This page will give you guidance on using the MIRACL Trust SSO Docker image found at
These instructions assume that you already followed the Installation / Quick Start instructions and learned how to successfully configure your IdP with a Service Provider.
The steps below make use of a local config.yaml file to run a Docker container which references a set of config files stored in Consul. The local config.yaml has only one include which points to the Consul config url, while Consul stores config files just as described in the Overview and Installation / Quick Start instructions
What follows is a quick 'n' dirty step-by-step guide to getting a Docker container running, which should give you an understanding of the necessary components and what command line options need to be passed in order to run the MIRACL Trust SSO docker image.
Run redis on your host machine:
sudo apt update && sudo apt install redis-server
sudo service redis-server start
Run consul in a docker container:
docker run -d --name=consul -p 8300:8300 -p 8500:8500 --net=host gliderlabs/consul-server -bootstrap -advertise=127.0.0.1
Note that the option --net=host means that it is connected to your host network and so will be accessible to the srv-idp docker container.
http://127.0.0.1:8500 and set up the necessary config files in key/value, including config.yaml to list the includes, core.yaml to store the server details, client id and secret; plus server certificates. As well as the relevant Service Provider config in the service_providers sub-folder:
Then run the srv-idp container:
docker run -p 8000:8000 --network host -v /home/user/srv-idp-test/config.yaml:/etc/config.yaml miraclpublic/miracl-srv-idp:latest -c /etc/config.yaml
The --net=host option means that the srv-idp container will be able to talk to both redis and the consul container running on your host network.
/home/user/srv-idp-test/config.yaml should contain the correct consul url as an include:
includes: - http://127.0.0.1:8500/v1/kv/config/srv-idp/config.yaml?raw
Note that ?raw needs to be specified to access the contents of the file stored on consulTop