Skip to content

Instantly share code, notes, and snippets.

@whytheplatypus

whytheplatypus/.env

Last active August 8, 2019 01:16
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save whytheplatypus/4b11eec09df978656b9007155a96c7dd to your computer and use it in GitHub Desktop.
Save whytheplatypus/4b11eec09df978656b9007155a96c7dd to your computer and use it in GitHub Desktop.
Download ZIP
local smh -> vmi
Raw
.env
VMI_KEY="vmi key for use by smh"
VMI_SECRET="vmi secret fro use by smh"
SMH_KEY="smh key for use by smh_app"
SMH_SECRET="smh secret for use by smh_app"
APP_VMI_KEY="vmi key for use by smh_app"
APP_VMI_SECRET="vmi secret for use by smh_app"
Raw
README.md

Spin up verify my identity

docker-compose up -d verifymyidentity vmi_db

docker-compose exec verifymyidentity python manage.py migrate

modify your /etc/hosts file such that there is a line that looks like the following.

127.0.0.1       verifymyidentity

Now a user and oauth application needs to be setup in verifymyidentity. For the purposes of this readme the user that owns the application and the user we'll use throughout the rest of the system will be the same, this is just for simplicity and does not have to be the case.

Go to verifymyidentity in the browser of your choice. Click signup and create an account.

Spin up share my health

Share my health needs application credentials from verify my identity so that it can use vmi as it's identity provider.

To do this register an application for share my health on verify my identity. Set the redirect url to http://sharemyhealth:8000/social-auth/complete/verifymyidentity-openidconnect/. Click save and copy the values from Client id and Client secret into the VMI_KEY and VMI_SECRET variables in the .env respectively.

Now smh is ready to be spun up.

docker-compose up -d sharemyhealth smh_db

docker-compose exec sharemyhealth python manage.py migrate

modify your /etc/hosts file such that the line you created before looks like the following.

127.0.0.1       verifymyidentity sharemyhealth

You should now be able to point a browser at sharemyhealth and login with the credentials you created earlier. magic

Spin up smh_app

This system depends on the previous two systems. It uses VMI as an identity provider, and SMH as a resource for data. Those are both oauth (well VMI is oidc but oauth's a superset) so this system needs to register itself in both VMI and SMH.

Register an application with VMI and set the redirect url to http://sharemyhealthapp:8002/social-auth/complete/vmi/. Click save and copy the values from Client id and Client secret into the APP_VMI_KEY and APP_VMI_SECRET variables in the .env respectively.

Register an application with SMH and set the redirect url to http://sharemyhealthapp:8002/social-auth/complete/sharemyhealth/. Click save and copy the values from Client id and Client secret into the SMH_KEY and SMH_SECRET variables in the .env respectively.

Now smh_app is ready to be spun up.

docker-compose up -d sharemyhealth_app smh_app_db

docker-compose exec sharemyhealth_app python manage.py migrate

modify your /etc/hosts file such that the line you created before looks like the following.

127.0.0.1       verifymyidentity sharemyhealth sharemyhealthapp

You can now go to sharemyhealthapp and login. Once logged in you can connect share my health as a data source.

Trouble shooting

Often an app server can be spun up before it's db is ready by docker compose. So try docker-compose restart <verifymyidentity, sharemyhealth, sharemyhealth_app> .

Raw
docker-compose.yml
version: '3'
services:
vmi_db:
image: postgres
environment:
- POSTGRES_DB=vmi
- POSTGRES_PASSWORD=toor
verifymyidentity:
build:
context: vmi/
dockerfile: .development/Dockerfile
command: python3 manage.py runserver 0.0.0.0:8001
environment:
- DATABASES_CUSTOM=postgres://postgres:toor@vmi_db:5432/vmi
- OAUTHLIB_INSECURE_TRANSPORT=true
- OIDC_ISSUER=http://verifymyidentity:8001
- ALLOWED_HOSTS=verifymyidentity,localhost
- ROOT_USER=dev
- ROOT_PASSWORD=password
ports:
- "8001:8001"
volumes:
- ./vmi:/code
smh_db:
image: postgres
environment:
- POSTGRES_DB=smh
- POSTGRES_PASSWORD=toor
sharemyhealth:
build:
context: sharemyhealth/
dockerfile: .development/Dockerfile
volumes:
- ./sharemyhealth:/code
command: python3 manage.py runserver 0.0.0.0:8000
environment:
- DATABASES_CUSTOM=postgres://postgres:toor@smh_db:5432/smh
- HOSTNAME_URL=http://sharemyhealth:8000
- OAUTHLIB_INSECURE_TRANSPORT=true
- ALLOWED_HOSTS=sharemyhealth,localhost
- SOCIAL_AUTH_VERIFYMYIDENTITY_OPENIDCONNECT_KEY=${VMI_KEY}
- SOCIAL_AUTH_VERIFYMYIDENTITY_OPENIDCONNECT_SECRET=${VMI_SECRET}
- SOCIAL_AUTH_VERIFYMYIDENTITY_OPENIDCONNECT_OIDC_ENDPOINT=http://verifymyidentity:8001
- ROOT_USER=dev
- ROOT_PASSWORD=password
ports:
- "8000:8000"
links:
- verifymyidentity
smh_app_db:
image: postgres
environment:
- POSTGRES_DB=smh_app
- POSTGRES_PASSWORD=toor
sharemyhealth_app:
build:
context: smh_app/
dockerfile: .development/Dockerfile
volumes:
- ./smh_app:/code
command: python3 manage.py runserver 0.0.0.0:8002
environment:
- DATABASES_CUSTOM=postgres://postgres:toor@smh_app_db:5432/smh_app
- ALLOWED_HOSTS=sharemyhealthapp,localhost
- VMI_OAUTH_KEY=${APP_VMI_KEY}
- VMI_OAUTH_SECRET=${APP_VMI_SECRET}
- VMI_OAUTH_HOST=http://verifymyidentity:8001
- SMH_OAUTH_KEY=${SMH_KEY}
- SMH_OAUTH_SECRET=${SMH_SECRET}
- SMH_OAUTH_HOST=http://sharemyhealth:8000
- ROOT_USER=dev
- ROOT_PASSWORD=password
ports:
- "8002:8002"
links:
- verifymyidentity
- sharemyhealth
@whytheplatypus
Copy link
Author

this all needs to sit in the containing directory of the sharemyhealth and vmi folders.

The directory structure should look like the following:

  • docker-compose.yml
  • .env
  • README.md
  • vmi/
  • sharemyhealth/

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment