Intégration d'hydra/hydra-passwordless/fake-smtp dans l'infra Docker

misc/containers/hydra/Dockerfile

@@ -0,0 +1,18 @@
+FROM oryd/hydra:v1.4.2-alpine
+
+USER root
+
+COPY docker-entrypoint.sh /usr/local/bin/docker-entrypoint
+RUN chmod a+x /usr/local/bin/docker-entrypoint
+
+COPY first-run.sh /usr/local/bin/docker-first-run
+RUN chmod a+x /usr/local/bin/docker-first-run
+
+COPY hydra-init.d /hydra-init.d
+
+RUN mkdir -p /home/ory && chown -R ory: /home/ory
+USER ory
+
+ENTRYPOINT ["/usr/local/bin/docker-entrypoint"]
+
+CMD ["hydra", "serve", "all"]

misc/containers/hydra/docker-entrypoint.sh

@@ -0,0 +1,14 @@
+#!/bin/sh
+
+set -xeo pipefail
+
+LIFECYCLEFLAGS_DIR="$HOME/.container-lifecycle"
+
+mkdir -p "$LIFECYCLEFLAGS_DIR"
+
+if [ ! -f "$LIFECYCLEFLAGS_DIR/first-run" ]; then
+    /usr/local/bin/docker-first-run
+    touch "$LIFECYCLEFLAGS_DIR/first-run"
+fi
+
+exec "$@"

misc/containers/hydra/first-run.sh

@@ -0,0 +1,8 @@
+#!/bin/sh
+
+hydra migrate sql -e -y
+
+hydra serve all --dangerous-force-http &
+HYDRA_PID=$!
+run-parts --exit-on-error /hydra-init.d
+kill $HYDRA_PID

misc/containers/hydra/hydra-init.d/create-client

@@ -0,0 +1,8 @@
+#!/bin/sh
+
+hydra clients create \
+    --id daddy \
+    -n Daddy \
+    --secret 'KE9wOXR-~7qCXNKWzw23EpNroq' \
+    -a email,email_verified \
+    -c http://localhost:8081/oauth2/callback