deployment for demo 12D (not tested)

2023-12-12 11:09:39 +01:00 · 2023-12-12 11:09:39 +01:00 · c64a181a49
parent df05735979
commit c64a181a49
3 changed files with 76 additions and 2 deletions
--- a/docker/idhub.Dockerfile
+++ b/docker/idhub.Dockerfile
@ -4,7 +4,10 @@ RUN apt update &&  apt-get install -y \
    python3-minimal \
    python3-pip \
    python3-dev \
-    python-is-python3
+    python-is-python3 \
+    git \
+    sqlite3 \
+    jq

 WORKDIR /opt/idhub

--- a/docker/idhub.entrypoint.sh
+++ b/docker/idhub.entrypoint.sh
@ -4,6 +4,40 @@ set -e
 set -u
 set -x

+_set() {
+        key="${1}"
+        value="${2}"
+        response_uri="${3}"
+        sqlite3 db.sqlite3 "update oidc4vp_organization set ${key}='${value}' where response_uri='${response_uri}';"
+}
+
+_get() {
+        sqlite3 -json db.sqlite3 "select * from oidc4vp_organization;"
+}
+
+config_oidc4vp() {
+        # populate your config
+        R_URI_CLEAN="${RESPONSE_URI%/}" && R_URI_CLEAN="${R_URI_CLEAN#http*://}"
+        local file="$(echo ${R_URI_CLEAN} | sed 's!/!__!g')"
+        data="$(_get)"
+        echo "${data}" | jq --arg uri "${R_URI_CLEAN}" '{ ($uri): .}' > /sharedsecret/${file}
+
+        echo wait the other idhubs to write, this is the only oportunity to sync with other idhubs in the docker compose
+        sleep 2
+        # get other configs
+        for host in /sharedsecret/*; do
+                # we are flexible on querying for RESPONSE_URI: the first one based on regex
+                target_uri="$(cat "${host}" | jq -r 'keys[0]')"
+                filtered_data="$(cat "${host}" | jq --arg uri "${target_uri}" 'first(.[][] | select(.response_uri | test ($uri)))')"
+                client_id="$(echo "${filtered_data}" | jq -r '.client_id')"
+                client_secret="$(echo "${filtered_data}" | jq -r '.client_secret')"
+                response_uri="$(echo "${filtered_data}" | jq -r '.response_uri')"
+
+                _set my_client_id ${client_id} ${response_uri}
+                _set my_client_secret ${client_secret} ${response_uri}
+        done
+}
+
 main() {
        idhub_dir='/opt/idhub'
        cd "${idhub_dir}"
@ -19,7 +53,7 @@ END
                exit 1
        fi

-        # detect if existing deployment
+        # detect if existing deployment (TODO only works with sqlite)
        if [ -f "${idhub_dir}/db.sqlite3" ]; then
                echo "INFO: detected EXISTING deployment"
                ./manage.py makemigrations
@ -33,6 +67,8 @@ END
                if [ "${DEPLOYMENT}" = 'DEVELOPMENT' ]; then
                        printf "This is DEVELOPMENT DEPLOYMENT: including demo hardcoded data\n  creating initial Datas\n" >&2
                        ./manage.py initial_datas
+
+                        config_oidc4vp
                else
                        printf "creating superuser \n  user: ${DJANGO_SUPERUSER_USERNAME}\n  password: ${DJANGO_SUPERUSER_PASSWORD}\n  email: ${DJANGO_SUPERUSER_EMAIL}\n" >&2
                        ## thanks https://stackoverflow.com/questions/6244382/how-to-automate-createsuperuser-on-django/59467533#59467533
--- a/idhub_build_demo_12d.sh
+++ b/idhub_build_demo_12d.sh
@ -0,0 +1,35 @@
+#!/bin/sh
+
+set -e
+set -u
+# DEBUG
+set -x
+
+# wallet and verifier idhub demo
+main() {
+        deployment="${1:-}"
+
+        # detach on production deployment
+        if [ "${deployment}" = 'prod' ]; then
+                detach='-d'
+        fi
+
+        # force recreate
+        rm -rf ./idhub1 ./idhub2
+
+        # detect if is new
+        if [ ! -f "./idhub1" ] && [ ! -f "./idhub2" ]; then
+                echo 'Detected new deployment, recreating git repos idhub1 and idhub2'
+                cp -rp IdHub idhub1
+                rm -f idhub1/db.sqlite3
+                cp -rp IdHub idhub2
+                rm -f idhub2/db.sqlite3
+        fi
+
+        idhub_dc_f='docker-compose_idhub-demo-12d.yml'
+        docker compose -f ${idhub_dc_f} down -v || true
+        make idhub_build \
+                && docker compose -f ${idhub_dc_f} up ${detach:-}
+}
+
+main "${@}"