forked from firezone/firezone
-
Notifications
You must be signed in to change notification settings - Fork 0
/
docker-compose.idp.yml
103 lines (100 loc) · 2.99 KB
/
docker-compose.idp.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
version: '3.7'
services:
keycloak:
image: quay.io/keycloak/keycloak:20.0
environment:
- KEYCLOAK_ADMIN=admin
- KEYCLOAK_ADMIN_PASSWORD=admin
volumes:
# Persist dev data
- ./tmp/keycloak:/opt/keycloak/data
command: start-dev
ports:
- 8080:8080
networks:
- app
# The following services represent more self-hosted IdPs.
# These are much lesser-known and not as trivial to get working
# as Keycloak, so leaving them here for someone to possibly play
# with later.
# authentik:
# image: ghcr.io/goauthentik/server:2022.10.1
# command: server
# depends_on:
# redis:
# condition: 'service_healthy'
# environment:
# AUTHENTIK_SECRET_KEY: NQgSe9lPF+rYlQY+aOpR6Wbi2PMPXxsunw5CX1wuqv9vB+nW
# AUTHENTIK_REDIS__HOST: redis
# AUTHENTIK_POSTGRESQL__HOST: postgres
# AUTHENTIK_POSTGRESQL__USER: postgres
# AUTHENTIK_POSTGRESQL__NAME: authentik
# AUTHENTIK_POSTGRESQL__PASSWORD: postgres
# AUTHENTIK_ERROR_REPORTING__ENABLED: true
# volumes:
# - ./tmp/authentik/media:/media
# - ./tmp/authentik/custom-templates:/templates
# ports:
# - 9000:9000
# - 9443:9443
#
# authentik-worker:
# depends_on:
# redis:
# condition: 'service_healthy'
# image: ghcr.io/goauthentik/server:2022.10.1
# command: worker
# environment:
# AUTHENTIK_SECRET_KEY: NQgSe9lPF+rYlQY+aOpR6Wbi2PMPXxsunw5CX1wuqv9vB+nW
# AUTHENTIK_REDIS__HOST: redis
# AUTHENTIK_POSTGRESQL__HOST: postgres
# AUTHENTIK_POSTGRESQL__USER: postgres
# AUTHENTIK_POSTGRESQL__NAME: authentik
# AUTHENTIK_POSTGRESQL__PASSWORD: postgres
# AUTHENTIK_ERROR_REPORTING__ENABLED: true
# volumes:
# - ./tmp/authentik/media:/media
# - ./tmp/authentik/certs:/certs
# - ./tmp/authentik/custom-templates:/templates
#
# redis:
# image: docker.io/library/redis:alpine
# command: --save 60 1 --loglevel warning
# restart: unless-stopped
# healthcheck:
# test: ["CMD-SHELL", "redis-cli ping | grep PONG"]
# start_period: 20s
# interval: 30s
# retries: 5
# timeout: 3s
# volumes:
# - redis-data:/data
#
# Only available for amd64 architectures
# zitadel:
# networks:
# - app
# image: ghcr.io/zitadel/zitadel:stable
# command: start-from-init --masterkey "MasterkeyNeedsToHave32Characters" --tlsMode disabled
# environment:
# - ZITADEL_DATABASE_COCKROACH_HOST=crdb
# - ZITADEL_EXTERNALSECURE=false
# depends_on:
# crdb:
# condition: 'service_healthy'
# ports:
# - 8081:8080
# crdb:
# image: cockroachdb/cockroach:v22.1.3
# command: start-single-node --insecure
# healthcheck:
# test: ["CMD", "curl", "-f", "http://localhost:8080/health?ready=1"]
# interval: '10s'
# timeout: '30s'
# retries: 5
# start_period: '20s'
# ports:
# - 9090:8080
# - 26257:26257
# networks:
# - app