Add extra guidance for simple orchestration that does not enable CAC auth into keycloak

[hearts1137]

https://github.com/jeremyatourville/stigman-orchestration

Wanted to give this repo a go but all the images it references are invalid. For example;
https://github.com/jeremyatourville/stigman-orchestration/blob/2807e4ba935e5ee6e02580dd131ccc5b5c488769/docker-compose.yml#L9
https://github.com/jeremyatourville/stigman-orchestration/blob/2807e4ba935e5ee6e02580dd131ccc5b5c488769/docker-compose.yml#L21
https://github.com/jeremyatourville/stigman-orchestration/blob/2807e4ba935e5ee6e02580dd131ccc5b5c488769/docker-compose.yml#L38
https://github.com/jeremyatourville/stigman-orchestration/blob/2807e4ba935e5ee6e02580dd131ccc5b5c488769/docker-compose.yml#L50

The domain is example.org so I'm not sure how this was ever valid code.

My use case is to bring in STIGManager into a cloud environment whew we access our systems with Apache Guacamole and thus have no ability to use DoD CAC auth. We need usernames and passwords. Later down the road we will integrate users into MS Active Directory but as a proof of concept, it just needs to be easy.

So are there simple steps to disable CAC auth and revert to user/pass for auth in this repo?

Also, I wasn't able to get stigman to auto import the DISA STIG lists by uncommenting the line - STIGMAN_INIT_IMPORT_STIGS=true.

I'm a noob to this but I see the value of a central stigman in my four different enclaves but the problems are they are air-gapped and CAC auth is not an options. We have RHEL 7 & 8 repo available to use and we can bring in any software we need but we do not have keycloak expertise. We intend to use this with EvaluateSTIG just as soon as I can figure out the certificate part so evalstig can talk to stigman. I wish the docs where more Mississippi style so I can better understand them! LOL

Thanks

[jeremytourville]

Based on the scenario you described, here are my comments.

all the images it references are invalid.

This is sort of true. The example shows that the images are being pulled from my private repo server. You need to setup a repo so you can pull your own images.

Let me break down the command for you -
image: gsil-docker1.idm.example.org:5000 This is where the repo is located and what port is listening.
/nginx:1.23.1 This is the image tag (aka version).

You just need to use the latest images. The principles of setup remain the same. The critical piece is the setup for NGINX and how to setup Keycloak to use UN/PW. My repo does give you an example file to be used for NGINX configuration.

The domain is example.org so I'm not sure how this was ever valid code.

That is simply a placeholder (think variable) for the real name, which I can't list.

Also, I wasn't able to get stigman to auto import the DISA STIG lists by uncommenting the line - STIGMAN_INIT_IMPORT_STIGS=true.

You're not going to do it that way. The auto import presumes you have an internet connection.