/
docker-compose-edv.yml
64 lines (59 loc) · 2.04 KB
/
docker-compose-edv.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
#
# SecureKey Technologies Inc. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
version: '3'
services:
edv.example.com:
container_name: edv.example.com
image: ${EDV_IMAGE}:${EDV_IMAGE_TAG}
environment:
- EDV_HOST_URL=0.0.0.0:8081
- EDV_DATABASE_TYPE=couchdb
- EDV_DATABASE_URL=${COUCHDB_USERNAME}:${COUCHDB_PASSWORD}@shared.couchdb:5984
- EDV_DATABASE_PREFIX=edv
- EDV_AUTH_ENABLE=true
- EDV_LOCALKMS_SECRETS_DATABASE_TYPE=couchdb
- EDV_LOCALKMS_SECRETS_DATABASE_URL=${COUCHDB_USERNAME}:${COUCHDB_PASSWORD}@shared.couchdb:5984
- EDV_LOCALKMS_SECRETS_DATABASE_PREFIX=edv_kms
- VIRTUAL_HOST=edv.trustbloc.local
- EDV_EXTENSIONS=ReturnFullDocumentsOnQuery,Batch
- EDV_DATABASE_TIMEOUT=60
- EDV_TLS_SYSTEMCERTPOOL=true
- EDV_TLS_CACERTS=/etc/tls/trustbloc-dev-ca.crt
- EDV_DID_DOMAIN=${BLOC_DOMAIN}
ports:
- 8081:8081
command: start
volumes:
- ../keys/tls:/etc/tls
networks:
- demo_demo-net
edv-oathkeeper-proxy:
image: oryd/oathkeeper:v0.38.4-alpine
ports:
- "4457:4457"
# will add self-signed certificate to the “trusted list” because oathkeeper doesn't trust self-signed certificate
# https://github.com/ory/oathkeeper/issues/181
# remove it when using real certificate
command: /bin/sh -c "cp /etc/tls/trustbloc-dev-ca.crt /usr/local/share/ca-certificates/;update-ca-certificates;oathkeeper serve proxy --config /oathkeeper/config.yaml"
user: root
entrypoint: ""
environment:
- LOG_LEVEL=debug
- PORT=4457
- ISSUER_URL=https://edv-oathkeeper-proxy.trustbloc.local
- SERVE_PROXY_CORS_ENABLED=true
- SERVE_PROXY_CORS_ALLOWED_HEADERS=Capability-Invocation,Content-Type,Digest,Signature
- VIRTUAL_HOST=edv-oathkeeper-proxy.trustbloc.local
- VIRTUAL_PORT=4457
restart: on-failure
volumes:
- ../edv-oathkeeper:/oathkeeper
- ../keys/tls:/etc/tls
networks:
- demo_demo-net
networks:
demo_demo-net:
external: true