forked from indigo-iam/iam
-
Notifications
You must be signed in to change notification settings - Fork 0
/
docker-compose.yml
147 lines (115 loc) · 3.75 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
version: '3.5'
volumes:
db_data:
trust:
services:
db_data:
image: busybox
volumes:
- db_data:/var/lib/mysql
command: /bin/true
db:
image: ${DB_IMAGE}
volumes:
- db_data:/var/lib/mysql
# The setting below enables custom configuration
# that turns on the MySQL query log
# volumes:
# - ./compose/mariadb:/etc/mysql/conf.d
environment:
TZ: Europe/Rome
MYSQL_ROOT_PASSWORD: pwd
MYSQL_USER: iam
MYSQL_PASSWORD: pwd
MYSQL_DATABASE: iam
ports:
- "3306:3306"
trust:
image: indigoiam/trustanchors
# build:
# context: ./docker/trust-anchors
command: /bin/true
volumes:
- trust:/etc/grid-security/certificates
iam-be:
container_name: iam-be
build:
context: .
dockerfile: ./iam-login-service/docker/Dockerfile
environment:
TZ: Europe/Rome
IAM_JAVA_OPTS: -Djava.security.egd=file:/dev/./urandom -Xdebug -Xrunjdwp:server=y,transport=dt_socket,suspend=n,address=1044 -Dspring.profiles.active=mysql-test
IAM_JAR: /code/iam-login-service/target/iam-login-service.war
IAM_HOST: iam.local.io
IAM_BASE_URL: https://iam.local.io
IAM_ISSUER: https://iam.local.io/
IAM_USE_FORWARDED_HEADERS: "true"
IAM_NOTIFICATION_DISABLE: "true"
IAM_DB_HOST: db
IAM_DB_USERNAME: iam
IAM_DB_PASSWORD: pwd
IAM_GOOGLE_CLIENT_ID: ${IAM_GOOGLE_CLIENT_ID}
IAM_GOOGLE_CLIENT_SECRET: ${IAM_GOOGLE_CLIENT_SECRET}
IAM_IAM_TEST_CLIENT_ID: ${IAM_IAM_TEST_CLIENT_ID}
IAM_IAM_TEST_CLIENT_SECRET: ${IAM_IAM_TEST_CLIENT_SECRET}
IAM_JWT_DEFAULT_PROFILE: wlcg
# IAM_SAML_IDP_METADATA: file:///code/compose/metadata/test-idp.cloud.cnaf.infn.it.metadata.xml
# IAM_SAML_ENTITY_ID: urn:iam:iam-devel
# IAM_SAML_ENTITY_ID: https://iam.local.io
# IAM_RCAUTH_ENABLED: "false"
# IAM_RCAUTH_CLIENT_ID: ${IAM_RCAUTH_CLIENT_ID}
# IAM_RCAUTH_CLIENT_SECRET: ${IAM_RCAUTH_CLIENT_SECRET}
# IAM_RCAUTH_ISSUER: ${IAM_RCAUTH_ISSUER}
ports:
- "1044:1044"
depends_on:
- db
volumes:
- trust:/etc/grid-security/certificates
- .:/code:ro
- /dev/urandom:/dev/random
# - ./compose/metadata/iam.local.io.metadata.xml:/indigo-iam/iam.local.io.metadata.xml:ro
# - ./compose/metadata/spid-idp.example.metadata.xml:/indigo-iam/spid-idp.example.metadata.xml:ro
# - ./compose/custom-saml/application-saml.yml:/indigo-iam/config/application-saml.yml:ro
# - ./compose/multiple-oidc-providers/application.yml:/indigo-iam/config/application.yml
client:
build:
context: .
dockerfile: ./iam-test-client/docker/Dockerfile
container_name: client
environment:
TZ: Europe/Rome
IAM_CLIENT_PORT: 8080
IAM_CLIENT_JAVA_OPTS: -Djava.security.egd=file:/dev/./urandom -Xdebug -Xrunjdwp:server=y,transport=dt_socket,suspend=n,address=1045
IAM_CLIENT_ID: client
IAM_CLIENT_SECRET: secret
IAM_CLIENT_ISSUER: https://iam.local.io/
IAM_CLIENT_REDIRECT_URIS: https://iam.local.io/iam-test-client/openid_connect_login
IAM_CLIENT_USE_FORWARD_HEADERS: "true"
#IAM_CLIENT_EXT_AUTHN_HINT: saml:exampleIdp
IAM_CLIENT_JAR: /code/iam-test-client/target/iam-test-client.jar
ports:
- "1045:1045"
volumes:
- trust:/etc/grid-security/certificates
- .:/code:ro
iam:
build:
context: ./docker/nginx/
depends_on:
- iam-be
- client
dns_search: local.io
container_name: iam
environment:
TZ: Europe/Rome
NGINX_HOST: iam
NGINX_PORT: 443
ports:
- "443:443"
volumes:
- /dev/urandom:/dev/random
networks:
default:
aliases:
- iam.local.io