startup-starter/skybridge
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
86900b0bd4ade0bc04379a81cac52a209dd97aca
skybridge/docker-compose.yml
Ryan Copley 86900b0bd4 sso
2025-08-26 19:15:37 -04:00

142 lines
3.9 KiB
YAML
Raw Blame History

version: '3.8'
services:
postgres:
image: docker.io/library/postgres:15-alpine
container_name: kms-postgres
environment:
POSTGRES_DB: kms
POSTGRES_USER: postgres
POSTGRES_PASSWORD: postgres
ports:
- "5432:5432"
volumes:
- postgres_data:/var/lib/postgresql/data
- ./migrations:/docker-entrypoint-initdb.d:Z
networks:
- kms-network
healthcheck:
test: ["CMD-SHELL", "pg_isready -U postgres -d kms"]
interval: 10s
timeout: 5s
retries: 5
nginx:
image: docker.io/library/nginx:alpine
container_name: kms-nginx
ports:
- "8081:80"
volumes:
- ./nginx/nginx.conf:/etc/nginx/nginx.conf:ro,Z
- ./nginx/default.conf:/etc/nginx/conf.d/default.conf:ro,Z
depends_on:
- api-service
- frontend
networks:
- kms-network
api-service:
build:
context: .
dockerfile: Dockerfile
container_name: kms-api-service
environment:
APP_ENV: development
DB_HOST: postgres
DB_PORT: 5432
DB_NAME: kms
DB_USER: postgres
DB_PASSWORD: postgres
DB_SSLMODE: disable
DB_CONN_MAX_LIFETIME: 5m
DB_MAX_OPEN_CONNS: 25
DB_MAX_IDLE_CONNS: 5
SERVER_HOST: 0.0.0.0
SERVER_PORT: 8080
LOG_LEVEL: debug
MIGRATION_PATH: /app/migrations
INTERNAL_HMAC_KEY: 3924f352b7ea63b27db02bf4b0014f2961a5d2f7c27643853a4581bb3a5457cb
JWT_SECRET: 7f5e11d55e957988b00ce002418680af384219ef98c50d08cbbbdd541978450c
AUTH_SIGNING_KEY: 484f921b39c383e6b3e0cc5a7cef3c2cec3d7c8d474ab5102891dc4c2bf63a68
AUTH_PROVIDER: header
AUTH_HEADER_USER_EMAIL: X-User-Email
RATE_LIMIT_ENABLED: true
CACHE_ENABLED: false
METRICS_ENABLED: true
# OAuth2 / OIDC Configuration (for Keycloak)
OAUTH2_ENABLED: false
OAUTH2_PROVIDER_URL: http://keycloak:8080/realms/kms
OAUTH2_CLIENT_ID: kms-api
OAUTH2_CLIENT_SECRET: kms-client-secret
OAUTH2_REDIRECT_URL: http://localhost:8081/api/oauth2/callback
# SAML Configuration (for SimpleSAMLphp)
SAML_ENABLED: false
SAML_IDP_SSO_URL: http://saml-idp:8080/simplesaml/saml2/idp/SSOService.php
SAML_IDP_METADATA_URL: http://saml-idp:8080/simplesaml/saml2/idp/metadata.php
SAML_SP_ENTITY_ID: http://localhost:8081
SAML_SP_ACS_URL: http://localhost:8081/api/saml/acs
SAML_SP_SLS_URL: http://localhost:8081/api/saml/sls
ports:
- "8080:8080"
- "9090:9090" # Metrics port
depends_on:
postgres:
condition: service_healthy
networks:
- kms-network
volumes:
- ./migrations:/app/migrations:ro,Z
restart: unless-stopped
frontend:
build:
context: ./kms-frontend
dockerfile: Dockerfile
container_name: kms-frontend
ports:
- "3000:80"
networks:
- kms-network
restart: unless-stopped
# Keycloak OAuth2/OIDC Identity Provider for testing
keycloak:
image: quay.io/keycloak/keycloak:25.0.2
container_name: kms-keycloak
environment:
KEYCLOAK_ADMIN: admin
KEYCLOAK_ADMIN_PASSWORD: admin
KC_DB: dev-file
ports:
- "8090:8080"
networks:
- kms-network
command: ["start-dev", "--import-realm"]
volumes:
- ./sso-config/keycloak:/opt/keycloak/data/import:Z
restart: unless-stopped
# SimpleSAMLphp SAML Identity Provider for testing
saml-idp:
image: kristophjunge/test-saml-idp:1.15
container_name: kms-saml-idp
environment:
SIMPLESAMLPHP_SP_ENTITY_ID: http://localhost:8081
SIMPLESAMLPHP_SP_ASSERTION_CONSUMER_SERVICE: http://localhost:8081/api/saml/acs
SIMPLESAMLPHP_SP_SINGLE_LOGOUT_SERVICE: http://localhost:8081/api/saml/sls
SIMPLESAMLPHP_TRUSTED_DOMAINS: '["localhost", "kms-api-service", "kms-nginx"]'
ports:
- "8091:8080"
- "8443:8443"
networks:
- kms-network
restart: unless-stopped
volumes:
postgres_data:
driver: local
networks:
kms-network:
driver: bridge
Reference in New Issue View Git Blame Copy Permalink