SSL support add with Traefik 2.0 deployment

Author: root

README.md

@@ -30,8 +30,13 @@ and create docker network for all the containers you would expose on the web
 
 ```docker network create traefik```
 
+By default you'll get SSL certificate provided by letsencrypt, please specify your email address if you need https support, for example:
+
+```export useremail=team@mydataverse.org```
+
 * Make sure you have docker and docker-compose installed
-* Run `docker-compose up` so start Dataverse
+* Run `docker-compose up` so start Dataverse on your domain name with SSL support
+* or run `docker-compose up -f docker-compose-local.yml` to try Dataverse on localhost
 
 Standalone Dataverse should be running on dataverse-dev.localhost or dataverse-dev.sshopencloud.eu if you've selected the domain.
 

docker-compose-local.yml

@@ -0,0 +1,112 @@
+version: '3'
+services:
+    reverse-proxy:
+    # The official v2 Traefik docker image
+      image: traefik:v2.2
+    # Enables the web UI and tells Traefik to listen to docker
+      command:
+      - "--api.insecure=true"
+      - "--providers.docker=true"
+      - "--providers.docker.exposedbydefault=false"
+      - "--entrypoints.web.address=:80"
+      - "--"
+      ports:
+      # The HTTP port
+      - "80:80"
+      # The Web UI (enabled by --api.insecure=true)
+      - "8089:8080"
+      volumes:
+      # So that Traefik can listen to the Docker events
+      - /var/run/docker.sock:/var/run/docker.sock
+
+    postgres:
+      container_name: postgres
+      ports:
+        - "5432:5432"
+      image: library/postgres:10.13
+      restart: unless-stopped
+
+      environment:
+        - "LC_ALL=C.UTF-8"
+        - "POSTGRES_DB=dvndb"
+        - "POSTGRES_USER=dvnuser"
+        - "POSTGRES_PASSWORD=dvnsecret"
+        - "POSTGRES_PORT=5432"
+      volumes:
+        - database-data:/var/lib/postgresql/data/ # persist data even if container shuts down
+
+    solr:
+      image: ekoindarto/solr-cvm:latest
+      container_name: solr
+      privileged: true
+      ports:
+        - "8983:8983"
+      environment:
+        - "SOLR_HOST=solr"
+        - "SOLR_PORT=8983"
+        - "SOLR_JAVA_MEM=-Xms1g -Xmx1g"
+      volumes:
+        - solr-data:/opt/solr/server/solr/collection1/data
+      labels:
+        - "traefik.enable=true"
+        - "traefik.http.routers.solr.rule=Host(`solr.${traefikhost}`)"
+        - "traefik.http.services.solr.loadbalancer.server.port=8983"
+
+    whoami:
+      image: "containous/whoami"
+      container_name: "whoami"
+      labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.whoami.entrypoints=web"
+      - "traefik.http.routers.whoami.rule=Host(`whoami.${traefikhost}`)"
+
+    dataverse:
+      image: ekoindarto/dataverse-cvm:5.0
+      container_name: dataverse
+      privileged: true
+      ports:
+        - "443:443"
+        - "4848:4848"
+        - "8085:8080"
+      environment:
+        - "CVM_SERVER_NAME=CESSDA" #Optional
+        - "CVM_SERVER_URL=http://cv.dataverse.org.ua"
+        - "CVM_TSV_SOURCE=https://raw.githubusercontent.com/ekoi/speeltuin/master/resources/CMM_Custom_MetadataBlock.tsv" #Optional
+        - "OLD_WAR_FILE=https://github.com/IQSS/dataverse-docker/releases/download/5.0.1-cvm/dataverse-5_0_cvm.war"
+        - "GIT_SOURCE=https://github.com/ekoi/dataverse"
+        - "GIT_BRANCH=v5.0-cvm-autocomplete"
+        - "LANG=en"
+        - "cvManager=http://"
+        - "BUNDLEPROPERTIES=Bundle.properties"
+        - "ADMIN_EMAIL=admin@localhost"
+        - "MAIL_SERVER=mailrelay"
+        - "POSTGRES_SERVER=postgres"
+        - "POSTGRES_PORT=5432"
+        - "POSTGRES_DATABASE=dvndb"
+        - "POSTGRES_USER=dvnuser"
+        - "PGPASSWORD=dvnsecret"
+        - "SOLR_LOCATION=solr:8983"
+        - "TWORAVENS_LOCATION=NOT INSTALLED"
+        - "RSERVE_HOST=localhost"
+        - "RSERVE_PORT=6311"
+        - "RSERVE_USER=rserve"
+        - "RSERVE_PASSWORD=rserve"
+        - "JVM_OPTS='-Xmx1g -Xms1g -XX:MaxPermSize=2g -XX:PermSize=2g'"
+      depends_on:
+        - postgres
+        - solr
+      volumes:
+        - dataverse-data:/usr/local/payara5/glassfish/domains/domain1/autodeploy
+      labels:
+        - "traefik.enable=true"
+        - "traefik.http.routers.dataverse.rule=Host(`dataverse-dev.${traefikhost}`)"
+        - "traefik.http.services.dataverse.loadbalancer.server.port=8080"
+volumes:
+  database-data:
+  solr-data:
+  dataverse-data:
+
+networks:
+  dvn:
+    driver: bridge
+

docker-compose.yml

@@ -15,7 +15,7 @@ services:
         - "--entrypoints.web.http.redirections.entryPoint.to=websecure"
         - "--entrypoints.web.http.redirections.entryPoint.scheme=https"
         - "--certificatesresolvers.myresolver.acme.tlschallenge=true" #Enable TLS-ALPN-01 to generate and renew ACME certs
-        - "--certificatesresolvers.myresolver.acme.email=team@coronawhy.org"
+        - "--certificatesresolvers.myresolver.acme.email=${useremail}"
         - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
         - "--certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web"
       ports:
@@ -124,7 +124,7 @@ services:
         - dataverse-data:/usr/local/payara5/glassfish/domains/domain1/autodeploy
       labels:
         - "traefik.enable=true"
-        - "traefik.http.routers.dataverse.rule=Host(`dataverse-dev.${traefikhost}`)"
+        - "traefik.http.routers.dataverse.rule=Host(`dataverse.${traefikhost}`)"
         - "traefik.http.services.dataverse.loadbalancer.server.port=8080"
         - "traefik.http.routers.dataverse.tls=true"
         - "traefik.http.routers.dataverse.tls.certresolver=myresolver"