From 5c65ae96383e358a141be986c35c403cca719604 Mon Sep 17 00:00:00 2001
From: PierreDelpy
Date: Wed, 26 Oct 2022 14:33:38 +0000
Subject: [PATCH 1/4] add port quick solution for ssl cert verification with
portnumber; genereate persistent connector password
---
ccp/nngm-compose.yml | 2 ++
ccp/nngm-setup.sh | 3 ++-
2 files changed, 4 insertions(+), 1 deletion(-)
diff --git a/ccp/nngm-compose.yml b/ccp/nngm-compose.yml
index c212fed..478af29 100644
--- a/ccp/nngm-compose.yml
+++ b/ccp/nngm-compose.yml
@@ -11,6 +11,8 @@ services:
NNGM_CTS_APIKEY: ${NNGM_CTS_APIKEY}
NNGM_CRYPTKEY: ${NNGM_CRYPTKEY}
restart: always
+ ports:
+ - "8080:8080"
labels:
- "traefik.enable=true"
- "traefik.http.routers.connector.rule=PathPrefix(`/ccp-connector`)"
diff --git a/ccp/nngm-setup.sh b/ccp/nngm-setup.sh
index 08a6d43..bd1b6aa 100644
--- a/ccp/nngm-setup.sh
+++ b/ccp/nngm-setup.sh
@@ -7,4 +7,5 @@ function nngmSetup() {
fi
}
-CONNECTOR_POSTGRES_PASSWORD="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 20)"
+#CONNECTOR_POSTGRES_PASSWORD="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 20)"
+CONNECTOR_POSTGRES_PASSWORD="$(echo -n /etc/bridgehead/pki/mannheim.priv.pem | sha256sum | head -c 20)"
From 3a668a1ccef395e8fada932bef6693edc23d8bf6 Mon Sep 17 00:00:00 2001
From: Martin Lablans
Date: Fri, 28 Oct 2022 10:26:17 +0200
Subject: [PATCH 2/4] Generate consistent nNGM Connector password
---
ccp/nngm-setup.sh | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/ccp/nngm-setup.sh b/ccp/nngm-setup.sh
index bd1b6aa..0a90813 100644
--- a/ccp/nngm-setup.sh
+++ b/ccp/nngm-setup.sh
@@ -5,7 +5,5 @@ function nngmSetup() {
log INFO "nNGM setup detected -- will start nNGM Connector."
OVERRIDE+="-f ./$PROJECT/nngm-compose.yml"
fi
+ CONNECTOR_POSTGRES_PASSWORD="$(echo \"This is a salt string to generate one consistent password. It is not required to be secret.\" | openssl rsautl -encrypt -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)"
}
-
-#CONNECTOR_POSTGRES_PASSWORD="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 20)"
-CONNECTOR_POSTGRES_PASSWORD="$(echo -n /etc/bridgehead/pki/mannheim.priv.pem | sha256sum | head -c 20)"
From 0cba5d315ad4303df8f8393551d4c9afaa026c13 Mon Sep 17 00:00:00 2001
From: Martin Lablans
Date: Fri, 28 Oct 2022 10:37:51 +0200
Subject: [PATCH 3/4] Sign, not encrypt, to avoid openssl salt
---
ccp/nngm-setup.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ccp/nngm-setup.sh b/ccp/nngm-setup.sh
index 0a90813..501d8ce 100644
--- a/ccp/nngm-setup.sh
+++ b/ccp/nngm-setup.sh
@@ -5,5 +5,5 @@ function nngmSetup() {
log INFO "nNGM setup detected -- will start nNGM Connector."
OVERRIDE+="-f ./$PROJECT/nngm-compose.yml"
fi
- CONNECTOR_POSTGRES_PASSWORD="$(echo \"This is a salt string to generate one consistent password. It is not required to be secret.\" | openssl rsautl -encrypt -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)"
+ CONNECTOR_POSTGRES_PASSWORD="$(echo \"This is a salt string to generate one consistent password. It is not required to be secret.\" | openssl rsautl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)"
}
From b232fdb926236ba0e8ca817ea6e2ebca59a66f1e Mon Sep 17 00:00:00 2001
From: "p.delpy@dkfz-heidelberg.de"
Date: Wed, 2 Nov 2022 09:30:57 +0100
Subject: [PATCH 4/4] remove http ports
---
ccp/nngm-compose.yml | 2 --
1 file changed, 2 deletions(-)
diff --git a/ccp/nngm-compose.yml b/ccp/nngm-compose.yml
index 478af29..c212fed 100644
--- a/ccp/nngm-compose.yml
+++ b/ccp/nngm-compose.yml
@@ -11,8 +11,6 @@ services:
NNGM_CTS_APIKEY: ${NNGM_CTS_APIKEY}
NNGM_CRYPTKEY: ${NNGM_CRYPTKEY}
restart: always
- ports:
- - "8080:8080"
labels:
- "traefik.enable=true"
- "traefik.http.routers.connector.rule=PathPrefix(`/ccp-connector`)"