Setup Apache & Keycloak locally (beta)

Prerequisites

• You have docker /docker desktop installed on your computer.
• You have access to a copy of TIS Stage/Prod data.
• You have added "127.0.0.1 local.tis.com" in your /etc/hosts file (C:\Windows\System32\drivers\etc\hosts for Windows).

Set up TIS core services with dev-handbook

• Clone dev-handbook, go to the "dev-handbook/admins-ui/environment-setup", and do `docker-compose up` to bring docker containers up. 
• Stop the docker containers "tis-nginx", "tis-admins-ui", as we're going to use another nginx container and the built scripts of admins-ui.
• To setup Keycloak together with Admins-UI, the necessary containers we have to start up include: 

tis-mysql
tis-rabbitmq
tis-elasticsearch
tis-profile
tis-reference
tis-tcs

• Build TIS-ADMINS-UI: do `npm run build` and then you would notice an `admin` folder is created under the project folder.

Configure MySQL database

1. If you've already got MySQL db setup locally with data, skip this step and go to step 2.
   Get a copy of tis backup db data from S3 bucket (this could be either Prod or Stage) and upzip it on your local.
   After tis-mysql docker container is started up, import data into MySQL . (If you have no idea how to do this, please check with one of other devs).

2. Run `docker exec -it tis-mysql bash` on your command line, then in the new bash env, type `mysql` to login, and modify the password of MySQL user `keycloak` by executing the following command:

   alter user 'keycloak'@'%' identified by '11111111';

3. Run the following scripts in command line or via MySQL Workbench:

   use keycloak;
   
   -- clear admin user in keycloak
   SET @user_id = (SELECT ID FROM USER_ENTITY where username = "admin");
   delete from CREDENTIAL where user_id = @user_id;
   delete from USER_ROLE_MAPPING where user_id = @user_id;
   delete from USER_ENTITY where id = @user_id;
   
   SET @api_gateway_client_id = (select ID from CLIENT where CLIENT_ID = 'api-gateway' and REALM_ID = (SELECT ID FROM keycloak.REALM where NAME = 'lin'));
   
   -- reset secret for api-gateway
   update CLIENT
   set SECRET = 'local11111111' where ID = @api_gateway_client_id;
   
   -- reset redirect_uris
   delete from REDIRECT_URIS where CLIENT_ID = @api_gateway_client_id;
   insert into REDIRECT_URIS values(@api_gateway_client_id, '/admin/redirect_uri');
   insert into REDIRECT_URIS values(@api_gateway_client_id, '*');
   insert into REDIRECT_URIS values(@api_gateway_client_id, 'http://localhost/*');
   insert into REDIRECT_URIS values(@api_gateway_client_id, '/access/index.html');
   insert into REDIRECT_URIS values(@api_gateway_client_id, '/logout/index.html');
   
   -- reset web_origins
   update WEB_ORIGINS
   set value = 'https://local.tis.com' where CLIENT_ID = @api_gateway_client_id;

Configure Keycloak + Apache + Nginx

• Please clone https://github.com/Health-Education-England/TIS-APACHE-SETUP to get started and use the branch "chore/setup_with_local_credentials".
• Update the 3nd nginx volumn to map the folder of your local TIS-ADMINS-UI admin folder for Nginx to host.
• do `docker-compose up` to start up all of these 3 docker containers.

After that, you will be able to access your local Nginx console - url: "http://local.tis.com/auth", username: admin, password: 11111111
and Admins-UI - url: "http://local.tis.com/admin", username and password will be your Stage/Prod credential depends on what backup data you imported.