77 lines
2.4 KiB
YAML
77 lines
2.4 KiB
YAML
version: '2.4'
|
|
services:
|
|
postgres:
|
|
image: postgres:16.1
|
|
environment:
|
|
- POSTGRES_PASSWORD=hydra
|
|
- POSTGRES_USER=hydra
|
|
- POSTGRES_DB=hydra
|
|
restart: unless-stopped
|
|
healthcheck:
|
|
test: ["CMD", "pg_isready", "-U", "hydra", "-d", "hydra"]
|
|
interval: 3s
|
|
timeout: 5s
|
|
retries: 5
|
|
network_mode: host
|
|
|
|
hydra:
|
|
image: &hydra_image oryd/hydra:v1.11
|
|
environment: &hydra_environment
|
|
- LOG_LEAK_SENSITIVE_VALUES=true
|
|
- SECRETS_SYSTEM=NotSoSecret123456
|
|
- DSN=postgres://hydra:hydra@127.0.0.1:5432/hydra
|
|
- URLS_ERROR=http://127.0.0.1:3000/error
|
|
- URLS_CONSENT=http://127.0.0.1:3000/consent
|
|
- URLS_LOGIN=http://127.0.0.1:3000/login
|
|
- URLS_LOGOUT=http://127.0.0.1:3000/logout
|
|
entrypoint: ""
|
|
command: ["hydra", "serve", "all", "--dangerous-force-http", "--dangerous-allow-insecure-redirect-urls", "http://127.0.0.1:8080"]
|
|
healthcheck:
|
|
test: ["CMD", "/bin/sh", "-c", "wget -q --spider http://127.0.0.1:4444/.well-known/openid-configuration"]
|
|
interval: 3s
|
|
timeout: 5s
|
|
retries: 5
|
|
depends_on:
|
|
init-hydra-database:
|
|
condition: service_completed_successfully
|
|
restart: unless-stopped
|
|
network_mode: host
|
|
|
|
|
|
oidc-test:
|
|
image: reg.cadoles.com/cadoles/oidc-test:2023.11.6-stable.1557.e16b905
|
|
environment:
|
|
- LOG_LEVEL=0
|
|
- HTTP_ADDRESS=0.0.0.0:8080
|
|
- OIDC_CLIENT_ID=oidc-test
|
|
- OIDC_CLIENT_SECRET=oidc-test-123456
|
|
- OIDC_ISSUER_URL=http://127.0.0.1:4444/
|
|
- OIDC_REDIRECT_URL=http://127.0.0.1:8080
|
|
- OIDC_POST_LOGOUT_REDIRECT_URL=http://127.0.0.1:8080
|
|
- OIDC_SKIP_ISSUER_VERIFICATION=true
|
|
depends_on:
|
|
init-hydra-client:
|
|
condition: service_completed_successfully
|
|
network_mode: host
|
|
restart: unless-stopped
|
|
|
|
init-hydra-database:
|
|
image: *hydra_image
|
|
environment: *hydra_environment
|
|
command: ["migrate", "sql", "-e", "--yes"]
|
|
network_mode: host
|
|
depends_on:
|
|
postgres:
|
|
condition: service_healthy
|
|
|
|
init-hydra-client:
|
|
image: *hydra_image
|
|
entrypoint: ""
|
|
command: ["/bin/sh", "-c", "hydra clients import --endpoint http://127.0.0.1:4445 --fake-tls-termination /oidc/client.json || true"]
|
|
environment: *hydra_environment
|
|
depends_on:
|
|
hydra:
|
|
condition: service_healthy
|
|
network_mode: host
|
|
volumes:
|
|
- ./misc/compose/hydra/client.json:/oidc/client.json |