This guide provides step-by-step instructions for installing DIGIT. This is a preferable method for setting up production environment. You should be well versed with DevOps concepts.
Once all the deployments configs are ready, run the command given below. Input the necessary details as prompted on the screen and the interactive installer will take care of the rest.
root@ip:# cd DIGIT-DevOps/deploy-as-code/deployer
root@ip:# go run standalone_installer.go
#Be prepared for the following questions
1. Do you have the Kubernetes Setup?
2. Provide the path of the intented env kubeconfig file
3. Which version of the DIGIT that you want to install
4. What DIGIT Modules that you choose to install (Choose PGR)
5. All, done, Now do you want to preview the deployment manifests
6. Are you good to proceed with the DIGIT Installation
All Done.
All done, wait and watch for 10 min. The DIGIT setup is complete, and the application will run on the URL.
Note:
If you do not have your domain yet, you can edit the host file entries and map the nginx-ingress-service load balancer id like below
When you find it, add the following lines to the host file, save and close it.
aws-load-balancer-id digit.try.com
If you have a GoDaddy account or similar and a DNS records edit access you can map the load balancer id to desired DNS. Create a cname record with the load balancer ID and domain.
You can now test the DIGIT application status in the command prompt/terminal using the command below.
curl -Is https://digit.try.com/employee/login | head -n 1
OutPut:
HTTP/2 200
Prepare Deployment Configuration
Steps to prepare the deployment configuration file
It's important to prepare a global deployment configuration yaml file that contains all necessary user-specific custom values like URL, gateways, persistent storage ids, DB details etc.
Post-Kubernetes Cluster setup, the deployment consists of 2 stages. As part of this sample exercise, we can deploy PGR and show the required configurations. The deployment steps are similar for all other modules except that the prerequisites differ depending on required features like SMS Gateway, Payment Gateway, etc.
Steps To Prepare Deployment Configuration File
Navigate to the following file in your local machine from the previously cloned DevOps git repository.
Deployment Config Template
// Copy the content and replace your details at the marked places
global:
domain: <Domain> ## Add your Domain Name Eg: digit.try.com
cluster-configs:
namespaces:
create: true
values: [ backbone, cert-manager, egov, es-cluster, kafka-kraft, logging, monitoring, playground ]
root-ingress:
cert-issuer: letsencrypt-prod
configmaps:
egov-config:
data:
db-host: <db-host name> ## Add db-host name eg: egov-demo.database.azure.com
db-name: <db-name> ## Add db-name
db-url: <Add jdbc-url" ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo
domain: "your Domain Name" ## Add your Domain Name
egov-services-fqdn-name: "https://<Domain Name>/" ## Add your Domain Name
egov-state-level-tenant-id: "pg"
s3-assets-bucket: "s3-assets-bucket name" ## Add s3-assets-bucket name
## Do not Change
es-host: "elasticsearch-data-v1.es-cluster"
es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/"
flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa"
kafka-brokers: "kafka-v2.kafka-cluster:9092"
kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092
logging-level-jdbc: "DEBUG"
mobile-validation-workaround: "true"
serializers-timezone-in-ist: "true"
server-tomcat-max-connections: "500"
server-tomcat-max-threads: "10"
sms-enabled: "true"
spring-datasource-tomcat-initialSize: "1"
spring-datasource-tomcat-max-active: "2"
spring-jpa-show-sql: "true"
timezone: Asia/Kolkata
tracer-errors-provideexceptionindetails: "true"
egov-service-host: ## Change only if have changed the defaults
data:
billing-service: http://billing-service.egov:8080/
collection-services: http://collection-services.egov:8080/
collection-search-indexer: http://collection-search-indexer.egov:8080/
dashboard-analytics: http://dashboard-analytics.egov:8080/
dashboard-ingest: http://dashboard-ingest.egov:8080/
egov-common-masters: http://egov-common-masters.egov:8080/
egov-apportion-service: http://egov-apportion-service.egov:8080/
egf-master: http://egf-master.egov:8080/
egf-instrument: http://egf-instrument.egov:8080/
egov-accesscontrol: http://egov-accesscontrol.egov:8080/
egov-user: http://egov-user.egov:8080/
egov-location: http://egov-location.egov:8080/
egov-filestore: http://egov-filestore.egov:8080/
egov-localization: http://egov-localization.egov:8080/
egov-idgen: http://egov-idgen.egov:8080/
egov-otp: http://egov-otp.egov:8080/
egov-mdms-service: http://egov-mdms-service.egov:8080/
egov-mdms-create: http://egov-mdms-create.egov:8080/
egov-enc-service: http://egov-enc-service.egov:8080/
egov-workflow-v2: http://egov-workflow-v2.egov:8080/
egov-searcher: http://egov-searcher.egov:8080/
egov-data-uploader: http://egov-data-uploader.egov:8080/
egov-indexer: http://egov-indexer.egov:8080/
egov-hrms: http://egov-hrms.egov:8080/
es-client: http://elasticsearch-data-v1.es-cluster:9200
location: http://location.egov:8080/
property-services: http://property-services.egov:8080/
pt-calculator-v2: http://pt-calculator-v2.egov:8080/
pt-services-v2: http://pt-services-v2.egov:8080/
pdf-service: http://pdf-service.egov:8080/
report: http://report.egov:8080/
tl-services: http://tl-services.egov:8080/
tl-workflow: http://tl-workflow.egov:8080/
tl-calculator: http://tl-calculator.egov:8080/
user-otp: http://user-otp.egov:8080/
ws-calculator: http://ws-calculator.egov:8080/
ws-services: http://ws-services.egov:8080/
firenoc-services: http://firenoc-services.egov:8080/
firenoc-calculator: http://firenoc-calculator.egov:8080/
egov-user-event: http://egov-user-event.egov:8080/
sw-services: "http://sw-services.egov:8080/"
sw-calculator: "http://sw-calculator.egov:8080/"
bpa-services: "http://bpa-services.egov:8080/"
bpa-calculator: "http://bpa-calculator.egov:8080/"
rainmaker-pgr: "http://rainmaker-pgr:8080/"
egov-user-chatbot: "http://egov-user-chatbot:8080/"
zuul: "http://zuul:8080/"
# Frontend services >>>>>>>>>>>>>>>>>>>>>>>>
employee:
custom-js-injection: |
sub_filter.conf: "
sub_filter '<head>' '<head>
<script src=https://s3.ap-south-1.amazonaws.com/egov-telemetry-data/ulb-overrides.js type=text/javascript></script>
<script src=https://raw.githack.com/egovernments/egov-mdms-data/CURFEW_E_PASS/data/in/logo/globalConfigs.js type=text/javascript></script>
';"
citizen:
custom-js-injection: |
sub_filter.conf: "
sub_filter '<head>' '<head>
<script src=https://s3.ap-south-1.amazonaws.com/egov-telemetry-data/ulb-overrides.js type=text/javascript></script>
<script src=https://raw.githack.com/egovernments/egov-mdms-data/CURFEW_E_PASS/data/in/logo/globalConfigs.js type=text/javascript></script>
';"
digit-ui:
custom-js-injection: |
sub_filter.conf: "
sub_filter '<head>' '<head>
<script src=https://s3.ap-south-1.amazonaws.com/egov-uat-assets/globalConfigs.js type=text/javascript></script>
';"
#>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
egov-filestore:
volume: /opt/eGov/filestore
is-bucket-fixed: "true"
is-s3-enabled: "true"
fixed-bucketname: filestore bucket name ## Add filestore bucket name
egov-idgen:
idformat-from-mdms: "true"
egov-notification-sms:
sms-provider-url: "sms provider url" ## Add sms provider url
sms.provider.class: "Generic"
sms.provider.contentType: "application/x-www-form-urlencoded"
sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'N', 'DR':'N', 'smsservicetype':'singlemsg'}"
sms-gateway-to-use: "sms provider name" ## Add sms provider name
sms-sender: "sms sender" ## Add sms sender
sms-sender-requesttype: "GET"
sms-custom-config: "true"
sms-extra-req-params: "mtype=N&DR=Y"
sms-sender-req-param-name: "sid"
sms-sender-username-req-param-name: "User"
sms-sender-password-req-param-name: "passwd"
sms-destination-mobile-req-param-name: "mobilenumber"
sms-message-req-param-name: "message"
sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414"
chatbot:
kafka-topics-partition-count: 3
kafka-topics-replication-factor: 2
kafka-consumer-poll-ms: 10
kafka-producer-linger-ms: 5
contact-card-whatsapp-number: "+918744960111"
contact-card-whatsapp-name: "mSeva Punjab"
valuefirst-whatsapp-number: "918744960111"
valuefirst-notification-assigned-templateid: "194781"
valuefirst-notification-resolved-templateid: "194783"
valuefirst-notification-rejected-templateid: "194785"
valuefirst-notification-reassigned-templateid: "194787"
valuefirst-notification-commented-templateid: "194789"
valuefirst-notification-welcome-templateid: "194791"
valuefirst-notification-root-templateid: "194795"
valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice"
user-service-chatbot-citizen-passwrord: "123456"
#>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
egov-mdms-service:
replicas: 1
images:
- egovio/egov-mdms-service
mdms-path: "/work-dir/egov-mdms-data/data"
initContainers:
gitSync:
repo: "git@github.com:egovernments/egov-mdms-data" ### Change this to Your MDMS Repo
branch: "UAT" ### Branch need to be changed as per your env
mdms-folder: "egov-mdms-data"
masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json"
java-args: -Dspring.profiles.active=monitoring
egov-indexer:
heap: "-Xmx512m -Xms512m"
memory_limits: "768Mi"
initContainers:
gitSync:
repo: "git@github.com:egovernments/configs" ### Change this to Your Config Repo
branch: "UAT"
egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml"
egov-persister:
replicas: 1
images:
- egovio/egov-persister
persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml"
initContainers:
gitSync:
repo: "git@github.com:egovernments/configs" ### Change this to Your Config Repo
branch: "UAT" ### Branch need to be changed as per your env
egov-data-uploader:
initContainers:
gitSync:
repo: "git@github.com:egovernments/configs" ### Change this to Your Config Repo
branch: "UAT" ### Branch need to be changed as per your env
egov-searcher:
search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml"
initContainers:
gitSync:
repo: "git@github.com:egovernments/configs" ### Change this to Your Config Repo
branch: "UAT" ### Branch need to be changed as per your env
dashboard-analytics:
config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json"
initContainers:
gitSync:
repo: "git@github.com:egovernments/configs"
branch: "UAT"
dashboard-ingest:
config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json"
initContainers:
gitSync:
repo: "git@github.com:egovernments/configs"
branch: "UAT"
# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
report:
heap: "-Xmx512m -Xms512m"
tracing-enabled: "true"
spring-datasource-tomcat-max-active: 5
initContainers:
gitSync:
repo: "git@github.com:egovernments/configs"
branch: "UAT"
report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt"
pdf-service:
initContainers:
gitSync:
repo: "git@github.com:<yours>/configs" ### Change this to Your Config Repo
branch: "UAT" ### Branch need to be changed as per your env
data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json"
format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json"
#>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
egov-custom-consumer:
erp-host: "https://mohali-qa.egovernments.org/"
egf-master:
db-url: "db-url" ## Add db-url
memory_limits: 512Mi
heap: "-Xmx256m -Xms256m"
redoc:
replicas: 1
images:
- egovio/redoc:v1.0.5
service_type: LoadBalancer
nginx-ingress:
images:
- quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.26.1
replicas: 1
default-backend-service: "egov/nginx"
namespace: egov
cert-issuer: "letsencrypt-prod"
ssl-protocols: "TLSv1.2 TLSv1.3"
ssl-ciphers: "EECDH+CHACHA20:EECDH+AES"
ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1"
cert-manager:
email: "email id" ## Add email id
images:
- "quay.io/jetstack/cert-manager-controller:v0.10.1"
namespace: egov
collection-receipt-voucher-consumer:
jalandhar-erp-host: "https://jalandhar-qa.egovernments.org/"
mohali-erp-host: "https://mohali-qa.egovernments.org/"
nayagaon-erp-host: "https://nayagaon-qa.egovernments.org/"
amritsar-erp-host: "https://amritsar-qa.egovernments.org/"
kharar-erp-host: "https://kharar-qa.egovernments.org/"
zirakpur-erp-host: "https://zirakpur-qa.egovernments.org/"
finance-collections-voucher-consumer:
erp-env-name: "qa"
erp-domain-name: "egovernments.org"
Secrets File Template
cluster-configs:
secrets:
db: // Create postgres db user and mention the details
username: demo
password: demo
flywayUsername: demo #same as above
flywayPassword: demo #same as above
egov-notification-sms: // sms provider details
username: demo
password: demo
egov-filestore: // AWS S3 access IAM details.
aws-key: aswedfghew
aws-secret-key: xdefghgdxc
egov-location: // Location service add your gmap key
gmapskey: AIzaSyAQOd09-sdfegv
egov-pg-service: // Payment Gateway add your bank gateway provider details
axis-merchant-id: demo
axis-merchant-secret-key: demo
axis-merchant-user: demo
axis-merchant-pwd: demo
axis-merchant-access-code: demo
payu-merchant-key: demo
payu-merchant-salt: demo
pgadmin: // To work pgadmin service add details
admin-email: demo@demo.com
admin-password: demo
read-email: demo@demo.com
read-password: demo
egov-enc-service: // To work egov-enc service add the details
master-password: demo
master-salt: q7.fr.cr
master-initialvector: 9J&asfgrU-H2
egov-notification-mail: // To work mail notification service add respective mail details
mailsenderusername: demo@demo
mailsenderpassword: demo
git-sync: // To clone the config and mdms repos, Create github user and add your ssh private key below. This private should have access to config and mdms repo.
ssh: |
-----BEGIN RSA PRIVATE KEY-----
MIIJKQIBAAKCAgEAxN3yoWfXEl7227hAXUTpeN5SiGUe22sIlGSYk3fx2Zl1xW0t
B5Y/Rn0yCQEtQ <add your ssh key this is just a placeholder >
FwiaDbuwQ+eA1RJ4Lxm9sGFuM1T
-----END RSA PRIVATE KEY-----
known-hosts: github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==
kibana: // Add Kibana details
namespace: es-cluster
credentials: demo
egov-si-microservice: // Add finance service details
si-microservice-user: demo
si-microservice-password: demo
mail-sender-password: demo
egov-edcr-notification: // Add edcr service details
edcr-mail-username: demo@demo.com
edcr-mail-password: demo
edcr-sms-username: demo
edcr-sms-password: demo
chatbot: // Add chatbot details
valuefirst-username: demo
valuefirst-password: demo
egov-user-chatbot: // Add user chatbot details
citizen-login-password-otp-fixed-value: "546941"
oauth2-proxy: // To work oauth2-proxy service, create and add your github OAuth Apps details
clientID: qwgethjymnbv
clientSecret: 3a08079easd9d8055470475696fd3baad5292
cookieSecret: QVbnq0L8npoyfxZs96wtBg==
Step 1: Clone the following DIGIT-DevOps repo (If not already done as part of Infra setup), you may need to install git and then run git clone it to your machine.
Step 2: After cloning the repo CD to the DIGIT-DevOps folder, type the "code" command to open the visual editor and open all the files from the DIGIT-DevOps repo.
$ cd DIGIT-DevOps
$ code
Step 3: Update the deployment config file with your details, you can use the following template egov-demo-sample.
$ vi deploy-as-code/helm/environments/egov-demo.yaml
Replace the following as per the applicable values -
Important: Add your domain name here, which you want to use for accessing DIGIT. ( Do not use the dummy domain )
SMS gateway to receive OTP, transaction mobile notification, etc.
MDMS, Config repo URL, here is where you provide master data, tenants and various user/role access details.
GMap key for the location service
Payment gateway, in case you use PT, TL, etc
Step 4: Update your credentials and sensitive data in the secret file as per your details.
$ vi deploy-as-code/helm/environments/egov-demo-secrets.yaml
credentials, secrets (You need to encrypt using sops and create a <env>-secret.yamlseparately)
SOPS expects an encryption key to encrypt/decrypt a specified plain text and keep the details secured. The following are the options to generate the encryption key -
Once you generate your encryption key, create a .sops.yaml configuration file under the /helm directory of the cloned repo to define the keys used for specific files. Refer to the SOP doc for more details.
Note: For demo purposes, you can use the egov-demo-secrets.yaml as it is without sops configuration, but make sure you update your specific details like Git SSH, URL etc. When you decide to push these configurations into any git or public space, make sure you follow the sops configuration mentioned in this article sops to encrypt your secrets.
Step 5: Important: Fork the following repos that contain the master data and default configs which you would customize as per your specific implementation later. Like (Master Data, ULB, Tenant details, Users, etc) to your respective GitHub organization account.
fork both the mdms, and config repos into your GitHub organization account
New GitHub users should be enabled to access the earlier forked repos.
Add the ssh private key that you generated in the previous step to egov-demo-secrets.yaml under the git-sync section.
Modify the services git-Sync repo and branch with your fork repo and branch in egov-demo.yaml.
vi deploy-as-code/helm/environments/egov-demo-secrets.yaml
Step 6: Update the deployment configs for the below as per your specification:
Number of replicas/scale of each service (depending on whether dev or prod load).
Update the SMS Gateway, Email Gateway, and Payment Gateway details for the notification and payment gateway services, etc.
Update the config, MDMS GitHub repos wherever marked
Update GMap key (In case you are using Google Map services in your PGR, PT, TL, etc)
Create one private S3 bucket for Filestore and one public bucket for logos. Add the bucket details respectively and create an IAM user with the s3 bucket access. Add IAM user details to <env-secrets.yaml>.
URL/DNS on which the DIGIT will be exposed.
SSL certificate for the above URL.
Any specific endpoint configs (Internal/external).
$ vi deploy-as-code/helm/environments/egov-demo.yaml