Skip to main content

Quick SignBox installation

Download solution package from here.

info

Archive password is available for partners-only.

  1. Install docker and docker-compose to be able to run docker-compose.yml configuration file. Create signbox network.
sudo apt install docker.io
sudo apt install docker-compose
docker create network signbox
  1. Copy all files from solution package (download) to client linux environment folder /opt/DMSS/
  2. Give max permissions to all files inside /opt/DMSS/ using command:
sudo chmod 777 -R /opt/DMSS/
  1. In docker-compose.yml uncomment this line for a first run of docker-compose command
#  /opt/DMSS/db-init-script:/docker-entrypoint-initdb.d/
tip

After initial run DB and DB user will be created what means, comment could be added back to this line.

  1. Adjust solution configuration files for a necessary client host. This operation should be done in multiple locations:
  • Open file /opt/DMSS/docker-compose.yml. Find service name: keycloak. Adjust ENVIRONMENT variables:
          HOST_NAME=https://[YOUR_HOST]
          keycloak_auth_url=https://[YOUR_HOST]
          KEYCLOAK_FRONTEND_URL=https://[YOUR_HOST]/auth
          DB_ADDR=[YOUR_HOST]
  • Open file /opt/DMSS/docker-compose.yml. Find service name: dmss-keycloak. Adjust ENVIRONMENT variables:
           - 'KEYCLOAK_FRONTEND_URL=https://[YOUR_HOST]/dmsskeycloak/auth/'
            - DB_ADDR=[YOUR_DB_HOST]
            - COOKIE_DOMAIN=[YOUR_HOST]
  • Open file /opt/DMSS/dmss-authentication-service/application.yml. Adjust configuration line:
site-origin: https://[YOUR_HOST]/extportal
  • Open file /opt/DMSS/dmss-nginx/nginx.conf. Adjust both locations of server_name parameter:
	server_name [YOUR_HOST];
  • Open file /opt/DMSS/dmss-process-and-auditing-service/application.yaml. Adjust configuration section:
    dmss:
		extportalUrl: https://[YOUR_HOST]/extportal
		intportalUrl: https://[YOUR_HOST]/
  • Open file /opt/DMSS/ext-portal-static/config.js. Adjust configuration line:
window.DMSS_EXTERNAL_GATEWAY = "https://[YOUR_HOST]/extgateway/api/";
  • Open file /opt/DMSS/int-portal-static/config.js. Adjust configuration section:
	window.SIGNING_PATH = "https://[YOUR_HOST]/intgateway/api/";
	window.AUDITING_PATH = "https://[YOUR_HOST]/intgateway/api";
	window.KEYCLOAK_CONFIG = {
	  url: "https://[YOUR_HOST]/auth/",
	  realm: "TrustLynx",
	  clientId: "signing",
	};
  • Open file /opt/DMSS/ext-portal-static/keycloak.js. Adjust configuration section:
window.KEYCLOAK_CONFIG = {
  url: "https://[YOUR_HOST]/dmsskeycloak/auth/",
  realm: "dm-realm",
  clientId: "dmss-signing-portal",
  "ssl-required": "external",
};
  1. Setup SSL certificate for HTTPS connection.
tip

At this point we suspect that you have valid SSL certificate. With certificate files we understand certificate .pem / .crt file and private key file. More information about SSL certificate configuration using nginx is availabile here.

  • Put SSL certificate files into /opt/DMSS/resources/ssl directory. For example it could be files [YOUR_HOST].key (private key) and [YOUR_HOST].pem (certificate pem or crt file).
  • Open file /opt/DMSS/dmss-nginx/nginx.conf and adjust in two locations with correct path to certificate from a previous bullet:
    ssl_certificate /etc/nginx/ssl/contman.pem;
    ssl_certificate_key /etc/nginx/ssl/contman.key;
  1. Run docker-compose up command from /opt/dmss/ folder:
docker-compose up
  1. In case of errors you can use such commands to debug solution:
docker-compose logs -f // docker compose logs
docker-compose logs -f dmss-keycloak // log of concrete service
docker-compose stop // stop all services 
docker-compose down // stop all services and remove all containers
docker-compose ps // service status list
  1. Create TrustLynx realm, signing role and test user inside keycloak /auth/admin.