security/docker-compose.yml

version: '3.4'

services:
  litecharmssecurity.admin:
    image: skoruba-duende-identityserver-admin
    build:
      context: .
      dockerfile: src/LiteCharmsSecurity.Admin/Dockerfile
    container_name: litecharms-security-admin
    ports:
      - "8081:8080" # Point your tunnel to this host port for admin.security.khongisa.co.za
    environment:
      - ASPNETCORE_ENVIRONMENT=Production
      - ForwardedHeadersConfiguration__Enabled=true
      - ForwardedHeadersConfiguration__AllowAll=true
      - ForwardedHeadersConfiguration__ForwardLimit=1
      
      # URL Configurations
      - AdminConfiguration__AuthenticationConfiguration__Authority=https://sts.security.khongisa.co.za
      - AdminConfiguration__ApiConfiguration__ApiRemoteConfiguration__RemoteUrl=https://api.security.khongisa.co.za
      - AdminConfiguration__BasicConfiguration__Title=Lite Charms Security
      - AdminConfiguration__BasicConfiguration__BasePath=/
      
      # Postgres Database Overrides
      - ConnectionStrings__DataProtectionDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};application_name=litecharms_security_admin_dp;

  litecharmssecurity.admin.api:
    image: skoruba-duende-identityserver-admin-api
    build:
      context: .
      dockerfile: src/LiteCharmsSecurity.Admin.Api/Dockerfile
    container_name: litecharms-security-admin-api
    ports:
      - "8082:8080" # Point your tunnel to this host port for api.security.khongisa.co.za
    environment:
      - ASPNETCORE_ENVIRONMENT=Production
      - ForwardedHeadersConfiguration__Enabled=true
      - ForwardedHeadersConfiguration__AllowAll=true
      - ForwardedHeadersConfiguration__ForwardLimit=1
      
      # API Configurations
      - AdminApiConfiguration__RequireHttpsMetadata=true
      - AdminApiConfiguration__ApplicationName=Lite Charms Security UI
      - AdminApiConfiguration__ApiBaseUrl=https://api.security.khongisa.co.za
      - AdminApiConfiguration__IdentityServerBaseUrl=https://sts.security.khongisa.co.za
      
      # Postgres Database Overrides
      - ConnectionStrings__ConfigurationDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};application_name=litecharms_security_config;
      - ConnectionStrings__PersistedGrantDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};application_name=litecharms_security_grant;
      - ConnectionStrings__IdentityDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};application_name=litecharms_security_identity;
      - ConnectionStrings__AdminLogDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};application_name=litecharms_security_log;
      - ConnectionStrings__AdminAuditLogDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};application_name=litecharms_security_audit;
      - ConnectionStrings__AdminConfigurationDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};application_name=litecharms_security_admin_config;
      - ConnectionStrings__DataProtectionDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};application_name=litecharms_security_api_dp;
      
      # Operational Management Switches (Controlled via Dockhand UI variables)
      - SeedConfiguration__ApplySeed=${APPLY_SEED:-true}
      - DatabaseMigrationsConfiguration__ApplyDatabaseMigrations=${APPLY_MIGRATIONS:-true}
      
      # SMTP Email Configuration Overrides
      - SmtpConfiguration__Host=${SMTP_HOST:-mail.litecharms.co.za}
      - SmtpConfiguration__Login=${SMTP_LOGIN:-security@litecharms.co.za}
      - SmtpConfiguration__Password=${SMTP_PASSWORD}
      
      # Initial Seeding Domain Configurations
      - IdentityServerData__Clients__0__ClientUri=https://admin.security.khongisa.co.za
      - IdentityServerData__Clients__0__RedirectUris__0=https://admin.security.khongisa.co.za/signin-oidc
      - IdentityServerData__Clients__0__FrontChannelLogoutUri=https://admin.security.khongisa.co.za/signout-oidc
      - IdentityServerData__Clients__0__PostLogoutRedirectUris__0=https://admin.security.khongisa.co.za/signout-callback-oidc
      - IdentityServerData__Clients__0__AllowedCorsOrigins__0=https://admin.security.khongisa.co.za
      - IdentityServerData__Clients__1__RedirectUris__0=https://api.security.khongisa.co.za/swagger/oauth2-redirect.html

  litecharmssecurity.sts.identity:
    image: skoruba-duende-identityserver-sts-identity
    build:
      context: .
      dockerfile: src/LiteCharmsSecurity.STS.Identity/Dockerfile
    container_name: litecharms-security-sts-identity
    ports:
      - "8083:8080" # Point your tunnel to this host port for sts.security.khongisa.co.za
    environment:
      - ASPNETCORE_ENVIRONMENT=Production
      - ForwardedHeadersConfiguration__Enabled=true
      - ForwardedHeadersConfiguration__AllowAll=true
      - ForwardedHeadersConfiguration__ForwardLimit=1
      
      # Identity Server Configs
      - AdminConfiguration__IdentityAdminBaseUrl=https://admin.security.khongisa.co.za
      - IdentityServerOptions__IssuerUri=https://sts.security.khongisa.co.za
      - IdentityServerOptions__KeyManagement__Enabled=true
      
      # SMTP Email Configuration Overrides (For User Registration/Forgot Password workflows)
      - SmtpConfiguration__Host=${SMTP_HOST:-mail.litecharms.co.za}
      - SmtpConfiguration__Login=${SMTP_LOGIN:-security@litecharms.co.za}
      - SmtpConfiguration__Password=${SMTP_PASSWORD}
      
      # Postgres Database Overrides
      - ConnectionStrings__ConfigurationDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};application_name=litecharms_security_sts_config;
      - ConnectionStrings__PersistedGrantDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};application_name=litecharms_security_sts_grant;
      - ConnectionStrings__IdentityDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};application_name=litecharms_security_sts_identity;
      - ConnectionStrings__DataProtectionDbConnection=Server=192.168.1.170;Port=5432;Database=skoruba;User Id=skoruba;Password=${DB_PASSWORD};application_name=litecharms_security_sts_dp;