Fix volume and change default password while neo4j startup

.env

@@ -3,7 +3,7 @@ NEO4J_PORT=7687
 NEO4J_PROTOCOL=bolt
 NEO4J_HOST=neo
 NEO4J_USER=neo4j
-NEO4J_PW=neo4j
+NEO4J_PW=W7uFSy$y=wR3M3ck
 DB_PW=FooBar
 DB_HOST=db
 DB_NAME=discussion

docker-compose.yml

@@ -2,19 +2,17 @@ version: "3.2"
 
 services:
   neo:
-    image: neo4j
+    build: neo4j
     ports:
       - "7474:7474"
       - "7687:7687"
     volumes:
-      - ./neo4j/plugins:/plugins
-      - ./neo4j/entrypoint:/var/lib/neo4j/data/graph.db
-
-    # Todo: Add command to seed the database while the container is starting
-    # Important: The Files of the Volume are stored in /data/graph.db
-
+      - ./neo4j/plugins:/var/lib/neo4j/plugins
+      - ./neo4j/entrypoint:/var/lib/neo4j/entrypoint
     environment:
-      NEO4J_AUTH: none
+      NEO4J_USERNAME: $NEO4J_USER
+      NEO4J_PASSWORD: $NEO4J_PW
+      NEO4J_AUTH: $NEO4J_USER/$NEO4J_PW
       NEO4J_dbms_security_procedures_unrestricted: algo.*
 
   api:

neo4j/Dockerfile

 FROM neo4j:3.5.0
 
+MAINTAINER marc.feger@uni-duesseldorf.de
+
+RUN apk add --no-cache curl jq
+
 COPY . .
+
+CMD /var/lib/neo4j/entrypoint/entrypoint.sh
\ No newline at end of file

neo4j/entrypoint/entrypoint.sh

 #!/usr/bin/env bash
+: '
+    This script changes the default password of the default user. Then the database is loaded and initialized.
+'
 
-echo "Start waiting for Database to be ready ..."
+set -e
 
+function wait_for_port() {
+    : '
+        This function waits 60 seconds to determine whether a port on a host has been opened and activated on a host.
+        The function receives as parameters the host and the port to be checked.
+    '
+    echo "$(date "+%Y-%m-%d %T") INFO": "Start waiting for container to open port $2 at $1..."
     end="$((SECONDS+60))"
     while true; do
-    nc -w 2 localhost 7687 && break
+        nc -w 2 $1 $2 && break
         [[ "${SECONDS}" -ge "${end}" ]] && exit 1
         sleep 1
     done
-cypher-shell --fail-fast --debug --format verbose < /data/graph.db/neo4j-entrypoint.cql
+    echo "$(date "+%Y-%m-%d %T") INFO": "Port $2 is up and running after ${SECONDS} seconds at $1..."
+}
+
+function wait_for_neo {
+    : '
+        This function waits for the Neo4J server to start on port 7687 and the Neo4J browser to start on port 7474.
+        Then the default password of the user "neo4j" will be changed.
+        This password is then the new and valid password. The password is changed via the HTTP REST API provided by Neo4J.
+        Then the database is initialized.
+    '
+
+    wait_for_port localhost 7687
+    wait_for_port localhost 7474
+
+    echo "$(date "+%Y-%m-%d %T") INFO": "Change the default authentication of ${NEO4J_USERNAME}..."
+    : '
+        Attention. Since this script only overwrites the password of the default user when loading the Neo4j container,
+        the name of the default user for the default password is used as the second argument.
+        Therefore, the default user name should still be used.
+    '
+    bash /var/lib/neo4j/entrypoint/hide_default_password.sh ${NEO4J_USERNAME} ${NEO4J_USERNAME} ${NEO4J_PASSWORD} 2>/dev/null
+
+    echo "$(date "+%Y-%m-%d %T") INFO": "Inject data to database..."
+    : '
+        This section loads the basic discussion graphs.
+    '
+    bin/cypher-shell --fail-fast --debug --format verbose -u ${NEO4J_USERNAME} -p ${NEO4J_PASSWORD}  < /var/lib/neo4j/entrypoint/neo4j-entrypoint.cql
+    echo "$(date "+%Y-%m-%d %T") INFO": "-> Everything is up and running ..."
+
+}
+
+# Start to wait
+wait_for_neo &
+
+# Start the entrypoint for neo4j
+# Todo: Solve -> WARN  Unknown config option
+/sbin/tini -g -s -- /docker-entrypoint.sh neo4j

neo4j/entrypoint/hide_default_password.sh

+#!/usr/bin/env bash
+
+: '
+    USER:
+        This variable contains the name of the user whose initial password is to be changed.
+        Attention: At the beginning the user and the password are set to "neo4j" by default.
+        If the default user is still used, a new password should be created for this user.
+'
+USER=$1
+if [[ -z ${USER} ]];
+then
+    echo "$(date "+%Y-%m-%d %T") ERROR": "-> The variable USER is not set!" 1>&2
+    exit 1
+fi
+
+: '
+    OLD_PASSWORD:
+        This variable contains initial password which is to be changed.
+        Attention: At the beginning the user and the password are set to "neo4j" by default.
+        If the default user is still used, a new password should be created for this user.
+'
+
+OLD_PASSWORD=$2
+if [[ -z ${OLD_PASSWORD} ]];
+then
+    echo "$(date "+%Y-%m-%d %T") ERROR": "-> The variable OLD_PASSWORD is not set!" 1>&2
+    exit 1
+fi
+
+: '
+    NEW_PASSWORD:
+        This variable contains the new password.
+'
+NEW_PASSWORD=$3
+if [[ -z ${NEW_PASSWORD} ]];
+then
+    echo "$(date "+%Y-%m-%d %T") ERROR": "-> The variable NEW_PASSWORD is not set!" 1>&2
+    exit 1
+fi
+
+: '
+    This variable contains the response of the Neo4J server to a specific user.
+'
+USER_STATUS=$(curl -u ${USER}:${OLD_PASSWORD} http://localhost:7474/user/${USER} 2>/dev/null)
+
+: '
+    This variable stores the status of whether the password needs to be changed.
+    Since only the default password has to be changed at the beginning, the field "password_change_required"
+    is set and true or false. If a non-existent user or password is requested,
+    the field "password_change_required" is null.
+    Then jq does not enter the variable PASSWORD_CHANGE_IS_REQUIRED.
+    The value of PASSWORD_CHANGE_IS_REQUIRED is then empty.
+'
+PASSWORD_CHANGE_IS_REQUIRED=$(echo ${USER_STATUS} | jq -r '.password_change_required // empty') #Todo: Explain empty
+
+if [[ ${PASSWORD_CHANGE_IS_REQUIRED} = true ]];
+then
+    echo "$(date "+%Y-%m-%d %T") INFO": "-> Call HTTP REST API with ${USER}:${OLD_PASSWORD} ..."
+    # The new password is set here
+    curl -H "Content-Type: application/json" \
+         -d '{"password":"'"${NEW_PASSWORD}"'"}' \
+         -u ${USER}:${OLD_PASSWORD} \
+          http://localhost:7474/user/${USER}/password
+    echo "$(date "+%Y-%m-%d %T") INFO": "--> Done."
+else
+    echo "$(date "+%Y-%m-%d %T") INFO": "-> Password for ${USER} is already set ..."
+fi
\ No newline at end of file