Amadis

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 8 Current »

Table of contents

Foreword

It is now time to create the local Docker containers

Installation

Local Docker repository

Start your own local Docker repository with the following command:

docker run -d -p 5000:5000 --restart=always --name registry registry:2

You can change the port number. If you do, please update the Configuration.conf files accordingly (see Secure Backend - Configuration)

Build and run

Version 1.0.x

Go to the SAMDistImages directory and run the following commands:

make images
make pushtorepository

Go to the SAMDeployment directory and run the following commands:

make initstorage
make initdatabase
make images

Still in the SAMDeployment directory, simple run the followoing command:

make run

Version 1.1.x

Go to the SAMDistImages directory and run the following command:

make install

Additionally, it might be required to run a few more steps within the php container (docker exec -it php /bin/sh):

php artisan db:seed (if the databse needs to be seeded with Amadis defaults)
php artisan passport:keys (macos only?)

Version 1.1.x + JFrog

Once you pulled the images from JFrog (see: Amadis One - JFrog repository), you need to create a docker-compose file to setup the network and components as well as an environment file to set some variables.

Create a docker-compose-prod.yml file with similar information (can be updated according to your needs):

version: '3.8'

services:
  database:
    container_name: database
    image: ${IMAGE_DEPLOYMENT_REPOSITORY}/secbkd-database:${VERSION}
    command: --default-authentication-plugin=mysql_native_password
    platform: linux/amd64
    env_file:
      - .env
    environment:
      MYSQL_ROOT_PASSWORD: ${ROOT_DATABASE_PASSWORD}
      DATABASE_IMAGE: ${DATABASE_IMAGE}
    ports:
      - ${DATABASE_PORT}:3306
    networks:
      - sambackendnet
    restart: always
  php:
    container_name: php
    image: ${IMAGE_DEPLOYMENT_REPOSITORY}/secbkd-php:${VERSION}
    depends_on:
      - database
    restart: unless-stopped
    volumes:
      - php_socket:/var/run/php
    env_file:
      - .env
    healthcheck:
      interval: 10s
      timeout: 3s
      retries: 3
      start_period: 30s
    networks:
      - sambackendnet

  http:
    container_name: http
    image: ${IMAGE_DEPLOYMENT_REPOSITORY}/secbkd-http:${VERSION}
    depends_on:
      - php
    environment:
      SERVER_NAME: ${SERVER_NAME:-localhost, caddy:80}
    restart: unless-stopped
    volumes:
      - php_socket:/var/run/php
    ports:
      # HTTP
      - target: 80
        published: 80
        protocol: tcp
      # HTTPS 443
      - target: 443
        published: ${API_PORT}
        protocol: tcp

networks:
  sambackendnet:
    external: true

volumes:
  php_socket:

Then create a .env file with the following data (can be updated according to your system):

# Version of the SAM backend
VERSION=1.1.4-rc1
SERVER_NAME=dev.amadis.com

# Docker repository
IMAGE_DEPLOYMENT_REPOSITORY=amadis.jfrog.io/aone-secbkd-local

# Permanent storage base directory
STORAGE_BASE_DIRECTORY=./Storage

# Database server address
DATABASE_SERVER=database

# Database server address
DATABASE_PORT=3306

# MUST be sambackend as set in the distribution images
DATABASE_NAME=sambackend

# Database username to use
DATABASE_USER=sambackend

# Database user's password to use
DATABASE_PASSWORD=sambackendpw

# Database root's password for database updates
ROOT_DATABASE_PASSWORD=tryphon1

# arm64v8/mysql:oracle or mysql:8.0-debian
DATABASE_IMAGE=mysql:8.0-debian

# Port the server will listen to.
API_PORT=443

Then create the network (if not already existing):

docker network create sambackendnet

And start the images:

docker-compose -f docker-compose-prod.yml up --build -d http

KeyEmbeddingTool

To export the device transport key securely, the server will leverage a tool from Zimperium called KeyEmbeddingTool. That tools comes in two flavors: development and production.

The server will look for a /var/www/html/app/tools/KeyEmbeddingTool in the PHP Docker container.

By default, the development version is used. To switch between development and production versions, two additional binaries will be provided in the container: /var/www/html/app/tools/KeyEmbeddingToolDev and /var/www/html/app/tools/KeyEmbeddingToolProd. Simply replace /var/www/html/app/tools/KeyEmbeddingTool by the one to be used.

Update

Version 1.0.x

This method only works when there is no database table format or element update between 2 versions.

Assuming there is a folder called secbkd-1.0.x on the server (the currently running version) and that the new package (secbkd-1.0.y) is already present on the same path.

e.g.:

<some_directory>/
    |_ secbkd-1.0.x/
    |_ secbkd-1.0.10.4/

Stop all running containers and remove them:

docker stop samserver_1.0.x samphpmyadmin_1.0.x samdatabase_1.0.x
docker rm samserver_1.0.x samphpmyadmin_1.0.x samdatabase_1.0.x

If you can, clean the docker registry:

docker system prune

Careful, if you have other containers running, you need to delete them manually, this command will remove all existing containers and networks.

Go to the new package and build the images:

cd secbkd-1.0.y/SAMDistImages
make images && make pushtorepository

Copy the old 'Storage' dir into the new package (we are still in SAMDistImages directory)

sudo cp -R ../../secbkd-1.0.x/SAMDeployment/Storage ../SAMDeployment/

Run the new containers:

cd ../SAMDeployment
make run

And that should do the trick.

  • No labels