diff --git a/docker/README.md b/docker/README.md new file mode 100644 index 0000000..3332f4f --- /dev/null +++ b/docker/README.md @@ -0,0 +1,6 @@ +# Run as docker comtainer + +To run this project as a docker container, simply download +[docker-compose.yml](./docker-compose.yml) and +[application.yml](./application.yml) to a location on your machine and +type `docker compose up -d`. diff --git a/docker/application.yml b/docker/application.yml new file mode 100644 index 0000000..7211e8d --- /dev/null +++ b/docker/application.yml @@ -0,0 +1,111 @@ +--- +logging: + level: + root: INFO + generiek: DEBUG + +server: + port: 8092 + error: + path: "/error" + include-message: always + servlet: + session: + tracking-modes: cookie + cookie: + secure: true + +spring: + jpa: + properties: + hibernate: + naming-strategy: org.hibernate.cfg.ImprovedNamingStrategy + # dialect: org.hibernate.dialect.PostgreSQL10Dialect + dialect: org.hibernate.dialect.H2Dialect + open-in-view: false + datasource: + driver-class-name: org.h2.Driver + url: jdbc:h2:file:./database/student-mobility + # driver-class-name: org.postgresql.Driver + # url: jdbc:postgresql://localhost:5432/mobility + # username: mobility_rw + # password: secret + flyway: + locations: classpath:db/{vendor}/migration + +config: + connection_timeout_millis: 20_000 + connection_pool_keep_alive_duration_millis: 300_000 + # Set to 0 to disable connection-pooling. If responses are slow, + # connection-pooling does not matter anyway + connection_pool_max_idle_connections: 256 + +features: + # Do we allow to mock the different scenario's - only allow on test + allow_playground: true + +# URL of the broker-gui to redirect back after authentication and the +# credentials of the broker-server to check against +broker: + url: "http://localhost:3003" + user: user + password: secret + service_registry_base_url: "http://localhost:8091" + +# Credentials of the SIS (e.g. Osiris) to check against when +# reporting back results +sis: + user: sis + password: secret + +# Details on which custom inteken implementation to call including credentials +backend: + url: "http://localhost:8093/intake" + api_user: user + api_password: secret + +oidc: + acr-context-class-ref: https://eduid.nl/trust/affiliation-student + client-id: student.mobility.rp.localhost + client-secret: secret + redirect-uri: http://localhost:8092/redirect_uri + authorization-uri: https://connect.test2.surfconext.nl/oidc/authorize + token-uri: https://connect.test2.surfconext.nl/oidc/token + jwk-set-uri: https://connect.test2.surfconext.nl/oidc/certs + jwk: + # The HTTP connect timeout for JWK set retrieval, in millisecond + connect-timeout: 1500 + # The HTTP read timeout for JWK set retrieval, in milliseconds + read-timeout: 1500 + # The HTTP entity size limit for JWK set retrieval, in bytes + size-limit: 153_600 + # authorization-uri: http://localhost:8080/oidc/authorize + # token-uri: http://localhost:8080/oidc/token + # jwk-set-uri: http://localhost:8080/oidc/certs + +management: + endpoints: + enabled-by-default: false + web: + exposure: + include: + - health + - info + base-path: "/internal" + endpoint: + health: + enabled: true + show-details: when_authorized + info: + enabled: true + info: + git: + mode: full + defaults: + enabled: true + +# used by the git plugin +info: + build: + artifact: "@project.artifactId@" + version: "@project.version@" diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml new file mode 100644 index 0000000..a8f321c --- /dev/null +++ b/docker/docker-compose.yml @@ -0,0 +1,11 @@ +# yamllint disable rule:line-length +--- +version: '3.8' +services: + intekenontvanger-generiek: + image: ghcr.io/surfnet/student-mobility-inteken-ontvanger-generiek/intekenontvanger-generiek:sha-66f2f1e + volumes: + - ${PWD}/application.yml:/application.yml + - ${PWD}/database:/database + ports: + - 8092:8092