Install Hermod (docker)
This article describes how to install the Smart ID Messaging component Hermod as a docker image. For information about how to install Hermod as a WAR file, see Install Hermod (WAR file).
From Hermod version 3.5.0, swagger is enabled by default. To view an example, see "Edit Hermod configuration" below.
This instruction is only an example and does not describe a system for production, which typically requires orchestration tools or docker hosting platforms.
Prerequisites for docker installation
A Linux host with docker and docker-compose installed and configured, Windows is not officially supported
A public DNS name which devices can reach
Matching certificates for the public address
An installed instance of an SQL server, for example, PostgreSQL, Microsoft SQL Server, Maria DB, or Oracle
Step-by-step instruction
Download the Hermod docker image and file structure
Sign in to Nexus Support portal.
Go to Nexus Smart ID Clients (Personal and Hermod) > Smart ID Messaging  and select a Hermod version to download the *.zip file.Â
Unpack the *.zip file.
Open the extracted folder, for example, 3.x.y.RELEASE.Â
The folder contains the Hermod installation file and a simple-setup file to set up a default configuration.ÂUnpack simple-setup.zip.Â
Default file structure
The following file structure will be created for configuration and certificate files:
example/
`-- compose
  `-- hermod
    |-- cacerts
    |  `-- clientcert.cer
    |-- certificates
    |  `-- hermod-host-bundle.p12
    |-- config
    |  |-- application.yml -> ./cod-hermod.yml
    |  `-- README.txt
    |-- docker-compose.yml
    |-- postgresql
    |  `-- data
    `-- testdb
Store certificate files in the Hermod structure
Put one or multiple CA certificates in base64 format with .cer file extension in the folder example/compose/hermod/cacerts. The file name cannot contain spaces. Â
Put one or multiple certificate containers, including the whole certificate chain with any intermediate CA certificates, in pkcs#12 format (with a .pfx or .p12 extension) in the folder example/compose/hermod/certificates. The file name cannot contain spaces. Â
You must include intermediate CA certificates.
The certificate containers are referred to from the configuration file application.yml. For more information, see "Edit Hermod configuration".
Load docker image
The docker image can be loaded locally to each machine or to the docker registry and be used remotely from several machines.
Load the released docker image locally on the target host:
Example: Load docker image
> docker load -i hermod-3.x.y.RELEASE.tar
If you have a docker registry, load the image in the docker registry.
Edit docker compose configuration
File path: example/compose/hermod/docker-compose.yml
Edit the configuration file docker-compose.yml with the correct values for your environment.
The default value for the context path and URI base is /hermod/rest/ (that is http://localhost:20400/hermod/rest/...).
ExampleÂ
You can change the context path and URI base for your specific configuration. For example, if you want to change the context path and URI base to empty values, change the start command for Hermod in docker-compose.yml:
Example: Hermod start command
You must also set the URI base to empty in the Hermod configuration.
Edit Hermod configuration
Default file path: example/compose/hermod/config/application.yml.
Edit the configuration file config/application.yml with the correct values for your environment.
Change URIbase
To change the uribase, for example, set the corresponding variable to empty, in the application.yml configuration file:
Example: Set uribase to empty
Initialize database
Start the specified database. See Docker compose configuration file. This example show how to start PostgreSQL.Â
Example: Start PostgreSQL
Connect to your database and run the SQL ddl for the specific vendor or version, for example, postgresql/V3.1.1__base_version.sql.
Start Hermod and Hermod test app
Start Hermod with the following command:
Example: Start Hermod
To install and start the Hermod test application, see Install Hermod test app. The test application can be used for basic tests.
Verify SSL certificate of Hermod public URL
Make sure that the public URL that has been configured in Hermod has a valid and trusted SSL certificate. To verify this, open the Hermod public URL in a browser and make sure the connection is secure, by viewing the padlock in the browser bar.
Example: Hermod public URL
Additional information
Copyright 2024 Technology Nexus Secured Business Solutions AB. All rights reserved.
Contact Nexus | https://www.nexusgroup.com | Disclaimer | Terms & Conditions