-
Notifications
You must be signed in to change notification settings - Fork 0
/
docker-compose.yml
169 lines (160 loc) · 8.56 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
services:
authserver:
image: ghcr.io/navikt/mock-oauth2-server:0.5.8
environment:
TZ: Europe/Oslo
SERVER_PORT: 6969
JSON_CONFIG: "{\"interactiveLogin\":true,\"tokenCallbacks\":[{\"issuerId\":\"azure\",\"tokenExpiry\":3600,\"requestMappings\":[{\"requestParam\":\"grant_type\",\"claims\":{\"aud\":[\"lydia-api\"],\"NAVident\":\"Z123456\",\"oid\":\"81e92e96-0b51-4896-9572-ca76521accdf\",\"preferred_username\":\"[email protected]\",\"name\":\"Test Testesen\",\"groups\":[\"ensuperbrukerGroupId\"]}}]}]}"
ports:
- "6969:6969"
azure:
container_name: azure
image: wiremock/wiremock
ports:
- "9090:8080"
volumes:
- ./stubs:/home/wiremock
postgres:
image: postgres:14
restart: always
environment:
POSTGRES_PASSWORD: test
ports:
- "5432:5432"
volumes:
- postgres-data:/var/lib/postgresql/data
zookeeper:
container_name: zookeeper
image: confluentinc/cp-zookeeper:7.2.2
ports:
- "2181:2181"
environment:
ZOOKEEPER_CLIENT_PORT: 2181
ZOOKEEPER_SERVER_ID: 1
ZOOKEEPER_SERVERS: zookeeper:2888:3888
TZ: Europe/Oslo
kafka:
image: confluentinc/cp-kafka:7.2.2
depends_on:
- zookeeper
ports:
- "9093:9093"
- "9092:9092"
environment:
KAFKA_AUTO_LEADER_REBALANCE_ENABLE: false
KAFKA_GROUP_INITIAL_REBALANCE_DELAY_MS: 1
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
KAFKA_LISTENERS: PLAINTEXT://0.0.0.0:9093,BROKER://0.0.0.0:9092
KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: BROKER:PLAINTEXT,PLAINTEXT:PLAINTEXT
KAFKA_INTER_BROKER_LISTENER_NAME: BROKER
KAFKA_BROKER_ID: 1
KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 1
KAFKA_OFFSETS_TOPIC_NUM_PARTITIONS: 1
KAFKA_TRANSACTION_STATE_LOG_REPLICATION_FACTOR: 1
KAFKA_TRANSACTION_STATE_LOG_MIN_ISR: 1
KAFKA_ADVERTISED_LISTENERS: PLAINTEXT://kafka:9093,BROKER://kafka:9092
TZ: Europe/Oslo
backend:
build:
context: .
depends_on:
- postgres
- kafka
- authserver
ports:
- "8080:8080"
- "5005:5005"
environment:
# Postgres env
NAIS_DATABASE_LYDIA_API_LYDIA_API_DB_HOST: postgres
NAIS_DATABASE_LYDIA_API_LYDIA_API_DB_PORT: 5432
NAIS_DATABASE_LYDIA_API_LYDIA_API_DB_USERNAME: postgres
NAIS_DATABASE_LYDIA_API_LYDIA_API_DB_PASSWORD: test
NAIS_DATABASE_LYDIA_API_LYDIA_API_DB_DATABASE: postgres
# Authserver env
AZURE_APP_CLIENT_ID: lydia-api
AZURE_OPENID_CONFIG_TOKEN_ENDPOINT: http://host.docker.internal:6969/azure/token
AZURE_APP_JWK: >
{
"p": "5E2G6sOsbC6oBwx-EiRotMLYfVqOmzvRKxe2_hiquWQxg8bhVTf2XkqLPsHZB3Zy36pQlBghljW7Eti72tkA6oDwaTBkHaL_FVs2xzHHKPfh2j1XQxhr8VriPKNVGIr3ueRRGlIMKd3shwcpkB9fHrcN9BIl-Ml2VT5cZmtYGL8",
"kty": "RSA",
"q": "yYdq__td3d5COnjmYOzZiw-Nqr83m2SfF5nToey-HM3Za2BSqQLBC2Xy7Sefo7FA-9GzG76Wd3Yp6ofP6Dzp93-kjtcVBBoppJSYKzvC11L0rdsV3kVd7iRxP1MLqSO2DY6CHRpOk2YxqgskGt3-IKwZ9p3sYGEMH8iAuT1V0Wc",
"d": "boLVdxUVZNCOiGQqaNMxYROupjqkwBbCD2JujIVLgRvgPRSqFLeWkttAVn6ekXT3vxss8VNwQkMXuDhfuy2MQjlfXPFfDM4go5Ec7ZMxmhzXsP-tnS-jaVC0MWsNsZyBVJuxmlxsqY5vt8A8vrYhatO82w6D_tWqkPdQkupyL6-U_u8ikxMMo0SmD3OYAzVhgvrnfinh7itGrmgo9xqEt5IjFJ9f1BFy21o5YA0LReNeaOrMYhZoUIQAjcTpFgEsU5vORT8boXIN3_Bbby32_xlizXBtXlWxWRMN0k3EuzSPar8QvAXdBZf8GsARoSrbfqBtDKQyp94tl5bCH5XIiQ",
"e": "AQAB",
"use": "sig",
"kid": "azure",
"qi": "Hu7hgJvc5XvFf6OZeHbYkKEgwttO-INjMVSWvBCR89KKN2Njy8e7zAu7T25YuVxbxtLAvwg-sA-ZtELH28DQhR7AnNmJkh_r0IWuOUHROMrCO2iix9Jl1xrCPanQLGx9iTS7LltaYO5jrv9GGYmFBqIvGByKxI7FytgeXhh2NLk",
"dp": "odtw_nnRgTUmvTCXJMeZUCYfk-ei2N10ssdyXf0g9KTbEeDrGh691SWmSMzn0Ami8X1u-T-OeE8JnRf5PvPAWYEmcHz1TamkjQCI-noJB7uN7Mq2VgQ3avqTEIh_qRHFBY6gDTgEFZ6XtTdXuSz0o_MFuncvYo16Dn9SxO3vnEM",
"dq": "GugXoyG-gJbiJMhridlVmjlzYq6xD_A5RX9mQCJJp7LcKnfr0WDqwUjVTFCUAdjyoix3S2cA0-ZU5llHquwnGMJUCDYzOh78HFsyjeMmunT68hNkMg704YzACgJedjCsZ9b1DEms4AUu8FMYePXWrioMNV8UZjHO2pd8iD7mLFU",
"n": "s7mjPNyx4wtQ-ij0VIAvfooN9m2qgqidE7wJ50zAzmG2cS9Y9XpV09KJAAgP21RVQNqbxU3BCwltYD5bhsYSn-T5HZ7uXbjb9zgSY5XUM0TWGMV7qqdISWmHCH6-LYZGrJiN7ofDW3XGINsRlxj3gZbSuSNnXdbreOC97wT5i-qVxWt9xhobB60Jjf3gNiA3XMaOGyE47Ty-6WMH_zs_sENWXQ0eGoD58DROqbF1CUb_9ppubK9nU4Sjo0ih57J14n8aKZVEWg4uN02Gv0TL1ratvyDTwRZrtKprfgFBzylxtV2zkvhETsi7zkrzjsrv4v8hap6V32NgXc8E1xDj2Q"
}
AZURE_OPENID_CONFIG_ISSUER: http://host.docker.internal:6969/azure
AZURE_OPENID_CONFIG_JWKS_URI: http://host.docker.internal:6969/azure/jwks
AZURE_GRAPH_URL: http://host.docker.internal:9090/v1.0
FIA_SUPERBRUKER_GROUP_ID: ensuperbrukerGroupId
FIA_SAKSBEHANDLER_GROUP_ID: ensaksbehandlerGroupId
FIA_LESETILGANG_GROUP_ID: enlesetilgangGroupId
TEAM_PIA_GROUP_ID: enTeamPiaGroupId
# Kafka env
KAFKA_BROKERS: "BROKER://kafka:9092,PLAINTEXT://kafka:9092"
KAFKA_TRUSTSTORE_PATH: ""
KAFKA_KEYSTORE_PATH: ""
KAFKA_CREDSTORE_PASSWORD: ""
# Backend spesifikk env
CONSUMER_LOOP_DELAY: 1
SSB_NARINGS_URL: /naringmock/api/klass/v1/30/json
NAIS_CLUSTER_NAME: "lokal"
# Spesifikk for remote debugging
JAVA_TOOL_OPTIONS: -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005
frontend:
platform: linux/amd64
image: ghcr.io/navikt/lydia-radgiver-frontend:latest
depends_on:
- backend
- redis
ports:
- "3000:3000"
environment:
REDIS_URI_FIASESSIONS: redis://redis:6379
REDIS_USERNAME_FIASESSIONS: brukernavn
REDIS_PASSWORD_FIASESSIONS: passord
NAIS_CLUSTER_NAME: dev
SESSION_SECRET: secret
OBO_TOKEN_ENC_KEY: bogus
NAIS_NAMESPACE: pia
LYDIA_API_URI: http://backend:8080
SERVER_PORT: 3000
AZURE_OPENID_CONFIG_JWKS_URI: http://host.docker.internal:6969/azure/jwks
AZURE_APP_CLIENT_ID: lydia-api
AZURE_APP_CLIENT_SECRET: secret
AZURE_OPENID_CONFIG_ISSUER: http://host.docker.internal:6969/azure
AZURE_OPENID_CONFIG_TOKEN_ENDPOINT: http://host.docker.internal:6969/azure/token
FIA_SUPERBRUKER_GROUP_ID: ensuperbrukerGroupId
FIA_SAKSBEHANDLER_GROUP_ID: ensaksbehandlerGroupId
FIA_LESETILGANG_GROUP_ID: enlesetilgangGroupId
CSRF_SECRET: csrfHemmelighet
COOKIE_SECRET: cookieHemmelighet
redis:
image: redis:7-alpine
ports:
- 6379:6379
command: ["redis-server", "--user brukernavn on +@all ~* >passord"]
restart: unless-stopped
wonderwall:
image: ghcr.io/nais/wonderwall:latest
depends_on:
- authserver
ports:
- "2222:2222"
environment:
WONDERWALL_OPENID_CLIENT_ID: "lydia-api"
WONDERWALL_OPENID_CLIENT_JWK: '{"p":"_xCPvqs85ZZVg460Qfot26rQoNRPTOVDo5p4nqH3ep6BK_5TvoU5LFXd26W-1V1Lc5fcvvftClPOT201xgat4DVtliNtoc8od_tWr190A3AzbsAVFOx0nKa5uhLBxP9SsPM84llp6PXF6QTMGFiPYuoLDaQQqL1K4BbHq3ZzF2M","kty":"RSA","q":"7QLqW75zkfSDrn5rMoF50WXyB_ysNx6-2SvaXKGXaOn80IR7QW5vwkleJnsdz_1kr04rJws2p4HBJjUFfSJDi1Dapj7tbIwb0a1szDs6Y2fAa3DlzgXZCkoE2TIrW6UITgs14pI_a7RasclE71FpoZ78XNBvj3NmZugkNLBvRjs","d":"f7aT4poed8uKdcSD95mvbfBdb6X-M86d99su0c390d6gWwYudeilDugH9PMwqUeUhY0tdaRVXr6rDDIKLSE-uEyaYKaramev0cG-J_QWYJU2Lx-4vDGNHAE7gC99o1Ee_LXqMDCBawMYyVcSWx7PxGQfzhSsARsAIbkarO1sg9zsqPS4exSMbK8wyCTPgRbnkB32_UdZSGbdSib1jSYyyoAItZ8oZHiltVsZIlA97kS4AGPtozde043NC7Ik0uEzgB5qJ_tR7vW8MfDrBj6da2NrLh0UH-q28dooBO1vEu0rvKZIescXYk9lk1ZakHhhpZaLykDOGzxCpronzP3_kQ","e":"AQAB","use":"sig","qi":"9kMIR6pEoiwN3M6O0n8bnh6c3KbLMoQQ1j8_Zyir7ZIlmRpWYl6HtK0VnD88zUuNKTrQa7-jfE5uAUa0PubzfRqybACb4S3HIAuSQP00_yCPzCSRrbpGRDFqq-8eWVwI9VdiN4oqkaaWcL1pd54IDcHIbfk-ZtNtZgsOlodeRMo","dp":"VUecSAvI2JpjDRFxg326R2_dQWi6-uLMsq67FY7hx8WnOqZWKaUxcHllLENGguAmkgd8bv1F6-YJXNUO3Z7uE8DJWyGNTkSNK1CFsy0fBOdGywi-A7jrZFT6VBRhZRRY-YDaInPyzUkfWsGX26wAhPnrqCvqxgBEQJhdOh7obDE","alg":"RS256","dq":"7EUfw92T8EhEjUrRKkQQYEK0iGnGdBxePLiOshEUky3PLT8kcBHbr17cUJgjHBiKqofOVNnE3i9nkOMCWcAyfUtY7KmGndL-WIP-FYplpnrjQzgEnuENgEhRlQOCXZWjNcnPKdKJDqF4WAtAgSIznz6SbSQMUoDD8IoyraPFCck","n":"7CU8tTANiN6W_fD9SP1dK2vQvCkf7-nwvBYe5CfANV0_Bb0ZmQb77FVVsl1beJ7EYLz3cJmL8Is1RCHKUK_4ydqihNjEWTyZiQoj1i67pkqk_zRvfQa9raZR4uZbuBxx7dWUoPC6fFH2F_psAlHW0zf90fsLvhB6Aqq3uvO7XXqo8qNl9d_JSG0Rg_2QUYVb0WKmPVbbhgwtkFu0Tyuev-VZ9IzTbbr5wmZwEUVY7YAi73pDJkcZt5r2WjOF_cuIXe-O2vwbOrRgmJfHO9--mVLdATnEyrb6q2oy_75h6JjP-R4-TD1hyoFFoE2gmj-kSS6Z_Gggljs3Aw7--Nh10Q"}'
WONDERWALL_OPENID_WELL_KNOWN_URL: http://host.docker.internal:6969/azure/.well-known/openid-configuration
WONDERWALL_INGRESS: http://localhost:2222
WONDERWALL_BIND_ADDRESS: 0.0.0.0:2222
WONDERWALL_UPSTREAM_HOST: frontend:3000
WONDERWALL_AUTO_LOGIN: true
restart: on-failure
volumes:
postgres-data:
redis-cache: