Wizard - Installation
- Armando Carratala
- Julio D'Angelo
Complete the following steps to download and install Alison Wizard image into your server.
After this process, you'll have a docker instance published locally. You can publish its interface behind your local reverse proxy or balancer. This configuration is out of the scope of this guide.
CertiSur distributes Alison Wizard from Docker Hub (https://hub.docker.com/).
Download ACME image
Step 1- Download Docker image
To download the images, the user must be registered in the aforesaid platform. Contact CertiSur to request access, and inform the Docker Hub profile to grant access to the docker image.
Login using a Docker Hub account:
# docker login -u <docker hub account> Password: WARNING! Your password will be stored unencrypted in /root/.docker/config.json. Configure a credential helper to remove this warning. See https://docs.docker.com/engine/reference/commandline/login/#credentials-store Login Succeeded
Inform your docker hub account
You have to inform your docker hub account in order to authorize to download the package. Send an email to support@certisur.com.
Security warning
It is possible to save the user’s credentials so as to login safely following the steps on this link(https://docs.docker.com/engine/reference/commandline/login/#credentials-store).
Step 2- Pulling an image from Docker
# docker pull certisursa/wizard:latest latest: Pulling from certisursa/wizard a02a4930cb5d: Pull complete b5ffff9dbcda: Pull complete ... 7e5f58de12ac: Pull complete Digest: sha256:332ee89371399b7c6235465beb00fbd2071868fecee33fc14d04b87ba99b265d Status: Downloaded newer image for certisursa/wizard:latest docker.io/certisursa/wizard:latest
Step 3- Run Alison Wizard docker image
# docker run -d \
-it \
-p 8080:8080 \
--name wizard \
certisursa/wizard:latest
Alison Wizard default configuration
Alison Wizard docker image includes an ACME tenant inside. You must overwrite that definition to include your own company or project tenants.
In case you want to modify the default configuration, go to step 5 to download a template of a different configuration. You can copy its content to your local machine and make the changes to:
- replace the default logo with your image (clientLogo.jpg),
- adjust the .css
- define filters for the certificates.
At the moment of running the image, follow the instructions of Step 3
Step 4- Test Alison wizard
Open your browser pointing to http://localhost:8080/acme (or the port defined by you) to access the URL where you published your Alison Wizard installation. You'll see the following image.
| If you can see this image means that you have Alison Wizard running into your docker container. |  |
.
Add Custom Tenant
After you have Alison Wizard running on your own container, you can add a custom tenant following the next steps:
Step 5- Download a custom example (looney) and customize
This file contains the full customized example: looney-demo.tgz. After extracting the contents you will find a directory named "looney-plus-validation-demo" with the following files and directories:
This file contains a full example, with the following variables defined into a docker-compose file:
| Variable | Value |
|---|---|
| ENABLED_TENANTS | looney |
| WIZARD_SECRET_KEY_BASE | 95820b3cea66376d006bf3ca3adf48287c1fc671e81c5956f8cd56aaffc4ac707673872d3d8561e14d851dea4c685a9874329a86f5c4b741e6e187cb70895820 |
| BASE_INSTALLERS_PATH | https://s3.amazonaws.com/downloads.certisur.net/installers |
Your docker-compose file is already configured to mount the following volumes.
| External directory | Container directory |
|---|---|
| ./wizard/tenants | /opt/jboss/config/tenants |
| ./wizard/logs | /opt/jboss/logs |
Note: ./wizard/tenants external directory is the directory included in the example tenant config file (looney-demo.tgz) that you downloaded and stored on your local computer.
Note
For more details about Alison Wizard configuration variables, see next section Wizard Configuration.
Step 6- Configure docker-compose.yml and restart the container
The previous variables and volume mappings are used to define the new configuration, in this example as a docker_compose.yml file.
version: '3'
services:
wizard:
image: certisursa/wizard:latest
environment:
ENABLED_TENANTS: looney
WIZARD_SECRET_KEY_BASE: 95820b3cea66376d006bf3ca3adf48287c1fc671e81c5956f8cd56aaffc4ac707673872d3d8561e14d851dea4c685a9874329a86f5c4b741e6e187cb70895820
BASE_INSTALLERS_PATH: https://s3.amazonaws.com/downloads.certisur.net/installers
volumes:
- "./wizard/tenants:/opt/jboss/config/tenants"
- "./wizard/logs:/opt/jboss/logs"
ports:
- 8082:8080
Launch the container from a shell
> docker-compose --verbose -f docker-compose.yml up -d
Open your browser pointing to http://localhost:8082/looney (or the port defined by you) to access the URL where you published your Alison Wizard installation. You'll see the following image.
| If you can see this image means that you have Alison Wizard running into your docker container. |
|
Certificate Validation
Up to here, you can change look&feel like logos, styles, from the front-end. Your customer can download the desktop application, install it and test that is integrated to the browser.
To complete installation you can add a validation module (Debbie) to check your customer's certificates.
Add Validation
After you have Alison Wizard running on your own container, you can add custom validation for your customer's certificates following the next steps:
Step 7- Download Debbie module
Debbie is a validation module
# docker pull certisursa/debbie:latest latest: Pulling from certisursa/debbie a02a4930cb5d: Pull complete b5ffff9dbcda: Pull complete ... 7e5f58de12ac: Pull complete Digest: sha256:332ee89371399b7.... Status: Downloaded newer image for certisursa/debbie:latest docker.io/certisursa/debbie:latest
Step 8- Customize (looney) example and restart containers
In step 5, you have already downloaded the looney example, which includes a local configuration for Debbie.
Extend your docker-compose.yml file to include Debbie image. It should look like:
version: '3'
services:
debbie:
image: certisursa/debbie:latest
volumes:
- "./debbie/config:/app/config"
- "./debbie/repository:/app/repository"
- "./debbie/logs:/app/log"
ports:
- 8081:8080
wizard:
image: certisursa/wizard:latest
environment:
ENABLED_TENANTS: looney
WIZARD_SECRET_KEY_BASE: 95820b3cea66376d006bf3ca3adf48287c1fc671e81c5956f8cd56aaffc4ac707673872d3d8561e14d851dea4c685a9874329a86f5c4b741e6e187cb70895820
BASE_INSTALLERS_PATH: https://s3.amazonaws.com/downloads.certisur.net/installers
DEBBIE_BASE_URL: http://localhost:8081
volumes:
- "./wizard/tenants:/opt/jboss/config/tenants"
- "./wizard/logs:/opt/jboss/logs"
ports:
- 8082:8080
Look that the following variable was added to wizard configuration on your docker compose file, pointing to the Debbie services port.
| Variable | Value |
|---|---|
| DEBBIE_BASE_URL | http://localhost:8081 |
Launch the container from a shell
> docker-compose --verbose -f docker-compose.yml up -d
To test that Debbie is up and running, open your browser pointing to http://localhost:8081/looney/healthcheck to access the URL where you published your Debbie installation.
Note
For more details about Debbie configuration and licensing, see Debbie Configuration.