local mount, profiles and new docs

.gitignore

@@ -17,3 +17,6 @@ example/private/*
 example_sp/djangosaml2_sp/sqlite3.db
 project/*
 docker-example/*
+Docker-compose/satosa/*
+Docker-compose/djangosaml2_sp/*
+Docker-compose/mongo/db/*

Docker-compose/.env

@@ -2,3 +2,4 @@ MONGO_DBUSER=satosa
 MONGO_DBPASSWORD=thatpassword
 SATOSA_HOSTNAME=localhost
 SATOSA_KEYS_FOLDER=./pki
+TZ=Europe/Rome

Docker-compose/docker-compose.yml

@@ -1,55 +1,57 @@
-version: '3'
 services:
   satosa-mongo:
     image: mongo
     container_name: satosa-mongo
-    restart: always
     environment:
       MONGO_INITDB_DATABASE: oidcop
       MONGO_INITDB_ROOT_USERNAME: "${MONGO_DBUSER:-satosa}"
       MONGO_INITDB_ROOT_PASSWORD: "${MONGO_DBPASSWORD:-thatpassword}"
+      TZ: "${TZ:-Europe/Rome}"
     volumes:
-      - mongodata:/data/db
-      - /usr/share/zoneinfo/Europe/Rome:/etc/localtime:ro
+      - ./mongo/db:/data/db
       - ./mongo/init-mongo.sh:/docker-entrypoint-initdb.d/init-mongo.sh
+      # - mongodata:/data/db # to be used for external volumes
     ports:
       - '27017-27019:27017-27019'
     networks:
       - satosa-saml2spid
 
   satosa-mongo-express:
+    profiles:
+      - demo
+      - dataentry
     image: mongo-express
     container_name: satosa-mongo-express
-    restart: always
     ports:
       - 8082:8081
+    depends_on:
+      - satosa-mongo
     environment:
       ME_CONFIG_BASICAUTH_USERNAME: satosauser
       ME_CONFIG_BASICAUTH_PASSWORD: satosapw
       ME_CONFIG_MONGODB_ADMINUSERNAME: "${MONGO_DBUSER:-satosa}"
       ME_CONFIG_MONGODB_ADMINPASSWORD: "${MONGO_DBPASSWORD:-thatpassword}"
       ME_CONFIG_MONGODB_URL: mongodb://${MONGO_DBUSER:-satosa}:${MONGO_DBPASSWORD:-thatpassword}@satosa-mongo:27017/
+      TZ: "${TZ:-Europe/Rome}"
     networks:
       - satosa-saml2spid
-  ## START: PARTE NUOVA
   django_sp:
+    profiles:
+      - demo
     build: 
-        context: ../      
+        context: ../
         args: 
-            - NODE_ENV=local        
+            - NODE_ENV=local
         dockerfile: example_sp/django.Dockerfile
     container_name: django_sp
-    #restart: always
     working_dir: /django_sp
     entrypoint: "sh ../entrypoint.sh"
     volumes:
-       - /usr/share/zoneinfo/Europe/Rome:/etc/localtime:ro
-       - ../example_sp/djangosaml2_sp:/django_sp:rw
+       - ./djangosaml2_sp:/django_sp:rw
     ports:
       - "8000:8000"
     networks:
       - satosa-saml2spid
-## END: PARTE NUOVA
   satosa-saml2spid:
     image: ghcr.io/italia/satosa-saml2spid:latest
     #image: satosa-saml2spid:latest
@@ -64,6 +66,7 @@ services:
     stdin_open: ${SATOSA_DEBUG:-false}   # enables PDB when attach to the compose
     tty: ${SATOSA_DEBUG:-false}   # enables PDB when attach to the compose
     environment:
+      - TZ=${TZ:-Europe/Rome}
       - SATOSA_BY_DOCKER=1
       - GET_IDEM_MDQ_KEY=${GET_IDEM_MDQ_KEY:-true}
 
@@ -110,8 +113,8 @@ services:
     ports:
       - "10000:10000"
     volumes:
-       - /usr/share/zoneinfo/Europe/Rome:/etc/localtime:ro
-       - ../docker-example:/satosa_proxy:rw
+      - ./satosa:/satosa_proxy:rw
+      # - satosadata:/satosa_proxy # to be used for external volumes
     working_dir: /satosa_proxy
     entrypoint: "sh entrypoint.sh"
     networks:
@@ -136,31 +139,37 @@ services:
       - ./nginx/50x.html:/usr/share/nginx/html/50x.html:ro
       - ./nginx/404.html:/usr/share/nginx/html/404.html:ro
       - ./nginx/403.html:/usr/share/nginx/html/403.html:ro
-      - nginx_certs:/etc/nginx/certs:ro
-      - ../docker-example/static:/var/www/html
+      - ./nginx/certs:/etc/nginx/certs:ro
+      - ./satosa/static:/var/www/html
+      # - static:/var/www/html # to be used for external volumes
     networks:
       - satosa-saml2spid
     environment:
       - NGINX_HOST=${SATOSA_HOSTNAME:-localhost}
-
   spid-samlcheck:
+    profiles:
+      - demo
     image: italia/spid-saml-check
     container_name: spid-samlcheck
     ports:
       - "8443:8443"
     networks:
       - satosa-saml2spid
-
-volumes:
-
-  mongodata:
-    name: satosa-saml2spid_mongodata
-    external: true
-
-  nginx_certs:
-    name: satosa-saml2spid_nginx_certs
-    external: true
-
 networks:
   satosa-saml2spid:
     name: satosa-saml2spid
+
+## External volumes 
+# volumes:
+#   mongodata:
+#     name: satosa-saml2spid_mongodata
+#     external: true
+#   nginx_certs:
+#     name: satosa-saml2spid_nginx_certs
+#     external: true
+#   satosadata:
+#     name: satosa-data
+#     external: true
+#   static:
+#     name: satosa-static
+#     external: true

Docker-compose/run-docker-compose.sh

@@ -1,46 +1,85 @@
 #!/bin/bash
-
-function create-volume {
-	if [ ! "$(docker volume ls -q -f name=$1)" ]
-	then
-	    echo -e "Il volume $1 non esiste, lo creo! \n"
-	    docker volume create --name=$1
-	    echo -e "\n"
-	    if [[ ! -z "$2" ]]
-	    then 
-	       echo -e "Ho creato il volume e ci copio i dati da $2 \n"
-	       sudo cp -R $2* `docker volume inspect $1 | jq .[0].Mountpoint | sed 's/"//g'`
-	    fi   
-	else
-	    echo -e "Il volume $1 esiste, non faccio nulla! \n"  
-	fi
+export COMPOSE_PROFILES=demo
+export SKIP_UPDATE=
+function clean_data {
+  rm -Rf ./mongo/db/*
+  rm -Rf ./satosa/*
+  rm -Rf ./djangosaml2_sp/*
 }
 
-create-volume satosa-saml2spid_nginx_certs nginx/certs/
-create-volume satosa-saml2spid_mongodata 
-
-echo -e "\n"
-
-echo -e "Provo a scaricare le nuove versioni. \n"
-
-docker compose -f docker-compose.yml pull
-
-echo -e "\n"
-
-echo -e "Provo a fare il down della composizione. \n"
+function initialize_satosa {
+  mkdir -p ./satosa
+  mkdir -p ./djangosaml2_sp
+  mkdir -p ./mongo/db
 
-docker compose -f docker-compose.yml down -v
-
-echo -e "\n"
-
-echo -e "Tiro su la composizione, in caso, con le nuove versioni delle immagini. \n"
+  if [ ! -f ./satosa/proxy_conf.yaml ]; then cp -R ../example/* ./satosa/ ; else echo 'satosa directory is already initialized' ; fi
+  if [ ! -f ./djangosaml2_sp/run.sh ]; then cp -R ../example_sp/djangosaml2_sp/* ./djangosaml2_sp ; else echo 'djangosaml2_sp directory is already initialided' ; fi
+}
 
-docker compose -f docker-compose.yml build django_sp
+function update {
+  if [[ -z "${SKIP_UPDATE}" ]]; then
+    echo -e "Provo a scaricare le nuove versioni. \n"
+    docker compose -f docker-compose.yml pull
+    echo -e "\n"
+    echo -e "Provo a fare il down della composizione. \n"
+    docker compose -f docker-compose.yml down -v
+    echo -e "\n"
+    echo -e "Tiro su la composizione, in caso, con le nuove versioni delle immagini. \n"
+    docker compose -f docker-compose.yml build django_sp
+  fi
+}
 
-docker compose -f docker-compose.yml up -d --wait --wait-timeout 60
+function start {
+  docker compose -f docker-compose.yml up --wait --wait-timeout 60 --remove-orphans
+  echo -e "\n"
+  echo -e "Completato. Per visionare i logs: 'docker-compose -f docker-compose.yml logs -f'"
+  exit 0
+}
 
-echo -e "\n"
+function help {
+  echo ""
+  echo "### run-docker-compose.sh ###"
+  echo ""
+  echo "initialize check update and start Satosa-Saml2Spid"
+  echo ""
+  echo "Option"
+  echo "-f Force clean and reinitialize data for Satosa, MongoDB and Djangosaml2_SP"
+  echo "-h Print this help"
+  echo "-p Set production profile: start satosa, nginx, mongo"
+  echo "-s Skip docker image update"
+  echo "-d Set data entry profile: start satosa, nginx, mongo, mongo-express"
+  echo "   if isn't set -d or -p defatult demo profile is started"
+  echo "   default demo profile start: satosa, nginx, mongo, mongo-express, django-sp, spid-saml-check"
+}
 
-echo -e "Completato. Per visionare i logs: 'docker-compose -f docker-compose.yml logs -f'"
+while getopts ":fpdsh" opt; do
+  case ${opt} in
+   f)
+     clean_data
+     ;;
+   p)
+     unset COMPOSE_PROFILES
+     ;;
+   d)
+     COMPOSE_PROFILES=dataentry
+     ;;
+   s)
+     SKIP_UPDATE=true
+     ;;
+   h)
+     help
+     exit 0
+     ;;
+   ?)
+     echo "Invalid option: -${OPTARG}."
+     echo ""
+     help
+     exit 1
+     ;;
+  esac
+done
+initialize_satosa
+update
+start
+echo $SKIP_UPDATE
 
-exit 0

Docker-compose/satosa/.gitignore

@@ -0,0 +1 @@
+!.gitignore

Docker-compose/stop-docker-compose.sh

@@ -3,6 +3,6 @@ echo -e "\n"
 
 echo -e "Eseguo il down della composizione. \n"
 
-docker compose -f docker-compose.yml down -v
+docker compose -f docker-compose.yml --profile "*" down -v --remove-orphans
 
 exit 0

Dockerfile

@@ -18,20 +18,14 @@ LABEL org.opencontainers.image.authors=$AUTHORS \
       org.opencontainers.image.revision=$VCS_REF \
       org.opencontainers.image.description="Docker Image di Satosa-Saml2Spid."
 
-RUN apk update
-RUN apk add --update --no-cache tzdata
-RUN cp /usr/share/zoneinfo/Europe/Rome /etc/localtime
-RUN echo "Europe/Rome" > /etc/timezone
-RUN apk del tzdata
-
-# fix: no /etc/mime.types file found.
-RUN apk add mailcap
 
 COPY requirements.txt /
 
 ENV BASEDIR="/satosa_proxy"
 
-RUN apk add --update xmlsec libffi-dev openssl-dev python3 py3-pip python3-dev procps git openssl build-base gcc wget bash jq yq-go pcre-dev
+# "tzdata"  package is required to set timezone with TZ environment
+# "mailcap" package is required to add mimetype support
+RUN apk add --update --no-cache tzdata mailcap xmlsec libffi-dev openssl-dev python3 py3-pip python3-dev procps git openssl build-base gcc wget bash jq yq-go pcre-dev
 
 RUN python3 -m venv .venv && . .venv/bin/activate && pip3 install --upgrade pip setuptools \ 
       && pip3 install -r requirements.txt --ignore-installed --root-user-action=ignore && mkdir $BASEDIR