# Cloud sandbox powered by FIWARE

## About the open source GPL3 license and copyright for this product

Copyright (c) 2024 Computate Limited Liability Company in Utah, USA

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program.  If not, see <https://www.gnu.org/licenses/>.

ADDITIONAL TERMS

As stated in section 7. c) and e) of the GPL3 license, 
"you may supplement the terms of this License with terms," 
Computate has added the following additional terms to the license: 

  7 c) Prohibiting misrepresentation of the origin of that material, and
    requiring that modified versions of such material be marked in
    reasonable ways as different from the original version;

  7 e) Declining to grant rights under trademark law for use of some
    trade names, trademarks, or service marks;

Please do not redistribute this course until you have built your own platform with these tools, 
separate from the computate.org platform, and reconfigure your fork of this repo to deploy 
your own platform instead of the computate.org platform. 

QUESTIONS

For questions about this open source license, please contact our public mailing list at computate@group.computate.org


## Switch to the Python 3.9 Kernel

When opening this Jupyter Notebook in VSCode, you will need to switch to the Jupyter 3.9 Kernel. 

# Deploy secrets

## Zookeeper configuration

Create a secret for connecting to Zookeeper. 

In [None]:
%%bash
eval $(env SITE_NAMESPACE="$(oc project -q)" ./vars.py)
cat <<EOF | oc apply -f -
apiVersion: v1
kind: Secret
metadata:
  name: $SITE_SHORT_NAME-zookeeper
type: Opaque
stringData:
  ENABLE_ZOOKEEPER_CLUSTER: "true"
  ZOOKEEPER_HOST_NAME: "$ZOOKEEPER_HOST_NAME"
  ZOOKEEPER_PORT: "$ZOOKEEPER_PORT"
  ZOOKEEPER_MAX_RETRIES: "$ZOOKEEPER_MAX_RETRIES"
  ZOOKEEPER_BASE_SLEEP_TIME_MILLIS: "$ZOOKEEPER_BASE_SLEEP_TIME_MILLIS"
  ZOOKEEPER_MAX_SLEEP_MILLIS: "$ZOOKEEPER_MAX_SLEEP_MILLIS"
  ZOOKEEPER_CONNECTION_TIMEOUT_MILLIS: "$ZOOKEEPER_CONNECTION_TIMEOUT_MILLIS"
  ZOOKEEPER_SESSION_TIMEOUT_MILLIS: "$ZOOKEEPER_SESSION_TIMEOUT_MILLIS"
  CLUSTER_PUBLIC_PORT: "$CLUSTER_PUBLIC_PORT"
EOF
oc extract secret/$SITE_SHORT_NAME-zookeeper --to=-
echo DONE

## Solr configuration

Create a secret for connecting to Solr. 

In [None]:
%%bash
eval $(env SITE_NAMESPACE="$(oc project -q)" ./vars.py)
cat <<EOF | oc apply -f -
apiVersion: v1
kind: Secret
metadata:
  name: $SITE_SHORT_NAME-solr
type: Opaque
stringData:
  SOLR_SSL: "false"
  SOLR_HOST_NAME: "solr"
  SOLR_PORT: "8983"
  SOLR_COLLECTION: "$SOLR_COLLECTION"
  SOLR_USERNAME: "$SOLR_USERNAME"
  SOLR_PASSWORD: "$SOLR_PASSWORD"
EOF
oc extract secret/$SITE_SHORT_NAME-solr --to=-
echo DONE

## Database configuration

Create a secret for connecting to the database. 

In [None]:
%%bash
eval $(env SITE_NAMESPACE="$(oc project -q)" ./vars.py)
cat <<EOF | oc apply -f -
apiVersion: v1
kind: Secret
metadata:
  name: $SITE_SHORT_NAME-database
type: Opaque
stringData:
  ENABLE_DATABASE: "$ENABLE_DATABASE"
  DATABASE_HOST_NAME: "$DATABASE_HOST_NAME"
  DATABASE_PORT: "$DATABASE_PORT"
  DATABASE_USERNAME: "$DATABASE_USERNAME"
  DATABASE_PASSWORD: "$DATABASE_PASSWORD"
  DATABASE_DATABASE: "$DATABASE_DATABASE"
EOF
oc extract secret/$SITE_SHORT_NAME-database --to=-
echo DONE

## Auth configuration

Create a secret for authentication with Keycloak. 

In [None]:
%%bash
eval $(env SITE_NAMESPACE="$(oc project -q)" ./vars.py)
cat <<EOF | oc apply -f -
apiVersion: v1
kind: Secret
metadata:
  name: $SITE_SHORT_NAME-auth
type: Opaque
stringData:
  AUTH_HOST_NAME: "$AUTH_HOST_NAME"
  AUTH_PORT: "$AUTH_PORT"
  AUTH_SSL: "$AUTH_SSL"
  AUTH_SSL_REQUIRED: "$AUTH_SSL_REQUIRED"
  AUTH_REALM: "$AUTH_REALM"
  AUTH_CLIENT: "$AUTH_CLIENT"
  AUTH_SECRET: "$AUTH_SECRET"
  AUTH_ADMIN_USERNAME: "$AUTH_ADMIN_USERNAME"
  AUTH_ADMIN_PASSWORD: "$AUTH_ADMIN_PASSWORD"
  AUTH_URL: "$AUTH_URL"
  AUTH_TOKEN_URI: "$AUTH_TOKEN_URI"
  AUTH_OPEN_API_ID: "$AUTH_OPEN_API_ID"
  AUTH_CALLBACK_URI: "$AUTH_CALLBACK_URI"
  AUTH_LOGOUT_URI: "$AUTH_LOGOUT_URI"
  AUTH_SCOPE_ADMIN: "$AUTH_SCOPE_ADMIN"
  AUTH_SCOPE_SUPER_ADMIN: "$AUTH_SCOPE_SUPER_ADMIN"
  AUTH_FINE_GRAINED_POLICY_PERMISSIONS: "$AUTH_FINE_GRAINED_POLICY_PERMISSIONS"
EOF
oc extract secret/$SITE_SHORT_NAME-auth --to=-
echo DONE

## RabbitMQ configuration

Create a secret for connecting to the RabbitMQ broker. 

In [None]:
%%bash
eval $(env SITE_NAMESPACE="$(oc project -q)" ./vars.py)
cat <<EOF | oc apply -f -
apiVersion: v1
kind: Secret
metadata:
  name: $SITE_SHORT_NAME-rabbitmq
type: Opaque
stringData:
  ENABLE_RABBITMQ: "$ENABLE_RABBITMQ"
  RABBITMQ_PORT: "$RABBITMQ_PORT"
  RABBITMQ_HOST_NAME: "$RABBITMQ_HOST_NAME"
  RABBITMQ_USERNAME: "$RABBITMQ_USERNAME"
  RABBITMQ_PASSWORD: "$RABBITMQ_PASSWORD"
  RABBITMQ_VIRTUAL_HOST: "$RABBITMQ_VIRTUAL_HOST"
EOF
oc extract secret/$SITE_SHORT_NAME-rabbitmq --to=-
echo DONE

## Context Broker configuration

Create a secret for connecting to the FIWARE Context Broker. 

In [None]:
%%bash
eval $(env SITE_NAMESPACE="$(oc project -q)" ./vars.py)
cat <<EOF | oc apply -f -
apiVersion: v1
kind: Secret
metadata:
  name: $SITE_SHORT_NAME-context-broker
type: Opaque
stringData:
  CONTEXT_BROKER_SSL: "$CONTEXT_BROKER_SSL"
  CONTEXT_BROKER_HOST_NAME: "$CONTEXT_BROKER_HOST_NAME"
  CONTEXT_BROKER_PORT: "$CONTEXT_BROKER_PORT"
EOF
oc extract secret/$SITE_SHORT_NAME-context-broker --to=-
echo DONE

## Site configuration

Create a secret for the site configuration. 

In [None]:
%%bash
eval $(env SITE_NAMESPACE="$(oc project -q)" ./vars.py)
cat <<EOF | oc apply -f -
apiVersion: v1
kind: Secret
metadata:
  name: $SITE_SHORT_NAME-site
type: Opaque
stringData:
  CONTEXT_BROKER_SSL: "$CONTEXT_BROKER_SSL"
  CONTEXT_BROKER_HOST_NAME: "$CONTEXT_BROKER_HOST_NAME"
  CONTEXT_BROKER_PORT: "$CONTEXT_BROKER_PORT"
  SITE_ZONE: "$SITE_ZONE"
  SITE_LOCALE: "$SITE_LOCALE"
  SITE_PORT: "$SITE_PORT"
  SITE_NAME: "$SITE_NAME"
  SITE_HOST_NAME: "$SITE_SHORT_NAME-$OPENSHIFT_AI_WORKBENCH.$OPENSHIFT_APPS_DOMAIN"
  SITE_BASE_URL: "https://$SITE_SHORT_NAME-$OPENSHIFT_AI_WORKBENCH.$OPENSHIFT_APPS_DOMAIN"
  SITE_PUBLIC_URL: "https://$SITE_SHORT_NAME-$OPENSHIFT_AI_WORKBENCH.$OPENSHIFT_APPS_DOMAIN"
  CLUSTER_PORT: "$CLUSTER_PORT"
  CLUSTER_PUBLIC_PORT: "$CLUSTER_PUBLIC_PORT"
  SSL_VERIFY: "$SSL_VERIFY"
  SITE_INSTANCES: "$SITE_INSTANCES"
  WORKER_POOL_SIZE: "$WORKER_POOL_SIZE"
  VERTX_MAX_EVENT_LOOP_EXECUTE_TIME: "$VERTX_MAX_EVENT_LOOP_EXECUTE_TIME"
  VERTX_MAX_WORKER_EXECUTE_TIME: "$VERTX_MAX_WORKER_EXECUTE_TIME"
  VERTX_WARNING_EXCEPTION_SECONDS: "$VERTX_WARNING_EXCEPTION_SECONDS"
  NUMBER_EXECUTORS: "$NUMBER_EXECUTORS"
  GITHUB_ORG: "$GITHUB_ORG"
  SITE_STATIC_NAME: "$SITE_STATIC_NAME"
  SITE_STATIC_REPO: "$SITE_STATIC_REPO"
  STATIC_PATH: "/home/default/smart-aquaculture-static/webawesome"
  STATIC_BASE_URL: "https://$SITE_SHORT_NAME-$OPENSHIFT_AI_WORKBENCH.$OPENSHIFT_APPS_DOMAIN/static"
  SITE_LOGO_URI: "$SITE_LOGO_URI"
  TEMPLATE_PATH: "/home/default/$SITE_NAME-static/webawesome/templates"
  FONTAWESOME_KIT: '$FONTAWESOME_KIT'
  FONTAWESOME_STYLE: '$FONTAWESOME_STYLE'
  WEB_COMPONENTS_PREFIX: '$WEB_COMPONENTS_PREFIX'
  WEB_COMPONENTS_CSS: '$WEB_COMPONENTS_CSS'
  WEB_COMPONENTS_JS: '$WEB_COMPONENTS_JS'
  SITE_THEME: '$SITE_THEME'
  SITE_POWERED_BY_NAME: "Red Hat Developer Sandbox"
  SITE_POWERED_BY_URL: "https://developers.redhat.com/developer-sandbox"
  SITE_POWERED_BY_IMAGE_URI: "/svg/openshift.svg"
  DEFAULT_MAP_LOCATION: '$DEFAULT_MAP_LOCATION'
  DEFAULT_MAP_ZOOM: "$DEFAULT_MAP_ZOOM"
  ENABLE_IMPORT_DATA: "$ENABLE_IMPORT_DATA"
  PUBLIC_SEARCH_URI: "/search"
  USER_SEARCH_URI: "/user-search"
EOF
oc extract secret/$SITE_SHORT_NAME-context-broker --to=-
echo DONE

## Next...
If you have successfully ran all of the commands above, congratulations, you are ready to move on to the next notebook in the course. 

- If you have additional questions or issues, please [create an issue for the course here](https://github.com/computate-org/smart-aquaculture-cloud-sandbox/issues). 
- Otherwise, please continue to the next document [14-create-auth-permissions.ipynb](14-create-auth-permissions.ipynb). 
