forked from sndnv/stasis
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdocker-compose-no-auth-hash.yml
217 lines (209 loc) · 12 KB
/
docker-compose-no-auth-hash.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
version: '3'
services:
identity:
image: stasis-identity:dev-latest
ports:
- '10000:10000'
- '10001:10001'
environment:
- STASIS_IDENTITY_BOOTSTRAP_ENABLED=true
- STASIS_IDENTITY_BOOTSTRAP_CONFIG=/opt/docker/config/identity-bootstrap.conf
- STASIS_IDENTITY_LOGLEVEL=DEBUG
- STASIS_IDENTITY_SERVICE_API_INTERFACE=0.0.0.0
- STASIS_IDENTITY_SERVICE_API_PORT=10000
- STASIS_IDENTITY_SERVICE_API_CONTEXT_KEYSTORE_PATH=/opt/docker/certs/identity.p12
- STASIS_IDENTITY_SERVICE_TELEMETRY_METRICS_INTERFACE=0.0.0.0
- STASIS_IDENTITY_SERVICE_TELEMETRY_METRICS_PORT=10001
- STASIS_IDENTITY_TOKENS_REFRESH_ALLOWED=true
- STASIS_IDENTITY_TOKENS_ACCESS_EXPIRATION=90 minutes
- STASIS_IDENTITY_UI_DEV_CLIENT_ID=a928359a-e2ee-4db7-9307-8071b2a1c756
- STASIS_IDENTITY_UI_DEV_REDIRECT_URI=http://localhost:8080/login/callback
- STASIS_IDENTITY_UI_DEV_CLIENT_SECRET=test-secret
- STASIS_SERVER_UI_DEV_CLIENT_ID=f8033019-6a7b-46b5-9bda-f2cd240b5538
- STASIS_SERVER_UI_DEV_REDIRECT_URI=http://localhost:9090/login/callback
- STASIS_SERVER_UI_DEV_CLIENT_SECRET=test-secret
- STASIS_SMOKE_TEST_CLIENT_ID=1068208a-3cd7-4121-bad7-050dee3b4494
- STASIS_SMOKE_TEST_CLIENT_NODE_ID=ef1e47e0-3a55-492e-bf5d-3c09c10c394d
- STASIS_SMOKE_TEST_CLIENT_SECRET=test-secret
- STASIS_IDENTITY_UI_DEV_MASTER_PASSWORD=passw0rd
- STASIS_IDENTITY_UI_DEV_OWNER_PASSWORD=passw0rd
- STASIS_SERVER_DEV_CLIENT_ID=1c31bd67-cb22-416f-9358-afb5485bca2c
- STASIS_SERVER_DEV_CLIENT_SECRET=test-server-secret
- STASIS_SERVER_DEV_TEST_NODE_CLIENT_ID=b4885566-dd69-4b7f-be7f-0568611d1a20
- STASIS_SERVER_DEV_TEST_NODE_CLIENT_SECRET=test-secret
- STASIS_SERVER_DEV_TEST_USER_ID=b21c3f0c-0133-4fb5-883d-95ad3aaa1740
- STASIS_PRIMARY_CLIENT_DEV_CLIENT_ID=d28c5a09-419d-45ff-ad0d-c29faab14f81
- STASIS_PRIMARY_CLIENT_DEV_CLIENT_NODE_ID=1771f509-8020-4f9b-b4a3-0101e66068de
- STASIS_PRIMARY_CLIENT_DEV_CLIENT_SECRET=test-secret
- STASIS_SECONDARY_CLIENT_DEV_CLIENT_ID=13b7c5c5-f625-4dd8-b0c1-704d1fdc1bfa
- STASIS_SECONDARY_CLIENT_DEV_CLIENT_NODE_ID=744395cd-9084-4c81-89ba-e81c96004223
- STASIS_SECONDARY_CLIENT_DEV_CLIENT_SECRET=test-secret
- STASIS_SERVER_DEV_MANAGEMENT_USER_PASSWORD=manage-passw0rd
- STASIS_MOBILE_CLIENT_DEV_CLIENT_ID=22682c16-0184-40a5-9611-ecb304122a02
- STASIS_MOBILE_CLIENT_DEV_CLIENT_NODE_ID=ecdd5f59-acaa-4d15-b74b-9fdb57583917
- STASIS_MOBILE_CLIENT_DEV_CLIENT_SECRET=mobile-secret
- STASIS_IDENTITY_UI_DEV_MOBILE_USER_PASSWORD=passw0rd
- STASIS_SERVER_DEV_MOBILE_USER_ID=10ef373e-9c79-4066-8341-856db37b9e00
- AKKA_HTTP_CORS_ALLOWED_ORIGINS=*
volumes:
- ./config/identity-bootstrap.conf:/opt/docker/config/identity-bootstrap.conf
- ./secrets/identity.p12:/opt/docker/certs/identity.p12
identity-ui:
image: stasis-identity-ui:dev-latest
ports:
- '8080:8080'
environment:
- IDENTITY_UI_IDENTITY_SERVER=https://localhost:10000
- IDENTITY_UI_TOKEN_ENDPOINT=/oauth/token
- IDENTITY_UI_CLIENT_ID=a928359a-e2ee-4db7-9307-8071b2a1c756
- IDENTITY_UI_REDIRECT_URI=http://localhost:8080/login/callback
- IDENTITY_UI_SCOPES=urn:stasis:identity:audience:manage-identity
- IDENTITY_UI_PASSWORD_DERIVATION_ENABLED=false
- NGINX_SERVER_NAME=localhost
- NGINX_SERVER_PORT=8080
- NGINX_CORS_ALLOWED_ORIGIN=*
server:
image: stasis-server:dev-latest
ports:
- '20000:20000' # API
- '20001:20001' # Core
- '20002:20002' # Bootstrap
- '20003:20003' # Prometheus
environment:
- STASIS_SERVER_SERVICE_BOOTSTRAP_ENABLED=true
- STASIS_SERVER_SERVICE_BOOTSTRAP_CONFIG=/opt/docker/config/server-bootstrap.conf
- STASIS_SERVER_LOGLEVEL=DEBUG
- STASIS_SERVER_SERVICE_API_INTERFACE=0.0.0.0
- STASIS_SERVER_SERVICE_API_PORT=20000
- STASIS_SERVER_SERVICE_API_CONTEXT_KEYSTORE_PATH=/opt/docker/certs/server.p12
- STASIS_SERVER_SERVICE_CORE_INTERFACE=0.0.0.0
- STASIS_SERVER_SERVICE_CORE_PORT=20001
- STASIS_SERVER_SERVICE_TELEMETRY_METRICS_INTERFACE=0.0.0.0
- STASIS_SERVER_SERVICE_TELEMETRY_METRICS_PORT=20003
- STASIS_SERVER_CREDENTIALS_MANAGERS_IDENTITY_URL=https://identity:10000
- STASIS_SERVER_CREDENTIALS_MANAGERS_IDENTITY_MANAGEMENT_USER=server-management-user
- STASIS_SERVER_CREDENTIALS_MANAGERS_IDENTITY_MANAGEMENT_USER_PASSWORD=manage-passw0rd
- STASIS_SERVER_CREDENTIALS_MANAGERS_IDENTITY_MANAGEMENT_SCOPE=urn:stasis:identity:audience:manage-identity
- STASIS_SERVER_CREDENTIALS_MANAGERS_IDENTITY_CONTEXT_ENABLED=true
- STASIS_SERVER_CREDENTIALS_MANAGERS_IDENTITY_CONTEXT_TRUSTSTORE_PATH=/opt/docker/certs/identity.p12
- STASIS_SERVER_BOOTSTRAP_API_INTERFACE=0.0.0.0
- STASIS_SERVER_BOOTSTRAP_API_PORT=20002
- STASIS_SERVER_BOOTSTRAP_DEVICES_PARAMETERS_SERVER_API_URL=https://server:20000
- STASIS_SERVER_BOOTSTRAP_DEVICES_PARAMETERS_SERVER_API_CONTEXT_ENABLED=true
- STASIS_SERVER_BOOTSTRAP_DEVICES_PARAMETERS_SERVER_CORE_ADDRESS=https://server:20001
- STASIS_SERVER_BOOTSTRAP_DEVICES_PARAMETERS_SERVER_CORE_CONTEXT_ENABLED=true
- STASIS_SERVER_BOOTSTRAP_DEVICES_PARAMETERS_SECRETS_DERIVATION_AUTHENTICATION_ENABLED=false
- STASIS_SERVER_SERVICE_CORE_CONTEXT_KEYSTORE_PATH=/opt/docker/certs/server.p12
- STASIS_SERVER_CLIENTS_AUTHENTICATION_CONTEXT_ENABLED=true
- STASIS_SERVER_CLIENTS_AUTHENTICATION_CONTEXT_TRUSTSTORE_PATH=/opt/docker/certs/identity.p12
- STASIS_SERVER_AUTHENTICATORS_USERS_AUDIENCE=server-api
- STASIS_SERVER_AUTHENTICATORS_USERS_JWKS_ENDPOINT=https://identity:10000/jwks/jwks.json
- STASIS_SERVER_AUTHENTICATORS_NODES_AUDIENCE=b4885566-dd69-4b7f-be7f-0568611d1a20
- STASIS_SERVER_AUTHENTICATORS_NODES_JWKS_ENDPOINT=https://identity:10000/jwks/jwks.json
- STASIS_SERVER_AUTHENTICATORS_INSTANCE_TOKEN_ENDPOINT=https://identity:10000/oauth/token
- STASIS_SERVER_AUTHENTICATORS_INSTANCE_CLIENT_ID=1c31bd67-cb22-416f-9358-afb5485bca2c
- STASIS_SERVER_AUTHENTICATORS_INSTANCE_CLIENT_SECRET=test-server-secret
- STASIS_SERVER_AUTHENTICATORS_INSTANCE_USE_QUERY_STRING=true
- STASIS_SERVER_PERSISTENCE_STAGING_ENABLED=false
- STASIS_SERVER_PERSISTENCE_STAGING_STORE_TYPE=memory
- STASIS_SERVER_PERSISTENCE_STAGING_STORE_MEMORY_MAX_SIZE=1M
- STASIS_SERVER_DEV_PRIMARY_TEST_DEVICE_ID=519e0c7b-43d0-4df5-890a-dd0d86f56072
- STASIS_SERVER_DEV_PRIMARY_TEST_DEVICE_NODE_ID=1771f509-8020-4f9b-b4a3-0101e66068de
- STASIS_SERVER_DEV_SECONDARY_TEST_DEVICE_ID=7dee7457-da81-48bb-aae0-7cfdb1f827a8
- STASIS_SERVER_DEV_SECONDARY_TEST_DEVICE_NODE_ID=744395cd-9084-4c81-89ba-e81c96004223
- STASIS_SERVER_DEV_TEST_USER_ID=b21c3f0c-0133-4fb5-883d-95ad3aaa1740
- STASIS_SERVER_DEV_TEST_USER_SALT=d92beb8f7c3b
- STASIS_SMOKE_TEST_CLIENT_NODE_ID=ef1e47e0-3a55-492e-bf5d-3c09c10c394d
- STASIS_SERVER_DEV_MOBILE_DEVICE_ID=570c237e-0507-47d7-b90b-8a9a3947fcbc
- STASIS_SERVER_DEV_MOBILE_USER_ID=10ef373e-9c79-4066-8341-856db37b9e00
- STASIS_SERVER_DEV_MOBILE_USER_SALT=7e9b9db3dfe6
- STASIS_SERVER_DEV_MOBILE_DEVICE_NODE_ID=ecdd5f59-acaa-4d15-b74b-9fdb57583917
- AKKA_HTTP_PARSING_MAX_CONTENT_LENGTH=4G
- AKKA_HTTP_CORS_ALLOWED_ORIGINS=*
volumes:
- ./config/server-bootstrap.conf:/opt/docker/config/server-bootstrap.conf
- ./secrets/identity.p12:/opt/docker/certs/identity.p12
- ./secrets/server.p12:/opt/docker/certs/server.p12
server-ui:
image: stasis-server-ui:dev-latest
ports:
- '9090:9090'
environment:
- SERVER_UI_SERVER_API=http://localhost:20000
- SERVER_UI_BOOTSTRAP_API=http://localhost:20002
- SERVER_UI_AUTHORIZATION_ENDPOINT=http://localhost:8080/login/authorize
- SERVER_UI_TOKEN_ENDPOINT=http://localhost:10000/oauth/token
- SERVER_UI_CLIENT_ID=f8033019-6a7b-46b5-9bda-f2cd240b5538
- SERVER_UI_REDIRECT_URI=http://localhost:9090/login/callback
- SERVER_UI_SCOPES=urn:stasis:identity:audience:server-api
- SERVER_UI_PASSWORD_DERIVATION_ENABLED=false
- SERVER_UI_DERIVATION_SALT_PREFIX=changeme
- NGINX_SERVER_NAME=localhost
- NGINX_SERVER_PORT=9090
- NGINX_CORS_ALLOWED_ORIGIN=*
primary-client:
image: stasis-client-cli:dev-latest
command: tail -F /opt/docker/bin/logs/client.log
tty: true
environment:
- STASIS_CLIENT_LOGLEVEL=INFO
- STASIS_CLIENT_API_HTTP_INTERFACE=localhost
- STASIS_CLIENT_API_HTTP_PORT=9090
- STASIS_CLIENT_API_HTTP_CONTEXT_ENABLED=true
- STASIS_CLIENT_API_HTTP_CONTEXT_KEYSTORE_PATH=/home/demiourgos728/.config/stasis-client/certs/client.p12
- STASIS_CLIENT_API_INIT_INTERFACE=localhost
- STASIS_CLIENT_API_INIT_PORT=9091
- STASIS_CLIENT_API_INIT_CONTEXT_ENABLED=true
- STASIS_CLIENT_API_INIT_CONTEXT_KEYSTORE_PATH=/home/demiourgos728/.config/stasis-client/certs/client.p12
- STASIS_CLIENT_SERVER_AUTHENTICATION_TOKEN_ENDPOINT=https://identity:10000/oauth/token
- STASIS_CLIENT_SERVER_AUTHENTICATION_CLIENT_ID=d28c5a09-419d-45ff-ad0d-c29faab14f81
- STASIS_CLIENT_SERVER_AUTHENTICATION_CLIENT_SECRET=test-secret
- STASIS_CLIENT_SERVER_AUTHENTICATION_USE_QUERY_STRING=true
- STASIS_CLIENT_SERVER_AUTHENTICATION_SCOPES_API=urn:stasis:identity:audience:server-api
- STASIS_CLIENT_SERVER_AUTHENTICATION_SCOPES_CORE=urn:stasis:identity:audience:b4885566-dd69-4b7f-be7f-0568611d1a20
- STASIS_CLIENT_SERVER_AUTHENTICATION_CONTEXT_ENABLED=true
- STASIS_CLIENT_SERVER_AUTHENTICATION_CONTEXT_TRUSTSTORE_PATH=/home/demiourgos728/.config/stasis-client/certs/identity.p12
- STASIS_CLIENT_SERVER_API_URL=https://server:20000
- STASIS_CLIENT_SERVER_API_USER=b21c3f0c-0133-4fb5-883d-95ad3aaa1740
- STASIS_CLIENT_SERVER_API_USER_SALT=d92beb8f7c3b
- STASIS_CLIENT_SERVER_API_DEVICE=519e0c7b-43d0-4df5-890a-dd0d86f56072
- STASIS_CLIENT_SERVER_API_CONTEXT_ENABLED=true
- STASIS_CLIENT_SERVER_API_CONTEXT_TRUSTSTORE_PATH=/home/demiourgos728/.config/stasis-client/certs/server.p12
- STASIS_CLIENT_SERVER_CORE_ADDRESS=https://server:20001
- STASIS_CLIENT_SERVER_CORE_NODE_ID=1771f509-8020-4f9b-b4a3-0101e66068de
- STASIS_CLIENT_SERVER_CORE_CONTEXT_ENABLED=true
- STASIS_CLIENT_SERVER_CORE_CONTEXT_TRUSTSTORE_PATH=/home/demiourgos728/.config/stasis-client/certs/server.p12
- STASIS_CLIENT_OPS_BACKUP_RULES_FILE=client.rules
- STASIS_CLIENT_OPS_BACKUP_MAX_CHUNK_SIZE=8K
- STASIS_CLIENT_OPS_BACKUP_MAX_PART_SIZE=128M
- STASIS_CLIENT_OPS_SCHEDULING_SCHEDULES_FILE=client.schedules
- STASIS_CLIENT_OPS_SCHEDULING_MIN_DELAY=30 seconds
- STASIS_CLIENT_OPS_SCHEDULING_MAX_EXTRA_DELAY=5 minutes
- STASIS_CLIENT_OPS_MONITORING_INTERVAL=10 seconds
volumes:
- ./secrets/localhost.p12:/home/demiourgos728/.config/stasis-client/certs/client.p12
- ./secrets/identity.p12:/home/demiourgos728/.config/stasis-client/certs/identity.p12
- ./secrets/server.p12:/home/demiourgos728/.config/stasis-client/certs/server.p12
- ./config/client.conf:/home/demiourgos728/.config/stasis-client/client.conf
- ./config/client.rules:/home/demiourgos728/.config/stasis-client/client.rules
- ./config/client.schedules:/home/demiourgos728/.config/stasis-client/client.schedules
- ./secrets/client.secret:/home/demiourgos728/.config/stasis-client/device-secret
secondary-client:
image: stasis-client-cli:dev-latest
command: tail -F /opt/docker/bin/logs/client.log
tty: true
prometheus:
image: prom/prometheus
ports:
- "19090:9090"
volumes:
- ./config/prometheus:/etc/prometheus
grafana:
image: grafana/grafana
ports:
- "13000:3000"
volumes:
- ./config/grafana:/etc/grafana/provisioning
- ../grafana/dashboards/identity:/etc/grafana/provisioning/dashboards/identity
- ../grafana/dashboards/server:/etc/grafana/provisioning/dashboards/server
- ../grafana/dashboards/jvm:/etc/grafana/provisioning/dashboards/jvm