security/docker-compose.yml

services:
  litecharmssecurity.admin:
    image: skoruba-duende-identityserver-admin
    build:
      context: .
      dockerfile: src/LiteCharmsSecurity.Admin/Dockerfile
      network: host
    container_name: litecharms-security-admin
    ports:
      - "8081:8080"
    environment:
      - ASPNETCORE_ENVIRONMENT=Production
      - ForwardedHeadersConfiguration__Enabled=true
      - ForwardedHeadersConfiguration__AllowAll=true
      - ForwardedHeadersConfiguration__ForwardLimit=1
      
      # URL Configurations      
      - AdminConfiguration__AuthenticationConfiguration__Authority=https://sts.security.khongisa.co.za
      - AdminConfiguration__ApiConfiguration__ApiRemoteConfiguration__RemoteUrl=https://api.security.khongisa.co.za
      - AdminConfiguration__BasicConfiguration__Title=Lite Charms Security
      - AdminConfiguration__BasicConfiguration__BasePath=/
      
      # Postgres Database Overrides      
      - ConnectionStrings__DataProtectionDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};

  litecharmssecurity.admin.api:
    image: skoruba-duende-identityserver-admin-api
    build:
      context: .
      dockerfile: src/LiteCharmsSecurity.Admin.Api/Dockerfile
      network: host
    container_name: litecharms-security-admin-api
    ports:
      - "8082:8080"
    environment:
      - EF_CORE_SUPPRESS_PENDING_MODEL_CHANGES_WARNING=true
      - ASPNETCORE_ENVIRONMENT=Production
      - ForwardedHeadersConfiguration__Enabled=true
      - ForwardedHeadersConfiguration__AllowAll=true
      - ForwardedHeadersConfiguration__ForwardLimit=1
      
      # API Configurations      
      - AdminApiConfiguration__RequireHttpsMetadata=true
      - AdminApiConfiguration__ApplicationName=Lite Charms Security UI
      - AdminApiConfiguration__ApiBaseUrl=https://api.security.khongisa.co.za
      - AdminApiConfiguration__IdentityServerBaseUrl=https://sts.security.khongisa.co.za
      
      # Postgres Database Overrides      
      - ConnectionStrings__ConfigurationDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};
      - ConnectionStrings__PersistedGrantDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};
      - ConnectionStrings__IdentityDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};
      - ConnectionStrings__AdminLogDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};
      - ConnectionStrings__AdminAuditLogDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};
      - ConnectionStrings__AdminConfigurationDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};
      - ConnectionStrings__DataProtectionDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};
      
      # Operational Management Switches (Controlled via Dockhand UI variables)      
      - SeedConfiguration__ApplySeed=${APPLY_SEED:-true}
      - DatabaseMigrationsConfiguration__ApplyDatabaseMigrations=${APPLY_MIGRATIONS:-true}
      
      # SMTP Email Configuration Overrides      
      - SmtpConfiguration__Host=${SMTP_HOST:-mail.litecharms.co.za}
      - SmtpConfiguration__Login=${SMTP_LOGIN:-security@litecharms.co.za}
      - SmtpConfiguration__Password=${SMTP_PASSWORD}
      
      # Initial Seeding Domain Configurations      
      - IdentityServerData__Clients__0__ClientUri=https://admin.security.khongisa.co.za
      - IdentityServerData__Clients__0__RedirectUris__0=https://admin.security.khongisa.co.za/signin-oidc
      - IdentityServerData__Clients__0__FrontChannelLogoutUri=https://admin.security.khongisa.co.za/signout-oidc
      - IdentityServerData__Clients__0__PostLogoutRedirectUris__0=https://admin.security.khongisa.co.za/signout-callback-oidc
      - IdentityServerData__Clients__0__AllowedCorsOrigins__0=https://admin.security.khongisa.co.za
      - IdentityServerData__Clients__1__RedirectUris__0=https://api.security.khongisa.co.za/swagger/oauth2-redirect.html

  litecharmssecurity.sts.identity:
    image: skoruba-duende-identityserver-sts-identity
    build:
      context: .
      dockerfile: src/LiteCharmsSecurity.STS.Identity/Dockerfile
      network: host
    container_name: litecharms-security-sts-identity
    ports:
      - "8083:8080"
    environment:
      - ASPNETCORE_ENVIRONMENT=Production
      - ForwardedHeadersConfiguration__Enabled=true
      - ForwardedHeadersConfiguration__AllowAll=true
      - ForwardedHeadersConfiguration__ForwardLimit=1
      
      # Identity Server Configs      
      - AdminConfiguration__IdentityAdminBaseUrl=https://admin.security.khongisa.co.za
      - IdentityServerOptions__IssuerUri=https://sts.security.khongisa.co.za
      - IdentityServerOptions__KeyManagement__Enabled=true
      
      # SMTP Email Configuration Overrides (For User Registration/Forgot Password workflows)      
      - SmtpConfiguration__Host=${SMTP_HOST:-mail.litecharms.co.za}
      - SmtpConfiguration__Login=${SMTP_LOGIN:-security@litecharms.co.za}
      - SmtpConfiguration__Password=${SMTP_PASSWORD}
      
      # Postgres Database Overrides      
      - ConnectionStrings__ConfigurationDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};
      - ConnectionStrings__PersistedGrantDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};
      - ConnectionStrings__IdentityDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};
      - ConnectionStrings__DataProtectionDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};