forked from hpi-schul-cloud/schulcloud-authorization-server
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdocker-compose.yml
57 lines (50 loc) · 1.31 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
version: '3.7'
services:
hydra-postgres:
image: postgres:9.6
environment:
- POSTGRES_USER
- POSTGRES_PASSWORD
- POSTGRES_DB
ports:
- 5432:5432
volumes:
- data-hydra:/var/lib/postgresql/data
restart: always
hydra-migrate-database:
image: oryd/hydra:${HYDRA_VERSION}
command: ["migrate", "sql", "--yes", "$DSN"]
hydra-host:
image: oryd/hydra:${HYDRA_VERSION}
ports:
- ${PUBLIC_PORT}:9000
- ${ADMIN_PORT}:9001
hostname: hydra.localhost
external_links:
- nextcloud
environment:
- VIRTUAL_HOST=hydra.localhost
- SERVE_PUBLIC_PORT=9000
- SERVE_ADMIN_PORT=9001
- SECRETS_SYSTEM
- DSN
- URLS_LOGOUT
- URLS_POST_LOGOUT_REDIRECT
- URLS_SELF_ISSUER
- URLS_LOGIN=${SC_FRONTEND}/oauth2/login
- URLS_CONSENT=${SC_FRONTEND}/oauth2/consent
- TLS_ALLOW_TERMINATION_FROM
- OIDC_SUBJECT_IDENTIFIERS_ENABLED=public,pairwise
- OIDC_SUBJECT_IDENTIFIERS_PAIRWISE_SALT
depends_on:
- hydra-migrate-database
restart: on-failure
command: ["serve", "all", "${SERVE_PARAMS}"]
deploy:
replicas: 1
volumes:
data-hydra:
networks:
default:
name: schulcloudserver_schulcloud-server-network
external: true # to use if you want to use an existing network