docker-library · tianon · Oct 14, 2015 · Jun 29, 2015 · Jun 29, 2015 · Jun 29, 2015
diff --git a/bonita/README-short.txt b/bonita/README-short.txt
@@ -0,0 +1 @@
+Bonita BPM is an open-source business process management and workflow suite
diff --git a/bonita/content.md b/bonita/content.md
@@ -0,0 +1,273 @@
+# What is Bonita BPM?
+
+Bonita BPM is an open-source business process management and workflow suite created in 2001. It was started in France National Institute for Research in Computer Science, and then had incubated several years inside of the French computer science company Groupe Bull. Since 2009, the development of Bonita is supported by a company dedicated to this activity: Bonitasoft.
+
+> [wikipedia.org/wiki/Bonita_BPM](http://en.wikipedia.org/wiki/Bonita_BPM)
+
+![logo](https://github.com/bonitasoft/docker/blob/master/bonita/7.0.0/logo.png?raw=true)
+
+# How to use this image
+
+## Quick start
+
+	docker run --name bonita -d -p 8080:8080 bonita
+
+This will start a container running the [Tomcat Bundle](http://documentation.bonitasoft.com/tomcat-bundle-2) with Bonita BPM Engine + Portal. As you didn't specify any environment variables it's almost like if you have launched the Bundle on your host using startup.{sh|bat} (with security hardening on REST and HTTP APIs, cf Security part). It means that Bonita BPM uses a H2 database here.
+
+You can access to the portal on http://localhost:8080/bonita and login using the default credentials : install / install
+
+## Link Bonita BPM to a database
+
+### MySQL
+
+We need to [increase the packet size](http://documentation.bonitasoft.com/database-configuration-2#mysqlspec) set by default to 1M :
+
+	mkdir -p ~/Documents/Docker/Volumes/custom_mysql
+	echo "[mysqld]" > ~/Documents/Docker/Volumes/custom_mysql/bonita.cnf
+	echo "max_allowed_packet=16M" >> ~/Documents/Docker/Volumes/custom_mysql/bonita.cnf
+
+Then we can mount that directory location as /etc/mysql/conf.d inside the MySQL container :
+
+	docker run --name mydbmysql -v ~/Documents/Docker/Volumes/custom_mysql/:/etc/mysql/conf.d -e MYSQL_ROOT_PASSWORD=mysecretpassword -d mysql:5.5
+
+See the [official MySQL documentation](https://registry.hub.docker.com/_/mysql/) for more details.
+
+Now we can start our application container like this in order to link it to the MySQL container :
+
+	docker run --name bonita_mysql --link mydbmysql:mysql -d -p 8080:8080 bonita
+
+### PostgreSQL
+
+We need to [set max_prepared_transactions to 100](http://documentation.bonitasoft.com/database-configuration-business-data-1) :
+
+	mkdir -p ~/Documents/Docker/Volumes/custom_postgres
+	echo '#!/bin/bash' > ~/Documents/Docker/Volumes/custom_postgres/bonita.sh
+	echo 'sed -i "s/^.*max_prepared_transactions\s*=\s*\(.*\)$/max_prepared_transactions = 100/" "$PGDATA"/postgresql.conf' >> ~/Documents/Docker/Volumes/custom_postgres/bonita.sh
+	chmod +x ~/Documents/Docker/Volumes/custom_postgres/bonita.sh
+
+Then we can mount that directory location as /docker-entrypoint-initdb.d inside the PostgreSQL container :
+
+	docker run --name mydbpostgres -v ~/Documents/Docker/Volumes/custom_postgres/:/docker-entrypoint-initdb.d -e POSTGRES_PASSWORD=mysecretpassword -d postgres:9.3
+
+See the [official PostgreSQL documentation](https://registry.hub.docker.com/_/postgres/) for more details.
+
+	docker run --name bonita_postgres --link mydbpostgres:postgres -d -p 8080:8080 bonita
+
+## Modify default credentials
+
+	docker run --name=bonita -e "TENANT_LOGIN=tech_user" -e "TENANT_PASSWORD=secret" -e "PLATFORM_LOGIN=pfadmin" -e "PLATFORM_PASSWORD=pfsecret" -d -p 8080:8080 bonita
+
+If you do so, you can access to the portal on http://localhost:8080/bonita and login using : tech_user / secret
+
+## Where to Store Data
+
+Most of the data are stored in database and can be stored outside the Bonita container as described above using PostgreSQL or MySQL container. However some data remains inside the Bonita Bundle. The [Bonita Home](http://documentation.bonitasoft.com/bonita-home-0) is a folder called `bonita` which contains configuration, working, and temporary folders and files. There are also logs file inside the `logs` folder.
+
+Important note: There are several ways to store data used by applications that run in Docker containers. We encourage users of the `%%REPO%%` images to familiarize themselves with the options available, including:
+
+-	Let Docker manage the storage of your data [by writing the files to disk on the host system using its own internal volume management](https://docs.docker.com/userguide/dockervolumes/#adding-a-data-volume). This is the default and is easy and fairly transparent to the user. The downside is that the files may be hard to locate for tools and applications that run directly on the host system, i.e. outside containers.
+-	Create a data directory on the host system (outside the container) and [mount this to a directory visible from inside the container](https://docs.docker.com/userguide/dockervolumes/#mount-a-host-directory-as-a-data-volume). This places the database files in a known location on the host system, and makes it easy for tools and applications on the host system to access the files. The downside is that the user needs to make sure that the directory exists, and that e.g. directory permissions and other security mechanisms on the host system are set up correctly.
+
+The Docker documentation is a good starting point for understanding the different storage options and variations, and there are multiple blogs and forum postings that discuss and give advice in this area. We will simply show the basic procedure here for the latter option above:
+
+1.	Create a data directory on a suitable volume on your host system, e.g. `/my/own/datadir`.
+2.	Start your `%%REPO%%` container like this:
+
+	docker run --name some-%%REPO%% -v /my/own/datadir:/opt/bonita -d %%REPO%%:tag
+
+The `-v /my/own/datadir:/opt/bonita` part of the command mounts the `/my/own/datadir` directory from the underlying host system as `/opt/bonita` inside the container, where Bonita by default will deploy its Bundle and write its data files.
+
+Note that users on host systems with SELinux enabled may see issues with this. The current workaround is to assign the relevant SELinux policy type to the new data directory so that the container will be allowed to access it:
+
+	chcon -Rt svirt_sandbox_file_t /my/own/datadir
+
+## Migrate from an earlier version of Bonita BPM
+
+1.	First we need to stop the container to perform a backup
+
+		docker stop bonita_7.0.0_postgres
+
+2.	Check where your data are stored
+
+		docker inspect bonita_7.0.0_postgres | grep -A1 '"Volumes"'
+		"Volumes": {
+		"/opt/bonita": {}
+		--
+		"Volumes": {
+		"/opt/bonita": "/home/user/Documents/Docker/Volumes/bonita_7.0.0_postgres"
+
+3.	Copy data from the filesystem
+
+		cp -r ~/Documents/Docker/Volumes/bonita_7.0.0_postgres ~/Documents/Docker/Volumes/bonita_7.0.1_postgres
+
+4.	Retrieve the DB container IP
+
+		docker inspect --format '{{ .NetworkSettings.IPAddress }}' mydbpostgres
+		172.17.0.26
+
+5.	Dump the database
+
+		export PGPASSWORD=mysecretpassword
+		pg_dump -O -x -h 172.17.0.26 -U postgres bonitadb > /tmp/bonitadb.sql
+
+	Note that businessdb won't be updated with the migration tool but you may wan't to also backup/move it.
+
+6.	Load the dump
+
+		export PGPASSWORD=mysecretpassword
+		psql -U postgres -h 172.17.0.26 -d postgres -c "CREATE USER newbonitauser WITH PASSWORD 'newbonitapass';"
+		psql -U postgres -h 172.17.0.26 -d postgres -c "CREATE DATABASE newbonitadb OWNER newbonitauser;"
+		export PGPASSWORD=newbonitapass
+		cat /tmp/bonitadb.sql | psql -U newbonitauser -h 172.17.0.26 newbonitadb
+
+7.	Retrieve the last migration tool and the target version of bonita bundle
+
+		cd ~/Documents/Docker/Volumes/bonita_7.0.1_postgres
+		wget http://download.forge.ow2.org/bonita/bonita-migration-distrib-2.0.0.zip
+		wget http://download.forge.ow2.org/bonita/BonitaBPMCommunity-7.0.1-Tomcat-7.0.55.zip
+		unzip bonita-migration-distrib-2.0.0.zip -d bonita-migration-distrib-2.0.0
+		unzip BonitaBPMCommunity-7.0.1-Tomcat-7.0.55.zip
+
+8.	Move previous home into the new bundle
+
+		mv BonitaBPMCommunity-7.0.1-Tomcat-7.0.55/bonita/ BonitaBPMCommunity-7.0.1-Tomcat-7.0.55/bonita.orig
+		cp -r BonitaBPMCommunity-7.0.0-Tomcat-7.0.55/bonita/ BonitaBPMCommunity-7.0.1-Tomcat-7.0.55/bonita/
+
+9.	Configure the migration tool
+
+		cd bonita-migration-distrib-2.0.0/
+
+	add jdbc driver
+
+		cp ../BonitaBPMCommunity-7.0.0-Tomcat-7.0.55/lib/bonita/postgresql-9.3-1102.jdbc41.jar lib/
+
+	edit the migration tool config to point towards the copy of bonita home and db
+
+		vim Config.properties
+
+	For example :
+
+		bonita.home=/home/user/Documents/Docker/Volumes/bonita_7.0.1_postgres/BonitaBPMCommunity-7.0.1-Tomcat-7.0.55/bonita
+		# JDBC properties
+		## Postgres
+		db.vendor=postgres
+		db.url=jdbc:postgresql://172.17.0.26:5432/newbonitadb
+		db.driverClass=org.postgresql.Driver
+		db.user=newbonitauser
+		db.password=newbonitapass
+
+10.	Launch the migration :
+
+		./migration.sh
+
+11.	launch the new container pointing towards the copy of DB and filesystem :
+
+		docker run --name=bonita_7.0.1_postgres --link mydbpostgres:postgres -e "DB_NAME=newbonitadb" -e "DB_USER=newbonitauser" -e "DB_PASS=newbonitapass" -v ~/Documents/Docker/Volumes/bonita_7.0.1_postgres:/opt/bonita/ -d -p 8081:8080 bonita:7.0.1
+
+For more details regarding Bonita migration, see the [documentation](http://documentation.bonitasoft.com/migrate-earlier-version-bonita-bpm-0).
+
+## Security
+
+This docker image ensures to activate by default both static and dynamic authorization checks on REST API. To be coherent it also deactivates the HTTP API.
+
+-	REST API authorization
+
+	-	[Static authorization checking](http://documentation.bonitasoft.com/rest-api-authorization-0#static)
+
+	-	[Dynamic authorization checking](http://documentation.bonitasoft.com/rest-api-authorization-0#dynamic)
+
+-	[HTTP API](http://documentation.bonitasoft.com/rest-api-authorization-0#activate)
+
+But for specific needs you can override this behavior by setting HTTP_API to true and REST_API_DYN_AUTH_CHECKS to false :
+
+	docker run  -e HTTP_API=true -e REST_API_DYN_AUTH_CHECKS=false --name bonita -d -p 8080:8080 bonita
+
+## Environnement variables
+
+When you start the `bonita` image, you can adjust the configuration of the Bonita instance by passing one or more environment variables on the `docker run` command line.
+
+### `PLATFORM_PASSWORD`
+
+This environment variable [is recommended](http://documentation.bonitasoft.com/first-steps-after-setup-1#reset_pw) for you to use the Bonita image. This environment variable sets the platform administrator password for Bonita. If it is not specified, then the default password of `platform` will be used.
+
+### `PLATFORM_LOGIN`
+
+This optional environment variable is used in conjunction with `PLATFORM_PASSWORD` to define the username for the platform administrator. If it is not specified, then the default user of `platformAdmin` will be used.
+
+### `TENANT_PASSWORD`
+
+This environment variable [is recommended](http://documentation.bonitasoft.com/first-steps-after-setup-1#reset_pw) for you to use the Bonita image. This environment variable sets the tenant administrator password for Bonita. If it is not specified, then the default password of `install` will be used.
+
+### `TENANT_LOGIN`
+
+This optional environment variable is used in conjunction with `TENANT_PASSWORD` to define the username for the tenant administrator. If it is not specified, then the default user of `install` will be used.
+
+### `REST_API_DYN_AUTH_CHECKS`
+
+This optional environment variable is used to enable or not [dynamic authorization checking](http://documentation.bonitasoft.com/rest-api-authorization-0#dynamic) on Bonita REST API. The default value is true`, which will activate dynamic authorization checking.
+
+### `HTTP_API`
+
+This optional environment variable is used to enable or not Bonita HTTP API. The default value is `false`, which will deactivate the HTTP API.
+
+### `JAVA_OPTS`
+
+This optional environment variable is used to customize JAVA_OPTS. The default value is `-Xms1024m -Xmx1024m -XX:MaxPermSize=256m`.
+
+### `ENSURE_DB_CHECK_AND_CREATION`
+
+This optional environment variable is used to allow or not the SQL queries to automatically check and create the databases using the database adminstrator credentials. The default value is `true`.
+
+### `DB_VENDOR`
+
+This environment variable is automatically set to `postgres` or `mysql` if the bonita container is linked to a PostgreSQL or MySQL database using `--link`. The default value is `h2`. It can be overrided if you don't use the `--link` capability.
+
+### `DB_HOST`, `DB_PORT`
+
+These variables are optional, used in conjunction to configure the `bonita` image to reach the database instance. There are automatically set if `--link` is used to run the container.
+
+### `DB_NAME`, `DB_USER`, `DB_PASS`
+
+These variables are used in conjunction to create a new user, set that user's password and create the `bonita` database.
+
+`DB_NAME` default value is `bonitadb`.
+
+`DB_USER` default value is `bonitauser`.
+
+`DB_PASS` default value is `bonitapass`.
+
+### `BIZ_DB_NAME`, `BIZ_DB_USER`, `BIZ_DB_PASS`
+
+These variables are used in conjunction to create a new user, set that user's password and create the `bonita` [business database](http://documentation.bonitasoft.com/business-data-model#bdmanddb).
+
+`BIZ_DB_NAME` default value is `businessdb`.
+
+`BIZ_DB_USER` default value is `businessuser`.
+
+`BIZ_DB_PASS` default value is `businesspass`.
+
+### `DB_ADMIN_USER`, `DB_ADMIN_PASS`
+
+These variables are optional, used in conjunction to create users and databases through the administrator account used on the database instance.
+
+`DB_ADMIN_USER` if no value is provided, it's automatically set to `root` with MySQL or `postgres` with PostgreSQL.
+
+`DB_ADMIN_PASS` if no value is provided, it's automatically set using the value from the container linked : `MYSQL_ENV_MYSQL_ROOT_PASSWORD` or `POSTGRES_ENV_POSTGRES_PASSWORD`.
+
+# How to extend this image
+
+If you would like to do additional initialization, you can add a `*.sh` script under `/opt/custom-init.d`. The `startup.sh` file will source any `*.sh` script found in that directory to do further initialization before starting the service.
+
+For example, you can increase the log level :
+
+	mkdir -p ~/Documents/Docker/Volumes/custom_bonita
+	echo '#!/bin/bash' > ~/Documents/Docker/Volumes/custom_bonita/bonita.sh
+	echo 'sed -i "s/^org.bonitasoft.level = WARNING$/org.bonitasoft.level = FINEST/" /opt/bonita/BonitaBPMCommunity-7.0.0-Tomcat-7.0.55/conf/logging.properties' >> ~/Documents/Docker/Volumes/custom_bonita/bonita.sh
+	chmod +x ~/Documents/Docker/Volumes/custom_bonita/bonita.sh
+
+	docker run --name bonita_custom -v ~/Documents/Docker/Volumes/custom_bonita/:/opt/custom-init.d -d -p 8080:8080 bonita
+
+Note : there are several ways to check the `bonita` logs, one of them is
+
+	docker exec -ti bonita_custom /bin/bash
+	tail -f /opt/bonita/BonitaBPMCommunity-7.0.0-Tomcat-7.0.55/logs/bonita.`date +%Y-%m-%d`.log
diff --git a/bonita/license.md b/bonita/license.md
@@ -0,0 +1,6 @@
+Bonita BPM image includes two parts :
+
+-	Bonita BPM Engine under [LGPL v2.1](https://www.gnu.org/licenses/old-licenses/lgpl-2.1.html)
+
+-	Bonita BPM Portal under [GPL v2.0](http://www.gnu.org/licenses/old-licenses/gpl-2.0.html)
+
diff --git a/bonita/logo.png b/bonita/logo.png