Lemur

Lemur manages TLS certificate creation. While not able to issue certificates itself, Lemur acts as a broker between CAs and environments providing a central portal for developers to issue TLS certificates with 'sane' defaults.

Lemur runs on Python 3.10. We deploy on Ubuntu and develop mostly on OS X.

Project resources

• Lemur Blog Post
• Documentation
• Source code
• Issue tracker
• Docker

Docker Environments

This repository contains multiple Dockerfiles for different purposes:

Dockerfile (root directory)

Testing environment - Minimal build based on ubuntu:22.04 with Python 3.10 and Node.js 18 for running tests. Used by docker-compose.yml to run the test suite.

Usage: docker compose up test

docker/Dockerfile

Local development environment - Full-featured development setup based on ubuntu:22.04 with Python 3.10 and Node.js 18, including nginx, supervisor, and celery workers. Provides a complete Lemur stack for local development. Used by docker/docker-compose.yml.

Usage: cd docker && docker compose up

Access at http://localhost:8087 (HTTP) and https://localhost:8447 (HTTPS)

publish/Dockerfile

Production and staging images - Multi-stage build using DataDog's GBI Ubuntu 22.04 base image (Python 3.10). Used by GitLab CI to build both regular and FIPS-compliant images for deployment.

Controlled by .gitlab-ci.yml via .campaigns/build_and_push_image.sh

Local Development and Testing

Development with Docker (Recommended)

The fastest way to get started. Uses containerized environments matching production.

Run tests:

docker compose up test

Start local dev environment:

cd docker && docker compose up

Access at http://localhost:8087 (HTTP) or https://localhost:8447 (HTTPS)

Development without Docker

For local development without containers. Requires Python 3.10 installed on your system.

Prerequisites:

• Python 3.10 (verify with python3 --version)
• Node.js 18 and npm (for frontend build)
• PostgreSQL (can use Docker for just the database)

Setup:

1. Create and activate a virtual environment with Python 3.10:

   python3 -m venv venv
   source venv/bin/activate
   

2. Verify Python version:

   python --version  # Should show Python 3.10.x
   

3. Start PostgreSQL database:

   docker compose up -d postgres
   

4. Install dependencies and build frontend:

   make develop
   

   This installs npm dependencies, Python dependencies in development mode, and builds frontend assets with gulp.

Run tests:

export SQLALCHEMY_DATABASE_URI=postgresql://lemur:lemur@localhost:5432/lemur
make test            # Run linting and tests
make test-python     # Run Python tests only
pytest -v            # Run tests with verbose output