Documentation to deploy FusionIAM on Ubuntu

ca5300db · Clément OUDOT · ede5142f · ca5300db
Commit ca5300db authored Apr 15, 2022 by Clément OUDOT
--- a/doc/install-fusioniam-ubuntu.md
+++ b/doc/install-fusioniam-ubuntu.md
+# Installation of FusionIAM on Ubunutu
+
+Minimal Ubuntu version: 20.10
+
+## Get the prerequisites
+
+Install podman :
+```
+sudo apt install podman
+```
+
+## Get FusionIAM
+
+Clone git repository:
+```
+git clone https://gitlab.ow2.org/fusioniam/fusioniam.git
+```
+
+## Configure
+
+Copy sample configuration and tune it:
+```
+cd fusioniam/
+cp run/ENVVAR.example run/
+sed -i 's/ENVVAR.example/ENVVAR/g' run/*.sh
+```
+
+Generate new keys for SAML and OpenID Connect:
+```
+mkdir -p run/volumes/llng-keys
+openssl req -new -newkey rsa:4096 -keyout run/volumes/llng-keys/saml.key -nodes -out run/volumes/llng-keys/saml.pem -x509 -days 3650
+openssl genrsa -out run/volumes/llng-keys/oidc.key 4096
+openssl rsa -pubout -in run/volumes/llng-keys/oidc.key -out run/volumes/llng-keys/oidc_pub.key
+```
+
+Update passwords, sso domain and customer id in run/ENVVAR.
+
+## Set reverse proxy
+
+As all containers are listening on localhost, you need to set a web server on your host.
+
+For example with Apache2:
+```
+sudo apt install apache2
+```
+```
+sudo vi /etc/apache2/sites-available/demo-fusioniam.conf
+```
+```
+<VirtualHost *:80>
+  ServerName auth.<your SSO domain>
+  ServerAlias manager.<your SSO domain>
+  ServerAlias api-manager.<your SSO domain>
+  ServerAlias wp.<your SSO domain>
+  ServerAlias sd.<your SSO domain>
+  ServerAlias fd.<your SSO domain>
+
+  ProxyPreserveHost on
+  ProxyPass / http://localhost:8080/
+  ProxyPassReverse / http://localhost:8080/
+</VirtualHost>
+```
+```
+sudo a2ensite demo-fusioniam.conf
+sudo a2enmod proxy proxy_http
+sudo systemctl restart apache2
+```
+
+## Run
+
+Launch all containers:
+```
+run/start-all.sh
+```
+
+## Use
+
+Connect to http://auth.<your SSO domain> and login with account fusioniam-admin and password set in `ADMIN_LDAP_PASSWORD`