The whole solution is made up of 4 repos.
- covidpass (Wallet Pass creation front-end, port 3000)
- covidpassApiDotNet (Wallet Pass signing service, Apple specific, port 80)
- verifier (web app for scanning, port 5001; GCP cloud functions /register /verify in support of #1)
- hit-counter (simple python script running in VM, web enabled using flask, port 8080)
The steps were tested against a standard ubuntu LTS 18 vm running in GCP
- allow-covidpass-ports, port 3000,80,5001,5003,8080 tcp/inbound
- ubuntu LTS 18, 2 core, 4Gb RAM, allow all GCP API, network tag (allow-covidpass-ports), fixed external ip will be helpful
ssh into the newly created vm
Install docker
Enable non-root usage of docker
sudo groupadd docker
sudo usermod -aG docker ${USER}
exit SSH session and login again
Install yarn
curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | sudo apt-key add -
echo "deb https://dl.yarnpkg.com/debian/ stable main" | sudo tee /etc/apt/sources.list.d/yarn.list
sudo apt-get update && sudo apt-get install yarn
Upgrade node to 14
sudo apt-get install -y nodejs
Prepare to start
mkdir web
cd web
Repo 1 (https://github.com/billylo1/covidpass)
git clone https://github.com/billylo1/covidpass.git
cd covidpass
yarn install
note external IP of your dev machines
modify .env.local and replace localhost with your {vm-external-ip}
yarn dev
access it from your workstation's browser (http://vm-external-ip:3000)
you should see on the yarn output compiling... sentry initialized and browser showing page
Repo 2 (https://github.com/billylo1/CovidPassApiNet)
cd ~/web
git clone https://github.com/billylo1/CovidPassApiNet
cd CovidPassApiNet/CovidPassApiNet
cp appsettings.example.json appsettings.json
setup Apple Developer Certificate (assume current directory is the above)
1. Sign into your Apple Developer Account
2. Go to Certificates, Identifiers and Profiles
3. Register a new Pass Type Identifier under the Identifiers tab
4. Create a new Pass Type ID Certificate under the Certificates tab
5. Select your previously created Pass Type Identifier in the process
6. Move your new certificate to the My Certificates tab in the keychain
7. Export your certificate as a .p12 file (make a note of passphrase)
8. Create a text file named AppleDeveloperPassword with your passphrase in it
9. Install node.js and download the passkit-keys script
10. Create a keys folder and put the .p12 file inside
11. Run ./passkit-keys <path to your keys folder>
12. copy the .pem file to ~/web/CovidPassApiNet/CovidPassApiNet/AppDeveloperCerticate.pem
13. Open keychain - System Keychain - Certificates
14. Export Apple Developer Relations Certification Authority to AppleCaCertificate.pem
15. chmod 600 Apple*.pem
(Reminder: pls protect these files as they contain private key and passphrases. Do not add them to your repo.)
docker build . -t covidpassapinet
docker run covidpassapinet -p 80:80
Repo 3 (https://github.com/billylo1/verifier)
cd ~/web
git clone https://github.com/billylo1/verifier
sudo npm install -g firebase-tools
firebase init
sudo apt install default-jre
firebase emulators:start
Repo 4 (https://github.com/billylo1/hit-counter)
cd ~/web
git clone https://github.com/billylo1/hit-counter
sudo apt-get install python3.8 python3-pip
python3 server.py