trustchain-oc1-orchestral
/
idhub-docker
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

docker: add localhost pair 

useful for testing OIDC flow in localhost
This commit is contained in:
pedro 2024-03-09 20:29:44 +01:00
parent be27861aa0
commit 03256f0f3b
2 changed files with 116 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
build__instance-localhost-pair.sh Executable file
View File

@ -0,0 +1,27 @@
#!/bin/sh
set -e
set -u
# DEBUG
set -x
main() {
cd "$(dirname "${0}")"
# includes functions:
# common_start
# common_end
. ./build__common.sh
# vars used in common_start and end
target='instance-localhost-pair'
persistence='n'
idhubs='idhub1 idhub2'
idhub_branch='release'
common_start
common_end
}
main "${@}"

89
docker-compose__instance-localhost-pair.yml Normal file
View File

@ -0,0 +1,89 @@
version: "3.9"
services:
idhub1:
init: true
image: dkr-dsg.ac.upc.edu/trustchain-oc1-orchestral/idhub:latest
environment:
- DEBUG=true
- INITIAL_ADMIN_EMAIL=${IDHUB_PILOT_TEST__ADMIN_EMAIL}
- INITIAL_ADMIN_PASSWORD=${IDHUB_PILOT_TEST__ADMIN_PASSWORD}
- CREATE_TEST_USERS=true
- ENABLE_EMAIL=false
- ENABLE_2FACTOR_AUTH=false
- SECRET_KEY=${IDHUB_SECRET_KEY:-publicsecretisnotsecureVtmKBfxpVV47PpBCF2Nzz2H6qnbd}
- STATIC_ROOT=${IDHUB_STATIC_ROOT:-/static/}
- MEDIA_ROOT=${IDHUB_MEDIA_ROOT:-/media/}
- PORT=${IDHUB_PORT:-9001}
# only on localhost hostname did-resolve uses http endpoint
# and here we need it to very vcred of didweb
# $ docker run ghcr.io/spruceid/didkit-cli:latest did-resolve did:web:localhost:test
# Error sending HTTP request : error sending request for url (http://localhost/.well-known/did.json): error trying to connect: tcp connect error: Address not available (os error 99)
# version: 2023-04-24 10:21:58 ghcr.io/spruceid/didkit-cli@sha256:0e559663f962e2ced2fb4034e415f6b5dbdec57e85f69b546e7699ac6ba35219
- DOMAIN=${DOMAIN1:-localhost}
- DEFAULT_FROM_EMAIL=${IDHUB_DEFAULT_FROM_EMAIL}
- EMAIL_HOST=${IDHUB_EMAIL_HOST}
- EMAIL_HOST_USER=${IDHUB_EMAIL_HOST_USER}
- EMAIL_HOST_PASSWORD=${IDHUB_EMAIL_HOST_PASSWORD}
- EMAIL_PORT=${IDHUB_EMAIL_PORT}
- EMAIL_USE_TLS=${IDHUB_EMAIL_USE_TLS}
- EMAIL_BACKEND=${IDHUB_EMAIL_BACKEND}
- SUPPORTED_CREDENTIALS=['CourseCredential', 'EOperatorClaim', 'FederationMembership', 'FinancialVulnerabilityCredential', 'MembershipCard']
- SYNC_ORG_DEV=${IDHUB_SYNC_ORG_DEV}
- OIDC_ORGS=examples/organizations__instance_localhost-pair.csv
- OIDC_REDIRECT=true
#- OIDC_REDIRECT=false
- ALLOW_CODE_URI=http://localhost/oidc4vp/allow_code
ports:
- 9091:9001
volumes:
- ./idhub1__instance-localhost-pair:/opt/idhub
- sharedsecret:/sharedsecret:rw
# nginx manage proxypass to these docker containers
# inspired by https://stackoverflow.com/a/43541681
extra_hosts:
- 'localhost:host-gateway'
- 'idhub2:host-gateway'
idhub2:
init: true
image: dkr-dsg.ac.upc.edu/trustchain-oc1-orchestral/idhub:latest
environment:
- DEBUG=true
- INITIAL_ADMIN_EMAIL=${IDHUB_PILOT_TEST__ADMIN_EMAIL}
- INITIAL_ADMIN_PASSWORD=${IDHUB_PILOT_TEST__ADMIN_PASSWORD}
- CREATE_TEST_USERS=true
- ENABLE_EMAIL=false
- ENABLE_2FACTOR_AUTH=false
- SECRET_KEY=${IDHUB_SECRET_KEY:-publicsecretisnotsecureVtmKBfxpVV47PpBCF2Nzz2H6qnbd}
- STATIC_ROOT=${IDHUB_STATIC_ROOT:-/static/}
- MEDIA_ROOT=${IDHUB_MEDIA_ROOT:-/media/}
- PORT=${IDHUB_PORT:-9001}
- DOMAIN=${DOMAIN2:-idhub2}
- DEFAULT_FROM_EMAIL=${IDHUB_DEFAULT_FROM_EMAIL}
- EMAIL_HOST=${IDHUB_EMAIL_HOST}
- EMAIL_HOST_USER=${IDHUB_EMAIL_HOST_USER}
- EMAIL_HOST_PASSWORD=${IDHUB_EMAIL_HOST_PASSWORD}
- EMAIL_PORT=${IDHUB_EMAIL_PORT}
- EMAIL_USE_TLS=${IDHUB_EMAIL_USE_TLS}
- EMAIL_BACKEND=${IDHUB_EMAIL_BACKEND}
# only the one we support for OIDC flow, if we add more, it reaches a UX bug
- SUPPORTED_CREDENTIALS=['FinancialVulnerabilityCredential']
- SYNC_ORG_DEV=${IDHUB_SYNC_ORG_DEV}
- OIDC_ORGS=examples/organizations__instance_localhost-pair.csv
- OIDC_REDIRECT=true
#- OIDC_REDIRECT=false
- ALLOW_CODE_URI=http://idhub2/oidc4vp/allow_code
ports:
- 9092:9001
volumes:
- ./idhub2__instance-localhost-pair:/opt/idhub
- sharedsecret:/sharedsecret:rw
# nginx manage proxypass to these docker containers
# inspired by https://stackoverflow.com/a/43541681
extra_hosts:
- 'localhost:host-gateway'
- 'idhub2:host-gateway'
volumes:
sharedsecret: