Skip to content

Configuration

On this page find example configurations for the docker and linux deployment. The examples can be easily adapted to all the provided platforms.

HTTPS

Run nginx as a frontend container for HTTPS processing and proxy service requests to the backend docreader container. Here you can find the docker-compose.yml file and the Nginx default.conf file for a reference.

Run nginx as a frontend service for HTTPS processing and proxy service requests to the backend docreader service. Here you can find the Nginx default.conf file for a reference. The SSL certificates should be placed to the /etc/ssl/ folder.

Option 2. Docreader via HTTPS

To run the docreader service via HTTPS take the following steps:

  1. Add 644 permissions to certificates so the server is able to read certificates.
  2. Pass cert.crt & cert.key files to the container.
  3. Pass the DOCREADER_HTTPS environment variable.
  4. Forward the container port to 8443 host port:
chmod 644 ~/cert.crt ~/cert.key
docker run -it -p 8443:8080 -v ~/regula.license:/app/extBin/unix_x64/regula.license -v ~/cert.crt:/app/certs/tls.crt -v ~/cert.key:/app/certs/tls.key -e DOCREADER_HTTPS="true" regulaforensics/docreader

To run the docreader service via HTTPS take the following steps:

  1. Create the /opt/regula/document-reader-webapi/certs folder and copy certificates to it.
  2. Set HTTPS respective environment variables to /opt/regula/document-reader-webapi/.env file:
    • DOCREADER_HTTPS=true
    • DOCREADER_CERT_FILE=/opt/regula/document-reader-webapi/certs/tls.crt
    • DOCREADER_KEY_FILE=/opt/regula/document-reader-webapi/certs/tls.key
  3. Restart the service.

Logging

Access logs

The Document Reader Access logs are a gunicorn server Access log file.

To enable the Document Reader Access logs, set the ENV variable DOCREADER_LOGS_ACCESS_FILE to true.

You can customize the access log file location via the DOCREADER_LOGS_ACCESS_FILE_PATH ENV variable.

To get access to the Access log file from the host machine:

  1. Create a folder for logs and ensure the group is root and group members have the write & execute permissions over the created folder.
  2. Mount the host folder to the application log folder inside the container:
mkdir ~/docreader-logs
chmod g+wx ~/docreader-logs
sudo chgrp root ~/docreader-logs
docker run -p host_port:8080 -v host_path_to_license_folder/regula.license:/app/extBin/unix_x64/regula.license -v ~/docreader-logs:/app/logs -e DOCREADER_LOGS_ACCESS_FILE="true" regulaforensics/docreader

The Document Reader Access logs are a gunicorn server Access log file.

To enable the Document Reader Access logs, set the environment variable DOCREADER_LOGS_ACCESS_FILE to true at the /opt/regula/document-reader-webapi/.env file.

You сan customize the access log file location via the DOCREADER_LOGS_ACCESS_FILE_PATH environment variable.

Note that the application should have the write permission on the folder where logs will be stored.

Application logs

The Document Reader Application logs are a gunicorn server Application log file.

To enable the Document Reader Application logs, set the ENV variable DOCREADER_LOGS_APP_FILE to true. You may customize the application log file location via the DOCREADER_LOGS_APP_FILE_PATH ENV variable.

To get access to the Application log file from the host machine:

  1. Create a folder for logs and ensure the group is root and group members have the write & execute permissions over the created folder.
  2. Mount the host folder to the application log folder inside the container:
    mkdir ~/docreader-logs
    chmod g+wx ~/docreader-logs
    sudo chgrp root ~/docreader-logs
    
docker run -p host_port:8080 -v host_path_to_license_folder/regula.license:/app/extBin/unix_x64/regula.license -v ~/docreader-logs:/app/logs -e DOCREADER_LOGS_APP_FILE="true" regulaforensics/docreader

The Document Reader Application logs are a gunicorn server Application log file.

To enable the Document Reader Application logs, set the environment variable DOCREADER_LOGS_APP_FILE to true at the /opt/regula/document-reader-webapi/.env file.

You can customize the application log file location via the DOCREADER_LOGS_APP_FILE_PATH environment variable.

Note that the application should have the write permission on the folder where logs will be stored.

Processed results logs

The Document Reader Processed results logs are the artifacts of the processed request.

To enable the processed results logs, set the ENV variable DOCREADER_PROCESS_RESULTS_LOG_FILE to true.

You can customize the processed results log folder path via the DOCREADER_PROCESS_RESULTS_LOG_PATH ENV variable.

To get access to the processed results logs from the host machine:

  1. Create a folder for logs and ensure the group is root and group members have the write & execute permissions over the created folder.
  2. Mount the host folder to the application log folder inside the container:
    mkdir ~/docreader-logs
    chmod g+wx ~/docreader-logs
    sudo chgrp root ~/docreader-logs
    
docker run -p host_port:8080 -v host_path_to_license_folder/regula.license:/app/extBin/unix_x64/regula.license -v ~/docreader-logs:/app/logs -e DOCREADER_PROCESS_RESULTS_LOG_FILE="true" regulaforensics/docreader

The Document Reader Processed results logs are the artifacts of the processed request.

To enable the processed results logs, set the environment variable DOCREADER_PROCESS_RESULTS_LOG_FILE to true at the /opt/regula/document-reader-webapi/.env file.

You may customize the processed results log folder path via the DOCREADER_PROCESS_RESULTS_LOG_PATH environment variable.

Note that the application should have write permision on the folder where logs will be stored.

Chip Verification

To install Docker Compose, refer to the Docker official guide.

Download chip-docker-compose.yml and save it as docker-compose.yml:

wget https://docs.regulaforensics.com/develop/doc-reader-sdk/web-service/administration/files/chip-docker-compose.yml -O docker-compose.yml

To set the license, place the regula.license file into the same folder where the downloaded docker-compose.yml is located.

To start Docreader, invoke:

sudo docker-compose up -d
[+] Running 5/5
⠿ Network test_docreader-network  Created
⠿ Volume "test_minio-data"        Created
⠿ Container docreader             Started
⠿ Container minio                 Started
⠿ Container minio-mc              Started

Check the status:

sudo docker-compose ps
NAME                COMMAND                  SERVICE             STATUS              PORTS
docreader           "./entrypoint.sh"        docreader           running             0.0.0.0:8080->8080/tcp
minio               "/usr/bin/docker-ent…"   minio               running (healthy)   0.0.0.0:9000-9001->9000-9001/tcp
minio-mc            "/bin/sh -c ' /usr/b…"   create-buckets      exited (0)

To stop Docreader, run:

sudo docker-compose down

To delete data after stopping Docreader:

sudo docker-compose down -v
  1. Install Minio Please refer to the official Minio documentation.

  2. Run Minio by setting default user and password:

    export MINIO_ROOT_USER=minioadmin
    export MINIO_ROOT_PASSWORD=minioadmin
    minio server /data
    

  3. Install the official minio mc client and create a bucket:

    wget https://dl.min.io/client/mc/release/linux-amd64/mc
    chmod +x mc
    mc config host add myminio http://localhost:9000 minioadmin minioadmin
    mc mb myminio/chip-verification-data
    

  4. Set the Chip Verification respective environment variables to the /opt/regula/document-reader-webapi/.env file:

    • REGULA_SERVER_SIDE_CHIP_VERIFICATION=true
    • REGULA_STORAGE_URL=localhost:9000
    • REGULA_STORAGE_ACCESS_KEY=minioadmin
    • REGULA_STORAGE_SECRET_KEY=minioadmin
    • REGULA_STORAGE_CHIP_DATA_BUCKET=chip-verification-data

RFID PKD

To verify PA for the RFID sessions:

  1. Create a folder and copy masterlists there.
  2. Mount the host folder to the folder inside the container and point to that specific folder using the RFID_PKD_PA_PATH ENV variable or simply enable the RFID_PKD_PA ENV variable (uses default masterlists location "/app/rfid_pkd").
mkdir ~/masterlists
cp *.ldif ~/masterlists/

To verify PA for the RFID sessions:

  1. Create a folder (e.g. /opt/regula/document-reader-webapi/rfid_pkd - default) and copy masterlists here.
  2. Set RFID PKD respective environment variables to /opt/regula/document-reader-webapi/.env file
    • DOCREADER_RFID_PKD_PA=true
    • DOCREADER_RFID_PKD_PA_PATH=/opt/regula/document-reader-webapi/rfid_pkd
  3. Restart the service.

RFID_PKD_PA option

docker run -it -p 8080:8080 -v ~/regula.license:/app/extBin/unix_x64/regula.license -v ~/masterlists:/app/rfid_pkd -e RFID_PKD_PA="true" regulaforensics/docreader

RFID_PKD_PA_PATH option

docker run -it -p 8080:8080 -v ~/regula.license:/app/extBin/unix_x64/regula.license -v ~/masterlists:/app/masterlists -e RFID_PKD_PA_PATH="/app/masterlists" regulaforensics/docreader

You can customize the path to folder containing masterlists via the DOCREADER_RFID_PKD_PA_PATH environment variable.

Note that the application should have the write permission on the folder where logs will be stored.