Table of contents
Table of Contents | ||||||
---|---|---|---|---|---|---|
|
Foreword
Before running the installation sequence, one needs to update the installation scripts to:
Adjust some of the paths
Set personnal administor personal administrator credentials and default database content
...
Code Block |
---|
STORAGE_BASE_DIRECTORY=/home/<username>/Downloads/backend/v01.00.06b/Storage |
Database
...
Access
Warning |
---|
All the parameters from SAMDeployment/Configuration.conf file can be changed to your liking, especially the DATABASE_USER, DATABASE_PASSWORD and ROOT_DATABASE_PASSWORD fields which should absolutely NOT de the default values in production. |
Default content
Note |
---|
Version 1.0.x |
When built, the backend database is pre-filled with SQL requests contained in SAMDistImages/Database/resources/004_SAMBackendData.sql
. You can modify that file to have your own Users, Devices, etc...
To modify a pre-filled user the password needs to be hash with blowfish algorithm.
Once the files have been edited to your convenance, run the installation commands.
Note |
---|
Version 1.1.x |
The backend database can be seeded through the files contained in database/seeders/*.php
. To modify those files, connect to the docker terminal with the following command:
Code Block |
---|
docker exec -it php /bin/bash |
You can then edit the files with vi
. Once edited, to fill the database with the seeds content, run the following command:
Code Block |
---|
php artisan db:seed |
Crypto provider
Note |
---|
Version 1.1.x (prior to 1.1.5) |
Crypto provider location is a specific case of the above mentioned “default content”. The crypto provider domain name is defined in the SystemParameters
table, SMCryptoProviderDomain
element and optionally the SMCryptoProviderSubdomain
element. The crypto provider port is defined in the SystemParameters
table, SMCryptoProviderPort
element. Both are configured as String.
Note |
---|
Version 1.1.5+ |
Crypto provider information must be set in the .env
file as follows:
Code Block |
---|
# Cryptoprovider setup
CRYPTOPROVIDER_DOMAIN=<domain>
#CRYPTOPROVIDER_SUBDOMAIN=<subdomain>
CRYPTOPROVIDER_PORT=<port>
CRYPTOPROVIDER_CHECKSSL=<...> (false, true or path to SSL certificates) |
Gateway
Note |
---|
Version 1.1.8 |
Crypto provider information must be set in the .env
file as follows:
Code Block |
---|
# Gateway setup
GATEWAY_DOMAIN=<domain>
#GATEWAY_SUBDOMAIN=<subdomain>
GATEWAY_PORT=<port>
GATEWAY_CHECKSSL=<...> (false, true or path to SSL certificates)
GATEWAY_ENABLE=<bool> (false or true) |
Certificates
Note |
---|
Version 1.0.x |
Replace the certificate (fullchain.pem
) and the private key (privkey.pem
) in SAMDeployment/Server/resources/
by your own.
Note |
---|
Version 1.1.x |
The server SSL certificates are located into the Caddy HTTP container, under the /etc/ssl/caddy
directory. The files to be replaced are ca.pem
the CA root certificate, cert.pem
the server certificate and ca.key
the server private key.
Application key
You must replace the APP_KEY in the SAMDeployment/Server/templates/laravel_env
file. You can generate a new one using the following command:
Code Block |
---|
echo "base64:`dd if=/dev/random bs=32 count=1 | base64`" |
...
docker login dev.atheos.ca:5000
...
Initialize the permanent storage
Code Block |
---|
make initstorage |
...
Initialize the database
...
Code Block |
---|
make initdatabase |
...
Create the images
Code Block |
---|
make images |
...
Launch the SAM backend by issuing the following command.
Code Block |
---|
make run |
...
Optionally, install phpmyadmin for debugging purposes. It is not recommended. Customize the files fullchain.pem, passwd and privkey.pem in the resources directory. passwd is created with htpasswd. It contains the Apache2 passwords. Launch it by issuing the following commands:
Code Block |
---|
cd PhpMyAdmin
make images
make run |
Update of an existing Production installation
...
Preserve the file Configuration.conf from the previous SAMDeployment package.
...
Preserve APP_KEY value from the .env file in the Server Docker. If needed, update SAMDeployment/Server/templates/laravel_env. The value of APP_KEY must be preserved. If lost, you SAM backend environment will have many issues.
...
Stop the containers samserver_xx.yy.zz, samphpmyadmin_xx.yy.zz and samdatabase_xx.yy.zz
...
Make a backup of your storage structure set using the Configuration.conf variable STORAGE_BASE_DIRECTORY
...
Make sure you use the latest version of SAMDeployment
...
Bump up the version number in the Configuration.conf file
...
Update Configuration.conf matching the corresponding parameters from your previous one.
...
Fill in any new configuration parameters.
...
run make images
...
run make run
...
Time synchronization
Note |
---|
Version 1.0.x |
To adjust the Docker images time and date to your current location, please update the ““ENV TZ” variable located in the following Dockerfiles:
SAMDistImages/Server/Dockerfile
SAMDistImages/Database/Dockerfile
The default value is set to “Europe/Paris”
Note |
---|
Version 1.1.x |
Timezone information must be set in the .env
file as follows:
Code Block |
---|
# Timezone set to Europe
TZ="Europ/Paris" |
Key embedding tool
Note |
---|
Version 1.1.6+ |
The Key Embedding Tools comes with two flavours (debug vs. production). The tool selection is automatic, based on the APP_ENV
variable from the .env
file.
Code Block |
---|
# Deployment type
APP_ENV=dev (or prod) |
The production version of the Key Embedding Tool can only work with ‘protect’ versions of the SDK packages.