Skip to content

Commit

Permalink
Add pid-issuer to docker-compose.
Browse files Browse the repository at this point in the history
  • Loading branch information
@dzarras
dzarras committed Nov 20, 2023
1 parent 80e9112 commit a612e7b
Show file tree
Hide file tree
Showing 2 changed files with 33 additions and 0 deletions.
25 changes: 25 additions & 0 deletions docker-compose/docker-compose.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -65,6 +65,29 @@ services:
networks:
- default

pid-issuer:
image: ghcr.io/eu-digital-identity-wallet/eudi-srv-pid-issuer:edge
pull_policy: always
container_name: pid-issuer
depends_on:
keycloak:
condition: service_healthy
environment:
- SPRING_PROFILES_ACTIVE=insecure
- SPRING_WEBFLUX_BASE_PATH=/pid-issuer
- SPRING_SECURITY_OAUTH2_RESOURCESERVER_OPAQUETOKEN_CLIENT_ID=pid-issuer-srv
- SPRING_SECURITY_OAUTH2_RESOURCESERVER_OPAQUETOKEN_CLIENT_SECRET=zIKAV9DIIIaJCzHCVBPlySgU8KgY68U2
- ISSUER_PUBLICURL=https://localhost/pid-issuer
- ISSUER_AUTHORIZATIONSERVER=https://localhost/idp/realms/pid-issuer-realm
- ISSUER_AUTHORIZATIONSERVER_INTROSPECTION=https://keycloak:8443/idp/realms/pid-issuer-realm/protocol/openid-connect/token/introspect
- ISSUER_AUTHORIZATIONSERVER_USERINFO=https://keycloak:8443/idp/realms/pid-issuer-realm/protocol/openid-connect/userinfo
- ISSUER_PID_MSO_MDOC_ENABLED=true
- ISSUER_PID_SD_JWT_VC_ENABLED=true
- ISSUER_PID_SD_JWT_VC_DEFERRED=true
- ISSUER_PID_ISSUING_COUNTRY=GR
networks:
- default

haproxy:
image: haproxy:2.8.3
container_name: haproxy
Expand All @@ -74,6 +97,8 @@ services:
depends_on:
keycloak:
condition: service_healthy
pid-issuer:
condition: service_started
volumes:
- ./haproxy/haproxy.conf:/usr/local/etc/haproxy/haproxy.cfg
- ./haproxy/certs/:/etc/ssl/certs/
Expand Down
8 changes: 8 additions & 0 deletions docker-compose/haproxy/haproxy.conf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,16 +20,24 @@ defaults
frontend all_http_frontend
bind 0.0.0.0:80
use_backend keycloak-backend if { path_beg /idp }
use_backend pid-issuer-backend if { path_beg /pid-issuer }

frontend all_https_frontend
bind 0.0.0.0:443 ssl crt /etc/ssl/certs/localhost.tls.pem
use_backend keycloak-backend if { path_beg /idp }
use_backend pid-issuer-backend if { path_beg /pid-issuer }

backend keycloak-backend
balance roundrobin
cookie SERVERUSED insert indirect nocache
option forwarded proto host by by_port for
server server1 keycloak:8080 cookie server1

backend pid-issuer-backend
balance roundrobin
cookie SERVERUSED insert indirect nocache
option forwarded proto host by by_port for
server server1 pid-issuer:8080 cookie server1

backend no-match
http-request deny deny_status 404

0 comments on commit a612e7b

Please sign in to comment.