docker-compose.yml

###########################################################################
#######                FOR TESTING PURPOSES ONLY                    #######
###########################################################################
# Instead of using the docker compose file you should use the helmfiles   #
# to deploy the single sign on system on a kubernetes cluster             #
###########################################################################
version: '3'
services:
  hydra:
    image: oryd/hydra:v1.8
    ports:
      - "4444:4444" # Public port
      - "4445:4445" # Admin port
      - "5555:5555" # Port for hydra token user
    command:
      serve all --dangerous-force-http --dangerous-allow-insecure-redirect-urls "http://localhost:13337/callback, http://localhost:13337/"
    environment:
      - URLS_SELF_ISSUER=http://localhost:4444/
      - URLS_CONSENT=http://localhost:5001/consent
      - URLS_LOGIN=http://localhost:5000/login
      - URLS_LOGOUT=http://localhost:5002/logout
      - DSN=memory
      - SECRETS_SYSTEM=youReallyNeedToChangeThis
      - OIDC_SUBJECT_TYPES_SUPPORTED=public,pairwise
      - OIDC_SUBJECT_TYPE_PAIRWISE_SALT=youReallyNeedToChangeThis
      - SERVE_PUBLIC_CORS_DEBUG=true
      - LOG_LEVEL=debug
      - LOG_LEAK_SENSITIVE_VALUES=true
    restart: unless-stopped
  consent:
    build: consent_provider/
    environment:
      - HYDRA_ADMIN_URL=http://hydra:4445
      - GRAPHQL_URL=http://backend:5000/graphql
      - FLASK_ENV=development
    ports:
      - "5001:5001"
    restart: unless-stopped
  logout:
    build: logout_provider/
    environment:
      - HYDRA_ADMIN_URL=http://hydra:4445
      - FLASK_ENV=development
    ports:
      - "5002:5002"
    restart: unless-stopped
  login:
    build: login_provider/
    environment:
      - HYDRA_ADMIN_URL=http://hydra:4445
      - GRAPHQL_URL=http://backend:5000/graphql
      - FLASK_ENV=development
    ports:
      - "5000:5000"
    restart: unless-stopped
  backend:
    build: user-panel/backend/
    environment:
      - DEBUG=True
      - HYDRA_ADMIN_URL=http://hydra:4445
      - DATABASE_USER=postgres
      - DATABASE_PASSWORD=secret
      - DATABASE_NAME=postgres
      - DATABASE_HOST=psql
    ports:
      - "5003:5000"
    restart: unless-stopped
  psql:
    image: postgres:11
    environment:
      - POSTGRES_PASSWORD=secret
    ports:
      - "5432:5432"
  oauth:
    build: ./test/integration_tests
    network_mode: host
    depends_on:
      - hydra
    environment:
      - BASE_URL=http://localhost:4444/
      - KEY=testapp
      - SECRET=secret
      - FLASK_ENV=development
    # with this settings run:
    ## `bash test/create-hydra-client.bash testapp clientsecret http://localhost:4445 http://localhost:13337/callback http://localhost:13337/ http://localhost:13337/logout
    ## to register a corresponding oauth client with hydra
    ports:
      - "13337:13337"
    command: flask run --port 13337
    restart: unless-stopped
  kratos-migrate:
    build: ./kratos
    command: -c /etc/config/kratos/kratos.yml migrate sql -e --yes
    environment:
      - DSN=postgres://kratos:secret@kratos-db:5433/kratos?sslmode=disable
    restart: on-failure
  kratos:
    build: ./kratos
    depends_on:
      - kratos-db
      - kratos-migrate
      - mailslurper
    ports:
      - "4433:4433" # public
      - "4434:4434" # admin
    restart: unless-stopped
    environment:
      - LOG_LEVEL=trace
      - DSN=postgres://kratos:secret@kratos-db:5433/kratos?sslmode=disable
    command: serve -c /etc/config/kratos/kratos.yml --dev --watch-courier
  kratos-db:
    image: postgres:11
    environment:
      - POSTGRES_PASSWORD=kratossecret
    ports:
      - "5433:5433"
    #volumes:
    #  - .local/kratos/psql:/var/lib/postgresql/data
    # change port via command https://github.com/docker-library/postgres/issues/196
    command: -p 5433