Refactored docker compose
This commit is contained in:
Khwezi Mngoma
+75
-116
@@ -1,142 +1,101 @@
|
||||
version: '3.4'
|
||||
|
||||
services:
|
||||
nginx-proxy:
|
||||
image: jwilder/nginx-proxy
|
||||
container_name: nginx
|
||||
ports:
|
||||
- '80:80'
|
||||
- '443:443'
|
||||
volumes:
|
||||
- '/var/run/docker.sock:/tmp/docker.sock:ro'
|
||||
- './shared/nginx/vhost.d:/etc/nginx/vhost.d'
|
||||
- './shared/nginx/certs:/etc/nginx/certs:ro'
|
||||
networks:
|
||||
proxy: null
|
||||
identityserverui:
|
||||
aliases:
|
||||
- sts.skoruba.local
|
||||
- admin.skoruba.local
|
||||
- admin-api.skoruba.local
|
||||
restart: always
|
||||
litecharmssecurity.admin:
|
||||
image: '${DOCKER_REGISTRY-}skoruba-duende-identityserver-admin'
|
||||
image: skoruba-duende-identityserver-admin
|
||||
build:
|
||||
context: .
|
||||
dockerfile: src/LiteCharmsSecurity.Admin/Dockerfile
|
||||
container_name: skoruba-duende-identityserver-admin
|
||||
container_name: litecharms-security-admin
|
||||
ports:
|
||||
- "8081:8080" # Point your tunnel to this host port for admin.security.khongisa.co.za
|
||||
environment:
|
||||
- VIRTUAL_PORT=8080
|
||||
- VIRTUAL_HOST=admin.skoruba.local
|
||||
- 'ConnectionStrings__DataProtectionDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=${DB_PASSWORD:-Password_123};MultipleActiveResultSets=true;TrustServerCertificate=True'
|
||||
- 'AdminConfiguration__AuthenticationConfiguration__Authority=https://sts.skoruba.local'
|
||||
- 'AdminConfiguration__ApiConfiguration__ApiRemoteConfiguration__RemoteUrl=https://admin-api.skoruba.local'
|
||||
- 'AdminConfiguration__BasicConfiguration__Title=Lite Charms Security'
|
||||
- 'AdminConfiguration__BasicConfiguration__BasePath=/'
|
||||
- ASPNETCORE_ENVIRONMENT=Production
|
||||
- ForwardedHeadersConfiguration__Enabled=true
|
||||
- ForwardedHeadersConfiguration__AllowAll=true
|
||||
- ForwardedHeadersConfiguration__ForwardLimit=1
|
||||
- DockerConfiguration__UpdateCaCertificate=true
|
||||
- ASPNETCORE_ENVIRONMENT=Development
|
||||
depends_on:
|
||||
- db
|
||||
- litecharmssecurity.sts.identity
|
||||
volumes:
|
||||
- './shared/serilog.json:/app/serilog.json'
|
||||
- './shared/nginx/certs/cacerts.crt:/usr/local/share/ca-certificates/cacerts.crt'
|
||||
networks:
|
||||
identityserverui: null
|
||||
|
||||
# URL Configurations
|
||||
- AdminConfiguration__AuthenticationConfiguration__Authority=https://sts.security.khongisa.co.za
|
||||
- AdminConfiguration__ApiConfiguration__ApiRemoteConfiguration__RemoteUrl=https://api.security.khongisa.co.za
|
||||
- AdminConfiguration__BasicConfiguration__Title=Lite Charms Security
|
||||
- AdminConfiguration__BasicConfiguration__BasePath=/
|
||||
|
||||
# Postgres Database Overrides
|
||||
- ConnectionStrings__DataProtectionDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};application_name=litecharms_security_admin_dp;
|
||||
|
||||
litecharmssecurity.admin.api:
|
||||
image: '${DOCKER_REGISTRY-}skoruba-duende-identityserver-admin-api'
|
||||
image: skoruba-duende-identityserver-admin-api
|
||||
build:
|
||||
context: .
|
||||
dockerfile: src/LiteCharmsSecurity.Admin.Api/Dockerfile
|
||||
container_name: skoruba-duende-identityserver-admin-api
|
||||
container_name: litecharms-security-admin-api
|
||||
ports:
|
||||
- "8082:8080" # Point your tunnel to this host port for api.security.khongisa.co.za
|
||||
environment:
|
||||
- VIRTUAL_PORT=8080
|
||||
- VIRTUAL_HOST=admin-api.skoruba.local
|
||||
- AdminApiConfiguration__RequireHttpsMetadata=false
|
||||
- 'AdminApiConfiguration__ApplicationName=Lite Charms Security UI'
|
||||
- 'AdminApiConfiguration__ApiBaseUrl=https://admin-api.skoruba.local'
|
||||
- 'AdminApiConfiguration__IdentityServerBaseUrl=https://sts.skoruba.local'
|
||||
- 'ConnectionStrings__ConfigurationDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=${DB_PASSWORD:-Password_123};MultipleActiveResultSets=true;TrustServerCertificate=True'
|
||||
- 'ConnectionStrings__PersistedGrantDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=${DB_PASSWORD:-Password_123};MultipleActiveResultSets=true;TrustServerCertificate=True'
|
||||
- 'ConnectionStrings__IdentityDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=${DB_PASSWORD:-Password_123};MultipleActiveResultSets=true;TrustServerCertificate=True'
|
||||
- 'ConnectionStrings__AdminLogDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=${DB_PASSWORD:-Password_123};MultipleActiveResultSets=true;TrustServerCertificate=True'
|
||||
- 'ConnectionStrings__AdminAuditLogDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=${DB_PASSWORD:-Password_123};MultipleActiveResultSets=true;TrustServerCertificate=True'
|
||||
- 'ConnectionStrings__AdminConfigurationDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=${DB_PASSWORD:-Password_123};MultipleActiveResultSets=true;TrustServerCertificate=True'
|
||||
- 'ConnectionStrings__DataProtectionDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=${DB_PASSWORD:-Password_123};MultipleActiveResultSets=true;TrustServerCertificate=True'
|
||||
- 'IdentityServerData__Clients__0__ClientUri=https://admin.skoruba.local'
|
||||
- 'IdentityServerData__Clients__0__RedirectUris__0=https://admin.skoruba.local/signin-oidc'
|
||||
- 'IdentityServerData__Clients__0__FrontChannelLogoutUri=https://admin.skoruba.local/signin-oidc'
|
||||
- 'IdentityServerData__Clients__0__PostLogoutRedirectUris__0=https://admin.skoruba.local/signout-callback-oidc'
|
||||
- 'IdentityServerData__Clients__0__AllowedCorsOrigins__0=https://admin.skoruba.local'
|
||||
- 'IdentityServerData__Clients__1__RedirectUris__0=https://admin-api.skoruba.local/swagger/oauth2-redirect.html'
|
||||
- 'SeedConfiguration__ApplySeed=true'
|
||||
- 'DatabaseMigrationsConfiguration__ApplyDatabaseMigrations=true'
|
||||
- ASPNETCORE_ENVIRONMENT=Production
|
||||
- ForwardedHeadersConfiguration__Enabled=true
|
||||
- ForwardedHeadersConfiguration__AllowAll=true
|
||||
- ForwardedHeadersConfiguration__ForwardLimit=1
|
||||
- DockerConfiguration__UpdateCaCertificate=true
|
||||
- ASPNETCORE_ENVIRONMENT=Development
|
||||
volumes:
|
||||
- './shared/serilog.json:/app/serilog.json'
|
||||
- './shared/identitydata.json:/app/identitydata.json'
|
||||
- './shared/identityserverdata.json:/app/identityserverdata.json'
|
||||
- './shared/nginx/certs/cacerts.crt:/usr/local/share/ca-certificates/cacerts.crt'
|
||||
networks:
|
||||
identityserverui: null
|
||||
|
||||
# API Configurations
|
||||
- AdminApiConfiguration__RequireHttpsMetadata=true
|
||||
- AdminApiConfiguration__ApplicationName=Lite Charms Security UI
|
||||
- AdminApiConfiguration__ApiBaseUrl=https://api.security.khongisa.co.za
|
||||
- AdminApiConfiguration__IdentityServerBaseUrl=https://sts.security.khongisa.co.za
|
||||
|
||||
# Postgres Database Overrides
|
||||
- ConnectionStrings__ConfigurationDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};application_name=litecharms_security_config;
|
||||
- ConnectionStrings__PersistedGrantDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};application_name=litecharms_security_grant;
|
||||
- ConnectionStrings__IdentityDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};application_name=litecharms_security_identity;
|
||||
- ConnectionStrings__AdminLogDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};application_name=litecharms_security_log;
|
||||
- ConnectionStrings__AdminAuditLogDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};application_name=litecharms_security_audit;
|
||||
- ConnectionStrings__AdminConfigurationDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};application_name=litecharms_security_admin_config;
|
||||
- ConnectionStrings__DataProtectionDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};application_name=litecharms_security_api_dp;
|
||||
|
||||
# Operational Management Switches (Controlled via Dockhand UI variables)
|
||||
- SeedConfiguration__ApplySeed=${APPLY_SEED:-true}
|
||||
- DatabaseMigrationsConfiguration__ApplyDatabaseMigrations=${APPLY_MIGRATIONS:-true}
|
||||
|
||||
# SMTP Email Configuration Overrides
|
||||
- SmtpConfiguration__Host=${SMTP_HOST:-mail.litecharms.co.za}
|
||||
- SmtpConfiguration__Login=${SMTP_LOGIN:-security@litecharms.co.za}
|
||||
- SmtpConfiguration__Password=${SMTP_PASSWORD}
|
||||
|
||||
# Initial Seeding Domain Configurations
|
||||
- IdentityServerData__Clients__0__ClientUri=https://admin.security.khongisa.co.za
|
||||
- IdentityServerData__Clients__0__RedirectUris__0=https://admin.security.khongisa.co.za/signin-oidc
|
||||
- IdentityServerData__Clients__0__FrontChannelLogoutUri=https://admin.security.khongisa.co.za/signout-oidc
|
||||
- IdentityServerData__Clients__0__PostLogoutRedirectUris__0=https://admin.security.khongisa.co.za/signout-callback-oidc
|
||||
- IdentityServerData__Clients__0__AllowedCorsOrigins__0=https://admin.security.khongisa.co.za
|
||||
- IdentityServerData__Clients__1__RedirectUris__0=https://api.security.khongisa.co.za/swagger/oauth2-redirect.html
|
||||
|
||||
litecharmssecurity.sts.identity:
|
||||
image: '${DOCKER_REGISTRY-}skoruba-duende-identityserver-sts-identity'
|
||||
image: skoruba-duende-identityserver-sts-identity
|
||||
build:
|
||||
context: .
|
||||
dockerfile: src/LiteCharmsSecurity.STS.Identity/Dockerfile
|
||||
container_name: skoruba-duende-identityserver-sts-identity
|
||||
container_name: litecharms-security-sts-identity
|
||||
ports:
|
||||
- "8083:8080" # Point your tunnel to this host port for sts.security.khongisa.co.za
|
||||
environment:
|
||||
- VIRTUAL_PORT=8080
|
||||
- VIRTUAL_HOST=sts.skoruba.local
|
||||
- 'ConnectionStrings__ConfigurationDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=${DB_PASSWORD:-Password_123};MultipleActiveResultSets=true;TrustServerCertificate=True'
|
||||
- 'ConnectionStrings__PersistedGrantDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=${DB_PASSWORD:-Password_123};MultipleActiveResultSets=true;TrustServerCertificate=True'
|
||||
- 'ConnectionStrings__IdentityDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=${DB_PASSWORD:-Password_123};MultipleActiveResultSets=true;TrustServerCertificate=True'
|
||||
- 'ConnectionStrings__DataProtectionDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=${DB_PASSWORD:-Password_123};MultipleActiveResultSets=true;TrustServerCertificate=True'
|
||||
- 'AdminConfiguration__IdentityAdminBaseUrl=https://admin.skoruba.local'
|
||||
- 'IdentityServerOptions__IssuerUri=https://sts.skoruba.local'
|
||||
- IdentityServerOptions__KeyManagement__Enabled=true
|
||||
- IdentityServerOptions__Events__RaiseErrorEvents=true
|
||||
- IdentityServerOptions__Events__RaiseInformationEvents=true
|
||||
- IdentityServerOptions__Events__RaiseFailureEvents=true
|
||||
- IdentityServerOptions__Events__RaiseSuccessEvents=true
|
||||
- ServerSideSessionsConfiguration__Enabled=true
|
||||
- ASPNETCORE_ENVIRONMENT=Production
|
||||
- ForwardedHeadersConfiguration__Enabled=true
|
||||
- ForwardedHeadersConfiguration__AllowAll=true
|
||||
- ForwardedHeadersConfiguration__ForwardLimit=1
|
||||
- DockerConfiguration__UpdateCaCertificate=true
|
||||
- ASPNETCORE_ENVIRONMENT=Development
|
||||
depends_on:
|
||||
- db
|
||||
volumes:
|
||||
- './shared/serilog.json:/app/serilog.json'
|
||||
- './shared/nginx/certs/cacerts.crt:/usr/local/share/ca-certificates/cacerts.crt'
|
||||
networks:
|
||||
identityserverui:
|
||||
aliases:
|
||||
- sts.skoruba.local
|
||||
db:
|
||||
image: 'mcr.microsoft.com/mssql/server:2017-CU20-ubuntu-16.04'
|
||||
ports:
|
||||
- '7900:1433'
|
||||
container_name: skoruba-duende-identityserver-db
|
||||
environment:
|
||||
SA_PASSWORD: '${DB_PASSWORD:-Password_123}'
|
||||
ACCEPT_EULA: 'Y'
|
||||
volumes:
|
||||
- 'dbdata:/var/opt/mssql'
|
||||
networks:
|
||||
identityserverui: null
|
||||
volumes:
|
||||
dbdata:
|
||||
driver: local
|
||||
networks:
|
||||
proxy:
|
||||
driver: bridge
|
||||
identityserverui:
|
||||
driver: bridge
|
||||
|
||||
# Identity Server Configs
|
||||
- AdminConfiguration__IdentityAdminBaseUrl=https://admin.security.khongisa.co.za
|
||||
- IdentityServerOptions__IssuerUri=https://sts.security.khongisa.co.za
|
||||
- IdentityServerOptions__KeyManagement__Enabled=true
|
||||
|
||||
# SMTP Email Configuration Overrides (For User Registration/Forgot Password workflows)
|
||||
- SmtpConfiguration__Host=${SMTP_HOST:-mail.litecharms.co.za}
|
||||
- SmtpConfiguration__Login=${SMTP_LOGIN:-security@litecharms.co.za}
|
||||
- SmtpConfiguration__Password=${SMTP_PASSWORD}
|
||||
|
||||
# Postgres Database Overrides
|
||||
- ConnectionStrings__ConfigurationDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};application_name=litecharms_security_sts_config;
|
||||
- ConnectionStrings__PersistedGrantDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};application_name=litecharms_security_sts_grant;
|
||||
- ConnectionStrings__IdentityDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};application_name=litecharms_security_sts_identity;
|
||||
- ConnectionStrings__DataProtectionDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};application_name=litecharms_security_sts_dp;
|
||||
Reference in New Issue
Block a user