Merge branch 'main' into local-code-mounting

Author: quartje

stepup/README.md

@@ -36,19 +36,42 @@ docker compose exec middleware /var/www/html/bin/console  doctrine:migrations:mi
 Then the webauthn db
 ```
 docker compose exec webauthn /var/www/html/bin/console  doctrine:migrations:migrate --env=prod
+
 ```
 
 Then you will need to provision the middleware config:
 ```
-sh middleware/middleware-push-config.sh
-sh middleware/middleware-push-whitelist.sh
-sh middleware/middleware-push-whitelist.sh
+cd middleware
+sh middleware-push-config.sh
+sh middleware-push-whitelist.sh
+sh middleware-push-institution.sh
 ```
 Then, bootstrap the SRAA. For this, you will need to have a Yubikey. Replace Yubikey_ID with the number that is printed on your yubikey. It should be 8 characters. If it is less, prepend it with 0's
 ```
-docker compose exec middleware  /var/www/html/bin/console urn:collab:person:dev.openconext.local:admin dev.openconext.local "Your Name" Your@email nl_NL Yubikey_ID
+docker compose exec middleware  /var/www/html/bin/console middleware:bootstrap:identity-with-yubikey urn:collab:person:dev.openconext.local:admin dev.openconext.local "Your Name" Your@email nl_NL Yubikey_ID
+```
+
+You also need a Yubikey API key for your Yubikey to work. You can get it here:
+https://upgrade.yubico.com/getapikey/
+Create the following file "stepup/gateway/surfnet_yubikey.yaml" which should contain:
+
+```
+surfnet_yubikey_api_client:
+  credentials:
+    client_id: 'YOUR_CLIENT_ID'
+    client_secret: 'YOUR_SECRET'
 ```
 
+After this, the cache of the gateway needs to be cleared:
+```
+docker compose exec gateway rm -rf  var/cache/prod
+
+```
+
+Mailcatcher is included. You can view the email by going to http://localhost:1080
+
+A SimpleSAMLPHP sp is included. It can be accessed at https://ssp.dev.openconext.local/simplesaml/sp.php
+
 
 
 

stepup/docker-compose.yml

@@ -21,16 +21,18 @@ services:
       openconextdev:
     volumes:
       - ${PWD}/dbschema:/docker-entrypoint-initdb.d
+      - stepup_mariadb:/var/lib/mysql
 
   webauthn:
     image: ghcr.io/openconext/stepup-webauthn/stepup-webauthn:prod
     ports:
       - 8080:8080
     environment:
       DATABASE_URL: "mysql://webauthn_user:webauthn_secret@mariadb:3306/webauthn"
+      APP_ENV: prod
     volumes:
       - /dev/log:/dev/log
-      - ${PWD}/webauthn:/config
+      - ${PWD}/:/config
     networks:
       openconextdev:
 
@@ -43,6 +45,8 @@ services:
 
   middleware:
     image: ghcr.io/openconext/stepup-middleware/stepup-middleware:prod
+    environment:
+      - APP_ENV=prod
     networks:
       openconextdev:
     volumes:
@@ -51,6 +55,8 @@ services:
 
   gateway:
     image: ghcr.io/openconext/stepup-gateway/stepup-gateway:prod
+    environment:
+      - APP_ENV=prod
     networks:
       openconextdev:
     volumes:
@@ -60,6 +66,8 @@ services:
 
   ra:
     image: ghcr.io/openconext/stepup-ra/stepup-ra:prod
+    environment:
+      - APP_ENV=prod
     networks:
       openconextdev:
     volumes:
@@ -68,13 +76,36 @@ services:
 
   selfservice:
     image: ghcr.io/openconext/stepup-selfservice/stepup-selfservice:prod
+    environment:
+      - APP_ENV=prod
     networks:
       openconextdev:
     volumes:
       - ${PWD}/:/config
       - /dev/log:/dev/log
 
+  demogssp:
+    image: ghcr.io/openconext/stepup-gssp-example/stepup-gssp-example:prod
+    environment:
+      - APP_ENV=prod
+    networks:
+      openconextdev:
+    volumes:
+      - ${PWD}/:/config
+      - /dev/log:/dev/log
+  
+  mailcatcher:
+    image: sj26/mailcatcher:latest
+    ports:
+      - 1080:1080
+    command:
+      '--ip 0.0.0.0 --smtp-port 25'
+    networks:
+      openconextdev:
+
 networks:
   openconextdev:
     driver: bridge
 
+volumes:
+  stepup_mariadb: