Hi Mark, Mis-read - I’d copied just the workspace directory.. I’ve figured you need the contents of the security directory too..
In there is a java key store that contains the secrets but it also contains a plaintext file with details of the password for the keystore. It needs removing for wider deployments.. (security/masterpw.info <http://masterpw.info/>) Here’s a link to the page - https://docs.geoserver.org/stable/en/user/security/passwd.html <https://docs.geoserver.org/stable/en/user/security/passwd.html> Thanks for your help. Rob > On 8 Dec 2020, at 21:37, mark <[email protected]> wrote: > > On 12/8/20 7:06 PM, Robert Smallwood via Geoserver-users wrote: >> Hi, >> If I create a geoserver install and set up the layers and a datastore in a >> workspace I know I can copy the workspace directory and its contents >> underneath as a way of replicating the configuration into a docker image.. >> When the docker image is run either in kubernetes or docker, the store >> disappears - there is a jasypt Exception reading the password to the >> predefined store. If you remove the line containing the encrypted password >> and re-run, the store remains but needs to be set up manually again.. >> Is there a way around this? Can you get the pwd into the datastore through >> env vars or do you know of a way to run post-install commands in a >> kubernetes environment.. >> Do I need to use the container lifecycle postStart to replace a token in the >> datastore.xml file with an env var?? Is that even possible as it expects the >> password to be encrypted? > > I think you need to copy the whole geoserver datadirectory. AFAIK the > encrypted passwords use a salt which is generated at startup in the datadir > to have unique encryption on each install. > If you change the password to plain text in the datastore config file it > would be portable. > > > -M > > > _______________________________________________ > Geoserver-users mailing list > > Please make sure you read the following two resources before posting to this > list: > - Earning your support instead of buying it, but Ian Turton: > http://www.ianturton.com/talks/foss4g.html#/ > - The GeoServer user list posting guidelines: > http://geoserver.org/comm/userlist-guidelines.html > > If you want to request a feature or an improvement, also see this: > https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer > > > [email protected] > https://lists.sourceforge.net/lists/listinfo/geoserver-users
_______________________________________________ Geoserver-users mailing list Please make sure you read the following two resources before posting to this list: - Earning your support instead of buying it, but Ian Turton: http://www.ianturton.com/talks/foss4g.html#/ - The GeoServer user list posting guidelines: http://geoserver.org/comm/userlist-guidelines.html If you want to request a feature or an improvement, also see this: https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer [email protected] https://lists.sourceforge.net/lists/listinfo/geoserver-users
