-
Notifications
You must be signed in to change notification settings - Fork 0
/
docker-compose.yaml
124 lines (118 loc) · 3.66 KB
/
docker-compose.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
services:
db:
image: postgres:latest
container_name: openid-federation-datastore
environment:
POSTGRES_USER: ${DATASOURCE_USER}
POSTGRES_PASSWORD: ${DATASOURCE_PASSWORD}
POSTGRES_DB: ${DATASOURCE_DB}
ports:
- "5432:5432"
volumes:
- postgres_data:/var/lib/postgresql/data
networks:
- openid_network
healthcheck:
test: [ "CMD-SHELL", "pg_isready -d ${DATASOURCE_DB} -U ${DATASOURCE_USER}" ]
interval: 3s
timeout: 5s
retries: 20
local-kms-db:
image: postgres:latest
container_name: openid-federation-local-kms-datastore
environment:
POSTGRES_USER: ${LOCAL_KMS_DATASOURCE_USER}
POSTGRES_PASSWORD: ${LOCAL_KMS_DATASOURCE_PASSWORD}
POSTGRES_DB: ${LOCAL_KMS_DATASOURCE_DB}
ports:
- "5433:5432"
volumes:
- local_kms_data:/var/lib/postgresql/data
networks:
- openid_network
healthcheck:
test: [ "CMD-SHELL", "pg_isready -d ${LOCAL_KMS_DATASOURCE_DB} -U ${LOCAL_KMS_DATASOURCE_USER}" ]
interval: 3s
timeout: 5s
retries: 20
federation-server:
build:
context: .
dockerfile: ./.docker/federation-server/Dockerfile
ports:
- "8080:8080"
container_name: openid-federation-server
environment:
DATASOURCE_URL: ${DATASOURCE_URL}
DATASOURCE_USER: ${DATASOURCE_USER}
DATASOURCE_PASSWORD: ${DATASOURCE_PASSWORD}
APP_KEY: ${APP_KEY}
KMS_PROVIDER: ${KMS_PROVIDER}
LOCAL_KMS_DATASOURCE_URL: ${LOCAL_KMS_DATASOURCE_URL}
LOCAL_KMS_DATASOURCE_USER: ${LOCAL_KMS_DATASOURCE_USER}
LOCAL_KMS_DATASOURCE_PASSWORD: ${LOCAL_KMS_DATASOURCE_PASSWORD}
LOCAL_KMS_DATASOURCE_DB: ${LOCAL_KMS_DATASOURCE_DB}
ROOT_IDENTIFIER: ${ROOT_IDENTIFIER}
depends_on:
admin-server:
condition: service_started
db:
condition: service_healthy
networks:
- openid_network
admin-server:
build:
context: .
dockerfile: ./.docker/admin-server/Dockerfile
ports:
- "8081:8080"
container_name: openid-federation-server-admin
environment:
DATASOURCE_URL: ${DATASOURCE_URL}
DATASOURCE_USER: ${DATASOURCE_USER}
DATASOURCE_PASSWORD: ${DATASOURCE_PASSWORD}
APP_KEY: ${APP_KEY}
KMS_PROVIDER: ${KMS_PROVIDER}
LOCAL_KMS_DATASOURCE_URL: ${LOCAL_KMS_DATASOURCE_URL}
LOCAL_KMS_DATASOURCE_USER: ${LOCAL_KMS_DATASOURCE_USER}
LOCAL_KMS_DATASOURCE_PASSWORD: ${LOCAL_KMS_DATASOURCE_PASSWORD}
LOCAL_KMS_DATASOURCE_DB: ${LOCAL_KMS_DATASOURCE_DB}
ROOT_IDENTIFIER: ${ROOT_IDENTIFIER}
OAUTH2_RESOURCE_SERVER_JWT_ISSUER_URI: ${OAUTH2_RESOURCE_SERVER_JWT_ISSUER_URI}
depends_on:
db:
condition: service_healthy
local-kms-db:
condition: service_healthy
keycloak:
condition: service_healthy
networks:
- openid_network
keycloak:
image: keycloak/keycloak:26.0
command:
- start-dev
- --import-realm
ports:
- "8082:8080"
environment:
- KC_BOOTSTRAP_ADMIN_USERNAME=${KC_BOOTSTRAP_ADMIN_USERNAME}
- KC_BOOTSTRAP_ADMIN_PASSWORD=${KC_BOOTSTRAP_ADMIN_PASSWORD}
- KC_HEALTH_ENABLED=true
volumes:
- ./.docker/keycloak:/opt/keycloak/data/import/
restart: always
networks:
- openid_network
healthcheck:
test: [ "CMD-SHELL", "exec 3<>/dev/tcp/127.0.0.1/9000; echo -e 'GET /health/ready HTTP/1.1\r\nHost: localhost:9000\r\nConnection: close\r\n\r\n' >&3;cat <&3 | grep -q '\"status\": \"UP\"' && exit 0 || exit 1" ]
interval: 3s
timeout: 10s
retries: 10
start_period: 10s
networks:
openid_network:
driver: bridge
volumes:
postgres_data:
local_kms_data: