Newer
Older
###########################################################################
####### FOR TESTING PURPOSES ONLY #######
###########################################################################
# Instead of using the docker compose file you should use the helmfiles #
# to deploy the single sign on system on a kubernetes cluster #
###########################################################################
version: '3'
services:
hydra:
ports:
- "4444:4444" # Public port
- "4445:4445" # Admin port
- "5555:5555" # Port for hydra token user
command:
serve all --dangerous-force-http --dangerous-allow-insecure-redirect-urls "http://localhost:13337/callback, http://localhost:13337/"
- URLS_SELF_ISSUER=http://localhost:4444/
- URLS_CONSENT=http://localhost:5001/consent
- URLS_LOGIN=http://localhost:5000/login
- DSN=memory
- SECRETS_SYSTEM=youReallyNeedToChangeThis
- OIDC_SUBJECT_TYPES_SUPPORTED=public,pairwise
- OIDC_SUBJECT_TYPE_PAIRWISE_SALT=youReallyNeedToChangeThis
- SERVE_PUBLIC_CORS_DEBUG=true
- LOG_LEVEL=debug
- LOG_LEAK_SENSITIVE_VALUES=true
restart: unless-stopped
consent:
build: consent_provider/
environment:
- HYDRA_ADMIN_URL=http://hydra:4445
- GRAPHQL_URL=http://backend:5000/graphql
ports:
- "5001:5001"
restart: unless-stopped
logout:
build: logout_provider/
environment:
- HYDRA_ADMIN_URL=http://hydra:4445
- FLASK_ENV=development
ports:
- "5002:5002"
restart: unless-stopped
login:
build: login_provider/
environment:
- HYDRA_ADMIN_URL=http://hydra:4445
- GRAPHQL_URL=http://backend:5000/graphql
ports:
- "5000:5000"
restart: unless-stopped
backend:
environment:
- DEBUG=True
- HYDRA_ADMIN_URL=http://hydra:4445
- DATABASE_USER=postgres
- DATABASE_PASSWORD=secret
- DATABASE_NAME=postgres
- DATABASE_HOST=psql
ports:
restart: unless-stopped
psql:
image: postgres:11
environment:
- POSTGRES_PASSWORD=secret
network_mode: host
depends_on:
- hydra
environment:
- BASE_URL=http://localhost:4444/
- KEY=testapp
- SECRET=secret
- FLASK_ENV=development
# with this settings run:
## `bash test/create-hydra-client.bash testapp clientsecret http://localhost:4445 http://localhost:13337/callback http://localhost:13337/ http://localhost:13337/logout
## to register a corresponding oauth client with hydra
command: flask run --port 13337
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
kratos-migrate:
build: ./kratos
command: -c /etc/config/kratos/kratos.yml migrate sql -e --yes
environment:
- DSN=postgres://kratos:secret@kratos-db:5433/kratos?sslmode=disable
restart: on-failure
kratos:
build: ./kratos
depends_on:
- kratos-db
- kratos-migrate
- mailslurper
ports:
- "4433:4433" # public
- "4434:4434" # admin
restart: unless-stopped
environment:
- LOG_LEVEL=trace
- DSN=postgres://kratos:secret@kratos-db:5433/kratos?sslmode=disable
command: serve -c /etc/config/kratos/kratos.yml --dev --watch-courier
kratos-db:
image: postgres:13
environment:
- POSTGRES_USER=kratos
- POSTGRES_DB=kratos
- POSTGRES_PASSWORD=secret
ports:
- "5433:5433"
volumes:
- .local/kratos/psql:/var/lib/postgresql/data
# change port via command https://github.com/docker-library/postgres/issues/196
command: -p 5433