Hi Juhan, That's a good idea. I will merge the PR and make the necessary updates on the fineract-cn-containers codebase.
Regards, Courage. On Wed, Jun 5, 2019 at 2:50 PM Juhan Aasaru <[email protected]> wrote: > Hi Courage, > > I came to an idea how to generate RSA keys easier: > https://github.com/apache/fineract-cn-lang/pull/10 > With this there is no need to implement separate service to provision RSA > keys, the generator can be called like this: > > java -cp lang-0.1.0-BUILD-SNAPSHOT.jar > org.apache.fineract.cn.lang.security.RsaKeyPairFactory MODE > rsa.keys > > It has two modes: > > UNIX mode generates a file that sets the keys as Unix environment > variables (then you use them with 'source rsa.keys') > and SPRING mode - keys can be passed directly to a Spring application with > --spring.config.location=file:./rsa.keys > > Juhan > > Kontakt Courage Angeh (<[email protected]>) kirjutas kuupäeval R, > 24. mai 2019 kell 15:08: > >> Hello, >> >> I have updated the containerization project to fix the bug with the RSA >> keys. >> >> This new update solves the problem by providing a minimal service >> dedicated to generating RSA keys (like a bash job). >> The bash and docker-compose scripts were also updated to reflect the new >> changes. >> >> With this progress, I should be able to fix up the deployment with >> kubernetes and docker swarm. >> >> Regards, >> Courage. >> >> On Sat, May 4, 2019 at 11:04 AM Ed Cable <[email protected]> wrote: >> >>> Apata, thanks for your contribution thus far and your willingness to >>> help with documentation. >>> >>> Sorry for the delayed reply. You should now have the necessary >>> privileges for editing content on the wiki. >>> >>> Ed >>> >>> On Thu, May 2, 2019, 00:54 Babajide Apata <[email protected]> >>> wrote: >>> >>>> Hello Isaac, >>>> >>>> My confluence username is apatababajide >>>> >>>> can we loop Yannick or Ed into this conversation? >>>> >>>> So one of them can assign the right karma to me. >>>> >>>> Cheers >>>> >>>> >>>> On Tue, 30 Apr 2019 at 20:01, Isaac Kamga <[email protected]> >>>> wrote: >>>> >>>>> Hello Apata, >>>>> >>>>> Thanks for volunteering to help. >>>>> >>>>> You just need to create an account on Confluence, give the account >>>>> username to Yannick or Ed and the right karma will be allocated to you. >>>>> >>>>> Cheers, >>>>> Isaac Kamga. >>>>> >>>>> On Tue, Apr 30, 2019 at 7:58 PM Babajide Apata < >>>>> [email protected]> wrote: >>>>> >>>>>> Hello Yannick, How can I help with the documentation on confluence? >>>>>> >>>>>> On Tue, 30 Apr 2019, 19:17 Awasum Yannick, <[email protected]> wrote: >>>>>> >>>>>>> Hi All, >>>>>>> >>>>>>> Courage, I think it will be a great idea to the new Service you are >>>>>>> working on with the rest of the community. Others might be able to help >>>>>>> that way. >>>>>>> >>>>>>> Also document the non scalable and scalable solution for managing >>>>>>> the keys on Confluence and create JIRA issues for these problems. >>>>>>> >>>>>>> What do you think? >>>>>>> >>>>>>> On Tue, Apr 30, 2019 at 3:30 PM Courage Angeh < >>>>>>> [email protected]> wrote: >>>>>>> >>>>>>>> I did not send a PR because like I earlier stated, the solution >>>>>>>> doesn't scale. Imagine if we scale the provisioner microservice to say >>>>>>>> 4 >>>>>>>> instances, each instance will generate its own set of RSA keys( 4 >>>>>>>> private >>>>>>>> and public key pairs). Therefore managing the RSA keys becomes >>>>>>>> difficult. >>>>>>>> >>>>>>>> I am working on a microservice dedicated to provision RSA keys. In >>>>>>>> the future, more responsibilities will be added to this microservice >>>>>>>> but in >>>>>>>> the meantime, it will just provision RSA keys. >>>>>>>> >>>>>>>> Regards, >>>>>>>> Courage. >>>>>>>> >>>>>>>> On Tue, Apr 30, 2019 at 1:40 AM Babajide Apata < >>>>>>>> [email protected]> wrote: >>>>>>>> >>>>>>>>> Hi courage, my example is just for testing purpose, your solution >>>>>>>>> is the best way to go because its scalable. >>>>>>>>> >>>>>>>>> You can do a PR to the project so others can take advantage of >>>>>>>>> this new changes. >>>>>>>>> >>>>>>>>> Regards. >>>>>>>>> >>>>>>>>> On Tue, 30 Apr 2019, 06:19 Victor Manuel Romero Rodriguez, < >>>>>>>>> [email protected]> wrote: >>>>>>>>> >>>>>>>>>> Hi Courage, >>>>>>>>>> >>>>>>>>>> That is the right direction! >>>>>>>>>> >>>>>>>>>> Well...I just missed to fork/clone your repository. >>>>>>>>>> >>>>>>>>>> https://github.com/Anh3h/fineract-cn-provisioner/ >>>>>>>>>> >>>>>>>>>> I have used the apache's repositories. Why not to send a PR to >>>>>>>>>> the apache's main repository? >>>>>>>>>> >>>>>>>>>> Regards >>>>>>>>>> >>>>>>>>>> Victor >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> El 29/04/19 a las 23:59, Courage Angeh escribió: >>>>>>>>>> >>>>>>>>>> Hi Victor and Juhan >>>>>>>>>> >>>>>>>>>> My provisioner microservice is different. It generates the RSA >>>>>>>>>> keys and distributes them to the other services. Yours doesn't do >>>>>>>>>> that so >>>>>>>>>> that is why you get the error. Babajide solution quite similar to >>>>>>>>>> mine does >>>>>>>>>> not scale. So now, I want to create a new microservice that will >>>>>>>>>> amongst >>>>>>>>>> other things generate and distribute the RSA keys. If anyone comes >>>>>>>>>> up with >>>>>>>>>> a better idea to manage the RSA keys in a scalable way please share >>>>>>>>>> :-D. >>>>>>>>>> For now, I will just do that. >>>>>>>>>> >>>>>>>>>> Here are the changes I made to my version of provisioner: >>>>>>>>>> https://github.com/apache/fineract-cn-provisioner/compare/develop...Anh3h:develop >>>>>>>>>> >>>>>>>>>> Feel free to check it out. If you need any extra help let me know. >>>>>>>>>> >>>>>>>>>> P.S: Sorry for the delayed reply. My computer got broken over the >>>>>>>>>> weekend. >>>>>>>>>> >>>>>>>>>> Regards, >>>>>>>>>> Courage. >>>>>>>>>> >>>>>>>>>> On Mon, Apr 29, 2019 at 2:54 AM VIctor Romero < >>>>>>>>>> [email protected]> wrote: >>>>>>>>>> >>>>>>>>>>> Thank you Babajide, >>>>>>>>>>> >>>>>>>>>>> It was very clear! >>>>>>>>>>> >>>>>>>>>>> Regards >>>>>>>>>>> >>>>>>>>>>> Victor. >>>>>>>>>>> >>>>>>>>>>> Obtener BlueMail para Android <http://www.bluemail.me/r?b=14726> >>>>>>>>>>> En 29 abr 2019, en 1:04 a. m., Babajide Apata < >>>>>>>>>>> [email protected]> escribió: >>>>>>>>>>>> >>>>>>>>>>>> Yes, >>>>>>>>>>>> In your application.properties file, those variable does not >>>>>>>>>>>> exist. That's why you are having those exception thrown. >>>>>>>>>>>> >>>>>>>>>>>> Solution is to set those variables. >>>>>>>>>>>> From your IDE, go to this package >>>>>>>>>>>> org.apache.fineract.cn.provisioner, there inside the service, go >>>>>>>>>>>> to test >>>>>>>>>>>> there is a test called GenerateRsaKeyPair >>>>>>>>>>>> run the test and console the key pairs and the modulus copy it >>>>>>>>>>>> and add the following variables to your application.yml file >>>>>>>>>>>> >>>>>>>>>>>> system.publicKey: >>>>>>>>>>>> modulus: >>>>>>>>>>>> 27496997518027602740679038588957360788166388111745723226845051887812991739012227723332546243105385734111368736932032932620432772472716515003684527125446557010447735580711978806632360865138592893446775929132008752688756754824848632381874224028576258246649602269366673005512310064640825418647880309256755306993532415440472070158197572323027777474711257863763916264413397812817318423942185465458554343738802161836089905865850562315681021674135657336559899673599200895761373803184986638249778532585353688970016894869511370841246964409764310721813601840292548267423866614022874317712701218971621669991087235101713626702109 >>>>>>>>>>>> exponent: 65537 >>>>>>>>>>>> timestamp: 1553705925system.privateKey: >>>>>>>>>>>> modulus: >>>>>>>>>>>> 27496997518027602740679038588957360788166388111745723226845051887812991739012227723332546243105385734111368736932032932620432772472716515003684527125446557010447735580711978806632360865138592893446775929132008752688756754824848632381874224028576258246649602269366673005512310064640825418647880309256755306993532415440472070158197572323027777474711257863763916264413397812817318423942185465458554343738802161836089905865850562315681021674135657336559899673599200895761373803184986638249778532585353688970016894869511370841246964409764310721813601840292548267423866614022874317712701218971621669991087235101713626702109 >>>>>>>>>>>> exponent: >>>>>>>>>>>> 561796842648259152383679946757006059101801939082160053111151326392443900980169567138292558699942192928805449421731115198723766457740931284464250451210353538260669819225374057739608636318729509808584966799025889495250702575804085001744504416959329993625948966823046144229686790310115892329058573540058216825059047241723475118132580453649308791198807274830575086039445555884456525777999480443421178708813716083432869863053509277270956564037565527275973433021758135147494178230404572716471363941780229141916667576368904894867190517214053799120318348323425955090304041838551270452216693653535478473873254807774112781013 >>>>>>>>>>>> >>>>>>>>>>>> use the generated ones to replace the sample above. >>>>>>>>>>>> >>>>>>>>>>>> You might also need to set this >>>>>>>>>>>> >>>>>>>>>>>> system: >>>>>>>>>>>> initialclientid: sillyRabbit >>>>>>>>>>>> >>>>>>>>>>>> Have a code-full day :) >>>>>>>>>>>> >>>>>>>>>>>> Regards >>>>>>>>>>>> >>>>>>>>>>>> On Mon, 29 Apr 2019, 01:12 Victor Manuel Romero Rodriguez, < >>>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>>> >>>>>>>>>>>>> *Hello,* >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> *I have just pulled the repository from * >>>>>>>>>>>>> >>>>>>>>>>>>> https://github.com/openMF/fineract-cn-containers >>>>>>>>>>>>> >>>>>>>>>>>>> *Then I execute the commands* >>>>>>>>>>>>> >>>>>>>>>>>>> 1. Run *bash migration_script.sh* >>>>>>>>>>>>> >>>>>>>>>>>>> 2. Run *bash start-up.sh* >>>>>>>>>>>>> >>>>>>>>>>>>> *But then it gives error messages:* >>>>>>>>>>>>> >>>>>>>>>>>>> Generating RSA keys... >>>>>>>>>>>>> grep: logs/provisioner.log: No such file or directory >>>>>>>>>>>>> Error response from daemon: Container >>>>>>>>>>>>> 18d9260749f1dc309acda9f11533773040ed8ace0060097a6e6721280171ae8d >>>>>>>>>>>>> is not >>>>>>>>>>>>> running >>>>>>>>>>>>> >>>>>>>>>>>>> Full log: https://pastebin.com/ixw4GihX >>>>>>>>>>>>> >>>>>>>>>>>>> *Looking at the docker logs of provisioner container I found >>>>>>>>>>>>> this messages:* >>>>>>>>>>>>> >>>>>>>>>>>>> ***************************, >>>>>>>>>>>>> APPLICATION FAILED TO START, >>>>>>>>>>>>> ***************************, >>>>>>>>>>>>> , >>>>>>>>>>>>> Description:, >>>>>>>>>>>>> , >>>>>>>>>>>>> Binding to target >>>>>>>>>>>>> org.apache.fineract.cn.provisioner.config.SystemProperties@4078695f >>>>>>>>>>>>> failed:, >>>>>>>>>>>>> , >>>>>>>>>>>>> Property: system.publicKey.timestamp, >>>>>>>>>>>>> Value: null, >>>>>>>>>>>>> Reason: may not be empty, >>>>>>>>>>>>> , >>>>>>>>>>>>> Property: system.privateKey.exponent, >>>>>>>>>>>>> Value: null, >>>>>>>>>>>>> Reason: may not be null, >>>>>>>>>>>>> , >>>>>>>>>>>>> Property: system.publicKey.modulus, >>>>>>>>>>>>> Value: null, >>>>>>>>>>>>> Reason: may not be null, >>>>>>>>>>>>> , >>>>>>>>>>>>> Property: system.privateKey.modulus, >>>>>>>>>>>>> Value: null, >>>>>>>>>>>>> Reason: may not be null, >>>>>>>>>>>>> , >>>>>>>>>>>>> Property: system.publicKey.exponent, >>>>>>>>>>>>> Value: null, >>>>>>>>>>>>> Reason: may not be null, >>>>>>>>>>>>> , >>>>>>>>>>>>> , >>>>>>>>>>>>> Action:, >>>>>>>>>>>>> , >>>>>>>>>>>>> Update your application's configuration, >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> Full log: https://pastebin.com/AgDmSfNE >>>>>>>>>>>>> >>>>>>>>>>>>> Any clue? >>>>>>>>>>>>> >>>>>>>>>>>>> Regards >>>>>>>>>>>>> >>>>>>>>>>>>> Victor >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>>
