-
Notifications
You must be signed in to change notification settings - Fork 43
/
docker-compose.yml
145 lines (113 loc) · 3.78 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
version: '3.5'
volumes:
logs:
db_data:
trust:
services:
db:
image: ${DB_IMAGE}
#volumes:
# - db_data:/var/lib/mysql
# The setting below enables custom configuration
# that turns on the MySQL query log
# - ./compose/mariadb:/etc/mysql/conf.d
environment:
TZ: Europe/Rome
MYSQL_ROOT_PASSWORD: pwd
MYSQL_USER: iam
MYSQL_PASSWORD: pwd
MYSQL_DATABASE: iam
ports:
- "3306:3306"
trust:
image: indigoiam/trustanchors
command: /bin/true
volumes:
- trust:/etc/grid-security/certificates
redis:
image: redis:6-alpine
ports:
- "6379:6379"
iam-be:
container_name: iam-be
build:
context: .
dockerfile: ./iam-login-service/docker/Dockerfile
environment:
TZ: Europe/Rome
IAM_JAVA_OPTS: -Djava.security.egd=file:/dev/./urandom -Xdebug -Xrunjdwp:server=y,transport=dt_socket,suspend=n,address=1044 -Dspring.profiles.active=mysql-test -debug
IAM_JAR: /code/iam-login-service/target/iam-login-service.war
IAM_HOST: iam.local.io
IAM_BASE_URL: https://iam.local.io
IAM_ISSUER: https://iam.local.io/
IAM_FORWARD_HEADERS_STRATEGY: native
IAM_NOTIFICATION_DISABLE: "true"
IAM_DB_HOST: db
IAM_DB_USERNAME: iam
IAM_DB_PASSWORD: pwd
IAM_GOOGLE_CLIENT_ID: ${IAM_GOOGLE_CLIENT_ID}
IAM_GOOGLE_CLIENT_SECRET: ${IAM_GOOGLE_CLIENT_SECRET}
IAM_IAM_TEST_CLIENT_ID: ${IAM_IAM_TEST_CLIENT_ID}
IAM_IAM_TEST_CLIENT_SECRET: ${IAM_IAM_TEST_CLIENT_SECRET}
IAM_JWT_DEFAULT_PROFILE: wlcg
# IAM_SAML_IDP_METADATA: file:///code/compose/metadata/test-idp.cloud.cnaf.infn.it.metadata.xml
# IAM_SAML_ENTITY_ID: urn:iam:iam-devel
# IAM_SAML_ENTITY_ID: https://iam.local.io
# IAM_RCAUTH_ENABLED: "false"
# IAM_RCAUTH_CLIENT_ID: ${IAM_RCAUTH_CLIENT_ID}
# IAM_RCAUTH_CLIENT_SECRET: ${IAM_RCAUTH_CLIENT_SECRET}
# IAM_RCAUTH_ISSUER: ${IAM_RCAUTH_ISSUER}
ports:
- "1044:1044"
depends_on:
- db
volumes:
- trust:/etc/grid-security/certificates
- logs:/var/log/iam
- .:/code:ro
- /dev/urandom:/dev/random
# - ./compose/custom-logging/logback-spring.xml:/indigo-iam/logback-spring.xml:ro
# - ./compose/metadata/iam.local.io.metadata.xml:/indigo-iam/iam.local.io.metadata.xml:ro
# - ./compose/metadata/spid-idp.example.metadata.xml:/indigo-iam/spid-idp.example.metadata.xml:ro
# - ./compose/custom-saml/application-saml.yml:/indigo-iam/config/application-saml.yml:ro
# - ./compose/multiple-oidc-providers/application.yml:/indigo-iam/config/application.yml
client:
build:
context: .
dockerfile: ./iam-test-client/docker/Dockerfile
container_name: client
environment:
TZ: Europe/Rome
IAM_CLIENT_PORT: 8080
IAM_CLIENT_JAVA_OPTS: -Djava.security.egd=file:/dev/./urandom -Xdebug -Xrunjdwp:server=y,transport=dt_socket,suspend=n,address=1045
IAM_CLIENT_ISSUER: https://iam.local.io/
IAM_CLIENT_REDIRECT_URIS: https://iam.local.io/iam-test-client/openid_connect_login
IAM_FORWARD_HEADERS_STRATEGY: native
IAM_CLIENT_TLS_USE_GRID_TRUST_ANCHORS: "true"
#IAM_CLIENT_EXT_AUTHN_HINT: saml:exampleIdp
IAM_CLIENT_JAR: /code/iam-test-client/target/iam-test-client.jar
ports:
- "1045:1045"
volumes:
- trust:/etc/grid-security/certificates
- .:/code:ro
iam:
build:
context: ./docker/nginx/
depends_on:
- iam-be
- client
dns_search: local.io
container_name: iam
environment:
TZ: Europe/Rome
NGINX_HOST: iam
NGINX_PORT: 443
ports:
- "443:443"
volumes:
- /dev/urandom:/dev/random
networks:
default:
aliases:
- iam.local.io