dex/contrib/standup-db.sh

86 lines
2.7 KiB
Bash

# This file will do everything necessary to bring up a working Dex
# environment, connected to a Postgres DB and with a local and Google OIDC
# connector; When the script is completed, you will have three processes running
# in the background of your (bash) shell: an Dex Overlord, an Dex Worker,
# and the example app.
#
# It assumes you are in the root directory of the Dex project and that you
# have psql installed and running.
#
# USAGE:
#
# DEX_GOOGLE_CLIENT_ID=<<your_client_id>> DEX_GOOGLE_CLIENT_SECRET=<<your_client_secret>> && source contrib/standup-db.sh
#
# NOTE: As you can see from above, this file is meant to be *sourced* not executed directly.
# Build components.
./build
# Set DB var
DEX_DB=dex_dev
DEX_DB_URL=postgres://localhost/$DEX_DB?sslmode=disable
export DEX_WORKER_DB_URL=$DEX_DB_URL
# Delete/create DB
dropdb $DEX_DB; createdb $DEX_DB
DEX_KEY_SECRET=$(dd if=/dev/random bs=1 count=32 2>/dev/null | base64 | tr -d '\n')
# Start the overlord
export DEX_OVERLORD_DB_URL=$DEX_DB_URL
export DEX_OVERLORD_KEY_SECRETS=$DEX_KEY_SECRET
export DEX_OVERLORD_KEY_PERIOD=1h
export DEX_OVERLORD_ADMIN_API_SECRET=$(dd if=/dev/random bs=1 count=128 2>/dev/null | base64 | tr -d '\n')
./bin/dex-overlord &
echo "Waiting for overlord to start..."
until $(curl --output /dev/null --silent --fail http://localhost:5557/health); do
printf '.'
sleep 1
done
# Create a client
eval "$(./bin/dexctl --db-url=$DEX_DB_URL new-client http://127.0.0.1:5555/callback)"
# Set up connectors
DEX_CONNECTORS_FILE=$(mktemp /tmp/dex-conn.XXXXX)
DEX_GOOGLE_ISSUER_URL=https://accounts.google.com
cat << EOF > $DEX_CONNECTORS_FILE
[
{
"type": "local",
"id": "local"
},
{
"type": "oidc",
"id": "google",
"issuerURL": "$DEX_GOOGLE_ISSUER_URL",
"clientID": "$DEX_GOOGLE_CLIENT_ID",
"clientSecret": "$DEX_GOOGLE_CLIENT_SECRET",
"trustedEmailProvider": true
}
]
EOF
./bin/dexctl --db-url=$DEX_DB_URL set-connector-configs $DEX_CONNECTORS_FILE
# Start the worker
export DEX_WORKER_DB_URL=$DEX_DB_URL
export DEX_WORKER_KEY_SECRETS=$DEX_KEY_SECRET
export DEX_WORKER_LOG_DEBUG=1
export DEX_WORKER_EMAIL_CFG=static/fixtures/emailer.json.sample
export DEX_WORKER_ENABLE_REGISTRATION=true
./bin/dex-worker &
echo "Waiting for worker to start..."
until $(curl --output /dev/null --silent --fail http://localhost:5556/health); do
printf '.'
sleep 1
done
# Start the app
./bin/example-app --client-id=$DEX_APP_CLIENT_ID --client-secret=$DEX_APP_CLIENT_SECRET --discovery=http://127.0.0.1:5556 &
# Create Admin User - the password is a hash of the word "password"
curl -X POST --data '{"email":"admin@example.com","password":"$2a$04$J54iz31fhYfXIRVglUMmpufY6TKf/vvwc9pv8zWog7X/LFrFfkNQe" }' --header "Authorization: $DEX_OVERLORD_ADMIN_API_SECRET" http://127.0.0.1:5557/api/v1/admin