chore: updated readme to mention the vault service

walt-id · Oct 9, 2024 · 0f47b74 · 0f47b74
1 parent 8b09895
commit 0f47b74
Show file tree

Hide file tree

Showing 3 changed files with 43 additions and 2 deletions.
diff --git a/docker-compose/README.md b/docker-compose/README.md
@@ -16,13 +16,54 @@ above command again.
 docker-compose down
 ```
 
+### Starting services selectively
+
+It is possible to start services selectively, including their dependencies.
+
+#### Start the demo wallet and all dependant services
+
+```console
+docker compose up waltid-demo-wallet
+```
+
+will start automatically:
+- caddy
+- postgres
+- wallet-api
+- and waltid-web-wallet
+
+#### Start services using compose profiles
+
+`COMPOSE_PROFILES` environment variable located in the .env file allows the selection of
+profiles to start the services for. Currently, the services are available with 2 profiles:
+
+- identity - for the waltid-identity services
+- tse - for the Hashicorp vault service, will be initialized with:
+  - a transit secrets engine
+  - and authentication methods
+    - approle - for my-role, where role-id and secret-id will be output in the console<sup>1</sup>
+    - userpass - for myuser with mypassword
+    - access-token - with dev-only-token
+
+Profiles can be combined, e.g. `COMPOSE_PROFILES=identity,tse` - will start the
+waltid-identity services and the vault (also can be done with the `all` profile).
+
+<sup>1</sup> - example output:
+
+```console
+vault-init            | Role ID: 66f3f095-74c9-b270-9d1f-1f842aa6bf3f
+vault-init            | Secret ID: 3abf1e00-2dc1-9e77-0705-9a81a95c7c59
+```
+
+
 ## Port mapping
 
 ### Services
 
 - Wallet API: [http://localhost:7001](http://localhost:7001)
 - Issuer API: [http://localhost:7002](http://localhost:7002)
 - Verifier API: [http://localhost:7003](http://localhost:7003)
+- Hashicorp vault: [http://localhost:8200](http://localhost:8200)
 
 ### Apps
 

diff --git a/docker-compose/docker-compose.yaml b/docker-compose/docker-compose.yaml
@@ -177,7 +177,7 @@ services:
         condition: service_healthy
     entrypoint: /bin/sh -c "/vault/scripts/init.sh"
     volumes:
-      - ./vault/init.sh:/vault/scripts/init.sh
+      - ./vault/init.sh:/vault/scripts/init.sh:rw
 
   caddy:
     image: docker.io/caddy:2

diff --git a/docker-compose/vault/init.sh b/docker-compose/vault/init.sh
@@ -21,7 +21,7 @@ echo "Enable Userpass Authentication"
 vault auth enable userpass
 
 echo "Create a User with Userpass Authentication"
-vault write auth/userpass/users/my-user password=my-password policies=transit-policy
+vault write auth/userpass/users/myuser password=mypassword policies=transit-policy
 
 echo "Enable AppRole Authentication"
 vault auth enable approle