Complete the following steps to download and install Alison Wizard image into your server.
After this process, you'll have a docker instance published locally. You can publish its interface behind your local reverse proxy or balancer. This configuration is out of the scope of this guide.
| Table of Contents | ||||||
|---|---|---|---|---|---|---|
|
CertiSur distributes Alison Wizard from Docker Hub (https://hub.docker.com/).
Download ACME image
Step 1- Download Docker image
To download the images, the user must be registered in the aforesaid platform. Contact CertiSur to request access, and inform the Docker Hub profile to grant access to the docker image.
Login using a Docker Hub account:
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
# docker login -u <docker hub account> Password: WARNING! Your password will be stored unencrypted in /root/.docker/config.json. Configure a credential helper to remove this warning. See https://docs.docker.com/engine/reference/commandline/login/#credentials-store Login Succeeded |
| Info | ||
|---|---|---|
| ||
You have to inform your docker hub account in order to authorize to download the package. Send an email to support@certisur.com. |
| Note | ||
|---|---|---|
| ||
It is possible to save the user’s credentials so as to login safely following the steps on this link(https://docs.docker.com/engine/reference/commandline/login/#credentials-store). |
Step 2- Pulling an image from Docker
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
# docker pull certisursa/wizard:latest latest: Pulling from certisursa/wizard a02a4930cb5d: Pull complete b5ffff9dbcda: Pull complete ... 7e5f58de12ac: Pull complete Digest: sha256:332ee89371399b7c6235465beb00fbd2071868fecee33fc14d04b87ba99b265d Status: Downloaded newer image for certisursa/wizard:latest docker.io/certisursa/wizard:latest |
Step 3- Run Alison Wizard docker image
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
# docker run -d \
-it \
-p 8080:8080 \
--name wizard \
--mount type=bind,source="$(pwd)"/config/tenants, \
target=/opt/jboss/config/tenants \
certisursa/wizard:latest |
| Info | ||
|---|---|---|
| ||
Alison Wizard docker image includes an ACME tenant inside. You must overwrite that definition to include your own company or project tenants. In case you want to modify the default configuration, go to step 5 to download a template of a different configuration. You can copy its content to your local machine and make the changes to:
At the moment of running the image, follow the instructions of Step 3 |
Step 4- Test Alison wizard
Open your browser pointing to localhost:8080 (or the port defined by you) to access the URL where you published your Alison Wizard installation. You'll see the following image.
| If you can see this image means that you have Alison Wizard running into your docker container. |  |
.
Add Custom Tenant
After you have Alison Wizard running on your own container, you can add a custom tenant following the next steps:
Step 5- Download a custom example (looney) and customize
Download the files from the following link looney-demo.tgz.
| Code Block | ||||||||
|---|---|---|---|---|---|---|---|---|
| ||||||||
├── debbie
│ ├── config
│ │ ├── certstore
│ │ │ ├── CertiSur.root.ClassB.G1.pilot.509.cer
│ │ │ └── CertiSur.shared.ClassB.G1.pilot.509.cer
│ │ ├── debbie.json
│ │ ├── debbielog.properties
│ │ └── policies
│ │ └── looney.policy.json
│ ├── logs
│ └── repository
├── docker-compose.yml
└── wizard
├── alison-sdk
├── logs
└── tenants
├── looney
│ ├── config
│ │ ├── alison-config.json
│ │ ├── authtoken-desktop.json
│ │ └── license-desktop.json
│ ├── images
│ │ ├── background_world_map.png
│ │ └── clientLogo.jpg
│ └── stylesheets
│ └── custom.css
└── versiones.yml |
Define following variables to your docker instance:
| Variable | Value |
|---|---|
| ENABLED_TENANTS | looney |
| WIZARD_SECRET_KEY_BASE | 95820b3cea66376d006bf3ca3adf48287c1fc671e81c5956f8cd56aaffc4ac707673872d3d8561e14d851dea4c685a9874329a86f5c4b741e6e187cb70895820 |
| BASE_INSTALLERS_PATH | https://s3.amazonaws.com/downloads.certisur.net/installers |
Configure your docker-compose file to mount the following volumes.
| External directory | Container directory |
|---|---|
| ./wizard/tenants | /opt/jboss/config/tenants |
| ./wizard/logs | /opt/jboss/logs |
Note: ./wizard/tenants external directory is the directory included in the example tenant config file (looney-demo.tgz) that you downloaded and stored on your local computer.
| Info | ||
|---|---|---|
| ||
For more details about Alison Wizard configuration variables, see next section Wizard Configuration. |
Step 6- Configure docker-compose.yml and restart the container
Use the previous variables and volume mappings to define the new configuration, in this example as a docker_compose.yml file.
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
version: '3'
services:
wizard:
image: certisursa/wizard:latest
environment:
ENABLED_TENANTS: looney
WIZARD_SECRET_KEY_BASE: 95820b3cea66376d006bf3ca3adf48287c1fc671e81c5956f8cd56aaffc4ac707673872d3d8561e14d851dea4c685a9874329a86f5c4b741e6e187cb70895820
BASE_INSTALLERS_PATH: https://s3.amazonaws.com/downloads.certisur.net/installers
volumes:
- "./wizard/tenants:/opt/jboss/config/tenants"
- "./wizard/logs:/opt/jboss/logs"
ports:
- 8082:8080
|
Launch the container from a shell
| Code Block | ||||
|---|---|---|---|---|
| ||||
> docker-compose --verbose -f docker-compose.yml up -d |
Open your browser pointing to localhost:8082 (or the port defined by you) to access the URL where you published your Alison Wizard installation. You'll see the following image.
| If you can see this image means that you have Alison Wizard running into your docker container. |
|
| Note | ||
|---|---|---|
| ||
Up to here, you can change look&feel like logos, styles, from the front-end. Your customer can download the desktop application, install it and test that is integrated to the browser. To complete installation you can add a validation module (Debbie) to check your customer's certificates. |
.
Add Validation
After you have Alison Wizard running on your own container, you can add custom validation for your customer's certificates following the next steps:
Step 7- Download Debbie module
Debbie is a validation module
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
# docker pull certisursa/debbie:latest latest: Pulling from certisursa/debbie a02a4930cb5d: Pull complete b5ffff9dbcda: Pull complete ... 7e5f58de12ac: Pull complete Digest: sha256:332ee89371399b7.... Status: Downloaded newer image for certisursa/debbie:latest docker.io/certisursa/debbie:latest |
Step 8- Customize (looney) example and restart containers
In step 5, you have already downloaded the looney example, which includes a local configuration for Debbie.
Extend your docker-compose.yml file to include Debbie image. It should look like:
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
version: '3'
services:
debbie:
image: certisursa/debbie:latest
volumes:
- "./debbie/config:/app/config"
- "./debbie/repository:/app/repository"
- "./debbie/logs:/app/log"
ports:
- 8081:8080
wizard:
image: certisursa/wizard:latest
environment:
ENABLED_TENANTS: looney
WIZARD_SECRET_KEY_BASE: 95820b3cea66376d006bf3ca3adf48287c1fc671e81c5956f8cd56aaffc4ac707673872d3d8561e14d851dea4c685a9874329a86f5c4b741e6e187cb70895820
BASE_INSTALLERS_PATH: https://s3.amazonaws.com/downloads.certisur.net/installers
DEBBIE_BASE_URL: http://localhost:8081
volumes:
- "./wizard/tenants:/opt/jboss/config/tenants"
- "./wizard/logs:/opt/jboss/logs"
ports:
- 8082:8080
|
Look that the following variable was added to wizard configuration on your docker compose file, pointing to the Debbie services port.
| Variable | Value |
|---|---|
| DEBBIE_BASE_URL | http://localhost:8081 |
Launch the container from a shell
| Code Block | ||||
|---|---|---|---|---|
| ||||
> docker-compose --verbose -f docker-compose.yml up -d |
To test that Debbie is up and running, open your browser pointing to localhost:8081/looney/healthcheck to access the URL where you published your Debbie installation.
| Info | ||
|---|---|---|
| ||
For more details about Debbie configuration and licensing, see Debbie Configuration. |