From 20a81491aee7db578c7d013d756119e7c0935f17 Mon Sep 17 00:00:00 2001 From: jpotts Date: Sun, 30 Aug 2020 21:04:33 -0500 Subject: [PATCH] Initial population --- .gitignore | 5 + README.md | 28 + ansible.cfg | 4 + copyAlfrescoConfig.yml | 5 + copyAllAlfrescoConfig.yml | 8 + copySolrConfig.yml | 5 + copySolrCoreConfig.yml | 5 + files/alfresco-jmxrmi.access | 2 + files/web-scripts-config-custom.xml | 26 + group_vars/alfresco_dev/vars | 0 group_vars/alfresco_prod/vars | 0 group_vars/alfresco_test/vars | 0 group_vars/all/vars | 96 + group_vars/all/vault | 15 + installActivemq.yml | 6 + installAlfresco.yml | 20 + installSearch.yml | 13 + inventory | 18 + local/README.md | 35 + local/Vagrantfile | 72 + local/provisioning/files/limits.conf | 53 + local/provisioning/files/pg_hba.conf | 90 + local/provisioning/files/sysctl.conf | 43 + local/provisioning/playbook.yml | 73 + .../tasks/doInstallImageMagick.yml | 3 + local/provisioning/tasks/doInstallJava.yml | 9 + .../tasks/doInstallLibreOffice.yml | 3 + .../provisioning/tasks/doInstallPostgres.yml | 17 + removeSolrIndexMetadata.yml | 15 + tasks/doApplyAmps.yml | 6 + tasks/doCopyActivemqConfig.yml | 3 + tasks/doCopyAlfrescoConfig.yml | 15 + tasks/doCopyAmps.yml | 18 + tasks/doCopyGlobalProperties.yml | 3 + tasks/doCopyLDAPConfig.yml | 6 + tasks/doCopyLicense.yml | 3 + tasks/doCopyShareConfig.yml | 6 + tasks/doCopySolrConfig.yml | 12 + tasks/doCopySolrCoreConfig.yml | 18 + tasks/doCopyTomcatConfig.yml | 22 + tasks/doInstallAOS.yml | 12 + tasks/doInstallActivemq.yml | 12 + tasks/doInstallAlfresco.yml | 48 + tasks/doInstallPDFRenderer.yml | 18 + tasks/doInstallSearch.yml | 17 + tasks/doInstallTomcat.yml | 45 + tasks/doSetupDirectories.yml | 17 + templates/activemq-env.j2 | 115 + templates/alfresco-global.properties.j2 | 95 + templates/alfresco-jmxrmi.password.j2 | 2 + templates/bash_profile.j2 | 15 + templates/catalina.sh.j2 | 650 +++ templates/ctl.sh.j2 | 120 + ...ustom-slingshot-application-context.xml.j2 | 10 + templates/server.xml.j2 | 184 + templates/setenv.sh.j2 | 12 + templates/share-config-custom.xml.j2 | 515 ++ templates/shared.properties.j2 | 33 + templates/solr.in.sh.j2 | 135 + templates/solrconfig.xml.alfresco.j2 | 1929 +++++++ templates/solrconfig.xml.archive.j2 | 1929 +++++++ templates/solrcore.properties.alfresco.j2 | 92 + templates/solrcore.properties.archive.j2 | 96 + templates/web.xml.j2 | 4712 +++++++++++++++++ 64 files changed, 11594 insertions(+) create mode 100644 .gitignore create mode 100644 README.md create mode 100644 ansible.cfg create mode 100644 copyAlfrescoConfig.yml create mode 100644 copyAllAlfrescoConfig.yml create mode 100644 copySolrConfig.yml create mode 100644 copySolrCoreConfig.yml create mode 100644 files/alfresco-jmxrmi.access create mode 100644 files/web-scripts-config-custom.xml create mode 100644 group_vars/alfresco_dev/vars create mode 100644 group_vars/alfresco_prod/vars create mode 100644 group_vars/alfresco_test/vars create mode 100644 group_vars/all/vars create mode 100644 group_vars/all/vault create mode 100644 installActivemq.yml create mode 100644 installAlfresco.yml create mode 100644 installSearch.yml create mode 100644 inventory create mode 100644 local/README.md create mode 100644 local/Vagrantfile create mode 100644 local/provisioning/files/limits.conf create mode 100644 local/provisioning/files/pg_hba.conf create mode 100644 local/provisioning/files/sysctl.conf create mode 100644 local/provisioning/playbook.yml create mode 100644 local/provisioning/tasks/doInstallImageMagick.yml create mode 100644 local/provisioning/tasks/doInstallJava.yml create mode 100644 local/provisioning/tasks/doInstallLibreOffice.yml create mode 100644 local/provisioning/tasks/doInstallPostgres.yml create mode 100644 removeSolrIndexMetadata.yml create mode 100644 tasks/doApplyAmps.yml create mode 100644 tasks/doCopyActivemqConfig.yml create mode 100644 tasks/doCopyAlfrescoConfig.yml create mode 100644 tasks/doCopyAmps.yml create mode 100644 tasks/doCopyGlobalProperties.yml create mode 100644 tasks/doCopyLDAPConfig.yml create mode 100644 tasks/doCopyLicense.yml create mode 100644 tasks/doCopyShareConfig.yml create mode 100644 tasks/doCopySolrConfig.yml create mode 100644 tasks/doCopySolrCoreConfig.yml create mode 100644 tasks/doCopyTomcatConfig.yml create mode 100644 tasks/doInstallAOS.yml create mode 100644 tasks/doInstallActivemq.yml create mode 100644 tasks/doInstallAlfresco.yml create mode 100644 tasks/doInstallPDFRenderer.yml create mode 100644 tasks/doInstallSearch.yml create mode 100644 tasks/doInstallTomcat.yml create mode 100644 tasks/doSetupDirectories.yml create mode 100644 templates/activemq-env.j2 create mode 100644 templates/alfresco-global.properties.j2 create mode 100644 templates/alfresco-jmxrmi.password.j2 create mode 100644 templates/bash_profile.j2 create mode 100755 templates/catalina.sh.j2 create mode 100755 templates/ctl.sh.j2 create mode 100644 templates/custom-slingshot-application-context.xml.j2 create mode 100644 templates/server.xml.j2 create mode 100755 templates/setenv.sh.j2 create mode 100644 templates/share-config-custom.xml.j2 create mode 100644 templates/shared.properties.j2 create mode 100644 templates/solr.in.sh.j2 create mode 100644 templates/solrconfig.xml.alfresco.j2 create mode 100644 templates/solrconfig.xml.archive.j2 create mode 100644 templates/solrcore.properties.alfresco.j2 create mode 100644 templates/solrcore.properties.archive.j2 create mode 100644 templates/web.xml.j2 diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..2dfed2d --- /dev/null +++ b/.gitignore @@ -0,0 +1,5 @@ +files/third-party +local/provisioning/files/third-party +local/.vagrant +.vault-passwd + diff --git a/README.md b/README.md new file mode 100644 index 0000000..f683095 --- /dev/null +++ b/README.md @@ -0,0 +1,28 @@ +# Example Ansible Alfresco Setup + +This project is an example of one way to automate Alfresco installation and +configuration management. + +## Setup + +TBD + +### SSH Keys + +TBD + +### Variables + +TBD + +### Managing Secrets Using Ansible Vault + +TBD + +## Installing Alfresco and Search + +TBD + +## Copying Configuration Files + +TBD diff --git a/ansible.cfg b/ansible.cfg new file mode 100644 index 0000000..f85f462 --- /dev/null +++ b/ansible.cfg @@ -0,0 +1,4 @@ +[defaults] +inventory = inventory +vault_password_file = .vault-passwd +remote_tmp = /tmp/.ansible-${USER}/tmp diff --git a/copyAlfrescoConfig.yml b/copyAlfrescoConfig.yml new file mode 100644 index 0000000..2b31f67 --- /dev/null +++ b/copyAlfrescoConfig.yml @@ -0,0 +1,5 @@ +--- +- hosts: '{{ hosts }}' + remote_user: alfresco + tasks: + - include_tasks: tasks/doCopyAlfrescoConfig.yml diff --git a/copyAllAlfrescoConfig.yml b/copyAllAlfrescoConfig.yml new file mode 100644 index 0000000..9560b60 --- /dev/null +++ b/copyAllAlfrescoConfig.yml @@ -0,0 +1,8 @@ +--- +- hosts: '{{ hosts }}' + remote_user: alfresco + tasks: + - include_tasks: tasks/doCopyGlobalProperties.yml + - include_tasks: tasks/doCopyTomcatConfig.yml + - include_tasks: tasks/doCopyShareConfig.yml + - include_tasks: tasks/doCopyAlfrescoConfig.yml diff --git a/copySolrConfig.yml b/copySolrConfig.yml new file mode 100644 index 0000000..2c51d4e --- /dev/null +++ b/copySolrConfig.yml @@ -0,0 +1,5 @@ +--- +- hosts: '{{ hosts }}' + remote_user: alfresco + tasks: + - include_tasks: tasks/doCopySolrConfig.yml diff --git a/copySolrCoreConfig.yml b/copySolrCoreConfig.yml new file mode 100644 index 0000000..2b11f3f --- /dev/null +++ b/copySolrCoreConfig.yml @@ -0,0 +1,5 @@ +--- +- hosts: '{{ hosts }}' + remote_user: alfresco + tasks: + - include_tasks: tasks/doCopySolrCoreConfig.yml diff --git a/files/alfresco-jmxrmi.access b/files/alfresco-jmxrmi.access new file mode 100644 index 0000000..c5aab07 --- /dev/null +++ b/files/alfresco-jmxrmi.access @@ -0,0 +1,2 @@ +monitorRole readonly +controlRole readwrite diff --git a/files/web-scripts-config-custom.xml b/files/web-scripts-config-custom.xml new file mode 100644 index 0000000..0b618d8 --- /dev/null +++ b/files/web-scripts-config-custom.xml @@ -0,0 +1,26 @@ + + + + + + GET + /service/enterprise/admin/.* + + + {token} + {token} + + + + + GET + /s/enterprise/admin/.* + + + {token} + {token} + + + + + diff --git a/group_vars/alfresco_dev/vars b/group_vars/alfresco_dev/vars new file mode 100644 index 0000000..e69de29 diff --git a/group_vars/alfresco_prod/vars b/group_vars/alfresco_prod/vars new file mode 100644 index 0000000..e69de29 diff --git a/group_vars/alfresco_test/vars b/group_vars/alfresco_test/vars new file mode 100644 index 0000000..e69de29 diff --git a/group_vars/all/vars b/group_vars/all/vars new file mode 100644 index 0000000..41c2981 --- /dev/null +++ b/group_vars/all/vars @@ -0,0 +1,96 @@ +alf_home: "/opt/alfresco" +alf_data: "{{ alf_home }}/alf_data" +alf_dir_contentstore: contentstore +alf_dir_contentstore_deleted: contentstore.deleted + +alf_initial_admin_password: "{{ vault_alf_initial_admin_password }}" +alf_context: alfresco +alf_host: 127.0.0.1 +alf_port: 8080 +alf_protocol: http + +share_context: share +share_host: 127.0.0.1 +share_port: 8080 +share_protocol: http + +alf_index_subsystem: solr6 +alf_solr_host: localhost +alf_solr_port: 8983 + +alf_tomcat_protocol: http +alf_tomcat_web_port: 8080 +alf_tomcat_ajp_port: 8009 +alf_tomcat_access_logs_dir: logs +alf_tomcat_catalina_logs_dir: "{{ alf_home }}/tomcat/logs" + +proxy_enabled: false +proxy_host: localhost +proxy_port: 80 +proxy_secure: "false" +proxy_scheme: http + +alf_user: "alfresco" +alf_group: "alfresco" +java_opts_xmx: 15250M + +alf_install_dir: /opt/alfresco-6.2.0 +alf_archive: "alfresco-content-services-community-distribution-6.2.0-ga.zip" +alf_archive_root_dir: "alfresco-content-services-community-distribution-6.2.0-ga" +tomcat_archive: "apache-tomcat-8.5.34.tar.gz" +tomcat_dir: "apache-tomcat-8.5.34" +search_archive: "alfresco-search-services-1.4.0.zip" +search_install_dir: '{{ alf_install_dir }}/alfresco-search-services' + +alf_db_driver: org.postgresql.Driver +alf_db_driver_file: postgresql-42.2.1.jar +alf_db_username: alfresco +alf_db_password: "{{ vault_alf_db_password }}" +alf_db_name: alfresco +alf_db_url: "jdbc:postgresql://localhost:5432/${db.name}" + +alf_java_home: "/usr/java/jdk-11.0.1" + +activemq_archive: "apache-activemq-5.15.6-bin.tar.gz" +activemq_dir: "apache-activemq-5.15.6" +activemq_opts_memory: "-Xms64M -Xmx1G" +activemq_user: "{{ alf_user }}" + +alf_clustering_enabled: false + +alf_notification_email: "false" + +alf_smart_folders_enabled: "false" + +alf_aos_base_url: http://localhost/alfresco/aos + +alf_ftp_port: 2121 + +alf_jmx_monitor_password: "{{ vault_alf_jmx_monitor_password }}" +alf_jmx_control_password: "{{ vault_alf_jmx_control_password }}" + +solr_java_mem: -Xms512m -Xmx512m +solr_port: 8983 +solr_content_dir: "{{ alf_home }}/alfresco-search-services" +solr_home: "{{ alf_home }}/alfresco-search-services/solrhome" +solr_java_home: "/usr/java/jdk-11.0.1" +solr_is_primary: true +solr_is_replica: false +solr_primary_host: localhost +solr_primary_port: 8080 +solr_alfresco_host: localhost +solr_alfresco_ssl_port: 8443 +solr_alfresco_port: 8080 +solr_alfresco_secure_comms: none + +audit_enabled: false +trashcan_cleaner_enabled: false + +mail_host: localhost +mail_from: alfresco.donotreply@alfresco.com + +thumbnails_enabled: true + +transformations_enabled: true + +ssl_enabled: false diff --git a/group_vars/all/vault b/group_vars/all/vault new file mode 100644 index 0000000..eefc17a --- /dev/null +++ b/group_vars/all/vault @@ -0,0 +1,15 @@ +$ANSIBLE_VAULT;1.1;AES256 +32613334373739616138383265313430396331343033643935303932303131643365386539313631 +6365376638343662666164313737393563323734326530360a616131356466306133386239316432 +63323963626233626463386361636266646230383962383238386462356164376561616264323235 +3836323161346131330a663961393932356535623766343031613337666639386264666266353865 +62393637336165306432343039636434333734353930333963313161656338316366653732306666 +37636230313838306166323763626162653862626337313565346137326638616331633765613232 +30656639313933383232383530633765613139393131623139663033613666656661663639393064 +61643936306463393630313036643035636530313835383865663530356231313933326130633139 +62656465373965346565343130323834636339353866653931363938343239643836663436373362 +33623264666564346563333233386639393164633665663965616137623062316637626463323262 +31616236333362646537366230326266643261323632326131343163313966653437643465646530 +64343565303732353532383339396238393034383731396362316237393536623530396166313635 +61363236356131646135613538336230616665663739653861633764366566313935376666653133 +3139376135383136663864656565326663663137343564303739 diff --git a/installActivemq.yml b/installActivemq.yml new file mode 100644 index 0000000..3674ee2 --- /dev/null +++ b/installActivemq.yml @@ -0,0 +1,6 @@ +--- +- hosts: '{{ hosts }}' + remote_user: alfresco + tasks: + - include_tasks: tasks/doInstallActivemq.yml + - include_tasks: tasks/doCopyActivemqConfig.yml diff --git a/installAlfresco.yml b/installAlfresco.yml new file mode 100644 index 0000000..d87a337 --- /dev/null +++ b/installAlfresco.yml @@ -0,0 +1,20 @@ +# +# Installs Alfresco to the specified hosts. +# +# Requires Alfresco distribution archive, Tomcat archive, and AOS archive to +# reside in files/third-party. +# +# Custom AMPs should be placed in files/amps and files/amps_share. +# +# Install location depends on alf_home, alf_install_dir, and tomcat_dir. +# +--- +- hosts: '{{ hosts }}' + remote_user: alfresco + tasks: + - include_tasks: tasks/doInstallTomcat.yml + - include_tasks: tasks/doInstallActivemq.yml + - include_tasks: tasks/doInstallAlfresco.yml + - include_tasks: tasks/doInstallPDFRenderer.yml + - include_tasks: tasks/doCopyAmps.yml + - include_tasks: tasks/doApplyAmps.yml diff --git a/installSearch.yml b/installSearch.yml new file mode 100644 index 0000000..dc87c3f --- /dev/null +++ b/installSearch.yml @@ -0,0 +1,13 @@ +# +# Installs Alfresco Search services to the specified hosts. +# +# Requires alfresco-search-services*.zip to be placed in files/third-party. the +# exact file name is specified in search_archive. +# +# Install location depends on alf_home, alf_install_dir, and search_install_dir. +# +--- +- hosts: '{{ hosts }}' + remote_user: alfresco + tasks: + - include_tasks: tasks/doInstallSearch.yml diff --git a/inventory b/inventory new file mode 100644 index 0000000..fd068de --- /dev/null +++ b/inventory @@ -0,0 +1,18 @@ +[alfresco_local] +192.168.33.10 + +[solr_local] +192.168.33.10 + +[alfresco_dev] + +[solr_dev] + +[alfresco_test] + +[solr_test] + +[alfresco_prod] + +[solr_prod] + diff --git a/local/README.md b/local/README.md new file mode 100644 index 0000000..f8df829 --- /dev/null +++ b/local/README.md @@ -0,0 +1,35 @@ +# Local virtual machine test server setup + +This directory is used to configure and run a local virtual machine as a test +server. This is handy for testing out various Ansible playbooks. The goal is for +the virtual machine to be set up similar to how a barebones server is set up +by the infrastructure team. + +## Pre-requisites + +In addition to Ansible, this setup expects you to have [Vagrant](https://www.vagrantup.com/) +and [VirtualBox](https://www.virtualbox.org/) installed. + +The first time you create the virtual machine, Vagrant will use Ansible to do +some additional configuration. The playbook that does this resides in the +provisioning directory. + +The provisioning playbook will also set up an SSH key for the alfresco user so +that you can ssh without providing a password. The path to the SSH key is +specified as a var in the playbook. + +## Running + +Before running vagrant, if you are using a Python virtual environment for +Ansible, activate the environment. Vagrant will use Ansible to set up the box. + +To start up the virtual machine, run `vagrant up`. + +If you need to connect you can either use `vagrant ssh` or you can SSH as you +normally would using the virtual machine's IP address (see the Vagrantfile). + +To check on the status of the machine, run `vagrant status`. + +To stop the virtual machine, run `vagrant halt`. + +To completely remove the virtual machine, run `vagrant destroy`. diff --git a/local/Vagrantfile b/local/Vagrantfile new file mode 100644 index 0000000..823b09f --- /dev/null +++ b/local/Vagrantfile @@ -0,0 +1,72 @@ +# -*- mode: ruby -*- +# vi: set ft=ruby : + +# All Vagrant configuration is done below. The "2" in Vagrant.configure +# configures the configuration version (we support older styles for +# backwards compatibility). Please don't change it unless you know what +# you're doing. +Vagrant.configure(2) do |config| + # The most common configuration options are documented and commented below. + # For a complete reference, please see the online documentation at + # https://docs.vagrantup.com. + + # Every Vagrant development environment requires a box. You can search for + # boxes at https://vagrantcloud.com/search. + config.vm.box = "centos/7" + + # Disable automatic box update checking. If you disable this, then + # boxes will only be checked for updates when the user runs + # `vagrant box outdated`. This is not recommended. + # config.vm.box_check_update = false + + # Create a forwarded port mapping which allows access to a specific port + # within the machine from a port on the host machine. In the example below, + # accessing "localhost:8080" will access port 80 on the guest machine. + config.vm.network "forwarded_port", guest: 8080, host: 8080 + config.vm.network "forwarded_port", guest: 8443, host: 8443 + config.vm.network "forwarded_port", guest: 8983, host: 8983 + + # Create a private network, which allows host-only access to the machine + # using a specific IP. + config.vm.network "private_network", ip: "192.168.33.10" + + # Create a public network, which generally matched to bridged network. + # Bridged networks make the machine appear as another physical device on + # your network. + # config.vm.network "public_network" + + # Share an additional folder to the guest VM. The first argument is + # the path on the host to the actual folder. The second argument is + # the path on the guest to mount the folder. And the optional third + # argument is a set of non-required options. + # config.vm.synced_folder "../data", "/vagrant_data" + + # Provider-specific configuration so you can fine-tune various + # backing providers for Vagrant. These expose provider-specific options. + # Example for VirtualBox: + # + config.vm.provider "virtualbox" do |vb| + # Display the VirtualBox GUI when booting the machine + #vb.gui = true + + # Customize the amount of memory on the VM: + vb.memory = "4096" + end + # + # View the documentation for the provider you are using for more + # information on available options. + + # Enable provisioning with a shell script. Additional provisioners such as + # Puppet, Chef, Ansible, Salt, and Docker are also available. Please see the + # documentation for more information about their specific syntax and use. + #config.vm.provision "shell", inline: <<-SHELL + # sudo apt-get update + # sudo apt-get install -y apache2 + # SHELL + config.vm.provision "ansible" do |ansible| + ansible.playbook = "provisioning/playbook.yml" + ansible.extra_vars = { ansible_ssh_user: 'vagrant' } + ansible.sudo = true + end + +end diff --git a/local/provisioning/files/limits.conf b/local/provisioning/files/limits.conf new file mode 100644 index 0000000..52bc99f --- /dev/null +++ b/local/provisioning/files/limits.conf @@ -0,0 +1,53 @@ +# /etc/security/limits.conf +# +#Each line describes a limit for a user in the form: +# +# +# +#Where: +# can be: +# - a user name +# - a group name, with @group syntax +# - the wildcard *, for default entry +# - the wildcard %, can be also used with %group syntax, +# for maxlogin limit +# +# can have the two values: +# - "soft" for enforcing the soft limits +# - "hard" for enforcing hard limits +# +# can be one of the following: +# - core - limits the core file size (KB) +# - data - max data size (KB) +# - fsize - maximum filesize (KB) +# - memlock - max locked-in-memory address space (KB) +# - nofile - max number of open file descriptors +# - rss - max resident set size (KB) +# - stack - max stack size (KB) +# - cpu - max CPU time (MIN) +# - nproc - max number of processes +# - as - address space limit (KB) +# - maxlogins - max number of logins for this user +# - maxsyslogins - max number of logins on the system +# - priority - the priority to run user process with +# - locks - max number of file locks the user can hold +# - sigpending - max number of pending signals +# - msgqueue - max memory used by POSIX message queues (bytes) +# - nice - max nice priority allowed to raise to values: [-20, 19] +# - rtprio - max realtime priority +# +# +# + +#* soft core 0 +#* hard rss 10000 +#@student hard nproc 20 +#@faculty soft nproc 20 +#@faculty hard nproc 50 +#ftp hard nproc 0 +#@student - maxlogins 4 +alfresco soft nofile 6000 +alfresco hard nofile 65536 +alfresco soft nproc 4096 +alfresco hard nproc 4096 +# End of file diff --git a/local/provisioning/files/pg_hba.conf b/local/provisioning/files/pg_hba.conf new file mode 100644 index 0000000..8674c49 --- /dev/null +++ b/local/provisioning/files/pg_hba.conf @@ -0,0 +1,90 @@ +# PostgreSQL Client Authentication Configuration File +# =================================================== +# +# Refer to the "Client Authentication" section in the PostgreSQL +# documentation for a complete description of this file. A short +# synopsis follows. +# +# This file controls: which hosts are allowed to connect, how clients +# are authenticated, which PostgreSQL user names they can use, which +# databases they can access. Records take one of these forms: +# +# local DATABASE USER METHOD [OPTIONS] +# host DATABASE USER ADDRESS METHOD [OPTIONS] +# hostssl DATABASE USER ADDRESS METHOD [OPTIONS] +# hostnossl DATABASE USER ADDRESS METHOD [OPTIONS] +# +# (The uppercase items must be replaced by actual values.) +# +# The first field is the connection type: "local" is a Unix-domain +# socket, "host" is either a plain or SSL-encrypted TCP/IP socket, +# "hostssl" is an SSL-encrypted TCP/IP socket, and "hostnossl" is a +# plain TCP/IP socket. +# +# DATABASE can be "all", "sameuser", "samerole", "replication", a +# database name, or a comma-separated list thereof. The "all" +# keyword does not match "replication". Access to replication +# must be enabled in a separate record (see example below). +# +# USER can be "all", a user name, a group name prefixed with "+", or a +# comma-separated list thereof. In both the DATABASE and USER fields +# you can also write a file name prefixed with "@" to include names +# from a separate file. +# +# ADDRESS specifies the set of hosts the record matches. It can be a +# host name, or it is made up of an IP address and a CIDR mask that is +# an integer (between 0 and 32 (IPv4) or 128 (IPv6) inclusive) that +# specifies the number of significant bits in the mask. A host name +# that starts with a dot (.) matches a suffix of the actual host name. +# Alternatively, you can write an IP address and netmask in separate +# columns to specify the set of hosts. Instead of a CIDR-address, you +# can write "samehost" to match any of the server's own IP addresses, +# or "samenet" to match any address in any subnet that the server is +# directly connected to. +# +# METHOD can be "trust", "reject", "md5", "password", "scram-sha-256", +# "gss", "sspi", "ident", "peer", "pam", "ldap", "radius" or "cert". +# Note that "password" sends passwords in clear text; "md5" or +# "scram-sha-256" are preferred since they send encrypted passwords. +# +# OPTIONS are a set of options for the authentication in the format +# NAME=VALUE. The available options depend on the different +# authentication methods -- refer to the "Client Authentication" +# section in the documentation for a list of which options are +# available for which authentication methods. +# +# Database and user names containing spaces, commas, quotes and other +# special characters must be quoted. Quoting one of the keywords +# "all", "sameuser", "samerole" or "replication" makes the name lose +# its special character, and just match a database or username with +# that name. +# +# This file is read on server startup and when the server receives a +# SIGHUP signal. If you edit the file on a running system, you have to +# SIGHUP the server for the changes to take effect, run "pg_ctl reload", +# or execute "SELECT pg_reload_conf()". +# +# Put your actual configuration here +# ---------------------------------- +# +# If you want to allow non-local connections, you need to add more +# "host" records. In that case you will also need to make PostgreSQL +# listen on a non-local interface via the listen_addresses +# configuration parameter, or via the -i or -h command line switches. + + + +# TYPE DATABASE USER ADDRESS METHOD + +# "local" is for Unix domain socket connections only +local all all peer +local all all ident +# IPv4 local connections: +host all all 127.0.0.1/32 trust +# IPv6 local connections: +host all all ::1/128 ident +# Allow replication connections from localhost, by a user with the +# replication privilege. +local replication all peer +host replication all 127.0.0.1/32 ident +host replication all ::1/128 ident diff --git a/local/provisioning/files/sysctl.conf b/local/provisioning/files/sysctl.conf new file mode 100644 index 0000000..0cce7e8 --- /dev/null +++ b/local/provisioning/files/sysctl.conf @@ -0,0 +1,43 @@ +# Kernel sysctl configuration file for Red Hat Linux +# +# For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and +# sysctl.conf(5) for more details. + +# Controls IP packet forwarding +net.ipv4.ip_forward = 0 + +# Controls source route verification +net.ipv4.conf.default.rp_filter = 1 + +# Do not accept source routing +net.ipv4.conf.default.accept_source_route = 0 + +# Controls the System Request debugging functionality of the kernel +kernel.sysrq = 0 + +# Controls whether core dumps will append the PID to the core filename. +# Useful for debugging multi-threaded applications. +kernel.core_uses_pid = 1 + +# Controls the use of TCP syncookies +net.ipv4.tcp_syncookies = 1 + +# Disable netfilter on bridges. +net.bridge.bridge-nf-call-ip6tables = 0 +net.bridge.bridge-nf-call-iptables = 0 +net.bridge.bridge-nf-call-arptables = 0 + +# Controls the default maxmimum size of a mesage queue +kernel.msgmnb = 65536 + +# Controls the maximum size of a message, in bytes +kernel.msgmax = 65536 + +# Controls the maximum shared segment size, in bytes +kernel.shmmax = 68719476736 + +# Controls the maximum number of shared memory segments, in pages +kernel.shmall = 4294967296 + +fs.file-max=10000 +vm.max_map_count=262144 diff --git a/local/provisioning/playbook.yml b/local/provisioning/playbook.yml new file mode 100644 index 0000000..efd98ef --- /dev/null +++ b/local/provisioning/playbook.yml @@ -0,0 +1,73 @@ +--- +- hosts: all + + vars: + alf_user: "alfresco" + alf_group: "alfresco" + pub_ssh_key: "/home/jpotts/.ssh/id_rsa.pub" + + tasks: + - name: Install selinux bindings + yum: name=libselinux-python state=present + + - name: Install net-tools + yum: name=net-tools state=present + + - name: Install lsof + yum: name=lsof state=present + + - name: Install unzip + yum: name=unzip state=present + + - name: Create {{ alf_group }} group + user: name={{ alf_group }} + + - name: Create {{ alf_user }} user + user: name={{ alf_user }} shell=/bin/bash group={{ alf_group }} + + - name: Add key to {{ alf_user }}'s authorized keys + authorized_key: user={{ alf_user }} key="{{ lookup('file', pub_ssh_key) }}" + + - name: Create /app directory + file: dest=/app mode=755 owner={{ alf_user }} group={{ alf_group }} state=directory + + - name: Install iptables-services + yum: + name: iptables-services + state: present + +# - name: Get iptables rules +# shell: iptables -L +# register: iptablesrules +# changed_when: false +# become: true + +# - name: Add port 8080 iptable rule +# command: /sbin/iptables -I INPUT 1 -p tcp --dport 8080 -j ACCEPT -m comment --comment "Tomcat HTTP" +# become: true +# when: iptablesrules.stdout.find("Tomcat HTTP") == -1 + +# - name: Add port 8443 iptable rule +# command: /sbin/iptables -I INPUT 1 -p tcp --dport 8443 -j ACCEPT -m comment --comment "Tomcat HTTPS" +# become: true +# when: iptablesrules.stdout.find("Tomcat HTTPS") == -1 + +# - name: save iptables +# shell: iptables-save > /etc/sysconfig/iptables +# become: true + +# - name: restart iptables +# service: name=iptables state=restarted +# become: true + + - name: Copy limits.conf to set open file limits + copy: src=files/limits.conf dest=/etc/security/limits.conf + + - name: Copy sysctl.conf + copy: src=files/sysctl.conf dest=/etc/sysctl.conf + + - include_tasks: tasks/doInstallImageMagick.yml + - include_tasks: tasks/doInstallLibreOffice.yml + - include_tasks: tasks/doInstallJava.yml + - include_tasks: tasks/doInstallPostgres.yml + diff --git a/local/provisioning/tasks/doInstallImageMagick.yml b/local/provisioning/tasks/doInstallImageMagick.yml new file mode 100644 index 0000000..b4a19c2 --- /dev/null +++ b/local/provisioning/tasks/doInstallImageMagick.yml @@ -0,0 +1,3 @@ +--- +- name: Install ImageMagick + yum: name=ImageMagick state=present diff --git a/local/provisioning/tasks/doInstallJava.yml b/local/provisioning/tasks/doInstallJava.yml new file mode 100644 index 0000000..dadb871 --- /dev/null +++ b/local/provisioning/tasks/doInstallJava.yml @@ -0,0 +1,9 @@ +--- +- name: Make Java directory + file: path=/usr/java state=directory + +- name: Copy Java distribution + copy: src=files/third-party/openjdk-11.0.1_linux-x64_bin.tar.gz dest=/tmp/openjdk.tar.gz + +- name: Unzip Java distribution + unarchive: src=/tmp/openjdk.tar.gz dest=/usr/java copy=no diff --git a/local/provisioning/tasks/doInstallLibreOffice.yml b/local/provisioning/tasks/doInstallLibreOffice.yml new file mode 100644 index 0000000..96acd29 --- /dev/null +++ b/local/provisioning/tasks/doInstallLibreOffice.yml @@ -0,0 +1,3 @@ +--- +- name: Install LibreOffice Core + yum: name=libreoffice-core state=present diff --git a/local/provisioning/tasks/doInstallPostgres.yml b/local/provisioning/tasks/doInstallPostgres.yml new file mode 100644 index 0000000..f03743c --- /dev/null +++ b/local/provisioning/tasks/doInstallPostgres.yml @@ -0,0 +1,17 @@ +--- +- name: Add PostgreSQL RPM + yum_repository: + name: PostgreSQL + description: PostgreSQL + baseurl: https://download.postgresql.org/pub/repos/^Cm/reporpms/EL-7-x86_64/pgdg-redhat-repo-latest.noarch.rpm + +- name: Add postgresql + yum: name=postgresql10-server state=present + +- name: Initialize the Database + command: /usr/pgsql-10/bin/postgresql-10-setup initdb + args: + creates: /var/lib/pgsql/10/data + +- name: Copy pg_hba.conf + copy: src=files/pg_hba.conf dest=/var/lib/pgsql/10/data diff --git a/removeSolrIndexMetadata.yml b/removeSolrIndexMetadata.yml new file mode 100644 index 0000000..5c5ec6a --- /dev/null +++ b/removeSolrIndexMetadata.yml @@ -0,0 +1,15 @@ +--- +- hosts: '{{ hosts }}' + remote_user: alfresco + tasks: + - name: Remove index from alfresco core + file: path={{ solr_home }}/alfresco/index state=absent + + - name: Remove snapshot_metadata from alfresco core + file: path={{ solr_home }}/alfresco/snapshot_metadata state=absent + + - name: Remove index from archive core + file: path={{ solr_home }}/archive/index state=absent + + - name: Remove snapshot_metadata from archive core + file: path={{ solr_home }}/archive/snapshot_metadata state=absent diff --git a/tasks/doApplyAmps.yml b/tasks/doApplyAmps.yml new file mode 100644 index 0000000..b6b1a81 --- /dev/null +++ b/tasks/doApplyAmps.yml @@ -0,0 +1,6 @@ +--- +- name: Run Alfresco MMT to install repo tier AMPs + shell: 'java -jar {{ alf_home }}/bin/alfresco-mmt*.jar install {{ alf_home }}/amps {{ alf_home }}/{{ tomcat_dir }}/webapps/alfresco.war -directory -nobackup -force' + +- name: Run Alfresco MMT to install Share tier AMPs + shell: 'java -jar {{ alf_home }}/bin/alfresco-mmt*.jar install {{ alf_home }}/amps_share {{ alf_home }}/{{ tomcat_dir }}/webapps/share.war -directory -nobackup -force' diff --git a/tasks/doCopyActivemqConfig.yml b/tasks/doCopyActivemqConfig.yml new file mode 100644 index 0000000..4daaa01 --- /dev/null +++ b/tasks/doCopyActivemqConfig.yml @@ -0,0 +1,3 @@ +--- +- name: Copy ActiveMQ env config + template: src=templates/activemq-env.j2 dest={{ alf_home }}/{{ activemq_dir }}/bin/env diff --git a/tasks/doCopyAlfrescoConfig.yml b/tasks/doCopyAlfrescoConfig.yml new file mode 100644 index 0000000..e1ae1c8 --- /dev/null +++ b/tasks/doCopyAlfrescoConfig.yml @@ -0,0 +1,15 @@ +--- +- name: Copy Bash Profile + template: src=templates/bash_profile.j2 dest=/home/{{ alf_user }}/.bash_profile + +- name: Create alfresco-jmx directory + file: dest={{ alf_home }}/tomcat/shared/classes/alfresco/extension/alfresco-jmx state=directory + +- name: Copy JMX access + copy: src=files/alfresco-jmxrmi.access dest={{ alf_home }}/tomcat/shared/classes/alfresco/extension/alfresco-jmx/alfresco-jmxrmi.access + +- name: Copy JMX access password + template: src=templates/alfresco-jmxrmi.password.j2 dest={{ alf_home }}/tomcat/shared/classes/alfresco/extension/alfresco-jmx/alfresco-jmxrmi.password + +- name: Copy Web Scripts Config + copy: src=files/web-scripts-config-custom.xml dest={{ alf_home }}/tomcat/shared/classes/alfresco/extension/ diff --git a/tasks/doCopyAmps.yml b/tasks/doCopyAmps.yml new file mode 100644 index 0000000..221e196 --- /dev/null +++ b/tasks/doCopyAmps.yml @@ -0,0 +1,18 @@ +--- +- name: Create amps directory + file: path='{{ alf_home }}/amps' state=directory + +- name: Create amps_share directory + file: path='{{ alf_home }}/amps_share' state=directory + +- name: Copy repository tier amps + copy: + src: "{{ item }}" + dest: '{{ alf_home }}/amps' + with_fileglob: "files/third-party/amps/*" + +- name: Copy Share tier amps + copy: + src: "{{ item }}" + dest: '{{ alf_home }}/amps_share' + with_fileglob: "files/third-party/amps_share/*" diff --git a/tasks/doCopyGlobalProperties.yml b/tasks/doCopyGlobalProperties.yml new file mode 100644 index 0000000..3509531 --- /dev/null +++ b/tasks/doCopyGlobalProperties.yml @@ -0,0 +1,3 @@ +--- +- name: Copy alfresco global properties file + template: src=templates/alfresco-global.properties.j2 dest={{ alf_home }}/tomcat/shared/classes/alfresco-global.properties diff --git a/tasks/doCopyLDAPConfig.yml b/tasks/doCopyLDAPConfig.yml new file mode 100644 index 0000000..1c4298f --- /dev/null +++ b/tasks/doCopyLDAPConfig.yml @@ -0,0 +1,6 @@ +--- +- name: Create LDAP Config directory (ldap1) + file: dest={{ alf_home }}/tomcat/shared/classes/alfresco/extension/subsystems/Authentication/ldap/ldap1 state=directory + +- name: Copy LDAP Config (ldap1) + template: src=templates/ldap-authentication.properties.ldap1.j2 dest={{ alf_home }}/tomcat/shared/classes/alfresco/extension/subsystems/Authentication/ldap/ldap1/ldap-authentication.properties diff --git a/tasks/doCopyLicense.yml b/tasks/doCopyLicense.yml new file mode 100644 index 0000000..832b8a1 --- /dev/null +++ b/tasks/doCopyLicense.yml @@ -0,0 +1,3 @@ +--- +- name: Copy license file + copy: src=files/{{ alf_license_file }} dest={{ alf_home }} diff --git a/tasks/doCopyShareConfig.yml b/tasks/doCopyShareConfig.yml new file mode 100644 index 0000000..040de04 --- /dev/null +++ b/tasks/doCopyShareConfig.yml @@ -0,0 +1,6 @@ +--- +- name: Copy Share Config Custom + template: src=templates/share-config-custom.xml.j2 dest={{ alf_home }}/tomcat/shared/classes/alfresco/web-extension/share-config-custom.xml + +- name: Copy slingshot app context + template: src=templates/custom-slingshot-application-context.xml.j2 dest={{ alf_home }}/tomcat/shared/classes/alfresco/web-extension/custom-slingshot-application-context.xml diff --git a/tasks/doCopySolrConfig.yml b/tasks/doCopySolrConfig.yml new file mode 100644 index 0000000..04b0c50 --- /dev/null +++ b/tasks/doCopySolrConfig.yml @@ -0,0 +1,12 @@ +--- +- name: Copy Bash Profile + template: src=templates/bash_profile.j2 dest=/home/{{ alf_user }}/.bash_profile + +- name: Copy SOLR Shared Properties + template: src=templates/shared.properties.j2 dest={{ alf_home }}/alfresco-search-services/solrhome/conf/shared.properties + +- name: Copy SOLR Script + template: src=templates/solr.in.sh.j2 dest={{ alf_home }}/alfresco-search-services/solr.in.sh + +- name: Create data directory + file: path={{ solr_content_dir }} state=directory diff --git a/tasks/doCopySolrCoreConfig.yml b/tasks/doCopySolrCoreConfig.yml new file mode 100644 index 0000000..441a571 --- /dev/null +++ b/tasks/doCopySolrCoreConfig.yml @@ -0,0 +1,18 @@ +--- +- name: Copy Alfresco solrcore.properties + template: src=templates/solrcore.properties.alfresco.j2 dest={{ solr_home }}/alfresco/conf/solrcore.properties + +- name: Copy Archive solrcore.properties + template: src=templates/solrcore.properties.archive.j2 dest={{ solr_home }}/archive/conf/solrcore.properties + +- name: Copy Alfresco solrconfig.xml + template: src=templates/solrconfig.xml.alfresco.j2 dest={{ solr_home }}/alfresco/conf/solrconfig.xml + +- name: Copy Archive solrconfig.xml + template: src=templates/solrconfig.xml.archive.j2 dest={{ solr_home }}/archive/conf/solrconfig.xml + +#- name: Copy Alfresco solr truststore +# copy: src=files/ssl.repo.client.truststore dest={{ solr_home }}/alfresco/conf/ssl.repo.client.truststore + +#- name: Copy Archive solr truststore +# copy: src=files/ssl.repo.client.truststore dest={{ solr_home }}/archive/conf/ssl.repo.client.truststore diff --git a/tasks/doCopyTomcatConfig.yml b/tasks/doCopyTomcatConfig.yml new file mode 100644 index 0000000..7a75f54 --- /dev/null +++ b/tasks/doCopyTomcatConfig.yml @@ -0,0 +1,22 @@ +--- +- name: Copy Oracle JDBC driver + copy: src=files/third-party/{{ alf_db_driver_file }} dest={{ alf_home }}/tomcat/lib + +- name: Copy Tomcat catalina.sh + template: src=templates/catalina.sh.j2 dest={{ alf_home }}/tomcat/bin/catalina.sh + +- name: Copy Tomcat setenv.sh + template: src=templates/setenv.sh.j2 dest={{ alf_home }}/tomcat/bin/setenv.sh + +- name: Copy Tomcat ctl.sh + template: src=templates/ctl.sh.j2 dest={{ alf_home }}/tomcat/scripts/ctl.sh + +- name: Copy Tomcat server.xml + template: src=templates/server.xml.j2 dest={{ alf_home }}/tomcat/conf/server.xml + +- name: Copy web.xml + template: src=templates/web.xml.j2 dest={{ alf_home }}/tomcat/conf/web.xml + +- name: Copy keystore with server-specific cert + copy: src=files/certs/{{ ansible_hostname }}.jks dest={{ alf_home }}/alf_data/keystore/ + when: ssl_enabled diff --git a/tasks/doInstallAOS.yml b/tasks/doInstallAOS.yml new file mode 100644 index 0000000..286b1b3 --- /dev/null +++ b/tasks/doInstallAOS.yml @@ -0,0 +1,12 @@ +--- +- name: Create Alfresco AOS dist directory to hold unarchived distribution files + file: path={{ alf_home }}/dist/aos state=directory + +- name: Copy Alfresco AOS distribution archive + copy: src=files/third-party/{{ aos_archive }} dest=/tmp/ + +- name: Extract Alfresco archive + unarchive: src=/tmp/{{ aos_archive }} dest={{ alf_home }}/dist/aos copy=no + +- name: Copy AOS AMP + shell: 'cp {{ alf_home }}/dist/aos/*.amp {{ alf_home }}/amps/' diff --git a/tasks/doInstallActivemq.yml b/tasks/doInstallActivemq.yml new file mode 100644 index 0000000..9419c93 --- /dev/null +++ b/tasks/doInstallActivemq.yml @@ -0,0 +1,12 @@ +--- +- name: Copy ActiveMQ archive + copy: src=files/third-party/{{ activemq_archive }} dest=/tmp/ + +- name: Create ActiveMQ folder + file: path={{ alf_home }}/{{ activemq_dir }} state=directory + +- name: Extract ActiveMQ archive + unarchive: src=/tmp/{{ activemq_archive }} dest={{ alf_home }} copy=no + +- name: Create a symlink for the ActiveMQ install dir + file: src={{ alf_home }}/{{ activemq_dir }} dest={{ alf_home }}/activemq state=link diff --git a/tasks/doInstallAlfresco.yml b/tasks/doInstallAlfresco.yml new file mode 100644 index 0000000..442a255 --- /dev/null +++ b/tasks/doInstallAlfresco.yml @@ -0,0 +1,48 @@ +--- +- name: Create Alfresco dist directory to hold unarchived distribution files + file: path={{ alf_home }}/dist state=directory + +- name: Create amps directory + file: path={{ alf_home }}/amps state=directory + +- name: Create amps_share directory + file: path={{ alf_home }}/amps_share state=directory + +- name: Create platform modules directory + file: path={{ alf_home }}/modules/platform state=directory + +- name: Create share modules directory + file: path={{ alf_home }}/modules/share state=directory + +- name: Create bin directory + file: path={{ alf_home }}/bin state=directory + +- name: Create alf_data directory + file: path={{ alf_data }} state=directory + +- name: Copy Alfresco distribution archive + copy: src=files/third-party/{{ alf_archive }} dest=/tmp/ + +- name: Extract Alfresco archive + unarchive: src=/tmp/{{ alf_archive }} dest={{ alf_home }}/dist copy=no + +- name: Copy Share Services AMP + shell: 'cp {{ alf_home }}/dist/{{ alf_archive_root_dir }}/amps/alfresco-share-services.amp {{ alf_home }}/amps/' + +- name: Copy bin files + shell: 'for f in {{ alf_home }}/dist/{{ alf_archive_root_dir }}/bin/*; do cp $f {{ alf_home }}/bin/; done' + +- name: Make Alfresco scripts user executable + file: dest="{{ alf_home }}/bin/{{ item }}" mode=u+x + with_items: + - apply_amps.sh + - clean_tomcat.sh + +- name: Copy Tomcat conf, lib, shared, and webapps files + shell: 'for f in {{ alf_home }}/dist/{{ alf_archive_root_dir }}/web-server/*; do cp -R $f {{ alf_home }}/{{ tomcat_dir }}/; done' + +- name: Copy database driver into Tomcat lib + copy: src=files/third-party/{{ alf_db_driver_file }} dest={{ alf_home }}/{{ tomcat_dir }}/lib/ + +- name: Copy Alfresco keystore directory into alf_data + shell: 'cp -R {{ alf_home }}/dist/{{ alf_archive_root_dir }}/alf_data/keystore {{ alf_data }}/' diff --git a/tasks/doInstallPDFRenderer.yml b/tasks/doInstallPDFRenderer.yml new file mode 100644 index 0000000..5efcfd0 --- /dev/null +++ b/tasks/doInstallPDFRenderer.yml @@ -0,0 +1,18 @@ +--- +- name: Create Alfresco dist directory to hold unarchived distribution files + file: path={{ alf_home }}/dist state=directory + +- name: Copy Alfresco distribution archive + copy: src=files/third-party/{{ alf_archive }} dest=/tmp/ + +- name: Extract Alfresco archive + unarchive: src=/tmp/{{ alf_archive }} dest={{ alf_home }}/dist copy=no + +- name: Create Alfresco common directory + file: path={{ alf_home }}/common state=directory + +- name: Extract PDF Renderer + unarchive: + src: '{{ alf_home }}/dist/{{ alf_archive_root_dir }}/alfresco-pdf-renderer/alfresco-pdf-renderer-1.1-linux.tgz' + dest: '{{ alf_home }}/common' + copy: no diff --git a/tasks/doInstallSearch.yml b/tasks/doInstallSearch.yml new file mode 100644 index 0000000..7395c3d --- /dev/null +++ b/tasks/doInstallSearch.yml @@ -0,0 +1,17 @@ +--- +- name: Copy Alfresco Search Services distribution archive + copy: src=files/third-party/{{ search_archive }} dest=/tmp/ + +- stat: + path: '{{ search_install_dir }}' + register: p + +- fail: + msg: Search install directory already exists. Delete or rename it before continuing. + when: p.stat.exists + +- name: Create search install directory + file: path={{ search_install_dir }} state=directory + +- name: Extract Alfresco archive + unarchive: src=/tmp/{{ search_archive }} dest={{ alf_home }} copy=no diff --git a/tasks/doInstallTomcat.yml b/tasks/doInstallTomcat.yml new file mode 100644 index 0000000..7521f80 --- /dev/null +++ b/tasks/doInstallTomcat.yml @@ -0,0 +1,45 @@ +--- +- name: Create Alfresco home + file: path={{ alf_home }} state=directory + +- name: Copy Tomcat archive + copy: src=files/third-party/{{ tomcat_archive }} dest=/tmp/ + +- name: Create Tomcat folder + file: path={{ alf_home }}/{{ tomcat_dir }} state=directory + +- name: Extract Tomcat archive + unarchive: src=/tmp/{{ tomcat_archive }} dest={{ alf_home }} copy=no + +- name: Create a symlink for the Tomcat install dir + file: src={{ alf_home }}/{{ tomcat_dir }} dest={{ alf_home }}/tomcat state=link + +- name: Delete docs webapp + file: path={{ alf_home }}/{{ tomcat_dir }}/webapps/docs state=absent + +- name: Delete examples webapp + file: path={{ alf_home }}/{{ tomcat_dir }}/webapps/examples state=absent + +- name: Delete host-manager webapp + file: path={{ alf_home }}/{{ tomcat_dir }}/webapps/host-manager state=absent + +- name: Delete manager webapp + file: path={{ alf_home }}/{{ tomcat_dir }}/webapps/manager state=absent + +- name: Delete ROOT webapp + file: path={{ alf_home }}/{{ tomcat_dir }}/webapps/ROOT state=absent + +- name: Create shared loader classes directory + file: path={{ alf_home }}/{{ tomcat_dir }}/shared/classes state=directory + +- name: Create shared loader lib directory + file: path={{ alf_home }}/{{ tomcat_dir }}/shared/lib state=directory + +- name: Configure shared class loader + replace: + path: '{{ alf_home }}/{{ tomcat_dir }}/conf/catalina.properties' + regexp: 'shared.loader=' + replace: 'shared.loader=${catalina.base}/shared/classes/' + +- name: Create Tomcat scripts directory (used by old Alfresco releases) + file: path={{ alf_home }}/{{tomcat_dir }}/scripts state=directory diff --git a/tasks/doSetupDirectories.yml b/tasks/doSetupDirectories.yml new file mode 100644 index 0000000..07a8f35 --- /dev/null +++ b/tasks/doSetupDirectories.yml @@ -0,0 +1,17 @@ +--- +- stat: + path: '{{ alf_home }}' + register: sym + +- fail: + msg: Alfresco home must be a symbolic link or must not exist + when: sym.stat.islnk is defined and sym.stat.islnk == False + +- name: Remove previous Alfresco home link + file: path={{ alf_home }} state=absent + +- name: Create base Alfresco install directory + file: path={{ alf_install_dir }} state=directory + +- name: Create a symlink that points Alfresco home at the install directory + file: src={{ alf_install_dir }} dest={{ alf_home }} state=link diff --git a/templates/activemq-env.j2 b/templates/activemq-env.j2 new file mode 100644 index 0000000..a45a9d8 --- /dev/null +++ b/templates/activemq-env.j2 @@ -0,0 +1,115 @@ +#!/bin/sh +# ------------------------------------------------------------------------ +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ------------------------------------------------------------------------ +# +# Configuration file for running Apache Active MQ as standalone provider. +# +# This file overwrites the predefined settings of the sysv init-script. +# You can also use alternate location for default settings - +# invoke the init-script without a argument an review help section "Configuration of this script" +# /etc/default/activemq /.activemqrc /bin/env + +# Active MQ installation dirs +# ACTIVEMQ_HOME="/" +# ACTIVEMQ_BASE="$ACTIVEMQ_HOME" +# ACTIVEMQ_CONF="$ACTIVEMQ_BASE/conf" +# ACTIVEMQ_DATA="$ACTIVEMQ_BASE/data" +# ACTIVEMQ_TMP="$ACTIVEMQ_BASE/tmp" + +# Set jvm memory configuration (minimal/maximum amount of memory) +ACTIVEMQ_OPTS_MEMORY="{{ activemq_opts_memory }}" + +if [ -z "$ACTIVEMQ_OPTS" ] ; then + ACTIVEMQ_OPTS="$ACTIVEMQ_OPTS_MEMORY -Djava.util.logging.config.file=logging.properties -Djava.security.auth.login.config=$ACTIVEMQ_CONF/login.config" +fi + +if [ -z "$ACTIVEMQ_OUT" ]; then + ACTIVEMQ_OUT="/dev/null" +fi + +# Uncomment to enable audit logging +#ACTIVEMQ_OPTS="$ACTIVEMQ_OPTS -Dorg.apache.activemq.audit=true" + +# Set jvm jmx configuration +# This enables jmx access over a configured jmx-tcp-port. +# You have to configure the first four settings if you run a ibm jvm, caused by the +# fact that IBM's jvm does not support VirtualMachine.attach(PID). +# JMX access is needed for quering a running activemq instance to gain data or to +# trigger management operations. +# +# Example for ${ACTIVEMQ_CONF}/jmx.access: +# --- +# # The "monitorRole" role has readonly access. +# # The "controlRole" role has readwrite access. +# monitorRole readonly +# controlRole readwrite +# --- +# +# Example for ${ACTIVEMQ_CONF}/jmx.password: +# --- +# # The "monitorRole" role has password "abc123". +# # # The "controlRole" role has password "abcd1234". +# monitorRole abc123 +# controlRole abcd1234 +# --- +# +# ACTIVEMQ_SUNJMX_START="$ACTIVEMQ_SUNJMX_START -Dcom.sun.management.jmxremote.port=11099 " +# ACTIVEMQ_SUNJMX_START="$ACTIVEMQ_SUNJMX_START -Dcom.sun.management.jmxremote.password.file=${ACTIVEMQ_CONF}/jmx.password" +# ACTIVEMQ_SUNJMX_START="$ACTIVEMQ_SUNJMX_START -Dcom.sun.management.jmxremote.access.file=${ACTIVEMQ_CONF}/jmx.access" +# ACTIVEMQ_SUNJMX_START="$ACTIVEMQ_SUNJMX_START -Dcom.sun.management.jmxremote.ssl=false" +ACTIVEMQ_SUNJMX_START="$ACTIVEMQ_SUNJMX_START -Dcom.sun.management.jmxremote" + +# Set jvm jmx configuration for controlling the broker process +# You only have to configure the first four settings if you run a ibm jvm, caused by the +# fact that IBM's jvm does not support VirtualMachine.attach(PID) +# (see also com.sun.management.jmxremote.port, .jmx.password.file and .jmx.access.file ) +#ACTIVEMQ_SUNJMX_CONTROL="--jmxurl service:jmx:rmi:///jndi/rmi://127.0.0.1:1099/jmxrmi --jmxuser controlRole --jmxpassword abcd1234" +ACTIVEMQ_SUNJMX_CONTROL="" + +# Specify the queue manager URL for using "browse" option of sysv initscript +if [ -z "$ACTIVEMQ_QUEUEMANAGERURL" ]; then + ACTIVEMQ_QUEUEMANAGERURL="--amqurl tcp://localhost:61616" +fi + +# Set additional JSE arguments +if [ -z "$ACTIVEMQ_SSL_OPTS" ] ; then + #ACTIVEMQ_SSL_OPTS="-Djava.security.properties=$ACTIVEMQ_CONF/java.security" + ACTIVEMQ_SSL_OPTS="" +fi + +# Uncomment to enable remote debugging +#ACTIVEMQ_DEBUG_OPTS="-Xdebug -Xnoagent -Djava.compiler=NONE -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=5005" + +# ActiveMQ tries to shutdown the broker by jmx, +# after a specified number of seconds send SIGKILL +if [ -z "$ACTIVEMQ_KILL_MAXSECONDS" ]; then + ACTIVEMQ_KILL_MAXSECONDS=30 +fi + +# Configure a user with non root privileges, if no user is specified do not change user +# (the entire activemq installation should be owned by this user) +ACTIVEMQ_USER="{{ activemq_user }}" + +# location of the pidfile +# ACTIVEMQ_PIDFILE="$ACTIVEMQ_DATA/activemq.pid" + +# Location of the java installation +# Specify the location of your java installation using JAVA_HOME, or specify the +# path to the "java" binary using JAVACMD +# (set JAVACMD to "auto" for automatic detection) +JAVA_HOME="{{ alf_java_home }}" +#JAVACMD="auto" diff --git a/templates/alfresco-global.properties.j2 b/templates/alfresco-global.properties.j2 new file mode 100644 index 0000000..8a8ae71 --- /dev/null +++ b/templates/alfresco-global.properties.j2 @@ -0,0 +1,95 @@ + +dir.root={{ alf_home }}/alf_data + +### Host Configuration ### +alfresco.context={{ alf_context }} +alfresco.host={{ alf_host }} +alfresco.port={{ alf_port }} +alfresco.protocol={{ alf_protocol }} +share.context={{ share_context }} +share.host={{ share_host }} +share.port={{ share_port }} +share.protocol={{ share_protocol }} + +### database connection properties ### +db.driver={{ alf_db_driver }} +db.username={{ alf_db_username }} +db.password={{ alf_db_password }} +db.name={{ alf_db_name }} +db.url={{ alf_db_url }} +# Note: your database must also be able to accept at least this many connections. Please see your database documentation for instructions on how to configure this. +db.pool.max=275 +db.pool.validate.query= + +# The server mode. Set value here +# UNKNOWN | TEST | BACKUP | PRODUCTION +system.serverMode=UNKNOWN + +### FTP Server Configuration ### +ftp.port={{ alf_ftp_port }} + +### RMI registry port for JMX ### +alfresco.rmi.services.port=50500 +alfresco.rmi.services.host={{ ansible_hostname }} +monitor.rmi.service.port=50501 +alfresco.jmx.connector.enabled=true +alfresco.jmx.dir={{ alf_home }}/tomcat/shared/classes/alfresco/extension/alfresco-jmx + +### External executable locations ### +ooo.exe=/bin/soffice.bin +ooo.enabled=true +ooo.port=8100 +img.root=/ +img.dyn=/lib +img.exe=/bin/convert +alfresco-pdf-renderer.root={{ alf_home }}/common/alfresco-pdf-renderer +alfresco-pdf-renderer.exe=${alfresco-pdf-renderer.root}/alfresco-pdf-renderer + +jodconverter.enabled=true +jodconverter.officeHome={{ alf_home }}/libreoffice +jodconverter.portNumbers=8100 + +### Initial admin password ### +alfresco_user_store.adminpassword={{ alf_initial_admin_password }} + +### E-mail site invitation setting ### +notification.email.siteinvite={{ alf_notification_email }} + +### Outbound mail settings ### +mail.host={{ mail_host }} +mail.from.default={{ mail_from }} +mail.from.enabled=false + +### License location ### +dir.license.external={{ alf_home }} + +### Solr indexing ### +index.subsystem.name={{ alf_index_subsystem }} +dir.keystore=${dir.root}/keystore +solr.host={{ alf_solr_host }} +solr.protocol=http +solr.secureComms=none +solr.port={{ alf_solr_port }} +solr.baseUrl=/solr + +### Smart Folders Config Properties ### +smart.folders.enabled={{ alf_smart_folders_enabled }} + +aos.baseUrlOverwrite={{ alf_aos_base_url }} + +{% if audit_enabled %} +### Audit Service Settings ### +audit.enabled=true +audit.alfresco-access.enabled=true +audit.alfresco-access.sub-actions.enabled=false + +{% endif %} + +### Alfresco Cloud Sync ### +sync.mode=OFF + +### Alfresco Transormation Service Settings ### + +transform.service.enabled=true +local.transform.service.enabled=false +legacy.transform.service.enabled=true diff --git a/templates/alfresco-jmxrmi.password.j2 b/templates/alfresco-jmxrmi.password.j2 new file mode 100644 index 0000000..4257673 --- /dev/null +++ b/templates/alfresco-jmxrmi.password.j2 @@ -0,0 +1,2 @@ +monitorRole {{ alf_jmx_monitor_password }} +controlRole {{ alf_jmx_control_password }} diff --git a/templates/bash_profile.j2 b/templates/bash_profile.j2 new file mode 100644 index 0000000..4b7fd96 --- /dev/null +++ b/templates/bash_profile.j2 @@ -0,0 +1,15 @@ +# .bash_profile + +# Get the aliases and functions +if [ -f ~/.bashrc ]; then + . ~/.bashrc +fi + +# User specific environment and startup programs + +PATH=$PATH:/usr/sbin:/sbin:$HOME/bin +JAVA_HOME={{ alf_java_home }} +PATH=$JAVA_HOME/bin:$PATH + +export PATH +export JAVA_HOME diff --git a/templates/catalina.sh.j2 b/templates/catalina.sh.j2 new file mode 100755 index 0000000..163166b --- /dev/null +++ b/templates/catalina.sh.j2 @@ -0,0 +1,650 @@ +#!/bin/sh + +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# ----------------------------------------------------------------------------- +# Control Script for the CATALINA Server +# +# Environment Variable Prerequisites +# +# Do not set the variables in this script. Instead put them into a script +# setenv.sh in CATALINA_BASE/bin to keep your customizations separate. +# +# CATALINA_HOME May point at your Catalina "build" directory. +# +# CATALINA_BASE (Optional) Base directory for resolving dynamic portions +# of a Catalina installation. If not present, resolves to +# the same directory that CATALINA_HOME points to. +# +# CATALINA_OUT (Optional) Full path to a file where stdout and stderr +# will be redirected. +# Default is $CATALINA_BASE/logs/catalina.out +# +# CATALINA_OPTS (Optional) Java runtime options used when the "start", +# "run" or "debug" command is executed. +# Include here and not in JAVA_OPTS all options, that should +# only be used by Tomcat itself, not by the stop process, +# the version command etc. +# Examples are heap size, GC logging, JMX ports etc. +# +# CATALINA_TMPDIR (Optional) Directory path location of temporary directory +# the JVM should use (java.io.tmpdir). Defaults to +# $CATALINA_BASE/temp. +# +# JAVA_HOME Must point at your Java Development Kit installation. +# Required to run the with the "debug" argument. +# +# JRE_HOME Must point at your Java Runtime installation. +# Defaults to JAVA_HOME if empty. If JRE_HOME and JAVA_HOME +# are both set, JRE_HOME is used. +# +# JAVA_OPTS (Optional) Java runtime options used when any command +# is executed. +# Include here and not in CATALINA_OPTS all options, that +# should be used by Tomcat and also by the stop process, +# the version command etc. +# Most options should go into CATALINA_OPTS. +# +# JAVA_ENDORSED_DIRS (Optional) Lists of of colon separated directories +# containing some jars in order to allow replacement of APIs +# created outside of the JCP (i.e. DOM and SAX from W3C). +# It can also be used to update the XML parser implementation. +# This is only supported for Java <= 8. +# Defaults to $CATALINA_HOME/endorsed. +# +# JPDA_TRANSPORT (Optional) JPDA transport used when the "jpda start" +# command is executed. The default is "dt_socket". +# +# JPDA_ADDRESS (Optional) Java runtime options used when the "jpda start" +# command is executed. The default is localhost:8000. +# +# JPDA_SUSPEND (Optional) Java runtime options used when the "jpda start" +# command is executed. Specifies whether JVM should suspend +# execution immediately after startup. Default is "n". +# +# JPDA_OPTS (Optional) Java runtime options used when the "jpda start" +# command is executed. If used, JPDA_TRANSPORT, JPDA_ADDRESS, +# and JPDA_SUSPEND are ignored. Thus, all required jpda +# options MUST be specified. The default is: +# +# -agentlib:jdwp=transport=$JPDA_TRANSPORT, +# address=$JPDA_ADDRESS,server=y,suspend=$JPDA_SUSPEND +# +# JSSE_OPTS (Optional) Java runtime options used to control the TLS +# implementation when JSSE is used. Default is: +# "-Djdk.tls.ephemeralDHKeySize=2048" +# +# CATALINA_PID (Optional) Path of the file which should contains the pid +# of the catalina startup java process, when start (fork) is +# used +# +# LOGGING_CONFIG (Optional) Override Tomcat's logging config file +# Example (all one line) +# LOGGING_CONFIG="-Djava.util.logging.config.file=$CATALINA_BASE/conf/logging.properties" +# +# LOGGING_MANAGER (Optional) Override Tomcat's logging manager +# Example (all one line) +# LOGGING_MANAGER="-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager" +# +# UMASK (Optional) Override Tomcat's default UMASK of 0027 +# +# USE_NOHUP (Optional) If set to the string true the start command will +# use nohup so that the Tomcat process will ignore any hangup +# signals. Default is "false" unless running on HP-UX in which +# case the default is "true" +# ----------------------------------------------------------------------------- + +# OS specific support. $var _must_ be set to either true or false. +cygwin=false +darwin=false +os400=false +hpux=false +case "`uname`" in +CYGWIN*) cygwin=true;; +Darwin*) darwin=true;; +OS400*) os400=true;; +HP-UX*) hpux=true;; +esac + +# resolve links - $0 may be a softlink +PRG="$0" + +while [ -h "$PRG" ]; do + ls=`ls -ld "$PRG"` + link=`expr "$ls" : '.*-> \(.*\)$'` + if expr "$link" : '/.*' > /dev/null; then + PRG="$link" + else + PRG=`dirname "$PRG"`/"$link" + fi +done + +# Get standard environment variables +PRGDIR=`dirname "$PRG"` + +# Only set CATALINA_HOME if not already set +[ -z "$CATALINA_HOME" ] && CATALINA_HOME=`cd "$PRGDIR/.." >/dev/null; pwd` + +# Copy CATALINA_BASE from CATALINA_HOME if not already set +[ -z "$CATALINA_BASE" ] && CATALINA_BASE="$CATALINA_HOME" + +# Ensure that any user defined CLASSPATH variables are not used on startup, +# but allow them to be specified in setenv.sh, in rare case when it is needed. +CLASSPATH= + +if [ -r "$CATALINA_BASE/bin/setenv.sh" ]; then + . "$CATALINA_BASE/bin/setenv.sh" +elif [ -r "$CATALINA_HOME/bin/setenv.sh" ]; then + . "$CATALINA_HOME/bin/setenv.sh" +fi + +# For Cygwin, ensure paths are in UNIX format before anything is touched +if $cygwin; then + [ -n "$JAVA_HOME" ] && JAVA_HOME=`cygpath --unix "$JAVA_HOME"` + [ -n "$JRE_HOME" ] && JRE_HOME=`cygpath --unix "$JRE_HOME"` + [ -n "$CATALINA_HOME" ] && CATALINA_HOME=`cygpath --unix "$CATALINA_HOME"` + [ -n "$CATALINA_BASE" ] && CATALINA_BASE=`cygpath --unix "$CATALINA_BASE"` + [ -n "$CLASSPATH" ] && CLASSPATH=`cygpath --path --unix "$CLASSPATH"` +fi + +# Ensure that neither CATALINA_HOME nor CATALINA_BASE contains a colon +# as this is used as the separator in the classpath and Java provides no +# mechanism for escaping if the same character appears in the path. +case $CATALINA_HOME in + *:*) echo "Using CATALINA_HOME: $CATALINA_HOME"; + echo "Unable to start as CATALINA_HOME contains a colon (:) character"; + exit 1; +esac +case $CATALINA_BASE in + *:*) echo "Using CATALINA_BASE: $CATALINA_BASE"; + echo "Unable to start as CATALINA_BASE contains a colon (:) character"; + exit 1; +esac + +# For OS400 +if $os400; then + # Set job priority to standard for interactive (interactive - 6) by using + # the interactive priority - 6, the helper threads that respond to requests + # will be running at the same priority as interactive jobs. + COMMAND='chgjob job('$JOBNAME') runpty(6)' + system $COMMAND + + # Enable multi threading + export QIBM_MULTI_THREADED=Y +fi + +# Get standard Java environment variables +if $os400; then + # -r will Only work on the os400 if the files are: + # 1. owned by the user + # 2. owned by the PRIMARY group of the user + # this will not work if the user belongs in secondary groups + . "$CATALINA_HOME"/bin/setclasspath.sh +else + if [ -r "$CATALINA_HOME"/bin/setclasspath.sh ]; then + . "$CATALINA_HOME"/bin/setclasspath.sh + else + echo "Cannot find $CATALINA_HOME/bin/setclasspath.sh" + echo "This file is needed to run this program" + exit 1 + fi +fi + +# Add on extra jar files to CLASSPATH +if [ ! -z "$CLASSPATH" ] ; then + CLASSPATH="$CLASSPATH": +fi +CLASSPATH="$CLASSPATH""$CATALINA_HOME"/bin/bootstrap.jar + +if [ -z "$CATALINA_OUT" ] ; then + #CATALINA_OUT="$CATALINA_BASE"/logs/catalina.out + CATALINA_OUT={{ alf_tomcat_catalina_logs_dir }}/catalina.out +fi + +if [ -z "$CATALINA_TMPDIR" ] ; then + # Define the java.io.tmpdir to use for Catalina + #CATALINA_TMPDIR="$CATALINA_BASE"/temp + CATALINA_TMPDIR={{ alf_home }}/temp +fi + +# Add tomcat-juli.jar to classpath +# tomcat-juli.jar can be over-ridden per instance +if [ -r "$CATALINA_BASE/bin/tomcat-juli.jar" ] ; then + CLASSPATH=$CLASSPATH:$CATALINA_BASE/bin/tomcat-juli.jar +else + CLASSPATH=$CLASSPATH:$CATALINA_HOME/bin/tomcat-juli.jar +fi + +# Bugzilla 37848: When no TTY is available, don't output to console +have_tty=0 +if [ "`tty`" != "not a tty" ]; then + have_tty=1 +fi + +# For Cygwin, switch paths to Windows format before running java +if $cygwin; then + JAVA_HOME=`cygpath --absolute --windows "$JAVA_HOME"` + JRE_HOME=`cygpath --absolute --windows "$JRE_HOME"` + CATALINA_HOME=`cygpath --absolute --windows "$CATALINA_HOME"` + CATALINA_BASE=`cygpath --absolute --windows "$CATALINA_BASE"` + CATALINA_TMPDIR=`cygpath --absolute --windows "$CATALINA_TMPDIR"` + CLASSPATH=`cygpath --path --windows "$CLASSPATH"` + [ -n "$JAVA_ENDORSED_DIRS" ] && JAVA_ENDORSED_DIRS=`cygpath --path --windows "$JAVA_ENDORSED_DIRS"` +fi + +if [ -z "$JSSE_OPTS" ] ; then + JSSE_OPTS="-Djdk.tls.ephemeralDHKeySize=2048" +fi +JAVA_OPTS="$JAVA_OPTS $JSSE_OPTS" + +# Register custom URL handlers +# Do this here so custom URL handles (specifically 'war:...') can be used in the security policy +JAVA_OPTS="$JAVA_OPTS -Djava.protocol.handler.pkgs=org.apache.catalina.webresources" + +# Set juli LogManager config file if it is present and an override has not been issued +if [ -z "$LOGGING_CONFIG" ]; then + if [ -r "$CATALINA_BASE"/conf/logging.properties ]; then + LOGGING_CONFIG="-Djava.util.logging.config.file=$CATALINA_BASE/conf/logging.properties" + else + # Bugzilla 45585 + LOGGING_CONFIG="-Dnop" + fi +fi + +if [ -z "$LOGGING_MANAGER" ]; then + LOGGING_MANAGER="-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager" +fi + +# Set UMASK unless it has been overridden +if [ -z "$UMASK" ]; then + UMASK="0027" +fi +umask $UMASK + +# Java 9 no longer supports the java.endorsed.dirs +# system property. Only try to use it if +# JAVA_ENDORSED_DIRS was explicitly set +# or CATALINA_HOME/endorsed exists. +ENDORSED_PROP=ignore.endorsed.dirs +if [ -n "$JAVA_ENDORSED_DIRS" ]; then + ENDORSED_PROP=java.endorsed.dirs +fi +if [ -d "$CATALINA_HOME/endorsed" ]; then + ENDORSED_PROP=java.endorsed.dirs +fi + +# Make the umask available when using the org.apache.catalina.security.SecurityListener +JAVA_OPTS="$JAVA_OPTS -Dorg.apache.catalina.security.SecurityListener.UMASK=`umask`" + +if [ -z "$USE_NOHUP" ]; then + if $hpux; then + USE_NOHUP="true" + else + USE_NOHUP="false" + fi +fi +unset _NOHUP +if [ "$USE_NOHUP" = "true" ]; then + _NOHUP=nohup +fi + +# Add the JAVA 9 specific start-up parameters required by Tomcat +JDK_JAVA_OPTIONS="$JDK_JAVA_OPTIONS --add-opens=java.base/java.lang=ALL-UNNAMED" +JDK_JAVA_OPTIONS="$JDK_JAVA_OPTIONS --add-opens=java.base/java.io=ALL-UNNAMED" +JDK_JAVA_OPTIONS="$JDK_JAVA_OPTIONS --add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED" +export JDK_JAVA_OPTIONS + +# ----- Execute The Requested Command ----------------------------------------- + +# Bugzilla 37848: only output this if we have a TTY +if [ $have_tty -eq 1 ]; then + echo "Using CATALINA_BASE: $CATALINA_BASE" + echo "Using CATALINA_HOME: $CATALINA_HOME" + echo "Using CATALINA_TMPDIR: $CATALINA_TMPDIR" + if [ "$1" = "debug" ] ; then + echo "Using JAVA_HOME: $JAVA_HOME" + else + echo "Using JRE_HOME: $JRE_HOME" + fi + echo "Using CLASSPATH: $CLASSPATH" + if [ ! -z "$CATALINA_PID" ]; then + echo "Using CATALINA_PID: $CATALINA_PID" + fi +fi + +if [ "$1" = "jpda" ] ; then + if [ -z "$JPDA_TRANSPORT" ]; then + JPDA_TRANSPORT="dt_socket" + fi + if [ -z "$JPDA_ADDRESS" ]; then + JPDA_ADDRESS="localhost:8000" + fi + if [ -z "$JPDA_SUSPEND" ]; then + JPDA_SUSPEND="n" + fi + if [ -z "$JPDA_OPTS" ]; then + JPDA_OPTS="-agentlib:jdwp=transport=$JPDA_TRANSPORT,address=$JPDA_ADDRESS,server=y,suspend=$JPDA_SUSPEND" + fi + CATALINA_OPTS="$JPDA_OPTS $CATALINA_OPTS" + shift +fi + +if [ "$1" = "debug" ] ; then + if $os400; then + echo "Debug command not available on OS400" + exit 1 + else + shift + if [ "$1" = "-security" ] ; then + if [ $have_tty -eq 1 ]; then + echo "Using Security Manager" + fi + shift + exec "$_RUNJDB" "$LOGGING_CONFIG" $LOGGING_MANAGER $JAVA_OPTS $CATALINA_OPTS \ + -D$ENDORSED_PROP="$JAVA_ENDORSED_DIRS" \ + -classpath "$CLASSPATH" \ + -sourcepath "$CATALINA_HOME"/../../java \ + -Djava.security.manager \ + -Djava.security.policy=="$CATALINA_BASE"/conf/catalina.policy \ + -Dcatalina.base="$CATALINA_BASE" \ + -Dcatalina.home="$CATALINA_HOME" \ + -Djava.io.tmpdir="$CATALINA_TMPDIR" \ + org.apache.catalina.startup.Bootstrap "$@" start + else + exec "$_RUNJDB" "$LOGGING_CONFIG" $LOGGING_MANAGER $JAVA_OPTS $CATALINA_OPTS \ + -D$ENDORSED_PROP="$JAVA_ENDORSED_DIRS" \ + -classpath "$CLASSPATH" \ + -sourcepath "$CATALINA_HOME"/../../java \ + -Dcatalina.base="$CATALINA_BASE" \ + -Dcatalina.home="$CATALINA_HOME" \ + -Djava.io.tmpdir="$CATALINA_TMPDIR" \ + org.apache.catalina.startup.Bootstrap "$@" start + fi + fi + +elif [ "$1" = "run" ]; then + + shift + if [ "$1" = "-security" ] ; then + if [ $have_tty -eq 1 ]; then + echo "Using Security Manager" + fi + shift + eval exec "\"$_RUNJAVA\"" "\"$LOGGING_CONFIG\"" $LOGGING_MANAGER $JAVA_OPTS $CATALINA_OPTS \ + -D$ENDORSED_PROP="\"$JAVA_ENDORSED_DIRS\"" \ + -classpath "\"$CLASSPATH\"" \ + -Djava.security.manager \ + -Djava.security.policy=="\"$CATALINA_BASE/conf/catalina.policy\"" \ + -Dcatalina.base="\"$CATALINA_BASE\"" \ + -Dcatalina.home="\"$CATALINA_HOME\"" \ + -Djava.io.tmpdir="\"$CATALINA_TMPDIR\"" \ + org.apache.catalina.startup.Bootstrap "$@" start + else + eval exec "\"$_RUNJAVA\"" "\"$LOGGING_CONFIG\"" $LOGGING_MANAGER $JAVA_OPTS $CATALINA_OPTS \ + -D$ENDORSED_PROP="\"$JAVA_ENDORSED_DIRS\"" \ + -classpath "\"$CLASSPATH\"" \ + -Dcatalina.base="\"$CATALINA_BASE\"" \ + -Dcatalina.home="\"$CATALINA_HOME\"" \ + -Djava.io.tmpdir="\"$CATALINA_TMPDIR\"" \ + org.apache.catalina.startup.Bootstrap "$@" start + fi + +elif [ "$1" = "start" ] ; then + + if [ ! -z "$CATALINA_PID" ]; then + if [ -f "$CATALINA_PID" ]; then + if [ -s "$CATALINA_PID" ]; then + echo "Existing PID file found during start." + if [ -r "$CATALINA_PID" ]; then + PID=`cat "$CATALINA_PID"` + ps -p $PID >/dev/null 2>&1 + if [ $? -eq 0 ] ; then + echo "Tomcat appears to still be running with PID $PID. Start aborted." + echo "If the following process is not a Tomcat process, remove the PID file and try again:" + ps -f -p $PID + exit 1 + else + echo "Removing/clearing stale PID file." + rm -f "$CATALINA_PID" >/dev/null 2>&1 + if [ $? != 0 ]; then + if [ -w "$CATALINA_PID" ]; then + cat /dev/null > "$CATALINA_PID" + else + echo "Unable to remove or clear stale PID file. Start aborted." + exit 1 + fi + fi + fi + else + echo "Unable to read PID file. Start aborted." + exit 1 + fi + else + rm -f "$CATALINA_PID" >/dev/null 2>&1 + if [ $? != 0 ]; then + if [ ! -w "$CATALINA_PID" ]; then + echo "Unable to remove or write to empty PID file. Start aborted." + exit 1 + fi + fi + fi + fi + fi + + shift + touch "$CATALINA_OUT" + if [ "$1" = "-security" ] ; then + if [ $have_tty -eq 1 ]; then + echo "Using Security Manager" + fi + shift + eval $_NOHUP "\"$_RUNJAVA\"" "\"$LOGGING_CONFIG\"" $LOGGING_MANAGER $JAVA_OPTS $CATALINA_OPTS \ + -D$ENDORSED_PROP="\"$JAVA_ENDORSED_DIRS\"" \ + -classpath "\"$CLASSPATH\"" \ + -Djava.security.manager \ + -Djava.security.policy=="\"$CATALINA_BASE/conf/catalina.policy\"" \ + -Dcatalina.base="\"$CATALINA_BASE\"" \ + -Dcatalina.home="\"$CATALINA_HOME\"" \ + -Djava.io.tmpdir="\"$CATALINA_TMPDIR\"" \ + org.apache.catalina.startup.Bootstrap "$@" start \ + >> "$CATALINA_OUT" 2>&1 "&" + + else + eval $_NOHUP "\"$_RUNJAVA\"" "\"$LOGGING_CONFIG\"" $LOGGING_MANAGER $JAVA_OPTS $CATALINA_OPTS \ + -D$ENDORSED_PROP="\"$JAVA_ENDORSED_DIRS\"" \ + -classpath "\"$CLASSPATH\"" \ + -Dcatalina.base="\"$CATALINA_BASE\"" \ + -Dcatalina.home="\"$CATALINA_HOME\"" \ + -Djava.io.tmpdir="\"$CATALINA_TMPDIR\"" \ + org.apache.catalina.startup.Bootstrap "$@" start \ + >> "$CATALINA_OUT" 2>&1 "&" + + fi + + if [ ! -z "$CATALINA_PID" ]; then + echo $! > "$CATALINA_PID" + fi + + echo "Tomcat started." + +elif [ "$1" = "stop" ] ; then + + shift + + SLEEP=5 + if [ ! -z "$1" ]; then + echo $1 | grep "[^0-9]" >/dev/null 2>&1 + if [ $? -gt 0 ]; then + SLEEP=$1 + shift + fi + fi + + FORCE=0 + if [ "$1" = "-force" ]; then + shift + FORCE=1 + fi + + if [ ! -z "$CATALINA_PID" ]; then + if [ -f "$CATALINA_PID" ]; then + if [ -s "$CATALINA_PID" ]; then + kill -0 `cat "$CATALINA_PID"` >/dev/null 2>&1 + if [ $? -gt 0 ]; then + echo "PID file found but either no matching process was found or the current user does not have permission to stop the process. Stop aborted." + exit 1 + fi + else + echo "PID file is empty and has been ignored." + fi + else + echo "\$CATALINA_PID was set but the specified file does not exist. Is Tomcat running? Stop aborted." + exit 1 + fi + fi + + eval "\"$_RUNJAVA\"" $JAVA_OPTS \ + -D$ENDORSED_PROP="\"$JAVA_ENDORSED_DIRS\"" \ + -classpath "\"$CLASSPATH\"" \ + -Dcatalina.base="\"$CATALINA_BASE\"" \ + -Dcatalina.home="\"$CATALINA_HOME\"" \ + -Djava.io.tmpdir="\"$CATALINA_TMPDIR\"" \ + org.apache.catalina.startup.Bootstrap "$@" stop + + # stop failed. Shutdown port disabled? Try a normal kill. + if [ $? != 0 ]; then + if [ ! -z "$CATALINA_PID" ]; then + echo "The stop command failed. Attempting to signal the process to stop through OS signal." + kill -15 `cat "$CATALINA_PID"` >/dev/null 2>&1 + fi + fi + + if [ ! -z "$CATALINA_PID" ]; then + if [ -f "$CATALINA_PID" ]; then + while [ $SLEEP -ge 0 ]; do + kill -0 `cat "$CATALINA_PID"` >/dev/null 2>&1 + if [ $? -gt 0 ]; then + rm -f "$CATALINA_PID" >/dev/null 2>&1 + if [ $? != 0 ]; then + if [ -w "$CATALINA_PID" ]; then + cat /dev/null > "$CATALINA_PID" + # If Tomcat has stopped don't try and force a stop with an empty PID file + FORCE=0 + else + echo "The PID file could not be removed or cleared." + fi + fi + echo "Tomcat stopped." + break + fi + if [ $SLEEP -gt 0 ]; then + sleep 1 + fi + if [ $SLEEP -eq 0 ]; then + echo "Tomcat did not stop in time." + if [ $FORCE -eq 0 ]; then + echo "PID file was not removed." + fi + echo "To aid diagnostics a thread dump has been written to standard out." + kill -3 `cat "$CATALINA_PID"` + fi + SLEEP=`expr $SLEEP - 1 ` + done + fi + fi + + KILL_SLEEP_INTERVAL=5 + if [ $FORCE -eq 1 ]; then + if [ -z "$CATALINA_PID" ]; then + echo "Kill failed: \$CATALINA_PID not set" + else + if [ -f "$CATALINA_PID" ]; then + PID=`cat "$CATALINA_PID"` + echo "Killing Tomcat with the PID: $PID" + kill -9 $PID + while [ $KILL_SLEEP_INTERVAL -ge 0 ]; do + kill -0 `cat "$CATALINA_PID"` >/dev/null 2>&1 + if [ $? -gt 0 ]; then + rm -f "$CATALINA_PID" >/dev/null 2>&1 + if [ $? != 0 ]; then + if [ -w "$CATALINA_PID" ]; then + cat /dev/null > "$CATALINA_PID" + else + echo "The PID file could not be removed." + fi + fi + echo "The Tomcat process has been killed." + break + fi + if [ $KILL_SLEEP_INTERVAL -gt 0 ]; then + sleep 1 + fi + KILL_SLEEP_INTERVAL=`expr $KILL_SLEEP_INTERVAL - 1 ` + done + if [ $KILL_SLEEP_INTERVAL -lt 0 ]; then + echo "Tomcat has not been killed completely yet. The process might be waiting on some system call or might be UNINTERRUPTIBLE." + fi + fi + fi + fi + +elif [ "$1" = "configtest" ] ; then + + eval "\"$_RUNJAVA\"" $LOGGING_MANAGER $JAVA_OPTS \ + -D$ENDORSED_PROP="\"$JAVA_ENDORSED_DIRS\"" \ + -classpath "\"$CLASSPATH\"" \ + -Dcatalina.base="\"$CATALINA_BASE\"" \ + -Dcatalina.home="\"$CATALINA_HOME\"" \ + -Djava.io.tmpdir="\"$CATALINA_TMPDIR\"" \ + org.apache.catalina.startup.Bootstrap configtest + result=$? + if [ $result -ne 0 ]; then + echo "Configuration error detected!" + fi + exit $result + +elif [ "$1" = "version" ] ; then + + "$_RUNJAVA" \ + -classpath "$CATALINA_HOME/lib/catalina.jar" \ + org.apache.catalina.util.ServerInfo + +else + + echo "Usage: catalina.sh ( commands ... )" + echo "commands:" + if $os400; then + echo " debug Start Catalina in a debugger (not available on OS400)" + echo " debug -security Debug Catalina with a security manager (not available on OS400)" + else + echo " debug Start Catalina in a debugger" + echo " debug -security Debug Catalina with a security manager" + fi + echo " jpda start Start Catalina under JPDA debugger" + echo " run Start Catalina in the current window" + echo " run -security Start in the current window with security manager" + echo " start Start Catalina in a separate window" + echo " start -security Start in a separate window with security manager" + echo " stop Stop Catalina, waiting up to 5 seconds for the process to end" + echo " stop n Stop Catalina, waiting up to n seconds for the process to end" + echo " stop -force Stop Catalina, wait up to 5 seconds and then use kill -KILL if still running" + echo " stop n -force Stop Catalina, wait up to n seconds and then use kill -KILL if still running" + echo " configtest Run a basic syntax check on server.xml - check exit code for result" + echo " version What version of tomcat are you running?" + echo "Note: Waiting for the process to end and use of the -force option require that \$CATALINA_PID is defined" + exit 1 + +fi diff --git a/templates/ctl.sh.j2 b/templates/ctl.sh.j2 new file mode 100755 index 0000000..fbe7ab6 --- /dev/null +++ b/templates/ctl.sh.j2 @@ -0,0 +1,120 @@ +#!/bin/sh + +CATALINA_HOME={{ alf_home }}/tomcat +TOMCAT_BINDIR={{ alf_home }}/tomcat/bin +JAVA_HOME=$JAVA_HOME +CATALINA_PID={{ alf_home }}/tomcat/temp/catalina.pid +export CATALINA_PID +TOMCAT_STATUS="" +ERROR=0 +PID="" + +start_tomcat() { + is_tomcat_running + RUNNING=$? + if [ $RUNNING -eq 1 ]; then + echo "$0 $ARG: tomcat (pid $PID) already running" + else + rm -f $CATALINA_PID + export JAVA_OPTS="-Xms8G -Xmx16G -XX:+DisableExplicitGC -Djava.awt.headless=true -Dalfresco.home={{ alf_home }} -Dcom.sun.management.jmxremote -Dsun.security.ssl.allowUnsafeRenegotiation=true -XX:ReservedCodeCacheSize=128m" + previousdir=`pwd` + cd $CATALINA_HOME/.. + $TOMCAT_BINDIR/startup.sh + if [ $? -eq 0 ]; then + echo "$0 $ARG: tomcat started" + else + echo "$0 $ARG: tomcat could not be started" + ERROR=1 + fi + cd $previousdir + fi +} + +daemon_tomcat() { + export JAVA_OPTS="-Xms8G -Xmx16G -XX:+DisableExplicitGC -Djava.awt.headless=true -Dalfresco.home={{ alf_home }} -Dcom.sun.management.jmxremote -Dsun.security.ssl.allowUnsafeRenegotiation=true -XX:ReservedCodeCacheSize=128m" + $TOMCAT_BINDIR/catalina.sh run +} + +stop_tomcat() { + is_tomcat_running + RUNNING=$? + if [ $RUNNING -eq 0 ]; then + echo "$0 $ARG: $TOMCAT_STATUS" + exit + fi + $TOMCAT_BINDIR/shutdown.sh 300 -force + sleep 2 + is_tomcat_running + RUNNING=$? + COUNTER=4 + while [ $RUNNING -ne 0 ] && [ $COUNTER -ne 0 ]; do + COUNTER=`expr $COUNTER - 1` + sleep 2 + is_tomcat_running + RUNNING=$? + done + if [ $RUNNING -eq 0 ]; then + echo "$0 $ARG: tomcat stopped" + sleep 3 + else + echo "$0 $ARG: tomcat could not be stopped" + ERROR=2 + fi +} + +get_pid() { + PID="" + PIDFILE=$1 + # check for pidfile + if [ -f $PIDFILE ] ; then + PID=`cat $PIDFILE` + fi +} + +get_tomcat_pid() { + get_pid $CATALINA_PID + if [ ! $PID ]; then + return + fi +} + +is_service_running() { + PID=$1 + if [ "x$PID" != "x" ] && kill -0 $PID 2>/dev/null ; then + RUNNING=1 + else + RUNNING=0 + fi + return $RUNNING +} + +is_tomcat_running() { + get_tomcat_pid + is_service_running $PID + RUNNING=$? + if [ $RUNNING -eq 0 ]; then + TOMCAT_STATUS="tomcat not running" + else + TOMCAT_STATUS="tomcat already running" + fi + return $RUNNING +} + +cleanpid() { + rm -f $CATALINA_PID +} + +if [ "x$1" = "xstart" ]; then + start_tomcat + sleep 2 +elif [ "x$1" = "xdaemon" ]; then + daemon_tomcat +elif [ "x$1" = "xstop" ]; then + stop_tomcat + sleep 2 +elif [ "x$1" = "xstatus" ]; then + is_tomcat_running + echo $TOMCAT_STATUS +elif [ "x$1" = "xcleanpid" ]; then + cleanpid +fi diff --git a/templates/custom-slingshot-application-context.xml.j2 b/templates/custom-slingshot-application-context.xml.j2 new file mode 100644 index 0000000..96112fe --- /dev/null +++ b/templates/custom-slingshot-application-context.xml.j2 @@ -0,0 +1,10 @@ + + + + diff --git a/templates/server.xml.j2 b/templates/server.xml.j2 new file mode 100644 index 0000000..c11ba31 --- /dev/null +++ b/templates/server.xml.j2 @@ -0,0 +1,184 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + {% if proxy_enabled %} + + {% else %} + + {% endif %} + + {% if ssl_enabled %} + + {% endif %} + + + + + + + + + + + + + + + + + + + + + + + {% if proxy_enabled %} + + {% endif %} + + + + diff --git a/templates/setenv.sh.j2 b/templates/setenv.sh.j2 new file mode 100755 index 0000000..12db172 --- /dev/null +++ b/templates/setenv.sh.j2 @@ -0,0 +1,12 @@ +# Load Tomcat Native Library +LD_LIBRARY_PATH={{ alf_home }}/common/lib:$LD_LIBRARY_PATH + +JRE_HOME=$JAVA_HOME +JAVA_OPTS="-XX:+DisableExplicitGC -XX:+UseConcMarkSweepGC -Djava.awt.headless=true -Dalfresco.home={{ alf_home }} -XX:ReservedCodeCacheSize=128m $JAVA_OPTS " +JAVA_OPTS="-Xms512M -Xmx{{ java_opts_xmx }} $JAVA_OPTS " # java-memory-settings +JAVA_OPTS="$JAVA_OPTS -Dcom.sun.management.jmxremote " # JMX settings +JAVA_OPTS="$JAVA_OPTS -Djava.io.tmpdir={{ alf_home }}/temp " +export JAVA_HOME +export JRE_HOME +export JAVA_OPTS +export LD_LIBRARY_PATH diff --git a/templates/share-config-custom.xml.j2 b/templates/share-config-custom.xml.j2 new file mode 100644 index 0000000..734ae94 --- /dev/null +++ b/templates/share-config-custom.xml.j2 @@ -0,0 +1,515 @@ + + + + + + + false + + + false + + + + + + + + + + production + + + + + manual + true + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + false + + + 1000 + + + 7000 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + {{ alf_protocol }}://{{ alf_host }}:{{ alf_port }}/alfresco + + + + + false + + + + application/vnd.openxmlformats-officedocument.wordprocessingml.document + application/vnd.openxmlformats-officedocument.spreadsheetml.sheet + application/vnd.ms-powerpoint + + + + + + + true + + + + + + + + + + + + + + + + + + + + + + + + + location.path.documents + + slingshot/doclib/treenode/site/{site}/{container}{path}?children={evaluateChildFoldersSite}&max={maximumFolderCountSite} + + + + + + + + alfresco://company/home + + + + false + + + 500 + + + + true + + + + + + + + secret + + ALFRESCO.ORG + + HTTP/repository.server.com@ALFRESCO.ORG + + ShareHTTP + + true + + + + + + + + + + alfresco-noauth + Alfresco - unauthenticated access + Access to Alfresco Repository WebScripts that do not require authentication + alfresco + {{ alf_tomcat_protocol }}://{{ inventory_hostname }}:{{ alf_tomcat_web_port }}/alfresco/s + none + + + + alfresco + Alfresco - user access + Access to Alfresco Repository WebScripts that require user authentication + alfresco + {{ alf_tomcat_protocol }}://{{ inventory_hostname }}:{{ alf_tomcat_web_port }}/alfresco/s + user + + + + alfresco-feed + Alfresco Feed + Alfresco Feed - supports basic HTTP authentication via the EndPointProxyServlet + http + {{ alf_tomcat_protocol }}://{{ inventory_hostname }}:{{ alf_tomcat_web_port }}/alfresco/s + true + user + + + + alfresco-api + alfresco + Alfresco Public API - user access + Access to Alfresco Repository Public API that require user authentication. + This makes use of the authentication that is provided by parent 'alfresco' endpoint. + alfresco + {{ alf_tomcat_protocol }}://{{ inventory_hostname }}:{{ alf_tomcat_web_port }}/alfresco/api + user + + + + + + + + + + + + + + + diff --git a/templates/shared.properties.j2 b/templates/shared.properties.j2 new file mode 100644 index 0000000..19eb212 --- /dev/null +++ b/templates/shared.properties.j2 @@ -0,0 +1,33 @@ +# Shared Properties file + +#Host details an external client would use to connect to Solr +solr.host=localhost +#If not set then solr.port will be the jetty.port +#solr.port=8983 +solr.baseurl=/solr +solr.content.dir={{ alf_home }}/alf_data/solr6 + +# Properties treated as identifiers when indexed + +alfresco.identifier.property.0={http://www.alfresco.org/model/content/1.0}creator +alfresco.identifier.property.1={http://www.alfresco.org/model/content/1.0}modifier +alfresco.identifier.property.2={http://www.alfresco.org/model/content/1.0}userName +alfresco.identifier.property.3={http://www.alfresco.org/model/content/1.0}authorityName +alfresco.identifier.property.4={http://www.alfresco.org/model/content/1.0}lockOwner + +# Suggestable Propeties +#alfresco.suggestable.property.0={http://www.alfresco.org/model/content/1.0}name +#alfresco.suggestable.property.1={http://www.alfresco.org/model/content/1.0}title +#alfresco.suggestable.property.2={http://www.alfresco.org/model/content/1.0}description +#alfresco.suggestable.property.3={http://www.alfresco.org/model/content/1.0}content + +# Data types that support cross locale/word splitting/token patterns if tokenised +alfresco.cross.locale.property.0={http://www.alfresco.org/model/content/1.0}name +alfresco.cross.locale.property.1={http://www.alfresco.org/model/content/1.0}lockOwner + +# Data types that support cross locale/word splitting/token patterns if tokenised +# alfresco.cross.locale.datatype.0={http://www.alfresco.org/model/dictionary/1.0}text +# alfresco.cross.locale.datatype.1={http://www.alfresco.org/model/dictionary/1.0}content +# alfresco.cross.locale.datatype.2={http://www.alfresco.org/model/dictionary/1.0}mltext + +alfresco.model.tracker.cron=0/10 * * * * ? * diff --git a/templates/solr.in.sh.j2 b/templates/solr.in.sh.j2 new file mode 100644 index 0000000..7db81c4 --- /dev/null +++ b/templates/solr.in.sh.j2 @@ -0,0 +1,135 @@ +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Settings here will override settings in existing env vars or in bin/solr. The default shipped state +# of this file is completely commented. + +# By default the script will use JAVA_HOME to determine which java +# to use, but you can set a specific path for Solr to use without +# affecting other Java applications on your server/workstation. +#SOLR_JAVA_HOME="" +SOLR_JAVA_HOME={{ solr_java_home }} + +# This controls the number of seconds that the solr script will wait for +# Solr to stop gracefully or Solr to start. If the graceful stop fails, +# the script will forcibly stop Solr. If the start fails, the script will +# give up waiting and display the last few lines of the logfile. +#SOLR_STOP_WAIT="180" + +# Increase Java Heap as needed to support your indexing / query needs +#SOLR_HEAP="512m" + +# Expert: If you want finer control over memory options, specify them directly +# Comment out SOLR_HEAP if you are using this though, that takes precedence +#SOLR_JAVA_MEM="-Xms512m -Xmx512m" +SOLR_JAVA_MEM="{{ solr_java_mem }}" + +# Enable verbose GC logging +GC_LOG_OPTS="" +#GC_LOG_OPTS="-verbose:gc -XX:+PrintHeapAtGC -XX:+PrintGCDetails \ +#-XX:+PrintGCDateStamps -XX:+PrintGCTimeStamps -XX:+PrintTenuringDistribution -XX:+PrintGCApplicationStoppedTime" + +# These GC settings have shown to work well for a number of common Solr workloads +#GC_TUNE="-XX:NewRatio=3 -XX:SurvivorRatio=4 etc. + +# Set the ZooKeeper connection string if using an external ZooKeeper ensemble +# e.g. host1:2181,host2:2181/chroot +# Leave empty if not using SolrCloud +#ZK_HOST="" + +# Set the ZooKeeper client timeout (for SolrCloud mode) +#ZK_CLIENT_TIMEOUT="15000" + +# By default the start script uses "localhost"; override the hostname here +# for production SolrCloud environments to control the hostname exposed to cluster state +#SOLR_HOST="192.168.1.1" + +# By default the start script uses UTC; override the timezone if needed +#SOLR_TIMEZONE="UTC" + +# Set to true to activate the JMX RMI connector to allow remote JMX client applications +# to monitor the JVM hosting Solr; set to "false" to disable that behavior +# (false is recommended in production environments) +#ENABLE_REMOTE_JMX_OPTS="false" + +# The script will use SOLR_PORT+10000 for the RMI_PORT or you can set it here +# RMI_PORT=18983 + +# Alfresco configuration. This file is automatically included by solr. You can define your custom settings here +SOLR_OPTS="$SOLR_OPTS -Dsolr.jetty.request.header.size=1000000 -Dsolr.jetty.threads.stop.timeout=300000" +SOLR_OPTS="$SOLR_OPTS -Djava.io.tmpdir={{ alf_home }}/temp" +SOLR_OPTS="$SOLR_OPTS -Dsolr.solr.content.dir={{ solr_content_dir }}/contentstore" + +# Anything you add to the SOLR_OPTS variable will be included in the java +# start command line as-is, in ADDITION to other options. If you specify the +# -a option on start script, those options will be appended as well. Examples: +#SOLR_OPTS="$SOLR_OPTS -Dsolr.autoSoftCommit.maxTime=3000" +#SOLR_OPTS="$SOLR_OPTS -Dsolr.autoCommit.maxTime=60000" +#SOLR_OPTS="$SOLR_OPTS -Dsolr.clustering.enabled=true" + +# Location where the bin/solr script will save PID files for running instances +# If not set, the script will create PID files in $SOLR_TIP/bin +#SOLR_PID_DIR= + +# Path to a directory for Solr to store cores and their data. By default, Solr will use server/solr +# If solr.xml is not stored in ZooKeeper, this directory needs to contain solr.xml +#SOLR_HOME= + +# Solr provides a default Log4J configuration properties file in server/resources +# however, you may want to customize the log settings and file appender location +# so you can point the script to use a different log4j.properties file +#LOG4J_PROPS=/var/solr/log4j.properties + +# Changes the logging level. Valid values: ALL, TRACE, DEBUG, INFO, WARN, ERROR, FATAL, OFF. Default is INFO +# This is an alternative to changing the rootLogger in log4j.properties +#SOLR_LOG_LEVEL=INFO + +# Location where Solr should write logs to. Absolute or relative to solr start dir +#SOLR_LOGS_DIR=../../logs +SOLR_LOGS_DIR={{ alf_home }}/alfresco-search-services/logs +#LOG4J_PROPS=$SOLR_LOGS_DIR/log4j.properties +LOG4J_PROPS={{ alf_home }}/alfresco-search-services/logs/log4j.properties + +# Sets the port Solr binds to, default is 8983 +SOLR_PORT={{ solr_port }} + +# Uncomment to set SSL-related system properties +# Be sure to update the paths to the correct keystore for your environment +#SOLR_SSL_KEY_STORE=/home/shalin/work/oss/shalin-lusolr/solr/server/etc/solr-ssl.keystore.jks +#SOLR_SSL_KEY_STORE_PASSWORD=secret +#SOLR_SSL_TRUST_STORE=/home/shalin/work/oss/shalin-lusolr/solr/server/etc/solr-ssl.keystore.jks +#SOLR_SSL_TRUST_STORE_PASSWORD=secret +#SOLR_SSL_NEED_CLIENT_AUTH=false +#SOLR_SSL_WANT_CLIENT_AUTH=false + +# Uncomment if you want to override previously defined SSL values for HTTP client +# otherwise keep them commented and the above values will automatically be set for HTTP clients +#SOLR_SSL_CLIENT_KEY_STORE= +#SOLR_SSL_CLIENT_KEY_STORE_PASSWORD= +#SOLR_SSL_CLIENT_TRUST_STORE= +#SOLR_SSL_CLIENT_TRUST_STORE_PASSWORD= + +# Settings for authentication +#SOLR_AUTHENTICATION_CLIENT_CONFIGURER= +#SOLR_AUTHENTICATION_OPTS= + +# Settings for ZK ACL +#SOLR_ZK_CREDS_AND_ACLS="-DzkACLProvider=org.apache.solr.common.cloud.VMParamsAllAndReadonlyDigestZkACLProvider \ +# -DzkCredentialsProvider=org.apache.solr.common.cloud.VMParamsSingleSetCredentialsDigestZkCredentialsProvider \ +# -DzkDigestUsername=admin-user -DzkDigestPassword=CHANGEME-ADMIN-PASSWORD \ +# -DzkDigestReadonlyUsername=readonly-user -DzkDigestReadonlyPassword=CHANGEME-READONLY-PASSWORD" +#SOLR_OPTS="$SOLR_OPTS $SOLR_ZK_CREDS_AND_ACLS" + +SOLR_SOLR_CONTENT_DIR={{ solr_content_dir }} diff --git a/templates/solrconfig.xml.alfresco.j2 b/templates/solrconfig.xml.alfresco.j2 new file mode 100644 index 0000000..f451e18 --- /dev/null +++ b/templates/solrconfig.xml.alfresco.j2 @@ -0,0 +1,1929 @@ + + + + + + + + + 4.9 + + + + + + + + ${data.dir.root}/${data.dir.store} + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ${merger.maxMergeCount:6} + ${merger.maxThreadCount:3} + + + + + ${solr.lock.type:native} + + + + + + + + + + + + + + + + + + + + + + true + + + + + + + + + + + + + + + + + + + + ${solr.autoCommit.maxTime:-1} + false + + + + + + ${solr.autoSoftCommit.maxTime:-1} + + + + + + + + + + + + + + + + + + ${solr.maxBooleanClauses:10000} + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + true + + + + + + ${solr.queryResultWindowSize:512} + + + ${solr.queryResultMaxDocsCached:2048} + + + + + + + + + + + + false + + + 2 + + + + + + + + + + + + + + + + + + + + + + + + afts + explicit + 10 + suggest + + + setLocale + rewriteFacetParameters + consistencyComponent + query + facet + mlt + highlight + stats + debug + clearLocale + rewriteFacetCounts + + spellcheck + spellcheckbackcompat + setProcessedDenies + + + + + + + + explicit + 10 + suggest + + + + + setLocale + rewriteFacetParameters + consistencyComponent + query + facet + mlt + highlight + stats + debug + clearLocale + rewriteFacetCounts + + setProcessedDenies + + + + + + + + + explicit + json + true + suggest + + + + + + + + + true + json + true + + + + + + + + + explicit + + + velocity + browse + layout + Solritas + + + edismax + + text^0.5 features^1.0 name^1.2 sku^1.5 id^10.0 manu^1.1 cat^1.4 + title^10.0 description^5.0 keywords^5.0 author^2.0 resourcename^1.0 + + text + 100% + *:* + 10 + *,score + + + text^0.5 features^1.0 name^1.2 sku^1.5 id^10.0 manu^1.1 cat^1.4 + title^10.0 description^5.0 keywords^5.0 author^2.0 resourcename^1.0 + + text,features,name,sku,id,manu,cat,title,description,keywords,author,resourcename + 3 + + + on + cat + manu_exact + content_type + author_s + ipod + GB + 1 + cat,inStock + after + price + 0 + 600 + 50 + popularity + 0 + 10 + 3 + manufacturedate_dt + NOW/YEAR-10YEARS + NOW + +1YEAR + before + after + + + on + content features title name + html + <b> + </b> + 0 + title + 0 + name + 3 + 200 + content + 750 + + + on + false + 5 + 2 + 5 + true + true + 5 + 3 + + + + + spellcheck + + + + + + + + + + + + + + application/json + + + + + application/csv + + + + + + + true + ignored_ + + + true + links + ignored_ + + + + + + + + + + + + + + + explicit + true + + + + + + + {% if solr_is_primary %} + + commit + startup + schema.xml,stopwords.txt + + {% endif %} + {% if solr_is_replica %} + + http://{{ solr_primary_host }}:{{ solr_primary_port }}/solr/alfresco/replication + 00:00:20 + internal + 5000 + 10000 + + {% endif %} + + + + + + + + text_shingle + + + + + + default + suggest + solr.DirectSolrSpellChecker + + internal + + 0.5 + + 2 + + 1 + + 5 + + 4 + + 0.01 + + + + + + wordbreak + suggest + solr.WordBreakSolrSpellChecker + true + true + 10 + 5 + + + + + + + + + + + suggest + + default + wordbreak + on + true + 10 + 5 + 5 + true + true + 10 + 5 + + + spellcheck + spellcheckbackcompat + + + + + + + shingleBasedSuggestions + ${solr.suggester.enabled:true} + + org.apache.solr.spelling.suggest.fst.WFSTLookupFactory + suggest + text_shingle + true + + + + + + true + 10 + shingleBasedSuggestions + + + suggest + + + + + + + + + + + + + text + true + + + tvComponent + + + + + + + lingo + + + org.carrot2.clustering.lingo.LingoClusteringAlgorithm + + + clustering/carrot2 + + + + + stc + org.carrot2.clustering.stc.STCClusteringAlgorithm + + + + + kmeans + org.carrot2.clustering.kmeans.BisectingKMeansClusteringAlgorithm + + + + + + + true + true + + mltext@m___t@{http://www.alfresco.org/model/content/1.0}title + + id + + content@s___t@{http://www.alfresco.org/model/content/1.0}content + + true + + + + false + + + edismax + + text^0.5 features^1.0 name^1.2 sku^1.5 id^10.0 manu^1.1 cat^1.4 + + *:* + 10 + *,score + + + clustering + + + + + + + + + + true + false + + + terms + + + + + + + + text___ + elevate.xml + + + + + + explicit + suggest + + + elevator + + + + + + + + + + + 100 + + + + + + + + 70 + + 0.5 + + [-\w ,/\n\"']{20,200} + + + + + + + ]]> + ]]> + + + + + + + + + + + + + + + + + + + + + + + + ,, + ,, + ,, + ,, + ,]]> + ]]> + + + + + + 10 + .,!? + + + + + + + WORD + + + en + US + + + + + + + + + + + + + + + + + + + + + + text/plain; charset=UTF-8 + + + + + + + + + 5 + + + + + + + + + + + + + + + + + + + + + + + + *:* + + + + + + + alfresco + + + setLocale + rewriteFacetParameters + consistencyComponent + query + facet + mlt + highlight + stats + debug + clearLocale + rewriteFacetCounts + + setProcessedDenies + + + + + + + + fingerprint + + + + + + afts + + false + false + 5 + 2 + 5 + true + true + 5 + 3 + + mltext@m___t@{http://www.alfresco.org/model/content/1.0}title + id + content@s___t@{http://www.alfresco.org/model/content/1.0}content + true + false + + {!alfrescoReRank reRankQuery=$rqq reRankDocs=500 scale=true reRankWeight=3} + {!rrafts}RERANK_QUERY_FROM_CONTEXT + + rrafts + + + setLocale + rewriteFacetParameters + consistencyComponent + query + facet + mlt + highlight + stats + debug + clearLocale + rewriteFacetCounts + + spellcheck + spellcheckbackcompat + setProcessedDenies + clustering + + + + + + + cmis + + + setLocale + rewriteFacetParameters + consistencyComponent + query + facet + mlt + highlight + stats + debug + clearLocale + rewriteFacetCounts + + setProcessedDenies + + + + + + + + QUERY_PHASE + + + RERANK_PHASE + + + + + + conf/mime_types.csv + + + + 1 + 10 + + + + + + + + + + + + diff --git a/templates/solrconfig.xml.archive.j2 b/templates/solrconfig.xml.archive.j2 new file mode 100644 index 0000000..977be87 --- /dev/null +++ b/templates/solrconfig.xml.archive.j2 @@ -0,0 +1,1929 @@ + + + + + + + + + 4.9 + + + + + + + + ${data.dir.root}/${data.dir.store} + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ${merger.maxMergeCount:6} + ${merger.maxThreadCount:3} + + + + + ${solr.lock.type:native} + + + + + + + + + + + + + + + + + + + + + + true + + + + + + + + + + + + + + + + + + + + ${solr.autoCommit.maxTime:-1} + false + + + + + + ${solr.autoSoftCommit.maxTime:-1} + + + + + + + + + + + + + + + + + + ${solr.maxBooleanClauses:10000} + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + true + + + + + + ${solr.queryResultWindowSize:512} + + + ${solr.queryResultMaxDocsCached:2048} + + + + + + + + + + + + false + + + 2 + + + + + + + + + + + + + + + + + + + + + + + + afts + explicit + 10 + suggest + + + setLocale + rewriteFacetParameters + consistencyComponent + query + facet + mlt + highlight + stats + debug + clearLocale + rewriteFacetCounts + + spellcheck + spellcheckbackcompat + setProcessedDenies + + + + + + + + explicit + 10 + suggest + + + + + setLocale + rewriteFacetParameters + consistencyComponent + query + facet + mlt + highlight + stats + debug + clearLocale + rewriteFacetCounts + + setProcessedDenies + + + + + + + + + explicit + json + true + suggest + + + + + + + + + true + json + true + + + + + + + + + explicit + + + velocity + browse + layout + Solritas + + + edismax + + text^0.5 features^1.0 name^1.2 sku^1.5 id^10.0 manu^1.1 cat^1.4 + title^10.0 description^5.0 keywords^5.0 author^2.0 resourcename^1.0 + + text + 100% + *:* + 10 + *,score + + + text^0.5 features^1.0 name^1.2 sku^1.5 id^10.0 manu^1.1 cat^1.4 + title^10.0 description^5.0 keywords^5.0 author^2.0 resourcename^1.0 + + text,features,name,sku,id,manu,cat,title,description,keywords,author,resourcename + 3 + + + on + cat + manu_exact + content_type + author_s + ipod + GB + 1 + cat,inStock + after + price + 0 + 600 + 50 + popularity + 0 + 10 + 3 + manufacturedate_dt + NOW/YEAR-10YEARS + NOW + +1YEAR + before + after + + + on + content features title name + html + <b> + </b> + 0 + title + 0 + name + 3 + 200 + content + 750 + + + on + false + 5 + 2 + 5 + true + true + 5 + 3 + + + + + spellcheck + + + + + + + + + + + + + + application/json + + + + + application/csv + + + + + + + true + ignored_ + + + true + links + ignored_ + + + + + + + + + + + + + + + explicit + true + + + + + + + {% if solr_is_primary %} + + commit + startup + schema.xml,stopwords.txt + + {% endif %} + {% if solr_is_replica %} + + http://{{ solr_primary_host }}:{{ solr_primary_port }}/solr/archive/replication + 00:00:20 + internal + 5000 + 10000 + + {% endif %} + + + + + + + + text_shingle + + + + + + default + suggest + solr.DirectSolrSpellChecker + + internal + + 0.5 + + 2 + + 1 + + 5 + + 4 + + 0.01 + + + + + + wordbreak + suggest + solr.WordBreakSolrSpellChecker + true + true + 10 + 5 + + + + + + + + + + + suggest + + default + wordbreak + on + true + 10 + 5 + 5 + true + true + 10 + 5 + + + spellcheck + spellcheckbackcompat + + + + + + + shingleBasedSuggestions + ${solr.suggester.enabled:true} + + org.apache.solr.spelling.suggest.fst.WFSTLookupFactory + suggest + text_shingle + true + + + + + + true + 10 + shingleBasedSuggestions + + + suggest + + + + + + + + + + + + + text + true + + + tvComponent + + + + + + + lingo + + + org.carrot2.clustering.lingo.LingoClusteringAlgorithm + + + clustering/carrot2 + + + + + stc + org.carrot2.clustering.stc.STCClusteringAlgorithm + + + + + kmeans + org.carrot2.clustering.kmeans.BisectingKMeansClusteringAlgorithm + + + + + + + true + true + + mltext@m___t@{http://www.alfresco.org/model/content/1.0}title + + id + + content@s___t@{http://www.alfresco.org/model/content/1.0}content + + true + + + + false + + + edismax + + text^0.5 features^1.0 name^1.2 sku^1.5 id^10.0 manu^1.1 cat^1.4 + + *:* + 10 + *,score + + + clustering + + + + + + + + + + true + false + + + terms + + + + + + + + text___ + elevate.xml + + + + + + explicit + suggest + + + elevator + + + + + + + + + + + 100 + + + + + + + + 70 + + 0.5 + + [-\w ,/\n\"']{20,200} + + + + + + + ]]> + ]]> + + + + + + + + + + + + + + + + + + + + + + + + ,, + ,, + ,, + ,, + ,]]> + ]]> + + + + + + 10 + .,!? + + + + + + + WORD + + + en + US + + + + + + + + + + + + + + + + + + + + + + text/plain; charset=UTF-8 + + + + + + + + + 5 + + + + + + + + + + + + + + + + + + + + + + + + *:* + + + + + + + alfresco + + + setLocale + rewriteFacetParameters + consistencyComponent + query + facet + mlt + highlight + stats + debug + clearLocale + rewriteFacetCounts + + setProcessedDenies + + + + + + + + fingerprint + + + + + + afts + + false + false + 5 + 2 + 5 + true + true + 5 + 3 + + mltext@m___t@{http://www.alfresco.org/model/content/1.0}title + id + content@s___t@{http://www.alfresco.org/model/content/1.0}content + true + false + + {!alfrescoReRank reRankQuery=$rqq reRankDocs=500 scale=true reRankWeight=3} + {!rrafts}RERANK_QUERY_FROM_CONTEXT + + rrafts + + + setLocale + rewriteFacetParameters + consistencyComponent + query + facet + mlt + highlight + stats + debug + clearLocale + rewriteFacetCounts + + spellcheck + spellcheckbackcompat + setProcessedDenies + clustering + + + + + + + cmis + + + setLocale + rewriteFacetParameters + consistencyComponent + query + facet + mlt + highlight + stats + debug + clearLocale + rewriteFacetCounts + + setProcessedDenies + + + + + + + + QUERY_PHASE + + + RERANK_PHASE + + + + + + conf/mime_types.csv + + + + 1 + 10 + + + + + + + + + + + + diff --git a/templates/solrcore.properties.alfresco.j2 b/templates/solrcore.properties.alfresco.j2 new file mode 100644 index 0000000..754a9e0 --- /dev/null +++ b/templates/solrcore.properties.alfresco.j2 @@ -0,0 +1,92 @@ +### Replication +{% if solr_is_primary %} +enable.master=true +enable.slave=false +{% else %} +enable.master=false +enable.slave=true +{% endif %} + +data.dir.root={{ solr_content_dir }} +#point to any one of alfresco share node or balancer +alfresco.host={{ solr_alfresco_host }} +alfresco.port.ssl={{ solr_alfresco_ssl_port }} +alfresco.port={{ solr_alfresco_port }} +alfresco.secureComms={{ solr_alfresco_secure_comms }} +enable.alfresco.tracking=true + +alfresco.commitInterval=2000 +alfresco.contentStreamLimit=10000000 +alfresco.stores=workspace\://SpacesStore +alfresco.changeSetAclsBatchSize=500 +solr.pathCache.size=256 +solr.pathCache.initialSize=128 +solr.deniedCache.size=128 +solr.documentCache.autowarmCount=512 +solr.documentCache.initialSize=1024 +solr.filterCache.size=256 +solr.suggester.minSecsBetweenBuilds=3600 +solr.readerCache.initialSize=64 +#alfresco.port.ssl=8443 +solr.ownerCache.autowarmCount=0 +alfresco.encryption.ssl.keystore.passwordFileLocation=ssl-keystore-passwords.properties +alfresco.encryption.ssl.truststore.passwordFileLocation=ssl-truststore-passwords.properties +alfresco.transactionDocsBatchSize=500 +solr.authorityCache.size=128 +alfresco.recordUnindexedNodes=false +solr.documentCache.size=1024 +solr.filterCache.initialSize=128 +solr.maxBooleanClauses=10000 +data.dir.store=alfresco +solr.queryResultMaxDocsCached=2048 +alfresco.doPermissionChecks=true +alfresco.contentUpdateBatchSize=1000 +solr.deniedCache.initialSize=64 +alfresco.threadDaemon=true +alfresco.baseUrl=/alfresco +solr.queryResultCache.initialSize=1024 +solr.readerCache.size=128 +alfresco.newSearcherInterval=3000 +alfresco.encryption.ssl.keystore.provider= +alfresco.encryption.ssl.truststore.type=JCEKS +alfresco.batch.count=5000 +alfresco.topTermSpanRewriteLimit=1000 +alfresco.encryption.ssl.truststore.provider= +alfresco.encryption.ssl.keystore.type=JCEKS +alfresco.maximumPoolSize=-1 +solr.ownerCache.size=128 +solr.pathCache.autowarmCount=32 +alfresco.maxHostConnections=200 +alfresco.metadata.ignore.datatype.1=app\:configurations +alfresco.metadata.ignore.datatype.0=cm\:person +solr.authorityCache.initialSize=64 +solr.queryResultCache.autowarmCount=4 +alfresco.threadPriority=5 +alfresco.corePoolSize=8 +alfresco.metadata.skipDescendantDocsForSpecificAspects=false +solr.readerCache.autowarmCount=0 +alfresco.metadata.skipDescendantDocsForSpecificTypes=false +alfresco.encryption.ssl.keystore.location=ssl.repo.client.keystore +solr.filterCache.autowarmCount=32 +alfresco.socketTimeout=720000 +alfresco.template=rerank +alfresco.keepAliveTime=120 +solr.queryResultCache.size=1024 +alfresco.maxTotalConnections=200 +alfresco.hole.retention=3600000 +alfresco.version=5.2.1 +alfresco.contentReadBatchSize=100 +solr.deniedCache.autowarmCount=0 +alfresco.lag=1000 +alfresco.workQueueSize=-1 +alfresco.hole.check.after=300000 +alfresco.cron=0/10 * * * * ? * +alfresco.aclBatchSize=100 +alfresco.encryption.ssl.truststore.location=ssl.repo.client.truststore +solr.queryResultWindowSize=512 +solr.authorityCache.autowarmCount=4 +alfresco.postfilter=true +solr.ownerCache.initialSize=64 +shard.method=DB_ID +solr.suggester.enabled=false +alfresco.nodeBatchSize=100 diff --git a/templates/solrcore.properties.archive.j2 b/templates/solrcore.properties.archive.j2 new file mode 100644 index 0000000..de33348 --- /dev/null +++ b/templates/solrcore.properties.archive.j2 @@ -0,0 +1,96 @@ +### Replication +{% if solr_is_primary %} +enable.master=true +enable.slave=false +{% else %} +enable.master=false +enable.slave=true +{% endif %} + +data.dir.root={{ solr_content_dir }} +#point to any one of alfresco share node or balancer +alfresco.host={{ solr_alfresco_host }} +alfresco.port.ssl={{ solr_alfresco_ssl_port }} +alfresco.port={{ solr_alfresco_port }} +alfresco.secureComms={{ solr_alfresco_secure_comms }} +{% if solr_is_primary %} +enable.alfresco.tracking=true +{% else %} +enable.alfresco.tracking=false +{% endif %} + +alfresco.commitInterval=2000 +alfresco.contentStreamLimit=10000000 +alfresco.stores=archive\://SpacesStore +alfresco.changeSetAclsBatchSize=500 +solr.pathCache.size=256 +solr.pathCache.initialSize=128 +solr.deniedCache.size=128 +solr.documentCache.autowarmCount=512 +solr.documentCache.initialSize=1024 +solr.filterCache.size=256 +solr.suggester.minSecsBetweenBuilds=3600 +solr.readerCache.initialSize=64 +#alfresco.port.ssl=8443 +solr.ownerCache.autowarmCount=0 +alfresco.encryption.ssl.keystore.passwordFileLocation=ssl-keystore-passwords.properties +alfresco.encryption.ssl.truststore.passwordFileLocation=ssl-truststore-passwords.properties +alfresco.transactionDocsBatchSize=500 +solr.authorityCache.size=128 +alfresco.recordUnindexedNodes=false +solr.documentCache.size=1024 +solr.filterCache.initialSize=128 +solr.maxBooleanClauses=10000 +data.dir.store=archive +solr.queryResultMaxDocsCached=2048 +alfresco.doPermissionChecks=true +alfresco.contentUpdateBatchSize=1000 +solr.deniedCache.initialSize=64 +alfresco.threadDaemon=true +alfresco.baseUrl=/alfresco +solr.queryResultCache.initialSize=1024 +solr.readerCache.size=128 +alfresco.newSearcherInterval=3000 +alfresco.encryption.ssl.keystore.provider= +alfresco.encryption.ssl.truststore.type=JCEKS +alfresco.batch.count=5000 +alfresco.topTermSpanRewriteLimit=1000 +alfresco.encryption.ssl.truststore.provider= +alfresco.encryption.ssl.keystore.type=JCEKS +alfresco.maximumPoolSize=-1 +solr.ownerCache.size=128 +solr.pathCache.autowarmCount=32 +alfresco.maxHostConnections=200 +alfresco.metadata.ignore.datatype.1=app\:configurations +alfresco.metadata.ignore.datatype.0=cm\:person +solr.authorityCache.initialSize=64 +solr.queryResultCache.autowarmCount=4 +alfresco.threadPriority=5 +alfresco.corePoolSize=8 +alfresco.metadata.skipDescendantDocsForSpecificAspects=false +solr.readerCache.autowarmCount=0 +alfresco.metadata.skipDescendantDocsForSpecificTypes=false +alfresco.encryption.ssl.keystore.location=ssl.repo.client.keystore +solr.filterCache.autowarmCount=32 +alfresco.socketTimeout=720000 +alfresco.template=rerank +alfresco.keepAliveTime=120 +solr.queryResultCache.size=1024 +alfresco.maxTotalConnections=200 +alfresco.hole.retention=3600000 +alfresco.version=5.2.1 +alfresco.contentReadBatchSize=100 +solr.deniedCache.autowarmCount=0 +alfresco.lag=1000 +alfresco.workQueueSize=-1 +alfresco.hole.check.after=300000 +alfresco.cron=0/10 * * * * ? * +alfresco.aclBatchSize=100 +alfresco.encryption.ssl.truststore.location=ssl.repo.client.truststore +solr.queryResultWindowSize=512 +solr.authorityCache.autowarmCount=4 +alfresco.postfilter=true +solr.ownerCache.initialSize=64 +shard.method=DB_ID +solr.suggester.enabled=false +alfresco.nodeBatchSize=100 diff --git a/templates/web.xml.j2 b/templates/web.xml.j2 new file mode 100644 index 0000000..fe5ffea --- /dev/null +++ b/templates/web.xml.j2 @@ -0,0 +1,4712 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + default + org.apache.catalina.servlets.DefaultServlet + + debug + 0 + + + listings + false + + 1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + jsp + org.apache.jasper.servlet.JspServlet + + fork + false + + + xpoweredBy + false + + 3 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + default + / + + + + + jsp + *.jsp + *.jspx + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 30 + + + {% if ssl_enabled %} + + + + + Protected Context + /* + + + CONFIDENTIAL + + + {% endif %} + + + + + + + + + + + 123 + application/vnd.lotus-1-2-3 + + + 3dml + text/vnd.in3d.3dml + + + 3ds + image/x-3ds + + + 3g2 + video/3gpp2 + + + 3gp + video/3gpp + + + 7z + application/x-7z-compressed + + + aab + application/x-authorware-bin + + + aac + audio/x-aac + + + aam + application/x-authorware-map + + + aas + application/x-authorware-seg + + + abs + audio/x-mpeg + + + abw + application/x-abiword + + + ac + application/pkix-attr-cert + + + acc + application/vnd.americandynamics.acc + + + ace + application/x-ace-compressed + + + acu + application/vnd.acucobol + + + acutc + application/vnd.acucorp + + + adp + audio/adpcm + + + aep + application/vnd.audiograph + + + afm + application/x-font-type1 + + + afp + application/vnd.ibm.modcap + + + ahead + application/vnd.ahead.space + + + ai + application/postscript + + + aif + audio/x-aiff + + + aifc + audio/x-aiff + + + aiff + audio/x-aiff + + + aim + application/x-aim + + + air + application/vnd.adobe.air-application-installer-package+zip + + + ait + application/vnd.dvb.ait + + + ami + application/vnd.amiga.ami + + + anx + application/annodex + + + apk + application/vnd.android.package-archive + + + appcache + text/cache-manifest + + + application + application/x-ms-application + + + apr + application/vnd.lotus-approach + + + arc + application/x-freearc + + + art + image/x-jg + + + asc + application/pgp-signature + + + asf + video/x-ms-asf + + + asm + text/x-asm + + + aso + application/vnd.accpac.simply.aso + + + asx + video/x-ms-asf + + + atc + application/vnd.acucorp + + + atom + application/atom+xml + + + atomcat + application/atomcat+xml + + + atomsvc + application/atomsvc+xml + + + atx + application/vnd.antix.game-component + + + au + audio/basic + + + avi + video/x-msvideo + + + avx + video/x-rad-screenplay + + + aw + application/applixware + + + axa + audio/annodex + + + axv + video/annodex + + + azf + application/vnd.airzip.filesecure.azf + + + azs + application/vnd.airzip.filesecure.azs + + + azw + application/vnd.amazon.ebook + + + bat + application/x-msdownload + + + bcpio + application/x-bcpio + + + bdf + application/x-font-bdf + + + bdm + application/vnd.syncml.dm+wbxml + + + bed + application/vnd.realvnc.bed + + + bh2 + application/vnd.fujitsu.oasysprs + + + bin + application/octet-stream + + + blb + application/x-blorb + + + blorb + application/x-blorb + + + bmi + application/vnd.bmi + + + bmp + image/bmp + + + body + text/html + + + book + application/vnd.framemaker + + + box + application/vnd.previewsystems.box + + + boz + application/x-bzip2 + + + bpk + application/octet-stream + + + btif + image/prs.btif + + + bz + application/x-bzip + + + bz2 + application/x-bzip2 + + + c + text/x-c + + + c11amc + application/vnd.cluetrust.cartomobile-config + + + c11amz + application/vnd.cluetrust.cartomobile-config-pkg + + + c4d + application/vnd.clonk.c4group + + + c4f + application/vnd.clonk.c4group + + + c4g + application/vnd.clonk.c4group + + + c4p + application/vnd.clonk.c4group + + + c4u + application/vnd.clonk.c4group + + + cab + application/vnd.ms-cab-compressed + + + caf + audio/x-caf + + + cap + application/vnd.tcpdump.pcap + + + car + application/vnd.curl.car + + + cat + application/vnd.ms-pki.seccat + + + cb7 + application/x-cbr + + + cba + application/x-cbr + + + cbr + application/x-cbr + + + cbt + application/x-cbr + + + cbz + application/x-cbr + + + cc + text/x-c + + + cct + application/x-director + + + ccxml + application/ccxml+xml + + + cdbcmsg + application/vnd.contact.cmsg + + + cdf + application/x-cdf + + + cdkey + application/vnd.mediastation.cdkey + + + cdmia + application/cdmi-capability + + + cdmic + application/cdmi-container + + + cdmid + application/cdmi-domain + + + cdmio + application/cdmi-object + + + cdmiq + application/cdmi-queue + + + cdx + chemical/x-cdx + + + cdxml + application/vnd.chemdraw+xml + + + cdy + application/vnd.cinderella + + + cer + application/pkix-cert + + + cfs + application/x-cfs-compressed + + + cgm + image/cgm + + + chat + application/x-chat + + + chm + application/vnd.ms-htmlhelp + + + chrt + application/vnd.kde.kchart + + + cif + chemical/x-cif + + + cii + application/vnd.anser-web-certificate-issue-initiation + + + cil + application/vnd.ms-artgalry + + + cla + application/vnd.claymore + + + class + application/java + + + clkk + application/vnd.crick.clicker.keyboard + + + clkp + application/vnd.crick.clicker.palette + + + clkt + application/vnd.crick.clicker.template + + + clkw + application/vnd.crick.clicker.wordbank + + + clkx + application/vnd.crick.clicker + + + clp + application/x-msclip + + + cmc + application/vnd.cosmocaller + + + cmdf + chemical/x-cmdf + + + cml + chemical/x-cml + + + cmp + application/vnd.yellowriver-custom-menu + + + cmx + image/x-cmx + + + cod + application/vnd.rim.cod + + + com + application/x-msdownload + + + conf + text/plain + + + cpio + application/x-cpio + + + cpp + text/x-c + + + cpt + application/mac-compactpro + + + crd + application/x-mscardfile + + + crl + application/pkix-crl + + + crt + application/x-x509-ca-cert + + + cryptonote + application/vnd.rig.cryptonote + + + csh + application/x-csh + + + csml + chemical/x-csml + + + csp + application/vnd.commonspace + + + css + text/css + + + cst + application/x-director + + + csv + text/csv + + + cu + application/cu-seeme + + + curl + text/vnd.curl + + + cww + application/prs.cww + + + cxt + application/x-director + + + cxx + text/x-c + + + dae + model/vnd.collada+xml + + + daf + application/vnd.mobius.daf + + + dart + application/vnd.dart + + + dataless + application/vnd.fdsn.seed + + + davmount + application/davmount+xml + + + dbk + application/docbook+xml + + + dcr + application/x-director + + + dcurl + text/vnd.curl.dcurl + + + dd2 + application/vnd.oma.dd2+xml + + + ddd + application/vnd.fujixerox.ddd + + + deb + application/x-debian-package + + + def + text/plain + + + deploy + application/octet-stream + + + der + application/x-x509-ca-cert + + + dfac + application/vnd.dreamfactory + + + dgc + application/x-dgc-compressed + + + dib + image/bmp + + + dic + text/x-c + + + dir + application/x-director + + + dis + application/vnd.mobius.dis + + + dist + application/octet-stream + + + distz + application/octet-stream + + + djv + image/vnd.djvu + + + djvu + image/vnd.djvu + + + dll + application/x-msdownload + + + dmg + application/x-apple-diskimage + + + dmp + application/vnd.tcpdump.pcap + + + dms + application/octet-stream + + + dna + application/vnd.dna + + + doc + application/msword + + + docm + application/vnd.ms-word.document.macroenabled.12 + + + docx + application/vnd.openxmlformats-officedocument.wordprocessingml.document + + + dot + application/msword + + + dotm + application/vnd.ms-word.template.macroenabled.12 + + + dotx + application/vnd.openxmlformats-officedocument.wordprocessingml.template + + + dp + application/vnd.osgi.dp + + + dpg + application/vnd.dpgraph + + + dra + audio/vnd.dra + + + dsc + text/prs.lines.tag + + + dssc + application/dssc+der + + + dtb + application/x-dtbook+xml + + + dtd + application/xml-dtd + + + dts + audio/vnd.dts + + + dtshd + audio/vnd.dts.hd + + + dump + application/octet-stream + + + dv + video/x-dv + + + dvb + video/vnd.dvb.file + + + dvi + application/x-dvi + + + dwf + model/vnd.dwf + + + dwg + image/vnd.dwg + + + dxf + image/vnd.dxf + + + dxp + application/vnd.spotfire.dxp + + + dxr + application/x-director + + + ecelp4800 + audio/vnd.nuera.ecelp4800 + + + ecelp7470 + audio/vnd.nuera.ecelp7470 + + + ecelp9600 + audio/vnd.nuera.ecelp9600 + + + ecma + application/ecmascript + + + edm + application/vnd.novadigm.edm + + + edx + application/vnd.novadigm.edx + + + efif + application/vnd.picsel + + + ei6 + application/vnd.pg.osasli + + + elc + application/octet-stream + + + emf + application/x-msmetafile + + + eml + message/rfc822 + + + emma + application/emma+xml + + + emz + application/x-msmetafile + + + eol + audio/vnd.digital-winds + + + eot + application/vnd.ms-fontobject + + + eps + application/postscript + + + epub + application/epub+zip + + + es3 + application/vnd.eszigno3+xml + + + esa + application/vnd.osgi.subsystem + + + esf + application/vnd.epson.esf + + + et3 + application/vnd.eszigno3+xml + + + etx + text/x-setext + + + eva + application/x-eva + + + evy + application/x-envoy + + + exe + application/octet-stream + + + exi + application/exi + + + ext + application/vnd.novadigm.ext + + + ez + application/andrew-inset + + + ez2 + application/vnd.ezpix-album + + + ez3 + application/vnd.ezpix-package + + + f + text/x-fortran + + + f4v + video/x-f4v + + + f77 + text/x-fortran + + + f90 + text/x-fortran + + + fbs + image/vnd.fastbidsheet + + + fcdt + application/vnd.adobe.formscentral.fcdt + + + fcs + application/vnd.isac.fcs + + + fdf + application/vnd.fdf + + + fe_launch + application/vnd.denovo.fcselayout-link + + + fg5 + application/vnd.fujitsu.oasysgp + + + fgd + application/x-director + + + fh + image/x-freehand + + + fh4 + image/x-freehand + + + fh5 + image/x-freehand + + + fh7 + image/x-freehand + + + fhc + image/x-freehand + + + fig + application/x-xfig + + + flac + audio/flac + + + fli + video/x-fli + + + flo + application/vnd.micrografx.flo + + + flv + video/x-flv + + + flw + application/vnd.kde.kivio + + + flx + text/vnd.fmi.flexstor + + + fly + text/vnd.fly + + + fm + application/vnd.framemaker + + + fnc + application/vnd.frogans.fnc + + + for + text/x-fortran + + + fpx + image/vnd.fpx + + + frame + application/vnd.framemaker + + + fsc + application/vnd.fsc.weblaunch + + + fst + image/vnd.fst + + + ftc + application/vnd.fluxtime.clip + + + fti + application/vnd.anser-web-funds-transfer-initiation + + + fvt + video/vnd.fvt + + + fxp + application/vnd.adobe.fxp + + + fxpl + application/vnd.adobe.fxp + + + fzs + application/vnd.fuzzysheet + + + g2w + application/vnd.geoplan + + + g3 + image/g3fax + + + g3w + application/vnd.geospace + + + gac + application/vnd.groove-account + + + gam + application/x-tads + + + gbr + application/rpki-ghostbusters + + + gca + application/x-gca-compressed + + + gdl + model/vnd.gdl + + + geo + application/vnd.dynageo + + + gex + application/vnd.geometry-explorer + + + ggb + application/vnd.geogebra.file + + + ggt + application/vnd.geogebra.tool + + + ghf + application/vnd.groove-help + + + gif + image/gif + + + gim + application/vnd.groove-identity-message + + + gml + application/gml+xml + + + gmx + application/vnd.gmx + + + gnumeric + application/x-gnumeric + + + gph + application/vnd.flographit + + + gpx + application/gpx+xml + + + gqf + application/vnd.grafeq + + + gqs + application/vnd.grafeq + + + gram + application/srgs + + + gramps + application/x-gramps-xml + + + gre + application/vnd.geometry-explorer + + + grv + application/vnd.groove-injector + + + grxml + application/srgs+xml + + + gsf + application/x-font-ghostscript + + + gtar + application/x-gtar + + + gtm + application/vnd.groove-tool-message + + + gtw + model/vnd.gtw + + + gv + text/vnd.graphviz + + + gxf + application/gxf + + + gxt + application/vnd.geonext + + + gz + application/x-gzip + + + h + text/x-c + + + h261 + video/h261 + + + h263 + video/h263 + + + h264 + video/h264 + + + hal + application/vnd.hal+xml + + + hbci + application/vnd.hbci + + + hdf + application/x-hdf + + + hh + text/x-c + + + hlp + application/winhlp + + + hpgl + application/vnd.hp-hpgl + + + hpid + application/vnd.hp-hpid + + + hps + application/vnd.hp-hps + + + hqx + application/mac-binhex40 + + + htc + text/x-component + + + htke + application/vnd.kenameaapp + + + htm + text/html + + + html + text/html + + + hvd + application/vnd.yamaha.hv-dic + + + hvp + application/vnd.yamaha.hv-voice + + + hvs + application/vnd.yamaha.hv-script + + + i2g + application/vnd.intergeo + + + icc + application/vnd.iccprofile + + + ice + x-conference/x-cooltalk + + + icm + application/vnd.iccprofile + + + ico + image/x-icon + + + ics + text/calendar + + + ief + image/ief + + + ifb + text/calendar + + + ifm + application/vnd.shana.informed.formdata + + + iges + model/iges + + + igl + application/vnd.igloader + + + igm + application/vnd.insors.igm + + + igs + model/iges + + + igx + application/vnd.micrografx.igx + + + iif + application/vnd.shana.informed.interchange + + + imp + application/vnd.accpac.simply.imp + + + ims + application/vnd.ms-ims + + + in + text/plain + + + ink + application/inkml+xml + + + inkml + application/inkml+xml + + + install + application/x-install-instructions + + + iota + application/vnd.astraea-software.iota + + + ipfix + application/ipfix + + + ipk + application/vnd.shana.informed.package + + + irm + application/vnd.ibm.rights-management + + + irp + application/vnd.irepository.package+xml + + + iso + application/x-iso9660-image + + + itp + application/vnd.shana.informed.formtemplate + + + ivp + application/vnd.immervision-ivp + + + ivu + application/vnd.immervision-ivu + + + jad + text/vnd.sun.j2me.app-descriptor + + + jam + application/vnd.jam + + + jar + application/java-archive + + + java + text/x-java-source + + + jisp + application/vnd.jisp + + + jlt + application/vnd.hp-jlyt + + + jnlp + application/x-java-jnlp-file + + + joda + application/vnd.joost.joda-archive + + + jpe + image/jpeg + + + jpeg + image/jpeg + + + jpg + image/jpeg + + + jpgm + video/jpm + + + jpgv + video/jpeg + + + jpm + video/jpm + + + js + application/javascript + + + jsf + text/plain + + + json + application/json + + + jsonml + application/jsonml+json + + + jspf + text/plain + + + kar + audio/midi + + + karbon + application/vnd.kde.karbon + + + kfo + application/vnd.kde.kformula + + + kia + application/vnd.kidspiration + + + kml + application/vnd.google-earth.kml+xml + + + kmz + application/vnd.google-earth.kmz + + + kne + application/vnd.kinar + + + knp + application/vnd.kinar + + + kon + application/vnd.kde.kontour + + + kpr + application/vnd.kde.kpresenter + + + kpt + application/vnd.kde.kpresenter + + + kpxx + application/vnd.ds-keypoint + + + ksp + application/vnd.kde.kspread + + + ktr + application/vnd.kahootz + + + ktx + image/ktx + + + ktz + application/vnd.kahootz + + + kwd + application/vnd.kde.kword + + + kwt + application/vnd.kde.kword + + + lasxml + application/vnd.las.las+xml + + + latex + application/x-latex + + + lbd + application/vnd.llamagraphics.life-balance.desktop + + + lbe + application/vnd.llamagraphics.life-balance.exchange+xml + + + les + application/vnd.hhe.lesson-player + + + lha + application/x-lzh-compressed + + + link66 + application/vnd.route66.link66+xml + + + list + text/plain + + + list3820 + application/vnd.ibm.modcap + + + listafp + application/vnd.ibm.modcap + + + lnk + application/x-ms-shortcut + + + log + text/plain + + + lostxml + application/lost+xml + + + lrf + application/octet-stream + + + lrm + application/vnd.ms-lrm + + + ltf + application/vnd.frogans.ltf + + + lvp + audio/vnd.lucent.voice + + + lwp + application/vnd.lotus-wordpro + + + lzh + application/x-lzh-compressed + + + m13 + application/x-msmediaview + + + m14 + application/x-msmediaview + + + m1v + video/mpeg + + + m21 + application/mp21 + + + m2a + audio/mpeg + + + m2v + video/mpeg + + + m3a + audio/mpeg + + + m3u + audio/x-mpegurl + + + m3u8 + application/vnd.apple.mpegurl + + + m4a + audio/mp4 + + + m4b + audio/mp4 + + + m4r + audio/mp4 + + + m4u + video/vnd.mpegurl + + + m4v + video/mp4 + + + ma + application/mathematica + + + mac + image/x-macpaint + + + mads + application/mads+xml + + + mag + application/vnd.ecowin.chart + + + maker + application/vnd.framemaker + + + man + text/troff + + + mar + application/octet-stream + + + mathml + application/mathml+xml + + + mb + application/mathematica + + + mbk + application/vnd.mobius.mbk + + + mbox + application/mbox + + + mc1 + application/vnd.medcalcdata + + + mcd + application/vnd.mcd + + + mcurl + text/vnd.curl.mcurl + + + mdb + application/x-msaccess + + + mdi + image/vnd.ms-modi + + + me + text/troff + + + mesh + model/mesh + + + meta4 + application/metalink4+xml + + + metalink + application/metalink+xml + + + mets + application/mets+xml + + + mfm + application/vnd.mfmp + + + mft + application/rpki-manifest + + + mgp + application/vnd.osgeo.mapguide.package + + + mgz + application/vnd.proteus.magazine + + + mid + audio/midi + + + midi + audio/midi + + + mie + application/x-mie + + + mif + application/x-mif + + + mime + message/rfc822 + + + mj2 + video/mj2 + + + mjp2 + video/mj2 + + + mk3d + video/x-matroska + + + mka + audio/x-matroska + + + mks + video/x-matroska + + + mkv + video/x-matroska + + + mlp + application/vnd.dolby.mlp + + + mmd + application/vnd.chipnuts.karaoke-mmd + + + mmf + application/vnd.smaf + + + mmr + image/vnd.fujixerox.edmics-mmr + + + mng + video/x-mng + + + mny + application/x-msmoney + + + mobi + application/x-mobipocket-ebook + + + mods + application/mods+xml + + + mov + video/quicktime + + + movie + video/x-sgi-movie + + + mp1 + audio/mpeg + + + mp2 + audio/mpeg + + + mp21 + application/mp21 + + + mp2a + audio/mpeg + + + mp3 + audio/mpeg + + + mp4 + video/mp4 + + + mp4a + audio/mp4 + + + mp4s + application/mp4 + + + mp4v + video/mp4 + + + mpa + audio/mpeg + + + mpc + application/vnd.mophun.certificate + + + mpe + video/mpeg + + + mpeg + video/mpeg + + + mpega + audio/x-mpeg + + + mpg + video/mpeg + + + mpg4 + video/mp4 + + + mpga + audio/mpeg + + + mpkg + application/vnd.apple.installer+xml + + + mpm + application/vnd.blueice.multipass + + + mpn + application/vnd.mophun.application + + + mpp + application/vnd.ms-project + + + mpt + application/vnd.ms-project + + + mpv2 + video/mpeg2 + + + mpy + application/vnd.ibm.minipay + + + mqy + application/vnd.mobius.mqy + + + mrc + application/marc + + + mrcx + application/marcxml+xml + + + ms + text/troff + + + mscml + application/mediaservercontrol+xml + + + mseed + application/vnd.fdsn.mseed + + + mseq + application/vnd.mseq + + + msf + application/vnd.epson.msf + + + msh + model/mesh + + + msi + application/x-msdownload + + + msl + application/vnd.mobius.msl + + + msty + application/vnd.muvee.style + + + mts + model/vnd.mts + + + mus + application/vnd.musician + + + musicxml + application/vnd.recordare.musicxml+xml + + + mvb + application/x-msmediaview + + + mwf + application/vnd.mfer + + + mxf + application/mxf + + + mxl + application/vnd.recordare.musicxml + + + mxml + application/xv+xml + + + mxs + application/vnd.triscape.mxs + + + mxu + video/vnd.mpegurl + + + n-gage + application/vnd.nokia.n-gage.symbian.install + + + n3 + text/n3 + + + nb + application/mathematica + + + nbp + application/vnd.wolfram.player + + + nc + application/x-netcdf + + + ncx + application/x-dtbncx+xml + + + nfo + text/x-nfo + + + ngdat + application/vnd.nokia.n-gage.data + + + nitf + application/vnd.nitf + + + nlu + application/vnd.neurolanguage.nlu + + + nml + application/vnd.enliven + + + nnd + application/vnd.noblenet-directory + + + nns + application/vnd.noblenet-sealer + + + nnw + application/vnd.noblenet-web + + + npx + image/vnd.net-fpx + + + nsc + application/x-conference + + + nsf + application/vnd.lotus-notes + + + ntf + application/vnd.nitf + + + nzb + application/x-nzb + + + oa2 + application/vnd.fujitsu.oasys2 + + + oa3 + application/vnd.fujitsu.oasys3 + + + oas + application/vnd.fujitsu.oasys + + + obd + application/x-msbinder + + + obj + application/x-tgif + + + oda + application/oda + + + + odb + application/vnd.oasis.opendocument.database + + + + odc + application/vnd.oasis.opendocument.chart + + + + odf + application/vnd.oasis.opendocument.formula + + + odft + application/vnd.oasis.opendocument.formula-template + + + + odg + application/vnd.oasis.opendocument.graphics + + + + odi + application/vnd.oasis.opendocument.image + + + + odm + application/vnd.oasis.opendocument.text-master + + + + odp + application/vnd.oasis.opendocument.presentation + + + + ods + application/vnd.oasis.opendocument.spreadsheet + + + + odt + application/vnd.oasis.opendocument.text + + + oga + audio/ogg + + + ogg + audio/ogg + + + ogv + video/ogg + + + + ogx + application/ogg + + + omdoc + application/omdoc+xml + + + onepkg + application/onenote + + + onetmp + application/onenote + + + onetoc + application/onenote + + + onetoc2 + application/onenote + + + opf + application/oebps-package+xml + + + opml + text/x-opml + + + oprc + application/vnd.palm + + + org + application/vnd.lotus-organizer + + + osf + application/vnd.yamaha.openscoreformat + + + osfpvg + application/vnd.yamaha.openscoreformat.osfpvg+xml + + + otc + application/vnd.oasis.opendocument.chart-template + + + otf + font/otf + + + + otg + application/vnd.oasis.opendocument.graphics-template + + + + oth + application/vnd.oasis.opendocument.text-web + + + oti + application/vnd.oasis.opendocument.image-template + + + + otp + application/vnd.oasis.opendocument.presentation-template + + + + ots + application/vnd.oasis.opendocument.spreadsheet-template + + + + ott + application/vnd.oasis.opendocument.text-template + + + oxps + application/oxps + + + oxt + application/vnd.openofficeorg.extension + + + p + text/x-pascal + + + p10 + application/pkcs10 + + + p12 + application/x-pkcs12 + + + p7b + application/x-pkcs7-certificates + + + p7c + application/pkcs7-mime + + + p7m + application/pkcs7-mime + + + p7r + application/x-pkcs7-certreqresp + + + p7s + application/pkcs7-signature + + + p8 + application/pkcs8 + + + pas + text/x-pascal + + + paw + application/vnd.pawaafile + + + pbd + application/vnd.powerbuilder6 + + + pbm + image/x-portable-bitmap + + + pcap + application/vnd.tcpdump.pcap + + + pcf + application/x-font-pcf + + + pcl + application/vnd.hp-pcl + + + pclxl + application/vnd.hp-pclxl + + + pct + image/pict + + + pcurl + application/vnd.curl.pcurl + + + pcx + image/x-pcx + + + pdb + application/vnd.palm + + + pdf + application/pdf + + + pfa + application/x-font-type1 + + + pfb + application/x-font-type1 + + + pfm + application/x-font-type1 + + + pfr + application/font-tdpfr + + + pfx + application/x-pkcs12 + + + pgm + image/x-portable-graymap + + + pgn + application/x-chess-pgn + + + pgp + application/pgp-encrypted + + + pic + image/pict + + + pict + image/pict + + + pkg + application/octet-stream + + + pki + application/pkixcmp + + + pkipath + application/pkix-pkipath + + + plb + application/vnd.3gpp.pic-bw-large + + + plc + application/vnd.mobius.plc + + + plf + application/vnd.pocketlearn + + + pls + audio/x-scpls + + + pml + application/vnd.ctc-posml + + + png + image/png + + + pnm + image/x-portable-anymap + + + pnt + image/x-macpaint + + + portpkg + application/vnd.macports.portpkg + + + pot + application/vnd.ms-powerpoint + + + potm + application/vnd.ms-powerpoint.template.macroenabled.12 + + + potx + application/vnd.openxmlformats-officedocument.presentationml.template + + + ppam + application/vnd.ms-powerpoint.addin.macroenabled.12 + + + ppd + application/vnd.cups-ppd + + + ppm + image/x-portable-pixmap + + + pps + application/vnd.ms-powerpoint + + + ppsm + application/vnd.ms-powerpoint.slideshow.macroenabled.12 + + + ppsx + application/vnd.openxmlformats-officedocument.presentationml.slideshow + + + ppt + application/vnd.ms-powerpoint + + + pptm + application/vnd.ms-powerpoint.presentation.macroenabled.12 + + + pptx + application/vnd.openxmlformats-officedocument.presentationml.presentation + + + pqa + application/vnd.palm + + + prc + application/x-mobipocket-ebook + + + pre + application/vnd.lotus-freelance + + + prf + application/pics-rules + + + ps + application/postscript + + + psb + application/vnd.3gpp.pic-bw-small + + + psd + image/vnd.adobe.photoshop + + + psf + application/x-font-linux-psf + + + pskcxml + application/pskc+xml + + + ptid + application/vnd.pvi.ptid1 + + + pub + application/x-mspublisher + + + pvb + application/vnd.3gpp.pic-bw-var + + + pwn + application/vnd.3m.post-it-notes + + + pya + audio/vnd.ms-playready.media.pya + + + pyv + video/vnd.ms-playready.media.pyv + + + qam + application/vnd.epson.quickanime + + + qbo + application/vnd.intu.qbo + + + qfx + application/vnd.intu.qfx + + + qps + application/vnd.publishare-delta-tree + + + qt + video/quicktime + + + qti + image/x-quicktime + + + qtif + image/x-quicktime + + + qwd + application/vnd.quark.quarkxpress + + + qwt + application/vnd.quark.quarkxpress + + + qxb + application/vnd.quark.quarkxpress + + + qxd + application/vnd.quark.quarkxpress + + + qxl + application/vnd.quark.quarkxpress + + + qxt + application/vnd.quark.quarkxpress + + + ra + audio/x-pn-realaudio + + + ram + audio/x-pn-realaudio + + + rar + application/x-rar-compressed + + + ras + image/x-cmu-raster + + + rcprofile + application/vnd.ipunplugged.rcprofile + + + rdf + application/rdf+xml + + + rdz + application/vnd.data-vision.rdz + + + rep + application/vnd.businessobjects + + + res + application/x-dtbresource+xml + + + rgb + image/x-rgb + + + rif + application/reginfo+xml + + + rip + audio/vnd.rip + + + ris + application/x-research-info-systems + + + rl + application/resource-lists+xml + + + rlc + image/vnd.fujixerox.edmics-rlc + + + rld + application/resource-lists-diff+xml + + + rm + application/vnd.rn-realmedia + + + rmi + audio/midi + + + rmp + audio/x-pn-realaudio-plugin + + + rms + application/vnd.jcp.javame.midlet-rms + + + rmvb + application/vnd.rn-realmedia-vbr + + + rnc + application/relax-ng-compact-syntax + + + roa + application/rpki-roa + + + roff + text/troff + + + rp9 + application/vnd.cloanto.rp9 + + + rpss + application/vnd.nokia.radio-presets + + + rpst + application/vnd.nokia.radio-preset + + + rq + application/sparql-query + + + rs + application/rls-services+xml + + + rsd + application/rsd+xml + + + rss + application/rss+xml + + + rtf + application/rtf + + + rtx + text/richtext + + + s + text/x-asm + + + s3m + audio/s3m + + + saf + application/vnd.yamaha.smaf-audio + + + sbml + application/sbml+xml + + + sc + application/vnd.ibm.secure-container + + + scd + application/x-msschedule + + + scm + application/vnd.lotus-screencam + + + scq + application/scvp-cv-request + + + scs + application/scvp-cv-response + + + scurl + text/vnd.curl.scurl + + + sda + application/vnd.stardivision.draw + + + sdc + application/vnd.stardivision.calc + + + sdd + application/vnd.stardivision.impress + + + sdkd + application/vnd.solent.sdkm+xml + + + sdkm + application/vnd.solent.sdkm+xml + + + sdp + application/sdp + + + sdw + application/vnd.stardivision.writer + + + see + application/vnd.seemail + + + seed + application/vnd.fdsn.seed + + + sema + application/vnd.sema + + + semd + application/vnd.semd + + + semf + application/vnd.semf + + + ser + application/java-serialized-object + + + setpay + application/set-payment-initiation + + + setreg + application/set-registration-initiation + + + sfd-hdstx + application/vnd.hydrostatix.sof-data + + + sfs + application/vnd.spotfire.sfs + + + sfv + text/x-sfv + + + sgi + image/sgi + + + sgl + application/vnd.stardivision.writer-global + + + sgm + text/sgml + + + sgml + text/sgml + + + sh + application/x-sh + + + shar + application/x-shar + + + shf + application/shf+xml + + + + sid + image/x-mrsid-image + + + sig + application/pgp-signature + + + sil + audio/silk + + + silo + model/mesh + + + sis + application/vnd.symbian.install + + + sisx + application/vnd.symbian.install + + + sit + application/x-stuffit + + + sitx + application/x-stuffitx + + + skd + application/vnd.koan + + + skm + application/vnd.koan + + + skp + application/vnd.koan + + + skt + application/vnd.koan + + + sldm + application/vnd.ms-powerpoint.slide.macroenabled.12 + + + sldx + application/vnd.openxmlformats-officedocument.presentationml.slide + + + slt + application/vnd.epson.salt + + + sm + application/vnd.stepmania.stepchart + + + smf + application/vnd.stardivision.math + + + smi + application/smil+xml + + + smil + application/smil+xml + + + smv + video/x-smv + + + smzip + application/vnd.stepmania.package + + + snd + audio/basic + + + snf + application/x-font-snf + + + so + application/octet-stream + + + spc + application/x-pkcs7-certificates + + + spf + application/vnd.yamaha.smaf-phrase + + + spl + application/x-futuresplash + + + spot + text/vnd.in3d.spot + + + spp + application/scvp-vp-response + + + spq + application/scvp-vp-request + + + spx + audio/ogg + + + sql + application/x-sql + + + src + application/x-wais-source + + + srt + application/x-subrip + + + sru + application/sru+xml + + + srx + application/sparql-results+xml + + + ssdl + application/ssdl+xml + + + sse + application/vnd.kodak-descriptor + + + ssf + application/vnd.epson.ssf + + + ssml + application/ssml+xml + + + st + application/vnd.sailingtracker.track + + + stc + application/vnd.sun.xml.calc.template + + + std + application/vnd.sun.xml.draw.template + + + stf + application/vnd.wt.stf + + + sti + application/vnd.sun.xml.impress.template + + + stk + application/hyperstudio + + + stl + application/vnd.ms-pki.stl + + + str + application/vnd.pg.format + + + stw + application/vnd.sun.xml.writer.template + + + sub + text/vnd.dvb.subtitle + + + sus + application/vnd.sus-calendar + + + susp + application/vnd.sus-calendar + + + sv4cpio + application/x-sv4cpio + + + sv4crc + application/x-sv4crc + + + svc + application/vnd.dvb.service + + + svd + application/vnd.svd + + + svg + image/svg+xml + + + svgz + image/svg+xml + + + swa + application/x-director + + + swf + application/x-shockwave-flash + + + swi + application/vnd.aristanetworks.swi + + + sxc + application/vnd.sun.xml.calc + + + sxd + application/vnd.sun.xml.draw + + + sxg + application/vnd.sun.xml.writer.global + + + sxi + application/vnd.sun.xml.impress + + + sxm + application/vnd.sun.xml.math + + + sxw + application/vnd.sun.xml.writer + + + t + text/troff + + + t3 + application/x-t3vm-image + + + taglet + application/vnd.mynfc + + + tao + application/vnd.tao.intent-module-archive + + + tar + application/x-tar + + + tcap + application/vnd.3gpp2.tcap + + + tcl + application/x-tcl + + + teacher + application/vnd.smart.teacher + + + tei + application/tei+xml + + + teicorpus + application/tei+xml + + + tex + application/x-tex + + + texi + application/x-texinfo + + + texinfo + application/x-texinfo + + + text + text/plain + + + tfi + application/thraud+xml + + + tfm + application/x-tex-tfm + + + tga + image/x-tga + + + thmx + application/vnd.ms-officetheme + + + tif + image/tiff + + + tiff + image/tiff + + + tmo + application/vnd.tmobile-livetv + + + torrent + application/x-bittorrent + + + tpl + application/vnd.groove-tool-template + + + tpt + application/vnd.trid.tpt + + + tr + text/troff + + + tra + application/vnd.trueapp + + + trm + application/x-msterminal + + + tsd + application/timestamped-data + + + tsv + text/tab-separated-values + + + ttc + font/collection + + + ttf + font/ttf + + + ttl + text/turtle + + + twd + application/vnd.simtech-mindmapper + + + twds + application/vnd.simtech-mindmapper + + + txd + application/vnd.genomatix.tuxedo + + + txf + application/vnd.mobius.txf + + + txt + text/plain + + + u32 + application/x-authorware-bin + + + udeb + application/x-debian-package + + + ufd + application/vnd.ufdl + + + ufdl + application/vnd.ufdl + + + ulw + audio/basic + + + ulx + application/x-glulx + + + umj + application/vnd.umajin + + + unityweb + application/vnd.unity + + + uoml + application/vnd.uoml+xml + + + uri + text/uri-list + + + uris + text/uri-list + + + urls + text/uri-list + + + ustar + application/x-ustar + + + utz + application/vnd.uiq.theme + + + uu + text/x-uuencode + + + uva + audio/vnd.dece.audio + + + uvd + application/vnd.dece.data + + + uvf + application/vnd.dece.data + + + uvg + image/vnd.dece.graphic + + + uvh + video/vnd.dece.hd + + + uvi + image/vnd.dece.graphic + + + uvm + video/vnd.dece.mobile + + + uvp + video/vnd.dece.pd + + + uvs + video/vnd.dece.sd + + + uvt + application/vnd.dece.ttml+xml + + + uvu + video/vnd.uvvu.mp4 + + + uvv + video/vnd.dece.video + + + uvva + audio/vnd.dece.audio + + + uvvd + application/vnd.dece.data + + + uvvf + application/vnd.dece.data + + + uvvg + image/vnd.dece.graphic + + + uvvh + video/vnd.dece.hd + + + uvvi + image/vnd.dece.graphic + + + uvvm + video/vnd.dece.mobile + + + uvvp + video/vnd.dece.pd + + + uvvs + video/vnd.dece.sd + + + uvvt + application/vnd.dece.ttml+xml + + + uvvu + video/vnd.uvvu.mp4 + + + uvvv + video/vnd.dece.video + + + uvvx + application/vnd.dece.unspecified + + + uvvz + application/vnd.dece.zip + + + uvx + application/vnd.dece.unspecified + + + uvz + application/vnd.dece.zip + + + vcard + text/vcard + + + vcd + application/x-cdlink + + + vcf + text/x-vcard + + + vcg + application/vnd.groove-vcard + + + vcs + text/x-vcalendar + + + vcx + application/vnd.vcx + + + vis + application/vnd.visionary + + + viv + video/vnd.vivo + + + vob + video/x-ms-vob + + + vor + application/vnd.stardivision.writer + + + vox + application/x-authorware-bin + + + vrml + model/vrml + + + vsd + application/vnd.visio + + + vsf + application/vnd.vsf + + + vss + application/vnd.visio + + + vst + application/vnd.visio + + + vsw + application/vnd.visio + + + vtu + model/vnd.vtu + + + vxml + application/voicexml+xml + + + w3d + application/x-director + + + wad + application/x-doom + + + wav + audio/x-wav + + + wax + audio/x-ms-wax + + + + wbmp + image/vnd.wap.wbmp + + + wbs + application/vnd.criticaltools.wbs+xml + + + wbxml + application/vnd.wap.wbxml + + + wcm + application/vnd.ms-works + + + wdb + application/vnd.ms-works + + + wdp + image/vnd.ms-photo + + + weba + audio/webm + + + webm + video/webm + + + webp + image/webp + + + wg + application/vnd.pmi.widget + + + wgt + application/widget + + + wks + application/vnd.ms-works + + + wm + video/x-ms-wm + + + wma + audio/x-ms-wma + + + wmd + application/x-ms-wmd + + + wmf + application/x-msmetafile + + + + wml + text/vnd.wap.wml + + + + wmlc + application/vnd.wap.wmlc + + + + wmls + text/vnd.wap.wmlscript + + + + wmlsc + application/vnd.wap.wmlscriptc + + + wmv + video/x-ms-wmv + + + wmx + video/x-ms-wmx + + + wmz + application/x-msmetafile + + + woff + font/woff + + + woff2 + font/woff2 + + + wpd + application/vnd.wordperfect + + + wpl + application/vnd.ms-wpl + + + wps + application/vnd.ms-works + + + wqd + application/vnd.wqd + + + wri + application/x-mswrite + + + wrl + model/vrml + + + wsdl + application/wsdl+xml + + + wspolicy + application/wspolicy+xml + + + wtb + application/vnd.webturbo + + + wvx + video/x-ms-wvx + + + x32 + application/x-authorware-bin + + + x3d + model/x3d+xml + + + x3db + model/x3d+binary + + + x3dbz + model/x3d+binary + + + x3dv + model/x3d+vrml + + + x3dvz + model/x3d+vrml + + + x3dz + model/x3d+xml + + + xaml + application/xaml+xml + + + xap + application/x-silverlight-app + + + xar + application/vnd.xara + + + xbap + application/x-ms-xbap + + + xbd + application/vnd.fujixerox.docuworks.binder + + + xbm + image/x-xbitmap + + + xdf + application/xcap-diff+xml + + + xdm + application/vnd.syncml.dm+xml + + + xdp + application/vnd.adobe.xdp+xml + + + xdssc + application/dssc+xml + + + xdw + application/vnd.fujixerox.docuworks + + + xenc + application/xenc+xml + + + xer + application/patch-ops-error+xml + + + xfdf + application/vnd.adobe.xfdf + + + xfdl + application/vnd.xfdl + + + xht + application/xhtml+xml + + + xhtml + application/xhtml+xml + + + xhvml + application/xv+xml + + + xif + image/vnd.xiff + + + xla + application/vnd.ms-excel + + + xlam + application/vnd.ms-excel.addin.macroenabled.12 + + + xlc + application/vnd.ms-excel + + + xlf + application/x-xliff+xml + + + xlm + application/vnd.ms-excel + + + xls + application/vnd.ms-excel + + + xlsb + application/vnd.ms-excel.sheet.binary.macroenabled.12 + + + xlsm + application/vnd.ms-excel.sheet.macroenabled.12 + + + xlsx + application/vnd.openxmlformats-officedocument.spreadsheetml.sheet + + + xlt + application/vnd.ms-excel + + + xltm + application/vnd.ms-excel.template.macroenabled.12 + + + xltx + application/vnd.openxmlformats-officedocument.spreadsheetml.template + + + xlw + application/vnd.ms-excel + + + xm + audio/xm + + + xml + application/xml + + + xo + application/vnd.olpc-sugar + + + xop + application/xop+xml + + + xpi + application/x-xpinstall + + + xpl + application/xproc+xml + + + xpm + image/x-xpixmap + + + xpr + application/vnd.is-xpr + + + xps + application/vnd.ms-xpsdocument + + + xpw + application/vnd.intercon.formnet + + + xpx + application/vnd.intercon.formnet + + + xsl + application/xml + + + xslt + application/xslt+xml + + + xsm + application/vnd.syncml+xml + + + xspf + application/xspf+xml + + + xul + application/vnd.mozilla.xul+xml + + + xvm + application/xv+xml + + + xvml + application/xv+xml + + + xwd + image/x-xwindowdump + + + xyz + chemical/x-xyz + + + xz + application/x-xz + + + yang + application/yang + + + yin + application/yin+xml + + + z + application/x-compress + + + Z + application/x-compress + + + z1 + application/x-zmachine + + + z2 + application/x-zmachine + + + z3 + application/x-zmachine + + + z4 + application/x-zmachine + + + z5 + application/x-zmachine + + + z6 + application/x-zmachine + + + z7 + application/x-zmachine + + + z8 + application/x-zmachine + + + zaz + application/vnd.zzazz.deck+xml + + + zip + application/zip + + + zir + application/vnd.zul + + + zirz + application/vnd.zul + + + zmm + application/vnd.handheld-entertainment+xml + + + + + + + + + + + + + + + + + + index.html + index.htm + index.jsp + + +