Skip to content
Snippets Groups Projects
Commit 5d283abb authored by root's avatar root Committed by Marcelo Vilaça Pinheiro Soares
Browse files

Startup

parents 3b778369 9daa5bc2
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 312 additions and 136 deletions
Dockerfile
+ 15
7
View file @ 5d283abb
......@@ -2,17 +2,26 @@ FROM centos:7
# Install FTS
RUN yum install -y epel-release.noarch
RUN curl https://fts-repo.web.cern.ch/fts-repo/fts3-prod-el7.repo > /etc/yum.repos.d/fts3-prod-el7.repo
RUN curl https://dmc-repo.web.cern.ch/dmc-repo/dmc-el7.repo > /etc/yum.repos.d/dmc-el7.repo
RUN yum upgrade -y
RUN yum install -y gfal2-plugin-*
RUN yum install -y fts-server fts-client fts-rest fts-monitoring fts-mysql fts-msg mysql multitail
#RUN curl https://fts-repo.web.cern.ch/fts-repo/fts3-prod-el7.repo -o /etc/yum.repos.d/fts3-prod-el7.repo
#RUN curl https://dmc-repo.web.cern.ch/dmc-repo/dmc-el7.repo -o /etc/yum.repos.d/dmc-el7.repo
RUN curl http://fts-repo.web.cern.ch/fts-repo/fts3-rc-el7.repo -o /etc/yum.repos.d/fts3-prod-el7.repo
RUN curl http://dmc-repo.web.cern.ch/dmc-repo/dmc-rc-el7.repo -o /etc/yum.repos.d/dmc-el7.repo
RUN yum clean all && yum upgrade -y
RUN yum install -y gfal2-plugin-* --skip-broken
RUN yum install -y fts-server fts-client fts-rest fts-monitoring fts-mysql fts-msg fts-infosys
RUN yum install -y mysql MySQL-python fts-rest-oauth2 multitail
RUN yum install -y fts-server-selinux fts-rest-selinux fts-monitoring-selinux
RUN yum clean all
# Setup FTS security
COPY assets/fts/certs/hostcert_fts.pem /etc/grid-security/hostcert.pem
COPY assets/fts/certs/hostcert_fts.key.pem /etc/grid-security/hostkey.pem
RUN chmod 400 /etc/grid-security/hostkey.pem
COPY assets/fts/Sectigo/SectigoRSA* /etc/grid-security/certificates/
COPY assets/fts/Sectigo/USERTrustRSA-AAACA-xSign.crt /etc/grid-security/certificates/
#COPY assets/fts/Sectigo/SHA-2\ Root\ USERTrust\ RSA\ Certification\ Authority.crt /etc/grid-security/certificates/
# Database configuration for FTS server
COPY assets/fts/fts3config /etc/fts3/fts3config
......@@ -25,8 +34,7 @@ RUN echo "" > /etc/httpd/conf.d/ssl.conf &&\
echo "" > /etc/httpd/conf.d/userdir.conf &&\
echo "" > /etc/httpd/conf.d/welcome.conf &&\
echo "" > /etc/httpd/conf.d/zgridsite.conf &&\
echo "ServerName vm-131-154-97-104.cloud.cnaf.infn.it:443" >> /etc/httpd/conf/httpd.conf
# echo "LoadModule mpm_event_module modules/mod_mpm_event.so" >> /etc/httpd/conf/httpd.conf
echo "ServerName fts3-cnaf.cloud.cnaf.infn.it:80" >> /etc/httpd/conf/httpd.conf
# Entrypoint waiting script for MySQL
COPY assets/fts/wait-for-it.sh /usr/local/bin/wait-for-it.sh
......
assets/certs/hostcert.pem 0 → 100644
+ 139
0
View file @ 5d283abb
-----BEGIN CERTIFICATE-----
MIIHjDCCBXSgAwIBAgIRAJRI2xiNAyOXTnmpl1FqNmowDQYJKoZIhvcNAQEMBQAw
SjELMAkGA1UEBhMCTkwxGTAXBgNVBAoTEEdFQU5UIFZlcmVuaWdpbmcxIDAeBgNV
BAMTF0dFQU5UIGVTY2llbmNlIFNTTCBDQSA0MB4XDTIxMDIxMTAwMDAwMFoXDTIy
MDMxMzIzNTk1OVowgcgxEzARBgoJkiaJk/IsZAEZFgNvcmcxFjAUBgoJkiaJk/Is
ZAEZFgZ0ZXJlbmExEzARBgoJkiaJk/IsZAEZFgN0Y3MxCzAJBgNVBAYTAklUMREw
DwYDVQQHEwhGcmFzY2F0aTEuMCwGA1UEChMlSXN0aXR1dG8gTmF6aW9uYWxlIGRp
IEZpc2ljYSBOdWNsZWFyZTENMAsGA1UECxMEQ05BRjElMCMGA1UEAxMcZnRzMy1j
bmFmLmNsb3VkLmNuYWYuaW5mbi5pdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
AQoCggEBALNIRWcLFNAmAYcnt4dehV9g92oCL4RY25Kh236u3ewza94fdz9k/R9h
VUqBSEmCuB/fftdo16Cc6Q4HFBicR42UDSfZjuuq3gbcRK3U/gq/DDcW9yBlWnk/
DXg5wvSraAsC/uuXVeMjd02OpDXwvJEBWI/XSUsQqhvgSS4uOgMYHUhaIp9w5OdR
2cI5B66A3Bbrj9sTa681OZV34GcGYAsP0PjF/+DCEPtO8bHtEhUNsUEN0t2zEXe3
JS2WG3go43Z0nQqSHHkQxXWTXEqn1wqa746DRp1jjR+r4BYWb04jFZ1CI7PdS9pn
w1Zmo/uhQ9b5oWCnJqoMSL2/XTgxZYcCAwEAAaOCAuwwggLoMB8GA1UdIwQYMBaA
FJoriiLWjQzAKqVvZDM/lmBnFR2yMB0GA1UdDgQWBBRLuzfur1oTkPa/NtkxkDnm
PYJm0zAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggr
BgEFBQcDAQYIKwYBBQUHAwIwdQYDVR0gBG4wbDAMBgoqhkiG90wFAgIBMA0GCyqG
SIb3TAUCAwMCMA0GCyqGSIb3TAUCAwECMDQGCysGAQQBsjEBAgJPMCUwIwYIKwYB
BQUHAgEWF2h0dHBzOi8vc2VjdGlnby5jb20vQ1BTMAgGBmeBDAECAjBFBgNVHR8E
PjA8MDqgOKA2hjRodHRwOi8vR0VBTlQuY3JsLnNlY3RpZ28uY29tL0dFQU5UZVNj
aWVuY2VTU0xDQTQuY3JsMHsGCCsGAQUFBwEBBG8wbTBABggrBgEFBQcwAoY0aHR0
cDovL0dFQU5ULmNydC5zZWN0aWdvLmNvbS9HRUFOVGVTY2llbmNlU1NMQ0E0LmNy
dDApBggrBgEFBQcwAYYdaHR0cDovL0dFQU5ULm9jc3Auc2VjdGlnby5jb20wggED
BgorBgEEAdZ5AgQCBIH0BIHxAO8AdQBGpVXrdfqRIDC1oolp9PN9ESxBdL79SbiF
q/L8cP5tRwAAAXeRrnDrAAAEAwBGMEQCIBzmnwq4vz76/lP+aVrkRIBDYirVmH4s
bM1FyxgQzLvRAiAS1683DkqqIcN8ly9G5phB+RtfEhlW9VIoQLYOx2DVAAB2AN+l
Xqtogk8fbK3uuF9OPlrqzaISpGpejjsSwCBEXCpzAAABd5GucRMAAAQDAEcwRQIh
ANOzgav823RWBsrIL7s10KxWP8lo0O6z9A0d+0/3XZJ4AiA3PeW40q3YSo1RoOd5
cWk+j7HuJU2qu6SxQbjVVm/o2TAnBgNVHREEIDAeghxmdHMzLWNuYWYuY2xvdWQu
Y25hZi5pbmZuLml0MA0GCSqGSIb3DQEBDAUAA4ICAQA5UNPWKo4bWhe0wh91O/b0
5ykTrY42jyXEI9nEFBQuh+mSzLe03BpQQVh/QIGXekNO30AXbses67AhVoPrvhx7
WpnnvCzI0NxnTdtmVEz/vdrgYplgVpELqkovOVxbjmuX0Dvk/HjxgZNyxVwHJj33
2TC4uaNLeohsJ7G+0DfSBMot/Q838xrrT1Gvh2kEw+jKZ6Dd6hzugRhxoaCKygfb
O6zGf0CGKCSgFGOJpaycA1vAattQhp+G/ZNgjeAWQgE/wwKDWg37RRmuy3zsW0Xv
f4wZjaBWT0ZdTzIsbarIIApwj+gymOs8JOSRLmAVqvAGHyQRiUmh93r5yL9bgIZM
RzqDlaXzoQ5vT2hFyixeEEwjfRKf/hzsV1ArBLlKAuWj0+E2otigAjuPt2VfTcCp
SZjHybENgkc3r0ffIT8R0Flw6HbydwCXvnt9dOaeuCq6t6+KnXQQfdo8lDsvHewQ
DedCUKvnLtClW4Eg/nniKvDZwTusfhuwuTZzmWkBX+o1V7/ucgqfH/ppJ+E7s+qu
XA/bHsYfvIPJsNL8k8vY51HkoQRnQsDydSn0lXOMvOqXYdbLPy8B4PRsJD8z4vJe
K4hiAy+fBLdG1IZ/crt5CbX73IBQKXFYR1kxAAu9J33J/xakvKK+VwIZUZZqmmYD
PddWxzFxtJqB0J45rhU0ag==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIG6jCCBNKgAwIBAgIQN9uaOAbXCsc+ONHf725RKjANBgkqhkiG9w0BAQwFADCB
iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAw
MjE4MDAwMDAwWhcNMzMwNTAxMjM1OTU5WjBKMQswCQYDVQQGEwJOTDEZMBcGA1UE
ChMQR0VBTlQgVmVyZW5pZ2luZzEgMB4GA1UEAxMXR0VBTlQgZVNjaWVuY2UgU1NM
IENBIDQwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCUtBhby5HZ4dxN
stR0OaxF/QrC0FENJm59Na5LZzPwXqwTdaq1NJUZwMIrHTXavExQpGqzdqwIKNS0
liyLkTT54vTs5VPh5SYRFtVAX9NLkY+fUIu2icOEGfwlPR6VlYp+kiR2Vj4OwYhy
aM0tj66uaTCaAj3Rz99dN1s64Z1jw/wjckCLat/MGHL4crKuQErYyPfoK1s39BR/
gXis0E2anvfmuyAZ3YDOsAyGKpPhEj3Dxuiz5+qpqJIePs3Vgylyx/ZIoJEH/jAq
v7GbdVTsSfqyMlnyceF0pyGQ6Yzp1DkLw4Dg26zoOSckLYeICtRziSwzrMu3YLYW
VB6h1r0Nw/hnuXMYt6WgLYekfxuwapwbntbw5gAJpK63geBp3Hj7bWnrPb8aLjBz
eutA2St+Y6YodQ8PjbhUpaWVMGzz+c2YJK/xbxTAjWUPOdd8cNrM7ilaOrvbSaLz
e7aPBFWZMpg1kOva5J91qSdOmS45DHyyfT4Xk2X/3HhFRLkKA/cdJaEYE1I/p0P5
A2qFlMdr+QDx7Uar5Zvsbvrm0gn+MER1uq3xugoweC3iegHwQQh4YupAEamo1vPy
n04r3WPn86rLjpe0OLFvlM8CQtvTWV6wOXy3HTnIh8gFGxe/0Wu3XYBtPcJXlBMO
aV7NDi69LE9ZiYNF+wBZ6iUgVw3ZRQIDAQABo4IBizCCAYcwHwYDVR0jBBgwFoAU
U3m/WqorSs9UgOHYm8Cd8rIDZsswHQYDVR0OBBYEFJoriiLWjQzAKqVvZDM/lmBn
FR2yMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQW
MBQGCCsGAQUFBwMBBggrBgEFBQcDAjA4BgNVHSAEMTAvMC0GBFUdIAAwJTAjBggr
BgEFBQcCARYXaHR0cHM6Ly9zZWN0aWdvLmNvbS9DUFMwUAYDVR0fBEkwRzBFoEOg
QYY/aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUNlcnRpZmlj
YXRpb25BdXRob3JpdHkuY3JsMHYGCCsGAQUFBwEBBGowaDA/BggrBgEFBQcwAoYz
aHR0cDovL2NydC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUFkZFRydXN0Q0Eu
Y3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMA0GCSqG
SIb3DQEBDAUAA4ICAQAmpZcT3x9evRVo7pAAsdyTx3mmtbOGWIAQFQRiW4po1Jx9
9szSmymPrzDq0s1Lh7EL+sworQnNKEApLYpcFZ/ZeyjWPt+7D/SKGdjhFE9owf71
hNiwWBWzMHZWE/1lYpISw2gbclDk6Mp1GkDQhRVXQL5O6uXeouxNiKpAXZj8QFx7
Sk1kkuXewca4dFRTs9Oadec8ARnR+YzxhTE0p3m2rBkWL3zpNCtl+7zpPJm58eCc
8Oxt7ib/XwoZKE/tKKZ6rcA+kBL6X6xeim+DwVqToJW24yiqVAI2JYQw1741fqm8
lklFlkAoOTJTprMd3jIK2DKYvAXkZiAeY8eD85AVCJgC+DpD/0Oc3OpsP5kljGzF
2rUYGLutL1a9Uxd2YCGkqnAym2f2LsBo5u2+Znk5YzfD5xPSWBrs9K5UtE2G+5B0
iygvf+yl/+hcv4aN3zetNXbfsSArAR0ecdNkNtehXeVaFE7rIZUXFahzHn2cSOLO
n4vjBWKRHJc4lvlqhfz1jaPrcxS0BxaJq0VNrX3skPeajbVSsPAjXXVDh9I5qjdG
yMvAe5TUyUf752JKBN56Zi5mvz5ufbvULGcV4Frnwl2c2ySICF7KGIB+KGhGbgbf
tN6PKXHwC3gvRw9yzFSq6Rdwh7U+3AkmDel0rhdZnMTx2JryjQF/AeBKwkfrUQ==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIQOXJEOvkit1HX02wQ3TE1lTANBgkqhkiG9w0BAQwFADB7
MQswCQYDVQQGEwJHQjEbMBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYD
VQQHDAdTYWxmb3JkMRowGAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEhMB8GA1UE
AwwYQUFBIENlcnRpZmljYXRlIFNlcnZpY2VzMB4XDTE5MDMxMjAwMDAwMFoXDTI4
MTIzMTIzNTk1OVowgYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5
MRQwEgYDVQQHEwtKZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBO
ZXR3b3JrMS4wLAYDVQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0
aG9yaXR5MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAgBJlFzYOw9sI
s9CsVw127c0n00ytUINh4qogTQktZAnczomfzD2p7PbPwdzx07HWezcoEStH2jnG
vDoZtF+mvX2do2NCtnbyqTsrkfjib9DsFiCQCT7i6HTJGLSR1GJk23+jBvGIGGqQ
Ijy8/hPwhxR79uQfjtTkUcYRZ0YIUcuGFFQ/vDP+fmyc/xadGL1RjjWmp2bIcmfb
IWax1Jt4A8BQOujM8Ny8nkz+rwWWNR9XWrf/zvk9tyy29lTdyOcSOk2uTIq3XJq0
tyA9yn8iNK5+O2hmAUTnAU5GU5szYPeUvlM3kHND8zLDU+/bqv50TmnHa4xgk97E
xwzf4TKuzJM7UXiVZ4vuPVb+DNBpDxsP8yUmazNt925H+nND5X4OpWaxKXwyhGNV
icQNwZNUMBkTrNN9N6frXTpsNVzbQdcS2qlJC9/YgIoJk2KOtWbPJYjNhLixP6Q5
D9kCnusSTJV882sFqV4Wg8y4Z+LoE53MW4LTTLPtW//e5XOsIzstAL81VXQJSdhJ
WBp/kjbmUZIO8yZ9HE0XvMnsQybQv0FfQKlERPSZ51eHnlAfV1SoPv10Yy+xUGUJ
5lhCLkMaTLTwJUdZ+gQek9QmRkpQgbLevni3/GcV4clXhB4PY9bpYrrWX1Uu6lzG
KAgEJTm4Diup8kyXHAc/DVL17e8vgg8CAwEAAaOB8jCB7zAfBgNVHSMEGDAWgBSg
EQojPpbxB+zirynvgqV/0DCktDAdBgNVHQ4EFgQUU3m/WqorSs9UgOHYm8Cd8rID
ZsswDgYDVR0PAQH/BAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0gBAowCDAG
BgRVHSAAMEMGA1UdHwQ8MDowOKA2oDSGMmh0dHA6Ly9jcmwuY29tb2RvY2EuY29t
L0FBQUNlcnRpZmljYXRlU2VydmljZXMuY3JsMDQGCCsGAQUFBwEBBCgwJjAkBggr
BgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29tMA0GCSqGSIb3DQEBDAUA
A4IBAQAYh1HcdCE9nIrgJ7cz0C7M7PDmy14R3iJvm3WOnnL+5Nb+qh+cli3vA0p+
rvSNb3I8QzvAP+u431yqqcau8vzY7qN7Q/aGNnwU4M309z/+3ri0ivCRlv79Q2R+
/czSAaF9ffgZGclCKxO/WIu6pKJmBHaIkU4MiRTOok3JMrO66BQavHHxW/BBC5gA
CiIDEOUMsfnNkjcZ7Tvx5Dq2+UUTJnWvu6rvP3t3O9LEApE9GQDTF1w52z97GA1F
zZOFli9d31kWTz9RvdVFGD/tSo7oBmF0Ixa1DVBzJ0RHfxBdiSprhTEUxOipakyA
vGp4z7h/jnZymQyd/teRCBaho1+V
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIEMjCCAxqgAwIBAgIBATANBgkqhkiG9w0BAQUFADB7MQswCQYDVQQGEwJHQjEb
MBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRow
GAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEhMB8GA1UEAwwYQUFBIENlcnRpZmlj
YXRlIFNlcnZpY2VzMB4XDTA0MDEwMTAwMDAwMFoXDTI4MTIzMTIzNTk1OVowezEL
MAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE
BwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxITAfBgNVBAMM
GEFBQSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAL5AnfRu4ep2hxxNRUSOvkbIgwadwSr+GB+O5AL686tdUIoWMQua
BtDFcCLNSS1UY8y2bmhGC1Pqy0wkwLxyTurxFa70VJoSCsN6sjNg4tqJVfMiWPPe
3M/vg4aijJRPn2jymJBGhCfHdr/jzDUsi14HZGWCwEiwqJH5YZ92IFCokcdmtet4
YgNW8IoaE+oxox6gmf049vYnMlhvB/VruPsUK6+3qszWY19zjNoFmag4qMsXeDZR
rOme9Hg6jc8P2ULimAyrL58OAd7vn5lJ8S3frHRNG5i1R8XlKdH5kBjHYpy+g8cm
ez6KJcfA3Z3mNWgQIJ2P2N7Sw4ScDV7oL8kCAwEAAaOBwDCBvTAdBgNVHQ4EFgQU
oBEKIz6W8Qfs4q8p74Klf9AwpLQwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQF
MAMBAf8wewYDVR0fBHQwcjA4oDagNIYyaHR0cDovL2NybC5jb21vZG9jYS5jb20v
QUFBQ2VydGlmaWNhdGVTZXJ2aWNlcy5jcmwwNqA0oDKGMGh0dHA6Ly9jcmwuY29t
b2RvLm5ldC9BQUFDZXJ0aWZpY2F0ZVNlcnZpY2VzLmNybDANBgkqhkiG9w0BAQUF
AAOCAQEACFb8AvCb6P+k+tZ7xkSAzk/ExfYAWMymtrwUSWgEdujm7l3sAg9g1o1Q
GE8mTgHj5rCl7r+8dFRBv/38ErjHT1r0iWAFf2C3BUrz9vHCv8S5dIa2LX1rzNLz
Rt0vxuBqw8M0Ayx9lt1awg6nCpnBBYurDC/zXDrPbDdVCYfeU0BsWO/8tqtlbgT2
G9w84FoVxp7Z8VlIMCFlA2zs6SFz7JsDoeA3raAVGI/6ugLOpyypEBMs1OUIJqsi
l2D4kF501KKaU73yqWjgom7C12yxow+ev+to51byrvLjKzg6CYG1a4XXvi3tPxq3
smPi9WIsgtRqAEFQ8TmDn5XpNpaYbg==
-----END CERTIFICATE-----
assets/certs/hostkey.pem 0 → 100644
+ 28
0
View file @ 5d283abb
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAs0hFZwsU0CYBhye3h16FX2D3agIvhFjbkqHbfq7d7DNr3h93
P2T9H2FVSoFISYK4H99+12jXoJzpDgcUGJxHjZQNJ9mO66reBtxErdT+Cr8MNxb3
IGVaeT8NeDnC9KtoCwL+65dV4yN3TY6kNfC8kQFYj9dJSxCqG+BJLi46AxgdSFoi
n3Dk51HZwjkHroDcFuuP2xNrrzU5lXfgZwZgCw/Q+MX/4MIQ+07xse0SFQ2xQQ3S
3bMRd7clLZYbeCjjdnSdCpIceRDFdZNcSqfXCprvjoNGnWONH6vgFhZvTiMVnUIj
s91L2mfDVmaj+6FD1vmhYKcmqgxIvb9dODFlhwIDAQABAoIBAEy0A/V1GT+AszCm
/m9tMjS/YLs7GidOeQrAMw99MzdmPKU44yT9SQqO8xXAQDQrOClyzmrM0UxHNbKp
tqBc5IQfLo25F9ueLAXVYZDZyqLAYDKFoc97bXzoTBP+6nkRiJ8FdhlHkxhtyRIm
j/z/9T04zTIlUpdKFu18RPL8FhfSFqChV+LgleqSLZjwYLQ06l7Dk161FZprAl7q
QkMPlBc4sVTQgLSOjfCkZz9DNbI5C/0ZfQPN6GoGU+BY/+7DlFUFIxuLm/dMqC+0
W+FvIbAvfLpn9e0NTOQuj9f1KvNn0/H6VbDqVo9zlQgA9njVefiVJ8ezECdO8LBH
68o+kdECgYEAyDa5HNLRVZCB33Xw7x9b/DzDDaRQMUUcZJg3x0JYhVhbF4YJS0Ug
gyRliGBxcs6imLtlyaUAXINt8qldC9s6bZ6eaHoh3anKVCR9Xhwido/zlZnZvqKk
rcQzR/78khT0ZTO0yD1SLZlp3GiIf9kXb7+Vr2gzmIc6FWGpo6NYpu8CgYEA5TyB
IFkFs1/VBnCjWIdZsjaqUdutGl9IBLtAgeihs2BapDKeH7jhtP8zLxbc/IITt+os
xNoxVK1ykSA/vd9+oixxA8s9OLF8qYAVOHrERfZY5Zoocjs6zjczt1HYIMNOHviQ
azzXNqt3WMbTytgQdpt5mTxq5rRBFhF1atLF6ukCgYEAondtnYshXZqnGOs++Pvs
i/HOojpM7L5VPPgcgzA+Xu6E9MDKt+6/ZEvbrF/+j5hIb0HaZlfjxC7OwJRYse9T
KXMGvmclJhfK3J7DsOOJv8Yudp5jCIQ4t903c9vhnrUsYRclQzwnfGM6eSXGZmCG
2SKRV8Zp4AMTyhf3LZe2r7cCgYBmb+Er+VwIyhxBonf8CY/ViYQWzFnQXR+rrZmn
87K+m6IlmdD7T/zciuXudwMNe3sgRm73EKHWuyNlIsoZKRRHmCBwl5OmD/orLGdP
M90dfnY/M+I7Gaivmg9sLhCso1n3kQ/IPAnYDktoyoC+Nks1FUkDZvJGYepr2CVm
NQXocQKBgDVcDCmbTMOZxmzMM5MXTKHJlI/cZGjKS+ENkHNPzPbzZFBHgWG7a7YB
VLH1WeMsCQGg/38mA7QxSRgFU3NbIMUqhNz6lTbZXO8rZdZOc82u9YiynuJbRPb1
UEkqK5MHmQiY7V1tOTGKw1ZDTIybhJQ/liukhtxpK87EFbRUM9bw
-----END RSA PRIVATE KEY-----
assets/fts/certs/hostcert_fts.key.pem deleted 100644 → 0
+ 0
27
View file @ 3b778369
-----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEA1N4nyDnNgCxUbnxowHm8D9frz/WxIYMY/OLv8VXXsJyQ3oWM
UAuOavgVdiUVi8dgwrrDHLBaU56iQwx9Mj5z4L0wDOJPibbsCLsRF647vkKLSO/d
IJm5BC8/cCBznnkX5vAwAO74fhfbcaMpNRbbRk48FXssd4GfouzBvQlybAcsjUis
Oc0q+5FYPf6HYmhQGP/vqncMFyccCUPV4yxCO+jtehRsGC7guTtB+QDXQdOleaEO
qgrK+m/ga2X++Dmh49+xqQj+FH3d/Ia+WyAIPxXZ54DjNFwl3RGN8Y8REp2bruAt
QfLz0bD6/ZmOAFbFL0DDkr8/sa/vtVGRJ77YaQIDAQABAoIBAQCN/fKDeSs/SFK5
sHsfiRSNbPZ7reQN+qj8Z1SuoxhRUt6/0E2cR1kkuX93Y51PtBszSelEhc564OJT
30zT6xzY2Nnofj2YG1CvMjlglnR7oV/Ps1DJokDsLagfX0ZAe34aKjWbKczQL5HN
54xhQXHbH+ysV5F91hVqVIuXUWnl7FqlMXJ7iEd2wpMl6FDNqZUaKc7KEeJKPFHN
HqKz7uX7I9TSnMIv4SK7IUPBc0qP1s0W257SQ40ABktHilbWxFIhf5xr/HtnrvO6
lpn9TEC4XwGURAZIcvSDcnkakPna3uOuJhimaoyuz2eARo/4ZTfO9m0EMT3DAe4l
S0QGqk5BAoGBAP2qWmnuowajPg3VtMW9cuxEEKdPY/4Nt6R3VRhp5Ax1cAnRVuSV
BqO/HXyD1TUoprakioYtclvLIPj80tlFRyyAPPg7CF9CBlrZhRF2nmJiZ3iDKagI
DddHU2Dpw30MIR6WF4GggTOpGvAUSHP+I5qzZ+cP+DXSBLOjKUJQho59AoGBANbT
rmJC8zgA2TeqWMFaCO7IsLw2D4oE2juqqmnh1knQcLDumsl4aNl4fQT9qs00FOUC
Dssd4O+G5PYzoXgBEh9XreLkc66n3kzCxHcco/O+L1FT0Uc7ziYqI6sjhFf3oZPD
3Jx47Pc4X5GH0Hq7Z+RZ/Ik/Na6E2y05hljm1HldAoGBALAjUSLLjLI4OgebRCom
cZ1zaejzbKhlWAZAwnrwVGT+SuzWSrLwdCrRsyTZ2ftOneym9nVTK1xoAR5DWBl8
TH6vEScAvsB+dTEyZ38H0dTZJaX91bgS16GLqm7aA19aQ8kcSXg+Pljj7IuWWfUJ
HCn4t4YvhZfBnHgsLKMajUR1AoGBANCihJmpq8yYBl2pcslVR5egEQS4/B5u2ANa
nGZ4jkThypALKwi/iBSsj75pHZhtHF3MwdFCE1KND5CMVCTX5WHLJXVVqYPWRG8I
OQX1KsVtz0aMwJMN4gfupPVwaPeF58Y6UeclCf6PIUGVRUPs/dkoC7q/SMNVBAfH
9lIg2/mBAoGAF8Uo0fddAOcUvto1yH5a3pWuM/F4eHwmV/C7cLLy3R3ry6wjFuS0
sv0LRObwNU8Is1nYdzBcngDJkFNkkYGUowxMn13V85TYCfXX93IwwKiqQhRTYLvQ
RCA6LybZgH0J7djWzYYGvPpeq0RLwEd7GNjGp0Ujp+VM4Bzt3n7M3ro=
-----END RSA PRIVATE KEY-----
assets/fts/certs/hostcert_fts.pem deleted 100644 → 0
+ 0
85
View file @ 3b778369
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 108 (0x6c)
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=IT, O=IGI, CN=Test CA
Validity
Not Before: Nov 20 16:08:33 2014 GMT
Not After : Nov 17 16:08:33 2024 GMT
Subject: C=IT, O=IGI, CN=*.cloud.cnaf.infn.it
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (2048 bit)
Modulus (2048 bit):
00:d4:de:27:c8:39:cd:80:2c:54:6e:7c:68:c0:79:
bc:0f:d7:eb:cf:f5:b1:21:83:18:fc:e2:ef:f1:55:
d7:b0:9c:90:de:85:8c:50:0b:8e:6a:f8:15:76:25:
15:8b:c7:60:c2:ba:c3:1c:b0:5a:53:9e:a2:43:0c:
7d:32:3e:73:e0:bd:30:0c:e2:4f:89:b6:ec:08:bb:
11:17:ae:3b:be:42:8b:48:ef:dd:20:99:b9:04:2f:
3f:70:20:73:9e:79:17:e6:f0:30:00:ee:f8:7e:17:
db:71:a3:29:35:16:db:46:4e:3c:15:7b:2c:77:81:
9f:a2:ec:c1:bd:09:72:6c:07:2c:8d:48:ac:39:cd:
2a:fb:91:58:3d:fe:87:62:68:50:18:ff:ef:aa:77:
0c:17:27:1c:09:43:d5:e3:2c:42:3b:e8:ed:7a:14:
6c:18:2e:e0:b9:3b:41:f9:00:d7:41:d3:a5:79:a1:
0e:aa:0a:ca:fa:6f:e0:6b:65:fe:f8:39:a1:e3:df:
b1:a9:08:fe:14:7d:dd:fc:86:be:5b:20:08:3f:15:
d9:e7:80:e3:34:5c:25:dd:11:8d:f1:8f:11:12:9d:
9b:ae:e0:2d:41:f2:f3:d1:b0:fa:fd:99:8e:00:56:
c5:2f:40:c3:92:bf:3f:b1:af:ef:b5:51:91:27:be:
d8:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Subject Key Identifier:
D7:B5:B8:F2:25:B5:27:25:72:64:E6:91:09:D2:D4:52:ED:E5:E1:89
X509v3 Key Usage: critical
Digital Signature, Non Repudiation, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication, Microsoft Server Gated Crypto, Netscape Server Gated Crypto, E-mail Protection
X509v3 Authority Key Identifier:
keyid:91:77:36:7B:2E:B4:69:F3:27:EA:B7:F6:08:8B:4A:23:A2:11:49:C6
X509v3 Subject Alternative Name:
DNS:*.cloud.cnaf.infn.it
Signature Algorithm: sha1WithRSAEncryption
68:04:cd:18:ca:cf:bf:a3:a8:aa:d8:e7:0b:1c:c9:8b:12:a2:
1d:2e:4a:e7:d2:bd:70:0c:23:24:07:cc:9c:be:b8:8d:2d:74:
b7:d5:48:93:c7:c8:c1:64:b4:28:70:64:89:90:8b:76:94:63:
b6:00:bc:1c:9c:50:8e:d8:d4:43:97:97:38:e6:9c:c6:bb:65:
34:9f:5e:0c:b5:a7:19:6d:de:8f:41:a5:e0:74:47:bf:71:6f:
84:d7:4a:72:4c:bb:00:ba:e6:0b:cd:8b:d9:77:ee:b0:81:7a:
92:f1:3c:48:2d:42:d5:be:7e:71:64:95:5d:60:6e:76:30:f2:
bb:64:ff:3b:65:f0:17:a9:6d:d3:e6:1c:d6:b4:39:84:03:88:
c8:02:9e:ae:48:0e:c5:dd:3c:ed:89:46:10:da:86:57:1b:fb:
c3:e9:20:b8:87:77:31:56:7c:16:ec:52:1d:bb:50:71:51:1b:
0e:85:81:a0:37:ad:7d:18:63:32:7d:84:c9:5d:c9:73:ea:40:
20:08:45:53:4e:b5:26:df:9e:99:61:5e:49:ec:2f:44:83:15:
14:fe:38:03:9c:f8:5a:6a:6c:2b:d7:d1:d9:b6:6c:60:51:04:
af:4a:c8:c5:02:c5:7d:76:ec:c3:a2:e7:3e:01:79:b0:38:8a:
ab:8d:69:22
-----BEGIN CERTIFICATE-----
MIIDpTCCAo2gAwIBAgIBbDANBgkqhkiG9w0BAQUFADAtMQswCQYDVQQGEwJJVDEM
MAoGA1UECgwDSUdJMRAwDgYDVQQDDAdUZXN0IENBMB4XDTE0MTEyMDE2MDgzM1oX
DTI0MTExNzE2MDgzM1owOjELMAkGA1UEBhMCSVQxDDAKBgNVBAoMA0lHSTEdMBsG
A1UEAwwUKi5jbG91ZC5jbmFmLmluZm4uaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDU3ifIOc2ALFRufGjAebwP1+vP9bEhgxj84u/xVdewnJDehYxQ
C45q+BV2JRWLx2DCusMcsFpTnqJDDH0yPnPgvTAM4k+JtuwIuxEXrju+QotI790g
mbkELz9wIHOeeRfm8DAA7vh+F9txoyk1FttGTjwVeyx3gZ+i7MG9CXJsByyNSKw5
zSr7kVg9/odiaFAY/++qdwwXJxwJQ9XjLEI76O16FGwYLuC5O0H5ANdB06V5oQ6q
Csr6b+BrZf74OaHj37GpCP4Ufd38hr5bIAg/FdnngOM0XCXdEY3xjxESnZuu4C1B
8vPRsPr9mY4AVsUvQMOSvz+xr++1UZEnvthpAgMBAAGjgcIwgb8wDAYDVR0TAQH/
BAIwADAdBgNVHQ4EFgQU17W48iW1JyVyZOaRCdLUUu3l4YkwDgYDVR0PAQH/BAQD
AgXgMD4GA1UdJQQ3MDUGCCsGAQUFBwMBBggrBgEFBQcDAgYKKwYBBAGCNwoDAwYJ
YIZIAYb4QgQBBggrBgEFBQcDBDAfBgNVHSMEGDAWgBSRdzZ7LrRp8yfqt/YIi0oj
ohFJxjAfBgNVHREEGDAWghQqLmNsb3VkLmNuYWYuaW5mbi5pdDANBgkqhkiG9w0B
AQUFAAOCAQEAaATNGMrPv6OoqtjnCxzJixKiHS5K59K9cAwjJAfMnL64jS10t9VI
k8fIwWS0KHBkiZCLdpRjtgC8HJxQjtjUQ5eXOOacxrtlNJ9eDLWnGW3ej0Gl4HRH
v3FvhNdKcky7ALrmC82L2XfusIF6kvE8SC1C1b5+cWSVXWBudjDyu2T/O2XwF6lt
0+Yc1rQ5hAOIyAKerkgOxd087YlGENqGVxv7w+kguId3MVZ8FuxSHbtQcVEbDoWB
oDetfRhjMn2EyV3Jc+pAIAhFU061Jt+emWFeSewvRIMVFP44A5z4WmpsK9fR2bZs
YFEEr0rIxQLFfXbsw6LnPgF5sDiKq41pIg==
-----END CERTIFICATE-----
assets/fts/docker-entrypoint.sh deleted 100755 → 0
+ 0
11
View file @ 3b778369
#!/bin/bash
# wait for MySQL readiness
/usr/local/bin/wait-for-it.sh -h ftsdb -p 3306 -t 3600
# initialise / upgrade the database
mysql -u root -pfts -h ftsdb fts < /usr/share/fts-mysql/fts-schema-6.0.0.sql
# startup the FTS services
/usr/sbin/fts_server # main FTS server daemonizes
/usr/sbin/httpd -DFOREGROUND # FTS REST frontend & FTSMON
assets/fts/logshow deleted 100644 → 0
+ 0
2
View file @ 3b778369
#!/bin/bash
multitail -f /var/log/fts3/fts3server.log /var/log/fts3rest/fts3rest.log
assets/fts3-mon/autoindex.conf 0 → 100644
+ 1
0
View file @ 5d283abb
assets/fts3-mon/ftsmon.conf 0 → 100644
+ 109
0
View file @ 5d283abb
<IfModule !ssl_module>
LoadModule ssl_module modules/mod_ssl.so
</IfModule>
<IfModule !wsgi_module>
LoadModule wsgi_module modules/mod_wsgi.so
</IfModule>
<IfModule !version_module>
LoadModule version_module modules/mod_version.so
</IfModule>
# Monitoring in port 8449
Listen 8449
<VirtualHost *:8449>
# SSL configuration
SSLEngine On
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite RC4-SHA:AES128-SHA:HIGH:!aNULL:!MD5:!RC4
SSLHonorCipherOrder on
# Certificates
# SSLCertificateFile /etc/grid-security/hostcert.pem
# SSLCertificateKeyFile /etc/grid-security/hostkey.pem
SSLCertificateFile /certs/hostcert.pem
SSLCertificateKeyFile /certs/hostkey.pem
SSLCACertificatePath /etc/grid-security/certificates
SSLCARevocationPath /etc/grid-security/certificates
<IfVersion >= 2.4>
SSLCARevocationCheck chain
</IfVersion>
# Client certificate by default is optional
# The application will take care of more fine-grained authorization
# If you want, you can add require in order to force a client certificate
SSLVerifyClient optional
SSLVerifyDepth 10
SSLOptions +StdEnvVars
# Disable the session files of libgridsite
GridSiteGridHTTP off
GridSiteAutoPasscode off
# Mind that by default FTS3 Monitoring will require just a valid certificate
# for every path, except for the server overview (so no robot certificate is required
# by default for the Service Level feedback)
# That's why optional is the default
# If you want to do white-listing, have a look at this document
# http://httpd.apache.org/docs/2.0/ssl/ssl_howto.html#certauthenticate
# Django application
WSGIScriptAlias /fts3 /usr/share/fts3web/fts3web.wsgi
AllowEncodedSlashes On
# Run in a separate process
WSGIDaemonProcess fts3wmon processes=2 threads=10 maximum-requests=500 inactivity-timeout=60 display-name=fts3wmon
WSGIProcessGroup fts3wmon
<Location /fts3>
<IfVersion >= 2.4>
Require all granted
</IfVersion>
<IfVersion < 2.4>
Order allow,deny
Allow from all
</IfVersion>
</Location>
# Redirect to the monitoring webapp from the root
RewriteEngine On
RewriteRule ^/$ /fts3/ftsmon [R]
RewriteRule ^/ftsmon/ /fts3/ftsmon [R]
# Static content
Alias /fts3/media /usr/share/fts3web/media
<Location /media>
<IfVersion >= 2.4>
Require all granted
</IfVersion>
<IfVersion < 2.4>
Order allow,deny
Allow from all
</IfVersion>
SetOutputFilter DEFLATE
ExpiresActive On
ExpiresDefault "access plus 1 month"
</Location>
# FTS3 transfer logs
Alias /var/log/fts3/transfers /var/log/fts3/transfers
<Directory /var/log/fts3/transfers>
# This particular directory only server if a valid client certificate
# was provided
SSLVerifyClient require
<IfVersion >= 2.4>
Require all granted
</IfVersion>
<IfVersion < 2.4>
Order allow,deny
Allow from all
</IfVersion>
SetOutputFilter DEFLATE
ForceType text/plain
Options +Indexes
</Directory>
</VirtualHost>
assets/fts3-mon/ssl.conf 0 → 100644
+ 1
0
View file @ 5d283abb
assets/fts3-mon/userdir.conf 0 → 100644
+ 1
0
View file @ 5d283abb
assets/fts3-mon/welcome.conf 0 → 100644
+ 1
0
View file @ 5d283abb
assets/fts3-mon/zgridsite.conf 0 → 100644
+ 1
0
View file @ 5d283abb
assets/fts3-rest/autoindex.conf 0 → 100644
+ 1
0
View file @ 5d283abb
assets/fts/fts3rest.conf assets/fts3-rest/fts3rest.conf
+ 11
4
View file @ 5d283abb
......@@ -14,24 +14,31 @@
WSGISocketPrefix run/wsgi
#SiteName vm-131-154-97-104.cloud.cnaf.infn.it:443
# Enable REST interface in port 8446
Listen 8446
<VirtualHost *:8446>
# SSL configuration
SSLEngine On
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite RC4-SHA:AES128-SHA:HIGH:!aNULL:!MD5:!RC4
SSLHonorCipherOrder on
# Certificates
SSLCertificateFile /etc/grid-security/hostcert.pem
SSLCertificateKeyFile /etc/grid-security/hostkey.pem
# SSLCACertificateFile /etc/grid-security/certificates/5fca1cb1.0
# SSLCertificateFile /etc/grid-security/hostcert.pem
# SSLCertificateKeyFile /etc/grid-security/hostkey.pem
SSLCertificateFile /certs/hostcert.pem
SSLCertificateKeyFile /certs/hostkey.pem
SSLCACertificatePath /etc/grid-security/certificates
SSLCARevocationPath /etc/grid-security/certificates
# Require client certificate
SSLVerifyClient optional
SSLVerifyDepth 10
SSLOptions +StdEnvVars
# Disable the session files of libgridsite
GridSiteGridHTTP off
......
assets/fts3-rest/ssl.conf 0 → 100644
+ 1
0
View file @ 5d283abb
assets/fts3-rest/userdir.conf 0 → 100644
+ 1
0
View file @ 5d283abb
assets/fts3-rest/welcome.conf 0 → 100644
+ 1
0
View file @ 5d283abb
assets/fts3-rest/zgridsite.conf 0 → 100644
+ 1
0
View file @ 5d283abb
assets/fts/fts3config assets/fts3/fts3config
+ 0
0
View file @ 5d283abb
File moved
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment