+uDimF5Ke4jp+lQN+iZtzBAfb/QR2toYec0/LpJGtFAnlzdFo/GL8Al0I00S8blG3
+uiCfn9no5C35TWEFBL5yQNptQL3qjcxhL/ahacMdOuqq4WXyRPbQjyqKccALlOIv
+T62OXzutLAkamr6/97qiONkY6D+OFUpXgS97moWQh9X1pFitcc1zsAXH1Ctvul/8
+wcIaOnSGo1T+E2nSSlWGHDYmCBrjbormgfcm/0CncU3BvWvM/FgTCMatOj40fmay
+ezAz+1/haKHLg4cJsLH0US7AZslnqpDJOKvf6vhiQ74hhlYVvJiIyjGuogxFWO/v
+Cv7j2DezpVvryWuzVL6yha+fl4um9Rzhzo74a2z/Qs3C9tktaO29hE64KTg7cbrQ
+zKboihazxB/BsfKV1ANkYXe6SG+dF/He5VLNpJmOiRnSI7+vGcDInJkKsQcurg95
+IZRn9PiodP06tWDjGKgkN7MsApPW9e8rpGwUgoR4EaCrstk7h8kohi/d9XhPXCra
+NgCRhCIxjt4jPCx14tTuaYn2QwqY0RPa29UyBlSj3mHtVfcViHjssqVzZXUCAwEA
+AQKCAgEAgea+cNeJheyXiRaKWCc++VdICAEgL44go/0pBxjkGdjnLzXvW115Zbsu
+nk2wj2ga2JDDlCTQYUEK8Rx0iOqJVOM/Sk8BXLHihTPqviv9q6QZxk1h05J6BnjJ
+lb9dOpfjAB6DgU3RR4JzFy5Lz+rSdXiwBQYZUu8mlrqSHzunyU9jZCxHPdM8M3z+
+4wJBhnWZwALbNuaNvtIlzo+pOHxfbZD8sXOhh9s/ll/QZ90qAb301OcQQCUm2LCL
+OeVmzHUo8ZMDP0noGQ8lByZ59a6aJc/yPx8iTF0dG/YzLYP6F6foDS6YzqF3E0Tk
+DrxTGklstTEFemks/f1wikD+C5+1aI6bKzLZgqIW06xGORgMMVqiIKCIqH1amcdP
+h///iikUa+pkGlyjXdQAIeReBBcxFxS2oeISnIXRGcS4SI7IHR1LIUnzX1cL/ukN
+qterE2Jfk9kUrsJiH8adBW5ISdcjUBNgfZQNj5toCPJ0KzYJpZxlBQ5NcWfYWc7e
+K/wwGJGw7qsfzKKHF/3Oe+Vr2f+Gb5WlHb46xtW3/1QBDZ2qifGeaAEeYonQgp3r
+mTPMoN1VUi8vlXqsurxIGhohZ4IzfyRDdKWNlW1T1KzdHQZBiOBil8xzWtPGJVMR
+Py+rKprbAvLc4LeCgNFtOFs/ddi9eVhtVsAsDA+gHcyfTgvYWkECggEBAN9ug0DF
+9dSuD97Ri6XJY00MmnFhxfcvT1eP6vd6S1eJ5S/85XsvV6klQq8kudAz8Wd+w55q
+wubT/67pZXaJjjZ4pTupUwI2aWdKwz/py3qkqvzQNTmmkat374+keY5uaLCTte04
+BEpYZNsIaAUqIAGan3bhCDH8dMrBlIpCSXIlAPdtEqP3DdPb5TAHy4PPLTs42XUb
+NBFcqNnUs38UPO9xnE5diMZlEiphZ3HT5cMIvE2LPLg2gdGlh+/3tgkHp8UG+aeK
+YhncKVQkDp0zVV9PBDjJOyrkoNPPVw3aGvFqvK1HVwwYj4C46RIkNK/T6/qdF2Z9
+68tAc8Ei68OOkUkCggEBANWBz0bAVGs8yqI9evENNTANUq3XaNYQ7REbwesNFJa+
+1BCyqXVs+zneEhnKMW8PCupYElkXNPsZWbiUrwbsH9ow/VPjlWOMtXfLEVmw8t9M
+06UrPRyXrbqiz71rdYcgv5SIDi3/q2wPGXbhR2Y0xlSGV6pSAk/RQXeysZ2zYbkE
+IFc076rTQH+LTkgt3j9I+Ze11XWTR/Go60go2q9twOSZbvQv08wCtEiLQ2LSfqWP
+8wz6ynEOds/2Mumh3K6ipmmr+ENaNSDpH+Vm2ndoecgXGpIPrxHIrMnyuAQMa5mI
+B20aXD4JIzdQHH9SY7lTSar7Rblgh9Z6tiCT+teuns0CggEBAJ5uV6WreYiIsHo4
+LgSty7sLz8vMH7sKEgGt7Ff1oMz+28PuWK7DwC4RXLqimRuYaXoQuhdv7qoM84WM
+vESUf4IChG/Mvi6YdJ8otVBxsLZTY2eHH+a0RSDIF9fMMeGcSqHC68K88NXi3gku
+acwXtcBNavu5z7zaHdrT70cmf7vvn0LTVd9sRKLQjzBCpr3dP156DkBqvL3+7UAh
+AfJ/YEINVl9/FYhQjNP+Y4KkVYy5egSmUbTx+ZW2AbFX/f1jL0SXkJmLl8psgeXG
+95Hin4vIlN7LWigtHBl1MW6CFI7RN97K8l+CXudQtvwFLlLrO65mi/xCF9v05N+z
+qmfthPkCggEAW8/EaHJQWwT7RiUV9w5s7srr4OGerV798rty+jbXwbMx0jRh9qL0
+rX+3XOu7sjxPv1I8IZ9/IvNVx6/4TAvB7rveU/KrzPE3H9ptDZqv9iI9aOtdDiyT
+gox8tMG++mq0t5SCNHmbJ46erqZVY7gSCUrz68P0Rop/ko9/HYeD4GHL3nRfE6Bg
+PfiToypGRgSFgB2rOzIoX9z5wEABOisCJcttEQh4FWScTg3E3nwSBfQO2mgGIfPM
+V8VRQ3JdSaOb2BkhWyUxb4OQOb+u9mYw6EA3JtQjvowC8Zy0UNlec9kxCFOrkumv
+ARwsBPxS8eDE7we6herivvJp2zyHQ7RNiQKCAQBAKO30L8525FFe6YpH3tBXwKaK
+ifU7flyT5dXso38F7HU255dfm79RZFln6Qjkz6z97eY4F01q4lEfsX7Gn/Bzsxkq
+9EAppkhfcsAHgKOgb5ZuL4Cd/IkcK8oBV6TJR9B0Md47heaTkS5mqFEltvGRZTTj
+N3bIuzbgy4cd9lnfSs8PiJMTayXwDQm3PocF2qxVMFvF11PBXmc8mf/3AnsO9Sfe
+HEJD8ttwkZvN5PwNjODzFFI1FNM/J6/i1O28N+at9rAaFRoMyR0don015eFVdKeL
+xkorQZrbKGucQaBI7azK9pqw7QX1Wt4GTayh7U3NPQKQqV/tAJfH3r0XXDus
+-----END RSA PRIVATE KEY-----
diff --git a/dbrepo-search-db/pem/admin.csr b/dbrepo-search-db/pem/admin.csr
new file mode 100644
index 0000000000000000000000000000000000000000..90ea981b44b79649a8c8ded9f814441dda0ad38c
--- /dev/null
+++ b/dbrepo-search-db/pem/admin.csr
@@ -0,0 +1,27 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIEnjCCAoYCAQAwWTELMAkGA1UEBhMCQVQxJzAlBgNVBAoMHlRlY2huaXNjaGUg
+VW5pdmVyc2l0w4PCpHQgV2llbjEhMB8GA1UEAwwYdGVzdC5kYnJlcG8udHV3aWVu
+LmFjLmF0MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAulg+zSSPHujM
+ckFPkrgJDvlRMLNbWf5R7z6Yr0mGMir5IXs8ELP3GOTTPJNAtCqZVkeuLAuiv1rs
+RtMO5tXRiGcgkJrPjP1/F70d4NCx1F7AWMyMuDimF5Ke4jp+lQN+iZtzBAfb/QR2
+toYec0/LpJGtFAnlzdFo/GL8Al0I00S8blG3uiCfn9no5C35TWEFBL5yQNptQL3q
+jcxhL/ahacMdOuqq4WXyRPbQjyqKccALlOIvT62OXzutLAkamr6/97qiONkY6D+O
+FUpXgS97moWQh9X1pFitcc1zsAXH1Ctvul/8wcIaOnSGo1T+E2nSSlWGHDYmCBrj
+bormgfcm/0CncU3BvWvM/FgTCMatOj40fmayezAz+1/haKHLg4cJsLH0US7AZsln
+qpDJOKvf6vhiQ74hhlYVvJiIyjGuogxFWO/vCv7j2DezpVvryWuzVL6yha+fl4um
+9Rzhzo74a2z/Qs3C9tktaO29hE64KTg7cbrQzKboihazxB/BsfKV1ANkYXe6SG+d
+F/He5VLNpJmOiRnSI7+vGcDInJkKsQcurg95IZRn9PiodP06tWDjGKgkN7MsApPW
+9e8rpGwUgoR4EaCrstk7h8kohi/d9XhPXCraNgCRhCIxjt4jPCx14tTuaYn2QwqY
+0RPa29UyBlSj3mHtVfcViHjssqVzZXUCAwEAAaAAMA0GCSqGSIb3DQEBCwUAA4IC
+AQCXqmcRcAZC5dVSFtHulZJ8I26lxhXZZBBAjuMrFR2waFYsESGh70TAncXuIhNC
+8eG56HQplky7EDgAVssps9RZ+EevpdmUNANdFgA02fsDwl8Nc6WVMOFu786Bf7bd
+rnEF1oCFQN/sgle/Dp+gXw2nzTsvq0iuV3JoGJs6F7eoy6YDG7ipKizbKXR75/Ym
+cahY8GDU128JTYXMSqyY3DA8mr52WEWPugGCCvOOfoANnc26EqK6Wi/g/rV4zgnP
+ewbNw1C6zOlTyZE64aMkxF5ufoBF967kpEKNQvuCB4bIH/RLtXbN9YRjNpNyLWpm
+q5JerlHvn+8sLACXUqoGVROaxOkTLVZ6BEyRG1cUO8VR8sHilUSiUrOk0SvgdytC
+mekoKMkojAUA+sYDP8AyAHQAx37SPlwMdvPYpr6bpdLWbamy6b9Lv4D0YW3Fapac
+PY8K7EEgsZ3t2usSYjp5JDqKlW+wyHpsgMQvnB+DEDyObjX3rJEO2zx0wkwvhkbN
+hsW/Xs7uR+F6wPxH+4LOSgaKLnyidcLBzn4rBuwfUBzfNhO7mKN6OQRWOn17Qt3C
+tHd/U6c1Oo4iFnH878zM2C6lBmZOJX9O/e9kFoe+fLOu+t+ujLNnHmY+4srBNLD3
+o9knVuzkz6kirDqzrOwCBbAc6hAyJyLJ3UTjY2TyDZ5u5g==
+-----END CERTIFICATE REQUEST-----
diff --git a/dbrepo-search-db/pem/admin.pem b/dbrepo-search-db/pem/admin.pem
new file mode 100644
index 0000000000000000000000000000000000000000..5a953916364f1add5a0af107e20697779b7b2def
--- /dev/null
+++ b/dbrepo-search-db/pem/admin.pem
@@ -0,0 +1,30 @@
+-----BEGIN CERTIFICATE-----
+MIIFOTCCAyECFChEG9Tfkni/pHf2PVR/jkSuImSYMA0GCSqGSIb3DQEBCwUAMFkx
+CzAJBgNVBAYTAkFUMScwJQYDVQQKDB5UZWNobmlzY2hlIFVuaXZlcnNpdMODwqR0
+IFdpZW4xITAfBgNVBAMMGHRlc3QuZGJyZXBvLnR1d2llbi5hYy5hdDAeFw0yMzA5
+MjYxMTA5MjRaFw0yNDA5MjUxMTA5MjRaMFkxCzAJBgNVBAYTAkFUMScwJQYDVQQK
+DB5UZWNobmlzY2hlIFVuaXZlcnNpdMODwqR0IFdpZW4xITAfBgNVBAMMGHRlc3Qu
+ZGJyZXBvLnR1d2llbi5hYy5hdDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC
+ggIBALpYPs0kjx7ozHJBT5K4CQ75UTCzW1n+Ue8+mK9JhjIq+SF7PBCz9xjk0zyT
+QLQqmVZHriwLor9a7EbTDubV0YhnIJCaz4z9fxe9HeDQsdRewFjMjLg4pheSnuI6
+fpUDfombcwQH2/0EdraGHnNPy6SRrRQJ5c3RaPxi/AJdCNNEvG5Rt7ogn5/Z6OQt
++U1hBQS+ckDabUC96o3MYS/2oWnDHTrqquFl8kT20I8qinHAC5TiL0+tjl87rSwJ
+Gpq+v/e6ojjZGOg/jhVKV4Eve5qFkIfV9aRYrXHNc7AFx9Qrb7pf/MHCGjp0hqNU
+/hNp0kpVhhw2Jgga426K5oH3Jv9Ap3FNwb1rzPxYEwjGrTo+NH5msnswM/tf4Wih
+y4OHCbCx9FEuwGbJZ6qQyTir3+r4YkO+IYZWFbyYiMoxrqIMRVjv7wr+49g3s6Vb
+68lrs1S+soWvn5eLpvUc4c6O+Gts/0LNwvbZLWjtvYROuCk4O3G60Mym6IoWs8Qf
+wbHyldQDZGF3ukhvnRfx3uVSzaSZjokZ0iO/rxnAyJyZCrEHLq4PeSGUZ/T4qHT9
+OrVg4xioJDezLAKT1vXvK6RsFIKEeBGgq7LZO4fJKIYv3fV4T1wq2jYAkYQiMY7e
+IzwsdeLU7mmJ9kMKmNET2tvVMgZUo95h7VX3FYh47LKlc2V1AgMBAAEwDQYJKoZI
+hvcNAQELBQADggIBAJ2spSG1fPRr6WeRVvJCdGLfoN+/ROaN0tF+tNzcSW3SSQy/
+lJ6iALTaAd8Jfa5Y+KB3vrwXXLOZWmUJTpWiIYcBeZym0ZruQmIj07Z0sO3JZZMF
+RNKUAyTmt2AA8qPXkKgmcUOylZY1BbJybKf7iAz3dAfNRkad5TreUhMfFVlUD9DZ
+p6KkZ/e1u/HgrUgQMmgcBwRZX66DWMrq9OFh2umODqYkmV6nIH5cVrqWkjS8CBmp
+tSe7s4+UG7gvAgDqgePL38bdM8yzR8v7E7UWLuCb4TjZwXdswuOieLgfE0d1l6IW
+XmWysf5PzaXdVWgqryR9KU4nU1JPexEm2uSa//lHNYYvTt4t7Sr4Fkmem9tuzp13
+MRSCYlZYEwRxqSH1T1e0oSheiqRaPvxTd6eumjprfFLhiLQB3B+2+HULT9vLp/i+
+mE37hZMZAITKlGqsjgGk3VF51TlJXyTKeKpgKdpleKwbulLVKPj/cos+Lw6LlIvu
+hKVmCzUOx/G9ZbWZbH3SzGKWeTykc+IxmGnANFsbrVocSHnTdS6kZGi6pKFpSaoS
+9CV8nItjcQyFbArqpHK5EEyTUzgFF8dHDE/29HJmZOzzjyMzrPvDCx5d+PqsBc8k
+JlWD5hNaAymNFnAdKAyEcXtYZ4ARTWhpMRd/kTMxsMvC2tQPaiuePaZu5D+F
+-----END CERTIFICATE-----
diff --git a/dbrepo-search-db/pem/node1-key.pem b/dbrepo-search-db/pem/node1-key.pem
new file mode 100644
index 0000000000000000000000000000000000000000..33e9ad7bb148d9b5222b42dbf88cefc27ff2dd1f
--- /dev/null
+++ b/dbrepo-search-db/pem/node1-key.pem
@@ -0,0 +1,51 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIJJwIBAAKCAgEAlo1nI4G1xaD1qHaXNvB+R9aH9B55H1qTLSsPMViFKCx5Lwhk
+C0I4iP8p8GSw4cPYOCSFvIhy/qmMQejNxp5xUZx1WsblJulsCP8H37p7BtawiZI7
+/MV+MfnEoDUyD5xThnr4yYanBN5vP0sW5zn5LjBfgIBChtak6rG2ANCBLqA/gGmh
+RI12AEoyhFAjW4HdLHFn1/n9gVeyU88yovT6T2gdT5s8vgaTvzm5owca/ngFkXvU
+GDro8ae/ek72afxogP+nrE72TRxDbTxIt4vxmqN1GC2XlMpb3GEJGhelNstNI8Bl
+p5bc1gMGDcXXwWR/kekApGbw7X/yLp1zxoD/9qddjpBJ6g/cf3O+nH+ftf3ryBE1
+D4xalVbmTRLrRhlncbbddBkI0MQfKDYTchs0VO4IFboyvwOhp7rHkR1NQei3RJA5
+CPWc/v3w7XJwiC9Ll1nX4zd9HnxSbNap8Uq+2XAEBTVjzIPjuSSZwumXeU/KUZmb
+f5/P11vRy3camBaRWRMHp9zUR/X+fDCMtci2C7ZtbNmDKD9ByUEN0Glc97wcNfC+
+0AZrB6CiUqhp35K2yG26CNfV51wgNcTkvSqbWswaleOU//0PoPTgKgM3DJ5k3/Xp
+uVu3aiAH7da1Ewdgj3ZihSuVWbS/4jpQxn40SwVgjQAZSnEUg5ZOboroDi0CAwEA
+AQKCAgBva/F0NtBHlmuZJUOelnhvRFfUFSWBTfB00lRpKeFKrTd21pfsOTNMOMRa
+NLswK1h/nJAZy0aIMQUr1ldM8wBc7RVxfJglp0WcltrF+uaIViXLex3IYoWWCQs7
+ooMNSJ4MfkBYLb64fMMKrdEiiiZfx882dDZIQt1FEQbpLWceEd1NdV+0M5msdz1R
+7VltpPwCo1++WTcEHdpN6p/IONR0JlLjErnuzUFVmixIer7ArCU62dFLqXWzO3ob
+1ArMv9C7//mhLcNdqFhCpQYQSZMi5myH214+8VDxFiO9WticZ/QMTJ0vXhjMjupR
+ESYv6+f6Hd6qzcDrlPCxDTidJeXJDNL4cl453zyIdU+8Vl67Rnki+G3wa+t1dV4n
+KdoyrqNOan+jHVz+ZtOvTnv0V8d5gyi+DbxsAuwWQUO37UXgPlAdGb3j6bBdJRiG
+8qnASJiq98YylKCFqiksxIRsrAhceudM7cTcD7GoJfYdzdoowA0P/6fESes28uzm
+P2sEnXhlLqTy+jfBw9ayVOX7aTfnk94LfwMV6ANgfDg6Y6vPCy6GbH0CsjvaQBxq
+i8X5BBthTz5bjjzlQmrghHlB766DdMw6YCcmp0stp0KGqPowqBTn0Bka6PrdUQ/R
+yivcQNr73forYm4WLE2ykHl5OBgA0lRii4vbYR2i02JQwtbzZQKCAQEAxn4pZiBA
+pRhSa2cTfAPykM2nugU9xnun9pKucf4C7Ndl7zYUQpbP48GVC2BLRDty1l055hQi
+R/pd2QtYoGcoSOHJO8f8TV8YbyiklTH+dcJ9fTA9SG5trzLWd2geKrxsaTYz3svH
+5A4i75LWkg9NOqKEwC1Vr4s5I/8qTVtaasK0ELfZZZwRpfbChs9QQP0lUtXc91d0
+PzBnHuzo01LmWlgvsJ4nkP00gRaI+DwzlrMyFt/Ck7SmjRmM2v32SIFqgdle/2w/
+Eaod1H1+anHuBsdR71MIu8HOa3TMp4tKe0VY3gnoZiVH4waNjpfg2j73+nTLTt9i
+hTvW3qLXPxAy1wKCAQEAwiuWWUwWzTnITr6V0BAafHVu3TDm9waS4q4XvPY2CxAo
+wd0QgPIvzz+Zqx43pB6RFP14HnE0P1hNUjnU0rBZ65UM/P11Dwj+nNAmDf5joEqA
+LJGNcH6/L4BW15b8EHMemrNdeuBGbYaTV9r2uq9hJDmnzeuR6Xj6C1yLHBzMihSg
+sllXMoL8a4wfovjEeF9CUqbNlVHSSlKre/DfFBUwsPGSELZ5SafLxA78SaECIGtz
+iF4WwsIDjOA1sqWjfTWjEM4cQES7wVjvWZ6PemKcxcTQM5r3EJ1fue5jL5vBOmlr
+UUcAw/koZt78IDE0t9WLvMiyAvsM44HMeE6N9A4qmwKCAQASfL2uXWKn/dPvXPJb
+oqJ9CiqNEN/oFKxYMuE8jMQI+ybrWMYaTaGfPPB81sMr372aaaRy4X0v5wnGpV/j
+0LfX0e/EOaQuMKU99TMfEkD5BtxZRJzwmhhtMPb4uCHXKSWPxxSds60yeH6Ygbyq
+bfJre6eRnqdUakswJxvxiIirWOcch4MgC6E5K/qCQ9zdsLZBONoTz3lsST3Ri49D
+33zE/WGzuYdF4c96Fnc7Z6AGcTpBFyYwS6sXiUGtQ+okZqlc3roSYCqfopCUsfuM
+PoBE8VuYRsuRcUOgjohhMoAFazgTtiiHGwHPC1Uz6sFukl7WXPpypiuu7RveMJyL
+qx6RAoIBAEsEXAoUA5s2f9UsfOTt083R8Qs0IYe+2nEJodI3rZmInLaJmh63cxE3
+GT+rZQPba2IYq5fXVMBEdVsXTMo5qAQEiggURG2SpAwhvxIY/pSnM+4ELgkQbv0D
+MIoKo0gXsfNC6RLYI12daL/AsSJfL8C3JcXBBZaWTsSk9HngBoYyggNl0PKK+Mr0
+UCS+x+lZpF4aY8MU4ZIlbmtsHEO+DBnQuwYJ+cIjOe59e6tWsWOlH/XHpDOKkaST
+2ysyI3/0gRO1DeUmqQOCQLb3M6etAbTG3UmSzXF1284R8/Ao1PakU/oK3JjaYmmc
+LPyjBiMgNeSyBVRxegFL3Jt+fgmUj5ECggEALLbwb8S0o67ZUBQrf/q7om1SXQnD
+FMO2Oxxv2/BysX0m5oAcCLztxrANko8o+RzAdxtjmRq8yOSaWAM8KSdI8iaJ/QJ7
+exHBeopoTVSbMUiDqL1CZDvndJwTxqQsXRP0PKgAxJrDl5p8hJnkMq6PFS90o6kL
+fNhfj14W5j8yududzHdEgHOMIkiOOl62YGoHdA6R/PIp3r/6uVnoMuAp46q3lM9n
+ikfMdbL6PQWKzV/5yEeFS11RgoWDwRr/bU2KWTUi2IV4Y3T7cZFNInY2BTc40cJ+
+vj61WkkZ7/M56+f/K/MgyzcZzoYz6NlsFgEqoeODIXw1g4YfYFpaJzC++A==
+-----END RSA PRIVATE KEY-----
diff --git a/dbrepo-search-db/pem/node1.csr b/dbrepo-search-db/pem/node1.csr
new file mode 100644
index 0000000000000000000000000000000000000000..44ba9b3d4571f26032395e523765043285fa92ce
--- /dev/null
+++ b/dbrepo-search-db/pem/node1.csr
@@ -0,0 +1,27 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIEnjCCAoYCAQAwWTELMAkGA1UEBhMCQVQxJzAlBgNVBAoMHlRlY2huaXNjaGUg
+VW5pdmVyc2l0w4PCpHQgV2llbjEhMB8GA1UEAwwYdGVzdC5kYnJlcG8udHV3aWVu
+LmFjLmF0MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAlo1nI4G1xaD1
+qHaXNvB+R9aH9B55H1qTLSsPMViFKCx5LwhkC0I4iP8p8GSw4cPYOCSFvIhy/qmM
+QejNxp5xUZx1WsblJulsCP8H37p7BtawiZI7/MV+MfnEoDUyD5xThnr4yYanBN5v
+P0sW5zn5LjBfgIBChtak6rG2ANCBLqA/gGmhRI12AEoyhFAjW4HdLHFn1/n9gVey
+U88yovT6T2gdT5s8vgaTvzm5owca/ngFkXvUGDro8ae/ek72afxogP+nrE72TRxD
+bTxIt4vxmqN1GC2XlMpb3GEJGhelNstNI8Blp5bc1gMGDcXXwWR/kekApGbw7X/y
+Lp1zxoD/9qddjpBJ6g/cf3O+nH+ftf3ryBE1D4xalVbmTRLrRhlncbbddBkI0MQf
+KDYTchs0VO4IFboyvwOhp7rHkR1NQei3RJA5CPWc/v3w7XJwiC9Ll1nX4zd9HnxS
+bNap8Uq+2XAEBTVjzIPjuSSZwumXeU/KUZmbf5/P11vRy3camBaRWRMHp9zUR/X+
+fDCMtci2C7ZtbNmDKD9ByUEN0Glc97wcNfC+0AZrB6CiUqhp35K2yG26CNfV51wg
+NcTkvSqbWswaleOU//0PoPTgKgM3DJ5k3/XpuVu3aiAH7da1Ewdgj3ZihSuVWbS/
+4jpQxn40SwVgjQAZSnEUg5ZOboroDi0CAwEAAaAAMA0GCSqGSIb3DQEBCwUAA4IC
+AQBp0YyMbdiLyv5i7NBm2kGik4NJ4dXiFp4VO7AVnauo35S4QZsMU6fs3rvK0/9a
+46ER6uSilEx94I2I+v7ALmvayyF1tNitdXmadgbC1OVGfk+ZCEIZ39mC5G4M3lZ/
+qNFTabe3fyccwH7Nwx2BkmVBW/wWepyuox57qP11EiMG8PJpdXxxkKkd90Q5TFum
+MfdJ+eqw28h1lNPS7FtqFlC4aeAPSrth2qcZhoCmE0WNP49AdXz1TYUJlbworWe8
+n7jpPwM8cAgiqp4rr3Lr4zc02/mrKBRn1Io1jaknb/5hMc4wrlzKPTYpLzoOavD0
+ANQbl2EIyzkee90+cKsu5gs80hvXTJZqpk9PdWEze6e97Pe/BF+/CrYFlbwaxn0p
+aP96qsXvymnG3+S08h9TawEnC4xVmo/TC9VCT72ZXJgKcUKTz+lA+b68luf/CVIi
+N6D4wO+bhTWlZrIMAjuJAAnWzeN27GxpRJEcVDf4BrLCTKOOJPh6kPNSjSHEwmX/
+SS3spK6G/j+IlJxHJL/L0jxA2mxZnbVxWxBz9Sk2bT7HO85x3by/e+kUTgAY2Eue
+MXCvhZ4at3ong9/6NqQBwaNBUaQ9wuDRPLWND7XuCvCjqT0mBGvg7yyBGHVaEGIC
+jJtCCf8SY2+MdXH+4ISP6M/SYaMynLHPcxp+7CjRqJK5Pw==
+-----END CERTIFICATE REQUEST-----
diff --git a/dbrepo-search-db/pem/node1.pem b/dbrepo-search-db/pem/node1.pem
new file mode 100644
index 0000000000000000000000000000000000000000..ad4cc59d17f944d617aa770812b2d5cdbc055d39
--- /dev/null
+++ b/dbrepo-search-db/pem/node1.pem
@@ -0,0 +1,30 @@
+-----BEGIN CERTIFICATE-----
+MIIFOTCCAyECFChEG9Tfkni/pHf2PVR/jkSuImSZMA0GCSqGSIb3DQEBCwUAMFkx
+CzAJBgNVBAYTAkFUMScwJQYDVQQKDB5UZWNobmlzY2hlIFVuaXZlcnNpdMODwqR0
+IFdpZW4xITAfBgNVBAMMGHRlc3QuZGJyZXBvLnR1d2llbi5hYy5hdDAeFw0yMzA5
+MjYxMTA5MjRaFw0yNDA5MjUxMTA5MjRaMFkxCzAJBgNVBAYTAkFUMScwJQYDVQQK
+DB5UZWNobmlzY2hlIFVuaXZlcnNpdMODwqR0IFdpZW4xITAfBgNVBAMMGHRlc3Qu
+ZGJyZXBvLnR1d2llbi5hYy5hdDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC
+ggIBAJaNZyOBtcWg9ah2lzbwfkfWh/QeeR9aky0rDzFYhSgseS8IZAtCOIj/KfBk
+sOHD2DgkhbyIcv6pjEHozcaecVGcdVrG5SbpbAj/B9+6ewbWsImSO/zFfjH5xKA1
+Mg+cU4Z6+MmGpwTebz9LFuc5+S4wX4CAQobWpOqxtgDQgS6gP4BpoUSNdgBKMoRQ
+I1uB3SxxZ9f5/YFXslPPMqL0+k9oHU+bPL4Gk785uaMHGv54BZF71Bg66PGnv3pO
+9mn8aID/p6xO9k0cQ208SLeL8ZqjdRgtl5TKW9xhCRoXpTbLTSPAZaeW3NYDBg3F
+18Fkf5HpAKRm8O1/8i6dc8aA//anXY6QSeoP3H9zvpx/n7X968gRNQ+MWpVW5k0S
+60YZZ3G23XQZCNDEHyg2E3IbNFTuCBW6Mr8Doae6x5EdTUHot0SQOQj1nP798O1y
+cIgvS5dZ1+M3fR58UmzWqfFKvtlwBAU1Y8yD47kkmcLpl3lPylGZm3+fz9db0ct3
+GpgWkVkTB6fc1Ef1/nwwjLXItgu2bWzZgyg/QclBDdBpXPe8HDXwvtAGawegolKo
+ad+StshtugjX1edcIDXE5L0qm1rMGpXjlP/9D6D04CoDNwyeZN/16blbt2ogB+3W
+tRMHYI92YoUrlVm0v+I6UMZ+NEsFYI0AGUpxFIOWTm6K6A4tAgMBAAEwDQYJKoZI
+hvcNAQELBQADggIBAKiZJcKWSYnTV1JasY/U4FjOpcR8E77vRh/jM3pz3Tq2PDtk
+Lx7NwNvmdFZBW/Avg5RkqkG//8Vje8iU4d1IvJONHWZnYM/CMjPWDA9AXPbiK0YP
+QCuLXppTJ7PG37TVmVL3uBpwrTKWuyDHPkUYVBuunLC1ehWGbhKYKWeOe26y+C18
+rnj86SeoG4o2XbiLAGAwIw3T0vivHENp2G9MnUpgUa2nxlHnncaq7ZYPlzQLpucP
+PzvdEORifUVYStjpTBqPgxdSoBRIKtZbWlnG48fzIOHNrpZS5wh2fnKSuQ/KfRq5
+rRO9fNAgT7Kq8ad79MrVyXBbMZhU0gjiiRLAq6Md5On2wndTrUhzVVDFreNOofJD
+QIWpMElo8zRqBgsr3N2HE7vOB7XjsUjN11rBwAlvjTB3rJKCu8kCLWUDHzVGvdaN
+CWpGUoUrtlkUcxbgilQNywRx2xdHCdQViN96WRfkE93Dhf06JSmpttnr6CkOd4eJ
+dCcijqEOtHAPmjk8NBVnQjA5e0GrwuTtZ/Y1YurKPtRRbA9emTcor6ImlVn6bXwa
+knZzq9z13MzY1no7TtZQKfuXWPY+tgTdsF3VKqhbpQWPNjmzTG5BHeUYh8L/T+NW
+GmS/XJUWkbuC2CxwVBSfIrnp/kxPMtVaW5NGISxoZvfJOFfiU8Zt8clUZBs5
+-----END CERTIFICATE-----
diff --git a/dbrepo-search-db/pem/root-ca-key.pem b/dbrepo-search-db/pem/root-ca-key.pem
new file mode 100644
index 0000000000000000000000000000000000000000..e09c0919d59982b870458b5a5d44509d31df280f
--- /dev/null
+++ b/dbrepo-search-db/pem/root-ca-key.pem
@@ -0,0 +1,51 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIJKQIBAAKCAgEAvdhcv2roF53m0WsM2PktVHyQar83BhyfoyhioXj66nOVRXMZ
+JJcF9sw6TGUuRQCUNclfCZj0ZJoLb4iNCX0y8Y93V6IYHah8rLVT8U62oeXQXE5e
+8+Q/Bj05d2qdM7zK3lq8v5LbnoEvjo2g5WsZIn+GxftgFUhXyJOWmLhfeeHBbnFJ
+CQTpnn61/WiG4r+9KaGYSrq+8wG11BDiZG3BBYmHno3731wptu1etgIHJUlgvJJg
+8KNCWMgeitJCA/az85hqQ1z78vRExKPg7u5Ry19ddS1zsTrrnmV+uqSAYC1MEp1O
+u/TDsHIgicXKYEEK4+Y1n8bURhCJ5SSzzE10xws8twL6XfZcC/fODF7YXeLsKmCd
+MCbpoWrTfUWS1kQgOyebVbKqpjw6iz07sQsp/fz2kiW2yD2tFYbny3JhzDo9vlpT
+XwOELPOo+84141HEfHehsqRxe2VLlEnOEVu3Kd0c9Sa0o6LcPSdnqa1xH7PESpI3
++EkKq8y1B8wvIUo2GjoKscXd0LfKeFMfsUyCVITYldAgOv/21CMd3HoE+ue/T238
+CWot+/MEkXf/Z6kIv3KdBfnc3+fKzVJLYR0swV9AXoRc9h/7GJTrqhza3KW3cFNB
+fwaQqx99Xvd9CX2kFEqHTRhN5TMnJsaujI3M2dXnd6bT3QnU+kV+GssUAPMCAwEA
+AQKCAgBkwhOfqH7cIfsihL2B3uYXJDGF5kyu2rxDXSjT6KDLlGLSRF9A00LgFM6Q
+Q1dGWiNPVLwzHNIBHt0Y6hFoyuEh4fIGOcqw2v6or2iI9yzpSk7G3vV4Xliw2AfL
+AHPExNurHd91kd0sCAaUk0ik2q2xaJvAMkVxpj6o/uP71EcgKhh+pHON7OSNMVUn
+1LVaXUdpdBGe//RehzbZAckWYkYCyVaIaXUXvBOLufn9gaAHQyWrj8kRjqSk+Dl1
+llhhQCuMCwXDEPPLo6dn8k5soWIaHVg928y+cLYjEF0tdCeKZCAu9PyXtzWxTTFF
+zgs2AO9lu4YUcfOx6A835b3jnexu2CAf1Whzkwi8t4MKZxitHmcd90xgW7/XKgXu
+faU7uJZAm0SoQQHw0zMfGXuE2gCWg/GpKII7JP4wBfhZftPlUEnxISFQ9E6clZP+
+7O47Tpz69lmiEeRXLd3eCiBHcxPm/XvrtpoMC8KsWXeW4WxFkTE3gONo/DsjtSmn
+l5Bkwf8YotxGsOQq+/VYcttgqq7EENbTFjQHMAPws0A3WHQaMAb01lqoze+T4N8J
+wHq2ANRoZUg6wYv7I0Pm9bdzQzHL2mZPFM44VJno43fEIMDt946DMDxkw01fU32I
+wQgQMXoLXjKNFzkKdvR0P+Fm3ZxN+nJXw2el1Se8mghatyTESQKCAQEA+Qt+VXO3
+cYAc0V5ooO8pYVjWBGfb9QBvgqfTxYqnOmgHet299ig8Pno0EVN2BICbyaUzIa2I
+gIfOAPoVIAgUwBqx3l2Ajl2QmFiR6tGDz3hB3EpaXYJcSvjpF8JdS9LsAqxy0gG9
+7wKXjF1oD/8QxhI9zDo+BRu9LkGq8yJZykHY5WWdb2nSD6+lMp6UMRJW+oI7klvh
+1C4NVdT3UHtAYZziRgGUFQXxK2yC4GTPtVVe7547f00d4cEArM6CZC60NU22UmJ+
+VapngFjbGmgoQ4bk6nOZbie8FQKO97UOUerf+rq/s4l2IJSxDvp+DmeBzEdv3bdD
+R8KDLZ7mRF/79QKCAQEAwyWhPHugHL5R2ESoiDol2/2HycmgWr4FtiyG3DABbCp+
+Gg41m+sUpQNhOmMM56pybNd31Qhnt12azovOoVOsVTP1cnhf2QVO1VKS4Ey9F2o5
+RbB/8XP1ykLrUKzjgGDBlel15Wdm3tlQnL2bidSKm8Ybn/wymkdp2ebA1owy/REB
+eA3WIWWBBZ4SNROb50RmQpu+CqMFDeFHosZEV9fi3r1NWCU1/wU+698ibkRl5Kds
+PuWPlDhceDojPvuyPe1BeCc17J+pB4pjzknvB1tRHeS3m4grRD2q45zwSlD/wmid
+SNCoMzoMMw8zmdqlhARDIyO8Dcx+WAa4dzowuYygRwKCAQEA7GvLz8VdhWMweFXe
+j8DbEK3r5hzOg8SZF3jJIoPhAyJUz4AH4NILdug926DWramFuySX6MW7iwDhQK4o
+NdNWF5R//G/ZJc2PAgE67KdfMSqho0X2iUTC5u1rIoICXYPrRxJ8of7DV02nnrnh
+myXxv4b7oZA85k6SBoKSjeOzR73A8OzJS0YzA28kLWy7k+YsKf5OHUAan3nkcPIO
+ohmPYds0N28yK88LRsTpbapmQGe+C020f8Iutuyo/mPBBugLbXrLtWQJOLvfK8mu
+nl/4sToywJtjMV6JP4zBOkhoQr3tSTHV4NODD6T4fRaxam06nDnI6bsbJNlz/HAX
+ext/rQKCAQEAtlAyiVoJ5LCdsAm81cBVXGhI8ukuqXf7yA1jVNR4j8BHHTqHNQpz
+uBInRLAC/3ALBMpsRpdapkGJ/ks5GRkd2F/5gB8blJnT45IIbArlYbm4lfXmIgKu
+726Df1R2GprKYK7CmTZ4Mdwe5sBxTlxFvnBfoKCx+dab+poNMKO8gxbfI3TxxzOY
+TVI3OmT+cxpA2xu7eR6B+0yra1QFx3eGmYeLeb0R7BXPifdlqFS4SN1tUHmRIO1i
+3mOaSB5HkHlWf9VKGK208bmFstT5vgq/BsmGC4U0vsVKIOmeyB9SQiMQRlXBvlIN
+0anzEFrn5SVCP9MDvnR82Oo2bhTsLn1FwwKCAQAJTPoY3DfJO7gE3RXuDgIKgNCn
+IWt18x9B51EhHqCC7EoEdgfonLzePROc0rnLf6okD3lKmS5ReJX6Y/VdfK/S/CgR
+FidJkYXQ/TuC+e6hVsoU5yoerQxZHM89Evg8Z85K+N4T/GyBRaaoAawsnW9Zjpe4
+NFa2KiRgcelOyAEC+r2XS3AWxF1CPWOQTxz9DXhlwsspmHv5w9HIFgJE5Mi4uDGu
+NuJ1GLiv+35ireLlnOXsYnmTgAqApQTB1EfeHpD4Aq0rXIRbxcCVLA4MksPFwzV2
+jzz0NKrvIKFfY4gM6HmPOy6iN9ZazYd3JB+TXOXuNYh1IZVE+ni00hyYS/fb
+-----END RSA PRIVATE KEY-----
diff --git a/dbrepo-search-db/pem/root-ca.pem b/dbrepo-search-db/pem/root-ca.pem
new file mode 100644
index 0000000000000000000000000000000000000000..dc9536b8e63d42f4c1fd4713f8d1febea82f1f01
--- /dev/null
+++ b/dbrepo-search-db/pem/root-ca.pem
@@ -0,0 +1,32 @@
+-----BEGIN CERTIFICATE-----
+MIIFkzCCA3ugAwIBAgIUOfbA5pppESAMwKjKjQ5dv7AyqLEwDQYJKoZIhvcNAQEL
+BQAwWTELMAkGA1UEBhMCQVQxJzAlBgNVBAoMHlRlY2huaXNjaGUgVW5pdmVyc2l0
+w4PCpHQgV2llbjEhMB8GA1UEAwwYdGVzdC5kYnJlcG8udHV3aWVuLmFjLmF0MB4X
+DTIzMDkyNjExMDkyM1oXDTMzMDkyMzExMDkyM1owWTELMAkGA1UEBhMCQVQxJzAl
+BgNVBAoMHlRlY2huaXNjaGUgVW5pdmVyc2l0w4PCpHQgV2llbjEhMB8GA1UEAwwY
+dGVzdC5kYnJlcG8udHV3aWVuLmFjLmF0MIICIjANBgkqhkiG9w0BAQEFAAOCAg8A
+MIICCgKCAgEAvdhcv2roF53m0WsM2PktVHyQar83BhyfoyhioXj66nOVRXMZJJcF
+9sw6TGUuRQCUNclfCZj0ZJoLb4iNCX0y8Y93V6IYHah8rLVT8U62oeXQXE5e8+Q/
+Bj05d2qdM7zK3lq8v5LbnoEvjo2g5WsZIn+GxftgFUhXyJOWmLhfeeHBbnFJCQTp
+nn61/WiG4r+9KaGYSrq+8wG11BDiZG3BBYmHno3731wptu1etgIHJUlgvJJg8KNC
+WMgeitJCA/az85hqQ1z78vRExKPg7u5Ry19ddS1zsTrrnmV+uqSAYC1MEp1Ou/TD
+sHIgicXKYEEK4+Y1n8bURhCJ5SSzzE10xws8twL6XfZcC/fODF7YXeLsKmCdMCbp
+oWrTfUWS1kQgOyebVbKqpjw6iz07sQsp/fz2kiW2yD2tFYbny3JhzDo9vlpTXwOE
+LPOo+84141HEfHehsqRxe2VLlEnOEVu3Kd0c9Sa0o6LcPSdnqa1xH7PESpI3+EkK
+q8y1B8wvIUo2GjoKscXd0LfKeFMfsUyCVITYldAgOv/21CMd3HoE+ue/T238CWot
++/MEkXf/Z6kIv3KdBfnc3+fKzVJLYR0swV9AXoRc9h/7GJTrqhza3KW3cFNBfwaQ
+qx99Xvd9CX2kFEqHTRhN5TMnJsaujI3M2dXnd6bT3QnU+kV+GssUAPMCAwEAAaNT
+MFEwHQYDVR0OBBYEFHRalunU9uLvP49ItGLJi9QLzNo5MB8GA1UdIwQYMBaAFHRa
+lunU9uLvP49ItGLJi9QLzNo5MA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEL
+BQADggIBAJErWbSivfbkFUWVuWkZX6BJv+Xqr4mp7AZz4vXyNQnVT8TqXtiI+Xek
+w9BVRVUUaTCymducJrQKT9LJBpwLSzB6z4l+o+6XVnK/Z67Fj8WtvoZdaBWwpePR
+4f6xxR19sdUOD4W8YTsahpZXq/yi1qchNFda2CNmI9MoVN0ujy+NBw61OL6GjNdP
+xjcjtHkifm1e1tBNWNGCcScplLbbJScd83rB4Qwe26x0kpHJmpSQkN0U8GuLlAVP
+pQOVQt+GDPg03j+1KTcOqDUjWaVVgaIUVdCfq2K6ToMI68HtVVpXy8VlYtYi5gEl
+jEZqDuC1uMCIf3rl+Jscrg4NLRXninEdCi+qqtyiHuRRuJxYsUP1x62wG/kbvY+V
+72HD3hZVwMYAfJ1GN0W2HvpuRpd/QkQL5tqRuELa6/WSCBqpVT7zLCGqtKkMHzKt
+hsPFlrQJTMdkdbDEbZ/5dkE29sPIA2TD2d7wOWLmunuyXycPAgPGGc55IHRDd/4W
+yk6toxxnSXvDuGup5jFio3XI7A14toLo6algdQ9WOJLoBGNYGyQpT+1Zgv/a1MaC
+QpjeOEW8pCpOxrMWusph4pMmV+Trxc+tCmLnMSR6nq0ILoTT4cggwS/ztN/7o9yp
+VGafIWCdXQP7T1H0ESOtMaQ7TRbRPtLq2NoTh12DQg7oV7kfYjrx
+-----END CERTIFICATE-----
diff --git a/dbrepo-search-db/pem/root-ca.srl b/dbrepo-search-db/pem/root-ca.srl
new file mode 100644
index 0000000000000000000000000000000000000000..8a970fd4d45a5be230352dbe4a8cbe48779eb82a
--- /dev/null
+++ b/dbrepo-search-db/pem/root-ca.srl
@@ -0,0 +1 @@
+28441BD4DF9278BFA477F63D547F8E44AE226499
diff --git a/dbrepo-search-sync-agent/Dockerfile b/dbrepo-search-sync-agent/Dockerfile
index f243236618dc0d13e8016b35c9eda7982bc4bb0c..0c9db041bdfea2074a730f68ffaec5dcb4ca6428 100644
--- a/dbrepo-search-sync-agent/Dockerfile
+++ b/dbrepo-search-sync-agent/Dockerfile
@@ -28,8 +28,8 @@ ENV METADATA_HOST=metadata-db
ENV METADATA_JDBC_EXTRA_ARGS=""
ENV METADATA_PASSWORD=dbrepo
ENV METADATA_USERNAME=root
-ENV SEARCH_USERNAME=fda
-ENV SEARCH_PASSWORD=fda
+ENV SEARCH_USERNAME=admin
+ENV SEARCH_PASSWORD=admin
ENV LOG_LEVEL=debug
WORKDIR /app
diff --git a/dbrepo-ui/Dockerfile b/dbrepo-ui/Dockerfile
index 066d69cb53013b5a7de4d685545cfd0d2538d18b..be7719b76c8793ea47819f71fd3d48764a9cf73a 100644
--- a/dbrepo-ui/Dockerfile
+++ b/dbrepo-ui/Dockerfile
@@ -43,6 +43,7 @@ ENV BROKER_USERNAME="fda"
ENV BROKER_PASSWORD="fda"
ENV BROKER_LOGIN_URL="/admin/broker/"
ENV KEYCLOAK_LOGIN_URL="/api/auth/"
+ENV OPENSEARCH_LOGIN_URL="/admin/dashboard/"
ENV SHARED_FILESYSTEM="/tmp"
ENV LOGO="/logo.png"
ENV SEARCH_USERNAME="admin"
diff --git a/dbrepo-ui/config.js b/dbrepo-ui/config.js
index 29847aaebe790ef5cdcc825951b8496496931eeb..998950b9bce6c7ff83ec4a20f0d2c902347249f0 100644
--- a/dbrepo-ui/config.js
+++ b/dbrepo-ui/config.js
@@ -6,6 +6,7 @@ config.brokerUsername = process.env.BROKER_USERNAME
config.brokerPassword = process.env.BROKER_PASSWORD
config.brokerLoginUrl = process.env.BROKER_LOGIN_URL
config.keycloakLoginUrl = process.env.KEYCLOAK_LOGIN_URL
+config.openSearchUrl = process.env.OPENSEARCH_LOGIN_URL
config.sharedFilesystem = process.env.SHARED_FILESYSTEM
config.version = process.env.VERSION
config.logo = process.env.LOGO
diff --git a/dbrepo-ui/nuxt.config.js b/dbrepo-ui/nuxt.config.js
index 77b99c27885a48b161b433b11daa9be36dd5a97a..4d0f2aed2d116befb7bae6e91a80a26015bc5268 100644
--- a/dbrepo-ui/nuxt.config.js
+++ b/dbrepo-ui/nuxt.config.js
@@ -1,6 +1,6 @@
import path from 'path'
import colors from 'vuetify/es5/util/colors'
-import { icon, clientSecret, title, logo, version, defaultPublisher, doiUrl, clientId, uploadPath, brokerUsername, brokerPassword, searchUsername, searchPassword, brokerLoginUrl, keycloakLoginUrl } from './config'
+import { icon, clientSecret, title, logo, version, defaultPublisher, doiUrl, clientId, uploadPath, brokerUsername, brokerPassword, searchUsername, searchPassword, brokerLoginUrl, keycloakLoginUrl, openSearchUrl } from './config'
const proxy = {}
@@ -108,6 +108,7 @@ export default {
brokerPassword,
brokerLoginUrl,
keycloakLoginUrl,
+ openSearchUrl,
searchUsername,
searchPassword,
doiUrl,
diff --git a/dbrepo-ui/pages/login.vue b/dbrepo-ui/pages/login.vue
index fe6ce6651a514c5a2c904b6e8e623eeb64ae873d..e03804d65cdb3b09cc8d4139da7e906f0981b364 100644
--- a/dbrepo-ui/pages/login.vue
+++ b/dbrepo-ui/pages/login.vue
@@ -52,6 +52,9 @@
</v-btn>
</v-card-actions>
<v-card-subtitle class="text-right">
+ <a v-if="openSearchUrl" class="mr-1" :href="openSearchUrl" target="_blank">
+ OpenSearch Admin <sup><v-icon color="primary" x-small>mdi-open-in-new</v-icon></sup>
+ </a>
<a v-if="rabbitMqUrl" class="mr-1" :href="rabbitMqUrl" target="_blank">
RabbitMQ Admin <sup><v-icon color="primary" x-small>mdi-open-in-new</v-icon></sup>
</a>
@@ -93,6 +96,9 @@ export default {
},
rabbitMqUrl () {
return this.$config.brokerLoginUrl
+ },
+ openSearchUrl () {
+ return this.$config.openSearchUrl
}
},
mounted () {
diff --git a/docker-compose.yml b/docker-compose.yml
index 4cbbac46746c4affcd1c5664ae558887e3d0d50f..3bee756840367e429f5a0e9aa9c76efd4f9e4a54 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -2,6 +2,16 @@
# MODIFIED: 2023-06-01
# MAINTAINER: Martin Weise <martin.weise@tuwien.ac.at>
+# Log to the (commented) log service by changing the logging driver to fluentd, e.g.name:
+#
+# my-service:
+# ...
+# logging: fluentd
+# driver: fluentd
+# options:
+# host: localhost: 24224
+# tag: my-service
+
version: "3.6"
volumes:
@@ -34,7 +44,7 @@ services:
container_name: dbrepo-metadata-db
hostname: metadata-db
build: ./dbrepo-metadata-db
- image: dbrepo-metadata-db:latest
+ image: dbrepo-metadata-db
networks:
core:
volumes:
@@ -248,15 +258,13 @@ services:
- "2020:2020"
- "9200:9200"
healthcheck:
- test: bash ./healthcheck.sh
+ test: curl -sSL localhost:9200/_plugins/_security/health | jq .status | grep UP
interval: 10s
timeout: 5s
retries: 12
environment:
- discovery.type: "single-node"
ES_JAVA_OPTS: "-Xms4g -Xmx4g"
logger.level: "WARN"
- plugins.security.disabled: "true"
deploy:
resources:
limits:
@@ -280,6 +288,7 @@ services:
BROKER_PASSWORD: "${BROKER_PASSWORD:-fda}"
BROKER_LOGIN_URL: "${BROKER_LOGIN_URL:-/admin/broker/}"
KEYCLOAK_LOGIN_URL: "${KEYCLOAK_LOGIN_URL:-/api/auth/admin/}"
+ OPENSEARCH_LOGIN_URL: "${OPENSEARCH_LOGIN_URL:-/admin/dashboard/}"
SHARED_FILESYSTEM: "${SHARED_FILESYSTEM:-/tmp}"
LOGO: "${LOGO:-/logo.png}"
SEARCH_USERNAME: "${SEARCH_USERNAME:-admin}"
@@ -326,6 +335,22 @@ services:
logging:
driver: json-file
+ dbrepo-search-db-dashboard:
+ restart: "no"
+ container_name: dbrepo-search-db-dashboard
+ hostname: search-db-dashboard
+ image: opensearchproject/opensearch-dashboards:2.8.0
+ networks:
+ core:
+ public:
+ volumes:
+ - ./dbrepo-log-service/dashboard/opensearch_dashboards.yml:/usr/share/opensearch-dashboards/config/opensearch_dashboards.yml
+ ports:
+ - "5601:5601"
+ depends_on:
+ dbrepo-search-db:
+ condition: service_healthy
+
dbrepo-search-sync-agent:
restart: "no"
container_name: dbrepo-search-sync-agent
@@ -340,8 +365,8 @@ services:
METADATA_JDBC_EXTRA_ARGS: ${METADATA_JDBC_EXTRA_ARGS:-}
METADATA_PASSWORD: ${METADATA_PASSWORD:-dbrepo}
METADATA_USERNAME: ${METADATA_USERNAME:-root}
- SEARCH_USERNAME: ${SEARCH_USERNAME:-fda}
- SEARCH_PASSWORD: ${SEARCH_PASSWORD:-fda}
+ SEARCH_USERNAME: ${SEARCH_USERNAME:-admin}
+ SEARCH_PASSWORD: ${SEARCH_PASSWORD:-admin}
LOG_LEVEL: ${LOG_LEVEL:-debug}
healthcheck:
test: wget -qO- localhost:9050/actuator/health/readiness | grep -q "UP" || exit 1