diff --git a/deploy_stack.sh b/deploy_stack.sh index a9ffd66c7..21f891885 100755 --- a/deploy_stack.sh +++ b/deploy_stack.sh @@ -6,6 +6,7 @@ if ! [ -x "$(command -v docker)" ]; then fi export BASIC_AUTH="true" +export AUTH_URL="http://basic-auth-plugin:8080/validate" sha_cmd="shasum -a 256" if ! command -v shasum >/dev/null; then @@ -17,6 +18,7 @@ do case "$1" in --no-auth | -n) export BASIC_AUTH="false" + export AUTH_URL="" ;; --help | -h) echo "Usage: \n [default]\tdeploy the OpenFaaS core services\n --no-auth [-n]\tdisable basic authentication.\n --help\tdisplays this screen" diff --git a/docker-compose.yml b/docker-compose.yml index 192e683d6..3af218762 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -3,7 +3,7 @@ services: gateway: ports: - 8080:8080 - image: openfaas/gateway:0.12.0 + image: openfaas/gateway:0.13.6 networks: - functions environment: @@ -21,6 +21,8 @@ services: scale_from_zero: "true" # Enable if you want functions to scale from 0/0 to min replica count upon invoke max_idle_conns: 1024 max_idle_conns_per_host: 1024 + auth_proxy_url: "${AUTH_URL:-}" + auth_proxy_pass_body: "false" deploy: resources: # limits: # Enable if you want to limit memory usage @@ -39,6 +41,32 @@ services: - basic-auth-user - basic-auth-password + # auth service provide basic-auth plugin for system APIs + basic-auth-plugin: + image: openfaas/basic-auth-plugin:0.1.0 + networks: + - functions + environment: + secret_mount_path: "/run/secrets/" + deploy: + placement: + constraints: + - "node.role == manager" + - "node.platform.os == linux" + resources: + # limits: # Enable if you want to limit memory usage + # memory: 100M + reservations: + memory: 50M + restart_policy: + condition: on-failure + delay: 5s + max_attempts: 20 + window: 380s + secrets: + - basic-auth-user + - basic-auth-password + # Docker Swarm provider faas-swarm: volumes: