2021-10-23 16:35:21 +00:00
|
|
|
# CAcert OpenID connect parent project
|
|
|
|
|
2022-08-09 16:24:14 +00:00
|
|
|
This repository references several repositories for the CAcert OpenID connect
|
|
|
|
setup.
|
|
|
|
|
2021-10-23 16:35:21 +00:00
|
|
|
## Clone the repository
|
|
|
|
|
2022-08-09 16:24:14 +00:00
|
|
|
```shell
|
2022-07-28 16:35:46 +00:00
|
|
|
git clone --recurse-submodules https://code.cacert.org/cacert/oidc-parent.git
|
|
|
|
cd oidc-parent
|
2021-10-24 12:39:05 +00:00
|
|
|
# cause pull, fetch and other git commands to consider submodules
|
|
|
|
git config submodule.recurse true
|
2021-10-23 16:35:21 +00:00
|
|
|
```
|
2022-08-09 16:24:14 +00:00
|
|
|
|
|
|
|
## Get started
|
|
|
|
|
|
|
|
- [setup Hydra](https://code.cacert.org/cacert/oidc-hydra-config/src/branch/main/README.md)
|
|
|
|
- build CAcert web application resources
|
|
|
|
- setup IDP (provides login and consent screens)
|
|
|
|
- setup demo application
|
2022-11-25 06:59:45 +00:00
|
|
|
- setup OpenID Connect client registration application
|
2022-08-18 09:58:24 +00:00
|
|
|
|
|
|
|
## Local development setup
|
|
|
|
|
|
|
|
Make sure you have the necessary prerequisites installed (tested on Debian 11
|
|
|
|
Bullseye) and `~/.local/bin` is in your `$PATH` variable:
|
|
|
|
|
|
|
|
```shell
|
|
|
|
sudo apt update
|
|
|
|
sudo apt install make python3-pip python3-psycopg2 golang-go yarnpkg
|
|
|
|
python3 -m pip install --user -U pip
|
|
|
|
python3 -m pip install --user ansible
|
|
|
|
export PATH=$HOME/.local/bin:$PATH
|
|
|
|
```
|
|
|
|
|
|
|
|
*Note:* It is a good idea to put the `PATH` export line into your `.bashrc` or
|
|
|
|
`.zshenv`.
|
|
|
|
|
|
|
|
Use `make` to build the web app resources and applications:
|
|
|
|
|
|
|
|
```shell
|
2022-09-26 08:19:49 +00:00
|
|
|
go install github.com/nicksnyder/go-i18n/v2/goi18n@latest
|
2022-08-18 09:58:24 +00:00
|
|
|
make
|
|
|
|
```
|
|
|
|
|
|
|
|
Use `ansible-playbook` to deploy Hydra, IDP, Client registration and the demo
|
|
|
|
application:
|
|
|
|
|
|
|
|
```shell
|
|
|
|
cd deployment
|
|
|
|
ansible-playbook 01_install_cacert_oidc.yml
|
|
|
|
```
|
|
|
|
|
2023-06-18 00:10:03 +00:00
|
|
|
Note: If ansible-playbook fails early in the process with "sudo: a password is required,"
|
|
|
|
then confirm that your user has sudo privileges and execute that command like
|
|
|
|
|
|
|
|
```shell
|
|
|
|
ansible-playbook -K 01_install_cacert_oidc.yml
|
|
|
|
```
|
|
|
|
|
|
|
|
|
2022-09-26 08:19:49 +00:00
|
|
|
## Vagrant setup
|
|
|
|
|
|
|
|
```shell
|
|
|
|
sudo apt install vagrant-libvirt virt-manager libvirt-clients
|
|
|
|
vagrant up
|
|
|
|
vagrant ssh -- cat .local/share/mkcert/rootCA.pem | sudo tee /usr/local/share/ca-certificates/mkcert-vagrant-oidc.crt
|
2023-06-19 12:19:18 +00:00
|
|
|
sudo update-ca-certificates
|
2022-09-26 08:19:49 +00:00
|
|
|
```
|