root: update readme

This commit is contained in:
Jens Langhammer 2020-05-27 17:26:35 +02:00
parent 60a363e4bf
commit ee8a61d164
7 changed files with 149 additions and 5 deletions

2
.github/FUNDING.yml vendored
View file

@ -1 +1 @@
github: [BeryJu]
custom: ["https://www.paypal.me/octocat"]

BIN
.github/screen_admin.png vendored Normal file

Binary file not shown.

After

Width:  |  Height:  |  Size: 175 KiB

BIN
.github/screen_apps.png vendored Normal file

Binary file not shown.

After

Width:  |  Height:  |  Size: 160 KiB

View file

@ -5,13 +5,86 @@
![](https://img.shields.io/docker/v/beryju/passbook?sort=semver&style=flat-square)
![](https://img.shields.io/codecov/c/gh/beryju/passbook?style=flat-square)
## Quick instance
## What is passbook?
passbook is an open-source Identity Provider. It is focused on flexibility. You can use passbook in an existing environment to add support for new protocols. passbook is also a great solution for implementing signup/recovery/etc in your application, so you don't have to deal with it.
## Installation
For small/test setups it is recommended to use docker-compose.
```
wget https://raw.githubusercontent.com/BeryJu/passbook/master/docker-compose.yml
# Optionally enable Error-reporting
# export PASSBOOK_ERROR_REPORTING=true
# Optionally deploy a different version
# export PASSBOOK_TAG=0.8.15-beta
# If this is a productive installation, set a different PostgreSQL Password
# export PG_PASS=$(pwgen 40 1)
docker-compose pull
docker-compose up -d
docker-compose exec server ./manage.py migrate
docker-compose exec server ./manage.py createsuperuser
```
For bigger setups, there is a Helm Chart in the `helm/` directory. This is documented [here](https://beryju.github.io/passbook/installation/kubernetes/)
## Screenshots
![](.github/screen_apps.png)
![](.github/screen_admin.png)
## Development
To develop on passbook, you need a system with Python 3.7+ (3.8 is recommended). passbook uses [pipenv](https://pipenv.pypa.io/en/latest/) for managing dependencies.
To get started, run
```
python3 -m pip install pipenv
git clone https://github.com/BeryJu/passbook.git
cd passbook
pipenv shell
pipenv sync -d
```
Since passbook uses PostgreSQL-specific fields, you also need a local PostgreSQL instance to develop. passbook also uses redis for caching and message queueing.
For these databases you can use [Postgres.app](https://postgresapp.com/) and [Redis.app](https://jpadilla.github.io/redisapp/) on macOS or use it via docker-comppose:
```yaml
version: '3.7'
services:
postgresql:
container_name: postgres
image: postgres:11
volumes:
- db-data:/var/lib/postgresql/data
ports:
- 127.0.0.1:5432:5432
restart: always
redis:
container_name: redis
image: redis
ports:
- 127.0.0.1:6379:6379
restart: always
volumes:
db-data:
driver: local
```
To tell passbook about these databases, create a file in the project root called `local.env.yml` with the following contents:
```yaml
debug: true
postgresql:
user: postgres
log_level: debug
error_reporting: false
```
## Security
See [SECURITY.md](SECURITY.md)

13
SECURITY.md Normal file
View file

@ -0,0 +1,13 @@
# Security Policy
## Supported Versions
As passbook is currently in a pre-stable, only the latest "stable" version is supported. After passbook 1.0, this will change.
| Version | Supported |
| -------- | ------------------ |
| 0.8.15 | :white_check_mark: |
## Reporting a Vulnerability
To report a vulnerability, send am email to [security@beryju.org](mailto:security@beryju.org)

View file

@ -21,7 +21,7 @@ services:
labels:
- traefik.enable=false
server:
image: beryju/passbook:${SERVER_TAG:-latest}
image: beryju/passbook:${PASSBOOK_TAG:-latest}
command:
- uwsgi
- uwsgi.ini
@ -39,7 +39,7 @@ services:
- traefik.docker.network=internal
- traefik.frontend.rule=PathPrefix:/
worker:
image: beryju/passbook:${SERVER_TAG:-latest}
image: beryju/passbook:${PASSBOOK_TAG:-latest}
command:
- celery
- worker

View file

@ -1,3 +1,61 @@
# Kubernetes
For a mid to high-load Installation, Kubernetes is recommended. passbook is installed using a helm-chart.
```
# Default values for passbook.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
# passbook version to use. Defaults to latest stable version
# image:
# tag:
nameOverride: ""
config:
# Optionally specify fixed secret_key, otherwise generated automatically
# secret_key: _k*@6h2u2@q-dku57hhgzb7tnx*ba9wodcb^s9g0j59@=y(@_o
# Enable error reporting
error_reporting: false
# Log level used by web and worker
# Can be either debug, info, warning, error
log_level: warning
# This Helm chart ships with built-in Prometheus ServiceMonitors and Rules.
# This requires the CoreOS Prometheus Operator.
monitoring:
enabled: false
# Enable Database Backups to S3
# backup:
# access_key: access-key
# secret_key: secret-key
# bucket: s3-bucket
# host: s3-host
ingress:
enabled: false
annotations: {}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
path: /
hosts:
- passbook.k8s.local
tls: []
# - secretName: chart-example-tls
# hosts:
# - passbook.k8s.local
# These settings configure the packaged PostgreSQL and Redis chart.
postgresql:
postgresqlDatabase: passbook
redis:
cluster:
enabled: false
master:
persistence:
enabled: false
# https://stackoverflow.com/a/59189742
disableCommands: []
```