forked from UniconLabs/dockerized-idp-testbed
-
Notifications
You must be signed in to change notification settings - Fork 1
/
docker-compose.yml
98 lines (91 loc) · 2.27 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
version: "3.1"
services:
#This handles all of the http request to simple cert issues and both the SP and IdP can share the same ports.
httpd-proxy:
build: ./httpd-proxy/
ports:
- "80:80"
- "443:443"
depends_on:
- idp
- idp2
- sp
idp:
build:
context: ./idp/
args:
HOSTNAME_FOR_BROWSER: ${HOSTNAME_FOR_BROWSER:-idptestbed}
command: []
depends_on:
ldap:
condition: service_started
mysql:
condition: service_healthy
environment:
- JETTY_MAX_HEAP=64m
- JETTY_BROWSER_SSL_KEYSTORE_PASSWORD=password
- JETTY_BACKCHANNEL_SSL_KEYSTORE_PASSWORD=password
expose:
- "4443"
secrets:
- source: idp_backchannel
- source: idp_browser
- source: idp_encryption
- source: idp_signing
- source: idp_sealer
idp2:
build:
context: ./idp2/
args:
HOSTNAME_FOR_BROWSER: ${HOSTNAME_FOR_BROWSER:-idptestbed}
command: []
depends_on:
ldap:
condition: service_started
mysql:
condition: service_healthy
environment:
- JETTY_MAX_HEAP=64m
- JETTY_BROWSER_SSL_KEYSTORE_PASSWORD=password
- JETTY_BACKCHANNEL_SSL_KEYSTORE_PASSWORD=password
expose:
- "4443"
secrets:
- source: idp_backchannel
- source: idp_browser
- source: idp_encryption
- source: idp_signing
- source: idp_sealer
ldap:
build: ./ldap/
sp:
build:
context: ./sp3/
args:
HOSTNAME_FOR_BROWSER: ${HOSTNAME_FOR_BROWSER:-idptestbed}
secrets:
- source: sp_key
# for storage of generated ids by idp
mysql:
image: mysql:5.7.42
environment:
#- MYSQL_ROOT_PASSWORD=password
- MYSQL_ALLOW_EMPTY_PASSWORD=t
volumes:
- ./mysql/init.sql:/docker-entrypoint-initdb.d/01-shib.sql
healthcheck:
test: ["CMD-SHELL", "mysql shibboleth >/dev/null 2>&1 </dev/null"]
start_period: 10s
secrets:
idp_backchannel:
file: ./secrets/idp/idp-backchannel.p12
idp_browser:
file: ./secrets/idp/idp-browser.p12
idp_encryption:
file: ./secrets/idp/idp-encryption.key
idp_signing:
file: ./secrets/idp/idp-signing.key
idp_sealer:
file: ./secrets/idp/sealer.jks
sp_key:
file: ./secrets/sp/sp-key.pem