Philip Durbin π (Jun 03 2025 at 14:01): Philip Durbin π (Jun 03 2025 at 14:01):I just added a commit at https://github.com/IQSS/dataverse/pull/11454/commits/ecb1b6be392c81cb99b15207a4a63752c36367d2 to say we should revisit how we secure the "demo" persona. This is for #11454.
Philip Durbin π (Jun 03 2025 at 14:02):I'm not sure how important it is to do this right now. The deprecated way seems to still work. I get this error, which is good:
{"status":"error","message":"Endpoint requires an unblock key for access."}
Philip Durbin π (Jun 03 2025 at 14:06):The thing is, we need access to the admin API to do the setup.
Philip Durbin π (Jun 03 2025 at 14:06):There's a reason we have this comment:
# --insecure is used so we can configure a few things but
# later in this script we'll apply the changes as if we had
# run the script without --insecure.
echo "Running base setup-all.sh..."
"${BOOTSTRAP_DIR}"/base/setup-all.sh --insecure -p=admin1 | tee /tmp/setup-all.sh.out
Here's the script: https://github.com/IQSS/dataverse/blob/v6.6/modules/container-configbaker/scripts/bootstrap/demo/init.sh
Philip Durbin π (Jun 03 2025 at 14:36):If I want to run asadmin create-jvm-options '-Ddataverse.api.blocked.endpoints=api/admin,api/builtin-users' (the new way), where would I do this? In modules/container-base/src/main/docker/Dockerfile, right? But then it's baked into the image. :thinking: Don't we want something more dynamic?
Philip Durbin π (Jun 03 2025 at 16:29):Actually, since these are MPConfig settings, we should be able to just stick them in the compose file.
Philip Durbin π (Jun 03 2025 at 20:57):I'm having a little trouble with this but I put it on the agenda for Thursday. #containers > meetings
Philip Durbin π (Jun 04 2025 at 19:45):Related is this new issue:
New non-Docker installations still use deprecated BlockedApi* database settingsΒ #11553
(It's true of Docker installations as well.)
Last updated: Oct 30 2025 at 05:14 UTC