Cadoles
/
nineskeletor
10
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

correction docker
Cadoles/nineskeletor/pipeline/head There was a failure building this commit Details

This commit is contained in:
Arnaud Fornerot 2023-09-14 22:44:53 +02:00
parent cad2babda5
commit db0e67b04e
5 changed files with 41 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
.env
View File

@ -20,7 +20,7 @@ MAILER_DSN=smtp://mailer:1025
MAILER_NOREPLY=noreply@noreply.fr MAILER_NOREPLY=noreply@noreply.fr
# Basic # Basic
APP_WEBURL=127.0.0.1:8080 APP_WEBURL=localhost:8080
APP_MASTERIDENTITY=SQL # SQL | SSO | LDAP APP_MASTERIDENTITY=SQL # SQL | SSO | LDAP
APP_AUTH=SQL # SQL | CAS | LDAP | OPENID | à faire SAML APP_AUTH=SQL # SQL | CAS | LDAP | OPENID | à faire SAML
APP_ALIAS=/ APP_ALIAS=/
@ -70,12 +70,12 @@ APP_SYNDCHROPURGEGROUP=1 # Purger les groups obsolète en cas de synchron
APP_SYNDCHROPURGEUSER=1 # Purger les users obsolète en cas de synchronisation APP_SYNDCHROPURGEUSER=1 # Purger les users obsolète en cas de synchronisation
# LDAP # LDAP
LDAP_HOST= # host du serveur ldap LDAP_HOST=openldap # host du serveur ldap
LDAP_PORT= # port du serveur ldap LDAP_PORT=389 # port du serveur ldap
LDAP_USETLS=0 # connection TLS 0/1 LDAP_USETLS=0 # connection TLS 0/1
LDAP_USERWRITER=0 # LDAP_USER compte writer ? 0/1 LDAP_USERWRITER=0 # LDAP_USER compte writer ? 0/1
LDAP_USER= # DN compte access ldap LDAP_USER= # DN compte access ldap admin or reader
LDAP_PASSWORD= # Password comte access ldap LDAP_PASSWORD= # Password compte access ldap admin or reader
LDAP_BASEDN= # Base DN ex:dc=nine,dc=fr LDAP_BASEDN= # Base DN ex:dc=nine,dc=fr
LDAP_BASEORGANISATION= # Base Organisation ex:ou=nineskeletor,dc=nine,dc=fr LDAP_BASEORGANISATION= # Base Organisation ex:ou=nineskeletor,dc=nine,dc=fr
LDAP_BASENIVEAU01= # Base Niveau01 ex:ou=niveau01,ou=nineskeletor,dc=nine,dc=fr LDAP_BASENIVEAU01= # Base Niveau01 ex:ou=niveau01,ou=nineskeletor,dc=nine,dc=fr
@ -114,12 +114,12 @@ CAS_AUTOSUBMIT=1 # if APP_AUTH = CAS autocréer les users non exi
CAS_AUTOUPDATE=1 # if APP_AUTH = CAS automodifier les users existant CAS_AUTOUPDATE=1 # if APP_AUTH = CAS automodifier les users existant
# If APP_AUTH = OPENID # If APP_AUTH = OPENID
OAUTH_CLIENTID= OAUTH_CLIENTID=nineskeletor
OAUTH_CLIENTSECRET= OAUTH_CLIENTSECRET="changeme"
OAUTH_LOGINURL= OAUTH_LOGINURL=http://localhost:7080/oauth2/auth
OAUTH_LOGOUTURL= OAUTH_LOGOUTURL=http://localhost:7080/oauth2/sessions/logout
OAUTH_TOKENURL= OAUTH_TOKENURL=http://hydra:4444/oauth2/token
OAUTH_USERINFO= OAUTH_USERINFO=http://hydra:4444/userinfo
OAUTH_USERNAME=username OAUTH_USERNAME=username
OAUTH_EMAIL=email OAUTH_EMAIL=email
OAUTH_LASTNAME=lastname OAUTH_LASTNAME=lastname
@ -127,7 +127,7 @@ OAUTH_FIRSTNAME=firstname
OAUTH_AVATAR= OAUTH_AVATAR=
OAUTH_NIVEAU01= OAUTH_NIVEAU01=
OAUTH_GROUP= OAUTH_GROUP=
OAUTH_AUTOSUBMIT=1 # if APP_AUTH = OPENID autocréer les users non existant OAUTH_AUTOSUBMIT=0 # if APP_AUTH = OPENID autocréer les users non existant
OAUTH_AUTOUPDATE=1 # if APP_AUTH = OPENID automodifier les users existant OAUTH_AUTOUPDATE=1 # if APP_AUTH = OPENID automodifier les users existant
# IF APP_SYNCHRO=NINE2NINE # IF APP_SYNCHRO=NINE2NINE
@ -150,8 +150,8 @@ SONDE_USE=0
SONDE_URL= SONDE_URL=
# Mercure # Mercure
MERCURE_URL=http://127.0.0.1:8081/.well-known/mercure MERCURE_URL=http://mercure/.well-known/mercure
MERCURE_PUBLIC_URL=http://127.0.0.1:8081/.well-known/mercure MERCURE_PUBLIC_URL=http://localhost:8081/.well-known/mercure
MERCURE_JWT_SECRET="!changeme!changeme!changeme!changeme!changeme!changeme!" MERCURE_JWT_SECRET="!changeme!changeme!changeme!changeme!changeme!changeme!"
# Minio # Minio
@ -164,13 +164,13 @@ MINIO_PATH_STYLE=1
MINIO_SECURE=0 MINIO_SECURE=0
# Hydra apps # Hydra apps
HYDRA_LOGINCHALLENGE="http://127.0.0.1:4445/oauth2/auth/requests/login?login_challenge=" HYDRA_LOGINCHALLENGE="http://hydra:4445/oauth2/auth/requests/login?login_challenge="
HYDRA_LOGINCHALLENGEACCEPT="http://127.0.0.1:4445/oauth2/auth/requests/login/accept?login_challenge=" HYDRA_LOGINCHALLENGEACCEPT="http://hydra:4445/oauth2/auth/requests/login/accept?login_challenge="
HYDRA_CONSENTCHALLENGE="http://127.0.0.1:4445/oauth2/auth/requests/consent?consent_challenge=" HYDRA_CONSENTCHALLENGE="http://hydra:4445/oauth2/auth/requests/consent?consent_challenge="
HYDRA_CONSENTCHALLENGEACCEPT="http://127.0.0.1:4445/oauth2/auth/requests/consent/accept?consent_challenge=" HYDRA_CONSENTCHALLENGEACCEPT="http://hydra:4445/oauth2/auth/requests/consent/accept?consent_challenge="
# Lock # Lock
LOCK_DSN="postgresql://symfony:ChangeMe@127.0.0.1:5432/app?serverVersion=13&charset=utf8" LOCK_DSN="postgresql://symfony:changeme@postgres:5432/app?serverVersion=13&charset=utf8"
# Sentry # Sentry
SENTRY_DSN= SENTRY_DSN=

20
docker-compose.yml
View File

@ -93,7 +93,7 @@ services:
MERCURE_PUBLISHER_JWT_KEY: '!changeme!changeme!changeme!changeme!changeme!changeme!' MERCURE_PUBLISHER_JWT_KEY: '!changeme!changeme!changeme!changeme!changeme!changeme!'
MERCURE_SUBSCRIBER_JWT_KEY: '!changeme!changeme!changeme!changeme!changeme!changeme!' MERCURE_SUBSCRIBER_JWT_KEY: '!changeme!changeme!changeme!changeme!changeme!changeme!'
MERCURE_EXTRA_DIRECTIVES: | MERCURE_EXTRA_DIRECTIVES: |
cors_origins "http://127.0.0.1:8080" cors_origins "http://localhost:8080"
anonymous anonymous
# Comment the following line to disable the development mode # Comment the following line to disable the development mode
#command: /usr/bin/caddy run -config /etc/caddy/Caddyfile.dev #command: /usr/bin/caddy run -config /etc/caddy/Caddyfile.dev
@ -115,7 +115,7 @@ services:
MINIO_ROOT_PASSWORD: changeme MINIO_ROOT_PASSWORD: changeme
command: server http://minio{1...4}/data{1...2} command: server http://minio{1...4}/data{1...2}
healthcheck: healthcheck:
test: ["CMD", "curl", "-f", "http://127.0.0.1:9000/minio/health/live"] test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
interval: 30s interval: 30s
timeout: 20s timeout: 20s
retries: 3 retries: 3
@ -134,7 +134,7 @@ services:
MINIO_ROOT_PASSWORD: changeme MINIO_ROOT_PASSWORD: changeme
command: server http://minio{1...4}/data{1...2} command: server http://minio{1...4}/data{1...2}
healthcheck: healthcheck:
test: ["CMD", "curl", "-f", "http://127.0.0.1:9000/minio/health/live"] test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
interval: 30s interval: 30s
timeout: 20s timeout: 20s
retries: 3 retries: 3
@ -153,7 +153,7 @@ services:
MINIO_ROOT_PASSWORD: changeme MINIO_ROOT_PASSWORD: changeme
command: server http://minio{1...4}/data{1...2} command: server http://minio{1...4}/data{1...2}
healthcheck: healthcheck:
test: ["CMD", "curl", "-f", "http://127.0.0.1:9000/minio/health/live"] test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
interval: 30s interval: 30s
timeout: 20s timeout: 20s
retries: 3 retries: 3
@ -172,7 +172,7 @@ services:
MINIO_ROOT_PASSWORD: changeme MINIO_ROOT_PASSWORD: changeme
command: server http://minio{1...4}/data{1...2} command: server http://minio{1...4}/data{1...2}
healthcheck: healthcheck:
test: ["CMD", "curl", "-f", "http://127.0.0.1:9000/minio/health/live"] test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
interval: 30s interval: 30s
timeout: 20s timeout: 20s
retries: 3 retries: 3
@ -207,10 +207,10 @@ services:
restart: on-failure restart: on-failure
environment: environment:
LOG_LEAK_SENSITIVE_VALUES: "true" LOG_LEAK_SENSITIVE_VALUES: "true"
HYDRA_URLS_SELF_ISSUER: http://127.0.0.1:7080 HYDRA_URLS_SELF_ISSUER: http://localhost:7080
HYDRA_URLS_CONSENT: http://127.0.0.1:7081/consent HYDRA_URLS_CONSENT: http://localhost:7081/consent
HYDRA_URLS_LOGIN: http://127.0.0.1:7081/login HYDRA_URLS_LOGIN: http://localhost:7081/login
HYDRA_URLS_LOGOUT: http://127.0.0.1:7081/logout HYDRA_URLS_LOGOUT: http://localhost:7081/logout
HYDRA_DSN: postgres://symfony:changeme@postgres:5432/hydra HYDRA_DSN: postgres://symfony:changeme@postgres:5432/hydra
#HYDRA_WAIT4X_DATABASE_TYPE: postgres #HYDRA_WAIT4X_DATABASE_TYPE: postgres
#HYDRA_WAIT4X_DATABASE_DSN: postgres://symfony:changeme@postgres:5432/hydra #HYDRA_WAIT4X_DATABASE_DSN: postgres://symfony:changeme@postgres:5432/hydra
@ -232,7 +232,7 @@ services:
- HYDRA_BASE_URL=http://hydra:4444 - HYDRA_BASE_URL=http://hydra:4444
- HYDRA_ADMIN_BASE_URL=http://hydra:4445 - HYDRA_ADMIN_BASE_URL=http://hydra:4445
# url dispatcher # url dispatcher
- BASE_URL=http://127.0.0.1:7081 - BASE_URL=http://localhost:7081
- COOKIE_PATH=/ - COOKIE_PATH=/
- DEFAULT_LOCALE=fr - DEFAULT_LOCALE=fr
- APP_LOCALES=fr,en - APP_LOCALES=fr,en

1
misc/images/app/app-docker/Dockerfile
View File

@ -6,6 +6,7 @@ ARG ADDITIONAL_PACKAGES="tree \
php81-pdo=${PHP_PKG_VERSION} \ php81-pdo=${PHP_PKG_VERSION} \
php81-pdo_pgsql=${PHP_PKG_VERSION} \ php81-pdo_pgsql=${PHP_PKG_VERSION} \
php81-intl=${PHP_PKG_VERSION} \ php81-intl=${PHP_PKG_VERSION} \
php81-ldap=${PHP_PKG_VERSION} \
php81-pecl-redis=5.3.7-r0" php81-pecl-redis=5.3.7-r0"
FROM reg.cadoles.com/cadoles/symfony:alpine-php-8.1-standalone FROM reg.cadoles.com/cadoles/symfony:alpine-php-8.1-standalone

16
misc/images/hydra-dispatcher/hydra/providers.yml
View File

@ -7,10 +7,10 @@ hydra:
description: description:
fr: Authentification via NINESQL fr: Authentification via NINESQL
en: Authentication by NINESQL en: Authentication by NINESQL
icon_url: https://127.0.0.1:8000/medias/icons/icon_bdd.png icon_url: http://localhost:8080/medias/icons/icon_bdd.png
login_url: http://127.0.0.1:8000/hydra/loginsql login_url: http://localhost:8080/hydra/loginsql
consent_url: http://127.0.0.1:8000/hydra/consent consent_url: http://localhost:8080/hydra/consent
logout_url: http://127.0.0.1:8000/hydra/logoutsql logout_url: http://localhost:8080/hydra/logoutsql
attributes_rewrite_rules: attributes_rewrite_rules:
username: username:
- consent.session.id_token.username - consent.session.id_token.username
@ -28,10 +28,10 @@ hydra:
description: description:
fr: Authentification via NINELDAP fr: Authentification via NINELDAP
en: Authentication by NINELDAP en: Authentication by NINELDAP
icon_url: https://127.0.0.1:8000/medias/icons/icon_phpldapadmin.png icon_url: http://localhost:8080/medias/icons/icon_phpldapadmin.png
login_url: http://127.0.0.1:8000/hydra/loginldap login_url: http://localhost:8080/hydra/loginldap
consent_url: http://127.0.0.1:8000/hydra/consent consent_url: http://localhost:8080/hydra/consent
logout_url: http://127.0.0.1:8000/hydra/logoutldap logout_url: http://localhost:8080/hydra/logoutldap
attributes_rewrite_rules: attributes_rewrite_rules:
username: username:
- consent.session.id_token.username - consent.session.id_token.username

6
misc/images/hydra/clients.d/nineskeletor.json
View File

@ -9,11 +9,11 @@
"jwks": {}, "jwks": {},
"metadata": {}, "metadata": {},
"token_endpoint_auth_method": "client_secret_post", "token_endpoint_auth_method": "client_secret_post",
"post_logout_redirect_uris": ["https://127.0.0.1:8000"], "post_logout_redirect_uris": ["http://localhost:8080"],
"redirect_uris": ["https://127.0.0.1:8000/oauth2/callback"], "redirect_uris": ["http://localhost:8080/oauth2/callback"],
"response_types": [ "response_types": [
"code" "code"
], ],
"logo_uri": "https://127.0.0.1:8000/minio/logo", "logo_uri": "http://localhost:8080/minio/logo",
"scope": "openid" "scope": "openid"
} }