Skip to content

Latest commit

 

History

History
81 lines (63 loc) · 2.25 KB

SETUP.md

File metadata and controls

81 lines (63 loc) · 2.25 KB

Setup a zezere instance locally

  1. To install requirements in a Python virtual environment, set it up first.

    $ virtualenv venv
    $ . venv/bin/activate
  2. Before installing other Python requirements, you need to install Apache httpd first. Follow the instructions from mod-wsgi project documentation.


In order to satisfy the `psycopg2` dependency please follow instructions from [psycopg2 project documentation](https://www.psycopg.org/docs/install.html).
  1. Install the requirements

    $ (venv) pip install .
  2. Before using the zezere-manage tool, a configuration needs to be created. Default configuration can be used as a base:

    $ cp zezere/default.conf ./zezere.conf
    
  3. Authentication method and secret key needs to be set in order to satisfy the tool. Also, make sure that the allowed_hosts is what you want.

    allowed_hosts = localhost, 127.0.0.1
    secret_key = very-secret
    auth_method = local
    
  4. Now run the migrations, to create a database file.

    $ python manage.py migrate --noinput
  5. To collect the static files, run

    $ python manage.py collectstatic
    
  6. Now we can create a superuser:

    $ zezere-manage createsuperuser --username admin --email [email protected]
    
  7. After a password has been set, we are ready to run Zezere:

    ./app.sh
    

    Use the admin credentials we created to login to localhost:8080


Setup using Docker

The easiest way to run Zezere is to run the official container and authenticate with OpenID Connect:

$ docker run --detach --rm --name zezere \
    -e OIDC_RP_CLIENT_ID=<client id> \
    -e OIDC_RP_CLIENT_SECRET=<client secret> \
    -e OIDC_OP_AUTHORIZATION_ENDPOINT=<authorization endpoint> \
    -e OIDC_OP_TOKEN_ENDPOINT=<token endpoint> \
    -e OIDC_OP_USER_ENDPOINT=<userinfo endpoint> \
    -e OIDC_OP_JWKS_ENDPOINT=<jwks endpoint> \
    -e AUTH_METHOD=oidc \
    -e SECRET_KEY=localtest \
    -e ALLOWED_HOSTS=localhost \
    -p 8080:8080 \
    -t quay.io/fedora-iot/zezere:latest

The default signing algorithm is RS256 but it can also be controlled with the environment variable OIDC_OP_SIGN_ALGO