Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix: Homogeneous env #121

Merged
merged 3 commits into from
Feb 9, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
49 changes: 49 additions & 0 deletions Docker-compose/.env.example
Original file line number Diff line number Diff line change
@@ -0,0 +1,49 @@
HOSTNAME=localhost

# MongoDB authentication
MONGO_DBUSER=satosa
MONGO_DBPASSWORD=thatpassword

# The path containing your secrets
KEYS_FOLDER=./pki
# Keys filename
SATOSA_PRIVATE_KEY_FILENAME=privkey.pem
SATOSA_PUBLIC_KEY=cert.pem

# BE CAREFUL HERE!
SATOSA_SALT=CHANGE_ME!
SATOSA_ENCRYPTION_KEY=CHANGE_ME!
SATOSA_STATE_ENCRYPTION_KEY=CHANGE_ME!
SATOSA_USER_ID_HASH_SALT=CHANGE_ME!

# Contact person data
SATOSA_CONTACT_PERSON_EMAIL_ADDRESS=support.example@organization.org
SATOSA_CONTACT_PERSON_TELEPHONE_NUMBER=+3906123456789
SATOSA_CONTACT_PERSON_FISCALCODE=01234567890
SATOSA_CONTACT_PERSON_GIVEN_NAME=Name
SATOSA_CONTACT_PERSON_IPA_CODE=ipa00c
SATOSA_CONTACT_PERSON_MUNICIPALITY=H501

# Organization data
SATOSA_ORGANIZATION_DISPLAY_NAME_EN="Example Organization"
SATOSA_ORGANIZATION_DISPLAY_NAME_IT="Example Organization"
SATOSA_ORGANIZATION_NAME_EN="example_organization"
SATOSA_ORGANIZATION_NAME_IT="example_organization"
SATOSA_ORGANIZATION_URL_EN="https://example_organization.org"
SATOSA_ORGANIZATION_URL_IT="https://example_organization.org/it"

SATOSA_UI_DESCRIPTION_EN="Resource description"
SATOSA_UI_DESCRIPTION_IT="Resource description"
SATOSA_UI_DISPLAY_NAME_EN="Resource Display Name"
SATOSA_UI_DISPLAY_NAME_IT="Resource Display Name"
SATOSA_UI_INFORMATION_URL_EN="https://example_organization.org/information_url"
SATOSA_UI_INFORMATION_URL_IT="https://example_organization.org/it/information_url"
SATOSA_UI_LOGO_HEIGHT="60"
SATOSA_UI_LOGO_WIDTH="80"
SATOSA_UI_LOGO_URL="https://example_organization.org/logo.png"
SATOSA_UI_PRIVACY_URL_EN="https://example_organization.org/privacy"
SATOSA_UI_PRIVACY_URL_IT="https://example_organization.org/it/privacy"
SATOSA_REQUESTED_ATTRIBUTES=[]

# If set to true, satosa downloads IDEM's keys and IDPs from registry.spid.gov.it
GET_IDEM_MDQ_KEY=true
11 changes: 5 additions & 6 deletions Docker-compose/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -109,11 +109,10 @@ See [mongo readme](../README.mongo.md) to have some example of demo data.

## Env file

```
# cat .env
MONGO_DBUSER=satosa
MONGO_DBPASSWORD=thatpassword
HOSTNAME=localhost
```
Customize the environment variables using the [.env](.env) file.
The file [.env.example](.env.example) provides an example with all the environment variables you can set.
The variables not set in the `.env` file will fallback on a default value defined in the [docker-compose.yml](docker-compose.yml).

> :warning: Be careful when deploying your solution since some environment variables are **security-related**.

See [mongo readme](../README.mongo.md) for explanation of environment variables of MongoDB.
90 changes: 48 additions & 42 deletions Docker-compose/docker-compose.yml
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,8 @@ services:
restart: always
environment:
MONGO_INITDB_DATABASE: oidcop
MONGO_INITDB_ROOT_USERNAME: "${MONGO_DBUSER}"
MONGO_INITDB_ROOT_PASSWORD: "${MONGO_DBPASSWORD}"
MONGO_INITDB_ROOT_USERNAME: "${MONGO_DBUSER:-satosa}"
MONGO_INITDB_ROOT_PASSWORD: "${MONGO_DBPASSWORD:-thatpassword}"
volumes:
- mongodata:/data/db
- /usr/share/zoneinfo/Europe/Rome:/etc/localtime:ro
Expand All @@ -26,9 +26,9 @@ services:
environment:
ME_CONFIG_BASICAUTH_USERNAME: satosauser
ME_CONFIG_BASICAUTH_PASSWORD: satosapw
ME_CONFIG_MONGODB_ADMINUSERNAME: "${MONGO_DBUSER}"
ME_CONFIG_MONGODB_ADMINPASSWORD: "${MONGO_DBPASSWORD}"
ME_CONFIG_MONGODB_URL: mongodb://${MONGO_DBUSER}:${MONGO_DBPASSWORD}@satosa-mongo:27017/
ME_CONFIG_MONGODB_ADMINUSERNAME: "${MONGO_DBUSER:-satosa}"
ME_CONFIG_MONGODB_ADMINPASSWORD: "${MONGO_DBPASSWORD:-thatpassword}"
ME_CONFIG_MONGODB_URL: mongodb://${MONGO_DBUSER:-satosa}:${MONGO_DBPASSWORD:-thatpassword}@satosa-mongo:27017/
networks:
- satosa-saml2spid
## START: PARTE NUOVA
Expand Down Expand Up @@ -65,47 +65,51 @@ services:
- BASE_DIR=/satosa_proxy
- SATOSA_BY_DOCKER=1

- SATOSA_BASE=https://$HOSTNAME
- SATOSA_BASE_STATIC=https://$HOSTNAME/static
- SATOSA_DISCO_SRV=https://$HOSTNAME/static/disco.html
- SATOSA_UNKNOW_ERROR_REDIRECT_PAGE=https://$HOSTNAME/static/error_page.html
- SATOSA_BASE=https://${HOSTNAME:-localhost}
- SATOSA_BASE_STATIC=https://${HOSTNAME:-localhost}/static
- SATOSA_DISCO_SRV=https://${HOSTNAME:-localhost}/static/disco.html
- SATOSA_UNKNOW_ERROR_REDIRECT_PAGE=https://${HOSTNAME:-localhost}/static/error_page.html

- MONGODB_PASSWORD=${MONGO_DBPASSWORD}
- MONGODB_USERNAME=${MONGO_DBUSER}
- MONGODB_USERNAME=${MONGO_DBUSER:-satosa}
- MONGODB_PASSWORD=${MONGO_DBPASSWORD:-thatpassword}

- SATOSA_CONTACT_PERSON_EMAIL_ADDRESS=support.example@organization.org
- SATOSA_CONTACT_PERSON_TELEPHONE_NUMBER=+3906123456789
- SATOSA_CONTACT_PERSON_FISCALCODE=01234567890
- SATOSA_CONTACT_PERSON_GIVEN_NAME=Name
- SATOSA_CONTACT_PERSON_IPA_CODE=ipa00c
- SATOSA_CONTACT_PERSON_MUNICIPALITY=H501
- SATOSA_ENCRYPTION_KEY=CHANGE_ME!
- SATOSA_CONTACT_PERSON_EMAIL_ADDRESS=${SATOSA_CONTACT_PERSON_EMAIL_ADDRESS:-support.example@organization.org}
- SATOSA_CONTACT_PERSON_TELEPHONE_NUMBER=${SATOSA_CONTACT_PERSON_TELEPHONE_NUMBER:-+3906123456789}
- SATOSA_CONTACT_PERSON_FISCALCODE=${SATOSA_CONTACT_PERSON_FISCALCODE:-XXXXXX00X00X000Y}
- SATOSA_CONTACT_PERSON_GIVEN_NAME=${SATOSA_CONTACT_PERSON_GIVEN_NAME:-Contact Me}
- SATOSA_CONTACT_PERSON_IPA_CODE=${SATOSA_CONTACT_PERSON_IPA_CODE:-ipa00c}
- SATOSA_CONTACT_PERSON_MUNICIPALITY=${SATOSA_CONTACT_PERSON_MUNICIPALITY:-H501}

- SATOSA_ORGANIZATION_DISPLAY_NAME_EN=Resource provided by Example Organization
- SATOSA_ORGANIZATION_DISPLAY_NAME_IT=Resource provided by Example Organization
- SATOSA_ORGANIZATION_NAME_EN=Resource provided by Example Organization
- SATOSA_ORGANIZATION_NAME_IT=Resource provided by Example Organization
- SATOSA_ORGANIZATION_URL_EN=https://example_organization.org
- SATOSA_ORGANIZATION_URL_IT=https://example_organization.org
- SATOSA_PRIVATE_KEY=${KEYS_FOLDER}/privkey.pem
- SATOSA_PUBLIC_KEY=${KEYS_FOLDER}/cert.pem
- SATOSA_SALT=CHANGE_ME!
- SATOSA_STATE_ENCRYPTION_KEY=CHANGE_ME!
- SATOSA_UI_DESCRIPTION_EN=Resource description
- SATOSA_UI_DESCRIPTION_IT=Resource description
- SATOSA_UI_DISPLAY_NAME_EN=Resource Display Name
- SATOSA_UI_DISPLAY_NAME_IT=Resource Display Name
- SATOSA_UI_INFORMATION_URL_EN=https://example_organization.org/information_url_en
- SATOSA_UI_INFORMATION_URL_IT=https://example_organization.org/information_url_en
- SATOSA_UI_LOGO_HEIGHT=60
- SATOSA_UI_LOGO_URL=https://example_organization.org/logo.png
- SATOSA_UI_LOGO_WIDTH=80
- SATOSA_UI_PRIVACY_URL_EN=https://example_organization.org/privacy_en
- SATOSA_UI_PRIVACY_URL_IT=https://example_organization.org/privacy_en
- SATOSA_USER_ID_HASH_SALT=CHANGE_ME!
- SATOSA_REQUESTED_ATTRIBUTES=[]
- SATOSA_ENCRYPTION_KEY=${SATOSA_ENCRYPTION_KEY:-CHANGE_ME!}

- GET_IDEM_MDQ_KEY=true
- SATOSA_ORGANIZATION_DISPLAY_NAME_EN=${SATOSA_ORGANIZATION_DISPLAY_NAME_EN:-Example Organization}
- SATOSA_ORGANIZATION_DISPLAY_NAME_IT=${SATOSA_ORGANIZATION_DISPLAY_NAME_IT:-Example Organization}
- SATOSA_ORGANIZATION_NAME_EN=${SATOSA_ORGANIZATION_NAME_EN:-example_organization}
- SATOSA_ORGANIZATION_NAME_IT=${SATOSA_ORGANIZATION_NAME_IT:-example_organization}
- SATOSA_ORGANIZATION_URL_EN=${SATOSA_ORGANIZATION_URL_EN:-https://example_organization.org}
- SATOSA_ORGANIZATION_URL_IT=${SATOSA_ORGANIZATION_URL_IT:-https://example_organization.org/it}

- SATOSA_PRIVATE_KEY=${KEYS_FOLDER}/${SATOSA_PRIVATE_KEY_FILENAME:-privkey.pem}
- SATOSA_PUBLIC_KEY=${KEYS_FOLDER}/${SATOSA_CERT_FILENAME:-cert.pem}
- SATOSA_SALT=${SATOSA_SALT:-CHANGE_ME!}

- SATOSA_STATE_ENCRYPTION_KEY=${SATOSA_STATE_ENCRYPTION_KEY:-CHANGE_ME!}

- SATOSA_UI_DESCRIPTION_EN=${SATOSA_UI_DESCRIPTION_EN:-Resource description}
- SATOSA_UI_DESCRIPTION_IT=${SATOSA_UI_DESCRIPTION_IT:-Resource description}
- SATOSA_UI_DISPLAY_NAME_EN=${SATOSA_UI_DISPLAY_NAME_EN:-Resource Display Name}
- SATOSA_UI_DISPLAY_NAME_IT=${SATOSA_UI_DISPLAY_NAME_IT:-Resource Display Name}
- SATOSA_UI_INFORMATION_URL_EN=${SATOSA_UI_INFORMATION_URL_EN:-https://example_organization.org/information_url}
- SATOSA_UI_INFORMATION_URL_IT=${SATOSA_UI_INFORMATION_URL_IT:-https://example_organization.org/it/information_url}
- SATOSA_UI_LOGO_HEIGHT=${SATOSA_UI_LOGO_HEIGHT:-60}
- SATOSA_UI_LOGO_WIDTH=${SATOSA_UI_LOGO_WIDTH:-80}
- SATOSA_UI_LOGO_URL=${SATOSA_UI_LOGO_URL:-https://example_organization.org/logo.png}
- SATOSA_UI_PRIVACY_URL_EN=${SATOSA_UI_PRIVACY_URL_EN:-https://example_organization.org/privacy}
- SATOSA_UI_PRIVACY_URL_IT=${SATOSA_UI_PRIVACY_URL_IT:-https://example_organization.org/it/privacy}
- SATOSA_USER_ID_HASH_SALT=${SATOSA_USER_ID_HASH_SALT:-CHANGE_ME!}
- SATOSA_REQUESTED_ATTRIBUTES=${SATOSA_REQUESTED_ATTRIBUTES:-[]}

- GET_IDEM_MDQ_KEY=${GET_IDEM_MDQ_KEY:-true}
expose:
- 10000
ports:
Expand Down Expand Up @@ -141,6 +145,8 @@ services:
- ../docker-example/static:/var/www/html
networks:
- satosa-saml2spid
environment:
- NGINX_HOST=${HOSTNAME:-localhost}

spid-samlcheck:
image: italia/spid-saml-check
Expand Down
Loading