Table of contents
Table of Contents | ||||||
---|---|---|---|---|---|---|
|
...
It is now time to create the local Docker containers
Installation
...
Local Docker repository
Start your own local Docker repository with the following command:
Code Block |
---|
docker run -d -p 5000:5000 --restart=always --name registry registry:2 |
You can change the port number. If you do, please update the Configuration.conf files accordingly (see Secure Backend - Configuration)
Build and run
Note |
---|
Version 1.0.x |
Go to the SAMDistImages directory and run the following commands:
Code Block |
---|
make images make pushtorepository |
...
Go to the SAMDeployment directory and run the following commands:
Code Block |
---|
make initstorage make initdatabase make images |
...
Still in the SAMDeployment directory, simple run the followoing command:
Code Block |
---|
make run |
...
Note |
---|
Version 1.1.x |
Go to the SAMDistImages directory and run the following command:
Code Block |
---|
make |
...
Launch the SAM backend by issuing the following command.
Code Block |
---|
make run |
...
Optionally, install phpmyadmin for debugging purposes. It is not recommended. Customize the files fullchain.pem, passwd and privkey.pem in the resources directory. passwd is created with htpasswd. It contains the Apache2 passwords. Launch it by issuing the following commands:
Code Block |
---|
cd PhpMyAdmin
make images
make run |
Update of an existing Production installation
...
Preserve the file Configuration.conf from the previous SAMDeployment package.
...
Preserve APP_KEY value from the .env file in the Server Docker. If needed, update SAMDeployment/Server/templates/laravel_env. The value of APP_KEY must be preserved. If lost, you SAM backend environment will have many issues.
...
Stop the containers samserver_xx.yy.zz, samphpmyadmin_xx.yy.zz and samdatabase_xx.yy.zz
...
Make a backup of your storage structure set using the Configuration.conf variable STORAGE_BASE_DIRECTORY
...
Make sure you use the latest version of SAMDeployment
...
Bump up the version number in the Configuration.conf file
...
Update Configuration.conf matching the corresponding parameters from your previous one.
...
Fill in any new configuration parameters.
...
run make images
...
run make run
...
install |
Note |
---|
Version 1.1.x + JFrog |
Once you pulled the images from JFrog (see: Amadis One - JFrog repository), you need to create a docker-compose file to setup the network and components as well as an environment file to set some variables.
Create a docker-compose-prod.yml
file with similar information (can be updated according to your needs):
Code Block |
---|
version: '3.8'
services:
database:
container_name: database
image: ${IMAGE_DEPLOYMENT_REPOSITORY}/secbkd-database:${VERSION}
command: --default-authentication-plugin=mysql_native_password
platform: linux/amd64
env_file:
- .env
environment:
MYSQL_ROOT_PASSWORD: ${ROOT_DATABASE_PASSWORD}
DATABASE_IMAGE: ${DATABASE_IMAGE}
ports:
- ${DATABASE_PORT}:3306
networks:
- sambackendnet
restart: always
php:
container_name: php
image: ${IMAGE_DEPLOYMENT_REPOSITORY}/secbkd-php:${VERSION}
depends_on:
- database
restart: unless-stopped
volumes:
- php_socket:/var/run/php
env_file:
- .env
healthcheck:
interval: 10s
timeout: 3s
retries: 3
start_period: 30s
networks:
- sambackendnet
http:
container_name: http
image: ${IMAGE_DEPLOYMENT_REPOSITORY}/secbkd-http:${VERSION}
depends_on:
- php
environment:
SERVER_NAME: ${SERVER_NAME:-localhost, caddy:80}
restart: unless-stopped
volumes:
- php_socket:/var/run/php
ports:
# HTTP
- target: 80
published: 80
protocol: tcp
# HTTPS 443
- target: 443
published: ${API_PORT}
protocol: tcp
networks:
sambackendnet:
external: true
volumes:
php_socket: |
Then create a .env
file with the following data (can be updated according to your system):
Code Block |
---|
# Version of the SAM backend
VERSION=1.1.4-rc1
SERVER_NAME=dev.amadis.com
# Docker repository
IMAGE_DEPLOYMENT_REPOSITORY=amadis.jfrog.io/aone-secbkd-local
# Permanent storage base directory
STORAGE_BASE_DIRECTORY=./Storage
# Database server address
DATABASE_SERVER=database
# Database server address
DATABASE_PORT=3306
# MUST be sambackend as set in the distribution images
DATABASE_NAME=sambackend
# Database username to use
DATABASE_USER=sambackend
# Database user's password to use
DATABASE_PASSWORD=sambackendpw
# Database root's password for database updates
ROOT_DATABASE_PASSWORD=tryphon1
# arm64v8/mysql:oracle or mysql:8.0-debian
DATABASE_IMAGE=mysql:8.0-debian
# Port the server will listen to.
API_PORT=443 |
Then create the network (if not already existing):
Code Block |
---|
docker network create sambackendnet |
And start the images:
Code Block |
---|
docker-compose -f docker-compose-prod.yml up --build -d http |
Additionally, it might be required to run a few more steps within the php
container (docker exec -it php /bin/sh
):
Code Block |
---|
php artisan db:seed (if the databse needs to be seeded with Amadis defaults)
php artisan passport:keys (macos only?) |
KeyEmbeddingTool
To export the device transport key securely, the server will leverage a tool from Zimperium called KeyEmbeddingTool
. That tools comes in two flavors: development and production.
The server will look for a /var/www/html/app/tools/KeyEmbeddingTool
in the PHP Docker container.
By default, the development version is used. To switch between development and production versions, two additional binaries will be provided in the container: /var/www/html/app/tools/KeyEmbeddingToolDev
and /var/www/html/app/tools/KeyEmbeddingToolProd
. Simply replace /var/www/html/app/tools/KeyEmbeddingTool
by the one to be used.
Update
Note |
---|
Version 1.0.x |
Warning |
---|
This method only works when there is no database table format or element update between 2 versions. |
Assuming there is a folder called secbkd-1.0.x on the server (the currently running version) and that the new package (secbkd-1.0.y) is already present on the same path.
e.g.:
Code Block |
---|
<some_directory>/
|_ secbkd-1.0.x/
|_ secbkd-1.0.10.4/ |
Stop all running containers and remove them:
Code Block |
---|
docker stop samserver_1.0.x samphpmyadmin_1.0.x samdatabase_1.0.x
docker rm samserver_1.0.x samphpmyadmin_1.0.x samdatabase_1.0.x |
If you can, clean the docker registry:
Code Block |
---|
docker system prune |
Note |
---|
Careful, if you have other containers running, you need to delete them manually, this command will remove all existing containers and networks. |
Go to the new package and build the images:
Code Block |
---|
cd secbkd-1.0.y/SAMDistImages
make images && make pushtorepository |
Copy the old 'Storage' dir into the new package (we are still in SAMDistImages directory)
Code Block |
---|
sudo cp -R ../../secbkd-1.0.x/SAMDeployment/Storage ../SAMDeployment/ |
Run the new containers:
Code Block |
---|
cd ../SAMDeployment
make run |
And that should do the trick.