/
docker-compose.yml
125 lines (107 loc) · 3.26 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
version: '3.6'
services:
pg:
image: postgres:10.5
volumes:
- pg-data-volume:/var/lib/postgresql/data
environment:
- POSTGRES_DB=$POSTGRES_DB
- POSTGRES_USER=$POSTGRES_USER
- POSTGRES_PASSWORD=$POSTGRES_PASSWORD
ports:
# This may be useful during development to access the database directly.
- 5433:5432
redis:
image: redis
ports:
# This may be useful during development to access the DB.
- 6379:6379
mail:
image: mailhog/mailhog
ports:
# This may be useful during development to send and read emails.
- 1025:1025
- 8025:8025
hydra-migrate:
image: oryd/hydra:$HYDRA_VERSION
environment:
- LOG_LEVEL=debug
command:
migrate sql postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@pg/${POSTGRES_DB}?sslmode=disable --yes
depends_on:
- pg
restart: on-failure
hydra:
image: oryd/hydra:$HYDRA_VERSION
ports:
# This is the public Oauth2 endpoint.
- 4444:4444
# This may be useful during development to access the admin API.
- 4445:4445
command:
serve all --dangerous-force-http
environment:
- LOG_LEVEL=debug
- DISABLE_TELEMETRY=1
- SECRETS_SYSTEM=$HYDRA_SYSTEM_SECRET
- DATABASE_URL=postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@pg/${POSTGRES_DB}?sslmode=disable
- OAUTH2_CONSENT_URL=http://$BROWSER_IDP_HOST:4488/consent
- OAUTH2_LOGIN_URL=http://$BROWSER_IDP_HOST:4488/login
- OAUTH2_ISSUER_URL=http://$BROWSER_HYDRA_HOST:4444
- OAUTH2_SHARE_ERROR_DEBUG=1
- HYDRA_ADMIN_URL=http://hydra:4445
depends_on:
- hydra-migrate
restart: on-failure
hydra-config:
image: oryd/hydra:$HYDRA_VERSION
environment:
- LOG_LEVEL=debug
- HYDRA_ADMIN_URL=http://hydra:4445
volumes:
- '.:/etc/hydra-config'
command:
clients import /etc/hydra-config/consumer-app.json
depends_on:
- hydra
restart: on-failure
hydra-login2f-migrate:
build:
context: ../
dockerfile: docker_flask/Dockerfile
environment:
- SQLALCHEMY_DATABASE_URI=postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@pg/${POSTGRES_DB}
command: db upgrade
depends_on:
- pg
restart: on-failure
hydra-login2f:
build:
context: ../
dockerfile: docker_flask/Dockerfile
ports:
# This is the public endpoint for login and consent pages.
- 4488:4488
environment:
- PORT=4488
- SQLALCHEMY_DATABASE_URI=postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@pg/${POSTGRES_DB}
- REDIS_URL=redis://redis:6379/0
- MAIL_SERVER=mail
- MAIL_PORT=1025
- MAIL_DEFAULT_SENDER=Login Test Site <no-reply@hydra-login2f.com>
- HYDRA_ADMIN_URL=http://hydra:4445
command:
##############################################################################
# Change "develop" to "serve" in production, or remove the "command" setting #
# altogether. Also, make sure that you always use SSL/TLS in production. #
##############################################################################
develop
depends_on:
- pg
- redis
- mail
- hydra
- hydra-config
- hydra-login2f-migrate
volumes:
pg-data-volume: