diff --git a/README.md b/README.md
index 19381f04f0f64e333d8622d47ba75c4262894a80..4a459c924c93a07d3afc0d382f9e222f7bcf5d74 100644
--- a/README.md
+++ b/README.md
@@ -14,6 +14,7 @@ For further reference, please consider the following sections:
* [springdoc-openapi](https://springdoc.org/)
* [Spring Boot DevTools](https://docs.spring.io/spring-boot/docs/3.1.3/reference/htmlsingle/index.html#using.devtools)
* [Spring Security SAML2](https://docs.spring.io/spring-security/reference/servlet/saml2/login/overview.html)
+* [openapi-generator-maven-plugin](https://github.com/OpenAPITools/openapi-generator/blob/master/modules/openapi-generator-maven-plugin/README.md)
### Guides
@@ -26,6 +27,8 @@ The following guides illustrate how to use some features:
* [gRPC-Spring-Boot-Starter Documentation](https://yidongnan.github.io/grpc-spring-boot-starter/en/)
* [SAML with Spring Boot and Spring Security](https://www.baeldung.com/spring-security-saml)
* [Technical Dokumentation](https://wiki.mgm-tp.com/confluence/x/dwMkEw)
+* [Keycloak Configuration](https://git.ozg-sh.de/ozgcloud-app/antragsraum-server/src/branch/dev/documentation/KeycloakSetup.md)
+* [BayernId Implementation and configuration](documentation/BayernIdLogin.md)
Healthchecks are available at:
@@ -63,20 +66,7 @@ To change the local port of the management api you can use
or with docker compose by using something like:
```
- ozg-applicationroom:
- image: docker.ozg-sh.de/antragsraum-server:OZG-4803-0.1.0-SNAPSHOT
- platform: linux/amd64
- environment:
- - SPRING_PROFILES_ACTIVE=local
- - MANAGEMENT_SERVER_PORT=8081
- ozg-info-manager:
- image: docker.ozg-sh.de/info-manager:OZG-4804-0.1.0-SNAPSHOT
- platform: linux/amd64
- environment:
- - SPRING_DATA_MONGODB_HOST=ozg-mongodb
- - SPRING_PROFILES_ACTIVE=local
- - MANAGEMENT_SERVER_PORT=8084
- ozg-mongodb:
+ mongodb:
image: mongo:4
ports:
- "27017:27017"
@@ -84,6 +74,94 @@ or with docker compose by using something like:
- MONGODB_EXTRA_FLAGS=--profile=2
volumes:
- mongodb-data:/data/db
+ clamav:
+ ports:
+ - '3310:3310'
+ image: 'docker.ozg-sh.de/clamav/clamav:stable'
+ clamav-api:
+ image: benzino77/clamav-rest-api
+ command: [ '/usr/bin/wait-for-it', '-h', 'lt-clamav', '-p', '3310', '-s', '-t', '300', '--', 'npm', 'start' ]
+ depends_on:
+ - clamav
+ environment:
+ - NODE_ENV=production
+ - CLAMD_IP=lt-clamav
+ - APP_FORM_KEY=FILES
+ - APP_PORT=3000
+ - APP_MAX_FILE_SIZE=26214400
+ ports:
+ - "3000:3000"
+ info-manager:
+ image: 'docker.ozg-sh.de/info-manager:snapshot-latest'
+ platform: linux/amd64
+ ports:
+ - '9091:9091'
+ - '8084:8084'
+ environment:
+ - SPRING_DATA_MONGODB_HOST=lt-mongodb
+ - SPRING_DATA_MONGODB_PORT=27017
+ - SPRING_DATA_MONGODB_DATABASE=lt-info-manager
+ - GRPC_SERVER_PORT=9091
+ - SPRING_PROFILES_ACTIVE=default
+ - MANAGEMENT_SERVER_PORT=8084
+ - SERVER_PORT=8083
+ - logging_level_de_ozgcloud=INFO
+ info-manager-proxy:
+ image: 'docker.ozg-sh.de/info-manager-proxy:snapshot-latest'
+ ports:
+ - 8381:8082
+ environment:
+ - HTTP_SERVER_PORT=8082
+ - GRPC_SERVER_MOCK=false
+ - GRPC_URL=lt-info-manager:9091
+ - LOGGING_LEVEL=DEBUG
+ depends_on:
+ - info-manager
+ antragraum-server:
+ image: 'docker.ozg-sh.de/antragsraum-server:snapshot-latest'
+ platform: linux/amd64
+ ports:
+ - '9090:9090'
+ - '8080:8080'
+ - '8081:8081'
+ environment:
+ - SPRING_PROFILES_ACTIVE=lasttest
+ - ozgcloud_jwt_secret="346593nbdgb8e74t6vw477q34bg83456§$$%/&Hgvt78hlsjdgfw8äy.skeiw44tz asjkdefa wlfugwegw"
+ - ozgcloud_antragsraum_bayernid_redirect-url=http://localhost:8082
+ - clamav_scanUrl=http://clamav-api:3000/api/v1/scan
+ - logging_level_net_devh_boot_grpc=INFO
+ - logging_level_org_springframework_web=INFO
+ - SPRING_SECURITY_SAML2_RELYINGPARTY_REGISTRATION_BAYERNID_ENTITY-ID=https://sso.load.by.ozg-cloud.de/realms/by-antragsraum-idp
+ - SPRING_SECURITY_SAML2_RELYINGPARTY_REGISTRATION_BAYERNID_ASSERTINGPARTY_METADATA-URI=https://sso.dev.by.ozg-cloud.de/realms/by-antragsraum-idp/protocol/saml/descriptor
+ - SPRING_SECURITY_SAML2_RELYINGPARTY_REGISTRATION_BAYERNID_SIGNING_CREDENTIALS_0_PRIVATE-KEY-LOCATION=file:///idp.key
+ - SPRING_SECURITY_SAML2_RELYINGPARTY_REGISTRATION_BAYERNID_SIGNING_CREDENTIALS_0_CERTIFICATE-LOCATION=file:///idp.crt
+ - SPRING_SECURITY_SAML2_RELYINGPARTY_REGISTRATION_BAYERNID_DECRYPTION_CREDENTIALS_0_PRIVATE-KEY-LOCATION=file:///idp.key
+ - SPRING_SECURITY_SAML2_RELYINGPARTY_REGISTRATION_BAYERNID_DECRYPTION_CREDENTIALS_0_CERTIFICATE-LOCATION=file:///idp.crt
+ volumes:
+ - type: bind
+ source: bayernid-dev-sign.crt
+ target: /idp.crt
+ read_only: true
+ - type: bind
+ source: bayernid-dev-sign.key
+ target: /idp.key
+ read_only: true
+ antragraum-proxy:
+ image: 'docker.ozg-sh.de/antragsraum-proxy:v1.0.0-release'
+ ports:
+ - 8383:8082
+ environment:
+ - HTTP_SERVER_PORT=8082
+ - GRPC_SERVER_MOCK=false
+ - GRPC_SERVER_PORT=9093
+ deploy:
+ resources:
+ limits:
+ cpus: '0.001'
+ memory: 50M
+ reservations:
+ cpus: '0.0001'
+ memory: 20M
```
## Setting
@@ -91,11 +169,12 @@ or with docker compose by using something like:
Important settings
```
-grpc:
- client:
- info_manager:
- address: static://127.0.0.1:9090 # The address of the InfoManager
- negotiation-type: PLAINTEXT # The negotiation type.
+ozgcloud:
+ antragsraum:
+ nachricht-proxy:
+ base-url: http://localhost:8383
+ infomanager-proxy:
+ base-url: http://localhost:8381
clamav:
scanUrl: http://127.0.0.1:3000/api/v1/scan # The REST endpoint for virus scans
ozgcloud:
@@ -129,24 +208,6 @@ in the gRPC metadata JWT_TOKEN field. Must be at least 256 bit long
## Useful Tools
-### grpcurl
-
-A tool to end requests to a grpc service. Available [here](https://github.com/fullstorydev/grpcurl)
-
-Examples:
-
-Save NachrichtEvent into the InfoManager database
-
-```
-./grpcurl --plaintext -d '{"nachricht": {"postfachId": "28721c6f-b78f-4d5c-a048-19fd2fc429d2", "vorgangId":"6358fd0bee7a051389cdd787", "nachrichtId":"6358fd4146811d04010f44d1", "nachrichtenListUrl":"static://localhost:9090"}}' localhost:9091 de.mgm.bup.ozg.antragsraum.infomanager.NachrichtService.SaveNewNachricht
-```
-
-Query the InfoManager for available services
-
-```
-./grpcurl --plaintext localhost:9091 list
-```
-
### curl
A commandline too to perform http requests.
@@ -168,10 +229,12 @@ curl -F file=@</path/to/the/file/file_name> http://localhost:8080/api/file/6358
| Port | Application/Service | Addresses |
|-------|---------------------------|--------------------------------|
| 8080 | Antragsraum REST Services | http://localhost:8080/ |
+| 8383 | Antragsraum Proxy Api | http://localhost:8383/ |
| 8082 | Frontend | http://localhost:8082/ |
| 8083 | Antragsraum Actuator | http://localhost:8083/actuator |
| 8084 | Infomanager Actuator | http://localhost:8084/actuator |
| 9091 | Infomanager GRPC Service | |
+| 8381 | Infomanager Proxy Api | http://localhost:8381/ |
| 27027 | MongoDB | |
Only the SAML Login against the Keycloak can be used for local development.
@@ -183,17 +246,6 @@ This uses the settings defined in the application-local.yml file.
Within this file following must be configured:
```
-grpc:
- client:
- info_manager:
- address: static://127.0.0.1:9091
- negotiation-type: PLAINTEXT
- ozg_service:
- stubs:
- enabled: true
- grpc:
- client:
- negotiation-type: PLAINTEXT
spring:
security:
saml2:
@@ -224,18 +276,18 @@ Whe using the local Profile the redirect url in the antragsraum-client must be c
* [BayernId Implementation and configuration](documentation/BayernIdLogin.md)
* [Keycloak Configuration](https://git.ozg-sh.de/ozgcloud-app/antragsraum-server/src/branch/dev/documentation/KeycloakSetup.md)
-### Load Test Tools
+### Other Tools:
#### mujina idp
-Mujina is an SAML2 IdentityProvider for testing and if fully configurable using a REST Interface.
-In this project the mujina IDP is used for the load tests.
-Encryption of assertions is **not** supported.
+Mujina is an SAML2 IdentityProvider for testing and if fully configurable using a REST Interface. In this project the
+mujina IDP is used for the load tests. Encryption of assertions is not supported.
To use build the container and to use it following steps are necessary:
-* Clone the repository https://github.com/OpenConext/Mujina
-* build the container using maven in the directory mujina-idp. ```mvn spring-boot:build-image -DskipTests```
-* Tag the image ```docker tag mujina-idp:8.0.11 docker.ozg-sh.de/mujina-idp:8.0.11```
-* Push the image ```docker push docker.ozg-sh.de/mujina-idp:8.0.11```
+ Clone the repository https://github.com/OpenConext/Mujina
+ build the container using maven in the directory mujina-idp. mvn spring-boot:build-image -DskipTests
+ Tag the image docker tag mujina-idp:8.0.11 docker.ozg-sh.de/mujina-idp:8.0.11
+ Push the image docker push docker.ozg-sh.de/mujina-idp:8.0.11
+