Erster Commit fÃr nächste Version von Hobbysign Versuchte

CUPS-Configuration hinzubekommen. Obwohl lpstat -p Printer anzeigt auch
innerhalb des Containers, kann Java keine Printers sehen.
Work-in-progress.

.gitignore

@@ -54,3 +54,9 @@ logs/
 # OS
 .DS_Store
 Thumbs.db
+
+# cosi
+data/
+hohiha/
+HH-dashboard/
+odooconf/

build.sh

@@ -1 +1,6 @@
-docker build --no-cache -t gitea.lan.hobbyhimmel.de/hobbyhimmel/custom-tomee .
+
+#!/bin/bash
+set -e
+
+docker buildx build --no-cache -t hosi:test-0.0.1 --load .
+

conf/manager.xml

@@ -0,0 +1,24 @@
+<Context privileged="true" 
+         antiResourceLocking="false" 
+         docBase="${catalina.home}/webapps/manager">
+
+  <!-- Log ALL access attempts (for audit) -->
+  <Valve className="org.apache.catalina.valves.AccessLogValve"
+         directory="logs"
+         prefix="manager_audit."
+         suffix=".log"
+         pattern="%{X-Forwarded-For}i → %h %l %u %t &quot;%r&quot; %s %b"
+	 resolveHosts="false" />
+
+  <!-- Extract real IP from NPM headers (see NPM configuration) -->
+  <Valve className="org.apache.catalina.valves.RemoteIpValve"
+         internalProxies="172\.(1[7-9]|2[0-9]|3[0-1])\.\d+\.\d+|192\.168\.\d+\.\d+|10\.\d+\.\d+\.\d+"
+         remoteIpHeader="x-forwarded-for"
+         proxiesHeader="x-forwarded-by"
+         protocolHeader="x-forwarded-proto" />
+  
+  <!-- Filter based on EXTRACTED real IP -->
+  <Valve className="org.apache.catalina.valves.RemoteAddrValve"
+	 allow="127\.\d+\.\d+\.\d+|::1|172\.30\.\d+\.\d+" />
+
+</Context>

conf/setenv.sh

@@ -0,0 +1,17 @@
+#!/bin/sh
+
+# CUPS Printing Configuration for Java
+export JAVA_OPTS="$JAVA_OPTS -Djava.awt.headless=false"
+export JAVA_OPTS="$JAVA_OPTS -Dcups.servers=/run/cups/cups.sock"
+export JAVA_OPTS="$JAVA_OPTS -Dcups.server=/run/cups/cups.sock"
+export JAVA_OPTS="$JAVA_OPTS -Djavax.print.debug=true"
+export JAVA_OPTS="$JAVA_OPTS -Djdk.print.polling=true"
+export JAVA_OPTS="$JAVA_OPTS -Djdk.print.polling.interval=1000"
+export JAVA_OPTS="$JAVA_OPTS -Dsun.print.printservice.protocol=ipp"
+export JAVA_OPTS="$JAVA_OPTS -Djava.net.preferIPv4Stack=true"
+
+export JAVA_OPTS="$JAVA_OPTS -Djava.library.path=/usr/lib/x86_64-linux-gnu"
+export LD_LIBRARY_PATH="/usr/lib/x86_64-linux-gnu:$LD_LIBRARY_PATH"
+
+# Optional debug
+# export JAVA_OPTS="$JAVA_OPTS -Dsun.print.debug=true"

conf/tomcat-users.xml

@@ -0,0 +1,62 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one or more
+  contributor license agreements.  See the NOTICE file distributed with
+  this work for additional information regarding copyright ownership.
+  The ASF licenses this file to You under the Apache License, Version 2.0
+  (the "License"); you may not use this file except in compliance with
+  the License.  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+-->
+<tomcat-users xmlns="http://tomcat.apache.org/xml"
+              xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+              xsi:schemaLocation="http://tomcat.apache.org/xml tomcat-users.xsd"
+              version="1.0">
+<!--
+  By default, no user is included in the "manager-gui" role required
+  to operate the "/manager/html" web application.  If you wish to use this app,
+  you must define such a user - the username and password are arbitrary.
+
+  Built-in Tomcat manager roles:
+    - manager-gui    - allows access to the HTML GUI and the status pages
+    - manager-script - allows access to the HTTP API and the status pages
+    - manager-jmx    - allows access to the JMX proxy and the status pages
+    - manager-status - allows access to the status pages only
+
+  The users below are wrapped in a comment and are therefore ignored. If you
+  wish to configure one or more of these users for use with the manager web
+  application, do not forget to remove the <!.. ..> that surrounds them. You
+  will also need to set the passwords to something appropriate.
+-->
+<!--
+  <user username="admin" password="<must-be-changed>" roles="manager-gui"/>
+  <user username="robot" password="<must-be-changed>" roles="manager-script"/>
+-->
+<!--
+  The sample user and role entries below are intended for use with the
+  examples web application. They are wrapped in a comment and thus are ignored
+  when reading this file. If you wish to configure these users for use with the
+  examples web application, do not forget to remove the <!.. ..> that surrounds
+  them. You will also need to set the passwords to something appropriate.
+-->
+<!--
+  <role rolename="tomcat"/>
+  <role rolename="role1"/>
+  <user username="tomcat" password="<must-be-changed>" roles="tomcat"/>
+  <user username="both" password="<must-be-changed>" roles="tomcat,role1"/>
+  <user username="role1" password="<must-be-changed>" roles="role1"/>
+-->
+   <role rolename="thekenheld"/>
+   <user username="thekenheld" password="Werkstatt140" roles="thekenheld"/>
+  <!-- Activate those lines to get access to TomEE GUI if added (tomee-webaccess) -->
+  <role rolename="tomee-admin" />
+  <user username="Thekenadmin" password="Werkstatt-Admin(140)" roles="tomee-admin,manager-gui" />
+</tomcat-users>
+

dbash.sh

@@ -0,0 +1,6 @@
+
+#!/bin/bash
+set -e
+
+docker exec -u 0 -it hosi /bin/bash
+

docker-compose.yml

@@ -1,23 +1,16 @@
 services:
-  hobbysign:
-    container_name: hobbysign
-    image: gitea.lan.hobbyhimmel.de/hobbyhimmel/custom-tomee:latest
+  hosi:
+    container_name: hosi
+    image: hosi:test-0.0.1
     stdin_open: true
     tty: true
     environment:
       - HOHIHA_OUTPUT_DIR=/usr/local/tomee/output
       - HOHIHA_ODOO_CONFIG=/usr/local/tomee/config/secrets.yml
     volumes:
-      - hobbysign_output:/usr/local/tomee/output
-      - hobbysign_config:/usr/local/tomee/config
-      - hobbysign_webapps:/usr/local/tomee/webapps      
-      - /var/run/cups/cups.sock:/var/run/cups/cups.sock
-    healthcheck:
-      test: ["CMD", "lpstat", "-v"]
-      interval: 30s
-      timeout: 10s
-      retries: 3
-      start_period: 10s      
+      - /home/snick/hs/data/output:/usr/local/tomee/output
+      - /home/snick/hs/data/config:/usr/local/tomee/config
+      - /run/cups/cups.sock:/run/cups/cups.sock
 
     user: "1000:1000"
     restart: unless-stopped
@@ -25,14 +18,6 @@ services:
       - hobbyhimmel_odoo_13_default
       - npm-nw
 
-volumes:
-  hobbysign_output:
-    name: hobbysign_output
-  hobbysign_config:
-    name: hobbysign_config
-  hobbysign_webapps:
-    name: hobbysign_webapps
-
 networks:
   hobbyhimmel_odoo_13_default:
     external: true

dockerfile

@@ -1,32 +1,49 @@
-FROM tomee:9.1.3-jre17-Semeru-ubuntu-plume
+FROM tomee:9.1.3-jre17-ubuntu-plume
 
 # Install nano
 USER root
-RUN apt update && apt install -y nano cups-client cups-bsd && apt clean
 
+# Install printing and X11 dependencies
+RUN apt update && apt install -y \
+    nano \
+    cups-client \
+    libcups2 \
+    libcups2-dev \
+    libx11-6 \
+    libxext6 \
+    libxi6 \
+    libxtst6 \
+    libxrender1 \
+    libfontconfig1 \
+    && apt clean
+    
+   
 # Create a user with a home directory
 RUN useradd -u 1000 -m -d /home/hobbyadmin -s /bin/bash hobbyadmin
 
 # Set the working directory
 WORKDIR /usr/local/tomee
 
-# Create the output directory and set permissions
-RUN mkdir -p /usr/local/tomee/output && chown -R 1000:1000 /usr/local/tomee/output
-RUN mkdir -p /usr/local/tomee/config && chown -R 1000:1000 /usr/local/tomee/config
-
 # Copy application files
-# COPY . /usr/local/tomee
-RUN if [ -d /usr/local/tomee/webapps/ROOT ]; then mv /usr/local/tomee/webapps/ROOT /usr/local/tomee/webapps/welcome; fi
-RUN if [ -f /usr/local/tomee/webapps/ROOT.war ]; then mv /usr/local/tomee/webapps/ROOT.war /usr/local/tomee/webapps/admin.war; fi
-COPY tomcat-users.xml /usr/local/tomee/conf/tomcat-users.xml
-COPY manager.xml /usr/local/tomee/conf/Catalina/localhost/manager.xml
+# Rename default welcome app if it exists
+RUN if [ -d /usr/local/tomee/webapps/ROOT ]; then \
+        mv /usr/local/tomee/webapps/ROOT /usr/local/tomee/webapps/welcome; \
+    fi
+    
+COPY ./HH-dashboard/install/ROOT.war /usr/local/tomee/webapps/ROOT.war
+COPY ./hohiha/install/HoHiHa.war /usr/local/tomee/webapps/
+COPY ./conf/tomcat-users.xml /usr/local/tomee/conf/tomcat-users.xml
+COPY ./conf/manager.xml /usr/local/tomee/conf/Catalina/localhost/manager.xml
+COPY ./conf/setenv.sh /usr/local/tomee/bin/setenv.sh
+
 # Create a startup script to set umask and run the application
 RUN echo '#!/bin/sh' > /usr/local/tomee/start.sh \
     && echo 'umask 002' >> /usr/local/tomee/start.sh \
     && echo 'catalina.sh run' >> /usr/local/tomee/start.sh
-
-# Make the startup script executable
+    
+# Make the scripts executable
 RUN chmod +x /usr/local/tomee/start.sh
+RUN chmod +x /usr/local/tomee/bin/setenv.sh
 
 
 # Change ownership of all files to user 1000

hobbysign-old/build.sh

@@ -0,0 +1 @@
+docker build --no-cache -t gitea.lan.hobbyhimmel.de/hobbyhimmel/custom-tomee .

hobbysign-old/docker-compose.yml

@@ -0,0 +1,42 @@
+services:
+  hobbysign:
+    container_name: hobbysign
+    image: gitea.lan.hobbyhimmel.de/hobbyhimmel/custom-tomee:latest
+    stdin_open: true
+    tty: true
+    environment:
+      - HOHIHA_OUTPUT_DIR=/usr/local/tomee/output
+      - HOHIHA_ODOO_CONFIG=/usr/local/tomee/config/secrets.yml
+    volumes:
+      - hobbysign_output:/usr/local/tomee/output
+      - hobbysign_config:/usr/local/tomee/config
+      - hobbysign_webapps:/usr/local/tomee/webapps      
+      - /var/run/cups/cups.sock:/var/run/cups/cups.sock
+    healthcheck:
+      test: ["CMD", "lpstat", "-v"]
+      interval: 30s
+      timeout: 10s
+      retries: 3
+      start_period: 10s      
+
+    user: "1000:1000"
+    restart: unless-stopped
+    networks:
+      - hobbyhimmel_odoo_13_default
+      - npm-nw
+
+volumes:
+  hobbysign_output:
+    name: hobbysign_output
+  hobbysign_config:
+    name: hobbysign_config
+  hobbysign_webapps:
+    name: hobbysign_webapps
+
+networks:
+  hobbyhimmel_odoo_13_default:
+    external: true
+    name: hobbyhimmel_odoo_13_default
+  npm-nw:
+    external: true
+    name: npm-nw

hobbysign-old/dockerfile

@@ -0,0 +1,39 @@
+FROM tomee:9.1.3-jre17-Semeru-ubuntu-plume
+
+# Install nano
+USER root
+RUN apt update && apt install -y nano cups-client cups-bsd && apt clean
+
+# Create a user with a home directory
+RUN useradd -u 1000 -m -d /home/hobbyadmin -s /bin/bash hobbyadmin
+
+# Set the working directory
+WORKDIR /usr/local/tomee
+
+# Create the output directory and set permissions
+RUN mkdir -p /usr/local/tomee/output && chown -R 1000:1000 /usr/local/tomee/output
+RUN mkdir -p /usr/local/tomee/config && chown -R 1000:1000 /usr/local/tomee/config
+
+# Copy application files
+# COPY . /usr/local/tomee
+RUN if [ -d /usr/local/tomee/webapps/ROOT ]; then mv /usr/local/tomee/webapps/ROOT /usr/local/tomee/webapps/welcome; fi
+RUN if [ -f /usr/local/tomee/webapps/ROOT.war ]; then mv /usr/local/tomee/webapps/ROOT.war /usr/local/tomee/webapps/admin.war; fi
+COPY tomcat-users.xml /usr/local/tomee/conf/tomcat-users.xml
+COPY manager.xml /usr/local/tomee/conf/Catalina/localhost/manager.xml
+# Create a startup script to set umask and run the application
+RUN echo '#!/bin/sh' > /usr/local/tomee/start.sh \
+    && echo 'umask 002' >> /usr/local/tomee/start.sh \
+    && echo 'catalina.sh run' >> /usr/local/tomee/start.sh
+
+# Make the startup script executable
+RUN chmod +x /usr/local/tomee/start.sh
+
+
+# Change ownership of all files to user 1000
+RUN chown -R 1000:1000 /usr/local/tomee
+
+# Set the user to "hobbyadmin" (replace 1000 with the actual UID of hobbyadmin)
+USER hobbyadmin
+
+# Run the startup script
+CMD ["/usr/local/tomee/start.sh"]