NIFI-14826 Correct the enabling HTTP mode in the start.sh script

nifi-docker/dockerhub/README.md

@@ -15,6 +15,10 @@
 
 ## Latest changes
 
+### 2.6.0
+
+- Adding the `NIFI_WEB_HTTPS_ENABLE` environment variable to determine the NiFi is run with the HTTP or HTTPS mode.
+
 ### 2.0.0
 
 - Changed base image to bellsoft/liberica-openjdk-debian:21 as NiFi 2.0.0 requires Java 21

nifi-docker/dockerhub/sh/common.sh

@@ -29,6 +29,12 @@ uncomment() {
   sed -i -e "s|^\#$1|$1|" ${target_file}
 }
 
+comment() {
+  target_file=${2}
+  echo "File [${target_file}] commenting [${1}]"
+  sed -i -e "s|$1|\#$1|" ${target_file}
+}
+
 # 1 - property key to add or replace
 # 2 - property value to use
 # 3 - file to perform replacement inline

nifi-docker/dockerhub/sh/start.sh

@@ -38,24 +38,37 @@ prop_replace 'nifi.python.extensions.source.directory.default'  "${NIFI_HOME}/py
 # Setup NiFi to scan for new NARs in nar_extensions
 prop_replace 'nifi.nar.library.autoload.directory'  "${NIFI_HOME}/nar_extensions"
 # Establish baseline properties
-prop_replace 'nifi.web.https.port'              "${NIFI_WEB_HTTPS_PORT:-8443}"
-prop_replace 'nifi.web.https.host'              "${NIFI_WEB_HTTPS_HOST:-$HOSTNAME}"
+
+
 prop_replace 'nifi.web.proxy.host'              "${NIFI_WEB_PROXY_HOST}"
 prop_replace 'nifi.remote.input.host'           "${NIFI_REMOTE_INPUT_HOST:-$HOSTNAME}"
 prop_replace 'nifi.remote.input.socket.port'    "${NIFI_REMOTE_INPUT_SOCKET_PORT:-10000}"
-prop_replace 'nifi.remote.input.secure'         'true'
-prop_replace 'nifi.cluster.protocol.is.secure'  'true'
-
-# Set nifi-toolkit properties files and baseUrl
-"${scripts_dir}/toolkit.sh"
-prop_replace 'baseUrl' "https://${NIFI_WEB_HTTPS_HOST:-$HOSTNAME}:${NIFI_WEB_HTTPS_PORT:-8443}" ${nifi_toolkit_props_file}
-
-prop_replace 'keystore'           "${NIFI_HOME}/conf/keystore.p12"      ${nifi_toolkit_props_file}
-prop_replace 'keystoreType'       "PKCS12"                              ${nifi_toolkit_props_file}
-prop_replace 'truststore'         "${NIFI_HOME}/conf/truststore.p12"    ${nifi_toolkit_props_file}
-prop_replace 'truststoreType'     "PKCS12"                              ${nifi_toolkit_props_file}
+prop_replace 'nifi.remote.input.secure'         "${NIFI_REMOTE_INPUT_SECURE:-true}"
+prop_replace 'nifi.cluster.protocol.is.secure'  "${NIFI_CLUSTER_PROTOCOL_IS_SECURE:-true}"
+
+if [ -z "${NIFI_WEB_HTTPS_ENABLE}" ]; then
+    echo "NIFI_WEB_HTTPS_ENABLE was not set and disable the secure mode."
+    comment "nifi.web.https.port"                   ${nifi_props_file}
+    comment "nifi.web.https.host"                   ${nifi_props_file}
+    prop_replace 'nifi.web.http.port'               "${NIFI_WEB_HTTP_PORT:-8080}"
+    prop_replace 'nifi.web.http.host'               "${NIFI_WEB_HTTP_HOST:-$HOSTNAME}"
+    prop_replace 'nifi.security.keystore'           ""
+    prop_replace 'nifi.security.truststore'         ""
+else
+    prop_replace 'nifi.web.https.port'              "${NIFI_WEB_HTTPS_PORT:-8443}"
+    prop_replace 'nifi.web.https.host'              "${NIFI_WEB_HTTPS_HOST:-$HOSTNAME}"
+
+    # Set nifi-toolkit properties files and baseUrl
+    "${scripts_dir}/toolkit.sh"
+    prop_replace 'baseUrl' "https://${NIFI_WEB_HTTPS_HOST:-$HOSTNAME}:${NIFI_WEB_HTTPS_PORT:-8443}" ${nifi_toolkit_props_file}
+
+    prop_replace 'keystore'           "${NIFI_HOME}/conf/keystore.p12"      ${nifi_toolkit_props_file}
+    prop_replace 'keystoreType'       "PKCS12"                              ${nifi_toolkit_props_file}
+    prop_replace 'truststore'         "${NIFI_HOME}/conf/truststore.p12"    ${nifi_toolkit_props_file}
+    prop_replace 'truststoreType'     "PKCS12"                              ${nifi_toolkit_props_file}
+fi
 
-if [ -z "${NIFI_WEB_PROXY_HOST}" ]; then
+if [ -z "${NIFI_WEB_PROXY_HOST}" && "${NIFI_REMOTE_INPUT_SECURE}" == 'true' ]; then
     echo 'NIFI_WEB_PROXY_HOST was not set but NiFi is configured to run in a secure mode. The NiFi UI may be inaccessible if using port mapping or connecting through a proxy.'
 fi