75 lines
2.5 KiB
YAML
75 lines
2.5 KiB
YAML
version: '3'
|
|
services:
|
|
stackspin_proxy:
|
|
image: nginx:1.22.0
|
|
ports:
|
|
- "8081:8081"
|
|
volumes:
|
|
- ./proxy/default.conf:/etc/nginx/conf.d/default.conf
|
|
depends_on:
|
|
- kube_port_kratos_public
|
|
- flask_app
|
|
flask_app:
|
|
build: .
|
|
environment:
|
|
- FLASK_APP=app.py
|
|
- FLASK_ENV=development
|
|
- HYDRA_CLIENT_ID=dashboard-local
|
|
|
|
# Domain-specific URL settings
|
|
- HYDRA_AUTHORIZATION_BASE_URL=https://sso.$DOMAIN/oauth2/auth
|
|
- TOKEN_URL=https://sso.$DOMAIN/oauth2/token
|
|
- HYDRA_PUBLIC_URL=https://sso.$DOMAIN
|
|
|
|
# Local path overrides
|
|
- KRATOS_PUBLIC_URL=http://stackspin_proxy:8081/kratos
|
|
- KRATOS_ADMIN_URL=http://kube_port_kratos_admin:8000
|
|
- HYDRA_ADMIN_URL=http://kube_port_hydra_admin:4445
|
|
- LOGIN_PANEL_URL=http://stackspin_proxy:8081/web/
|
|
- DATABASE_URL=mysql+pymysql://stackspin:$DATABASE_PASSWORD@kube_port_mysql/stackspin
|
|
|
|
# ENV variables that are deployment-specific
|
|
- SECRET_KEY=$FLASK_SECRET_KEY
|
|
- HYDRA_CLIENT_SECRET=$HYDRA_CLIENT_SECRET
|
|
# - OAUTHLIB_INSECURE_TRANSPORT=1
|
|
ports:
|
|
- "5000:5000"
|
|
volumes:
|
|
- .:/app
|
|
depends_on:
|
|
- kube_port_mysql
|
|
entrypoint: ["bash", "-c", "flask run --host $$(hostname -i)"]
|
|
kube_port_kratos_admin:
|
|
image: bitnami/kubectl:1.24.2
|
|
user: "${KUBECTL_UID}:${KUBECTL_GID}"
|
|
expose:
|
|
- 8000
|
|
volumes:
|
|
- "$KUBECONFIG:/.kube/config"
|
|
entrypoint: ["bash", "-c", "kubectl -n stackspin port-forward --address $$(hostname -i) service/kratos-admin 8000:80"]
|
|
kube_port_hydra_admin:
|
|
image: bitnami/kubectl:1.24.2
|
|
user: "${KUBECTL_UID}:${KUBECTL_GID}"
|
|
expose:
|
|
- 4445
|
|
volumes:
|
|
- "$KUBECONFIG:/.kube/config"
|
|
entrypoint: ["bash", "-c", "kubectl -n stackspin port-forward --address $$(hostname -i) service/hydra-admin 4445:4445"]
|
|
kube_port_kratos_public:
|
|
image: bitnami/kubectl:1.24.2
|
|
user: "${KUBECTL_UID}:${KUBECTL_GID}"
|
|
ports:
|
|
- "8080:8080"
|
|
expose:
|
|
- 8080
|
|
volumes:
|
|
- "$KUBECONFIG:/.kube/config"
|
|
entrypoint: ["bash", "-c", "kubectl -n stackspin port-forward --address $$(hostname -i) service/kratos-public 8080:80"]
|
|
kube_port_mysql:
|
|
image: bitnami/kubectl:1.24.2
|
|
user: "${KUBECTL_UID}:${KUBECTL_GID}"
|
|
expose:
|
|
- 3306
|
|
volumes:
|
|
- "$KUBECONFIG:/.kube/config"
|
|
entrypoint: ["bash", "-c", "kubectl -n stackspin port-forward --address $$(hostname -i) service/single-sign-on-database-mariadb 3306:3306"]
|