Support SSL

3 years ago · c8bdf0e35a
5 changed files with 55 additions and 0 deletions
--- a/offline_deployment/README.md
+++ b/offline_deployment/README.md
@ -0,0 +1,23 @@
+# Doccano Offline Deployment
+
+## Use Case
+These offline deployment scripts are suited for deploying Doccano on an airgaped Ubuntu 18.04/20.04 virtual machine (VM 2) with no internet connectivity.
+
+The preparation requires another machine (VM 1) with internet access and `docker`/`docker-compose` preinstalled and running the same Ubuntu distribution as VM 2.  
+
+The focus is primarily on the `docker-compose`-based production deployment.
+
+## Setup Steps
+
+Run the following steps on VM 1:  
+1. Clone this repository  
+2. Run the scripts `offline_01_*.sh` in ascending order  
+   Skip OR modify and run the script `offline_01_1_2-optional_use_https`  
+
+Now, move over to VM 2  
+
+3. Copy the repository folder to VM 2  
+4. Run the scripts `offline_02_*.sh` in ascending order  
+5. Make minor changes on `docker-compose.prod.yml` to change the admin credentials  
+6. Run `docker-compose -f docker-compose.prod.yml up` or use the script `offline_03_*.sh`  
+
--- a/offline_deployment/offline_01_1_1-download_assets.sh
+++ b/offline_deployment/offline_01_1_1-download_assets.sh
--- a/offline_deployment/offline_01_1_2-optional_use_https.sh
+++ b/offline_deployment/offline_01_1_2-optional_use_https.sh
@ -0,0 +1,28 @@
+#!/usr/bin/env bash
+
+DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+cd $DIR
+cd ..
+unset DIR
+
+# create certificate pair
+sudo apt-get install openssl
+openssl req -new -newkey rsa:4096 -sha256 -nodes -x509 -keyout ./nginx/cert.key -out ./nginx/cert.crt \
+   -subj "/C=DE/ST=Bayern/L=Augsburg/O=Universität Augsburg/OU=Misit/CN=*.informatik.uni-augsburg.de"
+
+# define cert paths inside container
+$ssl_cert="/certs/cert.crt"
+$ssl_cert_key="/certs/cert.key"
+
+# edit nginx.conf
+sed -i "s|listen 80;|listen 443 ssl;\n    ssl_certificate $ssl_cert;\n    ssl_certificate_key $ssl_cert_key;|g" nginx/nginx.conf
+
+# edit nginx Dockerfile
+echo "RUN mkdir -p /certs/"                  >> nginx/Dockerfile
+echo "COPY ./nginx/cert.key /certs/cert.key" >> nginx/Dockerfile
+echo "COPY ./nginx/cert.crt /certs/cert.crt" >> nginx/Dockerfile
+
+# edit published port
+sed -i "s|- 80:80|- 443:443|g" docker-compose.prod.yml
+
+echo "Switched to HTTPS"
--- a/offline_deployment/offline_01_2-extract_Docker_images.sh
+++ b/offline_deployment/offline_01_2-extract_Docker_images.sh
@ -4,6 +4,10 @@ DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
 cd $DIR
 unset DIR

+# WORKAROUND: Downgrade docker-compose version to match Ubuntu 18.04 default compose package
+echo "Patching docker-compose to match Ubuntu 18.04 compose package"
+sed -i 's|version: "3.7"|version: "3.3"|g' ../docker-compose.prod.yml
+
 sed -i 's^dockerfile: app/Dockerfile.prod^dockerfile: app/Dockerfile.prod\n    image: doccano-app:custom^g' ../docker-compose.prod.yml
 sed -i 's^dockerfile: nginx/Dockerfile^dockerfile: nginx/Dockerfile\n    image: doccano-nginx:custom^g'     ../docker-compose.prod.yml

--- a/offline_deployment/offline_01_3-download_APT_packages.sh
+++ b/offline_deployment/offline_01_3-download_APT_packages.sh