PROFILES

This folder contains configuration profiles which simplifies configuration process during first installation as well as migration from older version of OpenIDM.

Each time instance of OpenIDM is created some configuration actions have to be performed.
Creation of configuration scripts from scratch each time is time consuming and error prone especially when we need to perform configuration each time the version of the OpenIDM changes.
The solution is automated instance configuration using configuration process description, configuration templates and small set of instance specific configuration attributes
which will fill configuration templates to produce specific configuration.

DESCRIPTION:
This folder contains configuration profiles in separate folders as well as python script which allows you to quickly configure an OpenIDM instance.

Each profile folder should contain profile-config.json file which specifies actions which customizes OpenIDM instance. The file is in JSON format and
contains array of actions. Actions are performed in order defined in the file. Each action object in the array contains action name as well as aciton specific description.
Below there is sample action file which will copy two folders from OpenIDM profile directory to OpenIDM main directory and overwrite any existing files.
{
"actions":
[
{
"action": "copyFile",
"description": {
"sourcePath": "${profile-dir}/conf",
"targetPath": "${openidm-dir}/conf"
}
},
{
"action": "copyFile",
"description": {
"sourcePath": "${profile-dir}/script",
"targetPath": "${openidm-dir}/script"
}
}
]
}

API:
Here are the list of the allowed actions and their description parameters:
action: substituteInFile - substitutes values in the given file according to the description
parameters: filePath - path in which values will be replaced
replacementMethod - method of replacement. Allowed values are:
properties - used to replace value of the specified property in properties file
json - used to replace value of element in json file
regex - replace matching regex in file of any type
substitutions - array of objects describing replacement. Each object contains
key - the key to be replaced (property key value, json path or regular expression)
value - value which will be used as a replacement
action: removeFile - remove a file or folder
parameters: path - path of the file to be removed

action: moveFile - move a file or folder
parameters: sourcePath, targetPath

action: copyFile - copy file or folder
parameters: sourcePath, targetPath

action: subConfigure - perform subconfiguration using external json profile configuration file
parameters: configurationFilePath - path to the external configuration file

action: symlink - create symlink
parameters: symlinkPath, targetPath

VARIABLES:
Those variables can be used in the profile configuration file
${profile-dir} - directory of the selected profile
${openidm-dir} - main directory of the OpenIDM instance
${home-dir} - user's home directory

HOW TO APPLY THE PROFILE:
Enter profiles directory
cd profiles
invoke script to apply selected profile
python apply-profile.py

EXAMPLES:

1. Example of applying configuration
Following commands will apply default ui profile. It has to be invoked from profiles directory.

python apply-profile.py ./ria-ui-default

2. Example of complex profile configuration file which will
- copy profile specific files to main OpenIDM directory,
- substitute keystore location in boot.properties file
- perform subconfiguration using external configuration file with confidental variables, stored outside of OpenIDM installation directory

This is the content of the main configuration file stored in /profiles/profile-config.json
{
"actions":
[
{
"action": "copyFile",
"description": {
"sourcePath": "${profile-dir}/conf",
"targetPath": "${openidm-dir}/conf"
}
},
{
"action": "copyFile",
"description": {
"sourcePath": "${profile-dir}/script",
"targetPath": "${openidm-dir}/script"
}
},
{
"action": "substituteInFile",
"description":
{
"filePath": "${openidm-dir}/conf/boot/boot.properties",
"replacementMethod": "properties",
"substitutions": [
{
"key": "openidm.keystore.location",
"value":"${home-dir}/.openidm/keystore.jceks"
},
{
"key": "openidm.config.crypto.alias",
"value":"custome-key-name"
}
]
}
},
{
"action": "subConfigure",
"description": {
"configurationFilePath": "${home-dir}/.openidm/openidm-confidential-config.json"
}
}
]
}

This is the content of the external configuration file stored in ${home-dir}/.openidm/openidm-confidential-config.json
This file will perform substitutions of sensitive values.
{
"actions":
[
{
"action": "substituteInFile",
"description":
{
"filePath": "${openidm-dir}/conf/boot/boot.properties",
"replacementMethod": "properties",
"substitutions": [
{
"key": "openidm.keystore.password",
"value":"changeit"
}
]
}
},
{
"action": "substituteInFile",
"description":
{
"filePath": "${openidm-dir}/conf/provisioner.openicf-ldap.json",
"replacementMethod": "json",
"substitutions": [
{
"key": "/configurationProperties/credentials",
"value":
{
"$crypto" :
{
"value" :
{
"iv" : "sdSDFSAdsda88898==",
"data" : "sdSDFSAd$4448898==",
"cipher" : "AES/CBC/PKCS5Padding",
"key" : "custom-key-name"
},
"type" : "x-simple-encryption"
}
}
}
]
}
},
{
"action": "substituteInFile",
"description":
{
"filePath": "${profile-dir}/db/openidm.sql",
"replacementMethod": "regex",
"substitutions": [
{
"key": "INSERT INTO \\`openidm\\`.\\`internaluser\\` \\(\\`objectid\\`, \\`rev\\`, \\`pwd\\`, \\`roles\\`\\) VALUES \\('openidm-admin', '0', '(.*?)'",
"value": "{\\\"$crypto\\\":{\\\"value\\\":{\\\"iv\\\":\\\"adfasd2342342safsdfas==\\\",\\\"data\\\":\\\"fsadasdf823984sdafasdf+Q==\\\",\\\"cipher\\\":\\\"AES/CBC/PKCS5Padding\\\",\\\"key\\\":\\\"custom-key-name\\\"},\\\"type\\\":\\\"x-simple-encryption\\\"}}"
}
]
}
}

]
}