bcgov / greenlight

A demonstration of the verifiable organization network showing a new restaurant gathering the permits necessary to open.
Apache License 2.0
34 stars 45 forks source link
citz hyperledger hyperledger-indy verifiable-claims verifiable-credentials verifiable-organizations-network von von-network

GreenLight

GreenLight (an instance of decentralized workFlow) demonstrates a basic application for deploying the VON-X library, in order to enable issuer registration, claims verification, and credential submission to TheOrgBook. It includes Docker tooling for deployment of the application behind a Caddy reverse proxy.

greenlight is being developed as part of the Verifiable Organizations Network (VON). For more information on VON see https://vonx.io. Even, better - join in with what we are doing and contribute to VON and the Indy community.

The GreenLight Business Scenario

The business problem addressed in this demo is a business trying to get Business Permits and Licences in their local municipality. Getting such authorizations are complicated processes, often requiring contacting multiple jurisdictions to acquire multiple credentials - licenses, permits, registrations, etc., each of which may require the presentation of previously acquired credentials from other sources. GreenLight simplifies the problem by:

Running a Complete VON Network

A quick start guide for running a complete local VON Network (including a local Indy Network, an instance of TheOrgBook and GreenLight) can be found in the VON Network Quick Start Guide.

Running Locally

Instructions for running just GreenLight locally can be found in the GreenLight docker folder.

Running a Shared Instance

GreenLight can be run on a server for multiple users. The docker folder provides guidance of what needs to be set up. Likewise, the openshift folder contains an example of deploying GreenLight to a Red Hat OpenShift instance.

Services

Services are defined using config files. See ./config folders for examples of the existing services.

Caveats

On dev machines

Adding a new issuing service to GreenLight

The steps below describe how to add and register a new issuer service to a GreenLight instance.

Prerequisites:

Create Configuration Files

First, create the configuration files for the new issuer service. For more information on creating and setting up the configuration files, please refer to the documentation in von-agent-template.

Update Caddy Configuration

Caddy needs to be configured to support proxying requests to the new agent. To do this, add the following proxy instructions to the Caddyfile, making sure to replace myorg with the mnemonic you previously picked.

proxy /myorg/health {%MYORG_AGENT_HOST%}:{%MYORG_AGENT_PORT%} {
    without /worksafe
}

proxy /myorg {%MYORG_AGENT_HOST%}:{%MYORG_AGENT_PORT%} {
    except /assets
    transparent
    fail_timeout 0
}

Update Docker Configuration

In docker-compose.yml:

myorg-agent: build: context: .. dockerfile: docker/agent/Dockerfile environment: DOCKERHOST: ${DOCKERHOST} APPLICATION_URL: ${APPLICATION_URL:-http://localhost:5000} ENDPOINT_URL: ${ENDPOINT_URL:-http://localhost:5000} CONFIG_ROOT: ../config/agri-agent ENVIRONMENT: ${ENVIRONMENT:-default} INDY_LEDGER_URL: ${LEDGER_URL:-http://localhost:9000} LOG_LEVEL: ${LOG_LEVEL:-} PYTHON_ENV: ${PYTHON_ENV:-development} TOB_API_URL: ${TOB_API_URL:-} TOB_APP_URL: ${TOB_APP_URL:-} POSTGRESQL_WALLET_HOST: ${POSTGRESQL_WALLET_HOST} POSTGRESQL_WALLET_PORT: ${POSTGRESQL_WALLET_PORT} POSTGRESQL_WALLET_USER: ${POSTGRESQL_USER} POSTGRESQL_WALLET_PASSWORD: ${POSTGRESQL_PASSWORD} POSTGRESQL_WALLET_ADMIN_PASSWORD: ${POSTGRESQL_ADMIN_PASSWORD} WALLET_ENCRYPTION_KEY: ${WALLET_ENCRYPTION_KEY} INDY_WALLET_TYPE: ${INDY_WALLET_TYPE} INDY_WALLET_SEED: ${MYORG_WALLET_SEED:-} networks:

...

volumes: myorg-agent-wallet: ...

- add environment variables and dependencies referencing the new agent to the `proxy-dev` and `caddy` services

proxy-dev: image: "abiosoft/caddy:no-stats" environment: ... MYORG_AGENT_HOST: ${MYORG_AGENT_HOST} MYORG_AGENT_PORT: ${MYORG_AGENT_PORT} ... depends_on: ...

...

caddy: image: greenlight environment: ... MYORG_AGENT_HOST: ${MYORG_AGENT_HOST} MYORG_AGENT_PORT: ${MYORG_AGENT_PORT} ... depends_on:

In the manage script in the docker directory:

Update OpenShift Configuration

If you use OpenShift, you will be interested in adding a new deployment configuration for the new agent, and updating the deployment configuration for GreenLight to correctly proxy requests.