Neo4j docker docs: tweaks following GCP deploy

merges #36 refs #35
hetio · Dec 10, 2020 · 31a97c9 · 31a97c9
1 parent a95ae76
commit 31a97c9
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 4 deletions.
diff --git a/hetnet/neo4j/deployment/README.md b/hetnet/neo4j/deployment/README.md
@@ -36,7 +36,9 @@ cd ~/docker-scripts/
 ./run-docker.sh
 ```
 
-Wait for a few minutes before the web server is up, because the server needs to initialize the databases and guides.
+Wait for ~15 minutes before the web server is up, because the server needs to initialize the databases and guides.
+
+Please also make sure that your firewall setup on deployment box allows inbound traffic to port **7687**.
 
 To reconfigure SSL later, please reset `EMAIL` and `SSL_DOMAIN` as described earlier, then type:
 

diff --git a/hetnet/neo4j/deployment/install_ssl.sh b/hetnet/neo4j/deployment/install_ssl.sh
@@ -26,12 +26,14 @@ sudo certbot certonly \
 cat > ./sync-neo4j-ssl.sh << EOF
 #!/bin/bash
 # Certbot deploy-renewal-hook script, which synchronizes SSL certificates for neo4j.
-# This script will be executed ONLY WHEN certificate is renewed successfully.
+# This script will be executed ONLY WHEN SSL certificate has been renewed successfully.
 
 # Use 'cp --dereference' to emphasize that we are copying the actual files.
 cp --dereference --force /etc/letsencrypt/live/$SSL_DOMAIN/fullchain.pem /home/ubuntu/ssl/neo4j.cert
 cp --dereference --force /etc/letsencrypt/live/$SSL_DOMAIN/privkey.pem /home/ubuntu/ssl/neo4j.key
-# neo4j docker users neo4j user with id 101 and must be able to read neo4j.key. See https://github.com/hetio/hetionet/pull/26#issuecomment-547090526
+
+# Docker container "hetionet-container" uses "neo4j" account (uid 101), who needs to read "neo4j.key".
+# See https://github.com/hetio/hetionet/pull/26#issuecomment-547090526
 chmod 644 /home/ubuntu/ssl/neo4j.key
 EOF
 
@@ -40,7 +42,7 @@ chmod +x ./sync-neo4j-ssl.sh
 sudo ./sync-neo4j-ssl.sh
 
 # If hetionet-container is running now, restart it to make the new certificates effective.
-if [ -n $(docker ps --quiet --filter name=hetionet-container) ]; then
+if [ -n "$(docker ps --quiet --filter name=hetionet-container)" ]; then
  echo -n "Restarting "
  docker restart hetionet-container
 fi

diff --git a/hetnet/neo4j/deployment/setup.sh b/hetnet/neo4j/deployment/setup.sh
@@ -45,5 +45,8 @@ mkdir -p ~/docker-scripts/
 cp -f run-docker.sh stop-docker.sh update-docker.sh ~/docker-scripts/
 chmod +x ~/docker-scripts/*.sh
 
+# Create data and log directories, which will be populated by docker container.
+mkdir ~/hetionet-data ~/neo4j-logs
+
 # Install SSL certificates issued by Let's Encrypt
 bash ./install_ssl.sh