|
@@ -16,7 +16,8 @@ Project to automate all administrative and commercial processes within the compa
|
|
|
- NGINX running in WSL for development using NGINX Proxy Manager
|
|
- NGINX running in WSL for development using NGINX Proxy Manager
|
|
|
- Docker environment being set up
|
|
- Docker environment being set up
|
|
|
- SSL certificates in place for development (self-signed)
|
|
- SSL certificates in place for development (self-signed)
|
|
|
-- Staging and Production environment will use NGINX Server Configs and letsencrypt SSL certificates
|
|
|
|
|
|
|
+- Staging and Production environment will use NGINX Server Config files and letsencrypt SSL certificates
|
|
|
|
|
+- Automated password generation and encrypted storage implemented using `setup_environment.sh`
|
|
|
|
|
|
|
|
### 3. Service Status
|
|
### 3. Service Status
|
|
|
|
|
|
|
@@ -24,15 +25,18 @@ Project to automate all administrative and commercial processes within the compa
|
|
|
- NGINX configuration complete
|
|
- NGINX configuration complete
|
|
|
- Docker setup complete
|
|
- Docker setup complete
|
|
|
- Keycloak is running behind a reverse proxy
|
|
- Keycloak is running behind a reverse proxy
|
|
|
-- Implemented setup_realm.js script for automated realm, client and user setup
|
|
|
|
|
|
|
+- Implemented `setup_realm.js` script for automated realm, client, and user setup
|
|
|
- SSL certificates configured (self-signed)
|
|
- SSL certificates configured (self-signed)
|
|
|
- `setup_realm.js` configures the `office-automation` realm, `nextcloud`, `paperless`, and `nodered` clients.
|
|
- `setup_realm.js` configures the `office-automation` realm, `nextcloud`, `paperless`, and `nodered` clients.
|
|
|
-- Test users `testadmin` and `testuser` are also created.
|
|
|
|
|
|
|
+- Test users `testadmin`, `testuser` and `testserviceuser` are also created with specific group assignments.
|
|
|
|
|
+- Client Secrets are now managed and set correctly.
|
|
|
|
|
+- The `groups-nextcloud` Client Scope is now created and managed by the `setup_realm.js` script.
|
|
|
|
|
|
|
|
#### Nextcloud (cloud.mrx8086.com)
|
|
#### Nextcloud (cloud.mrx8086.com)
|
|
|
- NGINX configuration complete
|
|
- NGINX configuration complete
|
|
|
-- Docker setup pending
|
|
|
|
|
|
|
+- Docker setup complete
|
|
|
- SSL certificates configured
|
|
- SSL certificates configured
|
|
|
|
|
+- Nextcloud is now configured to use Keycloak for authentication via OpenID Connect.
|
|
|
|
|
|
|
|
#### Paperless (docs.mrx8086.com)
|
|
#### Paperless (docs.mrx8086.com)
|
|
|
- NGINX configuration complete
|
|
- NGINX configuration complete
|
|
@@ -49,6 +53,7 @@ Project to automate all administrative and commercial processes within the compa
|
|
|
- Automated password generation implemented
|
|
- Automated password generation implemented
|
|
|
- Encrypted credentials storage system in place
|
|
- Encrypted credentials storage system in place
|
|
|
- SSL certificates managed and deployed
|
|
- SSL certificates managed and deployed
|
|
|
|
|
+- Keycloak is used for central authentication
|
|
|
|
|
|
|
|
### 5. Development Decisions
|
|
### 5. Development Decisions
|
|
|
- Using WSL for development environment
|
|
- Using WSL for development environment
|
|
@@ -59,18 +64,20 @@ Project to automate all administrative and commercial processes within the compa
|
|
|
- Staging and Production will use Nginx Server Config files
|
|
- Staging and Production will use Nginx Server Config files
|
|
|
|
|
|
|
|
## Next Steps
|
|
## Next Steps
|
|
|
-1. Complete Nextcloud docker setup
|
|
|
|
|
-2. Test Nextcloud authentication against Keycloak
|
|
|
|
|
-3. Proceed with remaining service deployments
|
|
|
|
|
-4. Setup Letsencrypt SSL Certificates in the Staging Environment
|
|
|
|
|
|
|
+1. Complete Paperless docker setup
|
|
|
|
|
+2. Test Paperless authentication against Keycloak
|
|
|
|
|
+3. Proceed with remaining service deployments
|
|
|
|
|
+4. Setup Letsencrypt SSL Certificates in the Staging Environment
|
|
|
|
|
+5. Implement automated backups
|
|
|
|
|
+6. Implement monitoring
|
|
|
|
|
|
|
|
## Important Files Location
|
|
## Important Files Location
|
|
|
- NGINX configs: /config/nginx/sites-available/
|
|
- NGINX configs: /config/nginx/sites-available/
|
|
|
- SSL certificates: /config/nginx/ssl/mrx8086.com/
|
|
- SSL certificates: /config/nginx/ssl/mrx8086.com/
|
|
|
- Docker compose: /docker/docker-compose.yml
|
|
- Docker compose: /docker/docker-compose.yml
|
|
|
-- Environment variables: /config/.env
|
|
|
|
|
|
|
+- Environment variables: /docker/.env and /scripts/setup/keycloak/.env
|
|
|
- Encrypted credentials: /config/credentials/
|
|
- Encrypted credentials: /config/credentials/
|
|
|
-- Keycloak setup script: /scripts/install/setup_realm.js
|
|
|
|
|
|
|
+- Keycloak setup script: /scripts/setup/keycloak/setup_realm.js
|
|
|
|
|
|
|
|
## Development Environment
|
|
## Development Environment
|
|
|
- Domain: mrx8086.com
|
|
- Domain: mrx8086.com
|
mrx8086