I am trying to setup for local development but couldn’t do that. What I have done are:
1. Install Docker
2. Rename .env_exmaple to .env which looks like this:
# This is a sample .env file. Update and add variables in here as needed, and
# rename to `.env`. These are mostly used in dev and test environments -- prod
# variables are loaded at runtime from the Omnibus package.
# Set the EXTERNAL_URL
EXTERNAL_URL=http://localhost:4000
# Enable local authentication
LOCAL_AUTH_ENABLED=true
# Generated with `jq @json < .oidc_env.json`
# Set AUTH_OIDC to a JSON configuration string to enable
# generic OIDC auth.
#export AUTH_OIDC="{\"google\":{\"discovery_document_uri\":\"https://accounts.google.com/.well-known/openid-configuration\",\"client_id\":\"1032390727302-u0lg90d3i1ive15lv7qgtbkka0hnsmgr.apps.googleusercontent.com\",\"client_secret\":\"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\",\"redirect_uri\":\"https://example.com/session\",\"response_type\":\"code\",\"scope\":\"openid email profile\",\"label\":\"Google\"},\"okta\":{\"discovery_document_uri\":\"https://accounts.google.com/.well-known/openid-configuration\",\"client_id\":\"CLIENT_ID\",\"client_secret\":\"CLIENT_SECRET\",\"redirect_uri\":\"https://example.com/session\",\"response_type\":\"code\",\"scope\":\"openid email profile\",\"label\":\"Okta\"}}"
# Convenient overrides for live testing Firezone in dev
# NFT_PATH=/path/to/nft
EGRESS_INTERFACE=eth0
FZ_WALL_CLI_MODULE=FzWall.CLI.Live
3. Run env $(cat .env | grep -v \# | xargs) mix test
4. Run docker comands
docker compose build
docker compose up -d postgres
docker compose run --rm firezone mix ecto.setup
docker compose up
But I can’t login with default credential firezone@localhost / firezone1234
These two commands don’t respond
docker compose exec client ping 172.28.0.99
docker compose exec client curl -k 172.28.0.99:8443/hello: this should return HELLO text.
In the docker logs I got some of errors and warnings
firezone-caddy-1 | {"level":"info","ts":1670808201.180104,"msg":"using provided configuration","config_file":"/etc/caddy/Caddyfile","config_adapter":"caddyfile"}
firezone-caddy-1 | {"level":"warn","ts":1670808201.1813128,"msg":"Caddyfile input is not formatted; run the 'caddy fmt' command to fix inconsistencies","adapter":"caddyfile","file":"/etc/caddy/Caddyfile","line":2}
firezone-postgres-1 | 2022-12-12 01:23:21.181 UTC [1] LOG: database system is ready to accept connections
firezone-caddy-1 | {"level":"info","ts":1670808201.1822703,"logger":"admin","msg":"admin endpoint started","address":"localhost:2019","enforce_origin":false,"origins":["//localhost:2019","//[::1]:2019","//127.0.0.1:2019"]}
firezone-caddy-1 | {"level":"info","ts":1670808201.1826,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0xc0003b87e0"}
firezone-caddy-1 | {"level":"info","ts":1670808201.183058,"logger":"http","msg":"server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS","server_name":"srv0","https_port":443}
firezone-caddy-1 | {"level":"info","ts":1670808201.1830697,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv0"}
firezone-caddy-1 | {"level":"info","ts":1670808201.1965253,"logger":"pki.ca.local","msg":"root certificate is already trusted by system","path":"storage:pki/authorities/local/root.crt"}
firezone-caddy-1 | {"level":"info","ts":1670808201.1966274,"logger":"http","msg":"enabling HTTP/3 listener","addr":":443"}
firezone-caddy-1 | {"level":"info","ts":1670808201.196697,"msg":"failed to sufficiently increase receive buffer size (was: 208 kiB, wanted: 2048 kiB, got: 416 kiB). See https://github.com/lucas-clemente/quic-go/wiki/UDP-Rece
ive-Buffer-Size for details."}
firezone-caddy-1 | {"level":"info","ts":1670808201.1967385,"logger":"tls","msg":"cleaning storage unit","description":"FileStorage:/data/caddy"}
firezone-caddy-1 | {"level":"info","ts":1670808201.196958,"logger":"tls","msg":"finished cleaning storage units"}
firezone-caddy-1 | {"level":"info","ts":1670808201.1969955,"logger":"http.log","msg":"server running","name":"srv0","protocols":["h1","h2","h3"]}
firezone-caddy-1 | {"level":"info","ts":1670808201.197018,"logger":"http.log","msg":"server running","name":"srv1","protocols":["h1","h2","h3"]}
firezone-caddy-1 | {"level":"info","ts":1670808201.197033,"logger":"http.log","msg":"server running","name":"remaining_auto_https_redirects","protocols":["h1","h2","h3"]}
firezone-caddy-1 | {"level":"info","ts":1670808201.1970882,"logger":"http","msg":"enabling automatic TLS certificate management","domains":["localhost"]}
firezone-caddy-1 | {"level":"warn","ts":1670808201.1972864,"logger":"tls","msg":"stapling OCSP","error":"no OCSP stapling for [localhost]: no OCSP server specified in certificate","identifiers":["localhost"]}
firezone-caddy-1 | {"level":"info","ts":1670808201.1974475,"msg":"autosaved config (load with --resume flag)","file":"/config/caddy/autosave.json"}
firezone-caddy-1 | {"level":"info","ts":1670808201.1974525,"msg":"serving initial configuration"}
and from keycloak container
firezone-keycloak-1 | 2022-12-12 01:23:22,853 INFO [org.keycloak.quarkus.runtime.hostname.DefaultHostnameProvider] (main) Hostname settings: Base URL: <unset>, Hostname: <request>, Strict HTTPS: false, Path: <request>, Strict
BackChannel: false, Admin URL: <unset>, Admin: <request>, Port: -1, Proxied: false
firezone-keycloak-1 | 2022-12-12 01:23:23,793 WARN [io.quarkus.agroal.runtime.DataSources] (main) Datasource <default> enables XA but transaction recovery is not enabled. Please enable transaction recovery by setting quarkus.t
ransaction-manager.enable-recovery=true, otherwise data may be lost if the application is terminated abruptly
firezone-keycloak-1 | 2022-12-12 01:23:24,165 WARN [org.infinispan.PERSISTENCE] (keycloak-cache-init) ISPN000554: jboss-marshalling is deprecated and planned for removal
firezone-keycloak-1 | 2022-12-12 01:23:24,217 WARN [org.infinispan.CONFIG] (keycloak-cache-init) ISPN000569: Unable to persist Infinispan internal caches as no global state enabled
firezone-keycloak-1 | 2022-12-12 01:23:24,225 INFO [org.infinispan.CONTAINER] (keycloak-cache-init) ISPN000556: Starting user marshaller 'org.infinispan.jboss.marshalling.core.JBossUserMarshaller'
firezone-keycloak-1 | 2022-12-12 01:23:24,363 INFO [org.infinispan.CONTAINER] (keycloak-cache-init) ISPN000128: Infinispan version: Infinispan 'Triskaidekaphobia' 13.0.10.Final
firezone-keycloak-1 | org.h2.message.DbException: Log file error: "/opt/keycloak/data/h2/keycloakdb.trace.db", cause: "org.h2.message.DbException: Error while creating file ""/opt/keycloak/data/h2"" [90062-214]" [90034-214]
firezone-keycloak-1 | org.h2.message.DbException: Log file error: "/opt/keycloak/data/h2/keycloakdb.trace.db", cause: "org.h2.message.DbException: Error while creating file ""/opt/keycloak/data/h2"" [90062-214]" [90034-214]
firezone-keycloak-1 | at org.h2.message.DbException.get(DbException.java:212)
firezone-keycloak-1 | at org.h2.message.TraceSystem.logWritingError(TraceSystem.java:294)
firezone-keycloak-1 | at org.h2.message.TraceSystem.openWriter(TraceSystem.java:315)
firezone-keycloak-1 | at org.h2.message.TraceSystem.writeFile(TraceSystem.java:263)
firezone-keycloak-1 | at org.h2.message.TraceSystem.write(TraceSystem.java:247)
firezone-keycloak-1 | at org.h2.message.Trace.error(Trace.java:187)
firezone-keycloak-1 | at org.h2.engine.Database.<init>(Database.java:395)
firezone-keycloak-1 | at org.h2.engine.Engine.openSession(Engine.java:92)
firezone-keycloak-1 | at org.h2.engine.Engine.openSession(Engine.java:222)
firezone-keycloak-1 | at org.h2.engine.Engine.createSession(Engine.java:201)
firezone-keycloak-1 | at org.h2.engine.SessionRemote.connectEmbeddedOrServer(SessionRemote.java:338)
firezone-keycloak-1 | at org.h2.jdbc.JdbcConnection.<init>(JdbcConnection.java:122)
firezone-keycloak-1 | at org.h2.jdbcx.JdbcDataSource.getXAConnection(JdbcDataSource.java:322)
firezone-keycloak-1 | at io.agroal.pool.ConnectionFactory.createConnection(ConnectionFactory.java:232)
firezone-keycloak-1 | at io.agroal.pool.ConnectionPool$CreateConnectionTask.call(ConnectionPool.java:535)
firezone-keycloak-1 | at io.agroal.pool.ConnectionPool$CreateConnectionTask.call(ConnectionPool.java:516)
firezone-keycloak-1 | at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
firezone-keycloak-1 | at io.agroal.pool.util.PriorityScheduledExecutor.beforeExecute(PriorityScheduledExecutor.java:75)
firezone-keycloak-1 | at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1126)
firezone-keycloak-1 | at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
firezone-keycloak-1 | at java.base/java.lang.Thread.run(Thread.java:829)
firezone-keycloak-1 | Caused by: org.h2.jdbc.JdbcSQLNonTransientException: Log file error: "/opt/keycloak/data/h2/keycloakdb.trace.db", cause: "org.h2.message.DbException: Error while creating file ""/opt/keycloak/data/h2"" [90
062-214]" [90034-214]
firezone-keycloak-1 | at org.h2.message.DbException.getJdbcSQLException(DbException.java:554)
firezone-keycloak-1 | at org.h2.message.DbException.getJdbcSQLException(DbException.java:477)
firezone-keycloak-1 | ... 21 more