They are not needed

7df368a8 · Martin Weise · cc1caf3a · 7df368a8 · 7df368a8 · cc1caf3a
Commit 7df368a8 authored 4 months ago by Martin Weise
--- a/.docker/docker-compose.yml
+++ b/.docker/docker-compose.yml
@@ -260,23 +260,16 @@ services:
    restart: "no"
    container_name: dbrepo-search-db
    hostname: search-db
-    image: registry.datalab.tuwien.ac.at/dbrepo/search-db:1.8.0
+    image: docker.io/bitnami/opensearch:2.10.0
+    ports:
+      - "9200:9200"
    healthcheck:
-      test: curl -sSL localhost:9200/_plugins/_security/health | jq .status | grep UP
+      test: curl -sSL 127.0.0.1:9200
      interval: 10s
      timeout: 5s
      retries: 12
-    environment:
-      ES_JAVA_OPTS: "-Xms4g -Xmx4g"
-      logger.level: "WARN"
-    deploy:
-      resources:
-        limits:
-          memory: 4G
-    ports:
-      - "9200:9200"
    volumes:
-      - search-db-data:/usr/share/elasticsearch/data
+      - search-db-data:/bitnami/opensearch/data
    logging:
      driver: json-file
@@ -294,8 +287,6 @@ services:
      METADATA_SERVICE_ENDPOINT: ${METADATA_SERVICE_ENDPOINT:-http://metadata-service:8080}
      OPENSEARCH_HOST: ${OPENSEARCH_HOST:-search-db}
      OPENSEARCH_PORT: ${OPENSEARCH_PORT:-9200}
-      OPENSEARCH_USERNAME: ${SYSTEM_USERNAME:-admin}
-      OPENSEARCH_PASSWORD: ${SYSTEM_PASSWORD:-admin}
      SYSTEM_USERNAME: "${SYSTEM_USERNAME:-admin}"
      SYSTEM_PASSWORD: "${SYSTEM_PASSWORD:-admin}"
    healthcheck:
@@ -346,7 +337,7 @@ services:
    volumes:
      - ./config/dbrepo.conf:/etc/nginx/conf.d/default.conf
    healthcheck:
-      test: service nginx status || exit 1
+      test: lsof -i TCP:80 || exit 1
      interval: 10s
      timeout: 5s
      retries: 12
@@ -398,8 +389,6 @@ services:
      METADATA_SERVICE_ENDPOINT: ${METADATA_SERVICE_ENDPOINT:-http://metadata-service:8080}
      OPENSEARCH_HOST: ${OPENSEARCH_HOST:-search-db}
      OPENSEARCH_PORT: ${OPENSEARCH_PORT:-9200}
-      OPENSEARCH_USERNAME: ${SYSTEM_USERNAME:-admin}
-      OPENSEARCH_PASSWORD: ${SYSTEM_PASSWORD:-admin}
      SYSTEM_USERNAME: "${SYSTEM_USERNAME:-admin}"
      SYSTEM_PASSWORD: "${SYSTEM_PASSWORD:-admin}"
    depends_on:

--- a/.docs/changelog.md
+++ b/.docs/changelog.md
@@ -11,6 +11,11 @@ author: Martin Weise
 * Added automated dashboard generation for all public databases where each view has an overview of its data and
  schema in [#460](https://gitlab.phaidra.org/fair-data-austria-db-repository/fda-services/-/issues/460).
+#### Changes
+* Removed OpenSearch security plugin from the Docker test deployment and changed to the `bitnami/opensearch` image
+  of the same version in [#515](https://gitlab.phaidra.org/fair-data-austria-db-repository/fda-services/-/issues/515).
 #### Fixes
 * Fixed a bug where validation of missing `Principal` object in Java services caused a 400 error instead of a 401 error

--- a/.docs/images/architecture-data-db.svg
+++ b/.docs/images/architecture-data-db.svg
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
-<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" width="426px" height="214px" viewBox="-0.5 -0.5 426 214"><defs/><g><rect x="0" y="37" width="248" height="130" rx="3.9" ry="3.9" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe flex-end; justify-content: unsafe center; width: 246px; height: 1px; padding-top: 164px; margin-left: 1px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; font-style: italic; white-space: normal; overflow-wrap: normal;">shared filesystem<br />/tmp</div></div></div></foreignObject><text x="124" y="164" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle" font-style="italic">shared filesystem...</text></switch></g><path d="M 47.5 47.63 L 47.5 31 L 47.71 7" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="stroke"/><path d="M 47.5 52.88 L 44 45.88 L 47.5 47.63 L 51 45.88 Z" fill="rgb(0, 0, 0)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 1px; height: 1px; padding-top: 22px; margin-left: 48px;"><div data-drawio-colors="color: rgb(0, 0, 0); background-color: rgb(255, 255, 255); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 11px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; background-color: rgb(255, 255, 255); white-space: nowrap;">jdbc</div></div></div></foreignObject><text x="48" y="25" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="11px" text-anchor="middle">jdbc</text></switch></g><path d="M 22.5 62.6 C 22.5 57.85 33.69 54 47.5 54 C 54.13 54 60.49 54.91 65.18 56.52 C 69.87 58.13 72.5 60.32 72.5 62.6 L 72.5 109.4 C 72.5 114.15 61.31 118 47.5 118 C 33.69 118 22.5 114.15 22.5 109.4 Z" fill="#dae8fc" stroke="#000000" stroke-miterlimit="10" pointer-events="all"/><path d="M 72.5 62.6 C 72.5 67.35 61.31 71.2 47.5 71.2 C 33.69 71.2 22.5 67.35 22.5 62.6" fill="none" stroke="#000000" stroke-miterlimit="10" pointer-events="all"/><rect x="6.5" y="116" width="85" height="20" fill="none" stroke="none" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 89px; height: 1px; padding-top: 126px; margin-left: 5px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">data-db</div></div></div></foreignObject><text x="49" y="130" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">data-db</text></switch></g><path d="M 160 59.63 L 160 37 L 160.1 7" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="stroke"/><path d="M 160 64.88 L 156.5 57.88 L 160 59.63 L 163.5 57.88 Z" fill="rgb(0, 0, 0)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 1px; height: 1px; padding-top: 23px; margin-left: 160px;"><div data-drawio-colors="color: rgb(0, 0, 0); background-color: rgb(255, 255, 255); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 11px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; background-color: rgb(255, 255, 255); white-space: nowrap;">http</div></div></div></foreignObject><text x="160" y="26" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="11px" text-anchor="middle">http</text></switch></g><path d="M 231.37 86 L 288.63 86" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="stroke"/><path d="M 226.12 86 L 233.12 82.5 L 231.37 86 L 233.12 89.5 Z" fill="rgb(0, 0, 0)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/><path d="M 293.88 86 L 286.88 89.5 L 288.63 86 L 286.88 82.5 Z" fill="rgb(0, 0, 0)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 1px; height: 1px; padding-top: 86px; margin-left: 260px;"><div data-drawio-colors="color: rgb(0, 0, 0); background-color: rgb(255, 255, 255); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 11px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; background-color: rgb(255, 255, 255); white-space: nowrap;">S3</div></div></div></foreignObject><text x="260" y="89" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="11px" text-anchor="middle">S3</text></switch></g><rect x="95" y="66" width="130" height="40" rx="6" ry="6" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 128px; height: 1px; padding-top: 86px; margin-left: 96px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Data DB Sidecar</div></div></div></foreignObject><text x="160" y="90" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Data DB Sidecar</text></switch></g><rect x="295" y="66" width="130" height="40" rx="6" ry="6" fill="#e6e6e6" stroke="rgb(0, 0, 0)" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 128px; height: 1px; padding-top: 86px; margin-left: 296px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Storage Service<br style="border-color: var(--border-color);" />(SeaweedFS)</div></div></div></foreignObject><text x="360" y="90" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Storage Service...</text></switch></g><rect x="242.5" y="177" width="30" height="16" fill="#e6e6e6" stroke="rgb(0, 0, 0)" pointer-events="all"/><rect x="280" y="177" width="140" height="16" fill="none" stroke="none" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe flex-start; width: 138px; height: 1px; padding-top: 185px; margin-left: 282px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: left;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">External images</div></div></div></foreignObject><text x="282" y="189" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px">External images</text></switch></g><rect x="242.5" y="197" width="30" height="16" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/><rect x="280" y="197" width="140" height="16" fill="none" stroke="none" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe flex-start; width: 138px; height: 1px; padding-top: 205px; margin-left: 282px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: left;"><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Maintained images</div></div></div></foreignObject><text x="282" y="209" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px">Maintained images</text></switch></g><rect x="257.5" y="177" width="15" height="16" fill="#dae8fc" stroke="#000000" pointer-events="all"/></g><switch><g requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"/><a transform="translate(0,-5)" xlink:href="https://www.drawio.com/doc/faq/svg-export-text-problems" target="_blank"><text text-anchor="middle" font-size="10px" x="50%" y="100%">Text is not SVG - cannot display</text></a></switch></svg>
\ No newline at end of file
--- a/.docs/images/architecture-docker-compose.svg
+++ b/.docs/images/architecture-docker-compose.svg
--- a/.docs/images/architecture.drawio
+++ b/.docs/images/architecture.drawio
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -75,7 +75,7 @@ lint-docker-compose:
    - "IGNORE_VOLUMES=1 bash .scripts/check-service.sh 'dbrepo-metadata-db'"
    - "IGNORE_IMAGE=1 IGNORE_PORTS=1 bash .scripts/check-service.sh 'dbrepo-metadata-service'"
    - "IGNORE_VOLUMES=1 IGNORE_PORTS=1 bash .scripts/check-service.sh 'dbrepo-metric-db'"
-    - "IGNORE_IMAGE=1 bash .scripts/check-service.sh 'dbrepo-search-db'"
+    - "bash .scripts/check-service.sh 'dbrepo-search-db'"
    - "IGNORE_IMAGE=1 IGNORE_PORTS=1 bash .scripts/check-service.sh 'dbrepo-search-service'"
    - "IGNORE_IMAGE=1 bash .scripts/check-service.sh 'dbrepo-search-service-init'"
    - "IGNORE_VOLUMES=1 bash .scripts/check-service.sh 'dbrepo-storage-service'"

--- a/dbrepo-analyse-service/Pipfile.lock
+++ b/dbrepo-analyse-service/Pipfile.lock
@@ -425,7 +425,7 @@
        },
        "dbrepo": {
            "hashes": [
-                "sha256:d6a1b79f43dbe10ecbd09db082228eb51c5858370f4499aa1c8b02399da95d87"
+                "sha256:55de6a4934010e14a574032b5a5179bf3dac9895ef74e5cd4a221a625a75674b"
            ],
            "path": "./lib/dbrepo-1.8.0.tar.gz"
        },

--- a/dbrepo-analyse-service/lib/dbrepo-1.8.0-py3-none-any.whl
+++ b/dbrepo-analyse-service/lib/dbrepo-1.8.0-py3-none-any.whl
--- a/dbrepo-analyse-service/lib/dbrepo-1.8.0.tar.gz
+++ b/dbrepo-analyse-service/lib/dbrepo-1.8.0.tar.gz
--- a/dbrepo-auth-service/listeners/target/create-event-listener.jar
+++ b/dbrepo-auth-service/listeners/target/create-event-listener.jar
--- a/dbrepo-dashboard-service/Pipfile.lock
+++ b/dbrepo-dashboard-service/Pipfile.lock
@@ -373,7 +373,7 @@
        },
        "dbrepo": {
            "hashes": [
-                "sha256:d6a1b79f43dbe10ecbd09db082228eb51c5858370f4499aa1c8b02399da95d87"
+                "sha256:55de6a4934010e14a574032b5a5179bf3dac9895ef74e5cd4a221a625a75674b"
            ],
            "path": "./lib/dbrepo-1.8.0.tar.gz"
        },

--- a/dbrepo-dashboard-service/init/Pipfile.lock
+++ b/dbrepo-dashboard-service/init/Pipfile.lock
@@ -259,7 +259,7 @@
        },
        "dbrepo": {
            "hashes": [
-                "sha256:d6a1b79f43dbe10ecbd09db082228eb51c5858370f4499aa1c8b02399da95d87"
+                "sha256:55de6a4934010e14a574032b5a5179bf3dac9895ef74e5cd4a221a625a75674b"
            ],
            "path": "./lib/dbrepo-1.8.0.tar.gz"
        },

--- a/dbrepo-dashboard-service/init/lib/dbrepo-1.8.0-py3-none-any.whl
+++ b/dbrepo-dashboard-service/init/lib/dbrepo-1.8.0-py3-none-any.whl
--- a/dbrepo-dashboard-service/init/lib/dbrepo-1.8.0.tar.gz
+++ b/dbrepo-dashboard-service/init/lib/dbrepo-1.8.0.tar.gz
--- a/dbrepo-dashboard-service/lib/dbrepo-1.8.0-py3-none-any.whl
+++ b/dbrepo-dashboard-service/lib/dbrepo-1.8.0-py3-none-any.whl
--- a/dbrepo-dashboard-service/lib/dbrepo-1.8.0.tar.gz
+++ b/dbrepo-dashboard-service/lib/dbrepo-1.8.0.tar.gz
--- a/dbrepo-search-db/Dockerfile
+++ b/dbrepo-search-db/Dockerfile
-FROM opensearchproject/opensearch:2.10.0 AS runtime
-USER root
-RUN yum install -y jq
-COPY ./limits.conf /etc/security/limits.conf
-WORKDIR /usr/share/opensearch
-RUN chmod 0700 ./config
-COPY --chown=opensearch:opensearch ./opensearch.yml ./config/opensearch.yml
-COPY --chown=opensearch:opensearch ./config.yml ./config/opensearch-security/config.yml
-RUN chmod 0600 ./config/opensearch.yml
-RUN chmod 0600 ./config/opensearch-security/config.yml
-COPY --chown=opensearch:opensearch ./pem/admin.pem ./config/admin.pem
-COPY --chown=opensearch:opensearch ./pem/admin-key.pem ./config/admin-key.pem
-RUN chmod 0600 ./config/admin*.pem
-COPY --chown=opensearch:opensearch ./pem/node1.pem ./config/node1.pem
-COPY --chown=opensearch:opensearch ./pem/node1-key.pem ./config/node1-key.pem
-RUN chmod 0600 ./config/node1*.pem
-COPY --chown=opensearch:opensearch ./pem/root-ca.pem ./config/root-ca.pem
-COPY --chown=opensearch:opensearch ./pem/root-ca-key.pem ./config/root-ca-key.pem
-RUN chmod 0600 ./config/root-ca*.pem
-USER opensearch
-ENV DISABLE_INSTALL_DEMO_CONFIG=true
--- a/dbrepo-search-db/README.md
+++ b/dbrepo-search-db/README.md
-# Search Database
-## REST
-### Indices
-* View all [http://localhost:9200/_cat/indices](http://localhost:9200/_cat/indices)
-### Nodes
-* View all [http://localhost:9200/_cat/nodes](http://localhost:9200/_cat/nodes)
-### Health
-* View all [http://localhost:9200/_plugins/_security/health](http://localhost:9200/_plugins/_security/health)
\ No newline at end of file
--- a/dbrepo-search-db/config.yml
+++ b/dbrepo-search-db/config.yml
---
-_meta:
-  type: "config"
-  config_version: 2
-config:
-  dynamic:
-    http:
-      # Either enables or disables anonymous authentication. When true, HTTP authenticators try to find user credentials in
-      # the HTTP request. If credentials are found, the user is authenticated. If none are found, the user is authenticated
-      # as an “anonymous” user. This user then has the username “anonymous” and one role named “anonymous_backendrole”.
-      # When you enable anonymous authentication, all defined HTTP authenticators are non-challenging. Also see The
-      # challenge setting.
-      anonymous_auth_enabled: true
-      xff:
-        enabled: false
-    authc:
-      basic_internal_auth_domain:
-        description: "Authenticate via HTTP Basic against internal users database"
-        http_enabled: true
-        transport_enabled: true
-        order: 0
-        http_authenticator:
-          type: basic
-          challenge: true
-        authentication_backend:
-          type: intern
-      openid_auth_domain:
-        http_enabled: true
-        transport_enabled: true
-        order: 1
-        http_authenticator:
-          type: openid
-          challenge: false
-          config:
-            subject_key: client_id
-            roles_key: roles
-            openid_connect_url: http://auth-service:8080/api/auth/realms/dbrepo/.well-known/openid-configuration
-        authentication_backend:
-          type: noop
--- a/dbrepo-search-db/generate-pki.sh
+++ b/dbrepo-search-db/generate-pki.sh
-#!/bin/bash
-# Generate the private key of the root CA
-openssl genrsa -out ./pem/root-ca-key.pem 4096
-# Generate the self-signed root CA certificate
-openssl req -x509 -sha256 -new -nodes -key ./pem/root-ca-key.pem -days 3650 -out ./pem/root-ca.pem -subj "/C=AT/O=Technische Universität Wien/CN=test.dbrepo.tuwien.ac.at"
-# Create the certificate key
-openssl genrsa -out ./pem/admin-key.pem 4096
-# Create the signing (csr)
-openssl req -new -sha256 -key ./pem/admin-key.pem -subj "/C=AT/O=Technische Universität Wien/CN=test.dbrepo.tuwien.ac.at" -out ./pem/admin.csr
-# Generate the certificate using the csr and key along with the CA Root key
-openssl x509 -req -in ./pem/admin.csr -CA ./pem/root-ca.pem -CAkey ./pem/root-ca-key.pem -CAcreateserial -out ./pem/admin.pem -days 365 -sha256
-# Create the certificate key
-openssl genrsa -out ./pem/node1-key.pem 4096
-# Create the signing (csr)
-openssl req -new -sha256 -key ./pem/node1-key.pem -subj "/C=AT/O=Technische Universität Wien/CN=test.dbrepo.tuwien.ac.at" -out ./pem/node1.csr
-# Generate the certificate using the csr and key along with the CA Root key
-openssl x509 -req -in ./pem/node1.csr -CA ./pem/root-ca.pem -CAkey ./pem/root-ca-key.pem -CAcreateserial -out ./pem/node1.pem -days 365 -sha256
\ No newline at end of file