-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathdocker-compose.yml
148 lines (139 loc) · 3.82 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
version: "3.1"
networks:
default:
driver: bridge
services:
identityserver:
image: identityserver
build:
context: ./Identityserver
dockerfile: src/Dockerfile
environment:
- ASPNETCORE_URLS=https://+:4430;http://+:8080
#demo https certificate details
- ASPNETCORE_Kestrel__Certificates__Default__Password=password
- ASPNETCORE_Kestrel__Certificates__Default__Path=/run/secrets/san_certkey
#end of development certificate details
ports:
- "8080:8080"
- "4430:4430"
networks:
- default
secrets:
- source: san_certkey
movieswebapp:
image: movieswebapp
build:
context: ./MoviesWebApp
dockerfile: src/Dockerfile
environment:
- ASPNETCORE_URLS=https://+:4431;http://+:8081
#demo https certificate details
- ASPNETCORE_Kestrel__Certificates__Default__Password=password
- ASPNETCORE_Kestrel__Certificates__Default__Path=/run/secrets/san_certkey
#end of development certificate details
ports:
- "8081:8081"
- "4431:4431"
networks:
- default
secrets:
- source: san_certkey
singlepageapp:
image: singlepageapp
build:
context: ./SPA
dockerfile: Dockerfile
environment:
- ASPNETCORE_URLS=https://+:4432;http://+:8082
#demo https certificate details
- ASPNETCORE_Kestrel__Certificates__Default__Password=password
- ASPNETCORE_Kestrel__Certificates__Default__Path=/run/secrets/san_certkey
#end of development certificate details
ports:
- "8082:8082"
- "4432:4432"
networks:
- default
secrets:
- source: san_certkey
productapi:
image: productapi
build:
context: ./ProductAPI
dockerfile: Dockerfile
environment:
- ASPNETCORE_URLS=https://+:4433;http://+:8083
#demo https certificate details
- ASPNETCORE_Kestrel__Certificates__Default__Password=password
- ASPNETCORE_Kestrel__Certificates__Default__Path=/run/secrets/san_certkey
#end of development certificate details
ports:
- "8083:8083"
- "4433:4433"
networks:
- default
secrets:
- source: san_certkey
shibboleth:
build: ./Shibboleth/
depends_on:
- ldap
environment:
- JETTY_MAX_HEAP=64m
- JETTY_BROWSER_SSL_KEYSTORE_PASSWORD=password
- JETTY_BACKCHANNEL_SSL_KEYSTORE_PASSWORD=password
ports:
- "8090:8080"
networks:
- default
secrets:
- source: idp_backchannel
- source: idp_browser
- source: idp_encryption
- source: idp_signing
- source: idp_sealer
ldap:
build: ./ldap/
networks:
- default
ports:
- "389:389"
opaserver:
image: openpolicyagent/opa:latest
ports:
- 8181:8181
# WARNING: OPA is NOT running with an authorization policy configured. This
# means that clients can read and write policies in OPA. If you are
# deploying OPA in an insecure environment, be sure to configure
# authentication and authorization on the daemon. See the Security page for
# details: https://www.openpolicyagent.org/docs/security.html.
environment:
- OPA_LOG_TIMESTAMP_FORMAT="2006-01-02T15:04:05.999999999Z07:00"
command:
- "run"
- "-l"
- "debug"
- "--server"
- "/opa.rego"
volumes:
- ./OPA/opa.rego:/opa.rego
networks:
- default
secrets:
idp_backchannel:
file: ./secrets/idp/idp-backchannel.p12
idp_browser:
file: ./secrets/idp/idp-browser.p12
idp_encryption:
file: ./secrets/idp/idp-encryption.key
idp_signing:
file: ./secrets/idp/idp-signing.key
idp_sealer:
file: ./secrets/idp/sealer.jks
ssp_key:
file: ./secrets/simplesamlphp/server.pem
sp_key:
file: ./secrets/sp/sp-key.pem
san_certkey:
file: ./secrets/idp/ModernACRestSan.pfx