infra/inventree
4
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
InvenTree deployment
7 commits 1 branch 0 tags 62 KiB
Makefile 100%
Find a file
Exact
Philipp 5c3c32bb6a
add initial setup hints
2025-01-28 22:45:57 +01:00
.gitignore initial dump of deployment files 2023-03-19 18:39:53 +01:00
compose.yml migrate from keycloak to oidc provider 2023-09-17 03:04:12 +02:00
LICENSE add license to project 2023-09-16 18:08:58 +02:00
Makefile remove unused variables 2023-03-19 23:00:45 +01:00
nginx.prod.conf initial dump of deployment files 2023-03-19 18:39:53 +01:00
README.md add initial setup hints 2025-01-28 22:45:57 +01:00
sample.env migrate from keycloak to oidc provider 2023-09-17 03:04:12 +02:00

README.md

InvenTree Deployment

These are the deployment files required to get InvenTree up and running. InvenTree is deployed as a docker compose setup and therefore has the following dependencies:

  • Podman/Docker
  • Docker Compose
  • Make (as script runner)

Configuration

Copy the sample.env into a file named .env and make sure to adapt all values to your needs, especially secrets. Note that the redis cache is disabled by default.

Installation

In order to run invoke an update or complete the first setup, the data folder must be created (mkdir data) and make update is used to pull the latest images and apply all database migrations.

make update involves the command docker compose run --rm inventree-server invoke update which is performs the initial database setup.

To create an admin account, the command docker compose run inventree-server invoke superuser can be run.

The command make up can be used to run the setup as a foreground service, make "up -d" can be used to run the setup in detached mode.

Warning:

When running inside LXC (e.g. Proxmox) with ZFS you might need to run add the following to your /etc/docker/daemon.json (and restart afterwards):

{
  "storage-driver": "vfs"
}

This can be required because Docker does not like ZFS and might have issues to store some layers. Note that using VFS has significant impact on the storage usage (might explode).

SSO

The following is an example on configuring SSO using OIDC and Keycloak as IdP. See the InvenTree SSO docs as well as the AllAuth social providers for more details. Note that Keycloak is not a valid provider anymore and OIDC should be used.

Keycloak

  1. Create a new client (Type: OpenID Connect)
  2. Enable Client authentication, Authorization, Standard flow. Disable everything else (explicitly Direct access grant)
  3. Set home URL to https://<inventree-hostname> and Redirect URL to https://<inventree-hostname>/accounts/oidc/login/callback/.

Inventree

Login as InvenTree admin user and open the admin interface.

  1. In the Admin interface, add a new group named "default" and click on "Save and edit". Disallow reading the admin settings and allow all other permissions you want a default user to have.
  2. In the Social Accounts block, add a new Social Application. The provider must be oidc, the name and client id can be arbitrary value. The available default site must be added.
  3. Go back to the application. Under Settings > Login Settings make sure to Enable SSO and Enable SSO registration. Also, set Group on signup to your default group.