Docker Deployments Quick Start

Warning

This image is for testing and development purposes only. Use Janssen helm deployments for production setups.

The quickest way to get a Janssen Server up and running is to install a Docker container-based fully featured Janssen Server using the All-In-One (AIO) script.

System Requirements

System should meet the following requirements:

- 8 GB RAM
- 4 CPU
- 20 GB Disk

Install

To deploy the AIO Janssen Server, first download the installation script and make it executable:

wget https://raw.githubusercontent.com/JanssenProject/jans/vreplace-janssen-version/automation/start_janssen_aio_demo.sh 
chmod u+x start_janssen_aio_demo.sh

Next, execute the script. You will need to provide your fully qualified domain name (FQDN), the persistence type (MYSQL or PGSQL), the Janssen version (leave empty "" for the default), and your Virtual Machine's IP address in place of <VM_IP>.

MySQLPostgreSQL

sudo bash start_janssen_aio_demo.sh demoexample.jans.io MYSQL "" <VM_IP>

sudo bash start_janssen_aio_demo.sh demoexample.jans.io PGSQL "" <VM_IP>

Console messages like below will confirm the successful startup and readiness of the services:

[I] Janssen is starting up!
[I] To check the progress, run 'docker compose logs -f' in a separate terminal
[I] Checking if Janssen is ready to accept requests (expected time ~3–5 minutes) ...
[I] Waiting 120 seconds for services to initialize before starting health checks. Hang on...
[W] Janssen is not ready yet; retrying in 10 seconds ...
[I] Janssen is ready to accept request

Verify Installation By Accessing Standard Endpoints

To access Janssen Server standard endpoints from outside of the Docker container, your system's /etc/hosts file needs to be updated. Open the file and add the IP domain record, which should be the IP of the instance where Docker is installed (your <VM_IP>), followed by the hostname used during installation (demoexample.jans.io).

# For example
172.22.0.3      demoexample.jans.io

After adding the record, test the standard endpoints such as:

https://demoexample.jans.io/.well-known/openid-configuration

Configure Janssen Server

Janssen Server can be configured using the Text-based User Interface (TUI).

1. Download the jans-cli-tui:

   wget https://github.com/JanssenProject/jans/releases/download/vreplace-janssen-version/jans-cli-tui-linux-ubuntu-X86-64.pyz
   

2. To connect to the TUI, you need your FQDN, Client ID, and Client Secret. Since the AIO deployment stores configurations in Consul and Vault, you can extract these credentials directly from the running Docker containers.

   Run the following commands on your host machine to store the credentials in environment variables:

   FQDN="demoexample.jans.io" # Replace with your actual FQDN
   
   # Extract Client ID from Consul
   TUI_CLIENT_ID=$(docker exec consul consul kv get jans/config/tui_client_id)
   
   # Extract Root Token and Client Secret from Vault
   VAULT_TOKEN=$(docker exec vault grep 'Initial Root Token' /vault/config/vault_key_token.txt | awk -F ': ' '{print $2}')
   TUI_CLIENT_SECRET=$(docker exec -e VAULT_TOKEN=$VAULT_TOKEN vault vault read -field=value secret/jans/tui_client_pw)
   

3. Connect to the TUI using the downloaded .pyz file and the extracted credentials. (Note: add -noverify if you are using the self-signed certificates generated by the demo script).

   python3 jans-cli-tui-linux-ubuntu-X86-64.pyz --host $FQDN --client-id $TUI_CLIENT_ID --client-secret $TUI_CLIENT_SECRET -noverify
   

4. Note that the default admin password is Test1234#

Uninstall / Remove the Janssen Server

This Docker-based installation uses docker compose under the hood to create the network and containers, and it stores volume data and templates in a local jans-aio-demo directory.

Run the command below in the same directory where you executed the installation script to stop the containers, remove them, and clean up the generated files and volumes:

sudo docker compose -f compose.yaml down -v

Console messages like below confirm the successful removal:

[+] down 6/6
✔ Container jans        Removed                                                                                                            3.8s
✔ Container traefik     Removed                                                                                                            0.9s
✔ Container mysql       Removed                                                                                                            3.8s
✔ Container vault       Removed                                                                                                           10.4s
✔ Container consul      Removed                                                                                                            0.2s
✔ Network jans-aio-demo Removed                                                                                                            0.1s