-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathdocker-compose-hydra.yaml
82 lines (80 loc) · 2.19 KB
/
docker-compose-hydra.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
version: '3.1'
services:
postgresd:
image: postgres:9.6
ports:
- "5432:5432"
environment:
- POSTGRES_USER=dbuser
- POSTGRES_PASSWORD=secret
- POSTGRES_DB=accesscontroldb
networks:
- intranet
hydra:
image: oryd/hydra:latest
ports:
- "4444:4444" # Public port
- "4445:4445" # Admin port
- "5555:5555" # Port for hydra token user
command:
serve all --dangerous-force-http
environment:
- URLS_SELF_ISSUER=http://localhost:4444
- URLS_CONSENT=http://localhost:9090/api-user-management/consent
- URLS_LOGIN=http://localhost:9090/api-user-management/login
- URLS_LOGOUT=http://localhost:9090/api-user-management/logout
- DSN=postgres://dbuser:secret@postgresd:5432/accesscontroldb?sslmode=disable&max_conns=20&max_idle_conns=4
- SECRETS_SYSTEM=youReallyNeedToChangeThis
- OIDC_SUBJECT_IDENTIFIERS_SUPPORTED_TYPES=public,pairwise
- OIDC_SUBJECT_IDENTIFIERS_PAIRWISE_SALT=youReallyNeedToChangeThis
restart: unless-stopped
networks:
- intranet
hydra-migrate:
image: oryd/hydra:latest
environment:
- DSN=postgres://dbuser:secret@postgresd:5432/accesscontroldb?sslmode=disable&max_conns=20&max_idle_conns=4
command:
migrate sql -e --yes
restart: on-failure
networks:
- intranet
keto-migrate:
image: oryd/keto:latest
environment:
- DSN=postgres://dbuser:secret@postgresd:5432/accesscontroldb?sslmode=disable
depends_on:
- postgresd
command:
migrate sql -e
networks:
- intranet
keto:
image: oryd/keto:latest
ports:
- "4466:4466"
depends_on:
- keto-migrate
environment:
- LOG_LEVEL=debug
- DSN=postgres://dbuser:secret@postgresd:5432/accesscontroldb?sslmode=disable
command:
serve
networks:
- intranet
oathkeeper:
image: api-manager-users_oathkeeper:latest
build:
context: ./oathkeeper
dockerfile: Dockerfile
ports:
- 4455:4455 #run the proxy at port 4455
- 4456:4456 #run the api at port 4456
command:
serve
--config /config.yaml
networks:
- intranet
networks:
intranet:
driver: bridge