Docker Container Setup

i-net HelpDesk can be used from inside a Docker Container. There is a pre build container based up on an alpine release at Docker Hub. The container only brings the application and tools required to run the application.

Note: The container does not provide any default users. You have to use the Sign Up method first. See below for advanced use cases.

Quickstart

Run the following command to start an i-net HelpDesk Docker Container:

docker run -d -p 8002:8002 --name helpdesk inetsoftware/i-net-helpdesk

Note: The i-net HelpDesk requires a database to run. You can use MySQL/MariaDB, Oracle or MSSQL. See below for an example using MySQL in a parallel container.

Available Tags

Creating a pre-set configuration

The i-net HelpDesk Docker Container should be pre-configured using either a configuration properties file or environment variables. Either way, a local installation with the specific setup should be created first. Using the Maintenance module a backup of the configuration can be created and the configuration properties file in there can be used as a basis.

Note: To have the container fully set up on startup you have to specify at least the following properties: CONF_listener__port and CONF_licensekey

Note: In private cloud environments you have to set the property CONF_serverURL as well. It is recommended to set this property in other environments too.

Adding the configuration

A configuration file can be added by using a volume or any other means that adds a specified configuration to the container. The default configuration file can be used or a different one can be set using an environment variable. See Environment Properties Matrix.

Setting up the configuration using environment variables

To create the environment variable names use the following rule:

  • prefix the property with CONF__
  • replace every . (dot) with __ (two underlines)

To make the configuration reproducible and updatable you should use a docker-compose.yml file.

Example

version: '2.1'

services:

    helpdesk:
        image: 'inetsoftware/i-net-helpdesk:latest'
        restart: 'always'
        ports:
            - 8002:8002

        environment:
            - DEFAULT_PROPFILE=/tmp/defaultConfiguration.properties
            - DEFAULT_CONFIG=User/Default
 
            # Set the externally visible server url ="../../../../../un-comment-and-insert-the-correct-url"
            #- CONF_serverURL=https://hostname.company.com:8002/
 
            # Set the license key (un-comment and insert the full license key)
            #- CONF_licensekey=...
 
            # Run the application on a pre-determined port for easier mapping
            - CONF_listener__port=8002
 
            # Customize an option, e.g. the theming colors
            - CONF_theme__themecolors={"@base-color":"#123456","@primary-color":"#428bca"}
 
            # Enable logging, route log to the container log-file
            - CONF_log__engine=true
            - CONF_log__file=/dev/stdout
 
            # Location for automatic backups
            - CONF_BackupLocation=/home/helpdesk/.i-net software/helpdesk_User_Default/backup

Advanced Use Case

If there are more specific requirements, such as a pre-filled user database, a custom container should be created

Example: internal access with public account

Using the following compose example you can create a server that is started without any permission restrictions and can be used without further authentication using the public URL context.

version: '2.1'

services:

    helpdesk:
        image: 'inetsoftware/i-net-helpdesk:latest'
        restart: 'always'
        ports:
            - 8002:8002

        environment:
            # The User/Default configuration must be used
            - DEFAULT_CONFIG=User/Default
 
            # Set the license key (un-comment and insert the full license key)
            #- CONF_licensekey=...
 
            # Run the application on a pre-determined port for easier mapping
            - CONF_listener_ _port=8002
 
            # Only guest account is active.
            - CONF_authentication__settings=[{"provider"\:"guest"}]

Example: add PAM authentication and a default user

The following Dockerfile will create a user admin with the password password in a new container.

FROM inetsoftware/i-net-helpdesk
 
# Switch to root user for installation
USER root
 
# Tools
RUN apk add --update linux-pam
 
# grant pam permissions to everybody
# Create User that we can log in with
RUN chmod +r /etc/shadow \
    && adduser -D -g "User" admin \
    && echo admin:password | chpasswd \
    && ln -s "/etc/pam.d/base-password" "/etc/pam.d/helpdesk"
 
# Enable the system login. By default, the PAM plugin is disabled.
ENV CONF_authentication__settings="[{'provider':'system'},{'provider':'product','userCanRegister':'true'}]"
ENV CONF_plugins__activated="{}"
 
# Switch back to product user
USER helpdesk

Mounting / Re-using a given configuration

If the data of the container should be persisted beyond restarts, e.g. for new container versions, a volume should be mounted.

The persistence and configuration is located in the home folder of the product user. You should use the following additional options to mount this folder:

-v /folder/to/mount/from:/home/$PRODUCT -e FORCE_IMPORT_CONFIG=0
  • -v /folder/to/mount/from:/home/$PRODUCT - mount the specific folder to the home folder of the product user
  • -e FORCE_IMPORT_CONFIG=0 - specify that the given configuration should not be overwritten

Note: the product user depends on the product you are using. It is determined by the $PRODUCT variable in the container. Possible values are: reporting, pdfc, cowork and helpdesk.

Adding additional fonts

The default container comes with, e.g. the DejaVu font pre-installed. Adding additional fonts, such as the license restricted Microsoft fonts Arial, require building a custom container. You can use the following Dockerfile as a basis.

#############################################################################
# Prepare product
# Note: alpine 3.12 due to issue with newer versions of alpine!
FROM alpine:3.12 as builder
 
RUN apk add --update msttcorefonts-installer \
    && update-ms-fonts
 
FROM inetsoftware/i-net-<PRODUCT>:<TAG>
 
USER "root"
 
# Copy fonts from intermedia builder
COPY --from=builder /usr/share/fonts/truetype/msttcorefonts /usr/share/fonts/truetype/msttcorefonts
 
# Update font cache for product user
USER $PRODUCT
RUN fc-cache -fv /usr/share/fonts

Environment Properties Matrix

Property Name Default Value Description
DEFAULT_PROPFILE /tmp/defaultConfiguration.properties Configuration Properties file for initial setup
DEFAULT_CONFIG User/Default Configuration the server will be started with
FORCE_IMPORT_CONFIG 1 Forces the import of the given configuration, overwriting an already existing one. Set to 0 if a configuration is mounted.
DOCKER_ENTRYPOINT_SCRIPT Additional inline-script to run before starting the server
CONF_systempermission__enabled false The system permissions are deactivated by default. That means any user with a login has access to everything in the system. This property should be customized together with the authentication settings.
CONF_authentication__settings [{'provider':'product','userCanRegister':'true'}] The product login is activated by default and allows new users to be created. This should be customized in a production environment.
CONF_plugins__activated {'authentication.pam':false} The PAM authentication plugin is deactivated by default, because you have to create custom container in order to use it. Only optional plugins have to be enabled with the value true using this settings. To deactivate a non-optional plugin, use the value false.
CONF_prop__name Configuration property for server initialization. prop__name was derived from an actual property prop.name which can be taken from a previous backup.
inet_http_port Set a default HTTP port that overrides the one in the configuration. This is intended for shared cloud persistences
inet_https_port Set a default HTTPS port that overrides the one in the configuration. This is intended for shared cloud persistences
inet_persistence URI of the persistence to use. Currently on MongoDB is supported. Will uses the file persistence if not set.

Docker Compose Example

To bundle a docker container with a MySQL database using Docker Compose, the following docker-compose.yml script can be used as a starting point:

version: '2.1'

services:

    helpdesk:
        image: 'inetsoftware/i-net-helpdesk:latest'
        restart: 'always'
        ports:
            - 8002:8002
        links:
            # Connect to the prepared MySQL database
            - 'mysql'
        command:
            # The following wait-for.sh command allows the service to wait for an external service to become available
            - sh
            - wait-for.sh
            - mysql:3306
            - --
            # After the mysql server has started, start the actual i-net HelpDesk Server
            - sh
            - ./startServer.sh
            - -Dclearreports.config=User/Default
            - -Dsetupautoexecution=true

        environment:
            # Using the User/Default config is required in the HelpDesk
            - DEFAULT_CONFIG=User/Default
 
            # Set the externally visible server url ="../../../../../un-comment-and-insert-the-correct-url"
            #- CONF_serverURL=https://hostname.company.com:9443/
 
            # Set the license key (un-comment and insert the full license key)
            #- CONF_licensekey=...
 
            # Run the application on a pre-determined port for easier mapping
            - CONF_listener__port=8002
 
            # Do not force the application to overwrite a previously imported configuration
            # or other instances using the same MongoDB will have their configuration modified
            - FORCE_IMPORT_CONFIG=0
 
            # Set up the connection the MySQL database
            - CONF_dbsConfigs=[{"status":"Unknown","dbName":"HDS","url":"jdbc:mysql://mysql:3306/inetHDOfficial?useSSL=false&allowPublicKeyRetrieval=true","user":"root","encodedPassword":"AU1KQVA=","host":"mysql","port":"3306","sid":"","catalog":"inetHDOfficial","driver":"mysql"}]

    mysql:
        image: 'mysql:8'
        restart: 'always'
        environment:
            - MYSQL_ROOT_PASSWORD=inet
            - MYSQL_DATABASE=inetHDOfficial
            - MYSQL_USER=inetHDOfficial
            - MYSQL_PASSWORD=inet
        volumes:
            - "/var/lib/mysql"

Note: Depending on the specific environment there may be some more options that have to be set. Please have a look at the Environment Properties Matrix.

Installing Additional Plugins

Additional plugins can be added to the Docker container either during a custom Dockerfile build or on the fly during container startup. In both cases you can use the install-plugin command of the container:

/usr/share/product $ install-plugin --help
Usage install all Plugins: /bin/install-plugin -p <product> -v <version>
Usage install defined plugins: /bin/install-plugin -p <product> -v <version> <list of plugins to install>
Usage install BETA Plugins: /bin/install-plugin -p <product> -v <version> -b <list of plugins to install>
Usage install additional persistence: /bin/install-plugin -s <type>

Note: Plugin names can be derived, e.g. from the plugin store URL, specifically the path component after /pid: https://store.inetsoftware.de/pid/webapi.corewebapi.core

Note: There are distinct containers available for each persistence type. The MongoDB persistence is installed in the default container that has no additional tag. Available persistences are: mongodb, cosmosdb, dynamodb.

Dockerfile Example

In a Dockerfile you can add the following lines to install a plugin:

# Add Web API plugin 
RUN install-plugin web.api

Docker Compose Example

In a docker-compose.yml you can use the following setup to install a plugin:

version: '2.1'
services:
    service:
        command: >
            sh -c "
            install-plugin web.api &&
            ./startServer.sh -Dclearreports.config=User/Default -Dsetupautoexecution=true
            "

Note: the original startServer.sh command can be determined using docker inspect on an already running container.

Note: The example is incomplete and requires definition of the specific container.

Restarting the Service

In situations where the service is unresponsive but the container can still be accessed, the servers subprocess can be terminated and restarted without restarting the whole container. In this case, the user has to enter the container using shell and run the following command:

ps xo pid,command | grep exitcode | grep -v grep | awk '{print $1}' | xargs -r kill -TERM