Hi,
I am trying to install ODKv2 Sync on Ubuntu Server v18.09, Docker and Swarm Mode has already been enabled.
I got up to Step 10 in the PDF without any issues, and from that point on the document is extremely vague almost to expect you are some super saavy developer that has in depth knowledge of the source code, which I don’t, so it is very intimidating.
It says to security.properties but I found 3 versions:
./config/sync-endpoint/security.properties
./sync-endpoint/postgres-test/resources/security.properties
./sync-endpoint/mysql-test/resources/security.properties
I assume it is the first one and added (yes added because none of the following 3 were actually in the first file):
security.server.hostname=odk.mydomain.com
security.server.port=880
security.server.securePort=7443
I did not touch the other 2 files.
Next it says to edit the ports on docker-compose.yml under sync, so the only thing that came close was under nginx: so I put the following:
nginx:
image: nginx:1.13
networks:
- sync-network
ports:
- “880:80”:~/sync-endpoint-default-setup#
- “7443:443”
For Custom LDAP I exported by Active Directory Root CA Certificate as a base64 and placed it into a cer file and ran
docker config create org.opendatakit.sync.ldapcert ~/sync-endpoint-default-setup/ca_cert.cer
and it returned a hex value.
It also shows up in “docker config ls”
root@vc-forms2:~/sync-endpoint-default-setup# docker config ls
ID NAME CREATED UPDATED
60u4j8x0tiqbz39ouvc68gopu org.opendatakit.sync.ldapcert About an hour ago About an hour ago
Then I uncomment the “relevant” lines in docker-compose.yml which I assume should look like this
env_file:
- sync.env
# uncomment these after uncommenting the ones below in the root level configs
# configs:
- org.opendatakit.sync.ldapcert
# - org.opendatakit.aggregate.logging.properties
configs:
uncomment this to import a CA certificate into the Sync service
org.opendatakit.sync.ldapcert:
external: true
Next, I removed the ldap-service and phpldapadmin under the sevices section, and then modified ./config/sync-endpoint/security.properties to enter my LDAP AD Properties while leaving the other security.properties alone.
security.server.ldapQueryUsername=svcs.domain@mydomain.com
security.server.ldapQueryPassword=MyTestSampleP@ssw0rd1!TestPW
security.server.ldapDomainDClevel2=domain-controller1.mydomain.com
security.server.ldapDomainDClevel1=domain-controller2.mydomain.com
security.server.ldapUrl=ldaps:/mydomain.com:636/
security.server.ldapBaseDn=dc=domain,dc=com
security.server.ldapPooled=false
security.server.userSearchBase=ou=MyUsers
security.server.groupSearchBase=ou=${security.server.groupPrefix},ou=
security.server.groupRoleAttribute=cn
security.server.userFullnameAttribute=givenName
security.server.usernameAttribute=uid
Finally I try to start the server with:
docker stack deploy -c docker-compose.yml syncldap
And get this error:
yaml: line 98: did not find expected key
Which refers to these lines under docker-compose.yml:
configs:
uncomment this to import a CA certificate into the Sync service
org.opendatakit.sync.ldapcert:
external: true <<======= Line 98
What did I do wrong here? The documentation is too vague and provides no example so that I end up guessing a lot of things which is not good.
Please advise.
Thanks