Page MenuHomeDevCentral

Deploy Auth Grove to login.nasqueron.org
Open, NormalPublic

Description

Will be the fount of authentication, to log in to other applications with one account.

Event Timeline

dereckson created this task.Mar 31 2015, 02:33
dereckson updated the task description. (Show Details)
dereckson raised the priority of this task from to Normal.
dereckson added a project: Auth Grove.
dereckson added a subscriber: dereckson.

Application name set to Auth Grove.

ASCII art logo possibilities could be found at P52.

dereckson moved this task from Backlog to Epics & trackers on the Auth Grove board.Apr 26 2015, 19:49
dereckson renamed this task from Offer a login.nasqueron.org authentication service to Deploy Auth Grove to login.nasqueron.org.

Docker image
I'm preparing rDGROVE with D375.

DNS

login.nasqueron.org. 86400 IN CNAME www3.nasqueron.org.

dereckson moved this task from Backlog to Working on on the Servers board.

MySQL

Dwellers
$ mysql-acquisitariat-client 
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 25258597
Server version: 5.7.11 MySQL Community Server (GPL)

Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> CREATE DATABASE login;
Query OK, 1 row affected (0.09 sec)

mysql> GRANT ALL PRIVILEGES ON login.* TO 'login'@'%' IDENTIFIED BY '…';                                                                        
Query OK, 0 rows affected, 1 warning (0.25 sec)

Password stored in K67.

1#!/bin/sh
2
3# -------------------------------------------------------------
4# Auth Grove
5# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
6# Author: Sébastien Santoro aka Dereckson
7# Project: Nasqueron
8# Created: 2016-05-21
9# Description: SSO for Nasqueron services.
10# Image: nasqueron/auth-grove
11# Services used: MySQL server (acquisitariat)
12# Docker volume (/data/notifications/storage)
13# -------------------------------------------------------------
14
15# -------------------------------------------------------------
16# Container parameters
17# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
18
19INSTANCE_NAME=login
20PORT=25080
21MYSQL_INSTANCE=acquisitariat
22STORAGE=/data/login/storage
23CANONICAL_URL=http://login.nasqueron.org
24
25# -------------------------------------------------------------
26# Database parameters
27#
28# Get credentials from zr
29# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
30
31MYSQL_HOST=mysql
32MYSQL_USER=`ssh -4 -i /root/.ssh/id_zr zr@ysul.nasqueron.org getcredentials 67 username`
33MYSQL_PASS=`ssh -4 -i /root/.ssh/id_zr zr@ysul.nasqueron.org getcredentials 67`
34MYSQL_DB=$INSTANCE_NAME
35
36# -------------------------------------------------------------
37# Run the container
38# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
39
40# Checks container isn't running
41docker-container-status $INSTANCE_NAME > /dev/null
42if [ "$?" -lt 2 ]; then
43 echo "Container is already running."
44 echo "To force relaunch, try docker stop $INSTANCE_NAME ; docker rm $INSTANCE_NAME ; $0"
45 exit 1
46fi
47
48mkdir -p $STORAGE
49chcon -Rt svirt_sandbox_file_t $STORAGE
50chown 431:433 $STORAGE
51docker run -t -d \
52 --link $MYSQL_INSTANCE:$MYSQL_HOST \
53 -p $PORT:80 \
54 -e DB_HOST=$MYSQL_HOST \
55 -e DB_DATABASE=$MYSQL_DB \
56 -e DB_USERNAME=$MYSQL_USER \
57 -e DB_PASSWORD=$MYSQL_PASS \
58 -e CANONICAL_URL="$CANONICAL_URL" \
59 --name $INSTANCE_NAME nasqueron/auth-grove
60
61echo "Deployment done at `date`."
62exit 0

Current status

Container is deployed, a procedure to spin a new container or upgrade the code inside the current container is documented at http://agora.nasqueron.org/Operations_grimoire/Login.

Still to do

There is a minimal level of features still to implement to use it for Nasqueron.

Then, we'll need to link services to it.

dereckson removed dereckson as the assignee of this task.Mar 8 2018, 21:07

The run-login script has been migrated in D1808 into Salt state.

dereckson reopened this task as Open.Sep 22 2018, 10:51