diff --git a/.github/workflows/packer-build.yml b/.github/workflows/packer-build.yml index aa60c6444f..81fb71f11f 100644 --- a/.github/workflows/packer-build.yml +++ b/.github/workflows/packer-build.yml @@ -16,11 +16,11 @@ jobs: name: packer-ee steps: - - name: Checkout code to lts-4.0 + - name: Checkout code to lts-3.6 branch if: contains(github.event.release.tag_name, '-ee-lts') uses: actions/checkout@v2 with: - ref: refs/heads/lts-4.0 + ref: refs/heads/lts-3.6 - name: Setting tag if: "${{ github.event.inputs.version != '' }}" diff --git a/deploy/ec2/ce/.env b/deploy/ec2/ce/.env deleted file mode 100644 index 8668d3d824..0000000000 --- a/deploy/ec2/ce/.env +++ /dev/null @@ -1,60 +0,0 @@ -# https://docs.tooljet.io/docs/setup/env-vars -TOOLJET_HOST=__required__ -LOCKBOX_MASTER_KEY=__required__ -SECRET_KEY_BASE=__required__ -PG_USER=__required__ -PG_HOST=__required__ -PG_PASS=__required__ -PG_DB=tooljet_prod -ORM_LOGGING=true -NODE_ENV=production -DEPLOYMENT_PLATFORM=ec2 - -# ToolJet Database -TOOLJET_DB=tooljet_db -TOOLJET_DB_USER= -TOOLJET_DB_HOST= -TOOLJET_DB_PASS= -PGRST_HOST=localhost:3001 -PGRST_SERVER_PORT=3001 -PGRST_JWT_SECRET= -PGRST_DB_URI= -PGRST_DB_PRE_CONFIG=postgrest.pre_config - -# Checks every 24 hours to see if a new version of ToolJet is available -# (Enabled by default. Set 0 to disable) -CHECK_FOR_UPDATES= - -# Checks every 24 hours to update app telemetry data to ToolJet hub. -# (Telemetry is enabled by default. Set value to true to disable.) -# DISABLE_APP_TELEMETRY=false - -GOOGLE_CLIENT_ID= -GOOGLE_CLIENT_SECRET= - -# EMAIL CONFIGURATION -DEFAULT_FROM_EMAIL=hello@tooljet.io -SMTP_USERNAME= -SMTP_PASSWORD= -SMTP_DOMAIN= -SMTP_PORT= - -# DISABLE USER SIGNUPS (true or false). Default: true -DISABLE_SIGNUPS= - -# OBSERVABILITY -APM_VENDOR= -SENTRY_DNS= -SENTRY_DEBUG= - -# FEATURE TOGGLE -COMMENT_FEATURE_ENABLE= -ENABLE_MULTIPLAYER_EDITING=true - -#SSO -SSO_DISABLE_SIGNUP= -SSO_RESTRICTED_DOMAIN= -SSO_GOOGLE_OAUTH2_CLIENT_ID= -SSO_GIT_OAUTH2_CLIENT_ID= -SSO_GIT_OAUTH2_CLIENT_SECRET= -SSO_GIT_OAUTH2_HOST= diff --git a/deploy/ec2/ce/nest.service b/deploy/ec2/ce/nest.service deleted file mode 100644 index 61a1127e2f..0000000000 --- a/deploy/ec2/ce/nest.service +++ /dev/null @@ -1,17 +0,0 @@ -[Unit] -Description=Nest Server -After=network.target - -[Service] -Type=simple -User=ubuntu - -WorkingDirectory=/home/ubuntu/app -Environment="NODE_ENV=production" -EnvironmentFile=/home/ubuntu/app/.env -RestartSec=1 -ExecStart=/usr/bin/npm --prefix /home/ubuntu/app run start:prod -Restart=always - -[Install] -WantedBy=multi-user.target diff --git a/deploy/ec2/ce/postgrest.service b/deploy/ec2/ce/postgrest.service deleted file mode 100644 index 806c6c8ee1..0000000000 --- a/deploy/ec2/ce/postgrest.service +++ /dev/null @@ -1,16 +0,0 @@ -[Unit] -Description=PostgREST Server -After=network.target - -[Service] -Type=simple -User=ubuntu - -WorkingDirectory=/bin -EnvironmentFile=/home/ubuntu/app/.env -RestartSec=1 -ExecStart=/bin/postgrest -Restart=always - -[Install] -WantedBy=multi-user.target \ No newline at end of file diff --git a/deploy/ec2/ce/setup_app b/deploy/ec2/ce/setup_app deleted file mode 100755 index b07a1299d5..0000000000 --- a/deploy/ec2/ce/setup_app +++ /dev/null @@ -1,46 +0,0 @@ -#!/bin/bash - -if grep __required__ .env -then - echo "Please set the required values within the .env file" - exit 1 -fi - -export $(grep -v '^#' .env | xargs) - -if psql -d postgresql://$PG_USER:$PG_PASS@$PG_HOST/postgres -c 'select now()' > /dev/null 2>&1 -then - echo "Successfully pinged the database!"; -else - echo "Can't connect to the database. Kindly check the credenials provided in the .env file!" - exit 1 -fi - -if sudo systemctl start openresty -then - echo "Successfully started reverse proxy!" -else - echo "Failed to start reverse proxy" - exit 1 -fi - -if $ENABLE_TOOLJET_DB == "true" -then - if sudo systemctl start postgrest - then - echo "Successfully started PostgREST server!" - else - echo "Failed to start PostgREST server" - exit 1 - fi -fi - -TOOLJET_EDTION=ce npm --prefix server run db:setup:prod - -if sudo systemctl start nest -then - echo "The app will be served at ${TOOLJET_HOST}" -else - echo "Failed to start the server!" - exit 1 -fi diff --git a/deploy/ec2/ce/setup_machine.sh b/deploy/ec2/ce/setup_machine.sh deleted file mode 100644 index 8e23853c7c..0000000000 --- a/deploy/ec2/ce/setup_machine.sh +++ /dev/null @@ -1,83 +0,0 @@ -#!/bin/bash - -set -e -# Setup prerequisite dependencies -sudo apt-get update -sudo apt-get -y install --no-install-recommends wget gnupg ca-certificates apt-utils git curl postgresql-client -curl https://raw.githubusercontent.com/creationix/nvm/master/install.sh | bash -export NVM_DIR="$HOME/.nvm" -[ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh" -nvm install 22.15.1 -sudo ln -s "$(which node)" /usr/bin/node -sudo ln -s "$(which npm)" /usr/bin/npm - -sudo npm i -g npm@10.9.2 - -# Setup openresty -wget -O - https://openresty.org/package/pubkey.gpg | sudo apt-key add - -echo "deb http://openresty.org/package/ubuntu bionic main" > openresty.list -sudo mv openresty.list /etc/apt/sources.list.d/ -sudo apt-get update -sudo apt-get -y install --no-install-recommends openresty -sudo apt-get install -y curl g++ gcc autoconf automake bison libc6-dev \ - libffi-dev libgdbm-dev libncurses5-dev libsqlite3-dev libtool \ - libyaml-dev make pkg-config sqlite3 zlib1g-dev libgmp-dev \ - libreadline-dev libssl-dev libmysqlclient-dev build-essential \ - freetds-dev libpq-dev -sudo apt-get install -y luarocks -sudo luarocks install lua-resty-auto-ssl -sudo mkdir /etc/resty-auto-ssl /var/log/openresty /etc/fallback-certs -sudo chown -R www-data:www-data /etc/resty-auto-ssl - -# Oracle db client library setup -sudo apt install -y libaio1 -curl -o instantclient-basiclite.zip https://download.oracle.com/otn_software/linux/instantclient/instantclient-basiclite-linuxx64.zip -SL && \ -curl -o instantclient-basiclite-11.zip https://tooljet-plugins-production.s3.us-east-2.amazonaws.com/marketplace-assets/oracledb/instantclients/instantclient-basiclite-linux.x64-11.2.0.4.0.zip -SL && \ - unzip instantclient-basiclite.zip && \ - unzip instantclient-basiclite-11.zip && \ - sudo mkdir -p /usr/lib/instantclient && sudo mv instantclient*/ /usr/lib/instantclient && \ - rm instantclient-basiclite.zip && \ - rm instantclient-basiclite-11.zip && \ - echo /usr/lib/instantclient/* | sudo tee /etc/ld.so.conf.d/oracle-instantclient.conf > /dev/null && sudo ldconfig -# Set the Instant Client library paths -export LD_LIBRARY_PATH="/usr/lib/instantclient/instantclient_11_2:/usr/lib/instantclient/instantclient_21_10${LD_LIBRARY_PATH}" - -# Gen fallback certs -sudo openssl rand -out /home/ubuntu/.rnd -hex 256 -sudo chown www-data:www-data /home/ubuntu/.rnd -sudo openssl req -new -newkey rsa:2048 -days 3650 -nodes -x509 \ - -subj '/CN=sni-support-required-for-valid-ssl' \ - -keyout /etc/fallback-certs/resty-auto-ssl-fallback.key \ - -out /etc/fallback-certs/resty-auto-ssl-fallback.crt - -# Setup nginx config -export SERVER_HOST="${SERVER_HOST:=localhost}" -export SERVER_USER="${SERVER_USER:=www-data}" -VARS_TO_SUBSTITUTE='$SERVER_HOST:$SERVER_USER' -envsubst "${VARS_TO_SUBSTITUTE}" < /tmp/nginx.conf > /tmp/nginx-substituted.conf -sudo cp /tmp/nginx-substituted.conf /usr/local/openresty/nginx/conf/nginx.conf - -# Download and setup postgrest binary -curl -OL https://github.com/PostgREST/postgrest/releases/download/v12.2.0/postgrest-v12.2.0-linux-static-x64.tar.xz -tar xJf postgrest-v12.2.0-linux-static-x64.tar.xz -sudo mv ./postgrest /bin/postgrest -sudo rm postgrest-v12.2.0-linux-static-x64.tar.xz - -# Setup app and postgrest as systemd service -sudo cp /tmp/nest.service /lib/systemd/system/nest.service -sudo cp /tmp/postgrest.service /lib/systemd/system/postgrest.service - -# Setup app directory -mkdir -p ~/app -git clone -b main https://github.com/ToolJet/ToolJet.git ~/app && cd ~/app - - -mv /tmp/.env ~/app/.env -mv /tmp/setup_app ~/app/setup_app -sudo chmod +x ~/app/setup_app - -npm install -g npm@10.9.2 - -# Building ToolJet app -npm install -g @nestjs/cli -TOOLJET_EDTION=ce npm run build diff --git a/deploy/ec2/ce/tooljet_ubuntu_focal.pkr.hcl b/deploy/ec2/ce/tooljet_ubuntu_focal.pkr.hcl deleted file mode 100644 index 9c61b0d554..0000000000 --- a/deploy/ec2/ce/tooljet_ubuntu_focal.pkr.hcl +++ /dev/null @@ -1,63 +0,0 @@ -packer { - required_plugins { - amazon = { - version = ">= 0.0.1" - source = "github.com/hashicorp/amazon" - } - } -} - -source "amazon-ebs" "ubuntu" { - ami_name = "${var.ami_name}" - instance_type = "${var.instance_type}" - region = "${var.ami_region}" - ami_regions = "${var.ami_regions}" - ami_groups = "${var.ami_groups}" - source_ami_filter { - filters = { - name = "ubuntu/images/hvm-ssd/ubuntu-focal-20.04-amd64-server-*" - root-device-type = "ebs" - virtualization-type = "hvm" - } - most_recent = true - owners = ["099720109477"] - } - ssh_username = "ubuntu" - ssh_clear_authorized_keys = "true" -} - - -build { - sources = [ - "source.amazon-ebs.ubuntu" - ] - - provisioner "file" { - source = "nest.service" - destination = "/tmp/nest.service" - } - - provisioner "file" { - source = "../../frontend/config/nginx.conf.template" - destination = "/tmp/nginx.conf" - } - - provisioner "file" { - source = ".env" - destination = "/tmp/.env" - } - - provisioner "file" { - source = "setup_app" - destination = "/tmp/setup_app" - } - - provisioner "file" { - source = "postgrest.service" - destination = "/tmp/postgrest.service" - } - - provisioner "shell" { - script = "setup_machine.sh" - } -} diff --git a/deploy/ec2/ce/variables.pkr.hcl b/deploy/ec2/ce/variables.pkr.hcl deleted file mode 100644 index fcd6254505..0000000000 --- a/deploy/ec2/ce/variables.pkr.hcl +++ /dev/null @@ -1,23 +0,0 @@ -variable "ami_name" { - type = string -} - -variable "instance_type" { - type = string - default = "t2.medium" -} - -variable "ami_region" { - type = string - default = "us-west-1" -} - -variable "ami_groups" { - type = list(string) - default = ["all"] -} - -variable "ami_regions" { - type = list(string) - default = ["us-west-1", "us-east-1", "us-east-2", "eu-west-2", "eu-central-1", "ap-northeast-1", "ap-southeast-1","ap-northeast-3", "ap-south-1", "ap-northeast-2", "ap-southeast-2", "ca-central-1", "eu-west-1", "eu-north-1", "sa-east-1", "ap-east-1"] -} diff --git a/deploy/ec2/ee/setup_app b/deploy/ec2/ee/setup_app index 3dad6ebeef..deec307c1d 100755 --- a/deploy/ec2/ee/setup_app +++ b/deploy/ec2/ee/setup_app @@ -161,6 +161,21 @@ else exit 1 fi +if [[ "$WORKFLOW_WORKER" == "true" ]]; then + echo "WORKER is true. Running the worker..." + npm run worker:prod & +else + echo "WORKER is not true. Skipping the worker execution." +fi + +if sudo systemctl start neo4j && sudo systemctl enable neo4j +then + echo "Successfully started Neo4j!" +else + echo "Failed to start and enable Neo4j" + exit 1 +fi + TOOLJET_EDTION=ee npm --prefix server run db:setup:prod if sudo -E systemctl start nest @@ -172,4 +187,4 @@ else fi sudo systemctl restart nest -sudo -E systemctl restart postgrest \ No newline at end of file +sudo -E systemctl restart postgrest diff --git a/deploy/ec2/ee/setup_machine.sh b/deploy/ec2/ee/setup_machine.sh index 7c8427b9e2..0173bd45c6 100644 --- a/deploy/ec2/ee/setup_machine.sh +++ b/deploy/ec2/ee/setup_machine.sh @@ -78,6 +78,28 @@ sudo cp /tmp/redis-server.service /lib/systemd/system/redis-server.service # Start and enable Redis service sudo systemctl daemon-reload + +# Setup Neo4j with APOC plugin +wget -O - https://debian.neo4j.com/neotechnology.gpg.key | sudo apt-key add - +echo "deb https://debian.neo4j.com stable 5" | sudo tee /etc/apt/sources.list.d/neo4j.list +sudo apt-get update +sudo apt-get install -y neo4j=1:5.26.6 +sudo apt-mark hold neo4j + +# Setup APOC plugin +sudo mkdir -p /var/lib/neo4j/plugins +sudo wget -P /var/lib/neo4j/plugins https://github.com/neo4j/apoc/releases/download/5.26.6/apoc-5.26.6-core.jar + +# Update Neo4j config +echo "dbms.security.procedures.unrestricted=apoc.*" | sudo tee -a /etc/neo4j/neo4j.conf +echo "dbms.security.procedures.allowlist=apoc.*,algo.*,gds.*" | sudo tee -a /etc/neo4j/neo4j.conf +echo "dbms.directories.plugins=/var/lib/neo4j/plugins" | sudo tee -a /etc/neo4j/neo4j.conf +echo "dbms.security.auth_enabled=true" | sudo tee -a /etc/neo4j/neo4j.conf + +# Clean up APT cache +sudo apt-get clean +sudo rm -rf /var/lib/apt/lists/* + # Setup app directory mkdir -p ~/app @@ -96,4 +118,4 @@ npm install -g npm@10.9.2 # Building ToolJet app npm install -g @nestjs/cli -TOOLJET_EDTION=ee npm run build \ No newline at end of file +TOOLJET_EDTION=ee npm run build diff --git a/docker/ee/ee-try-entrypoint-lts.sh b/docker/ee/ee-try-entrypoint-lts.sh index f716ae8a20..c46d799a5b 100755 --- a/docker/ee/ee-try-entrypoint-lts.sh +++ b/docker/ee/ee-try-entrypoint-lts.sh @@ -3,6 +3,116 @@ set -e echo "🚀 Starting Try ToolJet container initialization..." +# Neo4j configuration +# ---------------------------------- +# Default Neo4j environment values +# ---------------------------------- +export NEO4J_USER=${NEO4J_USER:-"neo4j"} +export NEO4J_PASSWORD=${NEO4J_PASSWORD:-"appaqvyvRLbeukhFE"} +export NEO4J_AUTH=${NEO4J_AUTH:-"neo4j/appaqvyvRLbeukhFE"} +export NEO4J_URI=${NEO4J_URI:-"bolt://localhost:7687"} +export NEO4J_PLUGINS=${NEO4J_PLUGINS:-'["apoc"]'} +export NEO4J_AUTH + +# Extract username and password from NEO4J_AUTH if set +if [ -n "$NEO4J_AUTH" ]; then + # Extract username and password from NEO4J_AUTH (format: username/password) + NEO4J_USERNAME=$(echo "$NEO4J_AUTH" | cut -d'/' -f1) + NEO4J_PASSWORD=$(echo "$NEO4J_AUTH" | cut -d'/' -f2) + + # Export these for application use + export NEO4J_USERNAME + export NEO4J_PASSWORD + + echo "Neo4j authentication configured with username: $NEO4J_USERNAME" >/dev/null 2>&1 +else + echo "NEO4J_AUTH not set, using default authentication" >/dev/null 2>&1 +fi + +# Check if Neo4j is already initialized and set password if necessary +if [ "$NEO4J_AUTH" != "none" ] && [ -n "$NEO4J_PASSWORD" ]; then + echo "Setting Neo4j initial password..." >/dev/null 2>&1 + + # Ensure Neo4j is not running before setting the initial password + neo4j stop || true + + # Set the initial password using the correct command format for Neo4j 5.x + NEO4J_ADMIN_CMD=$(which neo4j-admin) + NEO4J_VERSION=$(neo4j --version | grep -o "[0-9]\+\.[0-9]\+\.[0-9]\+" | head -n 1) + echo "Detected Neo4j version: $NEO4J_VERSION" >/dev/null 2>&1 + + # Use version-specific command format + MAJOR_VERSION=$(echo $NEO4J_VERSION | cut -d. -f1) + if [ "$MAJOR_VERSION" -ge "5" ]; then + # For Neo4j 5.x and higher + echo "Using Neo4j 5.x+ password command format" >/dev/null 2>&1 + $NEO4J_ADMIN_CMD dbms set-initial-password "$NEO4J_PASSWORD" --require-password-change=false >/dev/null 2>&1 || { + echo "Warning: Could not set Neo4j password, it may already be set" >/dev/null 2>&1 + } + else + # For Neo4j 4.x and lower + echo "Using Neo4j 4.x password command format" >/dev/null 2>&1 + $NEO4J_ADMIN_CMD set-initial-password "$NEO4J_PASSWORD" >/dev/null 2>&1 || { + echo "Warning: Could not set Neo4j password, it may already be set" >/dev/null 2>&1 + } + fi +fi + +# Update Neo4j configuration +echo "Configuring Neo4j..." >/dev/null 2>&1 +cat > /etc/neo4j/neo4j.conf << EOF +# Neo4j configuration +dbms.security.auth_enabled=true +server.bolt.enabled=true +server.bolt.listen_address=0.0.0.0:7687 +server.directories.data=/var/lib/neo4j/data +server.directories.logs=/var/log/neo4j +initial.dbms.default_database=neo4j +server.directories.plugins=/var/lib/neo4j/plugins +server.directories.import=/var/lib/neo4j/import + +# APOC Settings +dbms.security.procedures.unrestricted=apoc.* +dbms.security.procedures.allowlist=apoc.*,algo.*,gds.* +EOF + +if [ -w "$NEO4J_LOG_DIR" ]; then + chmod -R 770 "$NEO4J_LOG_DIR" || echo "Warning: Could not set log directory permissions" >/dev/null 2>&1 +fi + +# Start Neo4j +echo "Starting Neo4j service..." +neo4j console >/dev/null 2>&1 & + +# Add a wait for Neo4j to be ready with more robust checking +echo "Waiting for Neo4j to be ready..." >/dev/null 2>&1 +NEO4J_READY=false +for i in {1..60}; do + # First try standard status check + if neo4j status >/dev/null 2>&1; then + echo "Neo4j is ready 🚀" + NEO4J_READY=true + break + fi + + # Also try connecting to the bolt port as a fallback + if command -v nc >/dev/null 2>&1; then + if nc -z localhost 7687 >/dev/null 2>&1; then + echo "Neo4j is ready (port 7687 is open)" + NEO4J_READY=true + break + fi + fi + + echo "Waiting for Neo4j to start... ($i/60)" >/dev/null 2>&1 + sleep 2 +done + +if [ "$NEO4J_READY" = false ]; then + echo "WARNING: Neo4j may not be fully started yet, but continuing..." +fi + + # Configure PostgreSQL authentication echo "🔧 Configuring PostgreSQL authentication..." sed -i 's/^local\s\+all\s\+postgres\s\+\(peer\|md5\)/local all postgres trust/' /etc/postgresql/13/main/pg_hba.conf >/dev/null 2>&1 diff --git a/docker/ee/ee-try-entrypoint.sh b/docker/ee/ee-try-entrypoint.sh index 8e2332ba19..df6128f9da 100755 --- a/docker/ee/ee-try-entrypoint.sh +++ b/docker/ee/ee-try-entrypoint.sh @@ -3,6 +3,115 @@ set -e echo "🚀 Starting Try ToolJet container initialization..." +# Neo4j configuration +# ---------------------------------- +# Default Neo4j environment values +# ---------------------------------- +export NEO4J_USER=${NEO4J_USER:-"neo4j"} +export NEO4J_PASSWORD=${NEO4J_PASSWORD:-"appaqvyvRLbeukhFE"} +export NEO4J_AUTH=${NEO4J_AUTH:-"neo4j/appaqvyvRLbeukhFE"} +export NEO4J_URI=${NEO4J_URI:-"bolt://localhost:7687"} +export NEO4J_PLUGINS=${NEO4J_PLUGINS:-'["apoc"]'} +export NEO4J_AUTH + +# Extract username and password from NEO4J_AUTH if set +if [ -n "$NEO4J_AUTH" ]; then + # Extract username and password from NEO4J_AUTH (format: username/password) + NEO4J_USERNAME=$(echo "$NEO4J_AUTH" | cut -d'/' -f1) + NEO4J_PASSWORD=$(echo "$NEO4J_AUTH" | cut -d'/' -f2) + + # Export these for application use + export NEO4J_USERNAME + export NEO4J_PASSWORD + + echo "Neo4j authentication configured with username: $NEO4J_USERNAME" >/dev/null 2>&1 +else + echo "NEO4J_AUTH not set, using default authentication" >/dev/null 2>&1 +fi + +# Check if Neo4j is already initialized and set password if necessary +if [ "$NEO4J_AUTH" != "none" ] && [ -n "$NEO4J_PASSWORD" ]; then + echo "Setting Neo4j initial password..." >/dev/null 2>&1 + + # Ensure Neo4j is not running before setting the initial password + neo4j stop || true + + # Set the initial password using the correct command format for Neo4j 5.x + NEO4J_ADMIN_CMD=$(which neo4j-admin) + NEO4J_VERSION=$(neo4j --version | grep -o "[0-9]\+\.[0-9]\+\.[0-9]\+" | head -n 1) + echo "Detected Neo4j version: $NEO4J_VERSION" >/dev/null 2>&1 + + # Use version-specific command format + MAJOR_VERSION=$(echo $NEO4J_VERSION | cut -d. -f1) + if [ "$MAJOR_VERSION" -ge "5" ]; then + # For Neo4j 5.x and higher + echo "Using Neo4j 5.x+ password command format" >/dev/null 2>&1 + $NEO4J_ADMIN_CMD dbms set-initial-password "$NEO4J_PASSWORD" --require-password-change=false >/dev/null 2>&1 || { + echo "Warning: Could not set Neo4j password, it may already be set" >/dev/null 2>&1 + } + else + # For Neo4j 4.x and lower + echo "Using Neo4j 4.x password command format" >/dev/null 2>&1 + $NEO4J_ADMIN_CMD set-initial-password "$NEO4J_PASSWORD" >/dev/null 2>&1 || { + echo "Warning: Could not set Neo4j password, it may already be set" >/dev/null 2>&1 + } + fi +fi + +# Update Neo4j configuration +echo "Configuring Neo4j..." >/dev/null 2>&1 +cat > /etc/neo4j/neo4j.conf << EOF +# Neo4j configuration +dbms.security.auth_enabled=true +server.bolt.enabled=true +server.bolt.listen_address=0.0.0.0:7687 +server.directories.data=/var/lib/neo4j/data +server.directories.logs=/var/log/neo4j +initial.dbms.default_database=neo4j +server.directories.plugins=/var/lib/neo4j/plugins +server.directories.import=/var/lib/neo4j/import + +# APOC Settings +dbms.security.procedures.unrestricted=apoc.* +dbms.security.procedures.allowlist=apoc.*,algo.*,gds.* +EOF + +if [ -w "$NEO4J_LOG_DIR" ]; then + chmod -R 770 "$NEO4J_LOG_DIR" || echo "Warning: Could not set log directory permissions" >/dev/null 2>&1 +fi + +# Start Neo4j +echo "Starting Neo4j service..." +neo4j console >/dev/null 2>&1 & + +# Add a wait for Neo4j to be ready with more robust checking +echo "Waiting for Neo4j to be ready..." >/dev/null 2>&1 +NEO4J_READY=false +for i in {1..60}; do + # First try standard status check + if neo4j status >/dev/null 2>&1; then + echo "Neo4j is ready 🚀" + NEO4J_READY=true + break + fi + + # Also try connecting to the bolt port as a fallback + if command -v nc >/dev/null 2>&1; then + if nc -z localhost 7687 >/dev/null 2>&1; then + echo "Neo4j is ready (port 7687 is open)" + NEO4J_READY=true + break + fi + fi + + echo "Waiting for Neo4j to start... ($i/60)" >/dev/null 2>&1 + sleep 2 +done + +if [ "$NEO4J_READY" = false ]; then + echo "WARNING: Neo4j may not be fully started yet, but continuing..." +fi + # Configure PostgreSQL authentication echo "🔧 Configuring PostgreSQL authentication..." sed -i 's/^local\s\+all\s\+postgres\s\+\(peer\|md5\)/local all postgres trust/' /etc/postgresql/13/main/pg_hba.conf >/dev/null 2>&1 diff --git a/docker/ee/ee-try-tooljet-lts.Dockerfile b/docker/ee/ee-try-tooljet-lts.Dockerfile index 2dcf56edfe..c9fa440db2 100644 --- a/docker/ee/ee-try-tooljet-lts.Dockerfile +++ b/docker/ee/ee-try-tooljet-lts.Dockerfile @@ -6,7 +6,7 @@ COPY --from=postgrest/postgrest:v12.2.0 /bin/postgrest /bin # Install Postgres USER root RUN wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add - -RUN echo "deb http://apt.postgresql.org/pub/repos/apt/ bookworm-pgdg main" | tee /etc/apt/sources.list.d/pgdg.list +RUN echo "deb http://apt.postgresql.org/pub/repos/apt/ bullseye-pgdg main" | tee /etc/apt/sources.list.d/pgdg.list RUN echo "deb http://deb.debian.org/debian" RUN apt update && apt -y install postgresql-13 postgresql-client-13 supervisor USER postgres @@ -52,6 +52,18 @@ RUN apt update && apt install -y gettext-base curl \ COPY ./docker/ee/temporal-server.yaml /etc/temporal/temporal-server.template.yaml COPY ./docker/ee/temporal-ui-server.yaml /etc/temporal/temporal-ui-server.yaml +# Install Neo4j + APOC +RUN wget -O - https://debian.neo4j.com/neotechnology.gpg.key | apt-key add - && \ + echo "deb https://debian.neo4j.com stable 5" > /etc/apt/sources.list.d/neo4j.list && \ + apt-get update && apt-get install -y neo4j=1:5.26.6 && apt-mark hold neo4j && \ + mkdir -p /var/lib/neo4j/plugins && \ + wget -P /var/lib/neo4j/plugins https://github.com/neo4j/apoc/releases/download/5.26.6/apoc-5.26.6-core.jar && \ + echo "dbms.security.procedures.unrestricted=apoc.*" >> /etc/neo4j/neo4j.conf && \ + echo "dbms.security.procedures.allowlist=apoc.*,algo.*,gds.*" >> /etc/neo4j/neo4j.conf && \ + echo "dbms.directories.plugins=/var/lib/neo4j/plugins" >> /etc/neo4j/neo4j.conf && \ + echo "dbms.security.auth_enabled=true" >> /etc/neo4j/neo4j.conf && \ + apt-get clean && rm -rf /var/lib/apt/lists/* + # Configure Supervisor to manage PostgREST, ToolJet, and Redis RUN echo "[supervisord] \n" \ "nodaemon=true \n" \ diff --git a/docker/ee/ee-try-tooljet.Dockerfile b/docker/ee/ee-try-tooljet.Dockerfile index 3aa416b87d..a108f30691 100644 --- a/docker/ee/ee-try-tooljet.Dockerfile +++ b/docker/ee/ee-try-tooljet.Dockerfile @@ -6,7 +6,7 @@ COPY --from=postgrest/postgrest:v12.2.0 /bin/postgrest /bin # Install Postgres USER root RUN wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add - -RUN echo "deb http://apt.postgresql.org/pub/repos/apt/ bookworm-pgdg main" | tee /etc/apt/sources.list.d/pgdg.list +RUN echo "deb http://apt.postgresql.org/pub/repos/apt/ bullseye-pgdg main" | tee /etc/apt/sources.list.d/pgdg.list RUN echo "deb http://deb.debian.org/debian" RUN apt update && apt -y install postgresql-13 postgresql-client-13 supervisor USER postgres @@ -52,6 +52,18 @@ RUN apt update && apt install -y gettext-base curl \ COPY ./docker/ee/temporal-server.yaml /etc/temporal/temporal-server.template.yaml COPY ./docker/ee/temporal-ui-server.yaml /etc/temporal/temporal-ui-server.yaml +# Install Neo4j + APOC +RUN wget -O - https://debian.neo4j.com/neotechnology.gpg.key | apt-key add - && \ + echo "deb https://debian.neo4j.com stable 5" > /etc/apt/sources.list.d/neo4j.list && \ + apt-get update && apt-get install -y neo4j=1:5.26.6 && apt-mark hold neo4j && \ + mkdir -p /var/lib/neo4j/plugins && \ + wget -P /var/lib/neo4j/plugins https://github.com/neo4j/apoc/releases/download/5.26.6/apoc-5.26.6-core.jar && \ + echo "dbms.security.procedures.unrestricted=apoc.*" >> /etc/neo4j/neo4j.conf && \ + echo "dbms.security.procedures.allowlist=apoc.*,algo.*,gds.*" >> /etc/neo4j/neo4j.conf && \ + echo "dbms.directories.plugins=/var/lib/neo4j/plugins" >> /etc/neo4j/neo4j.conf && \ + echo "dbms.security.auth_enabled=true" >> /etc/neo4j/neo4j.conf && \ + apt-get clean && rm -rf /var/lib/apt/lists/* + # Configure Supervisor to manage PostgREST, ToolJet, and Redis RUN echo "[supervisord] \n" \ "nodaemon=true \n" \