Amadis

Secure Backend - Installation & run

Owned by Alexandre Munsch (Unlicensed)
Last updated: May 12, 2023
3 min read

Table of contents

[ 1 Table of contents ] [ 2 Foreword ] [ 3 Installation ] [ 3.1 Local Docker repository ] [ 3.2 Build and run ] [ 3.3 KeyEmbeddingTool ] [ 4 Update ]

Foreword

It is now time to create the local Docker containers

Installation

Local Docker repository

Start your own local Docker repository with the following command:

docker run -d -p 5000:5000 --restart=always --name registry registry:2

You can change the port number. If you do, please update the Configuration.conf files accordingly (see https://teamamadis.atlassian.net/wiki/spaces/ADG/pages/2051571747)

Build and run

Version 1.0.x

Go to the SAMDistImages directory and run the following commands:

make images make pushtorepository

Go to the SAMDeployment directory and run the following commands:

make initstorage make initdatabase make images

Still in the SAMDeployment directory, simple run the followoing command:

 

Version 1.1.x

Go to the SAMDistImages directory and run the following command:

 

Once you pulled the images from JFrog (see: https://teamamadis.atlassian.net/wiki/spaces/ADG/pages/2233565193), you need to create a docker-compose file to setup the network and components as well as an environment file to set some variables.

Create a docker-compose-prod.yml file with similar information (can be updated according to your needs):

Then create a .env file with the following data (can be updated according to your system):

Then create the network (if not already existing):

And start the images:

Additionally, it might be required to run a few more steps within the php container (docker exec -it php /bin/sh):

KeyEmbeddingTool

To export the device transport key securely, the server will leverage a tool from Zimperium called KeyEmbeddingTool. That tools comes in two flavors: development and production.

The server will look for a /var/www/html/app/tools/KeyEmbeddingTool in the PHP Docker container.

By default, the development version is used. To switch between development and production versions, two additional binaries will be provided in the container: /var/www/html/app/tools/KeyEmbeddingToolDev and /var/www/html/app/tools/KeyEmbeddingToolProd. Simply replace /var/www/html/app/tools/KeyEmbeddingTool by the one to be used.

Update

Assuming there is a folder called secbkd-1.0.x on the server (the currently running version) and that the new package (secbkd-1.0.y) is already present on the same path.

e.g.:

Stop all running containers and remove them:

If you can, clean the docker registry:

Go to the new package and build the images:

Copy the old 'Storage' dir into the new package (we are still in SAMDistImages directory)

Run the new containers:

And that should do the trick.