Updated referenced docker images

README.md

@@ -1,3 +1,29 @@
+# sync-endpoint-default-setup
+
+## What is sync-endpoint-default-setup
+sync-endpoint-default-setup is a project that provides a default setup and configuration for the ODK-X Sync Endpoint. ODK-X is a suite of tools and services for data collection, management, and synchronization, often used for field data collection in research, humanitarian work, and other applications.
+
+## Table of Contents
+
+1. [Prerequisites](#prerequisites)
+2. [Build](#build)
+    - 2.1 [Using the init-odkx-sync-endpoint.py script](#using-the-init-odkx-sync-endpointpy-script)
+    - 2.2 [Manual Build Instructions](#manual-build-instructions)
+3. [Run](#run)
+4. [Clean up](#clean-up)
+5. [Configuration](#configuration)
+6. [LDAP](#ldap)
+    - 6.1 [Creating Users (with phpLDAPadmin)](#creating-users-with-phpldapadmin)
+    - 6.2 [Creating Groups (with phpLDAPadmin)](#creating-groups-with-phpldapadmin)
+    - 6.3 [Assigning Users to Groups (with phpLDAPadmin)](#assigning-users-to-groups-with-phpldapadmin)
+    - 6.4 [Using ldap-utils](#using-ldap-utils)
+7. [Advanced Configuration](#advanced-configuration)
+    - 7.1 [Using a Different Database or LDAP Directory](#using-a-different-database-or-ldap-directory)
+    - 7.2 [Managing Identity through DHIS2](#managing-identity-through-dhis2)
+8. [Warnings](#warnings)
+9. [Notes](#notes)
+10. [Ubuntu 18.04 Example Installation](#ubuntu-1804-example-installation)
+
 ## Prerequisites
 - Git
 - Docker (with swarm mode enabled)
@@ -82,7 +108,7 @@ The `ldap-service` container has `ldap-utils` installed. If you'd prefer, you ma
 
 #### Using a Different Database or LDAP directory 
 
-See [here](http://opendatakit-dev.cs.washington.edu/2_0_tools/release/current_release/cloud_endpoints).
+See [here](https://docs.odk-x.org/sync-endpoint/#using-a-different-ldap-ui).
 
 #### Managing Identity through DHIS2 
 
@@ -109,19 +135,41 @@ The phpLDAPadmin container is from [osixia/phpldapadmin](https://github.com/osix
 
 Refer to their respecitve documentations for usage information. 
 
-## Ubuntu 18.04 Example installation
-## To get setup on a clean installation of Ubuntu 18.04 run the following commands;
+## Ubuntu 22.04 Example installation
+## To get setup on a clean installation of Ubuntu 22.04:
+
+First add Docker's apt repository and install docker - see [Docker's documentation](https://docs.docker.com/engine/install/ubuntu/) and enable swarm mode
+```bash
+# Add Docker's official GPG key:
+sudo apt-get update
+sudo apt-get install ca-certificates curl
+sudo install -m 0755 -d /etc/apt/keyrings
+sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
+sudo chmod a+r /etc/apt/keyrings/docker.asc
+
+# Add the repository to Apt sources:
+echo \
+  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
+  $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
+  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+sudo apt-get update
+
+sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
+
+docker swarm init
+```
+Then install maven and certbot
+```bash
+sudo apt-get install maven certbot
 ```
-user@localhost:~/# apt update
-user@localhost:~/# apt install docker.io
-user@localhost:~/# docker swarm init
-user@localhost:~/# apt install maven
-user@localhost:~/# apt install certbot
-user@localhost:~/# git clone https://github.com/odk-x/sync-endpoint-default-setup.git odkx
-user@localhost:~/# cd odkx
-user@localhost:~/odkx# python3 init-odkx-sync-endpoint.py
+Finally clone the default setup repo and run the initialization script with python
+
+```bash
+git clone https://github.com/odk-x/sync-endpoint-default-setup.git odkx
+cd odkx
+python3 init-odkx-sync-endpoint.py
  ```
-... then follow the on-screen instructions.
+... continue to follow the on-screen instructions.
 
 When everything has been built and started, you can open a browser and go to https://<your_domain>:40000 to access the LDAP admin interface.
 Log in with username = **cn=admin,dc=example,dc=org** and the password you defined during the intialization script. Then you can [create the ODK-X Sync Endpoint users according to the documentation](https://docs.odk-x.org/sync-endpoint/#creating-users).

config/nginx/sync-endpoint-http.conf

@@ -1,6 +1,8 @@
 server {
 	listen 80;
 	client_max_body_size 32m;
+	gzip off;
 
+	#include /etc/nginx/sync-endpoint-locations.conf;
 	include conf/sync-endpoint-locations.conf;
 }

config/nginx/sync-endpoint-https.conf

@@ -1,3 +1,7 @@
+map $request_method $proxy_method {
+    HEAD GET;
+    default $request_method;
+}
 server {
 	listen 80;
 
@@ -9,16 +13,18 @@ server {
 		return 301 https://$host$request_uri;
 	}
 }
-
 server {
-	listen 443 ssl http2;
-	client_max_body_size 32m;
+    listen 443 ssl;
+    http2 off;
+    gzip off;
+    client_max_body_size 32m;
 
-	# Redirect HTTP -> HTTPS
-	error_page 497 https://$host:$server_port$request_uri;
+    # Redirect HTTP -> HTTPS
+    error_page 497 https://$host:$server_port$request_uri;
 
-	ssl_certificate /etc/letsencrypt/live/production/fullchain.pem;
-	ssl_certificate_key /etc/letsencrypt/live/production/privkey.pem;
+    ssl_certificate /etc/letsencrypt/live/production/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/production/privkey.pem;
 
-	include conf/sync-endpoint-locations.conf;
+    include conf/sync-endpoint-locations.conf;
+    #include /etc/nginx/sync-endpoint-locations.conf;
 }

config/nginx/sync-endpoint-locations.conf

@@ -1,32 +1,45 @@
 # use favicon from Sync Endpoint
+proxy_hide_header x-opendatakit-version;
+add_header X-OpenDataKit-Version "2.0" always;
 location = /favicon.ico {
-	proxy_pass http://sync:8080/favicon.ico;
+        proxy_method $proxy_method;
+        proxy_pass http://sync:8080/favicon.ico;
+}
+
+location /nginx-health {
+    return 200 'nginx OK';
+    add_header Content-Type text/plain;
+}
+
+# Gogunzy Health check
+location /gogunzy-health {
+    proxy_pass http://gogunzy:8000/health;
 }
 
 location = / {
-	return 301 /web-ui/;
+        return 301 /web-ui/;
 }
 
 location ^~ /odktables/ {
-	proxy_pass http://sync:8080/odktables/;
+    proxy_pass http://gogunzy:8000/odktables/;
 
-	proxy_set_header X-Real-IP $remote_addr;
-	proxy_set_header X-Forwarded-For $remote_addr;
-	proxy_set_header X-Forwarded-Proto $scheme;
-	proxy_set_header X-Forwarded-Port $server_port;
-	proxy_set_header Host $host:$server_port;
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_set_header X-Forwarded-For $remote_addr;
+    proxy_set_header X-Forwarded-Proto $scheme;
+    proxy_set_header X-Forwarded-Port $server_port;
+    proxy_set_header Host $host:$server_port;
 
-	proxy_redirect default;
+    proxy_redirect default;
 }
 
 location ^~ /web-ui/ {
-	proxy_pass http://web-ui:8080/web-ui/;
-
-	proxy_set_header X-Real-IP $remote_addr;
-	proxy_set_header X-Forwarded-For $remote_addr;
-	proxy_set_header X-Forwarded-Proto $scheme;
-	proxy_set_header X-Forwarded-Port $server_port;
-	proxy_set_header Host $host:$server_port;
+        proxy_pass http://web-ui:8080/web-ui/;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $remote_addr;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_set_header X-Forwarded-Port $server_port;
+        #proxy_set_header Host $host:$server_port;
 
-	proxy_redirect default;
+        proxy_redirect default;
 }
+

db-bootstrap/bootstrap.sh

@@ -67,7 +67,7 @@ case ${DB_VAR} in
         DB_PORT=5432
         eval ${WAIT_CMD}
         docker exec ${DB_CONTAINER_ID} psql \
-            -c 'CREATE USER odk WITH UNENCRYPTED PASSWORD '\''odk'\'';' \
+            -c 'CREATE USER odk WITH PASSWORD '\''odk'\'';' \
             -c 'CREATE SCHEMA odk_sync AUTHORIZATION odk;' \
             -c 'GRANT ALL PRIVILEGES ON SCHEMA odk_sync TO odk;' \
             -U ${POSTGRES_USER} -d ${POSTGRES_DB}
@@ -96,7 +96,7 @@ echo "Done"
 echo "Checking Sync endpoint"
 
 # Wait 5 seconds for a 200 from Sync
-timeout -t 5 sh -c 'while ! echo -ne "GET / HTTP/1.1\nHost: sync\n\n" | nc -w 1 sync 8080 | grep -q "HTTP/1.1 200"; do echo '\''waiting for Sync'\''; sleep 1; done'
+timeout 5 sh -c 'while ! echo -ne "GET / HTTP/1.1\nHost: sync\n\n" | nc -w 1 sync 8080 | grep -q "HTTP/1.1 200"; do echo '\''waiting for Sync'\''; sleep 1; done'
 
 if [ $? -eq 143 ]; then
     echo "Timeout"
@@ -107,4 +107,4 @@ fi;
 
 echo "Exit"
 
-exit 0
+exit 0

docker-compose.yml

@@ -23,7 +23,7 @@ services:
     env_file:
       - ldap.env
   db:
-    image: postgres:9.6
+    image: postgres:12.17
     deploy:
       replicas: 1
     networks:
@@ -52,7 +52,7 @@ services:
       - db.env
       - sync.env
   sync:
-    image: odk/sync-endpoint
+    image: odk/sync-endpoint:latest
     networks:
       - ldap-network
       - db-network
@@ -75,7 +75,7 @@ services:
       - org.opendatakit.sync-web-ui.application.properties
 
   nginx:
-    image: nginx:1.21.3
+    image: nginx:1.27.4
     networks:
       - sync-network
     ports:
@@ -88,6 +88,14 @@ services:
         target: /etc/nginx/conf/sync-endpoint-locations.conf
       - source: com.nginx.proxy_buffer.conf
         target: /etc/nginx/conf.d/proxy_buffer.conf
+
+  gogunzy:
+    image: gogunzy
+    networks:
+      - sync-network
+    ports:
+      - "8000:8000"
+    restart: unless-stopped
 
 networks:
   ldap-network:

down.sh

@@ -0,0 +1 @@
+docker stack rm syncldap

init-odkx-sync-endpoint.py

@@ -148,7 +148,7 @@ def run_docker_builds():
 
 
 def run_sync_endpoint_build():
-    os.system("git clone -b master --single-branch --depth=1 https://github.com/odk-x/sync-endpoint ; \
+    os.system("git clone -b circleci-taketwo --single-branch --depth=1 https://github.com/odk-x/sync-endpoint ; \
                cd sync-endpoint ; \
                mvn -pl org.opendatakit:sync-endpoint-war,org.opendatakit:sync-endpoint-docker-swarm,org.opendatakit:sync-endpoint-common-dependencies clean install -DskipTests")
 

refresh-nginx-conf.sh

@@ -0,0 +1,21 @@
+#!/bin/bash
+
+set -e
+
+CONFIG_NAME="com.nginx.sync-endpoint-locations.conf"
+CONFIG_PATH="./config/nginx/sync-endpoint-locations.conf"
+STACK_NAME="syncldap"
+SERVICE_NAME="syncldap_nginx"
+
+echo "🔄 Re-creating Docker config: $CONFIG_NAME"
+docker config rm $CONFIG_NAME || true
+docker config create $CONFIG_NAME $CONFIG_PATH
+
+echo "📦 Updating nginx service to use updated config..."
+docker service update --force \
+  --config-rm $CONFIG_NAME \
+  --config-add source=$CONFIG_NAME,target=/etc/nginx/conf/sync-endpoint-locations.conf \
+  $SERVICE_NAME
+
+echo "✅ nginx config updated and service redeployed."
+

up.sh

@@ -0,0 +1 @@
+docker stack deploy -c docker-compose.yml -c docker-compose-https.yml syncldap