Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/technologiestiftung/grist-docker-compose
Docker-compose for grist
https://github.com/technologiestiftung/grist-docker-compose
Last synced: 30 days ago
JSON representation
Docker-compose for grist
- Host: GitHub
- URL: https://github.com/technologiestiftung/grist-docker-compose
- Owner: technologiestiftung
- License: mit
- Created: 2022-04-07T12:38:05.000Z (over 2 years ago)
- Default Branch: main
- Last Pushed: 2022-08-26T11:48:26.000Z (over 2 years ago)
- Last Synced: 2023-02-27T11:05:50.273Z (almost 2 years ago)
- Language: Shell
- Size: 20.5 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- License: LICENSE
- Codeowners: .github/CODEOWNERS
Awesome Lists containing this project
README
![](https://img.shields.io/badge/Built%20with%20%E2%9D%A4%EF%B8%8F-at%20Technologiestiftung%20Berlin-blue)
[![All Contributors](https://img.shields.io/badge/all_contributors-2-orange.svg?style=flat-square)](#contributors-)
# grist-docker-compose
Docker-compose for grist
Instructions for integration with keycloak
## Prerequisites
Docker, Docker-compose
## Keycloak integration
After creating a Realm
1. Go to > Clients > Create
2. The **Client ID** in Keycloak should be `https:///saml/metadata.xml`. The type should be SAML
3. Save the new client
4. Set **Valid Redirect URIs** to `https:///*` and `https:///`
5. Go to **Fine Grain SAML Endpoint Configuration** and set **Logout Service Redirect Binding URL** to `https:///`
6. Save the settings
7. Switch to the tab "Mappers"
8. Click on **Add Builtin**
9. Add `X500 givenName`, `X500 email` and `X500 surname`### How to copy keys and certificates
This part will require you to put together the key and cert files. Basically a copy/paste into the docker volume.
1. Go to the tab **Keys** and copy the contents into files called _key.pem_ and _cert.pem_
2. Go to **Realm Settings** > **General** tab and click on **SAML 2.0 Identity Provider Metadata**
3. Copy the contents of content of **ds:X509Certificate** into a file called idp.pem
4. Add to each file the PEM headers/footers:
- `-----BEGIN RSA PRIVATE KEY-----`/`-----END RSA PRIVATE KEY-----`
- `-----BEGIN CERTIFICATE-----`/`-----END CERTIFICATE-----`
5. Copy the files into the docker volume "saml". How you do that depends on your set up.
6. You should have key.pem, cert.pem and ipm.pem in the folder## Example apache configuration
This configuration can be used to proxy grist through an apache server.
#
RewriteEngine on
RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC]
RewriteCond %{HTTP:CONNECTION} Upgrade$ [NC]
RewriteRule ^/?(.*) "ws://localhost:11082/$1" [P,L]
#
ProxyPreserveHost On
ProxyRequests off
ProxyPass / http://localhost:11082/
ProxyPassReverse / http://localhost:11082/
RequestHeader set X-Forwarded-Proto https
Header set Access-Control-Allow-Origin "*"
### Credits