- Notifications
You must be signed in to change notification settings - Fork1
ldej/issuer
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
https://ldej.nl/post/building-an-acapy-controller-architecture/
$ git clone --recursive git@github.com:ldej/issuer.gitStart 4 Indy nodes and the von-webserver. The von-webserver has a web interface atlocalhost:9000 which allows you to browse the transactions in the blockchain.
$ git clone https://github.com/bcgov/von-network$cd von-network$ ./manage start --logsgithub.com/bcgov/indy-tails-server
Start a Tails server for the revocation registry tails files.
$ git clone https://github.com/bcgov/indy-tails-server$cd indy-tails-server$ ./docker/manage start$ cat .envAGENT_WALLET_SEED=<some-32-char-wallet-seed>LABEL=<name-of-your-application>ACAPY_ENDPOINT_PORT=8000ACAPY_ENDPOINT_URL=http://localhost:8000/ACAPY_ADMIN_PORT=11000LEDGER_URL=http://172.17.0.1:9000TAILS_SERVER_URL=http://tails-server:6543CONTROLLER_PORT=8080WALLET_NAME=<wallet-name>WALLET_KEY=<secret>
$ make up$ make logs
TODO
The ACA-py docker image is made with theacapy.dockerfile. It is a custom image where libindy is installed and the postgres plugin is installed as a wallet storage backend. I could only install the postgres plugin with theindy-sdk repository, that's why it is a git submodule.aries-cloudagent-python is included in this repo as a submodule, so I can run the latestmaster, I meanmain branch.
The controller docker image is used for both building and running the Go application.
I usedthis blog post as a source of inspiration for getting the easiest set up to work. That's also whereinit-letsencrypt.sh comes from. I modified it to fit my structure.
For the first deployment, copy the following to the remote host:
- init-letsencrypt.sh
- .env.prod
- docker-compose.yml
- docker-compose.prod.yml
- ./nginx
Then run it:
$cd /issuer&& ./init-letsencrypt.sh
I tried to understand thearies-cloudagent-python/deploymentModel.md, but it was too much to read. The two examples at the bottom (indy-email-verification andiiwbook) helped me get in the right direction with thedocker-compose.yml file.
This issuer is deployed on Digital Ocean using the cheapest pre-installed docker droplet. Apparently theufw firewall is enabled by default.
https://www.digitalocean.com/docs/networking/firewalls/resources/troubleshooting/
$ docker context create remote --docker"host=ssh://user@hostname"$ docker-compose --context remote logsIf the tails-server gets a permission denied on the volume, thenchown -R 1001:1001 /issuer/tails-files.
- Automate deployment using Github Actions
- Add functionality for issuing credentials
- Add a frontend
About
An ACA-py controller that can issue credentials