Refer documentation.
- Install the following packages (or equivalent ones for your system).
sudo apt install libsqlcipher-dev libsqlite3-dev
- Initialize virtualenv:
virtualenv venv_token_seeder
- Edit the
activate
file of the virtualenv (venv_token_seeder/bin/activate
), and add the following lines in the end of the file.export TOKENSEEDER_GUNICORN__WORKERS=3 export TOKENSEEDER_GUNICORN__MAX_REQUESTS=10000 export TOKENSEEDER_GUNICORN__TIMEOUT=5 export TOKENSEEDER_GUNICORN__KEEP_ALIVE=5 export TOKENSEEDER_DB__LOCATION="sqlite:///auth_token_seeder.dbsqlite" export TOKENSEEDER_DB__GENERATE_DB_ALWAYS="false" export TOKENSEEDER_DB__PRINT_PASSWORD_ON_STARTUP="true" export TOKENSEEDER_MOSIP_AUTH__PARTNER_APIKEY= export TOKENSEEDER_MOSIP_AUTH__PARTNER_MISP_LK= export TOKENSEEDER_MOSIP_AUTH__PARTNER_ID= export TOKENSEEDER_MOSIP_AUTH_SERVER__IDA_AUTH_DOMAIN_URI= export TOKENSEEDER_MOSIP_AUTH_SERVER__IDA_AUTH_URL= export TOKENSEEDER_CRYPTO_ENCRYPT__ENCRYPT_CERT_PATH= export TOKENSEEDER_CRYPTO_SIGNATURE__SIGN_P12_FILE_PATH= export TOKENSEEDER_CRYPTO_SIGNATURE__SIGN_P12_FILE_PASSWORD= alias run_token_seeder_dev='TOKENSEEDER_DB__PASSWORD=$(python3 -m mosip_token_seeder.repository dbinit) gunicorn -n "gunicorn" --worker-class uvicorn.workers.UvicornWorker --workers ${TOKENSEEDER_GUNICORN__WORKERS} --bind 0.0.0.0:8080 --max-requests ${TOKENSEEDER_GUNICORN__MAX_REQUESTS} --timeout ${TOKENSEEDER_GUNICORN__TIMEOUT} --keep-alive ${TOKENSEEDER_GUNICORN__KEEP_ALIVE} --access-logfile "-" --error-logfile "-" app:app'
- Create a new folder
certs
, and place the client certificates, etc there. - Configure the above environment variables in the activate script with the appropriate client details and certs.
- Install the python requirements:
source venv_token_seeder/bin/activate pip3 install -r mosip_token_seeder/requirements.txt deactivate
- Activate virtual env.
source venv_token_seeder/bin/activate
- When running tokenseeder locally for the very first time, run it with the env variable.
TOKENSEEDER_DB__GENERATE_DB_ALWAYS="true" run_token_seeder_dev
- For the subsequent runs, simply use.
Access localhost:8080 on browser. Access localhost:8080/docs for apidocs.
run_token_seeder_dev
- For running only the authenticator for single authentication:
- Configure
mosip_auth
,mosip_auth_server
andcrypto_
sections inauthenticator/authenticator-config.toml
. And place the certificate and keys appropriately. - Then run (sample json given in samples folder):
python3 -m mosip_token_seeder.authenticator demoauth <json>
- Configure
docker run -it --rm \
--name token-seeder \
-p 8080:8080 \
-v <local-certs-path>:/seeder/certs \
-e TOKENSEEDER_MOSIP_AUTH__PARTNER_APIKEY= \
-e TOKENSEEDER_MOSIP_AUTH__PARTNER_MISP_LK= \
-e TOKENSEEDER_MOSIP_AUTH__PARTNER_ID= \
-e TOKENSEEDER_MOSIP_AUTH_SERVER__IDA_AUTH_DOMAIN_URI= \
-e TOKENSEEDER_MOSIP_AUTH_SERVER__IDA_AUTH_URL= \
-e TOKENSEEDER_CRYPTO_ENCRYPT__ENCRYPT_CERT_PATH=/seeder/certs/<ida.partner.cert> \
-e TOKENSEEDER_CRYPTO_SIGNATURE__SIGN_P12_FILE_PATH=/seeder/certs/<client.p12> \
-e TOKENSEEDER_CRYPTO_SIGNATURE__SIGN_P12_FILE_PASSWORD= \
mosipdev/mosip-token-seeder:develop
-
cd helm
- Configure
seeder.mandatoryValidationFields
andseeder.cleanup
sections in values.yaml, with the desired values.- Or post installation; edit these values in
mosip-token-seeder
configmap and restart tokenseeder pod.
- Or post installation; edit these values in
- Install
kubectl
andhelm
utilities. Then run:./install.sh [cluster-kubeconfig-file]