You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airavata.apache.org by la...@apache.org on 2024/04/17 22:13:07 UTC
(airavata-custos) branch dev-refactoring updated: removed NGINX
This is an automated email from the ASF dual-hosted git repository.
lahirujayathilake pushed a commit to branch dev-refactoring
in repository https://gitbox.apache.org/repos/asf/airavata-custos.git
The following commit(s) were added to refs/heads/dev-refactoring by this push:
new 0bd8a8e95 removed NGINX
0bd8a8e95 is described below
commit 0bd8a8e95f5c221625f3573cf37f9411fcc383dc
Author: lahiruj <la...@gmail.com>
AuthorDate: Wed Apr 17 18:12:51 2024 -0400
removed NGINX
---
.../custos-core-services-server/Dockerfile | 1 -
.../src/main/resources/application.properties | 5 -
.../src/main/resources/certificate.p12 | Bin 2501 -> 0 bytes
.../src/main/resources/certificate_mul.p12 | Bin 2338 -> 0 bytes
.../services/clients/keycloak/KeycloakClient.java | 13 +-
.../services/clients/keycloak/KeycloakUtils.java | 138 +++------------------
.../clients/keycloak/auth/KeycloakAuthClient.java | 29 ++---
custos-utilities/ide-integration/Dockerfile | 9 --
custos-utilities/ide-integration/pom.xml | 30 -----
.../src/main/containers/certificate.p12 | Bin 2501 -> 0 bytes
.../src/main/containers/certificate_mul.p12 | Bin 2621 -> 0 bytes
.../src/main/containers/certificate_mul.pem | 23 ----
.../src/main/containers/docker-compose.yml | 10 --
.../src/main/containers/init/nginx/entrypoint.sh | 3 -
.../src/main/containers/key_mul.pem | 28 -----
.../ide-integration/src/main/containers/nginx.conf | 32 -----
16 files changed, 30 insertions(+), 291 deletions(-)
diff --git a/custos-services/custos-core-services-server/Dockerfile b/custos-services/custos-core-services-server/Dockerfile
index f185bfcbf..86debf1df 100644
--- a/custos-services/custos-core-services-server/Dockerfile
+++ b/custos-services/custos-core-services-server/Dockerfile
@@ -1,5 +1,4 @@
FROM openjdk:17.0.2-slim
-COPY src/main/resources/certificate_mul.p12 /home/ubuntu/keystore/keycloak-client-truststore.pkcs12
VOLUME /tmp
ARG JAR_FILE
ADD ${JAR_FILE} app.jar
diff --git a/custos-services/custos-core-services-server/src/main/resources/application.properties b/custos-services/custos-core-services-server/src/main/resources/application.properties
index d8840a874..ed649758a 100644
--- a/custos-services/custos-core-services-server/src/main/resources/application.properties
+++ b/custos-services/custos-core-services-server/src/main/resources/application.properties
@@ -46,7 +46,6 @@ spring.profiles.active=local
#Keycloak properties
iam.server.admin.username=admin
iam.server.admin.password=admin
-iam.server.truststore.password=keycloak
iam.server.url=https://host.docker.internal/auth/
#iam.server.url=https://localhost/auth/
@@ -56,10 +55,6 @@ enable.messaging.service=false
#CiLogon Properties
ciLogon.admin.client.id=abc
ciLogon.admin.client.secret=1234
-iam.server.truststore.path=/home/ubuntu/keystore/keycloak-client-truststore.pkcs12
-
-#iam.server.truststore.path=/Users/isururanawaka/Documents/Airavata_Repository/airavata-custos/custos-services/custos-core-services-server/src/main/resources/certificate_mul.p12
-
spring.cloud.vault.token=00000000-0000-0000-0000-000000000000
spring.cloud.vault.scheme=http
diff --git a/custos-services/custos-core-services-server/src/main/resources/certificate.p12 b/custos-services/custos-core-services-server/src/main/resources/certificate.p12
deleted file mode 100644
index 018465773..000000000
Binary files a/custos-services/custos-core-services-server/src/main/resources/certificate.p12 and /dev/null differ
diff --git a/custos-services/custos-core-services-server/src/main/resources/certificate_mul.p12 b/custos-services/custos-core-services-server/src/main/resources/certificate_mul.p12
deleted file mode 100644
index 9a253b4ce..000000000
Binary files a/custos-services/custos-core-services-server/src/main/resources/certificate_mul.p12 and /dev/null differ
diff --git a/custos-services/custos-federated-services-clients/src/main/java/org/apache/custos/federated/services/clients/keycloak/KeycloakClient.java b/custos-services/custos-federated-services-clients/src/main/java/org/apache/custos/federated/services/clients/keycloak/KeycloakClient.java
index 53d71ea3e..56496463f 100644
--- a/custos-services/custos-federated-services-clients/src/main/java/org/apache/custos/federated/services/clients/keycloak/KeycloakClient.java
+++ b/custos-services/custos-federated-services-clients/src/main/java/org/apache/custos/federated/services/clients/keycloak/KeycloakClient.java
@@ -58,12 +58,6 @@ public class KeycloakClient {
@Value("${iam.server.client.id:admin-cli}")
private String clientId;
- @Value("${iam.server.truststore.path:/home/ubuntu/keystore/keycloak-client-truststore.pkcs12}")
- private String trustStorePath;
-
- @Value("${iam.server.truststore.password:keycloak}")
- private String truststorePassword;
-
@Value("${iam.server.url:https://keycloak.custos.scigap.org:31000/auth/}")
private String iamServerURL;
@@ -1937,14 +1931,11 @@ public class KeycloakClient {
private Keycloak getClient(String adminUrl, String realm, String loginUsername, String password) {
-
- return KeycloakUtils.getClient(adminUrl, realm, loginUsername,
- password, clientId, trustStorePath, truststorePassword);
+ return KeycloakUtils.getClient(adminUrl, realm, loginUsername, password, clientId);
}
private Keycloak getClient(String adminUrl, String realm, String accessToken) {
-
- return KeycloakUtils.getClient(adminUrl, realm, accessToken, trustStorePath, truststorePassword);
+ return KeycloakUtils.getClient(adminUrl, realm, accessToken);
}
diff --git a/custos-services/custos-federated-services-clients/src/main/java/org/apache/custos/federated/services/clients/keycloak/KeycloakUtils.java b/custos-services/custos-federated-services-clients/src/main/java/org/apache/custos/federated/services/clients/keycloak/KeycloakUtils.java
index c90da7afb..fd7c8e1ed 100644
--- a/custos-services/custos-federated-services-clients/src/main/java/org/apache/custos/federated/services/clients/keycloak/KeycloakUtils.java
+++ b/custos-services/custos-federated-services-clients/src/main/java/org/apache/custos/federated/services/clients/keycloak/KeycloakUtils.java
@@ -19,7 +19,6 @@
package org.apache.custos.federated.services.clients.keycloak;
-import org.apache.catalina.security.SecurityUtil;
import org.jboss.resteasy.client.jaxrs.ResteasyClient;
import org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder;
import org.keycloak.admin.client.Keycloak;
@@ -30,15 +29,11 @@ import org.slf4j.LoggerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.IOException;
-import java.io.InputStream;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
-import java.security.cert.CertificateException;
+import java.security.SecureRandom;
import java.util.concurrent.TimeUnit;
public class KeycloakUtils {
@@ -48,20 +43,18 @@ public class KeycloakUtils {
private static final Logger LOGGER = LoggerFactory.getLogger(KeycloakUtils.class);
- public static Keycloak getClient(String serverURL, String realm, String accessToken,
- String trustStorePath, String trustorePassword) {
+ public static Keycloak getClient(String serverURL, String realm, String accessToken) {
return KeycloakBuilder.builder()
.serverUrl(serverURL)
.realm(realm)
.authorization(accessToken)
- .resteasyClient(getRestClient(trustStorePath, trustorePassword))
+ .resteasyClient(getRestClient())
.build();
}
- public static Keycloak getClient(String serverURL, String realm, String loginUsername,
- String password, String clientId, String trustStorePath, String trustorePassword) {
+ public static Keycloak getClient(String serverURL, String realm, String loginUsername, String password, String clientId) {
return KeycloakBuilder.builder()
.serverUrl(serverURL)
@@ -69,128 +62,37 @@ public class KeycloakUtils {
.username(loginUsername)
.password(password)
.clientId(clientId)
- .resteasyClient(getRestClient(trustStorePath, trustorePassword))
+ .resteasyClient(getRestClient())
.build();
}
- private static ResteasyClient getRestClient(String trustorePath, String trustorePassword) {
- return new ResteasyClientBuilder()
- .establishConnectionTimeout(100, TimeUnit.SECONDS)
- .socketTimeout(10, TimeUnit.SECONDS)
- .connectionPoolSize(POOL_SIZE)
- .trustStore(loadKeyStore(trustorePath, trustorePassword))
- .build();
- }
-
-
- private static KeyStore loadKeyStore(String trustStorePath, String trustorePassword) {
-
- InputStream is = null;
+ private static ResteasyClient getRestClient() {
try {
-
- KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
-// if (profile.equals("staging") || profile.equals("production")) {
-// LOGGER.info("Profile inside " + profile);
-// GetServerCertificateRequest getServerCertificateRequest = GetServerCertificateRequest
-// .newBuilder()
-// .setNamespace("keycloak")
-// .setSecretName("tls-keycloak-secret")
-// .build();
-// GetServerCertificateResponse response = clusterManagementClient.getCustosServerCertificate(getServerCertificateRequest);
-// CertificateFactory cf = CertificateFactory.getInstance("X.509");
-// LOGGER.info(response.getCertificate());
-// InputStream targetStream = new ByteArrayInputStream(response.getCertificate().getBytes());
-// Certificate certs = cf.generateCertificate(targetStream);
-// // Add the certificate
-// ks.load(null, null);
-// ks.setCertificateEntry("custos", certs);
-//
-// } else {
-
- File trustStoreFile = new File(trustStorePath);
-
- if (trustStoreFile.exists()) {
- LOGGER.debug("Loading trust store file from path " + trustStorePath);
- is = new FileInputStream(trustStorePath);
- } else {
- LOGGER.debug("Trying to load trust store file form class path " + trustStorePath);
- is = SecurityUtil.class.getClassLoader().getResourceAsStream(trustStorePath);
- if (is != null) {
- LOGGER.debug("Trust store file was loaded form class path " + trustStorePath);
- }
- }
-
- if (is == null) {
- throw new RuntimeException("Could not find a trust store file in path " + trustStorePath);
- }
-
-
- ks.load(is, trustorePassword.toCharArray());
-// }
- return ks;
- } catch (Exception e) {
+ return new ResteasyClientBuilder()
+ .establishConnectionTimeout(100, TimeUnit.SECONDS)
+ .socketTimeout(10, TimeUnit.SECONDS)
+ .connectionPoolSize(POOL_SIZE)
+ .trustStore(KeyStore.getInstance(KeyStore.getDefaultType()))
+ .build();
+
+ } catch (KeyStoreException e) {
+ LOGGER.error("Failed to load trust store KeyStore instance");
throw new RuntimeException("Failed to load trust store KeyStore instance", e);
- } finally {
- if (is != null) {
- try {
- is.close();
- } catch (IOException e) {
- LOGGER.error("Failed to close trust store FileInputStream", e);
- }
- }
}
}
+ public static SSLContext initializeTrustStoreManager() throws KeyStoreException, NoSuchAlgorithmException, KeyManagementException {
- public static SSLContext initializeTrustStoreManager(String trustStorePath, String trustStorePassword) throws
- IOException, KeyStoreException, CertificateException, NoSuchAlgorithmException, KeyManagementException {
- KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
-// if (profile.equals("staging") || profile.equals("production")) {
-// GetServerCertificateRequest getServerCertificateRequest = GetServerCertificateRequest
-// .newBuilder()
-// .setNamespace("keycloak")
-// .setSecretName("tls-keycloak-secret")
-// .build();
-// GetServerCertificateResponse response = clusterManagementClient.getCustosServerCertificate(getServerCertificateRequest);
-// CertificateFactory cf = CertificateFactory.getInstance("X.509");
-// InputStream targetStream = new ByteArrayInputStream(response.getCertificate().getBytes());
-// Certificate certs = cf.generateCertificate(targetStream);
-// trustStore.load(null, null);
-// trustStore.setCertificateEntry("custos", certs);
-//
-// } else {
- File trustStoreFile = new File(trustStorePath);
- InputStream is;
- if (trustStoreFile.exists()) {
- LOGGER.debug("Loading trust store file from path " + trustStorePath);
- is = new FileInputStream(trustStorePath);
- } else {
- LOGGER.debug("Trying to load trust store file form class path " + trustStorePath);
- is = SecurityUtil.class.getClassLoader().getResourceAsStream(trustStorePath);
- if (is != null) {
- LOGGER.debug("Trust store file was loaded form class path " + trustStorePath);
- }
- }
-
- if (is == null) {
- throw new RuntimeException("Could not find a trust store file in path " + trustStorePath);
- }
- char[] trustPassword = trustStorePassword.toCharArray();
- trustStore.load(is, trustPassword);
-// }
-
- // initialize a trust manager factory
- TrustManagerFactory trustFactory =
- TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
- trustFactory.init(trustStore);
+ TrustManagerFactory trustFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
+ trustFactory.init((KeyStore) null);
// get the trust managers from the factory
TrustManager[] trustManagers = trustFactory.getTrustManagers();
- // initialize an ssl context to use these managers and set as default
+ // initialize an SSL context to use these managers and set as default
SSLContext sslContext = SSLContext.getInstance("SSL");
- sslContext.init(null, trustManagers, null);
+ sslContext.init(null, trustManagers, new SecureRandom());
SSLContext.setDefault(sslContext);
return sslContext;
diff --git a/custos-services/custos-federated-services-clients/src/main/java/org/apache/custos/federated/services/clients/keycloak/auth/KeycloakAuthClient.java b/custos-services/custos-federated-services-clients/src/main/java/org/apache/custos/federated/services/clients/keycloak/auth/KeycloakAuthClient.java
index 209320e1c..7f157748c 100644
--- a/custos-services/custos-federated-services-clients/src/main/java/org/apache/custos/federated/services/clients/keycloak/auth/KeycloakAuthClient.java
+++ b/custos-services/custos-federated-services-clients/src/main/java/org/apache/custos/federated/services/clients/keycloak/auth/KeycloakAuthClient.java
@@ -19,7 +19,6 @@
package org.apache.custos.federated.services.clients.keycloak.auth;
-import org.apache.custos.cluster.management.client.ClusterManagementClient;
import org.apache.custos.federated.services.clients.keycloak.KeycloakUtils;
import org.apache.http.Consts;
import org.apache.http.HttpHeaders;
@@ -42,7 +41,6 @@ import org.keycloak.authorization.client.Configuration;
import org.keycloak.representations.AccessTokenResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.context.event.ApplicationReadyEvent;
import org.springframework.context.event.EventListener;
@@ -58,7 +56,11 @@ import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
-import java.util.*;
+import java.util.ArrayList;
+import java.util.Base64;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
/**
* Acting as a broker between keycloak server and auth services
@@ -69,21 +71,6 @@ public class KeycloakAuthClient {
@Value("${iam.server.url:https://keycloak.custos.scigap.org:31000/auth/}")
private String idpServerURL;
- @Value("${iam.server.truststore.path:/home/ubuntu/keystore/keycloak-client-truststore.pkcs12}")
- private String trustStorePath;
-
- @Value("${iam.server.truststore.password:keycloak}")
- private String trustStorePassword;
-
-// @Value("${token.endpoint:}")
-// private String tokenEndpoint;
-
-// @Value("${registration.endpoint}")
-// private String registrationEndpoint;
-
-// @Value("${user.info.endpoint}")
-// private String userInfoEndpoint;
-
private static final Logger LOGGER = LoggerFactory.getLogger(KeycloakAuthClient.class);
@@ -93,7 +80,7 @@ public class KeycloakAuthClient {
KeyStoreException, KeyManagementException, IOException {
try {
LOGGER.debug("initializing security requirements");
- KeycloakUtils.initializeTrustStoreManager(trustStorePath, trustStorePassword);
+ KeycloakUtils.initializeTrustStoreManager();
} catch (Exception ex) {
LOGGER.error("Keycloak Authclient initialization failed " + ex.getMessage());
throw ex;
@@ -167,7 +154,7 @@ public class KeycloakAuthClient {
String realmId) {
try {
String tokenURL = getTokenEndpoint(realmId);
- LOGGER.info("token url:"+ tokenURL);
+ LOGGER.info("token url:" + tokenURL);
JSONObject clientCredentials = getClientCredentials(tokenURL, clientId, clientSecret);
return clientCredentials.getString("access_token");
} catch (Exception e) {
@@ -317,7 +304,7 @@ public class KeycloakAuthClient {
private String getOpenIDConfigurationUrl(String realm) {
- LOGGER.debug("Connecting to "+ idpServerURL);
+ LOGGER.debug("Connecting to " + idpServerURL);
return idpServerURL + "realms/" + realm + "/.well-known/openid-configuration";
}
diff --git a/custos-utilities/ide-integration/Dockerfile b/custos-utilities/ide-integration/Dockerfile
deleted file mode 100644
index 10b488285..000000000
--- a/custos-utilities/ide-integration/Dockerfile
+++ /dev/null
@@ -1,9 +0,0 @@
-FROM nginx:stable-alpine
-COPY src/main/containers/nginx.conf /etc/nginx/conf.d/default.conf.template
-COPY src/main/containers/certificate_mul.pem /etc/nginx/certificate.pem
-COPY src/main/containers/key_mul.pem /etc/nginx/key.pem
-COPY src/main/containers/init/nginx/entrypoint.sh /usr/local/bin/entrypoint.sh
-
-RUN chmod +x /usr/local/bin/entrypoint.sh
-ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
-EXPOSE 443
\ No newline at end of file
diff --git a/custos-utilities/ide-integration/pom.xml b/custos-utilities/ide-integration/pom.xml
index f559e8c98..fe2ecbb42 100644
--- a/custos-utilities/ide-integration/pom.xml
+++ b/custos-utilities/ide-integration/pom.xml
@@ -132,36 +132,6 @@
</execution>
</executions>
</plugin>
- <plugin>
- <groupId>io.fabric8</groupId>
- <artifactId>docker-maven-plugin</artifactId>
- <executions>
- <execution>
- <id>container</id>
- <phase>install</phase>
- <goals>
- <goal>build</goal>
- <goal>push</goal>
- </goals>
- </execution>
- </executions>
- <configuration>
- <images>
- <image>
- <name>${docker.image.prefix}/keycloak-nginx:latest</name>
- <build>
- <dockerFileDir>${project.basedir}</dockerFileDir>
- <noCache>true</noCache>
- <args>
- <JAR_FILE>target/${project.build.finalName}.jar</JAR_FILE>
- </args>
- </build>
- </image>
- </images>
- <registry>docker.io</registry>
- <skip>false</skip>
- </configuration>
- </plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-enforcer-plugin</artifactId>
diff --git a/custos-utilities/ide-integration/src/main/containers/certificate.p12 b/custos-utilities/ide-integration/src/main/containers/certificate.p12
deleted file mode 100644
index 018465773..000000000
Binary files a/custos-utilities/ide-integration/src/main/containers/certificate.p12 and /dev/null differ
diff --git a/custos-utilities/ide-integration/src/main/containers/certificate_mul.p12 b/custos-utilities/ide-integration/src/main/containers/certificate_mul.p12
deleted file mode 100644
index dc22776eb..000000000
Binary files a/custos-utilities/ide-integration/src/main/containers/certificate_mul.p12 and /dev/null differ
diff --git a/custos-utilities/ide-integration/src/main/containers/certificate_mul.pem b/custos-utilities/ide-integration/src/main/containers/certificate_mul.pem
deleted file mode 100644
index f2ca3ddaf..000000000
--- a/custos-utilities/ide-integration/src/main/containers/certificate_mul.pem
+++ /dev/null
@@ -1,23 +0,0 @@
------BEGIN CERTIFICATE-----
-MIID0jCCArqgAwIBAgIUPZzOgp9xtxFe1GQLpUuSzGOrGiMwDQYJKoZIhvcNAQEL
-BQAwRjFEMEIGA1UEAww7dmVkYS11c2VjdXN0b3MtNGJkZTc3Y2ZiZGYwYTBkZS5l
-bGIudXMtZWFzdC0yLmFtYXpvbmF3cy5jb20wHhcNMjQwMjA4MTUzOTAxWhcNMjUw
-MjA3MTUzOTAxWjBGMUQwQgYDVQQDDDt2ZWRhLXVzZWN1c3Rvcy00YmRlNzdjZmJk
-ZjBhMGRlLmVsYi51cy1lYXN0LTIuYW1hem9uYXdzLmNvbTCCASIwDQYJKoZIhvcN
-AQEBBQADggEPADCCAQoCggEBAJVXy4Da3nibODs3vAMUqvZFNPSXp9MT8g2E/8I4
-Py6VSnJPPJioqvCCEcvmDlIHI37leRS/cDJJl2f1rrfkLUN76liqd4DqyAxFHyli
-0gTt4YkIwpiP/tMejUxeqYL/gvVnd+nrLVhfR6Z/vyGHao4TOrweDk/C41uM4qrf
-n56pxDoVdV4uLLQL720RoirmjurXr+Ykpl1owkhjQS2vdZaq8iHNolLUhr+70Jkf
-j3gcFq9T+PZtJtOVqaS0o+HfiKVbsjHS+LZU2LKqm58nfzwo+BPbhaPYCjkZdHyC
-En1gK2Fo1z9u54upVo2L4tCew4UFMDBTVDjqcxjzD2cJLxsCAwEAAaOBtzCBtDAJ
-BgNVHRMEAjAAMAsGA1UdDwQEAwIF4DB7BgNVHREEdDBygjt2ZWRhLXVzZWN1c3Rv
-cy00YmRlNzdjZmJkZjBhMGRlLmVsYi51cy1lYXN0LTIuYW1hem9uYXdzLmNvbYIJ
-bG9jYWxob3N0ghRob3N0LmRvY2tlci5pbnRlcm5hbIISbmdpbnguY3VzdG9zLmxv
-Y2FsMB0GA1UdDgQWBBRb+LkXFWlmwybgoEEaGVYNtrOUJjANBgkqhkiG9w0BAQsF
-AAOCAQEAWK0RXK0fe875lxjYweWbBaulSRV1w1qhG1fUXCP/sO2gCexX3kJCtNj7
-XnlGShP4mTqF1t/yG0K11OxTUozivehXtGWwYhYkvlNDy8Vmoi3UJgPJJZbjQK5f
-e61Q7iw5BEP5+mHHqkFZeDvFwA/kEwG3fNpQg3yd+0A7Hr0b5VxDZxMmZ60UP4Q8
-it+2QWytJadatz2cuS2CQTYaSzg316NtuUmPnfix61jdsNMhLus/jd4lLmMv2GzI
-BM9kQJpDS7nT2OMHQRuRj4aO282BlWSkvw3hy3UeM9njKY7S6DQI+6Wsc/1wRhW0
-8D2pasFSvZH5iAXw9ADgVYTTekYlpA==
------END CERTIFICATE-----
diff --git a/custos-utilities/ide-integration/src/main/containers/docker-compose.yml b/custos-utilities/ide-integration/src/main/containers/docker-compose.yml
index 2a4a41f1f..847dfc533 100644
--- a/custos-utilities/ide-integration/src/main/containers/docker-compose.yml
+++ b/custos-utilities/ide-integration/src/main/containers/docker-compose.yml
@@ -17,16 +17,6 @@ services:
depends_on:
- my_sql_local
- nginx:
- image: apachecustos/keycloak-nginx:latest
- ports:
- - "443:443"
- environment:
- KEYCLOAK_HOST: keycloak
- NGINX_SERVER_NAME: host.docker.internal
- depends_on:
- - keycloak
-
vault:
image: vault:1.7.0
container_name: vault
diff --git a/custos-utilities/ide-integration/src/main/containers/init/nginx/entrypoint.sh b/custos-utilities/ide-integration/src/main/containers/init/nginx/entrypoint.sh
deleted file mode 100755
index fc935026d..000000000
--- a/custos-utilities/ide-integration/src/main/containers/init/nginx/entrypoint.sh
+++ /dev/null
@@ -1,3 +0,0 @@
-#!/bin/sh
-envsubst '$KEYCLOAK_HOST,$NGINX_SERVER_NAME' < /etc/nginx/conf.d/default.conf.template > /etc/nginx/conf.d/default.conf
-nginx -g 'daemon off;'
diff --git a/custos-utilities/ide-integration/src/main/containers/key_mul.pem b/custos-utilities/ide-integration/src/main/containers/key_mul.pem
deleted file mode 100644
index d5a4e13a6..000000000
--- a/custos-utilities/ide-integration/src/main/containers/key_mul.pem
+++ /dev/null
@@ -1,28 +0,0 @@
------BEGIN PRIVATE KEY-----
-MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCVV8uA2t54mzg7
-N7wDFKr2RTT0l6fTE/INhP/COD8ulUpyTzyYqKrwghHL5g5SByN+5XkUv3AySZdn
-9a635C1De+pYqneA6sgMRR8pYtIE7eGJCMKYj/7THo1MXqmC/4L1Z3fp6y1YX0em
-f78hh2qOEzq8Hg5PwuNbjOKq35+eqcQ6FXVeLiy0C+9tEaIq5o7q16/mJKZdaMJI
-Y0Etr3WWqvIhzaJS1Ia/u9CZH494HBavU/j2bSbTlamktKPh34ilW7Ix0vi2VNiy
-qpufJ388KPgT24Wj2Ao5GXR8ghJ9YCthaNc/bueLqVaNi+LQnsOFBTAwU1Q46nMY
-8w9nCS8bAgMBAAECggEAIffis0/VG1Se4SVHr+GzEynhpiKaixG11CpkrA30HQna
-8Y4hR83Rd7v2BU0yA6lZAwN522TBxcZkWEKS94PAYeGdB4bagKmmT9gnAthV0cYz
-ruIdtOrHuMhxtiWv47pvVJcwuLWDzl55ox7aX+t3qpIoIWKquayn3wp4Agq0OTel
-4IwzcbR0/YfHCDMn9bJzq4/Tk9oabuXY4gwmLUsauMcFhvYRpb2KL/0OqfDhA+cU
-yLSZuQ7VB68dMAZojPWZ8S1kx2tCC7GV1JQ95AJw6sEV771uJdZUHUqTcz0OrHYW
-3wmQnrLoa4W2JfQV/qiRjmCoDC/kdbykv99gCr4EoQKBgQDRZwiEKve43Fxq6DKH
-dqbfBUtNZgkupKJwK/KynQb1ChyJMav7WX3Sj1PyIDUFQ0097Z5i1vRjw2Fttv1n
-Ny2sLQsR9yO/zeopyBg5q1o+U670MVaN2VS6zf0aasebaV0yPIa0A966888NuBcP
-q1keoOgkRz9NcMLUTwh5v5yWOwKBgQC2k157rpK9nvtj2uIBAZMwH73XuaLaDMQ6
-tIMrWn7+Ng6DE6LvIfOJFSNlEkSkfF6E0LID+M3dY+xmDaYNqiJOzJkH8cxvdgU2
-QnCcbK6Oid3Xu/VHAkJcLSlxUSr/V7tNNQ2yMNRB4ZX0uQM9HJ++CMjGwS0WyRj4
-qJR8UhzcoQKBgQCAo070AoFTquuLMUF5Pkac0t/DmF8jrDetuRHK7/QKLEADd+Qy
-8HL/GtVy9J4dsY6N8J9QEMTpVGlRwQxCj/8aukEGtE/d0F19dVKMetthVn8vu+90
-DIKkj05hIB+nNT7vUYdeptH4/zW/M8vW8Gg7DJYPU0VsCU1mp3aJdFB5aQKBgFqU
-5QSSCUXA0dKp7wU2xdLTfLnB5TUvrk+97XId9PGk2jBYFrdz7cLuVOA5XwsIlVBp
-xlhIIcMcZ1X+oYsYBOt5gNc7NQV71XwlHH/PQA+CASmenEN9sHTRB0WsUpva6BeX
-IdNtfHGvPVnsTNoOEIcVDp/libxLS3NbGEhR6PXhAoGALe35IHBPuJ1Pvhy06UH2
-Xy8HmoS9leW6BXrDagtXu94w7ZSWNVsU1c7iILK8ROGto4FiGZ5u+B9SEP2KYfQ/
-RNOFyaEBt8jPAKFUaKGa/hXR/Z+YaW771vmkxTV4y/iNxVihqlfS/oFs4VFIgzXm
-gZNv86+eywvF56XgS04weFQ=
------END PRIVATE KEY-----
diff --git a/custos-utilities/ide-integration/src/main/containers/nginx.conf b/custos-utilities/ide-integration/src/main/containers/nginx.conf
deleted file mode 100644
index 9d9af2537..000000000
--- a/custos-utilities/ide-integration/src/main/containers/nginx.conf
+++ /dev/null
@@ -1,32 +0,0 @@
-upstream keycloak {
- server ${KEYCLOAK_HOST}:8080;
-}
-
-server {
- listen 443 ssl;
-
- # The host name to respond to
- server_name ${NGINX_SERVER_NAME};
- ssl_certificate /etc/nginx/certificate.pem;
- ssl_certificate_key /etc/nginx/key.pem;
- ssl_prefer_server_ciphers on;
-
- add_header 'Access-Control-Allow-Origin' '*' always;
- add_header 'Access-Control-Allow_Credentials' 'true';
- add_header 'Access-Control-Allow-Headers' 'Authorization,authorization, Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,user-token';
- add_header 'Access-Control-Allow-Methods' 'GET,POST,OPTIONS,PUT,DELETE,PATCH';
- rewrite_log on;
- error_log /var/log/nginx/error.log;
-
- location /auth {
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header X-Forwarded-Proto https;
- proxy_set_header X-Forwarded-Host $server_name;
- proxy_pass http://keycloak;
- add_header Strict-Transport-Security "max-age=31536000" always;
- add_header 'Content-Security-Policy' 'upgrade-insecure-requests';
-}
-
-}
\ No newline at end of file