First-Run Setup Guide
Version: 1.0 Last Updated: 2026-01-31 Status: Active
Overview
This guide covers the first-time setup of the Sorcha platform. The setup wizard handles:
- Environment Detection: Checks for Docker, .NET SDK, and port availability
- Configuration Generation: Creates
.envfile with secure credentials - Infrastructure Provisioning: Creates Docker volumes and starts database services
- Service Startup: Builds and starts all application services
- Validation: Verifies all services are healthy and accessible
Prerequisites
Required
| Component | Version | Download |
|---|---|---|
| Docker Desktop | 4.0+ | docker.com |
| Docker Compose | 2.0+ (plugin) or 1.29+ (standalone) | Included with Docker Desktop |
Optional (for development)
| Component | Version | Download |
|---|---|---|
| .NET SDK | 10.0+ | dotnet.microsoft.com |
| Git | 2.30+ | git-scm.com |
| Sorcha CLI | Latest | dotnet tool install -g Sorcha.Cli |
Quick Start
Windows (PowerShell)
# Clone the repository
git clone https://github.com/sorcha-platform/sorcha.git
cd Sorcha
# Run the setup wizard
.\scripts\setup.ps1Linux / macOS (Bash)
# Clone the repository
git clone https://github.com/sorcha-platform/sorcha.git
cd Sorcha
# Make scripts executable
chmod +x scripts/*.sh
# Run the setup wizard
./scripts/setup.shSetup Wizard Steps
The setup wizard performs these steps automatically:
1. Prerequisites Check
Verifies that required software is installed:
[1/8] Checking Prerequisites
--------------------------------------------------
[OK] Docker CLI found
[OK] Docker daemon is running
[OK] Docker Compose found (plugin)
[OK] .NET SDK 10.0.100 found
[OK] Git found2. Port Availability
Checks that required ports are not in use:
| Port | Service |
|---|---|
| 80 | API Gateway (HTTP) |
| 443 | API Gateway (HTTPS) |
| 5000 | Blueprint Service |
| 5380 | Register Service |
| 5400 | UI Web |
| 5432 | PostgreSQL |
| 5450 | Tenant Service |
| 5800 | Validator Service |
| 16379 | Redis |
| 18888 | Aspire Dashboard |
| 27017 | MongoDB |
3. First-Run Detection
Detects if this is a fresh installation by checking for:
- Missing
.envfile - Missing Docker volumes
- Missing Sorcha containers
4. Configuration Generation
Creates .env file with:
- Installation name: Used for JWT issuer (default: localhost)
- JWT signing key: Auto-generated 256-bit key
- Database credentials: Development defaults
# Generated .env file
INSTALLATION_NAME=localhost
JWT_SIGNING_KEY=<auto-generated-256-bit-key>
POSTGRES_USER=sorcha
POSTGRES_PASSWORD=sorcha_dev_password5. Docker Volumes
Creates persistent storage volumes:
sorcha_redis-datasorcha_postgres-datasorcha_mongodb-datasorcha_dataprotection-keyssorcha_wallet-encryption-keys
6. Infrastructure Services
Starts and waits for infrastructure services:
- Redis (caching, session, pub/sub)
- PostgreSQL (Tenant, Wallet databases)
- MongoDB (Register database)
- Aspire Dashboard (observability)
7. Application Services
Builds and starts all microservices:
- Blueprint Service
- Wallet Service
- Register Service
- Tenant Service
- Validator Service
- Peer Service
- API Gateway
- UI Web
8. Validation
Verifies all services are healthy and accessible.
Post-Setup: Bootstrap
After setup completes, run the bootstrap script to create the initial organization:
Using the Bootstrap Script
# PowerShell
.\scripts\bootstrap-sorcha.ps1 -Profile docker
# Bash
./scripts/bootstrap-sorcha.sh --profile dockerUsing the CLI
# Interactive mode
sorcha bootstrap --profile docker
# Non-interactive mode
sorcha bootstrap --profile docker --non-interactive \
--org-name "My Organization" \
--subdomain "myorg" \
--admin-email "admin@myorg.com" \
--admin-name "Administrator" \
--admin-password "SecureP@ss123!"Service URLs
After setup and bootstrap, access services at:
| Service | URL | Purpose |
|---|---|---|
| Main UI | http://localhost/app | Primary user interface |
| API Gateway | http://localhost | REST API endpoints |
| API Documentation | http://localhost/scalar | OpenAPI/Scalar docs |
| Aspire Dashboard | http://localhost:18888 | Observability |
Troubleshooting
Docker Not Running
[X] Docker Desktop is not runningSolution: Start Docker Desktop and wait for it to initialize.
Port Already in Use
[X] Port 80 in use (API Gateway HTTP)Solution: Stop the conflicting service or modify docker-compose.yml to use a different port:
# Find what's using the port
netstat -ano | findstr :80 # Windows
lsof -i :80 # Linux/macOS
# Kill the process
taskkill /PID <pid> /F # Windows
kill -9 <pid> # Linux/macOSWallet Encryption Permissions
[!] Could not set wallet permissionsSolution: Run the permissions fix script:
# PowerShell
.\scripts\fix-wallet-encryption-permissions.ps1
# Bash
./scripts/fix-wallet-encryption-permissions.shServices Not Starting
Check the logs for specific errors:
# View all logs
docker-compose logs -f
# View specific service logs
docker-compose logs -f tenant-serviceHTTPS Not Working
HTTPS requires a certificate. Generate one with:
# PowerShell
.\scripts\setup-https-docker.ps1
# Bash
./scripts/setup-https-docker.shEnvironment Validation
Run the validation script to check environment health:
# Full validation
.\scripts\validate-environment.ps1
# Quick check (summary only)
.\scripts\validate-environment.ps1 -Quiet
# JSON output (for CI/CD)
.\scripts\validate-environment.ps1 -JsonOutputAdvanced Options
Non-Interactive Setup
For CI/CD or scripted deployments:
.\scripts\setup.ps1 -NonInteractiveSkip Docker Checks
For environments where Docker validation should be skipped:
.\scripts\setup.ps1 -SkipDockerForce Re-initialization
To regenerate configuration even if already set up:
.\scripts\setup.ps1 -ForceVerbose Output
For detailed troubleshooting:
.\scripts\setup.ps1 -VerboseConfiguration Reference
The setup wizard creates a .env file with these variables:
| Variable | Description | Default |
|---|---|---|
INSTALLATION_NAME | JWT issuer identifier | localhost |
JWT_SIGNING_KEY | 256-bit signing key | Auto-generated |
POSTGRES_USER | PostgreSQL username | sorcha |
POSTGRES_PASSWORD | PostgreSQL password | sorcha_dev_password |
MONGO_USERNAME | MongoDB username | sorcha |
MONGO_PASSWORD | MongoDB password | sorcha_dev_password |
ASPNETCORE_ENVIRONMENT | Runtime environment | Development |
Production Configuration
For production deployments, update these values:
Generate new secrets:
powershell# Generate new JWT key [Convert]::ToBase64String((1..32 | ForEach-Object { Get-Random -Maximum 256 }))Update
.env:envINSTALLATION_NAME=sorcha.mycompany.com JWT_SIGNING_KEY=<new-256-bit-key> POSTGRES_PASSWORD=<strong-password> MONGO_PASSWORD=<strong-password> ASPNETCORE_ENVIRONMENT=ProductionEnable HTTPS (see HTTPS Setup)
Related Documentation
- Port Configuration - Complete port reference
- Authentication Setup - JWT and auth configuration
- Architecture Overview - System architecture
- Development Status - Current completion status
Document Owner: Sorcha Contributors Last Review: 2026-01-31