Skip to content

Commit 24f7f52

Browse files
pmeulenquartje
pmeulen
authored and
quartje
committed
Configure Yubico cloud API keys first
This config file is mounted in the container, so it must exist. Because the Symfony cache is empty when the container is first started, it is not neccesary to clear it.
1 parent 414361e commit 24f7f52

File tree

2 files changed

+15
-21
lines changed

2 files changed

+15
-21
lines changed

stepup/README.md

Lines changed: 9 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -20,23 +20,28 @@ First, you need to create an entry in your hosts file (/etc/hosts on *nix system
2020
```
2121
127.0.0.1 selfservice.dev.openconext.local webauthn.dev.openconext.local ssp.dev.openconext.local gateway.dev.openconext.local middleware.dev.openconext.local ra.dev.openconext.local demogssp.dev.openconext.local
2222
```
23-
You can then bring up the docker-compose:
2423

25-
```
26-
docker-compose up -d
24+
Secondly you need to create the `stepup/gateway/surfnet_yubikey.yaml` filewith your Yubikey API credentials. If you do not have API credentials, you can get them at <https://upgrade.yubico.com/getapikey/>. You require a Yubikey to get an API key.
25+
26+
```yaml
27+
surfnet_yubikey_api_client:
28+
credentials:
29+
client_id: 'YOUR_CLIENT_ID'
30+
client_secret: 'YOUR_SECRET'
2731
```
2832
2933
You should then get the apps initialised
34+
You can then bring up the containers using docker compose:
3035
3136
Initialise the middelware database:
3237
```
3338
docker compose exec middleware /var/www/html/bin/console doctrine:migrations:migrate --env=prod --em=deploy
39+
docker-compose up -d
3440
```
3541

3642
Then the webauthn db
3743
```
3844
docker compose exec webauthn /var/www/html/bin/console doctrine:migrations:migrate --env=prod
39-
4045
```
4146

4247
Then you will need to provision the middleware config:
@@ -51,23 +56,6 @@ Then, bootstrap the SRAA. For this, you will need to have a Yubikey. Replace Yub
5156
docker compose exec middleware /var/www/html/bin/console middleware:bootstrap:identity-with-yubikey urn:collab:person:dev.openconext.local:admin dev.openconext.local "Your Name" Your@email nl_NL Yubikey_ID
5257
```
5358

54-
You also need a Yubikey API key for your Yubikey to work. You can get it here:
55-
https://upgrade.yubico.com/getapikey/
56-
Create the following file "stepup/gateway/surfnet_yubikey.yaml" which should contain:
57-
58-
```
59-
surfnet_yubikey_api_client:
60-
credentials:
61-
client_id: 'YOUR_CLIENT_ID'
62-
client_secret: 'YOUR_SECRET'
63-
```
64-
65-
After this, the cache of the gateway needs to be cleared:
66-
```
67-
docker compose exec gateway rm -rf var/cache/prod
68-
69-
```
70-
7159
Mailcatcher is included. You can view the email by going to http://localhost:1080
7260

7361
A SimpleSAMLPHP sp is included. It can be accessed at https://ssp.dev.openconext.local/simplesaml/sp.php

stepup/gateway/surfnet_yubikey.yaml.dist

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,6 @@
1+
2+
surfnet_yubikey_api_client:
3+
credentials:
4+
# Get your client_id and client_secret from https://upgrade.yubico.com/getapikey/
5+
client_id: 'YOUR_CLIENT_ID'
6+
client_secret: 'YOUR_SECRET'

0 commit comments

Comments
 (0)