diff --git a/docker-compose.yml b/docker-compose.yml index 2516657..1a2fc40 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,142 +1,101 @@ version: '3.4' + services: - nginx-proxy: - image: jwilder/nginx-proxy - container_name: nginx - ports: - - '80:80' - - '443:443' - volumes: - - '/var/run/docker.sock:/tmp/docker.sock:ro' - - './shared/nginx/vhost.d:/etc/nginx/vhost.d' - - './shared/nginx/certs:/etc/nginx/certs:ro' - networks: - proxy: null - identityserverui: - aliases: - - sts.skoruba.local - - admin.skoruba.local - - admin-api.skoruba.local - restart: always litecharmssecurity.admin: - image: '${DOCKER_REGISTRY-}skoruba-duende-identityserver-admin' + image: skoruba-duende-identityserver-admin build: context: . dockerfile: src/LiteCharmsSecurity.Admin/Dockerfile - container_name: skoruba-duende-identityserver-admin + container_name: litecharms-security-admin + ports: + - "8081:8080" # Point your tunnel to this host port for admin.security.khongisa.co.za environment: - - VIRTUAL_PORT=8080 - - VIRTUAL_HOST=admin.skoruba.local - - 'ConnectionStrings__DataProtectionDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=${DB_PASSWORD:-Password_123};MultipleActiveResultSets=true;TrustServerCertificate=True' - - 'AdminConfiguration__AuthenticationConfiguration__Authority=https://sts.skoruba.local' - - 'AdminConfiguration__ApiConfiguration__ApiRemoteConfiguration__RemoteUrl=https://admin-api.skoruba.local' - - 'AdminConfiguration__BasicConfiguration__Title=Lite Charms Security' - - 'AdminConfiguration__BasicConfiguration__BasePath=/' + - ASPNETCORE_ENVIRONMENT=Production - ForwardedHeadersConfiguration__Enabled=true - ForwardedHeadersConfiguration__AllowAll=true - ForwardedHeadersConfiguration__ForwardLimit=1 - - DockerConfiguration__UpdateCaCertificate=true - - ASPNETCORE_ENVIRONMENT=Development - depends_on: - - db - - litecharmssecurity.sts.identity - volumes: - - './shared/serilog.json:/app/serilog.json' - - './shared/nginx/certs/cacerts.crt:/usr/local/share/ca-certificates/cacerts.crt' - networks: - identityserverui: null + + # URL Configurations + - AdminConfiguration__AuthenticationConfiguration__Authority=https://sts.security.khongisa.co.za + - AdminConfiguration__ApiConfiguration__ApiRemoteConfiguration__RemoteUrl=https://api.security.khongisa.co.za + - AdminConfiguration__BasicConfiguration__Title=Lite Charms Security + - AdminConfiguration__BasicConfiguration__BasePath=/ + + # Postgres Database Overrides + - ConnectionStrings__DataProtectionDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};application_name=litecharms_security_admin_dp; + litecharmssecurity.admin.api: - image: '${DOCKER_REGISTRY-}skoruba-duende-identityserver-admin-api' + image: skoruba-duende-identityserver-admin-api build: context: . dockerfile: src/LiteCharmsSecurity.Admin.Api/Dockerfile - container_name: skoruba-duende-identityserver-admin-api + container_name: litecharms-security-admin-api + ports: + - "8082:8080" # Point your tunnel to this host port for api.security.khongisa.co.za environment: - - VIRTUAL_PORT=8080 - - VIRTUAL_HOST=admin-api.skoruba.local - - AdminApiConfiguration__RequireHttpsMetadata=false - - 'AdminApiConfiguration__ApplicationName=Lite Charms Security UI' - - 'AdminApiConfiguration__ApiBaseUrl=https://admin-api.skoruba.local' - - 'AdminApiConfiguration__IdentityServerBaseUrl=https://sts.skoruba.local' - - 'ConnectionStrings__ConfigurationDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=${DB_PASSWORD:-Password_123};MultipleActiveResultSets=true;TrustServerCertificate=True' - - 'ConnectionStrings__PersistedGrantDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=${DB_PASSWORD:-Password_123};MultipleActiveResultSets=true;TrustServerCertificate=True' - - 'ConnectionStrings__IdentityDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=${DB_PASSWORD:-Password_123};MultipleActiveResultSets=true;TrustServerCertificate=True' - - 'ConnectionStrings__AdminLogDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=${DB_PASSWORD:-Password_123};MultipleActiveResultSets=true;TrustServerCertificate=True' - - 'ConnectionStrings__AdminAuditLogDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=${DB_PASSWORD:-Password_123};MultipleActiveResultSets=true;TrustServerCertificate=True' - - 'ConnectionStrings__AdminConfigurationDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=${DB_PASSWORD:-Password_123};MultipleActiveResultSets=true;TrustServerCertificate=True' - - 'ConnectionStrings__DataProtectionDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=${DB_PASSWORD:-Password_123};MultipleActiveResultSets=true;TrustServerCertificate=True' - - 'IdentityServerData__Clients__0__ClientUri=https://admin.skoruba.local' - - 'IdentityServerData__Clients__0__RedirectUris__0=https://admin.skoruba.local/signin-oidc' - - 'IdentityServerData__Clients__0__FrontChannelLogoutUri=https://admin.skoruba.local/signin-oidc' - - 'IdentityServerData__Clients__0__PostLogoutRedirectUris__0=https://admin.skoruba.local/signout-callback-oidc' - - 'IdentityServerData__Clients__0__AllowedCorsOrigins__0=https://admin.skoruba.local' - - 'IdentityServerData__Clients__1__RedirectUris__0=https://admin-api.skoruba.local/swagger/oauth2-redirect.html' - - 'SeedConfiguration__ApplySeed=true' - - 'DatabaseMigrationsConfiguration__ApplyDatabaseMigrations=true' + - ASPNETCORE_ENVIRONMENT=Production - ForwardedHeadersConfiguration__Enabled=true - ForwardedHeadersConfiguration__AllowAll=true - ForwardedHeadersConfiguration__ForwardLimit=1 - - DockerConfiguration__UpdateCaCertificate=true - - ASPNETCORE_ENVIRONMENT=Development - volumes: - - './shared/serilog.json:/app/serilog.json' - - './shared/identitydata.json:/app/identitydata.json' - - './shared/identityserverdata.json:/app/identityserverdata.json' - - './shared/nginx/certs/cacerts.crt:/usr/local/share/ca-certificates/cacerts.crt' - networks: - identityserverui: null + + # API Configurations + - AdminApiConfiguration__RequireHttpsMetadata=true + - AdminApiConfiguration__ApplicationName=Lite Charms Security UI + - AdminApiConfiguration__ApiBaseUrl=https://api.security.khongisa.co.za + - AdminApiConfiguration__IdentityServerBaseUrl=https://sts.security.khongisa.co.za + + # Postgres Database Overrides + - ConnectionStrings__ConfigurationDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};application_name=litecharms_security_config; + - ConnectionStrings__PersistedGrantDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};application_name=litecharms_security_grant; + - ConnectionStrings__IdentityDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};application_name=litecharms_security_identity; + - ConnectionStrings__AdminLogDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};application_name=litecharms_security_log; + - ConnectionStrings__AdminAuditLogDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};application_name=litecharms_security_audit; + - ConnectionStrings__AdminConfigurationDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};application_name=litecharms_security_admin_config; + - ConnectionStrings__DataProtectionDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};application_name=litecharms_security_api_dp; + + # Operational Management Switches (Controlled via Dockhand UI variables) + - SeedConfiguration__ApplySeed=${APPLY_SEED:-true} + - DatabaseMigrationsConfiguration__ApplyDatabaseMigrations=${APPLY_MIGRATIONS:-true} + + # SMTP Email Configuration Overrides + - SmtpConfiguration__Host=${SMTP_HOST:-mail.litecharms.co.za} + - SmtpConfiguration__Login=${SMTP_LOGIN:-security@litecharms.co.za} + - SmtpConfiguration__Password=${SMTP_PASSWORD} + + # Initial Seeding Domain Configurations + - IdentityServerData__Clients__0__ClientUri=https://admin.security.khongisa.co.za + - IdentityServerData__Clients__0__RedirectUris__0=https://admin.security.khongisa.co.za/signin-oidc + - IdentityServerData__Clients__0__FrontChannelLogoutUri=https://admin.security.khongisa.co.za/signout-oidc + - IdentityServerData__Clients__0__PostLogoutRedirectUris__0=https://admin.security.khongisa.co.za/signout-callback-oidc + - IdentityServerData__Clients__0__AllowedCorsOrigins__0=https://admin.security.khongisa.co.za + - IdentityServerData__Clients__1__RedirectUris__0=https://api.security.khongisa.co.za/swagger/oauth2-redirect.html + litecharmssecurity.sts.identity: - image: '${DOCKER_REGISTRY-}skoruba-duende-identityserver-sts-identity' + image: skoruba-duende-identityserver-sts-identity build: context: . dockerfile: src/LiteCharmsSecurity.STS.Identity/Dockerfile - container_name: skoruba-duende-identityserver-sts-identity + container_name: litecharms-security-sts-identity + ports: + - "8083:8080" # Point your tunnel to this host port for sts.security.khongisa.co.za environment: - - VIRTUAL_PORT=8080 - - VIRTUAL_HOST=sts.skoruba.local - - 'ConnectionStrings__ConfigurationDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=${DB_PASSWORD:-Password_123};MultipleActiveResultSets=true;TrustServerCertificate=True' - - 'ConnectionStrings__PersistedGrantDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=${DB_PASSWORD:-Password_123};MultipleActiveResultSets=true;TrustServerCertificate=True' - - 'ConnectionStrings__IdentityDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=${DB_PASSWORD:-Password_123};MultipleActiveResultSets=true;TrustServerCertificate=True' - - 'ConnectionStrings__DataProtectionDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=${DB_PASSWORD:-Password_123};MultipleActiveResultSets=true;TrustServerCertificate=True' - - 'AdminConfiguration__IdentityAdminBaseUrl=https://admin.skoruba.local' - - 'IdentityServerOptions__IssuerUri=https://sts.skoruba.local' - - IdentityServerOptions__KeyManagement__Enabled=true - - IdentityServerOptions__Events__RaiseErrorEvents=true - - IdentityServerOptions__Events__RaiseInformationEvents=true - - IdentityServerOptions__Events__RaiseFailureEvents=true - - IdentityServerOptions__Events__RaiseSuccessEvents=true - - ServerSideSessionsConfiguration__Enabled=true + - ASPNETCORE_ENVIRONMENT=Production - ForwardedHeadersConfiguration__Enabled=true - ForwardedHeadersConfiguration__AllowAll=true - ForwardedHeadersConfiguration__ForwardLimit=1 - - DockerConfiguration__UpdateCaCertificate=true - - ASPNETCORE_ENVIRONMENT=Development - depends_on: - - db - volumes: - - './shared/serilog.json:/app/serilog.json' - - './shared/nginx/certs/cacerts.crt:/usr/local/share/ca-certificates/cacerts.crt' - networks: - identityserverui: - aliases: - - sts.skoruba.local - db: - image: 'mcr.microsoft.com/mssql/server:2017-CU20-ubuntu-16.04' - ports: - - '7900:1433' - container_name: skoruba-duende-identityserver-db - environment: - SA_PASSWORD: '${DB_PASSWORD:-Password_123}' - ACCEPT_EULA: 'Y' - volumes: - - 'dbdata:/var/opt/mssql' - networks: - identityserverui: null -volumes: - dbdata: - driver: local -networks: - proxy: - driver: bridge - identityserverui: - driver: bridge + + # Identity Server Configs + - AdminConfiguration__IdentityAdminBaseUrl=https://admin.security.khongisa.co.za + - IdentityServerOptions__IssuerUri=https://sts.security.khongisa.co.za + - IdentityServerOptions__KeyManagement__Enabled=true + + # SMTP Email Configuration Overrides (For User Registration/Forgot Password workflows) + - SmtpConfiguration__Host=${SMTP_HOST:-mail.litecharms.co.za} + - SmtpConfiguration__Login=${SMTP_LOGIN:-security@litecharms.co.za} + - SmtpConfiguration__Password=${SMTP_PASSWORD} + + # Postgres Database Overrides + - ConnectionStrings__ConfigurationDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};application_name=litecharms_security_sts_config; + - ConnectionStrings__PersistedGrantDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};application_name=litecharms_security_sts_grant; + - ConnectionStrings__IdentityDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};application_name=litecharms_security_sts_identity; + - ConnectionStrings__DataProtectionDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};application_name=litecharms_security_sts_dp; \ No newline at end of file diff --git a/src/LiteCharmsSecurity.Admin.Api/appsettings.json b/src/LiteCharmsSecurity.Admin.Api/appsettings.json index 4aa0283..322b7d4 100644 --- a/src/LiteCharmsSecurity.Admin.Api/appsettings.json +++ b/src/LiteCharmsSecurity.Admin.Api/appsettings.json @@ -32,9 +32,9 @@ "CorsAllowOrigins": [] }, "SmtpConfiguration": { - "Host": "", - "Login": "", - "Password": "" + "Host": "mail.litecharms.co.za", + "Login": "security@litecharms.co.za", + "Password": "X,xq1EnK7AjM3L=d" }, "SendGridConfiguration": { "ApiKey": "",