diff --git a/Dockerfile b/Dockerfile index 91d07b6..eefa92a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,12 +1,12 @@ -FROM ghcr.io/front-matter/invenio-rdm-starter:latest - -ARG WHEEL +FROM ghcr.io/front-matter/invenio-rdm-starter:v12.0.18.0 RUN /opt/invenio/.venv/bin/python -m ensurepip RUN /opt/invenio/.venv/bin/python -m pip install --upgrade pip -RUN /opt/invenio/.venv/bin/python -m pip install invenio-theme-iform==2025.5.20 +RUN /opt/invenio/.venv/bin/python -m pip install invenio-theme-iform==2025.6.3 RUN /opt/invenio/.venv/bin/python -m pip uninstall -y pip RUN invenio collect +RUN apt update -y +RUN apt upgrade -y RUN apt install -y npm RUN invenio webpack buildall RUN apt remove -y npm diff --git a/docker-compose.yaml b/docker-compose.yaml index 3afc62a..eac6e76 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -11,7 +11,7 @@ services: - "8443:443" volumes: - caddy_data:/data - - ./caddy/${INVENIO_ENV}:/etc/caddy + - ./caddy/${COMPOSE_PROFILES}:/etc/caddy - site_data:/var/www:ro restart: unless-stopped labels: @@ -24,91 +24,57 @@ services: volumes: - uploaded_data:/opt/invenio/var/instance/data - archived_data:/opt/invenio/var/instance/archive - - ./invenio_assets:/opt/invenio/var/instance/static/custom_assets # Add static assets for theming - - ./invenio.cfg:/opt/invenio/var/instance/invenio.cfg # Override the config with our custom one + - site_data:/opt/invenio/var/instance/ + # - ./invenio_assets:/opt/invenio/var/instance/static/custom_assets # Add static assets for theming + # - ./invenio.cfg:/opt/invenio/var/instance/invenio.cfg # Override the config with our custom one environment: - # Flask - - INVENIO_APP_ALLOWED_HOSTS=${INVENIO_APP_ALLOWED_HOSTS:-['0.0.0.0', 'localhost', '127.0.0.1']} - - # Flask-SQLAlchemy - - INVENIO_SQLALCHEMY_DATABASE_URI=postgresql+psycopg2://${POSTGRES_USER:-inveniordm}:${POSTGRES_PASSWORD:-inveniordm}@db/${POSTGRES_DB:-inveniordm} - - # Flask-Babel - - INVENIO_BABEL_DEFAULT_LOCALE=${INVENIO_BABEL_DEFAULT_LOCALE:-en} - - INVENIO_BABEL_DEFAULT_TIMEZONE=${INVENIO_BABEL_DEFAULT_TIMEZONE:-UTC} - - # Invenio-App - - INVENIO_CACHE_TYPE=${INVENIO_CACHE_TYPE:-redis} - - INVENIO_CACHE_REDIS_URL=${INVENIO_CACHE_REDIS_URL:-redis://cache:6379/0} - - INVENIO_ACCOUNTS_SESSION_REDIS_URL=${INVENIO_ACCOUNTS_SESSION_REDIS_URL:-redis://cache:6379/1} - - INVENIO_CELERY_RESULT_BACKEND=${INVENIO_CELERY_RESULT_BACKEND:-redis://cache:6379/2} - - INVENIO_RATELIMIT_STORAGE_URL=${INVENIO_RATELIMIT_STORAGE_URL:-redis://cache:6379/3} - - INVENIO_COMMUNITIES_IDENTITIES_CACHE_REDIS_URL=${INVENIO_COMMUNITIES_IDENTITIES_CACHE_REDIS_URL:-redis://cache:6379/4} - - INVENIO_BROKER_URL=${INVENIO_BROKER_URL:-redis://cache:6379/5} - - INVENIO_CELERY_BROKER_URL=${INVENIO_BROKER_URL:-redis://cache:6379/5} - - - INVENIO_WSGI_PROXIES=4 - - INVENIO_SECRET_KEY=${INVENIO_SECRET_KEY:-changeme} - - # Invenio-I18N - # TODO: fix tuple parsing - # - INVENIO_I18N_LANGUAGES=${INVENIO_I18N_LANGUAGES:-'[("de", _("German"))]'} - - # Invenio-Theme - - INVENIO_THEME_LOGO=${INVENIO_THEME_LOGO:-images/invenio-rdm-white.svg} - - INVENIO_THEME_SITENAME=${INVENIO_THEME_SITENAME:-InvenioRDM Starter} - - INVENIO_THEME_FRONTPAGE_TITLE=${INVENIO_THEME_FRONTPAGE_TITLE:-InvenioRDM Starter} - - INVENIO_THEME_FRONTPAGE_SUBTITLE=${INVENIO_THEME_FRONTPAGE_SUBTITLE:-A starter project for the turn-key research data management repository.} - - INVENIO_THEME_SHOW_FRONTPAGE_INTRO_SECTION=False - - # Invenio-Records-Resources - - INVENIO_SITE_UI_URL=${INVENIO_SITE_UI_URL:-https://localhost} - - INVENIO_SITE_API_URL=${INVENIO_SITE_API_URL:-https://localhost/api} - - # Invenio-RDM-Records - - INVENIO_DATACITE_ENABLED=${INVENIO_DATACITE_ENABLED:-False} - - INVENIO_DATACITE_USERNAME=${INVENIO_DATACITE_USERNAME:-} - - INVENIO_DATACITE_PASSWORD=${INVENIO_DATACITE_PASSWORD:-} - - INVENIO_DATACITE_PREFIX=${INVENIO_DATACITE_PREFIX:-} - - INVENIO_DATACITE_TEST_MODE=${INVENIO_DATACITE_TEST_MODE:-True} - - INVENIO_DATACITE_DATACENTER_SYMBOL=${INVENIO_DATACITE_DATACENTER_SYMBOL:-} - - - INVENIO_RDM_ALLOW_METADATA_ONLY_RECORDS=${INVENIO_RDM_ALLOW_METADATA_ONLY_RECORDS:-True} - - INVENIO_RDM_ALLOW_RESTRICTED_RECORDS=${INVENIO_RDM_ALLOW_RESTRICTED_RECORDS:-True} - - INVENIO_RDM_ALLOW_EXTERNAL_DOI_VERSIONING=${INVENIO_RDM_ALLOW_EXTERNAL_DOI_VERSIONING:-True} - - - INVENIO_RDM_CITATION_STYLES_DEFAULT=${INVENIO_RDM_CITATION_STYLES_DEFAULT:-apa} - - INVENIO_SECURITY_EMAIL_SENDER=${INVENIO_SECURITY_EMAIL_SENDER:-} - # TODO: fix tuple parsing - # - INVENIO_RDM_CITATION_STYLES=${INVENIO_RDM_CITATION_STYLES:-"[('apa', 'APA'), ('chicago-note-bibliography', 'Chicago'), ('harvard-cite-them-right', 'Harvard')]"} - - # Invenio-Accounts - - INVENIO_ACCOUNTS_LOCAL_LOGIN_ENABLED=${INVENIO_ACCOUNTS_LOCAL_LOGIN_ENABLED:-True} - - INVENIO_GITHUB_APP_CREDENTIALS=${INVENIO_GITHUB_APP_CREDENTIALS:-} - - # OAI-PMH - - INVENIO_OAISERVER_ID_PREFIX=${OAISERVER_ID_PREFIX:-invenio-rdm} - - # Invenio-Files-REST - - INVENIO_FILES_REST_STORAGE_FACTORY=invenio_s3.s3fs_storage_factory - - # Invenio-S3 - - INVENIO_S3_ENDPOINT_URL=${INVENIO_S3_ENDPOINT_URL:-} - - INVENIO_S3_ACCESS_KEY_ID=${INVENIO_S3_ACCESS_KEY_ID:-} - - INVENIO_S3_SECRET_ACCESS_KEY=${INVENIO_S3_SECRET_ACCESS_KEY:-} - - INVENIO_S3_BUCKET_NAME=${INVENIO_S3_BUCKET_NAME:-} - - # Invenio-Search - - INVENIO_SEARCH_HOSTS=${INVENIO_SEARCH_HOSTS:-['search:9200']} - - INVENIO_SEARCH_INDEX_PREFIX=${INVENIO_SEARCH_INDEX_PREFIX:-invenio-rdm-} - - # Logging - - INVENIO_LOGGING_CONSOLE_LEVEL=${INVENIO_LOGGING_CONSOLE_LEVEL:-WARNING} - - # Custom invenio settings - - INVENIO_SECURITY_REGISTERABLE=False # Disable manual user registration - - INVENIO_MAIL_SUPPRESS_SEND=False # Allow server to send emails - - INVENIO_RDM_DEFAULT_CITATION_STYLE = "vancouver" + - INVENIO_THEME_LOGO + - INVENIO_THEME_FRONTPAGE_TITLE + - INVENIO_THEME_SITENAME + - INVENIO_THEME_FRONTPAGE_SUBTITLE + - INVENIO_THEME_SHOW_FRONTPAGE_INTRO_SECTION + - INVENIO_SECURITY_REGISTERABLE + - INVENIO_SQLALCHEMY_DATABASE_URI=postgresql+psycopg2://${POSTGRES_USER}:${POSTGRES_PASSWORD}@db/${POSTGRES_DB} + - INVENIO_CACHE_TYPE + - INVENIO_CACHE_REDIS_URL + - INVENIO_ACCOUNTS_SESSION_REDIS_URL + - INVENIO_CELERY_RESULT_BACKEND + - INVENIO_RATELIMIT_STORAGE_URL + - INVENIO_COMMUNITIES_IDENTITIES_CACHE_REDIS_URL + - INVENIO_BROKER_URL + - INVENIO_CELERY_BROKER_URL + - INVENIO_WSGI_PROXIES + - INVENIO_SITE_UI_URL + - INVENIO_SITE_API_URL + - INVENIO_DATACITE_ENABLED + - INVENIO_DATACITE_USERNAME + - INVENIO_DATACITE_PASSWORD + - INVENIO_DATACITE_PREFIX + - INVENIO_DATACITE_TEST_MODE + - INVENIO_DATACITE_DATACENTER_SYMBOL + - INVENIO_RDM_ALLOW_METADATA_ONLY_RECORDS + - INVENIO_RDM_ALLOW_RESTRICTED_RECORDS + - INVENIO_RDM_ALLOW_EXTERNAL_DOI_VERSIONING + - INVENIO_RDM_CITATION_STYLES_DEFAULT + - INVENIO_RDM_DEFAULT_CITATION_STYLE + - INVENIO_MAIL_SUPPRESS_SEND + - INVENIO_SECURITY_EMAIL_SENDER + - INVENIO_ACCOUNTS_LOCAL_LOGIN_ENABLED + - INVENIO_GITHUB_APP_CREDENTIALS + - INVENIO_OAISERVER_ID_PREFIX + - INVENIO_FILES_REST_STORAGE_FACTORY + - INVENIO_S3_ENDPOINT_URL + - INVENIO_S3_ACCESS_KEY_ID + - INVENIO_S3_SECRET_ACCESS_KEY + - INVENIO_S3_BUCKET_NAME + - INVENIO_SEARCH_HOSTS + - INVENIO_SEARCH_INDEX_PREFIX + - INVENIO_LOGGING_CONSOLE_LEVEL + - INVENIO_APP_ALLOWED_HOSTS + - INVENIO_ENV=${COMPOSE_PROFILES} + - FLASK_ENV=${COMPOSE_PROFILES} + - NODE_ENV=${COMPOSE_PROFILES} + - FLASK_DEBUG depends_on: search: condition: service_started @@ -118,42 +84,41 @@ services: condition: service_started worker: command: "celery -A invenio_app.celery worker --beat --events --loglevel=WARNING" + # command: "sh" build: context: . networks: - invenio-network - image: ghcr.io/front-matter/invenio-rdm-starter:latest volumes: - uploaded_data:/opt/invenio/var/instance/data environment: - - INVENIO_SQLALCHEMY_DATABASE_URI=postgresql+psycopg2://${POSTGRES_USER:-inveniordm}:${POSTGRES_PASSWORD:-inveniordm}@db/${POSTGRES_DB:-inveniordm} - - INVENIO_SEARCH_HOSTS=${INVENIO_SEARCH_HOSTS:-['search:9200']} - - INVENIO_SEARCH_INDEX_PREFIX=${INVENIO_SEARCH_INDEX_PREFIX:-invenio-rdm-} - - - INVENIO_CACHE_TYPE=${INVENIO_CACHE_TYPE:-redis} - - INVENIO_CACHE_REDIS_URL=${INVENIO_CACHE_REDIS_URL:-redis://cache:6379/0} - - INVENIO_ACCOUNTS_SESSION_REDIS_URL=${INVENIO_ACCOUNTS_SESSION_REDIS_URL:-redis://cache:6379/1} - - INVENIO_CELERY_RESULT_BACKEND=${INVENIO_CELERY_RESULT_BACKEND:-redis://cache:6379/2} - - INVENIO_RATELIMIT_STORAGE_URL=${INVENIO_RATELIMIT_STORAGE_URL:-redis://cache:6379/3} - - INVENIO_COMMUNITIES_IDENTITIES_CACHE_REDIS_URL=${INVENIO_COMMUNITIES_IDENTITIES_CACHE_REDIS_URL:-redis://cache:6379/4} - - INVENIO_BROKER_URL=${INVENIO_BROKER_URL:-redis://cache:6379/5} - - INVENIO_CELERY_BROKER_URL=${INVENIO_BROKER_URL:-redis://cache:6379/5} - - - INVENIO_MAIL_SUPPRESS_SEND=${INVENIO_MAIL_SUPPRESS_SEND:-True} - - INVENIO_MAIL_SERVER=${INVENIO_MAIL_SERVER:-smtp.gmail.com} - - INVENIO_MAIL_PORT=${INVENIO_MAIL_PORT:-465} - - INVENIO_MAIL_USERNAME=${INVENIO_MAIL_USERNAME:-info} - - INVENIO_MAIL_PASSWORD=${INVENIO_MAIL_PASSWORD:-changeme} - - INVENIO_MAIL_USE_SSL=${INVENIO_MAIL_USE_SSL:-True} - - # Invenio-Files-REST - - INVENIO_FILES_REST_STORAGE_FACTORY=${INVENIO_FILES_REST_STORAGE_FACTORY:-invenio_s3.s3fs_storage_factory} - - # Invenio-S3 - - INVENIO_S3_ENDPOINT_URL=${INVENIO_S3_ENDPOINT_URL:-} - - INVENIO_S3_ACCESS_KEY_ID=${INVENIO_S3_ACCESS_KEY_ID:-} - - INVENIO_S3_SECRET_ACCESS_KEY=${INVENIO_S3_SECRET_ACCESS_KEY:-} - - INVENIO_S3_BUCKET_NAME=${INVENIO_S3_BUCKET_NAME:-} + - INVENIO_MAIL_SUPPRESS_SEND=true + # Passthrough of shared env variables + - INVENIO_SQLALCHEMY_DATABASE_URI=postgresql+psycopg2://${POSTGRES_USER}:${POSTGRES_PASSWORD}@db/${POSTGRES_DB:-inveniordm} + - INVENIO_SEARCH_HOSTS + - INVENIO_SEARCH_INDEX_PREFIX + - INVENIO_CACHE_TYPE + - INVENIO_CACHE_REDIS_URL + - INVENIO_ACCOUNTS_SESSION_REDIS_URL + - INVENIO_CELERY_RESULT_BACKEND + - INVENIO_RATELIMIT_STORAGE_URL + - INVENIO_COMMUNITIES_IDENTITIES_CACHE_REDIS_URL + - INVENIO_BROKER_URL + - INVENIO_CELERY_BROKER_URL + - INVENIO_MAIL_SERVER + - INVENIO_MAIL_PORT + - INVENIO_MAIL_USERNAME + - INVENIO_MAIL_PASSWORD + - INVENIO_MAIL_USE_SSL + - INVENIO_FILES_REST_STORAGE_FACTORY + - INVENIO_S3_ENDPOINT_URL + - INVENIO_S3_ACCESS_KEY_ID + - INVENIO_S3_SECRET_ACCESS_KEY + - INVENIO_S3_BUCKET_NAME + - INVENIO_ENV=${COMPOSE_PROFILES} + - FLASK_ENV=${COMPOSE_PROFILES} + - NODE_ENV=${COMPOSE_PROFILES} + - FLASK_DEBUG depends_on: search: condition: service_started @@ -176,9 +141,9 @@ services: - invenio-network restart: "unless-stopped" environment: - - POSTGRES_USER=${POSTGRES_USER:-inveniordm} - - POSTGRES_PASSWORD=${POSTGRES_PASSWORD:-inveniordm} - - POSTGRES_DB=${POSTGRES_DB:-inveniordm} + - POSTGRES_USER + - POSTGRES_PASSWORD + - POSTGRES_DB volumes: - "postgres_data:/var/lib/postgresql/data" ports: @@ -189,6 +154,7 @@ services: - invenio-network restart: "unless-stopped" environment: + - OPENSEARCH_INITIAL_ADMIN_PASSWORD - bootstrap.memory_lock=true - OPENSEARCH_JAVA_OPTS=-Xms512m -Xmx512m - DISABLE_INSTALL_DEMO_CONFIG=true @@ -208,6 +174,42 @@ services: - "9200:9200" - "9600:9600" + # Test SAML for development + oauth2-proxy: + image: quay.io/oauth2-proxy/oauth2-proxy:latest + profiles: + - development + ports: + - "4180:4180" + environment: + - OAUTH2_PROXY_PROVIDER=oidc + - OAUTH2_PROXY_OIDC_ISSUER_URL=http://saml-idp:8080/simplesaml/saml2/idp + - OAUTH2_PROXY_CLIENT_ID=your-client-id + - OAUTH2_PROXY_CLIENT_SECRET=your-client-secret + - OAUTH2_PROXY_COOKIE_SECRET=${OAUTH2_PROXY_COOKIE_SECRET} + - OAUTH2_PROXY_EMAIL_DOMAINS=* + - OAUTH2_PROXY_UPSTREAM=http://caddy:80 + - OAUTH2_PROXY_HTTP_ADDRESS=0.0.0.0:4180 + - OAUTH2_PROXY_REDIRECT_URL=http://localhost:4180/oauth2/callback + depends_on: + - saml-idp + - caddy + networks: + - invenio-network + saml-idp: + image: kristophjunge/test-saml-idp:latest + profiles: + - development + ports: + - "8080:8080" + environment: + - SIMPLESAMLPHP_SP_ENTITY_ID=http://localhost:4180 + - SIMPLESAMLPHP_SP_ASSERTION_CONSUMER_SERVICE=http://localhost:4180/oauth2/callback + volumes: + - ./saml/authsources.php:/var/www/simplesamlphp/config/authsources.php:ro + networks: + - invenio-network + networks: invenio-network: @@ -215,6 +217,7 @@ volumes: app_data: uploaded_data: archived_data: + site_data: postgres_data: opensearch_data: valkey_data: diff --git a/env.sh b/env.sh index 775267d..3d27c5d 100755 --- a/env.sh +++ b/env.sh @@ -7,9 +7,13 @@ else ENV_FILE="invenio_prod.env" fi -aws secretsmanager get-secret-value --secret-id Invenio | \ - jq -r '.SecretString | fromjson | to_entries | .[] | .key + "=\"" + .value + "\""' > secrets.env +{ + echo "# Secrets fetched from AWS Secrets Manager" + aws secretsmanager get-secret-value --secret-id Invenio | \ + jq -r '.SecretString | fromjson | to_entries | .[] | .key + "=\"" + .value + "\""' + echo "" +} > secrets.env -cat ./env/invenio.env "./env/$ENV_FILE" secrets.env > .env +cat secrets.env ./env/invenio.env "./env/$ENV_FILE" > .env echo "Environment set up using $ENV_FILE" diff --git a/env/invenio.env b/env/invenio.env index c043758..0de918d 100644 --- a/env/invenio.env +++ b/env/invenio.env @@ -1,7 +1,72 @@ -INVENIO_S3_ENDPOINT_URL=https://s3.eu-west-1.amazonaws.com -INVENIO_S3_REGION_NAME=eu-west-1 -INVENIO_S3_BUCKET_NAME=i-form-invenio +# Invenio-Theme INVENIO_THEME_LOGO=custom_assets/I-Form_logo.webp INVENIO_THEME_FRONTPAGE_TITLE="I-Form Invenio Data Repository" INVENIO_THEME_SITENAME="I-Form Repository" INVENIO_THEME_FRONTPAGE_SUBTITLE="An Invenio data repository for the I-Form research group." +INVENIO_THEME_SHOW_FRONTPAGE_INTRO_SECTION=false + +INVENIO_SECURITY_REGISTERABLE=false # Disable manual user registration + +# Database and Flask-SQLAlchemy +POSTGRES_USER=inveniordm +POSTGRES_DB=inveniordm + +# Invenio-App +INVENIO_CACHE_TYPE=redis +INVENIO_CACHE_REDIS_URL=redis://cache:6379/0 +INVENIO_ACCOUNTS_SESSION_REDIS_URL=redis://cache:6379/1 +INVENIO_CELERY_RESULT_BACKEND=redis://cache:6379/2 +INVENIO_RATELIMIT_STORAGE_URL=redis://cache:6379/3 +INVENIO_COMMUNITIES_IDENTITIES_CACHE_REDIS_URL=redis://cache:6379/4 +INVENIO_BROKER_URL=redis://cache:6379/5 +INVENIO_CELERY_BROKER_URL=redis://cache:6379/5 + +# Server settings +INVENIO_WSGI_PROXIES=4 + +# Invenio-RDM-Records +INVENIO_DATACITE_ENABLED=false +INVENIO_DATACITE_USERNAME="" +INVENIO_DATACITE_PASSWORD="" +INVENIO_DATACITE_PREFIX="" +INVENIO_DATACITE_TEST_MODE=true +INVENIO_DATACITE_DATACENTER_SYMBOL="" + +INVENIO_RDM_ALLOW_METADATA_ONLY_RECORDS=true +INVENIO_RDM_ALLOW_RESTRICTED_RECORDS=true +INVENIO_RDM_ALLOW_EXTERNAL_DOI_VERSIONING=true + +INVENIO_RDM_CITATION_STYLES_DEFAULT=vancouver +INVENIO_RDM_DEFAULT_CITATION_STYLE=vancouver + +# Email config +INVENIO_MAIL_SUPPRESS_SEND=false # Allow server to send emails +INVENIO_SECURITY_EMAIL_SENDER="" +INVENIO_MAIL_SERVER=smtp.gmail.com +INVENIO_MAIL_PORT=465 +INVENIO_MAIL_USERNAME=info +INVENIO_MAIL_PASSWORD=changeme +INVENIO_MAIL_USE_SSL=true + +# Invenio-Accounts +INVENIO_ACCOUNTS_LOCAL_LOGIN_ENABLED=true +INVENIO_GITHUB_APP_CREDENTIALS="" + +# OAI-PMH +INVENIO_OAISERVER_ID_PREFIX=invenio-rdm + +# Invenio-Files-REST +INVENIO_FILES_REST_STORAGE_FACTORY=invenio_s3.s3fs_storage_factory + +# Invenio-S3 +INVENIO_S3_ENDPOINT_URL=https://s3.eu-west-1.amazonaws.com +INVENIO_S3_REGION_NAME=eu-west-1 +INVENIO_S3_BUCKET_NAME=i-form-invenio + +# Invenio-Search +INVENIO_SEARCH_HOSTS=search:9200 +INVENIO_SEARCH_INDEX_PREFIX=invenio-rdm- + +# Logging +INVENIO_LOGGING_CONSOLE_LEVEL=WARNING + diff --git a/env/invenio_dev.env b/env/invenio_dev.env index 197520b..8f06fb1 100644 --- a/env/invenio_dev.env +++ b/env/invenio_dev.env @@ -1,5 +1,6 @@ -INVENIO_APP_ALLOWED_HOSTS=["invenio.i-form.ie", "localhost", "localhost:5000", "127.0.0.1", "127.0.0.1:5000", "0.0.0.0", "0.0.0.0:5000"] -INVENIO_SITE_UI_URL=https://localhost:5000 -INVENIO_SITE_API_URL=https://localhost:5000/api -FLASK_ENV=development -INVENIO_ENV=development +# Development environment settings +INVENIO_APP_ALLOWED_HOSTS=invenio.i-form.ie,localhost,localhost:8443,127.0.0.1,127.0.0.1:8443,0.0.0.0,0.0.0.0:8443 +INVENIO_SITE_UI_URL=https://localhost +INVENIO_SITE_API_URL=https://localhost +COMPOSE_PROFILES=development +FLASK_DEBUG=true diff --git a/env/invenio_prod.env b/env/invenio_prod.env index 24f2003..41ce9f5 100644 --- a/env/invenio_prod.env +++ b/env/invenio_prod.env @@ -1,5 +1,6 @@ -INVENIO_APP_ALLOWED_HOSTS=["invenio.i-form.ie"] +# Production environment settings +INVENIO_APP_ALLOWED_HOSTS=invenio.i-form.ie INVENIO_SITE_UI_URL=https://invenio.i-form.ie INVENIO_SITE_API_URL=https://invenio.i-form.ie/api -FLASK_ENV=production -INVENIO_ENV=production +COMPOSE_PROFILES=production +FLASK_DEBUG=false diff --git a/saml/authsources.php b/saml/authsources.php new file mode 100644 index 0000000..248ccd9 --- /dev/null +++ b/saml/authsources.php @@ -0,0 +1,15 @@ + [ + 'core:AdminPassword', + ], + + 'example-userpass' => [ + 'exampleauth:UserPass', + 'test@example.com:password' => [ + 'uid' => ['test'], + 'email' => ['test@example.com'], + 'displayName' => ['Test User'], + ], + ], +];