Info on running via docker-compose

This commit is contained in:
Filip Gralinski 2021-04-27 07:56:55 +02:00
parent 3c068c4176
commit adbb9298f7
4 changed files with 41 additions and 1 deletions

1
.gitignore vendored
View File

@ -23,3 +23,4 @@ arena/r*
gonito-*.tar.gz
stack.yaml.lock
.env
certs/

View File

@ -17,6 +17,8 @@ See the home page (and an instance of Gonito) at https://gonito.net .
Installation
------------
## For development
[Gonito](https://gonito.net) is written in [Haskell](https://www.haskell.org) and uses
[Yesod Web Framework](http://www.yesodweb.com/), but all you need is
just [the Stack tool](https://github.com/commercialhaskell/stack). See https://github.com/commercialhaskell/stack
@ -39,6 +41,33 @@ After installing Stack:
The last command will start the Web server with Gonito (go to
http://127.0.0.1:3000 in your browser).
## With docker-compose
The easiest way to run Gonito is with docker-compose.
git clone https://gitlab.com/filipg/gonito
cd gonito
cp sample.env .env
# now you need to edit .env manually,
# in particular, you need to set up the administrator's
# password and paths to volumes for the volumes,
# cloned data ("arena"), certificates and SSH data;
# also you need to set up your certificate
# here is an easy way to do it just for local
# testing
mkdir certs
cd certs
# generating certificates for HTTPS, remember to
# set the `NGINX_CERTIFICATE_DIR` variable in `.env`
# so that it would point to `certs` here
openssl req -x509 -newkey rsa:4096 -keyout privkey.pem -out fullchain.pem -days 365 -nodes
cd ..
docker-compose up
Gonito will be available at <https://127.0.0.1/>. Of course, your
browser will complain about "Potential Security Risk" as these are
local certificates.
Gonito & git
------------

View File

@ -66,7 +66,7 @@ location: "_env:LOCATION:"
#
# https://<HOST>/auth/realms/<REALM>/protocol/openid-connect/certs
#
# (key/0 element).
# (key/0 element, not the whole JSON!).
#
# Note: at the moment, only RS256 is handled.
json-web-key: "_env:JSON_WEB_KEY"

View File

@ -11,4 +11,14 @@ NGINX_CERTIFICATE_DIR=/home/user/certs
GONITO_IS_PUBLIC=true
GONITO_SSH_DIRECTORY=/home/user/.ssh
GONITO_VIEWING_PROGRESS_STYLE=with-web-sockets
# JWK key
#
# If you use Keycloak, it can be retrived via:
#
# https://<HOST>/auth/realms/<REALM>/protocol/openid-connect/certs
#
# (key/0 element, not the whole JSON!).
#
# Note: at the moment, only RS256 is handled.
JSON_WEB_KEY={"kty":"RSA", "alg":"RS256", "use":"sig", "kid":"h01jmt_bD-1Di8i_GYbEV2a4NxhptzySHO-R8VuNHVA", "e":"AQAB", "n": "qG1elE6KPW3BYMxNpgK73MoksvbrUSfpRY4z9hU5iMsJREyD5Ar6XpjM1xAr6G7xglnOoumPC9o6FqhDHihm6QdJ5s5MA9ZyGkbi--kvy9Qc2d_VIGU-UR4vwyk3hAwXOFLhoknpQrJBJmMQvGFdas1Yr-m9EIWwT1zN7neHZkRUYZSVyQw_XghtMIWAUsLnhr6mM7nstHLafgxe5Qamzuc4K5EC_qipFXu4ugYkMDnaknlhkT43m7tcduVDnv5GV_4dBesF7FRII8tgUQWyw3Ty_FIoq43SInUPU_9cxA-qPGQz5C50th2aJl1z1snpLWS_1Zfsa8lnFsMj8_oh6w"}