Fix docker-compose (ivanpaulovich#234)

.docker/docker-compose.dcproj

@@ -5,13 +5,25 @@
     <DockerTargetOS>Linux</DockerTargetOS>
     <ProjectGuid>a0517af3-3b35-443a-80dc-ff94f10cf056</ProjectGuid>
     <DockerLaunchAction>LaunchBrowser</DockerLaunchAction>
-    <DockerServiceUrl>{Scheme}://localhost:{ServicePort}/{Scheme}://{ServiceHost}:{ServicePort}</DockerServiceUrl>
-    <DockerServiceName>webapi</DockerServiceName>
+    <DockerServiceUrl>https://wallet.local:8081</DockerServiceUrl>
+    <DockerServiceName>wallet-spa</DockerServiceName>
   </PropertyGroup>
   <ItemGroup>
+    <None Include="docker-compose.production.yml">
+      <DependentUpon>docker-compose.yml</DependentUpon>
+    </None>
     <None Include="docker-compose.override.yml">
       <DependentUpon>docker-compose.yml</DependentUpon>
     </None>
     <None Include="docker-compose.yml" />
+    <None Include="https\localhost.crt" />
+    <None Include="https\localhost.key" />
+    <None Include="https\localhost.pfx" />
+    <None Include="makecert.sh" />
+    <None Include="ssl-selfsigned.cnf" />
+    <None Include="startup-production.sh" />
+    <None Include="startup.sh" />
+    <None Include="trustcert.sh" />
+    <None Include="trustcert-windows.ps1" />
   </ItemGroup>
 </Project>

.docker/docker-compose.override.yml

@@ -2,34 +2,20 @@ version: '3.4'
 
 services:
   nginx:
-    volumes:
-      - ../.docker/https/localhost.crt:/etc/ssl/certs/localhost.crt:ro
-      - ../.docker/https/localhost.key:/etc/ssl/private/localhost.key:ro
+    ports:
+      - "8080:80"
+      - "8081:443"
   accounts-api:
     environment:
-      - ASPNETCORE_ENVIRONMENT=Production
-      - ASPNETCORE_URLS=https://+;http://+
-      - ASPNETCORE_HTTPS_PORT=443
-      - ASPNETCORE_Kestrel__Certificates__Default__Password=MyCertificatePassword
-      - ASPNETCORE_Kestrel__Certificates__Default__Path=/https/localhost.pfx
-      - PersistenceModule__DefaultConnection=Server=sql1;User Id=sa;Password=<YourStrong!Passw0rd>;Database=Accounts;
-    volumes:
-      - ../.docker/https:/https:ro
+      - ASPNETCORE_ENVIRONMENT=Development
   identity-server:
     environment:
-      - ASPNETCORE_ENVIRONMENT=Production
-      - ASPNETCORE_URLS=https://+;http://+
-      - ASPNETCORE_HTTPS_PORT=443
-      - ASPNETCORE_Kestrel__Certificates__Default__Password=MyCertificatePassword
-      - ASPNETCORE_Kestrel__Certificates__Default__Path=/https/localhost.pfx
-    volumes:
-      - ../.docker/https:/https:ro
+      - ASPNETCORE_ENVIRONMENT=Development
+      - IDENTITY_SERVER_ORIGIN=https://wallet.local:8081
+      - RedirectUris=https://wallet.local:8081/callback
+      - PostLogoutRedirectUris=https://wallet.local:8081
+      - AllowedCorsOrigins=https://wallet.local:8081
   wallet-spa:
-    stdin_open: true # docker run -i
-    tty: true        # docker run -t
-  sql1:
-    environment:
-        SA_PASSWORD: "<YourStrong!Passw0rd>"
-        ACCEPT_EULA: "Y"
-    ports:
-      - "1433:1433"
+    build:
+      args:
+        ENV: Development

.docker/docker-compose.production.yml

@@ -0,0 +1,21 @@
+version: '3.4'
+
+services:
+  nginx:
+    ports:
+      - "80:80"
+      - "443:443"
+  accounts-api:
+    environment:
+      - ASPNETCORE_ENVIRONMENT=Production
+  identity-server:
+    environment:
+      - ASPNETCORE_ENVIRONMENT=Production
+      - IDENTITY_SERVER_ORIGIN=https://wallet.local
+      - RedirectUris=https://wallet.local/callback
+      - PostLogoutRedirectUris=https://wallet.local
+      - AllowedCorsOrigins=https://wallet.local
+  wallet-spa:
+    build:
+      args:
+        ENV: Production

.docker/docker-compose.yml

@@ -2,34 +2,70 @@ version: '3.4'
 
 services:
   nginx:
-    build: ../nginx
+    build:
+      context: ../nginx/
     container_name: wallet.local
-    ports:
-      - "80:80"
-      - "443:443"
+    volumes:
+      - ../.docker/https/localhost.crt:/etc/ssl/certs/localhost.crt:ro
+      - ../.docker/https/localhost.key:/etc/ssl/private/localhost.key:ro
     links:
       - accounts-api
       - identity-server
       - wallet-spa
   accounts-api:
     image: ${DOCKER_REGISTRY-}accounts
+    container_name: "accounts-api"
     build:
       context: ../accounts-api/
       dockerfile: src/WebApi/Dockerfile
-    container_name: "accounts-api"
+    environment:
+      - ASPNETCORE_URLS=https://+;http://+
+      - ASPNETCORE_HTTPS_PORT=443
+      - ASPNETCORE_BASEPATH=/accounts-api
+      - ASPNETCORE_Kestrel__Certificates__Default__Password=MyCertificatePassword
+      - ASPNETCORE_Kestrel__Certificates__Default__Path=/https/localhost.pfx
+      - PersistenceModule__DefaultConnection=Server=sql1;User Id=sa;Password=<YourStrong!Passw0rd>;Database=Accounts;
+    volumes:
+      - ../.docker/https:/https:ro
     depends_on:
       - sql1
+      - accounts-api-seed
       - identity-server
+  accounts-api-seed:
+    container_name: "accounts-api-seed"
+    build:
+      context: ../accounts-api/
+      dockerfile: ../accounts-api-seed/Dockerfile
+    environment:
+      - PersistenceModule__DefaultConnection=Server=sql1;User Id=sa;Password=<YourStrong!Passw0rd>;Database=Accounts;
+    command: bash -c "/root/.dotnet/tools/dotnet-ef database update --project src/Infrastructure --startup-project src/WebApi"
+    depends_on:
+      - sql1
   identity-server:
     image: ${DOCKER_REGISTRY-}identityserver
     container_name: "identity-server"
+    environment:
+      - ASPNETCORE_URLS=https://+;http://+
+      - ASPNETCORE_HTTPS_PORT=443
+      - ASPNETCORE_BASEPATH=/identity-server
+      - ASPNETCORE_Kestrel__Certificates__Default__Password=MyCertificatePassword
+      - ASPNETCORE_Kestrel__Certificates__Default__Path=/https/localhost.pfx
+    volumes:
+      - ../.docker/https:/https:ro
     build:
       context: ../
       dockerfile: identity-server/Dockerfile
   wallet-spa:
     image: ${DOCKER_REGISTRY-}wallet
     container_name: "wallet-spa"
+    stdin_open: true # docker run -i
+    tty: true        # docker run -t
     build:
       context: ../wallet-spa/
   sql1:
     image: "mcr.microsoft.com/mssql/server:2019-latest"
+    environment:
+      SA_PASSWORD: "<YourStrong!Passw0rd>"
+      ACCEPT_EULA: "Y"
+    ports:
+      - "1433:1433"

.docker/https/localhost.crt

@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIIDzjCCAragAwIBAgIJAPi+ReDLm74xMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV
+BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
+aWRnaXRzIFB0eSBMdGQwHhcNMjAwOTIwMTcyMDUxWhcNMjEwOTIwMTcyMDUxWjBF
+MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50
+ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
+CgKCAQEAtcBf14NvN9t+uwLztVncXjrWf1jN3R28GYwjkTATVLPkv9+6iu9lLNI1
+irEaUlZZdS7PF+451p2Jjse4EtzDlC3wo3+XeGz8mQBjdxiOFOzstyX0nX0W8XKR
+AzBg4OQ9PptzTMKCo6sN9wZB42DodiHFtNFn9/FKvCFCfJ3DzPy5hyR8wPHS5c53
+aYs1t8dJ4Hdsf92UvJCrqchv7tEuqve7lrdUlTgcXcdQhuNMpz5hDap0TYNk+/Qk
+lMhymQ6mrXBBobbasWN4y08jXLeQvPC9QY7EYejzoAXgioUxuuxjbdQoBDucSU/b
+khdP5My6dPS/4FLy6dBWyGQ0UdjTRQIDAQABo4HAMIG9MBcGA1UdEQQQMA6CDHdh
+bGxldC5sb2NhbDAdBgNVHQ4EFgQUgib1/L4CL+9gVcNUsEe2FlSPtiYwdQYDVR0j
+BG4wbIAUgib1/L4CL+9gVcNUsEe2FlSPtiahSaRHMEUxCzAJBgNVBAYTAkFVMRMw
+EQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0
+eSBMdGSCCQD4vkXgy5u+MTAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IB
+AQAxAdlAl2ct/kRyfYsGo9OkQc8iFv4wEbFNeZUkvzBEOMAGhPMOuGbU5K/zf2j7
+cBYAAZaxC5tqLlgIwQ/tCXJgUO1+UrSzGd0AZhrINNVgc0eae8wam2oZiQiFYHEl
+jZ6h0xgbhCzTsVTsad4M1V3uwYM1R32+53540ZqLcW4/mLqFSCe7pJna9GJhPps2
+3U93ga3MC2ff2ZUFJxB+O3ja30OKEjL5nArtK2gw176fCdD5xEVZmfCBGxLzmRx/
+XK2Ytz8TBe4UJcurLSux6Wz+KnajH4+r2ysDK/NvyzRsQ0mxboiRs5jG2sJcbzQp
+DZB0xWlaStQUZbIZyMHl4QW9
+-----END CERTIFICATE-----

.docker/https/localhost.key

@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQC1wF/Xg2832367
+AvO1WdxeOtZ/WM3dHbwZjCORMBNUs+S/37qK72Us0jWKsRpSVll1Ls8X7jnWnYmO
+x7gS3MOULfCjf5d4bPyZAGN3GI4U7Oy3JfSdfRbxcpEDMGDg5D0+m3NMwoKjqw33
+BkHjYOh2IcW00Wf38Uq8IUJ8ncPM/LmHJHzA8dLlzndpizW3x0ngd2x/3ZS8kKup
+yG/u0S6q97uWt1SVOBxdx1CG40ynPmENqnRNg2T79CSUyHKZDqatcEGhttqxY3jL
+TyNct5C88L1BjsRh6POgBeCKhTG67GNt1CgEO5xJT9uSF0/kzLp09L/gUvLp0FbI
+ZDRR2NNFAgMBAAECggEAMgNX3EQMrMA3pVpwmay6mStzruNO8tOl2RnZB7DFAP/n
+qGz2NhkeLDFEDoAhkBq2zyosTpd9TvNW0PVgT8B0CSiDGVqY4ciL0cZrmHAnWNbB
+ZLyLDXNIhvRRtyDu57Omrr20AqFbtZHya9FK/DjEfw1YDCO7ilzZhd9ZHlWDdbp2
+sCLjgtlSPKuaCNVCubQu6/eXwWui1C4AtBg68Kq4j7coJzBQ9JyF8tbZvzqm/E19
+UsNP99Tyg2+fo9zL2ITiRmry4rn+GbKj2LdZwwYRnS8RqaydGnYcoc7VqSthdmR+
+42bdnGr0jFG9tu0ryStXrxPIgbPYS5E89Ts4w3IAQQKBgQDigAFJmaxTf/ONcXsr
+EiJPRUDrkphH2t493pfyOBmBIHDoCw9039qU25IYRoKEJ+MFW/9lVbzcSAF2XkqC
+ogfdxSXWtVEEP6NWMct9iOIqrTQUbJXE8Cw/vEdY034vBd9VBp1lcpV1tRdEGDYC
+IAXu6nsYwSpgzhAeLF3xhRd2DQKBgQDNbFtVXjlqh96fhahdVfeH0fFuxU4ZEi08
+KkkQFYTtEtXBMz12iSPNh4i1dC+FpuYGNKeHErvaqWm8gDA1GzblXWnw/U5nTHZ+
+74zBIlYrnYoVXAYadQNhW9EMad/vkzWxmFVhHQo28UDwKNcSrrqwQFq2dcYchaB5
+BYWt0uB8GQKBgDybA70t4W52TjUKqGpd79BGN5jRIO4ZIl5rsTyexjRG+e8dBoW/
+YD10gyL7uvChu50zgKMczewjWEDT+hv6PyCYIAfTfFomrQ3jRQ/SELJaphTQ+UI5
+AZ4MQwsBjEII0DlwC62Ze2SDkDYoREtNRkkndMiq5yv/91AbjweRFTYBAoGADVPm
+aRd/6iV+kCL/1W5qbOl2HJW4h2/id3DW5LBAu5DpRWuppTMom4EboYo0Oxuk+OoZ
+pG3Wuk0bixtWBVwKp77zzKril1kipwGrxCwSIypJdzFNRBIrcfmfCosj+Es4xJj5
+kR9tNjtY1zwPGCs1+ZFzUTs660bQLonpLmnsHqECgYBfvyRAEA727YKkIXcbE5y2
+tqb377xmyU93zaWuBm77M2X/phWK5vR72NW8KE//b4VsfAESjZq81JDkT6e9mBJ0
+8ZitC34gmSghFWXpyM3WrI6VFWZVGv7ZRUq6cwsuyLXcLqmQ6mVhA8ddncMof4k6
+hrUBatNAsWuDdbzIdpLsgA==
+-----END PRIVATE KEY-----

.docker/makecert.sh

@@ -1,4 +1,3 @@
 #!/bin/bash
-mkdir https
 openssl req -x509 -newkey rsa:2048 -keyout https/localhost.key -out https/localhost.crt -days 365 -nodes -config ssl-selfsigned.cnf
 openssl pkcs12 -export -out https/localhost.pfx -inkey https/localhost.key -in https/localhost.crt -name "Localhost selfsigned certificate" -password pass:MyCertificatePassword

.docker/startup-production.sh

@@ -0,0 +1,17 @@
+#!/bin/bash
+if [ `ls -1 https/localhost.* 2>/dev/null | wc -l ` -gt 0 ];
+then
+    echo "0. Using certificates from $(tput setaf 3)https$(tput sgr0) folder."
+else
+    echo "ERROR: Failed to find certificates. Check the specific makecert script for your OS."
+    exit 1
+fi
+echo "1. Building Docker images. This may take few minutes..."
+echo -e "\n\n\tEnsure Docker is up and running.\n\n"
+docker-compose build
+echo "2. Starting up applications. This may take few minutes..."
+docker-compose -f docker-compose.yml -f docker-compose.production.yml up -d
+echo -e "3. Manually add the entry $(tput setaf 3)127.0.0.1 wallet.local$(tput sgr0) to the hosts file."
+echo -e "\tBrowse to $(tput setaf 3)https://wallet.local/$(tput sgr0)\n\nUse the following credentials to login into Identity Server:\n\n\tUsername:\t$(tput setaf 3)alice$(tput sgr0)\n\tPassword:\t$(tput setaf 3)alice$(tput sgr0)"
+echo -e "\tRun $(tput setaf 3)docker ps$(tput sgr0) to check if all containers are up. The frontend SPA could take several minutes to get ready."
+

.docker/startup.sh

@@ -1,14 +1,16 @@
 #!/bin/bash
-echo "1. Building Docker images in silent mode. This may take few minutes..."
+if [ `ls -1 https/localhost.* 2>/dev/null | wc -l ` -gt 0 ];
+then
+    echo "0. Using certificates from $(tput setaf 3)https$(tput sgr0) folder."
+else
+    echo "ERROR: Failed to find certificates. Check the specific makecert script for your OS."
+    exit 1
+fi
+echo "1. Building Docker images. This may take few minutes..."
 echo -e "\n\n\tEnsure Docker is up and running.\n\n"
-docker-compose build --quiet
-echo "2. Starting up SQL Server in Docker..."
-docker-compose up -d sql1
-echo "3. Updating DB using Entity Framework Tool..."
-./init-db
-echo -e "4. Starting up applications:"
-echo -e "\tIdentity Server."
-echo -e "\tAccounts."
-echo -e "\tSPA."
-docker-compose up -d
-echo -e "5. Browse to $(tput setaf 3)https://wallet.local/$(tput sgr0)\n\nUse the following credentials to login into Identity Server:\n\n\tUsername:\t$(tput setaf 3)alice$(tput sgr0)\n\tPassword:\t$(tput setaf 3)alice$(tput sgr0)"
+docker-compose build
+echo "2. Starting up applications. This may take few minutes..."
+docker-compose -f docker-compose.yml -f docker-compose.override.yml up -d
+echo -e "3. Manually add the entry $(tput setaf 3)127.0.0.1 wallet.local$(tput sgr0) to the hosts file."
+echo -e "\tBrowse to $(tput setaf 3)https://wallet.local:8081/$(tput sgr0)\n\nUse the following credentials to login into Identity Server:\n\n\tUsername:\t$(tput setaf 3)alice$(tput sgr0)\n\tPassword:\t$(tput setaf 3)alice$(tput sgr0)"
+echo -e "\tRun $(tput setaf 3)docker ps$(tput sgr0) to check if all containers are up. The frontend SPA could take several minutes to get ready."

.docker/trustcert-windows.sh → .docker/trustcert-windows.ps1

@@ -1,4 +1,7 @@
 #!/bin/bash
+# Check out for multiple options to trust certificates 
 # https://gist.github.com/epcim/03f66dfa85ad56604c7b8e6df79614e0
+#
 dotnet dev-certs https -ep https/localhost.pfx -p MyCertificatePassword
-dotnet dev-certs https --trust
+dotnet dev-certs https --trust
+certutil -addstore -f "ROOT" https/localhost.crt

.dockerignore

@@ -0,0 +1,25 @@
+**/.classpath
+**/.dockerignore
+**/.env
+**/.git
+**/.gitignore
+**/.project
+**/.settings
+**/.toolstarget
+**/.vs
+**/.vscode
+**/*.*proj.user
+**/*.dbmdl
+**/*.jfm
+**/azds.yaml
+**/bin
+**/charts
+**/docker-compose*
+**/Dockerfile*
+**/node_modules
+**/npm-debug.log
+**/obj
+**/secrets.dev.yaml
+**/values.dev.yaml
+LICENSE
+README.md

CHANGELOG.md

@@ -7,6 +7,16 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [3.3.1] - 2020-09-20
+
+### Added
+
+- Accounts API Seed.
+
+### Fixed
+
+- docker-compose on Windows and Mac.
+
 ## [3.3.0] - 2020-09-13
 
 ### Added