Skip to content
Snippets Groups Projects
Commit 29b070d1 authored by Mart van Santen's avatar Mart van Santen
Browse files

Initall build kratos images

parent b8d6e31a
No related branches found
No related tags found
1 merge request!46Add kratos container
Pipeline #8953 failed with stages
in 1 minute and 10 seconds
......@@ -41,6 +41,19 @@ login_provider:
- login_provider/**/*
- .gitlab-ci.yml
# Build kratos image
stage: build
needs: []
variables:
KANIKO_CONTEXT: "kratos"
KANIKO_BUILD_IMAGENAME: $CI_JOB_NAME
extends: .kaniko_build
only:
changes:
- kratos/**/*
- .gitlab-ci.yml
integration_test_app:
stage: build-test-images
variables:
......
......@@ -88,3 +88,35 @@ services:
- "13337:13337"
command: flask run --port 13337
restart: unless-stopped
kratos-migrate:
build: ./kratos
command: -c /etc/config/kratos/kratos.yml migrate sql -e --yes
environment:
- DSN=postgres://kratos:secret@kratos-db:5433/kratos?sslmode=disable
restart: on-failure
kratos:
build: ./kratos
depends_on:
- kratos-db
- kratos-migrate
- mailslurper
ports:
- "4433:4433" # public
- "4434:4434" # admin
restart: unless-stopped
environment:
- LOG_LEVEL=trace
- DSN=postgres://kratos:secret@kratos-db:5433/kratos?sslmode=disable
command: serve -c /etc/config/kratos/kratos.yml --dev --watch-courier
kratos-db:
image: postgres:13
environment:
- POSTGRES_USER=kratos
- POSTGRES_DB=kratos
- POSTGRES_PASSWORD=secret
ports:
- "5433:5433"
volumes:
- .local/kratos/psql:/var/lib/postgresql/data
# change port via command https://github.com/docker-library/postgres/issues/196
command: -p 5433
FROM oryd/kratos:v0.7.6-alpha.1-sqlite
ENV DSN=sqlite:///var/lib/sqlite/db.sqlite?_fk=true&mode=rwc
COPY identity.schema.json /etc/config/kratos/identity.schema.json
COPY kratos.yml /etc/config/kratos/kratos.yml
{
"$id": "https://schemas.ory.sh/presets/kratos/quickstart/email-password/identity.schema.json",
"$schema": "http://json-schema.org/draft-07/schema#",
"title": "Person",
"type": "object",
"properties": {
"traits": {
"type": "object",
"properties": {
"username": {
"type": "string",
"title": "Username",
"minLength": 1,
"ory.sh/kratos": {
"credentials": {
"password": {
"identifier": true
}
}
}
},
"email": {
"type": "string",
"format": "email",
"title": "E-Mail",
"minLength": 3,
"ory.sh/kratos": {
"verification": {
"via": "email"
},
"recovery": {
"via": "email"
}
}
},
"name": {
"type": "object",
"properties": {
"first": {
"type": "string",
"title": "First name"
},
"last": {
"type": "string",
"title": "Last name"
}
}
}
},
"required": ["email", "username"],
"additionalProperties": false
}
}
}
version: v0.7.6-alpha.1
dsn: memory
serve:
public:
base_url: http://127.0.0.1:4433/
cors:
enabled: true
admin:
base_url: http://127.0.0.1:4434/
selfservice:
default_browser_return_url: http://127.0.0.1:5000/settings
whitelisted_return_urls:
- http://127.0.0.1:4455
- http://127.0.0.1:5000
- http://127.0.0.1:5000/login
- http://127.0.0.1:5000/recover
- http://127.0.0.1:5000/settings
methods:
password:
enabled: true
link:
enabled: true
flows:
error:
ui_url: http://127.0.0.1:4455/error
settings:
ui_url: http://127.0.0.1:5000/settings
privileged_session_max_age: 15m
recovery:
enabled: true
ui_url: http://127.0.0.1:5000/recover
verification:
enabled: true
ui_url: http://127.0.0.1:4455/verify
after:
default_browser_return_url: http://127.0.0.1:4455/
logout:
after:
default_browser_return_url: http://127.0.0.1:4455/auth/login
login:
ui_url: http://127.0.0.1:5000/auth
lifespan: 10m
registration:
lifespan: 10m
ui_url: http://127.0.0.1:4455/auth/registration
# after:
# password:
# hooks:
# -
# hook: session
log:
level: debug
format: text
leak_sensitive_values: true
secrets:
cookie:
- PLEASE-CHANGE-ME-I-AM-VERY-INSECURE
identity:
default_schema_url: file:///etc/config/kratos/identity.schema.json
courier:
smtp:
connection_uri: smtps://test:test@mailslurper:1025/?skip_ssl_verify=true&legacy_ssl=true
hashers:
argon2:
parallelism: 1
memory: 128MB
iterations: 2
salt_length: 16
key_length: 16
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment