-
Notifications
You must be signed in to change notification settings - Fork 1
/
docker-compose.base.yaml
78 lines (70 loc) · 2.28 KB
/
docker-compose.base.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
version: '3.7'
services:
# database
postgres:
image: bitnami/postgresql:14.1.0-debian-10-r31
restart: unless-stopped
ports:
- 5432:5432
# policy decision point
oathkeeper:
image: oryd/oathkeeper:v0.40
command: serve proxy -c "/etc/config/oathkeeper/oathkeeper.yaml"
restart: unless-stopped
volumes:
- ./config/oathkeeper/oathkeeper.yaml:/etc/config/oathkeeper/oathkeeper.yaml
- ./config/oathkeeper/id_token.jwks.json:/etc/config/oathkeeper/id_token.jwks.json
- ./config/oathkeeper/rules/auth.yaml:/etc/config/oathkeeper/rules/auth.yaml
- ./config/oathkeeper/rules/kratos.yaml:/etc/config/oathkeeper/rules/kratos.yaml
- ./config/oathkeeper/rules/api-notes.yaml:/etc/config/oathkeeper/rules/api-notes.yaml
depends_on:
- kratos
# user federation
kratos:
image: oryd/kratos:v1.0.0
command: serve -c /etc/config/kratos/kratos.yml --dev --watch-courier
restart: unless-stopped
volumes:
- ./config/kratos:/etc/config/kratos
depends_on:
- kratos-migrations
# user federation migrations
kratos-migrations:
image: oryd/kratos:v1.0.0
command: -c /etc/config/kratos/kratos.yml migrate sql -e --yes
restart: on-failure
volumes:
- ./config/kratos:/etc/config/kratos
# user federation self service ui (while auth ui is not ready)
kratos-selfservice-ui-node:
image: oryd/kratos-selfservice-ui-node:v1.0.0
restart: unless-stopped
# acl and rbac management
keto:
image: oryd/keto:v0.11.1
command: serve -c /etc/config/keto/keto.yaml
restart: unless-stopped
volumes:
- ./config/keto/keto.yaml:/etc/config/keto/keto.yaml
- ./config/keto/namespaces:/etc/config/keto/namespaces
depends_on:
- keto-migrations
# acl and rbac management migrations
keto-migrations:
image: oryd/keto:v0.11.1
command: -c /etc/config/keto/keto.yaml migrate up -y
restart: on-failure
volumes:
- ./config/keto:/etc/config/keto
# acl and rbac management initialization
keto-init:
image: oryd/keto:v0.11.1
entrypoint: ['sh', '/init.sh']
restart: on-failure
environment:
- KETO_WRITE_REMOTE=keto:4467
volumes:
- ./config/keto:/etc/config/keto
- ./scripts/keto/init.sh:/init.sh
depends_on:
- keto