Amadis

Secure Backend - Configuration

Owned by Alexandre Munsch (Unlicensed)
Last updated: Jul 27, 2023
2 min read

Table of contents

Foreword

Before running the installation sequence, one needs to update the installation scripts to:

  • Adjust some of the paths

  • Set personal administrator credentials and default database content

Docker repository access

SAMDistImages/Configuration.conf

Make sure IMAGE_SOURCE_REPOSITORY points to “localhost” and to a directory of your choice. For example:

IMAGE_SOURCE_REPOSITORY=localhost:5000/sambackend/distimages

If you started Docker on a different port than 5000 (see Local Docker repository paragraph) then you will need to change the port number targeted in IMAGE_SOURCE_REPOSITORY.

SAMDeployment/Configuration.conf

Make sure IMAGE_SOURCE_REPOSITORY and IMAGE_DEPLOYMENT_REPOSITORY point to “localhost” and to a directory of your choice. For example:

IMAGE_SOURCE_REPOSITORY=localhost:5000/sambackend/distimages IMAGE_DEPLOYMENT_REPOSITORY=localhost:5000/sambackend/demoimages

If you started Docker on a different port than 5000 (see Local Docker repository paragraph) then you will need to change the port number targeted in IMAGE_SOURCE_REPOSITORY.

Then, customize your actual repository location by modifying STORAGE_BASE_DIRECTORY. For example:

STORAGE_BASE_DIRECTORY=/home/<username>/Downloads/backend/v01.00.06b/Storage

Database

Access

All the parameters from SAMDeployment/Configuration.conf file can be changed to your liking, especially the DATABASE_USER, DATABASE_PASSWORD and ROOT_DATABASE_PASSWORD fields which should absolutely NOT de the default values in production.

Default content

When built, the backend database is pre-filled with SQL requests contained in SAMDistImages/Database/resources/004_SAMBackendData.sql. You can modify that file to have your own Users, Devices, etc...

Once the files have been edited to your convenance, run the installation commands.

 

The backend database can be seeded through the files contained in database/seeders/*.php. To modify those files, connect to the docker terminal with the following command:

You can then edit the files with vi. Once edited, to fill the database with the seeds content, run the following command:

Crypto provider

 

Crypto provider location is a specific case of the above mentioned “default content”. The crypto provider domain name is defined in the SystemParameters table, SMCryptoProviderDomain element and optionally the SMCryptoProviderSubdomain element. The crypto provider port is defined in the SystemParameters table, SMCryptoProviderPort element. Both are configured as String.

Crypto provider information must be set in the .env file as follows:

Gateway

Crypto provider information must be set in the .env file as follows:

Certificates

 

Replace the certificate fullchain.pem and the private key privkey.pem in SAMDeployment/Server/resources/ by your own.

The server SSL certificates are located into the Caddy HTTP container, under the /etc/ssl/caddy directory. The files to be replaced are ca.pem the CA root certificate, cert.pem the server certificate and ca.key the server private key.

Application key

 

You must replace the APP_KEY in the SAMDeployment/Server/templates/laravel_env file. You can generate a new one using the following command:

Time synchronization

To adjust the Docker images time and date to your current location, please update the ““ENV TZ” variable located in the following Dockerfiles:

  • SAMDistImages/Server/Dockerfile

  • SAMDistImages/Database/Dockerfile

The default value is set to “Europe/Paris”

Timezone information must be set in the .env file as follows:

Key embedding tool

The Key Embedding Tools comes with two flavours (debug vs. production). The tool selection is automatic, based on the APP_ENV variable from the .env file.