From 601da538bf8ad87a2646e77944949dd337ee58e1 Mon Sep 17 00:00:00 2001
From: pedro <git2021@cas.cat>
Date: Wed, 22 Jan 2025 16:26:29 +0100
Subject: [PATCH 1/2] add idhub to dockercompose and its .env.example

---
 .env.example       | 40 ++++++++++++++++++++++++++++++++++++++++
 docker-compose.yml | 28 ++++++++++++++++++++++++++++
 2 files changed, 68 insertions(+)

diff --git a/.env.example b/.env.example
index a5a677d..9728685 100644
--- a/.env.example
+++ b/.env.example
@@ -1,3 +1,7 @@
+####
+# DEVICEHUB
+####
+
 DH_DOMAIN=localhost
 DH_PORT=8000
 DEMO=true
@@ -20,3 +24,39 @@ DH_ALLOWED_HOSTS=${DH_DOMAIN},${DH_DOMAIN}:${DH_PORT},127.0.0.1,127.0.0.1:${DH_P
 # TODO review these vars
 #SNAPSHOTS_DIR=/path/to/TODO
 #EVIDENCES_DIR=/path/to/TODO
+
+####
+# IDHUB
+####
+
+IDHUB_DOMAIN=localhost
+IDHUB_ALLOWED_HOSTS=${IDHUB_DOMAIN},${IDHUB_DOMAIN}:9001,127.0.0.1,127.0.0.1:9001
+IDHUB_TIME_ZONE='Europe/Madrid'
+#IDHUB_SECRET_KEY='uncomment-it-and-fill-this'
+# enable dev flags when DEVELOPMENT deployment
+# adapt to your domain in a production/reverse proxy env
+IDHUB_CSRF_TRUSTED_ORIGINS='https://idhub.example.org'
+
+# fill this section with your email credentials
+IDHUB_DEFAULT_FROM_EMAIL="user@example.org"
+IDHUB_EMAIL_HOST="smtp.example.org"
+IDHUB_EMAIL_HOST_USER="smtp_user"
+IDHUB_EMAIL_HOST_PASSWORD="smtp_passwd"
+IDHUB_EMAIL_PORT=25
+IDHUB_EMAIL_USE_TLS=True
+IDHUB_EMAIL_BACKEND="django.core.mail.backends.smtp.EmailBackend"
+
+# replace with production data
+#   this is used when IDHUB_DEPLOYMENT is not equal to DEVELOPMENT
+IDHUB_ADMIN_USER='admin'
+IDHUB_ADMIN_PASSWD='admin'
+IDHUB_ADMIN_EMAIL='admin@example.org'
+
+# this option needs to be set to 'n' to be able to make work idhub in docker
+#   by default it is set to 'y' to facilitate idhub dev when outside docker
+IDHUB_SYNC_ORG_DEV='n'
+
+# TODO that is only for testing
+IDHUB_ENABLE_EMAIL=false
+IDHUB_ENABLE_2FACTOR_AUTH=false
+IDHUB_ENABLE_DOMAIN_CHECKER=false
diff --git a/docker-compose.yml b/docker-compose.yml
index 2ca9162..7b9653a 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -15,4 +15,32 @@ services:
       - .:/opt/devicehub-django
     ports:
       - ${DH_PORT}:${DH_PORT}
+  idhub:
+    init: true
+    image: farga.pangea.org/ereuse/idhub/latest
+    environment:
+      - DOMAIN=${IDHUB_DOMAIN:-localhost}
+      - ALLOWED_HOSTS=${IDHUB_ALLOWED_HOSTS:-$IDHUB_DOMAIN}
+      - DEBUG=true
+      - INITIAL_ADMIN_EMAIL=${IDHUB_ADMIN_EMAIL}
+      - INITIAL_ADMIN_PASSWORD=${IDHUB_ADMIN_PASSWD}
+      - CREATE_TEST_USERS=true
+      - ENABLE_EMAIL=${IDHUB_ENABLE_EMAIL:-true}
+      - ENABLE_2FACTOR_AUTH=${IDHUB_ENABLE_2FACTOR_AUTH:-true}
+      - ENABLE_DOMAIN_CHECKER=${IDHUB_ENABLE_DOMAIN_CHECKER:-true}
+      - SECRET_KEY=${IDHUB_SECRET_KEY:-publicsecretisnotsecureVtmKBfxpVV47PpBCF2Nzz2H6qnbd}
+      - STATIC_ROOT=${IDHUB_STATIC_ROOT:-/static/}
+      - MEDIA_ROOT=${IDHUB_MEDIA_ROOT:-/media/}
+      - PORT=${IDHUB_PORT:-9001}
+      - DEFAULT_FROM_EMAIL=${IDHUB_DEFAULT_FROM_EMAIL}
+      - EMAIL_HOST=${IDHUB_EMAIL_HOST}
+      - EMAIL_HOST_USER=${IDHUB_EMAIL_HOST_USER}
+      - EMAIL_HOST_PASSWORD=${IDHUB_EMAIL_HOST_PASSWORD}
+      - EMAIL_PORT=${IDHUB_EMAIL_PORT}
+      - EMAIL_USE_TLS=${IDHUB_EMAIL_USE_TLS}
+      - EMAIL_BACKEND=${IDHUB_EMAIL_BACKEND}
+      - SUPPORTED_CREDENTIALS=['CourseCredential', 'EOperatorClaim', 'FederationMembership', 'FinancialVulnerabilityCredential', 'MembershipCard']
+      - SYNC_ORG_DEV=${IDHUB_SYNC_ORG_DEV}
+    ports:
+      - 9001:9001
 
-- 
2.30.2


From 56d8aadf837e5e6f49161b43c2cc09beb8e808c8 Mon Sep 17 00:00:00 2001
From: pedro <git2021@cas.cat>
Date: Mon, 27 Jan 2025 17:52:24 +0100
Subject: [PATCH 2/2] docker: docker for devicehub and idhub as profile

---
 .dockerignore                      |  2 ++
 .env.example                       | 17 +++++++++++++----
 docker-compose.yml                 | 19 ++++++++++++++-----
 docker-reset.sh                    | 11 ++++++++++-
 docker/devicehub-django.Dockerfile |  1 +
 5 files changed, 40 insertions(+), 10 deletions(-)
 create mode 100644 .dockerignore

diff --git a/.dockerignore b/.dockerignore
new file mode 100644
index 0000000..9bdf429
--- /dev/null
+++ b/.dockerignore
@@ -0,0 +1,2 @@
+db
+.git
diff --git a/.env.example b/.env.example
index 9728685..f67e720 100644
--- a/.env.example
+++ b/.env.example
@@ -1,9 +1,15 @@
+####
+# DEV OPTIONS
+####
+
+DEV_DOCKER_ALWAYS_BUILD=false
+
 ####
 # DEVICEHUB
 ####
 
-DH_DOMAIN=localhost
-DH_PORT=8000
+DEVICEHUB_DOMAIN=localhost
+DEVICEHUB_PORT=8001
 DEMO=true
 # note that with DEBUG=true, logs are more verbose (include tracebacks)
 DEBUG=true
@@ -20,7 +26,7 @@ EMAIL_BACKEND="django.core.mail.backends.smtp.EmailBackend"
 EMAIL_FILE_PATH="/tmp/app-messages"
 ENABLE_EMAIL=false
 PREDEFINED_TOKEN='5018dd65-9abd-4a62-8896-80f34ac66150'
-DH_ALLOWED_HOSTS=${DH_DOMAIN},${DH_DOMAIN}:${DH_PORT},127.0.0.1,127.0.0.1:${DH_PORT}
+DEVICEHUB_ALLOWED_HOSTS=${DEVICEHUB_DOMAIN},${DEVICEHUB_DOMAIN}:${DEVICEHUB_PORT},127.0.0.1,127.0.0.1:${DEVICEHUB_PORT}
 # TODO review these vars
 #SNAPSHOTS_DIR=/path/to/TODO
 #EVIDENCES_DIR=/path/to/TODO
@@ -29,8 +35,11 @@ DH_ALLOWED_HOSTS=${DH_DOMAIN},${DH_DOMAIN}:${DH_PORT},127.0.0.1,127.0.0.1:${DH_P
 # IDHUB
 ####
 
+IDHUB_ENABLED=false
+
 IDHUB_DOMAIN=localhost
-IDHUB_ALLOWED_HOSTS=${IDHUB_DOMAIN},${IDHUB_DOMAIN}:9001,127.0.0.1,127.0.0.1:9001
+IDHUB_PORT=9001
+IDHUB_ALLOWED_HOSTS=${IDHUB_DOMAIN},${IDHUB_DOMAIN}:${IDHUB_PORT},127.0.0.1,127.0.0.1:${IDHUB_PORT}
 IDHUB_TIME_ZONE='Europe/Madrid'
 #IDHUB_SECRET_KEY='uncomment-it-and-fill-this'
 # enable dev flags when DEVELOPMENT deployment
diff --git a/docker-compose.yml b/docker-compose.yml
index 7b9653a..76fba2e 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -1,21 +1,29 @@
 services:
   devicehub-django:
     init: true
+    image: farga.pangea.org/ereuse/devicehub-django/latest
     build:
+      context: .
       dockerfile: docker/devicehub-django.Dockerfile
     environment:
       - DEBUG=${DEBUG:-false}
-      - DOMAIN=${DH_DOMAIN:-localhost}
-      - PORT=${DH_PORT:-8000}
-      - ALLOWED_HOSTS=${DH_ALLOWED_HOSTS:-$DH_DOMAIN}
+      - DOMAIN=${DEVICEHUB_DOMAIN:-localhost}
+      - PORT=${DEVICEHUB_PORT:-8000}
+      - ALLOWED_HOSTS=${DEVICEHUB_ALLOWED_HOSTS:-$DEVICEHUB_DOMAIN}
       - DEMO=${DEMO:-false}
       - PREDEFINED_TOKEN=${PREDEFINED_TOKEN:-}
       - DPP=${DPP:-false}
+    # TODO manage volumes dev vs prod
     volumes:
       - .:/opt/devicehub-django
     ports:
-      - ${DH_PORT}:${DH_PORT}
+      - ${DEVICEHUB_PORT:-8000}:${DEVICEHUB_PORT:-8000}
+
+  # TODO add database service for idhub, meanwhile sqlite
+
   idhub:
+    # https://docs.docker.com/compose/how-tos/profiles/
+    profiles: [idhub]
     init: true
     image: farga.pangea.org/ereuse/idhub/latest
     environment:
@@ -39,8 +47,9 @@ services:
       - EMAIL_PORT=${IDHUB_EMAIL_PORT}
       - EMAIL_USE_TLS=${IDHUB_EMAIL_USE_TLS}
       - EMAIL_BACKEND=${IDHUB_EMAIL_BACKEND}
-      - SUPPORTED_CREDENTIALS=['CourseCredential', 'EOperatorClaim', 'FederationMembership', 'FinancialVulnerabilityCredential', 'MembershipCard']
+      - SUPPORTED_CREDENTIALS=['DeviceSnapshotV1']
       - SYNC_ORG_DEV=${IDHUB_SYNC_ORG_DEV}
     ports:
       - 9001:9001
 
+  # TODO add database service for idhub, meanwhile sqlite
diff --git a/docker-reset.sh b/docker-reset.sh
index 8bbc229..21a0856 100755
--- a/docker-reset.sh
+++ b/docker-reset.sh
@@ -19,12 +19,21 @@ main() {
                 cp -v .env.example .env
                 echo "WARNING: .env was not there, .env.example was copied, this only happens once"
         fi
+
+        # load vars
+        . ./.env
+
+        if [ "${IDHUB_ENABLED:-}" = 'true' ]; then
+                export COMPOSE_PROFILES='idhub'
+        fi
         # remove old database
         rm -vfr ./db/*
         # deactivate configured flag
         rm -vfr ./already_configured
         docker compose down -v
-        docker compose build
+        if [ "${DEV_DOCKER_ALWAYS_BUILD:-}" = 'true' ]; then
+                docker compose build
+        fi
         docker compose up ${detach_arg:-}
 }
 
diff --git a/docker/devicehub-django.Dockerfile b/docker/devicehub-django.Dockerfile
index 0f0d408..7145534 100644
--- a/docker/devicehub-django.Dockerfile
+++ b/docker/devicehub-django.Dockerfile
@@ -37,6 +37,7 @@ RUN pip install -i https://test.pypi.org/simple/ ereuseapitest==0.0.14
 #   Set PYTHONPATH to include the directory with the xapian module
 ENV PYTHONPATH="${PYTHONPATH}:/usr/lib/python3/dist-packages"
 
+COPY . .
 COPY docker/devicehub-django.entrypoint.sh /
 
 RUN chown -R app:app /opt/devicehub-django
-- 
2.30.2