-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathdocker-compose.yml
55 lines (52 loc) · 1.63 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
services:
# Authly itself
authly:
image: protojour/authly:dev
environment:
AUTHLY_UID: c865e85720e3c96feabdfe50c33acc75ac2069320de78d0d2c11497b092f1a8c
AUTHLY_BAO_TOKEN: theenigmaticbaobunofancientsecrets
AUTHLY_BAO_URL: http://openbao:8200
AUTHLY_HOSTNAME: authly
AUTHLY_K8S: 'false'
AUTHLY_CLUSTER_API_SECRET: ifyougetholdofthisclassifiedpieceofinformationiwillunfortunatelyhavetokillyou
AUTHLY_CLUSTER_RAFT_SECRET: donttellanybodyabouttheverysecretstring
AUTHLY_EXPORT_TLS_TO_ETC: 'true'
ports:
- 1443:443
volumes:
- authly-data:/var/lib/authly/data
- authly-certs:/etc/authly/certs
- testservice-identity:/etc/authly/service/s.f3e799137c034e1eb4cd3e4f65705932
- ../../.local/etc/cluster:/etc/authly/cluster:ro
- ../../examples/demo:/etc/authly/documents:ro
command: serve
healthcheck:
test: ["CMD", "/authly", "ready"]
retries: 10
interval: 2s
depends_on:
openbao:
condition: service_started
# Example supported secret store
openbao:
image: ghcr.io/openbao/openbao
environment:
# do not use this approach in production
BAO_DEV_ROOT_TOKEN_ID: theenigmaticbaobunofancientsecrets
command: server -dev
# Example service for verifying connection
testservice:
image: protojour/authly-testservice:dev
ports:
- 2443:443
volumes:
- authly-certs:/etc/authly/certs:ro
- testservice-identity:/etc/authly/identity:ro
depends_on:
authly:
condition: service_healthy
restart: true
volumes:
authly-data:
authly-certs:
testservice-identity: