Zitadel is an opensource Identity Infrastructure for organizations, with Multi tenancy Support.
This is a template module for NethServer 8.
Instantiate the module with:
add-module ghcr.io/geniusdynamics/zitadel:latest 1The output of the command will return the instance name. Output example:
{"module_id": "zitadel1", "image_name": "zitadel", "image_url": "ghcr.io/geniusdynamics/zitadel:latest"}
Let's assume that the mattermost instance is named zitadel1.
Launch configure-module, by setting the following parameters:
host: a fully qualified domain name for the applicationhttp2https: enable or disable HTTP to HTTPS redirection (true/false)lets_encrypt: enable or disable Let's Encrypt certificate (true/false)
Example:
api-cli run configure-module --agent module/zitadel1 --data - <<EOF
{
"host": "zitadel.domain.com",
"http2https": true,
"lets_encrypt": false
}
EOF
The above command will:
- start and configure the zitadel instance
- configure a virtual host for trafik to access the instance
You can retrieve the configuration with
api-cli run get-configuration --agent module/zitadel1You can forcefully update the module
api-cli run update-module --data '{"module_url":"ghcr.io/geniusdynamics/zitadel:latest","instances":["zitadel1"],"force":true}'To uninstall the instance:
remove-module --no-preserve zitadel1Some configuration settings, like the smarthost setup, are not part of the
configure-module action input: they are discovered by looking at some
Redis keys. To ensure the module is always up-to-date with the
centralized smarthost
setup every time
zitadel starts, the command bin/discover-smarthost runs and refreshes
the state/smarthost.env file with fresh values from Redis.
Furthermore if smarthost setup is changed when zitadel is already
running, the event handler events/smarthost-changed/10reload_services
restarts the main module service.
See also the systemd/user/zitadel.service file.
This setting discovery is just an example to understand how the module is expected to work: it can be rewritten or discarded completely.
some CLI are needed to debug
-
The module runs under an agent that initiate a lot of environment variables (in /home/zitadel1/.config/state), it could be nice to verify them on the root terminal
runagent -m zitadel1 env -
you can become runagent for testing scripts and initiate all environment variables
runagent -m zitadel1
the path become :
echo $PATH
/home/zitadel1/.config/bin:/usr/local/agent/pyenv/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/usr/
Test the module using the test-module.sh script:
./test-module.sh <NODE_ADDR> ghcr.io/geniusdynamics/zitadel:latest
The tests are made using Robot Framework
Translated with Weblate.
To setup the translation process:
- add GitHub Weblate app to your repository
- add your repository to [hosted.weblate.org]((https://hosted.weblate.org) or ask a NethServer developer to add it to ns8 Weblate project
