2021-09-28 04:47:42 +02:00
|
|
|
# Environment Setup
|
2021-09-28 04:36:16 +02:00
|
|
|
|
|
|
|
The whole solution is made up of 4 repos.
|
|
|
|
|
|
|
|
1. covidpass (Wallet Pass creation front-end, port 3000)
|
|
|
|
2. covidpassApiDotNet (Wallet Pass signing service, Apple specific, port 80)
|
|
|
|
3. verifier (web app for scanning, port 5001; GCP cloud functions /register /verify in support of #1)
|
|
|
|
4. hit-counter (simple python script running in VM, web enabled using flask, port 8080)
|
|
|
|
|
2021-09-28 04:40:18 +02:00
|
|
|
The steps were tested against a standard ubuntu LTS 18 vm running in GCP
|
2021-09-28 04:36:16 +02:00
|
|
|
|
2021-09-28 04:47:42 +02:00
|
|
|
## GCP console - Firewall - New Firewall Rule
|
|
|
|
* allow-covidpass-ports, port 3000,80,5001,5003,8080 tcp/inbound
|
2021-09-28 04:36:16 +02:00
|
|
|
|
2021-09-28 04:47:42 +02:00
|
|
|
## GCP console - VM setup
|
|
|
|
* ubuntu LTS 18, 2 core, 4Gb RAM, allow all GCP API, network tag (allow-covidpass-ports), fixed external ip will be helpful
|
2021-09-28 04:36:16 +02:00
|
|
|
|
2021-09-28 04:40:18 +02:00
|
|
|
ssh into the newly created vm
|
2021-09-28 04:36:16 +02:00
|
|
|
|
|
|
|
Install docker
|
2021-09-28 04:47:42 +02:00
|
|
|
* https://docs.docker.com/engine/install/ubuntu/
|
2021-09-28 04:36:16 +02:00
|
|
|
|
2021-09-28 04:47:42 +02:00
|
|
|
Enable non-root usage of docker
|
|
|
|
```sh
|
|
|
|
sudo groupadd docker
|
|
|
|
sudo usermod -aG docker ${USER}
|
|
|
|
```
|
|
|
|
exit SSH session and login again
|
2021-09-28 04:36:16 +02:00
|
|
|
|
|
|
|
Install yarn
|
2021-09-28 04:47:42 +02:00
|
|
|
```sh
|
|
|
|
curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | sudo apt-key add -
|
|
|
|
echo "deb https://dl.yarnpkg.com/debian/ stable main" | sudo tee /etc/apt/sources.list.d/yarn.list
|
|
|
|
sudo apt-get update && sudo apt-get install yarn
|
|
|
|
```
|
2021-09-28 04:36:16 +02:00
|
|
|
|
|
|
|
Upgrade node to 14
|
2021-09-28 04:47:42 +02:00
|
|
|
```sh
|
|
|
|
sudo apt-get install -y nodejs
|
|
|
|
```
|
2021-09-28 04:36:16 +02:00
|
|
|
|
2021-09-28 04:41:27 +02:00
|
|
|
Prepare to start
|
2021-09-28 04:47:42 +02:00
|
|
|
```sh
|
2021-09-28 04:41:27 +02:00
|
|
|
mkdir web
|
|
|
|
cd web
|
2021-09-28 04:47:42 +02:00
|
|
|
```
|
2021-09-28 04:36:16 +02:00
|
|
|
|
2021-09-28 04:47:42 +02:00
|
|
|
Repo 1 (https://github.com/billylo1/covidpass)
|
2021-09-28 04:36:16 +02:00
|
|
|
|
|
|
|
git clone https://github.com/billylo1/covidpass.git
|
|
|
|
cd covidpass
|
|
|
|
yarn install
|
|
|
|
|
|
|
|
note external IP of your dev machines
|
|
|
|
modify .env.local and replace localhost with your {vm-external-ip}
|
|
|
|
|
|
|
|
yarn dev
|
|
|
|
|
|
|
|
access it from your workstation's browser (http://vm-external-ip:3000)
|
|
|
|
you should see on the yarn output compiling... sentry initialized and browser showing page
|
|
|
|
|
|
|
|
Repo 2 (https://github.com/billylo1/CovidPassApiNet)
|
|
|
|
|
|
|
|
cd ~/web
|
|
|
|
git clone https://github.com/billylo1/CovidPassApiNet
|
|
|
|
cd CovidPassApiNet/CovidPassApiNet
|
|
|
|
cp appsettings.example.json appsettings.json
|
|
|
|
|
|
|
|
setup Apple Developer Certificate (assume current directory is the above)
|
|
|
|
|
|
|
|
1. Sign into your Apple Developer Account
|
|
|
|
2. Go to Certificates, Identifiers and Profiles
|
|
|
|
3. Register a new Pass Type Identifier under the Identifiers tab
|
|
|
|
4. Create a new Pass Type ID Certificate under the Certificates tab
|
|
|
|
5. Select your previously created Pass Type Identifier in the process
|
|
|
|
6. Move your new certificate to the My Certificates tab in the keychain
|
|
|
|
7. Export your certificate as a .p12 file (make a note of passphrase)
|
|
|
|
8. Create a text file named AppleDeveloperPassword with your passphrase in it
|
|
|
|
9. Install node.js and download the passkit-keys script
|
|
|
|
10. Create a keys folder and put the .p12 file inside
|
|
|
|
11. Run ./passkit-keys <path to your keys folder>
|
|
|
|
12. copy the .pem file to ~/web/CovidPassApiNet/CovidPassApiNet/AppDeveloperCerticate.pem
|
|
|
|
13. Open keychain - System Keychain - Certificates
|
|
|
|
14. Export Apple Developer Relations Certification Authority to AppleCaCertificate.pem
|
|
|
|
15. chmod 600 Apple*.pem
|
|
|
|
|
|
|
|
(Reminder: pls protect these files as they contain private key and passphrases. Do not add them to your repo.)
|
|
|
|
|
|
|
|
docker build . -t covidpassapinet
|
|
|
|
docker run covidpassapinet -p 80:80
|
|
|
|
|
|
|
|
Repo 3 (https://github.com/billylo1/verifier)
|
|
|
|
|
|
|
|
cd ~/web
|
|
|
|
git clone https://github.com/billylo1/verifier
|
|
|
|
|
|
|
|
sudo npm install -g firebase-tools
|
|
|
|
firebase init
|
|
|
|
sudo apt install default-jre
|
|
|
|
firebase emulators:start
|
|
|
|
|
|
|
|
Repo 4 (https://github.com/billylo1/hit-counter)
|
|
|
|
|
|
|
|
cd ~/web
|
|
|
|
git clone https://github.com/billylo1/hit-counter
|
|
|
|
sudo apt-get install python3.8 python3-pip
|
|
|
|
python3 server.py
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|