-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdocker-compose.yml
More file actions
92 lines (76 loc) · 3.17 KB
/
docker-compose.yml
File metadata and controls
92 lines (76 loc) · 3.17 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
services:
mrwho-oidc:
image: ghcr.io/popicka70/mrwhooidc:latest
container_name: mrwho-oidc
depends_on:
mrwho-postgres:
condition: service_healthy
environment:
ASPNETCORE_ENVIRONMENT: ${ASPNETCORE_ENVIRONMENT:-Production}
ASPNETCORE_URLS: https://+:8443;http://+:8080
ConnectionStrings__authdb: Host=mrwho-postgres;Port=5432;Database=authdb;Username=oidc;Password=${POSTGRES_PASSWORD};Include Error Detail=false
ASPNETCORE_Kestrel__Certificates__Default__Path: /https/aspnetapp.pfx
ASPNETCORE_Kestrel__Certificates__Default__Password: ${CERT_PASSWORD}
Oidc__PublicBaseUrl: ${OIDC_PUBLIC_BASE_URL}
ForwardedHeaders__Enabled: ${FORWARDED_HEADERS_ENABLED:-true}
ForwardedHeaders__RequireHeaderSymmetry: ${FORWARDED_HEADERS_REQUIRE_HEADER_SYMMETRY:-false}
ForwardedHeaders__ForwardLimit: ${FORWARDED_HEADERS_FORWARD_LIMIT:-1}
ForwardedHeaders__UnsafeTrustAll: ${FORWARDED_HEADERS_UNSAFE_TRUST_ALL:-false}
ForwardedHeaders__EnforceHostAllowList: ${FORWARDED_HEADERS_ENFORCE_HOST_ALLOW_LIST:-false}
ForwardedHeaders__AllowedHosts__0: ${FORWARDED_HEADERS_ALLOWED_HOST_0:-}
ForwardedHeaders__AllowedHosts__1: ${FORWARDED_HEADERS_ALLOWED_HOST_1:-}
ForwardedHeaders__AllowedHosts__2: ${FORWARDED_HEADERS_ALLOWED_HOST_2:-}
ForwardedHeaders__KnownProxies__0: ${FORWARDED_HEADERS_KNOWN_PROXY_0:-}
ForwardedHeaders__KnownProxies__1: ${FORWARDED_HEADERS_KNOWN_PROXY_1:-}
ForwardedHeaders__KnownProxies__2: ${FORWARDED_HEADERS_KNOWN_PROXY_2:-}
ForwardedHeaders__KnownNetworks__0: ${FORWARDED_HEADERS_KNOWN_NETWORK_0:-}
ForwardedHeaders__KnownNetworks__1: ${FORWARDED_HEADERS_KNOWN_NETWORK_1:-}
Redis__Enabled: false
Redis__ConnectionString: ${REDIS_CONNECTION_STRING:-redis:6379,abortConnect=false}
Mail__Enabled: ${MAIL_ENABLED:-false}
Mail__SmtpHost: ${MAIL_SMTP_HOST:-}
Mail__SmtpPort: ${MAIL_SMTP_PORT:-587}
Mail__UseSsl: ${MAIL_SMTP_USE_SSL:-true}
Mail__FromAddress: ${MAIL_FROM_ADDRESS:-}
Mail__FromName: ${MAIL_FROM_NAME:-MrWhoOidc}
Mail__SmtpUsername: ${MAIL_SMTP_USERNAME:-}
Mail__SmtpPassword: ${MAIL_SMTP_PASSWORD:-}
Logging__LogLevel__Default: ${LOGGING_LEVEL:-Information}
Logging__LogLevel__Microsoft.AspNetCore: ${LOGGING_LEVEL_ASPNETCORE:-Warning}
Bootstrap__Token: ${BOOTSTRAP_TOKEN:-}
ports:
- "${OIDC_HTTPS_PORT:-8443}:8443"
- "${OIDC_HTTP_PORT:-8081}:8080"
volumes:
- ./certs:/https:ro
restart: unless-stopped
networks:
- edge
- internal
mrwho-postgres:
image: postgres:16-alpine
container_name: mrwho-postgres
environment:
POSTGRES_DB: authdb
POSTGRES_USER: oidc
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
volumes:
- postgres-data:/var/lib/postgresql/data
healthcheck:
test: ["CMD-SHELL", "pg_isready -U $$POSTGRES_USER -d $$POSTGRES_DB"]
interval: 10s
timeout: 5s
retries: 5
start_period: 10s
restart: unless-stopped
networks:
- internal
volumes:
postgres-data:
driver: local
networks:
edge:
driver: bridge
internal:
driver: bridge
internal: true