The Yubico U2F Validation Server requires an SQL database for storing data. Internally, u2fval uses SQLAlchemy to connect to the database. Depending on which SQL database you use you might need to install an adapter for it. For a list of supported databases, and the required adapters, see SQLAlchemy Engine Configuration.
This document assumes you are using Ubuntu with the Postgresql database. Start by installing Postgresql:
apt-get install postgresql
You will also need to install the required database adapter (assuming you’re using a virtualenv):
source venv/bin/activate (venv) $ pip install psycopg2
To create a user and a database for u2fval, start by opening the psql prompt:
su postgres -c psql
Now create a user and a database:
postgres=# create user u2fval with password 'password'; postgres=# create database u2fval with owner u2fval; postgres=# \q
We’re done. We now have a database named "u2fval", with a user named "u2fval", and the password "password". This gives us the following connection string:
postgresql://u2fval:password@localhost/u2fval
Edit the SQLALCHEMY_DATABASE_URI setting in the
/etc/yubico/u2fval/u2fval.conf
file with the connection string, so it reads:
SQLALCHEMY_DATABASE_URI = 'postgresql://u2fval:password@localhost/u2fval'
Note
|
There are many other settings related to the database that you can set in this file. For a reference, see the Flask-SQLAlchemy configuration documentation. |
Save and close the file, and initialize the database for use with u2fval:
(venv) $ u2fval db init
You can optionally specify a different configuration file to use, by setting the U2FVAL_SETTINGS environment variable.
That’s it, the database is now configured and ready.