03256f0f3b
useful for testing OIDC flow in localhost
90 lines
3.8 KiB
YAML
90 lines
3.8 KiB
YAML
version: "3.9"
|
|
services:
|
|
|
|
idhub1:
|
|
init: true
|
|
image: dkr-dsg.ac.upc.edu/trustchain-oc1-orchestral/idhub:latest
|
|
environment:
|
|
- DEBUG=true
|
|
- INITIAL_ADMIN_EMAIL=${IDHUB_PILOT_TEST__ADMIN_EMAIL}
|
|
- INITIAL_ADMIN_PASSWORD=${IDHUB_PILOT_TEST__ADMIN_PASSWORD}
|
|
- CREATE_TEST_USERS=true
|
|
- ENABLE_EMAIL=false
|
|
- ENABLE_2FACTOR_AUTH=false
|
|
- SECRET_KEY=${IDHUB_SECRET_KEY:-publicsecretisnotsecureVtmKBfxpVV47PpBCF2Nzz2H6qnbd}
|
|
- STATIC_ROOT=${IDHUB_STATIC_ROOT:-/static/}
|
|
- MEDIA_ROOT=${IDHUB_MEDIA_ROOT:-/media/}
|
|
- PORT=${IDHUB_PORT:-9001}
|
|
# only on localhost hostname did-resolve uses http endpoint
|
|
# and here we need it to very vcred of didweb
|
|
# $ docker run ghcr.io/spruceid/didkit-cli:latest did-resolve did:web:localhost:test
|
|
# Error sending HTTP request : error sending request for url (http://localhost/.well-known/did.json): error trying to connect: tcp connect error: Address not available (os error 99)
|
|
# version: 2023-04-24 10:21:58 ghcr.io/spruceid/didkit-cli@sha256:0e559663f962e2ced2fb4034e415f6b5dbdec57e85f69b546e7699ac6ba35219
|
|
- DOMAIN=${DOMAIN1:-localhost}
|
|
- DEFAULT_FROM_EMAIL=${IDHUB_DEFAULT_FROM_EMAIL}
|
|
- EMAIL_HOST=${IDHUB_EMAIL_HOST}
|
|
- EMAIL_HOST_USER=${IDHUB_EMAIL_HOST_USER}
|
|
- EMAIL_HOST_PASSWORD=${IDHUB_EMAIL_HOST_PASSWORD}
|
|
- EMAIL_PORT=${IDHUB_EMAIL_PORT}
|
|
- EMAIL_USE_TLS=${IDHUB_EMAIL_USE_TLS}
|
|
- EMAIL_BACKEND=${IDHUB_EMAIL_BACKEND}
|
|
- SUPPORTED_CREDENTIALS=['CourseCredential', 'EOperatorClaim', 'FederationMembership', 'FinancialVulnerabilityCredential', 'MembershipCard']
|
|
- SYNC_ORG_DEV=${IDHUB_SYNC_ORG_DEV}
|
|
- OIDC_ORGS=examples/organizations__instance_localhost-pair.csv
|
|
- OIDC_REDIRECT=true
|
|
#- OIDC_REDIRECT=false
|
|
- ALLOW_CODE_URI=http://localhost/oidc4vp/allow_code
|
|
ports:
|
|
- 9091:9001
|
|
volumes:
|
|
- ./idhub1__instance-localhost-pair:/opt/idhub
|
|
- sharedsecret:/sharedsecret:rw
|
|
# nginx manage proxypass to these docker containers
|
|
# inspired by https://stackoverflow.com/a/43541681
|
|
extra_hosts:
|
|
- 'localhost:host-gateway'
|
|
- 'idhub2:host-gateway'
|
|
|
|
idhub2:
|
|
init: true
|
|
image: dkr-dsg.ac.upc.edu/trustchain-oc1-orchestral/idhub:latest
|
|
environment:
|
|
- DEBUG=true
|
|
- INITIAL_ADMIN_EMAIL=${IDHUB_PILOT_TEST__ADMIN_EMAIL}
|
|
- INITIAL_ADMIN_PASSWORD=${IDHUB_PILOT_TEST__ADMIN_PASSWORD}
|
|
- CREATE_TEST_USERS=true
|
|
- ENABLE_EMAIL=false
|
|
- ENABLE_2FACTOR_AUTH=false
|
|
- SECRET_KEY=${IDHUB_SECRET_KEY:-publicsecretisnotsecureVtmKBfxpVV47PpBCF2Nzz2H6qnbd}
|
|
- STATIC_ROOT=${IDHUB_STATIC_ROOT:-/static/}
|
|
- MEDIA_ROOT=${IDHUB_MEDIA_ROOT:-/media/}
|
|
- PORT=${IDHUB_PORT:-9001}
|
|
- DOMAIN=${DOMAIN2:-idhub2}
|
|
- DEFAULT_FROM_EMAIL=${IDHUB_DEFAULT_FROM_EMAIL}
|
|
- EMAIL_HOST=${IDHUB_EMAIL_HOST}
|
|
- EMAIL_HOST_USER=${IDHUB_EMAIL_HOST_USER}
|
|
- EMAIL_HOST_PASSWORD=${IDHUB_EMAIL_HOST_PASSWORD}
|
|
- EMAIL_PORT=${IDHUB_EMAIL_PORT}
|
|
- EMAIL_USE_TLS=${IDHUB_EMAIL_USE_TLS}
|
|
- EMAIL_BACKEND=${IDHUB_EMAIL_BACKEND}
|
|
# only the one we support for OIDC flow, if we add more, it reaches a UX bug
|
|
- SUPPORTED_CREDENTIALS=['FinancialVulnerabilityCredential']
|
|
- SYNC_ORG_DEV=${IDHUB_SYNC_ORG_DEV}
|
|
- OIDC_ORGS=examples/organizations__instance_localhost-pair.csv
|
|
- OIDC_REDIRECT=true
|
|
#- OIDC_REDIRECT=false
|
|
- ALLOW_CODE_URI=http://idhub2/oidc4vp/allow_code
|
|
ports:
|
|
- 9092:9001
|
|
volumes:
|
|
- ./idhub2__instance-localhost-pair:/opt/idhub
|
|
- sharedsecret:/sharedsecret:rw
|
|
# nginx manage proxypass to these docker containers
|
|
# inspired by https://stackoverflow.com/a/43541681
|
|
extra_hosts:
|
|
- 'localhost:host-gateway'
|
|
- 'idhub2:host-gateway'
|
|
|
|
volumes:
|
|
sharedsecret:
|