correction docker
Some checks failed
Cadoles/nineskeletor/pipeline/head There was a failure building this commit

This commit is contained in:
Arnaud Fornerot 2023-09-14 22:44:53 +02:00
parent cad2babda5
commit db0e67b04e
5 changed files with 41 additions and 40 deletions

38
.env
View File

@ -20,7 +20,7 @@ MAILER_DSN=smtp://mailer:1025
MAILER_NOREPLY=noreply@noreply.fr
# Basic
APP_WEBURL=127.0.0.1:8080
APP_WEBURL=localhost:8080
APP_MASTERIDENTITY=SQL # SQL | SSO | LDAP
APP_AUTH=SQL # SQL | CAS | LDAP | OPENID | à faire SAML
APP_ALIAS=/
@ -70,12 +70,12 @@ APP_SYNDCHROPURGEGROUP=1 # Purger les groups obsolète en cas de synchron
APP_SYNDCHROPURGEUSER=1 # Purger les users obsolète en cas de synchronisation
# LDAP
LDAP_HOST= # host du serveur ldap
LDAP_PORT= # port du serveur ldap
LDAP_HOST=openldap # host du serveur ldap
LDAP_PORT=389 # port du serveur ldap
LDAP_USETLS=0 # connection TLS 0/1
LDAP_USERWRITER=0 # LDAP_USER compte writer ? 0/1
LDAP_USER= # DN compte access ldap
LDAP_PASSWORD= # Password comte access ldap
LDAP_USER= # DN compte access ldap admin or reader
LDAP_PASSWORD= # Password compte access ldap admin or reader
LDAP_BASEDN= # Base DN ex:dc=nine,dc=fr
LDAP_BASEORGANISATION= # Base Organisation ex:ou=nineskeletor,dc=nine,dc=fr
LDAP_BASENIVEAU01= # Base Niveau01 ex:ou=niveau01,ou=nineskeletor,dc=nine,dc=fr
@ -114,12 +114,12 @@ CAS_AUTOSUBMIT=1 # if APP_AUTH = CAS autocréer les users non exi
CAS_AUTOUPDATE=1 # if APP_AUTH = CAS automodifier les users existant
# If APP_AUTH = OPENID
OAUTH_CLIENTID=
OAUTH_CLIENTSECRET=
OAUTH_LOGINURL=
OAUTH_LOGOUTURL=
OAUTH_TOKENURL=
OAUTH_USERINFO=
OAUTH_CLIENTID=nineskeletor
OAUTH_CLIENTSECRET="changeme"
OAUTH_LOGINURL=http://localhost:7080/oauth2/auth
OAUTH_LOGOUTURL=http://localhost:7080/oauth2/sessions/logout
OAUTH_TOKENURL=http://hydra:4444/oauth2/token
OAUTH_USERINFO=http://hydra:4444/userinfo
OAUTH_USERNAME=username
OAUTH_EMAIL=email
OAUTH_LASTNAME=lastname
@ -127,7 +127,7 @@ OAUTH_FIRSTNAME=firstname
OAUTH_AVATAR=
OAUTH_NIVEAU01=
OAUTH_GROUP=
OAUTH_AUTOSUBMIT=1 # if APP_AUTH = OPENID autocréer les users non existant
OAUTH_AUTOSUBMIT=0 # if APP_AUTH = OPENID autocréer les users non existant
OAUTH_AUTOUPDATE=1 # if APP_AUTH = OPENID automodifier les users existant
# IF APP_SYNCHRO=NINE2NINE
@ -150,8 +150,8 @@ SONDE_USE=0
SONDE_URL=
# Mercure
MERCURE_URL=http://127.0.0.1:8081/.well-known/mercure
MERCURE_PUBLIC_URL=http://127.0.0.1:8081/.well-known/mercure
MERCURE_URL=http://mercure/.well-known/mercure
MERCURE_PUBLIC_URL=http://localhost:8081/.well-known/mercure
MERCURE_JWT_SECRET="!changeme!changeme!changeme!changeme!changeme!changeme!"
# Minio
@ -164,13 +164,13 @@ MINIO_PATH_STYLE=1
MINIO_SECURE=0
# Hydra apps
HYDRA_LOGINCHALLENGE="http://127.0.0.1:4445/oauth2/auth/requests/login?login_challenge="
HYDRA_LOGINCHALLENGEACCEPT="http://127.0.0.1:4445/oauth2/auth/requests/login/accept?login_challenge="
HYDRA_CONSENTCHALLENGE="http://127.0.0.1:4445/oauth2/auth/requests/consent?consent_challenge="
HYDRA_CONSENTCHALLENGEACCEPT="http://127.0.0.1:4445/oauth2/auth/requests/consent/accept?consent_challenge="
HYDRA_LOGINCHALLENGE="http://hydra:4445/oauth2/auth/requests/login?login_challenge="
HYDRA_LOGINCHALLENGEACCEPT="http://hydra:4445/oauth2/auth/requests/login/accept?login_challenge="
HYDRA_CONSENTCHALLENGE="http://hydra:4445/oauth2/auth/requests/consent?consent_challenge="
HYDRA_CONSENTCHALLENGEACCEPT="http://hydra:4445/oauth2/auth/requests/consent/accept?consent_challenge="
# Lock
LOCK_DSN="postgresql://symfony:ChangeMe@127.0.0.1:5432/app?serverVersion=13&charset=utf8"
LOCK_DSN="postgresql://symfony:changeme@postgres:5432/app?serverVersion=13&charset=utf8"
# Sentry
SENTRY_DSN=

View File

@ -93,7 +93,7 @@ services:
MERCURE_PUBLISHER_JWT_KEY: '!changeme!changeme!changeme!changeme!changeme!changeme!'
MERCURE_SUBSCRIBER_JWT_KEY: '!changeme!changeme!changeme!changeme!changeme!changeme!'
MERCURE_EXTRA_DIRECTIVES: |
cors_origins "http://127.0.0.1:8080"
cors_origins "http://localhost:8080"
anonymous
# Comment the following line to disable the development mode
#command: /usr/bin/caddy run -config /etc/caddy/Caddyfile.dev
@ -115,7 +115,7 @@ services:
MINIO_ROOT_PASSWORD: changeme
command: server http://minio{1...4}/data{1...2}
healthcheck:
test: ["CMD", "curl", "-f", "http://127.0.0.1:9000/minio/health/live"]
test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
interval: 30s
timeout: 20s
retries: 3
@ -134,7 +134,7 @@ services:
MINIO_ROOT_PASSWORD: changeme
command: server http://minio{1...4}/data{1...2}
healthcheck:
test: ["CMD", "curl", "-f", "http://127.0.0.1:9000/minio/health/live"]
test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
interval: 30s
timeout: 20s
retries: 3
@ -153,7 +153,7 @@ services:
MINIO_ROOT_PASSWORD: changeme
command: server http://minio{1...4}/data{1...2}
healthcheck:
test: ["CMD", "curl", "-f", "http://127.0.0.1:9000/minio/health/live"]
test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
interval: 30s
timeout: 20s
retries: 3
@ -172,7 +172,7 @@ services:
MINIO_ROOT_PASSWORD: changeme
command: server http://minio{1...4}/data{1...2}
healthcheck:
test: ["CMD", "curl", "-f", "http://127.0.0.1:9000/minio/health/live"]
test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
interval: 30s
timeout: 20s
retries: 3
@ -207,10 +207,10 @@ services:
restart: on-failure
environment:
LOG_LEAK_SENSITIVE_VALUES: "true"
HYDRA_URLS_SELF_ISSUER: http://127.0.0.1:7080
HYDRA_URLS_CONSENT: http://127.0.0.1:7081/consent
HYDRA_URLS_LOGIN: http://127.0.0.1:7081/login
HYDRA_URLS_LOGOUT: http://127.0.0.1:7081/logout
HYDRA_URLS_SELF_ISSUER: http://localhost:7080
HYDRA_URLS_CONSENT: http://localhost:7081/consent
HYDRA_URLS_LOGIN: http://localhost:7081/login
HYDRA_URLS_LOGOUT: http://localhost:7081/logout
HYDRA_DSN: postgres://symfony:changeme@postgres:5432/hydra
#HYDRA_WAIT4X_DATABASE_TYPE: postgres
#HYDRA_WAIT4X_DATABASE_DSN: postgres://symfony:changeme@postgres:5432/hydra
@ -232,7 +232,7 @@ services:
- HYDRA_BASE_URL=http://hydra:4444
- HYDRA_ADMIN_BASE_URL=http://hydra:4445
# url dispatcher
- BASE_URL=http://127.0.0.1:7081
- BASE_URL=http://localhost:7081
- COOKIE_PATH=/
- DEFAULT_LOCALE=fr
- APP_LOCALES=fr,en

View File

@ -6,6 +6,7 @@ ARG ADDITIONAL_PACKAGES="tree \
php81-pdo=${PHP_PKG_VERSION} \
php81-pdo_pgsql=${PHP_PKG_VERSION} \
php81-intl=${PHP_PKG_VERSION} \
php81-ldap=${PHP_PKG_VERSION} \
php81-pecl-redis=5.3.7-r0"
FROM reg.cadoles.com/cadoles/symfony:alpine-php-8.1-standalone

View File

@ -7,10 +7,10 @@ hydra:
description:
fr: Authentification via NINESQL
en: Authentication by NINESQL
icon_url: https://127.0.0.1:8000/medias/icons/icon_bdd.png
login_url: http://127.0.0.1:8000/hydra/loginsql
consent_url: http://127.0.0.1:8000/hydra/consent
logout_url: http://127.0.0.1:8000/hydra/logoutsql
icon_url: http://localhost:8080/medias/icons/icon_bdd.png
login_url: http://localhost:8080/hydra/loginsql
consent_url: http://localhost:8080/hydra/consent
logout_url: http://localhost:8080/hydra/logoutsql
attributes_rewrite_rules:
username:
- consent.session.id_token.username
@ -28,10 +28,10 @@ hydra:
description:
fr: Authentification via NINELDAP
en: Authentication by NINELDAP
icon_url: https://127.0.0.1:8000/medias/icons/icon_phpldapadmin.png
login_url: http://127.0.0.1:8000/hydra/loginldap
consent_url: http://127.0.0.1:8000/hydra/consent
logout_url: http://127.0.0.1:8000/hydra/logoutldap
icon_url: http://localhost:8080/medias/icons/icon_phpldapadmin.png
login_url: http://localhost:8080/hydra/loginldap
consent_url: http://localhost:8080/hydra/consent
logout_url: http://localhost:8080/hydra/logoutldap
attributes_rewrite_rules:
username:
- consent.session.id_token.username

View File

@ -9,11 +9,11 @@
"jwks": {},
"metadata": {},
"token_endpoint_auth_method": "client_secret_post",
"post_logout_redirect_uris": ["https://127.0.0.1:8000"],
"redirect_uris": ["https://127.0.0.1:8000/oauth2/callback"],
"post_logout_redirect_uris": ["http://localhost:8080"],
"redirect_uris": ["http://localhost:8080/oauth2/callback"],
"response_types": [
"code"
],
"logo_uri": "https://127.0.0.1:8000/minio/logo",
"logo_uri": "http://localhost:8080/minio/logo",
"scope": "openid"
}