local mount, profiles and new docs (#160)

* Local mount + docs + fix #156 , #158, #134

* fix #159

* example env file must be not an hidden file

* updated compose istruction

* update index

* Fixed title and added change directory in LONG WAY

* Another index fix

* SystemD doc moved to /docs

* uWSGI config doc with example

* fixed doc

* Add TZ env to NGINX

* add new docs and removed old examples

* workflow with new path

* path with new schema

* Update Docker-compose/README.md

Co-authored-by: Giuseppe De Marco <[email protected]>

* Update Docker-compose/README.md

Co-authored-by: Giuseppe De Marco <[email protected]>

* Update docs/satosa-nginx_compose_service.md

Co-authored-by: Giuseppe De Marco <[email protected]>

* Update docs/satosa-nginx_compose_service.md

Co-authored-by: Giuseppe De Marco <[email protected]>

* Update docs/satosa-nginx_compose_service.md

Co-authored-by: Giuseppe De Marco <[email protected]>

* Update docs/satosa-nginx_compose_service.md

Co-authored-by: Giuseppe De Marco <[email protected]>

---------

Co-authored-by: Giuseppe De Marco <[email protected]>

.github/workflows/python-app.yml

@@ -38,36 +38,27 @@ jobs:
         flake8 --count --select=E9,F63,F7,F82 --show-source --statistics example
         ## exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide
         flake8 --max-line-length 120 --count --exit-zero --statistics example
-    - name: Create docker-example folder
-      run: |
-        mkdir -p docker-example
-        cp -r example/. docker-example
     - name: docker compose
       run: |       
         cd Docker-compose
         ./run-docker-compose.sh
         docker ps -a
     - name: djangosaml2 SP metadata to Proxy
       run: |
-        wget http://localhost:8000/saml2/metadata -O example/metadata/sp/djangosaml2_sp.xml
-    - name: run satosa-saml2spid
-      run: |
-        cd docker-example
-        mkdir -p metadata/idp
-        mkdir -p metadata/sp
+        wget http://localhost:8000/saml2/metadata -O Docker-compose/satosa-project/metadata/sp/djangosaml2_sp.xml
     - name: Metadata proxy to djangosaml2 SP
       run: |
-        wget --no-check-certificate https://localhost/Saml2IDP/metadata -O example_sp/djangosaml2_sp/saml2_sp/saml2_config/satosa-saml2spid.xml
+        wget --no-check-certificate https://localhost/Saml2IDP/metadata -O Docker-compose/djangosaml2_sp/saml2_sp/saml2_config/satosa-saml2spid.xml
     - name: spid-sp-test SPID metadata, requests and responses
       run: |
-        cd docker-example
+        cd Docker-compose/satosa-project
         spid_sp_test --idp-metadata > metadata/idp/spid-sp-test.xml
         spid_sp_test --metadata-url https://localhost/spidSaml2/metadata --authn-url "http://localhost:8000/saml2/login/?idp=https://localhost/Saml2IDP/metadata&next=/saml2/echo_attributes&idphint=https%253A%252F%252Flocalhost%253A8443" -ap spid_sp_test.plugins.authn_request.SatosaSaml2Spid --extra --debug ERROR -tr
     - name: spid-sp-test CIE id metadata
       run: |
-        cd docker-example
+        cd Docker-compose/satosa-project
         spid_sp_test --profile cie-sp-public --metadata-url https://localhost/cieSaml2/metadata
     - name: spid-sp-test eIDAS FiCEP metadata
       run: |
-        cd docker-example
+        cd Docker-compose/satosa-project
         spid_sp_test --profile ficep-eidas-sp --metadata-url https://localhost/spidSaml2/metadata

.gitignore

@@ -17,3 +17,7 @@ example/private/*
 example_sp/djangosaml2_sp/sqlite3.db
 project/*
 docker-example/*
+Docker-compose/satosa-project/*
+Docker-compose/djangosaml2_sp/*
+Docker-compose/mongo/db/*
+Docker-compose/nginx/html/static/*

Docker-compose/README.md

@@ -3,131 +3,87 @@
 ## Table of Contents
 
 1. [Requirements](#requirements)
-2. [Run the composition](#run-the-composition)
-3. [Stop the composition](#stop-the-composition)
-4. [Remove/Delete volumes](#remove/delete-volumes)
-5. [Demo data](#demo-data)
-6. [Env file](#env-file)
-7. [docker-compose.yml](#docker-compose.yml)
+2. [Run the composition - MAGIC WAY](#run-the-composition-magic-way)
+3. [Run the composition - LONG WAY](#run-the-composition-long-way)
+4. [Configure your system](#configure-your-system)
+5. [Insights](#Insights)
 
 ## Requirements
 
 In order to execute the run script you need:
 
-* docker
-* jq
-* docker version 3
+* docker-compose
 
 Installation example in Ubuntu:
 
 ```
-sudo apt install jq
+sudo apt install docker-compose
 ```
 
 For docker-compose you can also [see here](https://docs.docker.com/compose/install/other/).
 
-### Satosa-Saml2SPID Docker Image
+## Run the composition MAGIC WAY
 
-The official Satosa-Saml2SPID docker image is available at 
-[italia/satosa-saml2spid](https://ghcr.io/italia/satosa-saml2spid).
-
-To install it, you can execute the following command: `sudo docker pull ghcr.io/italia/satosa-saml2spid:latest`.
-
-Otherwise you can build the image executing the following command: `docker build -t satosa-saml2spid .`.
-
-Then you can even inspect the image content, by running the following command: `docker run -it -v $(pwd)/example:/satosa_proxy --entrypoint sh satosa-saml2spid`.
-
-## Run the composition
-
-1. Copy/pull Satosa-Saml2Spid project locally.
-2. Copy the folder `example` to a new folder named `docker-example`: `cp -R example docker-example`.
-3. Inspect the `docker-example` folder content and do your configuration by setting env variables and local folder contents.
-
-> :warning: **DO NOT USE the `example` folder _as is_ in production**: the `example` folder provides secrets that **MUST** be not used in a production environment. It sole purpose is to provide a user friendly starting point.
-
-### Start the Compose
-
-Execute the run script for the first time:
-
-```
+Enter in `Docker-compose` directory and run `run-docker-compose.sh`:
+```bash
 cd Docker-compose
 ./run-docker-compose.sh
 ```
+The script make the directories for local mounts, copy all required files in right directory and start a full demo with test and Service providers
 
-The following docker volumes are created, if they doesn't exist yet:
+* Satosa-saml2spid is published with nginx frontend on https://localhost
+* Mongo Espress is published on http://localhost:8081
+* Django SAML2 SP is published on https://localhost:8000
+* Spid-samlcheck is published on https://localhost:8443
 
-* satosa-saml2spid_nginx_certs
-* satosa-saml2spid_mongodata 
+More details ad start option are avable on [run-docker-compose.sh](../docs/run-docker-compose.sh.md) page
 
-The *satosa-saml2spid_nginx_certs* is populated with data from [nginx/certs/](nginx/certs)`,
-*satosa-saml2spid_mongodata* is populated by MongoDB container with its storage.
+### Run the composition LONG WAY
 
-After having executed the docker compose you can see the logs of the running containers:
-```
-docker-compose -f docker-compose.yml logs -f
+Enter in `Docker-compose` directory and make required direcotries for local mounts:
+```bash
+cd Docker-compose
+mkdir -p ./mongo/db          # DB Data directory
+mkdir -p ./satosa-project    # Satosa-saml2spid data istance
+mkdir -p ./djangosaml2_sp    # Service provider directory
+mkdir -p ./nginx/html/static # static files for nginx
 ```
 
-After the first run, you can start the docker compose with the run script or by this commands:
-
-```
-docker-compose pull; docker-compose down -v; docker-compose up -d; docker-compose logs -f
+Copy required files
+```bash
+cp -R ../example/* ./satosa-project
+cp -R ../example_sp/djangosaml2_sp/* ./djangosaml2_sp
+cp -E ../example/static/* ./nginx/html/static
 ```
-### Where is your data?
 
-Command:
-
-```
-docker volume ls
+Clean static data from Satosa project
+```bash
+rm -R ./satosa-project/static
 ```
 
-Output:
-
-```
-DRIVER    VOLUME NAME
-local     satosa-saml2spid_mongodata
-local     satosa-saml2spid_nginx_certs
-```
-
-In RedHat and Ubuntu based OS the Docker volumes directory is at:
-
+Run the compose for a minimal system (nginx and satosa)
 ```
-# ls -1 /var/lib/docker/volumes/
-satosa-saml2spid_mongodata
-satosa-saml2spid_nginx_certs
+docker compose up
 ```
 
-## Stop the composition
-
+Run the full demo
+```bash
+docker compose --profile demo up
 ```
-./stop-docker-compose.sh
-```
-
-This script stops all containers of the composition and detaches the volumes, but keeps the data on the persistent volumes.
 
-## Remove/Delete volumes
+Read the [profiles guide](../docs/docker_compose_profiles.md) for more informations 
 
-If you want to start from scratch, or just clear all persistent data, just run the following script:
 
+### Configure your system
+Copy the example env file:
+```bash
+cp env.example .env
 ```
-./rm-persistent-volumes.sh
-```
-
-First, the containers of the composition are stopped and the volumes are detached.
-
-Then you are asked if you want to delete the volumes and if you answer yes, you have to confirm volume by volume.
-
-## Demo data
-
-Demo data for a test client are inserted into the DB during the first run of the composition.
-
-See [mongo readme](../README.mongo.md) to have some example of demo data.
-
-## Env file
 
-Customize the environment variables using the [.env](.env) file.
-The file [.env.example](.env.example) provides an example with all the environment variables you can set.
-The variables not set in the `.env` file will fallback on a default value defined in the [docker-compose.yml](docker-compose.yml).
+Edit and personalize the system from `.env` files. You can still edit all files in detail from their local volumes.
+**IMPORTANT all the default password must be changed!**
 
-> :warning: Be careful when deploying your solution since some environment variables are **security-related**.
+### Insights
 
-See [mongo readme](../README.mongo.md) for explanation of environment variables of MongoDB.
+* More details on prodiles read the [Docker Compose Profiles](../docs/docker_compose_profiles.md) page
+* More details on run-docker-compose,sh read the [run-docker-compose.sh](../docs/run-docker-compose.sh.md) page