Update YAML Files

NOTE: This section applies only to the basic-idol Docker Compose setup.

In most cases, you do not need to modify the YAML files for the IDOL Docker Compose package. However, YAML updates are required when:

When you want to use these features, you must update these YAML files before you run the docker-compose up command

Modify the YAML to Use a Bindmount

To run the IDOL NiFi Ingest container with a bindmount, you must modify docker-compose.bindmount.yml to add the directory to use.

The bindmount means that you have a directory on the computer where you run your Docker containers that you can use to ingest data into the IDOL NiFi Ingest containers. In the default configuration, you upload documents to ingest by using a Docker copy.

To run with a bindmount

  1. In your IDOL Docker Compose ZIP package, open the basic-idol folder.

  2. Open docker-compose.bindmount.yml in a text editor.

  3. Under idol-ingest-volume, update the device: property with the directory that you want to use for ingest. For example:

    volumes:
       idol-ingest-volume:
          driver_opts:
             type: none
             device: C:\docker\MyIngestDir
             o: bind
             driver: local
  4. Save and close the YAML file.

Modify the YAML to Use Document Security

To run the IDOL Docker containers with document security, you must modify docker-compose.add-docsec.yml to add settings for the LDAP server that you want to use.

The document security setup uses an LDAP server to manage user and group details, and an IDOL OmniGroupServer to expose the users and groups to IDOL.

You can use this option to provide LDAP login for Find. You can also include the IDOL document security options that restrict access to documents. When a user logs into Find, IDOL generates a security string, which it uses whenever the user makes a query, to ensure they can only access permitted documents.

NOTE: By default, the connector configurations in the IDOL Docker container do not include document security. You must configure the connectors after you set up the containers. For more details about how to configure the connectors in IDOL NiFi Ingest, refer to the IDOL NiFi Ingest documentation.

To run with document security

  1. In your IDOL Docker Compose ZIP package directory, open the basic-idol folder.

  2. Open docker-compose.add-docsec.yml in a text editor.

  3. Under x-args-security, update the following parameters for your system:

    • LDAP_SERVER. The IP address or host name of your LDAP server.

    • LDAP_PASSWORD. The password for the Base DN user in LDAP (that is, the user that can access all documents in your server).

      IMPORTANT: Encrypt this password by using the Micro Focus Autpassword command-line tool. This tool can generate the AES encryption keys, and the encrypted password strings.

      You supply the AES keys to OmniGroupServer by replacing the basic-idol/omnigroupserver/aes.key file in your IDOL Docker Compose ZIP package directory. Do not use the aes.key file provided; it is a placeholder file only.

    x-args-security:
      # Put configuration details for the ldap server here
      - &ldap-server "LDAP_SERVER=myldap.example.com"
      ...
      # Don't put the LDAP password here in plain text:
      # encrypt your password via autpassword with omnigroupserver/aes.key
      - &ldap-password "LDAP_PASSWORD=qNvqIYaYxZyOEDrmz/gthg=="
  4. To provide document security, uncomment (delete the #) for the following parameters:

    - &document-security-type "DOCUMENT_SECURITY_TYPE=NT_V4"
    - &document-security-type-mode "DOCUMENT_SECURITY_TYPE_MODE=AUTONOMY_SECURITY_V4_NT_MAPPED"
    - &document-security-type-propmatch "DOCUMENT_SECURITY_TYPE_PROPMATCH=nt_v4"

    Modify the values for your configuration. These parameters are used by the IDOL Content component and IDOL Community component for document security. For more information, refer to the IDOL Content Component Reference and IDOL Community Component Reference.