2024-10-28 14:58:11 +01:00
|
|
|
|
version: "3"
|
2024-10-30 12:38:25 +01:00
|
|
|
|
services:
|
2024-10-28 14:58:11 +01:00
|
|
|
|
hydra-client:
|
2024-10-30 12:38:25 +01:00
|
|
|
|
image: oryd/hydra:v2.2.0
|
2024-10-28 14:58:11 +01:00
|
|
|
|
container_name: hydra-client
|
|
|
|
|
|
environment:
|
|
|
|
|
|
HYDRA_ADMIN_URL: http://hydra:4445
|
|
|
|
|
|
ORY_SDK_URL: http://hydra:4445
|
|
|
|
|
|
command:
|
|
|
|
|
|
- create
|
|
|
|
|
|
- oauth2-client
|
|
|
|
|
|
- --skip-tls-verify
|
|
|
|
|
|
- --name
|
|
|
|
|
|
- test-client
|
|
|
|
|
|
- --secret
|
|
|
|
|
|
- oc-auth-got-secret
|
|
|
|
|
|
- --response-type
|
|
|
|
|
|
- id_token,token,code
|
|
|
|
|
|
- --grant-type
|
2024-10-30 12:38:25 +01:00
|
|
|
|
- implicit,refresh_token,authorization_code,client_credentials
|
2024-10-28 14:58:11 +01:00
|
|
|
|
- --scope
|
|
|
|
|
|
- openid,profile,email,roles
|
|
|
|
|
|
- --token-endpoint-auth-method
|
|
|
|
|
|
- client_secret_post
|
|
|
|
|
|
- --redirect-uri
|
|
|
|
|
|
- http://localhost:3000
|
|
|
|
|
|
|
|
|
|
|
|
networks:
|
|
|
|
|
|
- hydra-net
|
|
|
|
|
|
- catalog
|
|
|
|
|
|
deploy:
|
|
|
|
|
|
restart_policy:
|
|
|
|
|
|
condition: none
|
|
|
|
|
|
depends_on:
|
|
|
|
|
|
- hydra
|
|
|
|
|
|
healthcheck:
|
|
|
|
|
|
test: ["CMD", "curl", "-f", "http://hydra:4445"]
|
|
|
|
|
|
interval: 10s
|
|
|
|
|
|
timeout: 10s
|
|
|
|
|
|
retries: 10
|
|
|
|
|
|
hydra:
|
|
|
|
|
|
container_name: hydra
|
2024-10-30 12:38:25 +01:00
|
|
|
|
image: oryd/hydra:v2.2.0
|
2024-10-28 14:58:11 +01:00
|
|
|
|
environment:
|
|
|
|
|
|
SECRETS_SYSTEM: oc-auth-got-secret
|
|
|
|
|
|
LOG_LEAK_SENSITIVE_VALUES: true
|
2024-10-30 12:38:25 +01:00
|
|
|
|
# OAUTH2_TOKEN_HOOK_URL: http://oc-auth:8080/oc/claims
|
2024-10-28 14:58:11 +01:00
|
|
|
|
URLS_SELF_ISSUER: http://hydra:4444
|
|
|
|
|
|
URLS_SELF_PUBLIC: http://hydra:4444
|
|
|
|
|
|
WEBFINGER_OIDC_DISCOVERY_SUPPORTED_SCOPES: profile,email,phone,roles
|
|
|
|
|
|
WEBFINGER_OIDC_DISCOVERY_SUPPORTED_CLAIMS: name,family_name,given_name,nickname,email,phone_number
|
|
|
|
|
|
DSN: memory
|
|
|
|
|
|
command: serve all --dev
|
|
|
|
|
|
networks:
|
|
|
|
|
|
- hydra-net
|
|
|
|
|
|
- catalog
|
|
|
|
|
|
ports:
|
|
|
|
|
|
- "4444:4444"
|
|
|
|
|
|
- "4445:4445"
|
|
|
|
|
|
deploy:
|
|
|
|
|
|
restart_policy:
|
|
|
|
|
|
condition: on-failure
|
|
|
|
|
|
ldap:
|
|
|
|
|
|
image: pgarrett/ldap-alpine
|
|
|
|
|
|
container_name: ldap
|
2024-10-30 12:38:25 +01:00
|
|
|
|
volumes:
|
2024-10-28 14:58:11 +01:00
|
|
|
|
- "./ldap.ldif:/ldif/ldap.ldif"
|
|
|
|
|
|
networks:
|
|
|
|
|
|
- hydra-net
|
|
|
|
|
|
- catalog
|
|
|
|
|
|
ports:
|
|
|
|
|
|
- "389:389"
|
|
|
|
|
|
deploy:
|
|
|
|
|
|
restart_policy:
|
|
|
|
|
|
condition: on-failure
|
2024-10-30 12:38:25 +01:00
|
|
|
|
networks:
|
2024-10-28 14:58:11 +01:00
|
|
|
|
hydra-net:
|
|
|
|
|
|
catalog:
|
|
|
|
|
|
external: true
|
