-
Notifications
You must be signed in to change notification settings - Fork 0
/
docker-compose.yml
168 lines (161 loc) · 5.74 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
version: '3.8'
services:
#
# The API that server configuration for the Dynamic Authenticator
#
dynamic-authenticator-api:
build: ./api
hostname: dynamic-authenticator-api
ports:
- "8080:8080"
environment:
NODE_ENV: 'production'
CONFIG_ENCRYPTION_KEY: $CONFIG_ENCRYPTION_KEY
#
# An SQL database used by the Curity Identity Server Provider 1
#
provider1-data:
image: postgres:13.2
hostname: dbserver1
volumes:
- ./idsvr/provider1/data-backup.sql:/docker-entrypoint-initdb.d/data-backup.sql
environment:
POSTGRES_USER: 'postgres'
POSTGRES_PASSWORD: 'Password1'
POSTGRES_DB: 'idsvr'
#
# A standalone instance of the Curity Identity Server Provider 1
#
provider1-idsvr:
image: curity.azurecr.io/curity/idsvr:latest
ports:
- "6750:6749"
- "8444:8443"
volumes:
- ./idsvr/license.json:/opt/idsvr/etc/init/license/license.json
- ./idsvr/provider1/config-backup.xml:/opt/idsvr/etc/init/config.xml
- ./idsvr/log4j2.xml:/opt/idsvr/etc/log4j2.xml
environment:
PASSWORD: 'Password1'
IDSVR_BASE_URL: "https://provider1.example.com:8444"
CALLBACK_BASE_URL: "https://login.example.com:8443"
LOGGING_LEVEL: 'DEBUG'
#
# An SQL database used by the Curity Identity Server Provider 2
#
provider2-data:
image: postgres:13.2
hostname: dbserver2
volumes:
- ./idsvr/provider2/data-backup.sql:/docker-entrypoint-initdb.d/data-backup.sql
environment:
POSTGRES_USER: 'postgres'
POSTGRES_PASSWORD: 'Password1'
POSTGRES_DB: 'idsvr'
#
# A standalone instance of the Curity Identity Server Provider 2
#
provider2-idsvr:
image: curity.azurecr.io/curity/idsvr:latest
ports:
- "6751:6749"
- "8445:8443"
volumes:
- ./idsvr/license.json:/opt/idsvr/etc/init/license/license.json
- ./idsvr/provider2/config-backup.xml:/opt/idsvr/etc/init/config.xml
- ./idsvr/log4j2.xml:/opt/idsvr/etc/log4j2.xml
environment:
PASSWORD: 'Password1'
IDSVR_BASE_URL: "https://provider2.example.com:8445"
CALLBACK_BASE_URL: "https://login.example.com:8443"
LOGGING_LEVEL: 'DEBUG'
#
# An SQL database used by the Curity Identity Server Provider 3
#
provider3-data:
image: postgres:13.2
hostname: dbserver3
volumes:
- ./idsvr/provider3/data-backup.sql:/docker-entrypoint-initdb.d/data-backup.sql
environment:
POSTGRES_USER: 'postgres'
POSTGRES_PASSWORD: 'Password1'
POSTGRES_DB: 'idsvr'
#
# A standalone instance of the Curity Identity Server Provider 3
#
provider3-idsvr:
image: curity.azurecr.io/curity/idsvr:latest
hostname: provider3.example.com
ports:
- "6752:6749"
- "8446:8443"
volumes:
- ./idsvr/license.json:/opt/idsvr/etc/init/license/license.json
- ./idsvr/provider3/config-backup.xml:/opt/idsvr/etc/init/config.xml
- ./idsvr/log4j2.xml:/opt/idsvr/etc/log4j2.xml
environment:
PASSWORD: 'Password1'
IDSVR_BASE_URL: "https://provider3.example.com:8446"
SAML_SP_URL: "https://login.example.com:8443/authn/authentication/dynamic-authenticator-saml"
LOGGING_LEVEL: 'DEBUG'
#
# An SQL database used by the Curity Identity Server Provider 4
#
provider4-data:
image: postgres:13.2
hostname: dbserver4
volumes:
- ./idsvr/provider4/data-backup.sql:/docker-entrypoint-initdb.d/data-backup.sql
environment:
POSTGRES_USER: 'postgres'
POSTGRES_PASSWORD: 'Password1'
POSTGRES_DB: 'idsvr'
#
# A standalone instance of the Curity Identity Server Provider 4
#
provider4-idsvr:
image: curity.azurecr.io/curity/idsvr:latest
hostname: provider4.example.com
ports:
- "6753:6749"
- "8447:8443"
volumes:
- ./idsvr/license.json:/opt/idsvr/etc/init/license/license.json
- ./idsvr/provider4/config-backup.xml:/opt/idsvr/etc/init/config.xml
- ./idsvr/log4j2.xml:/opt/idsvr/etc/log4j2.xml
environment:
PASSWORD: 'Password1'
IDSVR_BASE_URL: "https://provider4.example.com:8447"
SAML_SP_URL: "https://login.example.com:8443/authn/authentication/dynamic-authenticator-saml"
LOGGING_LEVEL: 'DEBUG'
#
# The instance of the Curity Identity Server that uses the Dynamic Authenticator
#
authenticator-demo-idsvr:
image: curity.azurecr.io/curity/idsvr:latest
hostname: login.example.com
ports:
- "6749:6749"
- "8443:8443"
volumes:
- ./idsvr/license.json:/opt/idsvr/etc/init/license/license.json
# basic setup with a username authenticator and debug action in place
- ./idsvr/main/config-backup.xml:/opt/idsvr/etc/init/01_config.xml
# dynamic authenticators for OIDC and SAML
- ./idsvr/main/oidc-dynamic-authenticator-config.xml:/opt/idsvr/etc/init/02_oidc-dynamic-authenticator-config.xml
- ./idsvr/main/saml-dynamic-authenticator-config.xml:/opt/idsvr/etc/init/02_saml-dynamic-authenticator-config.xml
# script to retrieve federation id from subject
- ./idsvr/main/transformation-procedure-get-federation-id.js:/opt/idsvr/etc/init/transformation-procedures/get-federation-id.js
# demo login flow for this deployment that uses the different dynamic authenticators and scripts
- ./idsvr/main/demo-login-config.xml:/opt/idsvr/etc/init/03_demo-login-config.xml
- ./idsvr/main/filter-procedure-login-demo.js:/opt/idsvr/etc/init/filter-procedures/authenticator/show-demo-login-authenticator-only.js
# log settings
- ./idsvr/log4j2.xml:/opt/idsvr/etc/log4j2.xml
environment:
IDSVR_BASE_URL: "https://login.example.com:8443"
PASSWORD: 'Password1'
LOGGING_LEVEL: 'DEBUG'
extra_hosts:
- provider1.example.com:host-gateway
- provider2.example.com:host-gateway