From c8bb5f280fabb623187b53d05ddca75e3ffdb139 Mon Sep 17 00:00:00 2001 From: Lee Pepper Date: Tue, 13 Jul 2021 09:43:07 -0600 Subject: [PATCH 1/3] FTS 1.9 and UI 1.8.1 # Updates to docker file to clean up and move to yaml config # updates to start-fts.sh to move to config # added a default config shodul run with no env vars by deafult # to override config mount /opt/FTSConfig.yaml # removed unnecessary supervisord config --- Dockerfile | 42 ++++++++++++++----------------- FTSConfig.yaml | 34 +++++++++++++++++++++++++ start-fts.sh | 64 +++--------------------------------------------- supervisord.conf | 6 ++--- 4 files changed, 59 insertions(+), 87 deletions(-) create mode 100644 FTSConfig.yaml diff --git a/Dockerfile b/Dockerfile index 5b1ca50..c62129d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,25 +1,28 @@ FROM ubuntu:20.04 -MAINTAINER FreeTAKTeam +LABEL maintainer=FreeTAKTeam -ARG FTS_VERSION=1.7.5 +ARG FTS_VERSION=1.9 +ARG FTS_UI_VERSION=1.8.1 # UTC for buildtimes RUN ln -fs /usr/share/zoneinfo/UTC /etc/localtime #APT RUN apt-get update && \ - apt-get -y upgrade && \ - apt-get install -y libssl-dev libffi-dev curl python3 python3-pip libxml2-dev libxslt-dev python3-lxml python3-dev python3-setuptools build-essential + apt-get install -y libssl-dev libffi-dev curl python3 python3-pip libxml2-dev libxslt-dev python3-lxml python3-dev python3-setuptools build-essential &&\ + rm -rf /var/lib/apt/lists/* #PIP3 RUN pip3 install supervisor &&\ pip3 install requests &&\ pip3 install flask_login &&\ - pip3 install FreeTAKServer[ui]==${FTS_VERSION} && \ + pip3 install FreeTAKServer==${FTS_VERSION} && \ + pip3 install FreeTAKServer-UI==${FTS_UI_VERSION} && \ pip3 install defusedxml &&\ - pip3 install pyopenssl + pip3 install pyopenssl &&\ + pip3 install pytak # Create FTS user RUN addgroup --gid 1000 fts && \ @@ -48,23 +51,6 @@ EXPOSE 19023 # FTS UI port EXPOSE 5000 -# FTS Config changes -# The last two seds here are dirty and should be changed, this will break if main config changes! -RUN sed -i s=FreeTAKServerDataPackageDataBase.db=/data/database/DataPackageDataBase.db=g /usr/local/lib/python3.8/dist-packages/FreeTAKServer/controllers/configuration/DataPackageServerConstants.py && \ - sed -i s=FreeTAKServerDataPackageFolder=/data/FreeTAKServerDataPackageFolder=g /usr/local/lib/python3.8/dist-packages/FreeTAKServer/controllers/configuration/DataPackageServerConstants.py && \ - sed -i "s+self.PARENTPATH = .*+self.PARENTPATH = '\/data'+g" /usr/local/lib/python3.8/dist-packages/FreeTAKServer/controllers/configuration/LoggingConstants.py && \ - sed -i "s+self.LOGDIRECTORY = .*+self.LOGDIRECTORY = '/data/logs'+g" /usr/local/lib/python3.8/dist-packages/FreeTAKServer/controllers/configuration/LoggingConstants.py &&\ - sed -i 's+DBFilePath = .*+DBFilePath = "/data/database/FTSDataBase.db"+g' /usr/local/lib/python3.8/dist-packages/FreeTAKServer/controllers/configuration/MainConfig.py && \ - sed -e '52d;53d' -i /usr/local/lib/python3.8/dist-packages/FreeTAKServer/controllers/configuration/MainConfig.py &&\ - #Fix main path - sed -e '52i\ \ \ \ MainPath = "/data"' -i /usr/local/lib/python3.8/dist-packages/FreeTAKServer/controllers/configuration/MainConfig.py &&\ - #Set excessive config properties - chmod 777 /usr/local/lib/python3.8/dist-packages/FreeTAKServer/controllers/configuration/MainConfig.py && \ - chmod 777 /usr/local/lib/python3.8/dist-packages/FreeTAKServer/controllers/configuration - -# Hack to not have to wait for 1.8 to get performance -RUN sed -e '604i\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ time.sleep(0.01)' -i /usr/local/lib/python3.8/dist-packages/FreeTAKServer/controllers/services/FTS.py - # UI Config changes RUN sed -i 's/root/data/g' /usr/local/lib/python3.8/dist-packages/FreeTAKServer-UI/config.py &&\ sed -i 's+certpath = .*+certpath = "/data/certs/"+g' /usr/local/lib/python3.8/dist-packages/FreeTAKServer-UI/config.py &&\ @@ -73,10 +59,20 @@ RUN sed -i 's/root/data/g' /usr/local/lib/python3.8/dist-packages/FreeTAKServer- chmod 777 /usr/local/lib/python3.8/dist-packages/FreeTAKServer-UI/config.py &&\ chmod 777 /usr/local/lib/python3.8/dist-packages/FreeTAKServer-UI/ +# FTS MainConfig changes +RUN sed -i 's+first_start = .*+first_start = False+g' /usr/local/lib/python3.8/dist-packages/FreeTAKServer/controllers/configuration/MainConfig.py &&\ + sed -i 's/\r$//' /start-fts.sh + VOLUME ["/data"] +COPY FTSConfig.yaml /opt/FTSConfig.yaml +ENV IP=127.0.0.1 +ENV APPIP=0.0.0.0 # Use non root user +# TODO: Folder perms #USER fts + + ENTRYPOINT ["/bin/bash", "/start-fts.sh"] diff --git a/FTSConfig.yaml b/FTSConfig.yaml new file mode 100644 index 0000000..c60e1be --- /dev/null +++ b/FTSConfig.yaml @@ -0,0 +1,34 @@ +Addresses: + #FTS_COT_PORT: 8087 + #FTS_SSLCOT_PORT: 8089 + FTS_DP_ADDRESS: 0.0.0.0 + FTS_USER_ADDRESS: 0.0.0.0 + #FTS_API_PORT: 19023 + #FTS_FED_PORT: 9000 + FTS_API_ADDRESS: 0.0.0.0 +FileSystem: + FTS_DB_PATH: /data/database/FTSDataBase.db + #FTS_COT_TO_DB: True + FTS_MAINPATH: /data + #FTS_CERTS_PATH: /usr/local/lib/python3.8/dist-packages/FreeTAKServer/certs + #FTS_EXCHECK_PATH: /usr/local/lib/python3.8/dist-packages/FreeTAKServer/ExCheck + #FTS_EXCHECK_TEMPLATE_PATH: /usr/local/lib/python3.8/dist-packages/FreeTAKServer/ExCheck/template + #FTS_EXCHECK_CHECKLIST_PATH: /usr/local/lib/python3.8/dist-packages/FreeTAKServer/ExCheck/checklist + #FTS_DATAPACKAGE_PATH: /usr/local/lib/python3.8/dist-packages/FreeTAKServer/FreeTAKServerDataPackageFolder + #FTS_LOGFILE_PATH: /usr/local/lib/python3.8/dist-packages/FreeTAKServer/Logs + FTS_LOGFILE_PATH: /data/logs +Certs: + #FTS_SERVER_KEYDIR: /usr/local/lib/python3.8/dist-packages/FreeTAKServer/certs/server.key + #FTS_SERVER_PEMDIR: /usr/local/lib/python3.8/dist-packages/FreeTAKServer/certs/server.pem + #FTS_TESTCLIENT_PEMDIR: /usr/local/lib/python3.8/dist-packages/FreeTAKServer/certs/Client.pem + #FTS_TESTCLIENT_KEYDIR: /usr/local/lib/python3.8/dist-packages/FreeTAKServer/certs/Client.key + #FTS_UNENCRYPTED_KEYDIR: /usr/local/lib/python3.8/dist-packages/FreeTAKServer/certs/server.key.unencrypted + #FTS_SERVER_P12DIR: /usr/local/lib/python3.8/dist-packages/FreeTAKServer/certs/server.p12 + #FTS_CADIR: /usr/local/lib/python3.8/dist-packages/FreeTAKServer/certs/ca.pem + #FTS_CAKEYDIR: /usr/local/lib/python3.8/dist-packages/FreeTAKServer/certs/ca.key + #FTS_FEDERATION_CERTDIR: /usr/local/lib/python3.8/dist-packages/FreeTAKServer/certs/server.pem + #FTS_FEDERATION_KEYDIR: /usr/local/lib/python3.8/dist-packages/FreeTAKServer/certs/server.key + #FTS_CRLDIR: /usr/local/lib/python3.8/dist-packages/FreeTAKServer/certs/FTS_CRL.json + #FTS_FEDERATION_KEYPASS: demopassfed + #FTS_CLIENT_CERT_PASSWORD: demopasscert + #FTS_WEBSOCKET_KEY: YourWebsocketKey \ No newline at end of file diff --git a/start-fts.sh b/start-fts.sh index 9bd6e9f..3bade31 100644 --- a/start-fts.sh +++ b/start-fts.sh @@ -1,3 +1,5 @@ +#!/bin/bash + echo "###########################" echo "Preparing" echo "###########################" @@ -8,72 +10,12 @@ echo "Create logs folder" mkdir -p /data/logs/supervisor mkdir -p /data/database/ mkdir -p /data/certs/ClientPackages/ +mkdir -p /data/ExCheck/checklist/ echo "Set permissions on data folder" chmod -R 777 /data #Setting variables: -#DataPackageServiceDefaultIP -if [ -z "${DataPackageServiceDefaultIP}" ]; then - echo "Using default DataPackageServiceDefaultIP 0.0.0.0" -else - echo "Setting default user connection IP: ${DataPackageServiceDefaultIP}" - sed -i "s+DataPackageServiceDefaultIP = .*+DataPackageServiceDefaultIP = str(os.environ.get('FTS_DP_ADDRESS', \"${DataPackageServiceDefaultIP}\"))+g" /usr/local/lib/python3.8/dist-packages/FreeTAKServer/controllers/configuration/MainConfig.py - fi - -#UserConnectionIP -if [ -z "${UserConnectionIP}" ]; then - echo "Using default UserConnectionIP 0.0.0.0" -else - echo "Setting user connection IP: ${UserConnectionIP}" - sed -i "s+UserConnectionIP = .*+UserConnectionIP = str(os.environ.get('FTS_USER_ADDRESS', \"${UserConnectionIP}\"))+g" /usr/local/lib/python3.8/dist-packages/FreeTAKServer/controllers/configuration/MainConfig.py - fi - -#APIIP -if [ -z "${APIIP}" ]; then - echo "Using default APIIP 0.0.0.0" -else - echo "Setting user connection IP: ${APIIP}" - sed -i "s+APIIP = .*+APIIP = os.environ.get('FTS_API_ADDRESS', '"${APIIP}"')+g" /usr/local/lib/python3.8/dist-packages/FreeTAKServer/controllers/configuration/MainConfig.py - fi - - -#AllowedCLIIPs -if [ -z "${AllowedCLIIPs}" ]; then - echo "Using default AllowedCLIIPs [127.0.0.1]" -else - echo "Setting AllowedCLIIPs: ${AllowedCLIIPs}" - sed -i "s+AllowedCLIIPs = .*+AllowedCLIIPs = ['"${AllowedCLIIPs}"']+g" /usr/local/lib/python3.8/dist-packages/FreeTAKServer/controllers/configuration/MainConfig.py - fi - -#CLIIP -if [ -z "${CLIIP}" ]; then - echo "Using default CLIIP 127.0.0.1" -else - echo "Setting CLIIP: ${CLIIP}" - sed -i "s+CLIIP = .*+CLIIP = '"${CLIIP}"'+g" /usr/local/lib/python3.8/dist-packages/FreeTAKServer/controllers/configuration/MainConfig.py - fi - -#SaveCoTToDB -if [ -z "${SaveCoTToDB}" ]; then - echo "Using Default SaveCoTToDB (True)" -else - echo "Setting SaveCoTToDB to ${SaveCoTToDB}" - sed -i "s+SaveCoTToDB = .*+SaveCoTToDB = bool(os.environ.get('FTS_API_ADDRESS', '"${SaveCoTToDB}"'))+g" /usr/local/lib/python3.8/dist-packages/FreeTAKServer/controllers/configuration/MainConfig.py -fi - -if [ -z "${MSG}" ]; then - echo "Using Default Connection Message" -else - if [ "${MSG}" = "None" ]; then - echo "Using Default Connection Message" - else - echo "Setting Server Message: ${MSG}" - sed -i "s+ConnectionMessage = .*+ConnectionMessage = '${MSG}'+g" /usr/local/lib/python3.8/dist-packages/FreeTAKServer/controllers/configuration/MainConfig.py - fi -fi - - #UI Variables #IP diff --git a/supervisord.conf b/supervisord.conf index 31c22b5..87cd8dc 100644 --- a/supervisord.conf +++ b/supervisord.conf @@ -35,6 +35,6 @@ redirect_stderr=true environment=HOME="/home/fts",USER="fts" PIDFILE=/home/fts/fts-ui.pid -[eventlistener:quit_on_failure] -events=PROCESS_STATE_FATAL -command=/usr/local/bin/fatalexit +# [eventlistener:quit_on_failure] +# events=PROCESS_STATE_FATAL +# command=/usr/local/bin/fatalexit From 604fe563c6d629098ae0a76fd4937774eea9cdd2 Mon Sep 17 00:00:00 2001 From: Lee Pepper Date: Tue, 13 Jul 2021 14:38:30 -0600 Subject: [PATCH 2/3] Dropped pytak for ARM build --- Dockerfile | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index c62129d..a8a2130 100644 --- a/Dockerfile +++ b/Dockerfile @@ -21,8 +21,7 @@ RUN pip3 install supervisor &&\ pip3 install FreeTAKServer==${FTS_VERSION} && \ pip3 install FreeTAKServer-UI==${FTS_UI_VERSION} && \ pip3 install defusedxml &&\ - pip3 install pyopenssl &&\ - pip3 install pytak + pip3 install pyopenssl # Create FTS user RUN addgroup --gid 1000 fts && \ From ff610065133f6fb95d6911d070349eec6113fe9f Mon Sep 17 00:00:00 2001 From: Lee Pepper Date: Wed, 14 Jul 2021 06:22:28 -0600 Subject: [PATCH 3/3] adding apt upgrade back in from previous version --- Dockerfile | 1 + 1 file changed, 1 insertion(+) diff --git a/Dockerfile b/Dockerfile index 6f2e04e..2c23dfb 100644 --- a/Dockerfile +++ b/Dockerfile @@ -10,6 +10,7 @@ RUN ln -fs /usr/share/zoneinfo/UTC /etc/localtime #APT RUN apt-get update && \ + apt-get -y upgrade && \ apt-get install -y libssl-dev libffi-dev curl python3 python3-pip libxml2-dev libxslt-dev python3-lxml python3-dev python3-setuptools build-essential &&\ rm -rf /var/lib/apt/lists/*