From ad45b633684d81c4e50580af83ed82fcf7bf40a3 Mon Sep 17 00:00:00 2001
From: Ernst Widerberg <ernst@sunet.se>
Date: Thu, 25 Nov 2021 13:36:03 +0100
Subject: auth-server-poc: Optimize Docker build

---
 auth-server-poc/Dockerfile | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/auth-server-poc/Dockerfile b/auth-server-poc/Dockerfile
index d2fbd28..60ccb8f 100644
--- a/auth-server-poc/Dockerfile
+++ b/auth-server-poc/Dockerfile
@@ -1,6 +1,7 @@
 FROM debian:buster
 
-COPY . /opt/auth-server-poc
+RUN mkdir /opt/auth-server-poc
+COPY requirements.txt setup.sh /opt/auth-server-poc/
 RUN /opt/auth-server-poc/setup.sh
 
 # Prepare for supervisord, uwsgi, ngninx
@@ -22,4 +23,6 @@ RUN chown www-data:www-data /opt/auth-server-poc
 # Expose HTTP
 EXPOSE 80
 
+COPY ./ /opt/auth-server-poc/
+
 ENTRYPOINT supervisord -c /etc/supervisor/supervisord.conf
-- 
cgit v1.1


From b8d118b61c12d7e014264e15ca231ebf779fbead Mon Sep 17 00:00:00 2001
From: Ernst Widerberg <ernst@sunet.se>
Date: Thu, 25 Nov 2021 13:43:15 +0100
Subject: quickstart.sh: Use docker-compose-dev by default

Remove "dev" argument
---
 quickstart.sh | 9 +--------
 1 file changed, 1 insertion(+), 8 deletions(-)

diff --git a/quickstart.sh b/quickstart.sh
index 8da22e0..6a3616d 100755
--- a/quickstart.sh
+++ b/quickstart.sh
@@ -30,12 +30,5 @@ if [ ! -f ${DOCKER_JWT_HTPASSWD_PATH}/.htpasswd ]; then
 fi
 
 # Launch the containers.
+docker-compose -f docker/docker-compose-dev.yaml up -d
 docker-compose -f auth-server-poc/docker-compose.yml up -d
-
-if [ "$1" = "dev" ]; then
-    echo "Using docker/docker-compose-dev.yaml"
-    docker-compose -f docker/docker-compose-dev.yaml build collector
-    docker-compose -f docker/docker-compose-dev.yaml up -d
-else
-    docker-compose -f docker/docker-compose.yaml up -d
-fi
-- 
cgit v1.1


From 1003b038dfa39006ece6ba0cc146aa01cc1f56dd Mon Sep 17 00:00:00 2001
From: Ernst Widerberg <ernst@sunet.se>
Date: Thu, 25 Nov 2021 13:52:32 +0100
Subject: Add local development instructions to README

---
 README.md | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/README.md b/README.md
index 1537048..531fc6c 100644
--- a/README.md
+++ b/README.md
@@ -81,6 +81,17 @@ We can also limit the number of results and skip N results forward with the para
 
     curl -s -H "Authorization: Bearer $JWT" 'http://localhost:80/sc/v0/get?limit=5&skip=2' | json_pp -json_opt utf8,pretty
 
+## Development
+
+There are two docker-compose files used for development:
+
+- `docker/docker-compose-dev.yaml` for the collector, and
+- `auth-server-poc/docker-compose.yml` for the JWT server.
+
+To apply changes, build with `docker-compose build -f docker/docker-compose-dev.yaml` or `docker-compose -f auth-server-poc/docker-compose.yml` (depending on what has changed) and then restart the containers with `./quickstart.sh`.
+
+If you want to save build time you can also pass a service name to `docker-compose build`, i.e. `docker-compose build -f docker/docker-compose-dev.yaml collector`.
+
 ## JWT mechanics (work in progress)
 
 2021-11-24: Currently no checks except that the JWT is valid are performed when
-- 
cgit v1.1


From ba40dc093e807db7cc3efe8099d2310d6ffb77db Mon Sep 17 00:00:00 2001
From: Linus Nordberg <linus@nordberg.se>
Date: Thu, 25 Nov 2021 16:15:29 +0100
Subject: document dependencies

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 531fc6c..1e4ecbb 100644
--- a/README.md
+++ b/README.md
@@ -50,7 +50,7 @@ Clone the repository.
 
 Install dependencies (Debian).
 
-    sudo apt install docker.io docker-compose
+    sudo apt install docker.io docker-compose jq curl apache2-utils
 
 Start the collector and JWT server, and generate certificates for JWT signing:
 
-- 
cgit v1.1


From f90a61be00c1f9aebb1ba8c65b67a22d81e97f42 Mon Sep 17 00:00:00 2001
From: Linus Nordberg <linus@nordberg.se>
Date: Thu, 25 Nov 2021 16:44:04 +0100
Subject: user www-data needs to read the private key

---
 quickstart.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/quickstart.sh b/quickstart.sh
index 6a3616d..d46a791 100755
--- a/quickstart.sh
+++ b/quickstart.sh
@@ -21,6 +21,7 @@ fi
 # Generate new certificates to use for JWT.
 if [ ! -f ${DOCKER_JWT_PUBKEY_PATH}/private.pem ] && [ ! -f ${DOCKER_JWT_PUBKEY_PATH}/public.pem ]; then
     openssl ecparam -genkey -name prime256v1 -noout -out ${DOCKER_JWT_PUBKEY_PATH}/private.pem
+    chmod 644 ${DOCKER_JWT_PUBKEY_PATH}/private.pem
     openssl ec -in ${DOCKER_JWT_PUBKEY_PATH}/private.pem -pubout -out ${DOCKER_JWT_PUBKEY_PATH}/public.pem
 fi
 
-- 
cgit v1.1