Skip to main content

How to install Soffid using docker compose?

Steps to install Soffid using docker compose

To install Soffid Console and Sync Server is mandatory. You can follow this documentation: https://bookstack.soffid.com/books/installation/chapter/installing-soffid-using-docker-composeb

Now I am going to explain step by step how to install Soffid.

1. First of all, you must create a folder to save the yaml files you are going to create.

mkdir lab-soffid

2. Go inside the folder

cd lab-soffid

3. I recomend the very first time you install Soffid in an environment, to make three different YAML files, one to the Repository, one to the Console, and one to the Sync Server. Once you have Soffid running properly, you can merge the files and use only one to start and stop Soffid using only one step.

3.1. You need to create one folder for each component, for example using those commands.

mkdir 01repository
mkdir 02console
mkdir 03syncserver

4. Create the Repository

4.1. Go inside the folder 01repository

cd 01repository

4.2. Once you are inside the folder, you must create a docker-compose.yaml file with the Repository service definition 

version: "3.8"
services:
  mariadb:
    image: mariadb:11.4
    environment:
      MYSQL_ROOT_PASSWORD: XXXXX
      MYSQL_DATABASE: soffid01
      MYSQL_USER: soffid
      MYSQL_PASSWORD: XXXXX
    healthcheck:
      test: "/usr/bin/mariadb --user=root --password=XXXXX --execute \"SHOW DATABASES;\""
      interval: 2s
      timeout: 20s
      retries: 10
    command: --max_allowed_packet=128M --innodb_log_file_size=256M --character-set-server=utf8mb4 --collation-server=utf8mb4_general_ci
    networks:
      - network
    volumes:
      - mariadb_data:/var/lib/mysql
networks:
  network:
    name: netcompose
    driver: bridge

volumes:
  mariadb_data:
    name: compose_mariadbdata

4.3 Execute this command to initilize the repository container (thanks to the -d option, containers will continue to run in the background, even if you close the terminal)

sudo docker-compose ps

4.4. Check the containers: to check the container you can use a docker or a docker-compose command, depend on what you want to check.

4.4.1. In the folder: you can use a docker-compose command

sudo docker-compose ps

4.4.2. All of them: you can use a docker command

sudo docker ps

4.5. Check the logs: docker logs are detailed records of the activities that occur within containers. They are like a diary that records everything that happens, from starting and stopping the container to error messages, application outputs, and any other interactions.

4.5.1.  You can use a docker-compose command

sudo docker-compose logs <SERVICE_NAME>

4.5.2. Or you can use a docker command

sudo docker logs -f <CONTAINER_NAME/CONTAINER_ID>

4.6. If you need to stop the container:

sudo docker-compose down

5. Create Soffid Console

5.1. Go inside the folder 02console

cd 02console

5.2. Once you are inside the folder, you must create a docker-compose.yaml file with the Console service definition 

version: '3.8'

services:
  
  console:
    image: soffid/iam-console:3.6.19
    environment:
      DB_URL: jdbc:mariadb://mariadb/soffid01
      DB_USER: root
      DB_PASSWORD: rootpassword
      SOFFID_TRUSTED_SCRIPTS: true
    networks:
      - network
    #ports: 
    #  - "8443:8443"
    volumes:
      - console_trust:/opt/soffid/iam-console-3/trustedcerts
      - console_conf:/opt/soffid/iam-console-3/conf
      - console_index:/opt/soffid/iam-console-3/index 

networks:
  network:
    name: netcompose
    driver: bridge

volumes:
  console_trust:
    name: compose-console-trustedcerts-laboratorio
  console_conf:
    name: compose-console-conf-laboratorio
  console_index:
    name: compose-console-index-laboratorio

5.3. Execute this command to initialize the repository container (thanks to the -d option, containers will continue to run in the background, even if you close the terminal)

sudo docker-compose up -d

5.4. If you need to stop the container:

sudo docker-compose down

6. Create Soffid Sync Server

6.1. Go inside the folder 03syncserver

cd 03syncserver

6.2. Once you are inside the folder, you must create a docker-compose.yaml file with the Sync Server service definition 

version: "3.8"
services:

  sync-server:
    image: soffid/iam-sync:3.6.15
    hostname: sync-server
    environment:
      SOFFID_PORT: 1760
      SOFFID_HOSTNAME: sync-server.netcompose
      SOFFID_MAIN: yes
      DB_URL: jdbc:mysql://mariadb/soffid01
      DB_USER: soffid
      DB_PASSWORD: XXXXX
    networks:
      - network
    volumes:
      - sync_conf:/opt/soffid/iam-sync/conf
    ports:
      #- "1443:1443"
      - "1760:1760"
networks:
  network:
    name: netcompose
    driver: bridge

volumes:
  sync_conf:
    name: compose_sync_conf

6.3. Execute this command to initialize the repository container (thanks to the -d option, containers will continue to run in the background, even if you close the terminal)

sudo docker-compose up -d

6.4. If you need to stop the container:

sudo docker-compose down

 

Prerequisites

  • Docker compose
  • 8GB RAM
  • > 10GB disk space (50GB recomended)

Installation

docker-compose.yaml / compose.yaml
version: "3.8"
services:
  mariadb:
    image: mariadb:11.4
    environment:
      MYSQL_ROOT_PASSWORD: XXXXX
      MYSQL_DATABASE: soffid01
      MYSQL_USER: soffid
      MYSQL_PASSWORD: XXXXX
    healthcheck:
      test: "/usr/bin/mariadb --user=root --password=XXXXX --execute \"SHOW DATABASES;\""
      interval: 2s
      timeout: 20s
      retries: 10
    command: --max_allowed_packet=128M --innodb_log_file_size=256M --character-set-server=utf8mb4 --collation-server=utf8mb4_general_ci
    networks:
      - network
    volumes:
      - mariadb_data:/var/lib/mysql
  
  console:
    image: soffid/iam-console:3.6.7
    environment:
      DB_URL: jdbc:mariadb://mariadb/soffid01
      DB_USER: soffid
      DB_PASSWORD: XXXXX
    ports:
      - 8080:8080
    networks:
    - network
    healthcheck:
      test: bash -c "(echo 'GET /soffid/anonymous/logo.svg HTTP/1.1' >&0; echo >&0; cat >&2;) <> /dev/tcp/localhost/8080"
      interval: 10s
      timeout: 20s
      retries: 10
      start_period: 40s    
    volumes:
      - console_trust:/opt/soffid/iam-console-3/trustedcerts
      - console_conf:/opt/soffid/iam-console-3/conf
      - console_logs:/opt/soffid/iam-console-3/logs
      - console_index:/opt/soffid/iam-console-3/index      
    depends_on:
      mariadb:
        condition: service_healthy

  sync-server:
    image: soffid/iam-sync:3.6.10
    hostname: sync-server
    environment:
      SOFFID_PORT: 1760
      SOFFID_HOSTNAME: sync-server.netcompose
      SOFFID_MAIN: yes
      DB_URL: jdbc:mysql://mariadb/soffid01
      DB_USER: soffid
      DB_PASSWORD: XXXXX
    networks:
      - network
    volumes:
      - sync_conf:/opt/soffid/iam-sync/conf
    depends_on:
      mariadb:
        condition: service_healthy
      console:
        condition: service_healthy

networks:
  network:
    name: netcompose
    driver: bridge

volumes:
  mariadb_data:
    name: compose_mariadbdata
  console_trust:
    name: compose_console_trustedcerts
  console_conf:
    name: compose_console_conf
  console_logs:
    name: compose_console_logs
  console_index:
    name: compose_console_index
  sync_conf:
    name: compose_sync_conf
Ubuntu commands

Bear in mind, that the name of the YAML file must be docker-compose.yaml And you must execute the docker compose action inside the folder where this file is located.

cd /.../.../soffid

Apply the YAML:

sudo docker compose up -d

image-1699860896041.png

Check containers

sudo docker compose ps

View the console log

sudo docker compose logs -f console

View the Sync Server log

sudo docker compose logs -f sync-server

When the console is created, the password for the user admin will be changeit and it will be valid for 24 hours.

Now you can connect to Soffid Console http://localhost:8080/soffid The first thing you must do is to change the admin user password changeit

Upgrade

You can update the version in the yaml file

docker compose up -d

Back to top