docker-compose.yml

@@ -1,142 +1,101 @@
 version: '3.4'
+
 services:
-  nginx-proxy:
-    image: jwilder/nginx-proxy
-    container_name: nginx
-    ports:
-      - '80:80'
-      - '443:443'
-    volumes:
-      - '/var/run/docker.sock:/tmp/docker.sock:ro'
-      - './shared/nginx/vhost.d:/etc/nginx/vhost.d'
-      - './shared/nginx/certs:/etc/nginx/certs:ro'
-    networks:
-      proxy: null
-      identityserverui:
-        aliases:
-          - sts.skoruba.local
-          - admin.skoruba.local
-          - admin-api.skoruba.local
-    restart: always
   litecharmssecurity.admin:
-    image: '${DOCKER_REGISTRY-}skoruba-duende-identityserver-admin'
+    image: skoruba-duende-identityserver-admin
     build:
       context: .
       dockerfile: src/LiteCharmsSecurity.Admin/Dockerfile
-    container_name: skoruba-duende-identityserver-admin
+    container_name: litecharms-security-admin
+    ports:
+      - "8081:8080" # Point your tunnel to this host port for admin.security.khongisa.co.za
     environment:
-      - VIRTUAL_PORT=8080
-      - VIRTUAL_HOST=admin.skoruba.local
-      - 'ConnectionStrings__DataProtectionDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=${DB_PASSWORD:-Password_123};MultipleActiveResultSets=true;TrustServerCertificate=True'
-      - 'AdminConfiguration__AuthenticationConfiguration__Authority=https://sts.skoruba.local'
-      - 'AdminConfiguration__ApiConfiguration__ApiRemoteConfiguration__RemoteUrl=https://admin-api.skoruba.local'
-      - 'AdminConfiguration__BasicConfiguration__Title=Lite Charms Security'
-      - 'AdminConfiguration__BasicConfiguration__BasePath=/'
+      - ASPNETCORE_ENVIRONMENT=Production
       - ForwardedHeadersConfiguration__Enabled=true
       - ForwardedHeadersConfiguration__AllowAll=true
       - ForwardedHeadersConfiguration__ForwardLimit=1
-      - DockerConfiguration__UpdateCaCertificate=true
-      - ASPNETCORE_ENVIRONMENT=Development
-    depends_on:
-      - db
-      - litecharmssecurity.sts.identity
-    volumes:
-      - './shared/serilog.json:/app/serilog.json'
-      - './shared/nginx/certs/cacerts.crt:/usr/local/share/ca-certificates/cacerts.crt'
-    networks:
-      identityserverui: null
+      
+      # URL Configurations
+      - AdminConfiguration__AuthenticationConfiguration__Authority=https://sts.security.khongisa.co.za
+      - AdminConfiguration__ApiConfiguration__ApiRemoteConfiguration__RemoteUrl=https://api.security.khongisa.co.za
+      - AdminConfiguration__BasicConfiguration__Title=Lite Charms Security
+      - AdminConfiguration__BasicConfiguration__BasePath=/
+      
+      # Postgres Database Overrides
+      - ConnectionStrings__DataProtectionDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};application_name=litecharms_security_admin_dp;
+
   litecharmssecurity.admin.api:
-    image: '${DOCKER_REGISTRY-}skoruba-duende-identityserver-admin-api'
+    image: skoruba-duende-identityserver-admin-api
     build:
       context: .
       dockerfile: src/LiteCharmsSecurity.Admin.Api/Dockerfile
-    container_name: skoruba-duende-identityserver-admin-api
+    container_name: litecharms-security-admin-api
+    ports:
+      - "8082:8080" # Point your tunnel to this host port for api.security.khongisa.co.za
     environment:
-      - VIRTUAL_PORT=8080
-      - VIRTUAL_HOST=admin-api.skoruba.local
-      - AdminApiConfiguration__RequireHttpsMetadata=false
-      - 'AdminApiConfiguration__ApplicationName=Lite Charms Security UI'
-      - 'AdminApiConfiguration__ApiBaseUrl=https://admin-api.skoruba.local'
-      - 'AdminApiConfiguration__IdentityServerBaseUrl=https://sts.skoruba.local'
-      - 'ConnectionStrings__ConfigurationDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=${DB_PASSWORD:-Password_123};MultipleActiveResultSets=true;TrustServerCertificate=True'
-      - 'ConnectionStrings__PersistedGrantDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=${DB_PASSWORD:-Password_123};MultipleActiveResultSets=true;TrustServerCertificate=True'
-      - 'ConnectionStrings__IdentityDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=${DB_PASSWORD:-Password_123};MultipleActiveResultSets=true;TrustServerCertificate=True'
-      - 'ConnectionStrings__AdminLogDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=${DB_PASSWORD:-Password_123};MultipleActiveResultSets=true;TrustServerCertificate=True'
-      - 'ConnectionStrings__AdminAuditLogDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=${DB_PASSWORD:-Password_123};MultipleActiveResultSets=true;TrustServerCertificate=True'
-      - 'ConnectionStrings__AdminConfigurationDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=${DB_PASSWORD:-Password_123};MultipleActiveResultSets=true;TrustServerCertificate=True'
-      - 'ConnectionStrings__DataProtectionDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=${DB_PASSWORD:-Password_123};MultipleActiveResultSets=true;TrustServerCertificate=True'
-      - 'IdentityServerData__Clients__0__ClientUri=https://admin.skoruba.local'
-      - 'IdentityServerData__Clients__0__RedirectUris__0=https://admin.skoruba.local/signin-oidc'
-      - 'IdentityServerData__Clients__0__FrontChannelLogoutUri=https://admin.skoruba.local/signin-oidc'
-      - 'IdentityServerData__Clients__0__PostLogoutRedirectUris__0=https://admin.skoruba.local/signout-callback-oidc'
-      - 'IdentityServerData__Clients__0__AllowedCorsOrigins__0=https://admin.skoruba.local'
-      - 'IdentityServerData__Clients__1__RedirectUris__0=https://admin-api.skoruba.local/swagger/oauth2-redirect.html'
-      - 'SeedConfiguration__ApplySeed=true'
-      - 'DatabaseMigrationsConfiguration__ApplyDatabaseMigrations=true'
+      - ASPNETCORE_ENVIRONMENT=Production
       - ForwardedHeadersConfiguration__Enabled=true
       - ForwardedHeadersConfiguration__AllowAll=true
       - ForwardedHeadersConfiguration__ForwardLimit=1
-      - DockerConfiguration__UpdateCaCertificate=true
-      - ASPNETCORE_ENVIRONMENT=Development
-    volumes:
-      - './shared/serilog.json:/app/serilog.json'
-      - './shared/identitydata.json:/app/identitydata.json'
-      - './shared/identityserverdata.json:/app/identityserverdata.json'
-      - './shared/nginx/certs/cacerts.crt:/usr/local/share/ca-certificates/cacerts.crt'
-    networks:
-      identityserverui: null
+      
+      # API Configurations
+      - AdminApiConfiguration__RequireHttpsMetadata=true
+      - AdminApiConfiguration__ApplicationName=Lite Charms Security UI
+      - AdminApiConfiguration__ApiBaseUrl=https://api.security.khongisa.co.za
+      - AdminApiConfiguration__IdentityServerBaseUrl=https://sts.security.khongisa.co.za
+      
+      # Postgres Database Overrides
+      - ConnectionStrings__ConfigurationDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};application_name=litecharms_security_config;
+      - ConnectionStrings__PersistedGrantDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};application_name=litecharms_security_grant;
+      - ConnectionStrings__IdentityDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};application_name=litecharms_security_identity;
+      - ConnectionStrings__AdminLogDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};application_name=litecharms_security_log;
+      - ConnectionStrings__AdminAuditLogDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};application_name=litecharms_security_audit;
+      - ConnectionStrings__AdminConfigurationDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};application_name=litecharms_security_admin_config;
+      - ConnectionStrings__DataProtectionDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};application_name=litecharms_security_api_dp;
+      
+      # Operational Management Switches (Controlled via Dockhand UI variables)
+      - SeedConfiguration__ApplySeed=${APPLY_SEED:-true}
+      - DatabaseMigrationsConfiguration__ApplyDatabaseMigrations=${APPLY_MIGRATIONS:-true}
+      
+      # SMTP Email Configuration Overrides
+      - SmtpConfiguration__Host=${SMTP_HOST:-mail.litecharms.co.za}
+      - SmtpConfiguration__Login=${SMTP_LOGIN:-security@litecharms.co.za}
+      - SmtpConfiguration__Password=${SMTP_PASSWORD}
+      
+      # Initial Seeding Domain Configurations
+      - IdentityServerData__Clients__0__ClientUri=https://admin.security.khongisa.co.za
+      - IdentityServerData__Clients__0__RedirectUris__0=https://admin.security.khongisa.co.za/signin-oidc
+      - IdentityServerData__Clients__0__FrontChannelLogoutUri=https://admin.security.khongisa.co.za/signout-oidc
+      - IdentityServerData__Clients__0__PostLogoutRedirectUris__0=https://admin.security.khongisa.co.za/signout-callback-oidc
+      - IdentityServerData__Clients__0__AllowedCorsOrigins__0=https://admin.security.khongisa.co.za
+      - IdentityServerData__Clients__1__RedirectUris__0=https://api.security.khongisa.co.za/swagger/oauth2-redirect.html
+
   litecharmssecurity.sts.identity:
-    image: '${DOCKER_REGISTRY-}skoruba-duende-identityserver-sts-identity'
+    image: skoruba-duende-identityserver-sts-identity
     build:
       context: .
       dockerfile: src/LiteCharmsSecurity.STS.Identity/Dockerfile
-    container_name: skoruba-duende-identityserver-sts-identity
+    container_name: litecharms-security-sts-identity
+    ports:
+      - "8083:8080" # Point your tunnel to this host port for sts.security.khongisa.co.za
     environment:
-      - VIRTUAL_PORT=8080
-      - VIRTUAL_HOST=sts.skoruba.local
-      - 'ConnectionStrings__ConfigurationDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=${DB_PASSWORD:-Password_123};MultipleActiveResultSets=true;TrustServerCertificate=True'
-      - 'ConnectionStrings__PersistedGrantDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=${DB_PASSWORD:-Password_123};MultipleActiveResultSets=true;TrustServerCertificate=True'
-      - 'ConnectionStrings__IdentityDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=${DB_PASSWORD:-Password_123};MultipleActiveResultSets=true;TrustServerCertificate=True'
-      - 'ConnectionStrings__DataProtectionDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=${DB_PASSWORD:-Password_123};MultipleActiveResultSets=true;TrustServerCertificate=True'
-      - 'AdminConfiguration__IdentityAdminBaseUrl=https://admin.skoruba.local'
-      - 'IdentityServerOptions__IssuerUri=https://sts.skoruba.local'
-      - IdentityServerOptions__KeyManagement__Enabled=true
-      - IdentityServerOptions__Events__RaiseErrorEvents=true
-      - IdentityServerOptions__Events__RaiseInformationEvents=true
-      - IdentityServerOptions__Events__RaiseFailureEvents=true
-      - IdentityServerOptions__Events__RaiseSuccessEvents=true
-      - ServerSideSessionsConfiguration__Enabled=true
+      - ASPNETCORE_ENVIRONMENT=Production
       - ForwardedHeadersConfiguration__Enabled=true
       - ForwardedHeadersConfiguration__AllowAll=true
       - ForwardedHeadersConfiguration__ForwardLimit=1
-      - DockerConfiguration__UpdateCaCertificate=true
-      - ASPNETCORE_ENVIRONMENT=Development
-    depends_on:
-      - db
-    volumes:
-      - './shared/serilog.json:/app/serilog.json'
-      - './shared/nginx/certs/cacerts.crt:/usr/local/share/ca-certificates/cacerts.crt'
-    networks:
-      identityserverui:
-        aliases:
-          - sts.skoruba.local
-  db:
-    image: 'mcr.microsoft.com/mssql/server:2017-CU20-ubuntu-16.04'
-    ports:
-      - '7900:1433'
-    container_name: skoruba-duende-identityserver-db
-    environment:
-      SA_PASSWORD: '${DB_PASSWORD:-Password_123}'
-      ACCEPT_EULA: 'Y'
-    volumes:
-      - 'dbdata:/var/opt/mssql'
-    networks:
-      identityserverui: null
-volumes:
-  dbdata:
-    driver: local
-networks:
-  proxy:
-    driver: bridge
-  identityserverui:
-    driver: bridge
+      
+      # Identity Server Configs
+      - AdminConfiguration__IdentityAdminBaseUrl=https://admin.security.khongisa.co.za
+      - IdentityServerOptions__IssuerUri=https://sts.security.khongisa.co.za
+      - IdentityServerOptions__KeyManagement__Enabled=true
+      
+      # SMTP Email Configuration Overrides (For User Registration/Forgot Password workflows)
+      - SmtpConfiguration__Host=${SMTP_HOST:-mail.litecharms.co.za}
+      - SmtpConfiguration__Login=${SMTP_LOGIN:-security@litecharms.co.za}
+      - SmtpConfiguration__Password=${SMTP_PASSWORD}
+      
+      # Postgres Database Overrides
+      - ConnectionStrings__ConfigurationDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};application_name=litecharms_security_sts_config;
+      - ConnectionStrings__PersistedGrantDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};application_name=litecharms_security_sts_grant;
+      - ConnectionStrings__IdentityDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};application_name=litecharms_security_sts_identity;
+      - ConnectionStrings__DataProtectionDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};application_name=litecharms_security_sts_dp;

src/LiteCharmsSecurity.Admin.Api/appsettings.json

@@ -32,9 +32,9 @@
     "CorsAllowOrigins": []
   },
   "SmtpConfiguration": {
-    "Host": "",
-    "Login": "",
-    "Password": ""
+    "Host": "mail.litecharms.co.za",
+    "Login": "security@litecharms.co.za",
+    "Password": "X,xq1EnK7AjM3L=d"
   },
   "SendGridConfiguration": {
     "ApiKey": "",