Changeset 32346 for main

Show
Ignore:
Timestamp:
17.08.2018 22:09:16 (12 months ago)
Author:
ak19
Message:

Configuring tomcat works automatically. Still need to automate getting the certificate (and then later automate renewing the certificate, after first testing I can manually renew it.)

Location:
main/trunk/greenstone3
Files:
3 modified

Legend:

Unmodified
Added
Removed
  • main/trunk/greenstone3/build.properties.svn

    r32337 r32346  
    44## Tomcat installation 
    55 
    6 # The protocol (http, https) 
    7 server.protocol=http 
    8  
    96# Set this to the internet/intranet name of the machine that Tomcat is/will be  
    107# run on. localhost is fine for accessing the server from the local machine,  
    118# but not remotely 
    129tomcat.server=localhost 
     10 
     11# The default protocol: http, or https for security 
     12# If you wish to use both, set the default protocol here (https recommended), then 
     13# uncomment both tomcat.port.http and tomcat.port.https and set them to valid port numbers. 
     14server.protocol=http 
     15 
     16# At minimum, the tomcat.port matching the default server.protocol specified above 
     17# must be enabled (uncommented) below and be set to a valid port number. 
     18# You're allowed to enable both tomcat.port values here. 
    1319tomcat.port.http=8383 
    1420tomcat.port.https=8443 
     21# You must set a password if using https (if tomcat.port.https is uncommented above) 
     22keystore.pass= 
     23 
    1524# Tomcat's shutdown port - this may need to be changed if you are running two or more Tomcats 
    1625tomcat.shutdown.port=8305 
     26 
    1727# If tomcat is already running, enter the path to the base directory here 
    1828tomcat.installed.path= 
  • main/trunk/greenstone3/build.xml

    r32344 r32346  
    8585    <bool><not><available file="build.properties"/></not></bool> 
    8686    <copy file="build.properties.svn" tofile="build.properties"/> 
     87    <property name="first.run" /> 
    8788  </if> 
    8889 
     
    143144    Try setting tomcat.port.https=8443 
    144145      </fail> 
     146    </if> 
     147 
     148    <!--  
     149     Bail if https is enabled but the keystore password (keystore.pass property) is not set. 
     150     However, keystore.pass has no default value and is therefore not set as a rule. So don't bail when 'ant' is run for the first time to create buil.dprops from build.props.svn. But do bail if running ant.prepare and https enabled and password not set. 
     151     (Maybe put this entire section before the first target: so we only bail after all non-targets are executed so that any other first ever initialisation is completed?) 
     152    --> 
     153    <if> 
     154      <bool> 
     155    <and> 
     156      <isset property="tomcat.port.https"/> 
     157      <or> 
     158        <not><isset property="keystore.pass"/></not> 
     159        <matches string="${keystore.pass}" pattern="^\s*$"/> 
     160      </or> 
     161    </and> 
     162      </bool> 
     163      <if> 
     164    <bool><isset property="first.run"/></bool> 
     165    <echo>IMPORTANT: When tomcat.port.https is set in file build.properties, as now, 
     166    the keystore.pass property must be set to a non-empty value. 
     167    Either comment out tomcat.port.https if you don't want support for https, 
     168    or set keystore.pass.</echo> 
     169    <else> 
     170      <fail>... 
     171      ********* ERROR: tomcat.port.https in file build.properties is set, but its required keystore.pass property is not set or is set to the empty string. Choose a password for keystore.pass and set it in build.properties before proceeding. 
     172      </fail> 
     173    </else> 
     174      </if> 
    145175    </if> 
    146176 
     
    191221  </propertyfile> 
    192222 
     223  <!-- For setting filter tokens. 
     224       Used to set up server.xml when configuring tomcat --> 
     225  <property name="comment.start" value="&lt;!--" /> 
     226  <property name="comment.end" value="--&gt;" /> 
     227  <!-- originally, https redirectPort when using regular http port 8383 
     228  was always fixed at 8443. Now we use redirectPort=tomcat.port.https unless 
     229  it's not set, in which case we fall back to the original value of 8443. --> 
     230  <condition property="https.redirect.port" value="${tomcat.port.https}" else="8443">  
     231    <isset property="tomcat.port.https"/> 
     232  </condition> 
     233 
     234  <!-- if http is not enabled, comment out its Connecter element in server.xml --> 
     235  <condition property="http.comment.out.start" value="" else="${comment.start}"> 
     236    <isset property="tomcat.port.http"/> 
     237  </condition> 
     238  <condition property="http.comment.out.end" value="" else="${comment.end}"> 
     239    <isset property="tomcat.port.http"/> 
     240  </condition> 
     241  <!-- if https is not enabled, comment out its Connecter element in server.xml --> 
     242  <condition property="https.comment.out.start" value="" else="${comment.start}"> 
     243    <isset property="tomcat.port.https"/> 
     244  </condition> 
     245  <condition property="https.comment.out.end" value="" else="${comment.end}"> 
     246    <isset property="tomcat.port.https"/> 
     247  </condition> 
    193248 
    194249  <!-- now we've read in properties, apply defaults --> 
     
    16051660        tofile="${packages.home}/tomcat/conf/server.xml" overwrite="true"> 
    16061661      <filterset> 
    1607         <filter token="port" value="${internal.tomcat.port}"/> 
    16081662        <filter token="shutdown-port" value="${tomcat.shutdown.port}"/> 
     1663    <filter token="https.redirect.port" value="${https.redirect.port}"/> 
     1664    <filter token="tomcat.port.http" value="${tomcat.port.http}"/> 
     1665    <filter token="tomcat.port.https" value="${tomcat.port.https}"/> 
     1666    <filter token="keystore.file" value="${web.writablehome}/https_cert/${tomcat.server}.jks" /> 
     1667    <filter token="keystore.pass" value="${keystore.pass}"/> 
     1668    <filter token="http.comment.out.start" value="${http.comment.out.start}"/> 
     1669    <filter token="http.comment.out.end" value="${http.comment.out.end}"/> 
     1670    <filter token="https.comment.out.start" value="${https.comment.out.start}"/> 
     1671    <filter token="https.comment.out.end" value="${https.comment.out.end}"/> 
    16091672      </filterset> 
    16101673    </copy> 
  • main/trunk/greenstone3/resources/tomcat/server_tomcat7.xml.svn

    r32309 r32346  
    6868         Define a non-SSL HTTP/1.1 Connector on port @port@ 
    6969    --> 
    70     <Connector port="@port@" protocol="HTTP/1.1" 
     70    @http.comment.out.start@ 
     71    <Connector executor="tomcatThreadPool" 
     72           port="@tomcat.port.http@" protocol="HTTP/1.1" 
    7173               connectionTimeout="20000" 
    72                redirectPort="8443" 
     74               redirectPort="@https.redirect.port@" 
    7375           compression="on" 
    7476           compressionMinSize="524288" 
     
    7779               URIEncoding="UTF-8" 
    7880           /> 
     81    @http.comment.out.end@ 
    7982    <!-- A "Connector" using the shared thread pool--> 
    8083    <!-- 
    8184    <Connector executor="tomcatThreadPool" 
    82                port="8080" protocol="HTTP/1.1" 
     85               port="@tomcat.port.http@" protocol="HTTP/1.1" 
    8386               connectionTimeout="20000" 
    84                redirectPort="8443" /> 
     87               redirectPort="@https.redirect.port@" /> 
    8588    --> 
    8689    <!-- Define a SSL HTTP/1.1 Connector on port 8443 
     
    9396               clientAuth="false" sslProtocol="TLS" /> 
    9497    --> 
     98    @https.comment.out.start@ 
     99    <Connector port="@tomcat.port.https@" protocol="org.apache.coyote.http11.Http11Protocol" 
     100            maxThreads="150" SSLEnabled="true" scheme="https" secure="true" 
     101            keystoreFile="@keystore.file@" 
     102            keystorePass="@keystore.pass@" 
     103            clientAuth="false" sslProtocol="TLS" /> 
     104    @https.comment.out.end@ 
    95105 
    96106    <!-- Define an AJP 1.3 Connector on port 8009 --> 
    97     <Connector port="8009" protocol="AJP/1.3" URIEncoding="UTF-8" redirectPort="8443" /> 
    98  
     107    <Connector port="8009" protocol="AJP/1.3" URIEncoding="UTF-8" redirectPort="@https.redirect.port@" /> 
    99108 
    100109    <!-- An Engine represents the entry point (within Catalina) that processes