-
Notifications
You must be signed in to change notification settings - Fork 0
/
docker-compose.test.yml
106 lines (96 loc) · 3.44 KB
/
docker-compose.test.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
version: '3'
services:
traefik:
image: traefik:v2.7
command:
- "--api.insecure=true"
- "--api.dashboard=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=true"
- "--entrypoints.web.address=:80"
- "--entrypoints.web-secure.address=:443"
ports:
- "80:80"
- "443:443"
- "8080:8080"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
database:
image: "postgres:14.0-alpine"
ports:
- "5432:5432"
environment:
- POSTGRES_USER=admin
- POSTGRES_PASSWORD=password
- POSTGRES_DB=users
crowsnest-auth-frontend:
build:
context: ./
dockerfile: Dockerfile-frontend
labels:
- traefik.http.routers.crowsnest-auth-frontend.rule=PathPrefix(`/auth`)
- traefik.http.services.crowsnest-auth-frontend.loadbalancer.server.port=80
crowsnest-auth:
restart: unless-stopped
depends_on:
- database
build:
context: ./
dockerfile: Dockerfile-backend
labels:
- traefik.http.routers.crowsnest-auth.rule=Path(`/auth/api/{case:[\/_a-z0-9]+}`)
- traefik.http.middlewares.auth-strip.stripprefix.prefixes=/auth/api
- traefik.http.routers.crowsnest-auth.middlewares=auth-strip
- traefik.http.middlewares.crowsnest-auth.forwardauth.address=http://crowsnest-auth/verify
- traefik.http.middlewares.crowsnest-auth.forwardauth.trustForwardHeader=true
- traefik.http.services.crowsnest-auth.loadbalancer.server.port=80
environment:
- USER_DATABASE_URL=postgresql://admin:password@database/users
- ACCESS_COOKIE_DOMAIN=localhost
- ACCESS_COOKIE_HTTPONLY=true
- ACCESS_TOKEN_EXPIRE_MINUTES=5
- ADMIN_USER_PASSWORD=password
- JWT_TOKEN_SECRET=thisisatokenofmyappreciation
- BASE_URL=/auth/api
admin:
image: containous/whoami:latest
labels:
- traefik.http.routers.admin.rule=Path(`/admin`)
- traefik.http.routers.admin.middlewares=crowsnest-auth
white:
image: containous/whoami:latest
labels:
- traefik.http.routers.white.rule=Path(`/white`)
- traefik.http.routers.white.middlewares=crowsnest-auth
depends_on:
- crowsnest-auth
black:
image: containous/whoami:latest
labels:
- traefik.http.routers.black.rule=Path(`/black`)
- traefik.http.routers.black.middlewares=crowsnest-auth
depends_on:
- crowsnest-auth
emqx:
image: emqx/emqx
labels:
- "traefik.http.routers.emqx-ws.rule=PathPrefix(`/mqtt`)"
- "traefik.http.routers.emqx-ws.service=emqx-ws"
- "traefik.http.services.emqx-ws.loadbalancer.server.port=8083"
ports:
- "18083:18083"
environment:
- EMQX_NAME=test-emqx
- EMQX_LOG__LEVEL=debug
- EMQX_LOG__TO=console
- EMQX_LOADED_PLUGINS="emqx_recon,emqx_retainer,emqx_management,emqx_dashboard,emqx_auth_jwt,emqx_auth_http"
- EMQX_AUTH__HTTP__AUTH_REQ__URL=http://crowsnest-auth/login
- EMQX_AUTH__HTTP__AUTH_REQ__METHOD=post
- EMQX_AUTH__HTTP__AUTH_REQ__HEADERS__CONTENT-TYPE=application/x-www-form-urlencoded
- EMQX_AUTH__HTTP__AUTH_REQ__PARAMS=username=%u,password=%P
- EMQX_AUTH__HTTP__ACL_REQ__URL=http://crowsnest-auth/verify_emqx
- EMQX_AUTH__HTTP__ACL_REQ__METHOD=get
- EMQX_AUTH__HTTP__ACL_REQ__PARAMS=username=%u,topic=%t
- EMQX_AUTH__JWT__SECRET=${JWT_TOKEN_SECRET}
- EMQX_AUTH__JWT__FROM=username
- EMQX_AUTH__JWT__VERIFY_CLAIMS=off