-
Notifications
You must be signed in to change notification settings - Fork 1
/
Makefile
78 lines (63 loc) · 2.69 KB
/
Makefile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
PI_VERSION := 3.10.1
PI_VERSION_BUILD := 3.10.1
IMAGE_NAME := privacyidea-docker:${PI_VERSION}
BUILDER := docker build
CONTAINER_ENGINE := docker
PI_PEPPER := $(shell cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)
PI_SECRET := $(shell cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)
DB_PASSWORD := $(shell cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)
PI_ADMIN_PASS := $(shell cat /dev/urandom | tr -dc 'a-zA-Z0-9$!%' | fold -w 16| head -n1)
SSL_SUBJECT="/C=DE/ST=SomeState/L=SomeCity/O=privacyIDEA/OU=reverseproxy/CN=localhost"
REGISTRY := localhost:5000
PORT := 8080
TAG := prod
PROFILE := stack
build:
${BUILDER} --no-cache -t ${IMAGE_NAME} --build-arg PI_VERSION_BUILD=${PI_VERSION_BUILD} --build-arg PI_VERSION=${PI_VERSION} .
push:
${CONTAINER_ENGINE} tag ${IMAGE_NAME} ${REGISTRY}/${IMAGE_NAME}
${CONTAINER_ENGINE} push ${REGISTRY}/${IMAGE_NAME}
cert:
@openssl req -x509 -newkey rsa:4096 -keyout templates/pi.key -out templates/pi.pem -sha256 -days 3650 -nodes -subj "${SSL_SUBJECT}" 2> /dev/null
@echo Certificate generation done...
secrets:
@echo Generate new secrets for environment file
@echo -----------------------------------------
@echo PI_SECRET=$(PI_SECRET)
@echo PI_PEPPER=$(PI_PEPPER)
@echo PI_ADMIN_PASS=$(PI_ADMIN_PASS)
@echo DB_PASSWORD=$(DB_PASSWORD)
@echo -----------------------------------------
@echo Please replace within your environment file
stack:
@PI_BOOTSTRAP="true" \
${CONTAINER_ENGINE} compose --env-file=environment/application-${TAG}.env -p ${TAG} --profile=${PROFILE} up -d
@echo
@echo Access to privacyIDEA Web-UI: https://localhost:8443
fullstack:
@PI_BOOTSTRAP="true" \
${CONTAINER_ENGINE} compose --env-file=environment/application-${TAG}.env -p ${TAG} --profile=fullstack up -d
@echo
@echo Access to privacyIDEA Web-UI: https://localhost:8443
run:
@${CONTAINER_ENGINE} run -d --name ${TAG}-privacyidea \
-e PI_PASSWORD=admin \
-e PI_ADMIN=admin \
-e PI_ADMIN_PASS=admin \
-e DB_PASSWORD=superSecret \
-e PI_PEPPER=superSecret \
-e PI_SECRET=superSecret \
-e PI_PORT=8080 \
-e PI_LOGLEVEL=INFO \
-p ${PORT}:${PORT} \
${IMAGE_NAME}
@echo Access to privacyIDEA Web-UI: http://localhost:${PORT}
@echo Username/Password: admin / admin
clean:
@${CONTAINER_ENGINE} rm --force ${TAG}-privacyidea
distclean:
@echo -n "Warning! This will remove all related volumes: Are you sure? [y/N] " && read ans && if [ $${ans:-'N'} = 'y' ]; then make make_distclean; fi
make_distclean:
@echo Remove container and volumes
@${CONTAINER_ENGINE} rm --force ${TAG}-privacyidea
@${CONTAINER_ENGINE} volume rm ${TAG}_mysql --force