Relocate the nginx auth sample
parent
0dd8066c97
commit
8159c6b710
|
@ -71,6 +71,9 @@ To import them, after all containers startup, go inside the kibana container, an
|
||||||
$ cd /kibana/beats-dashboards-1.0.1 && ./load.sh http://elasticsearch:9200
|
$ cd /kibana/beats-dashboards-1.0.1 && ./load.sh http://elasticsearch:9200
|
||||||
```
|
```
|
||||||
|
|
||||||
|
## [redis](redis)
|
||||||
|
A redis serer and a redis client (send a PING to the server).
|
||||||
|
|
||||||
## [registry_mirror](registry_mirror)
|
## [registry_mirror](registry_mirror)
|
||||||
docker registry mirror, with redis as the backend cache.
|
docker registry mirror, with redis as the backend cache.
|
||||||
|
|
||||||
|
|
|
@ -1,5 +1,8 @@
|
||||||
#bash fetch-config-block.sh dhanNodeOUf1 testchainid dhannodeouf1-bcsnativetest-iad.blockchain.test.ocp.oc-test.com:20003
|
# This should be run in env with fabric command line binaries including peer, configtxlator
|
||||||
#bash fetch-config-block.sh dhanNodeOUf1 nodeouchannel01 dhannodeouf1-bcsnativetest-iad.blockchain.test.ocp.oc-test.com:20003
|
|
||||||
|
#bash fetch-config-block.sh test01 dhentf9-oabcs1-iad.blockchain.ocp.oraclecloud.com:20003 dhentf9 ${PWD}/msp-dhentf9
|
||||||
|
#bash channel-update-config.sh test01 dhentf9-oabcs1-iad.blockchain.ocp.oraclecloud.com:20003 dhentf9 ${PWD}/msp-dhentf9
|
||||||
|
bash channel-update-config.sh channellist.txt dhentf9-oabcs1-iad.blockchain.ocp.oraclecloud.com:20003 dhentf9 ${PWD}/msp-dhentf9 msp1 msppath1
|
||||||
|
|
||||||
mspId=VolvoFounder
|
mspId=VolvoFounder
|
||||||
endorPolicy="OR('dh0728fab2f3.member')"
|
endorPolicy="OR('dh0728fab2f3.member')"
|
||||||
|
@ -24,6 +27,6 @@ packageId="${ccName}:bed6b22c90562f2f87d2303895064718c6fa98566a637b58b4037c5082f
|
||||||
#bash cc-marble-test.sh ${mspId} ${channelId} ${peerAddr} ${ordererAddr} ${ccName}
|
#bash cc-marble-test.sh ${mspId} ${channelId} ${peerAddr} ${ordererAddr} ${ccName}
|
||||||
|
|
||||||
#bash discover.sh VolvoFounder multiinstancewith32kbpage01 volvofounder-bcsnativetest-iad.blockchain.test.ocp.oc-test.com:20012 multiinstancewith32kbpageCC01
|
#bash discover.sh VolvoFounder multiinstancewith32kbpage01 volvofounder-bcsnativetest-iad.blockchain.test.ocp.oc-test.com:20012 multiinstancewith32kbpageCC01
|
||||||
bash discover.sh VolvoFounder multiinstancewith32kbpage01 volvofounder-bcsnativetest-iad.blockchain.test.ocp.oc-test.com:20013 multiinstancewith32kbpageCC01
|
#bash discover.sh VolvoFounder multiinstancewith32kbpage01 volvofounder-bcsnativetest-iad.blockchain.test.ocp.oc-test.com:20013 multiinstancewith32kbpageCC01
|
||||||
#bash discover.sh VolvoFounder multiinstancewith32kbpage01 volvopart01-bcsnativetest-iad.blockchain.test.ocp.oc-test.com:20041 multiinstancewith32kbpageCC01
|
#bash discover.sh VolvoFounder multiinstancewith32kbpage01 volvopart01-bcsnativetest-iad.blockchain.test.ocp.oc-test.com:20041 multiinstancewith32kbpageCC01
|
||||||
#bash discover.sh VolvoFounder multiinstancewith32kbpage01 volvopart01-bcsnativetest-iad.blockchain.test.ocp.oc-test.com:20043 multiinstancewith32kbpageCC01
|
#bash discover.sh VolvoFounder multiinstancewith32kbpage01 volvopart01-bcsnativetest-iad.blockchain.test.ocp.oc-test.com:20043 multiinstancewith32kbpageCC01
|
||||||
|
|
|
@ -9,31 +9,37 @@ if [ $# -lt 1 ]; then
|
||||||
fi
|
fi
|
||||||
|
|
||||||
mspId=$1
|
mspId=$1
|
||||||
echo "msp id = ${mspId}"
|
mspPath=msp-${mspId}
|
||||||
|
echo "msp id=${mspId}, msp path=${mspPath}"
|
||||||
|
|
||||||
cert_file=${mspId}-certificates.json
|
certFile=${mspId}-certificates.json
|
||||||
admin_dir=${mspId}-admin-credential
|
adminCredentialDir=${mspId}-admin-credential
|
||||||
|
adminCredentialFile=${mspId}-admin-credential.zip
|
||||||
|
|
||||||
mkdir -p "msp-${mspId}"
|
[ -d "${mspPath}" ] && { echo "${mspPath} already exists, will exit" && exit 0; }
|
||||||
pushd "msp-${mspId}" && mkdir tlscacerts signcerts keystore cacerts admincerts && popd || exit 1
|
mkdir -p "${mspPath}"
|
||||||
|
|
||||||
echo "Unzip ${mspId}-admin-credential.zip file to create the ${admin_dir}"
|
pushd "${mspPath}" && mkdir tlscacerts signcerts keystore cacerts admincerts && popd || exit 1
|
||||||
unzip -d "${mspId}-admin-credential" "${mspId}-admin-credential.zip"
|
|
||||||
|
|
||||||
echo "Get tlscacert from ${cert_file}"
|
echo "Unzip ${adminCredentialFile} file to create the ${adminCredentialDir}"
|
||||||
jq -r .certs.tlscacert "${cert_file}" > "msp-${mspId}/tlscacerts/tlsca.cert"
|
unzip -d "${adminCredentialDir}" "${adminCredentialFile}"
|
||||||
|
|
||||||
echo "Get signcerts from ${admin_dir}"
|
echo "Get tlscacert from ${certFile}"
|
||||||
cp "${admin_dir}/${mspId}-cert.pem" "msp-${mspId}/signcerts/"
|
jq -r .certs.tlscacert "${certFile}" > "${mspPath}/tlscacerts/tlsca.cert"
|
||||||
|
|
||||||
echo "Get keystore from ${admin_dir}"
|
echo "Get signcerts from ${adminCredentialDir}"
|
||||||
cp "${admin_dir}/${mspId}-key" "msp-${mspId}/keystore/"
|
cp "${adminCredentialDir}/${mspId}-cert.pem" "${mspPath}/signcerts/"
|
||||||
|
|
||||||
echo "Get cacerts from ${cert_file}"
|
echo "Get keystore from ${adminCredentialDir}"
|
||||||
jq -r .certs.cacert "${cert_file}" > "msp-${mspId}/cacerts/ca.cert"
|
cp "${adminCredentialDir}/${mspId}-key" "${mspPath}/keystore/"
|
||||||
|
|
||||||
echo "Get admincerts from ${admin_dir}"
|
echo "Get cacerts from ${certFile}"
|
||||||
cp "${admin_dir}/${mspId}-cert.pem" "msp-${mspId}/admincerts/"
|
jq -r .certs.cacert "${certFile}" > "${mspPath}/cacerts/ca.cert"
|
||||||
|
|
||||||
echo "Clean the temp dir of ${mspId}-admin-credential"
|
echo "Get admincerts from ${adminCredentialDir}"
|
||||||
rm -rf ${mspId}-admin-credential
|
cp "${adminCredentialDir}/${mspId}-cert.pem" "${mspPath}/admincerts/"
|
||||||
|
|
||||||
|
echo "Remove the unzipped ${adminCredentialDir}"
|
||||||
|
rm -rf ${adminCredentialDir}
|
||||||
|
|
||||||
|
echo "MSP is created at ${mspPath}, now you can run: rm -rf ${certFile} ${adminCredentialFile}"
|
||||||
|
|
|
@ -1,11 +1,10 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
# This script will fix every channel's orderer admin policy from implicit to signature based.
|
# This script will fix every channel's orderer admin policy from implicit to signature based.
|
||||||
# It should be part of the migration tool
|
|
||||||
|
|
||||||
# Usage: TODO
|
# Usage: TODO
|
||||||
|
|
||||||
# The commit 787b82fa80cb0a85f352384fa2ac51d5fbbc41e9 has changed the policy as:
|
# changed the policy:
|
||||||
#Admins:
|
#Admins:
|
||||||
# Type: ImplicitMeta
|
# Type: ImplicitMeta
|
||||||
# Rule: "MAJORITY Admins"
|
# Rule: "MAJORITY Admins"
|
||||||
|
@ -16,7 +15,6 @@
|
||||||
# Type: Signature
|
# Type: Signature
|
||||||
# Rule: "OR('{{.ORGNAME}}.admin')"
|
# Rule: "OR('{{.ORGNAME}}.admin')"
|
||||||
|
|
||||||
# However, there are still instances with 19.3.5 created with the old policies. The script will fix those instances.
|
|
||||||
|
|
||||||
# configtxlator encode json to pb
|
# configtxlator encode json to pb
|
||||||
# Usage: configtxlatorEncode msgType input output
|
# Usage: configtxlatorEncode msgType input output
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
# This compose file will boot a typical nginx-web toplogy
|
# This compose file will boot a typical nginx-web topology
|
||||||
# nginx: can set user/password to access, and forward request to web.
|
# nginx: can set user/password to access, and forward request to web.
|
||||||
# web: listen on private network
|
# web: listen on private network
|
||||||
# https://github.com/yeasy/docker-compose-files
|
# https://github.com/yeasy/docker-compose-files
|
||||||
|
@ -10,7 +10,7 @@ web:
|
||||||
expose:
|
expose:
|
||||||
- "80"
|
- "80"
|
||||||
|
|
||||||
#nginx to forward request
|
#nginx to forward request
|
||||||
nginx:
|
nginx:
|
||||||
image: yeasy/nginx
|
image: yeasy/nginx
|
||||||
hostname: nginx
|
hostname: nginx
|
Loading…
Reference in New Issue