hydra-sql/compose.yml

services:
  hydra-dispatcher:
    image: reg.cadoles.com/cadoles/hydra-dispatcher-standalone:2025.9.2-develop.1152.3cd1c49
    ports:
      - 8082:80
    environment:
      - APP_ENV=prod
      - APP_DEBUG=false
      - PHP_FPM_MEMORY_LIMIT=256m
      - CADDY_HTTP_PORT=80
      - HYDRA_ADMIN_BASE_URL=http://hydra:4445
      - HYDRA_BASE_URL=http://hydra:4444
      - HYDRA_REWRITE_ISSUER=yes
      - HYDRA_ORIGINAL_ISSUER=http://localhost:8081
      - HYDRA_NEW_ISSUER=http://localhost:8082
      - DEFAULT_LOCALE=fr
      - DISABLE_APP_AUTO_SELECT=false
      - APP_LOCALES=fr,en
      - HYDRA_ADMIN_AUTHORIZED_HOSTS=10.0.0.0/8,172.16.0.0/12,172.19.0.0/12,192.168.0.0/16
      - REDIS_DSN=redis://redis:6379
      - TRUSTED_PROXIES=REMOTE_ADDR
    volumes:
      - ./misc/compose/dispatcher/:/app/config/hydra/
  hydra-sql:
    build:
      context: .
      dockerfile: ./misc/images/hydra-sql-standalone/Dockerfile
      args:
        - BASE_PATH=
        - APP_ENV=dev
        - ENCORE_MODE=dev
        - HTTP_PROXY=${HTTP_PROXY}
        - HTTPS_PROXY=${HTTPS_PROXY}
        - http_proxy=${http_proxy}
        - https_proxy=${https_proxy}
    ports:
      - 8083:8071
    tmpfs:
      - /var/www/var/logs:uid=${FIXUID:-1000},gid=${FIXGID:-1000}
      - /var/www/var/cache:uid=${FIXUID:-1000},gid=${FIXGID:-1000}
      - /var/www/public/build:uid=${FIXUID:-1000},gid=${FIXGID:-1000}
      - /tmp
    links:
      - hydra
    depends_on:
      - redis
      - hydra-dispatcher
    extra_hosts:
      - "localhost:127.0.0.1"
      - "localhost:host-gateway"
      - "host.docker.internal:host-gateway"
    develop:
      watch:
        - action: rebuild
          path: ./misc/images/hydra-sql-standalone
        - action: rebuild
          path: ./assets
        - action: sync
          path: ./templates
          target: /app/templates
        - action: sync
          path: ./translations
          target: /app/translations
        - action: sync
          path: ./config
          target: /app/config
        - action: sync
          path: ./src
          target: /app/src
    environment:
      - APP_ENV=dev
      - PHP_FPM_MEMORY_LIMIT=128m
      - APP_LOCALES=fr,en
      - HYDRA_ADMIN_BASE_URL=http://hydra-dispatcher
      - TRUSTED_PROXIES=127.0.0.1,REMOTE_ADDR,localhost
      - ISSUER_URL=http://localhost:8000
      - BASE_URL=http://localhost:8083
      - DB_USER=lasql
      - DB_PASSWORD=lasql
      - DEFAULT_LOCALE=fr
      - DSN_REMOTE_DATABASE=pgsql:host='postgres';port=5432;dbname=lasql;
      - HASH_ALGO_LEGACY="sha256"
      - SECURITY_PATTERN=password,salt,pepper
      - CADDY_HTTP_PORT=8071
      - ENABLED_2FA=true
      - URL_2FA=http://localhost:8084/2fa
  oidc-test:
    image: bornholm/oidc-test:v0.0.0-1-g936a77e
    environment:
      - LOG_LEVEL=0
      - HTTP_ADDRESS=0.0.0.0:8000
      - OIDC_CLIENT_ID=oidc-test
      - OIDC_CLIENT_SECRET=oidc-test-123456
      - OIDC_ISSUER_URL=http://localhost:8081/
      - OIDC_REDIRECT_URL=http://localhost:8000
      - OIDC_POST_LOGOUT_REDIRECT_URL=http://localhost:8000
    depends_on:
      hydra:
        condition: service_healthy
    network_mode: host

    restart: unless-stopped
  hydra:
    image: cadoles/hydra-v1:v0.0.0-151-gc9c6fb1
    volumes:
      - ./misc/compose/hydra/clients.d:/etc/hydra/clients.d
    environment:
      - LOG_LEAK_SENSITIVE_VALUES=true
      - HYDRA_ALLOW_INSECURE=yes
      - HYDRA_URLS_SELF_ISSUER=http://localhost:8081/
      - HYDRA_URLS_LOGOUT=http://localhost:8082/logout
      - HYDRA_URLS_LOGIN=http://localhost:8082/login
      - HYDRA_URLS_CONSENT=http://localhost:8082/consent
      - HYDRA_URLS_ERROR=http://localhost:8082/error
      - HYDRA_LEVEL=debug
      - HYDRA_DSN=postgres://lasql:lasql@postgres:5432/hydra
      - HYDRA_WAIT4X_DATABASE_DSN=postgres://lasql:lasql@postgres:5432/hydra?sslmode=disable
      - HYDRA_WAIT4X_DATABASE_TYPE=postgresql

    ports:
      - 8081:4444
    links:
      - postgres
    healthcheck:
      test:
        [
          "CMD",
          "wget",
          "--spider",
          "-q",
          "http://localhost:4444/.well-known/openid-configuration",
        ]
      interval: 10s
      timeout: 10s
      retries: 10
      start_period: 10s
    restart: unless-stopped

  postgres:
    image: postgres:15-alpine
    restart: always
    environment:
      POSTGRES_USER: lasql
      POSTGRES_DB: lasql
      POSTGRES_PASSWORD: lasql
    volumes:
      - ./misc/compose/postgres/init-db.d:/docker-entrypoint-initdb.d/:ro
      - postgres:/var/lib/pgsql/data
      - /etc/localtime:/etc/localtime:ro

  # pgadmin:
  #   image: dpage/pgadmin4
  #   ports:
  #     - 8085:80
  #   restart: always
  #   environment:
  #     PGADMIN_DEFAULT_EMAIL: admin@admin.com
  #     PGADMIN_DEFAULT_PASSWORD: admin
  #     PGADMIN_SERVER_JSON_FILE: /pgadminfile/server.json
  #   volumes:
  #     - ./misc/compose/pgadmin:/pgadminfile/:ro
  mariadb:
    image: mariadb:10.10
    environment:
      MYSQL_DATABASE: lasql
      MYSQL_USER: lasql
      MYSQL_PASSWORD: lasql
      MYSQL_ROOT_PASSWORD: lasql
      TZ: Europe/Paris
    volumes:
      - ./misc/compose/mariadb/init-db.d:/docker-entrypoint-initdb.d/:ro
      - mariadb:/var/lib/mysql
      - /etc/localtime:/etc/localtime:ro
  redis:
    image: redis:7.2-rc2-alpine
    environment:
      - TZ=Europe/Paris
    volumes:
      - /etc/localtime:/etc/localtime:ro

  altcha:
    image: reg.cadoles.com/cadoles/altcha:2024.10.29-develop.1213.22e038b
    environment:
      ALTCHA_HMAC_KEY: 'change_me'
  hydra-2fa:
      build:
        context: ../hydra-2fa  # Répertoire du sous-projet
        dockerfile: Dockerfile
      volumes:
        - ../hydra-2fa:/app  # Montage pour synchronisation en temps réel (ajuste si le WORKDIR change)
      environment:
        - APP_ENV=dev
        - APP_DEBUG=1  # Pour mode debug en dev
        - CADDY_GLOBAL_OPTIONS=debug # Activer le mode debug
      ports:
        - "8084:80"  # Mappe le port 80 du conteneur sur 8081 de l'hôte
      depends_on:
        - postgres  # Si tu utilises la DB partagée
  # pgweb:
  #   container_name: pgweb
  #   restart: always
  #   image: sosedoff/pgweb
  #   ports: 
  #     - "8085:8081" 
  #   environment:
  #     - PGWEB_DATABASE_URL=postgres://lasql:lasql@postgres:5432/lasql?sslmode=disable
  #   depends_on:
  #     - postgres
volumes:
  postgres:
  mariadb: