From 72d21c65dbe185a5f45ae388c2490b98170abfdc Mon Sep 17 00:00:00 2001
From: Jonathan Dahan <git@jonathan.is>
Date: Tue, 7 Nov 2023 19:03:46 -0500
Subject: [PATCH] mess with ports

---
 env.template               |  2 +-
 services/auth.yaml         | 14 +++++++++++---
 services/auth/Proxyfile    |  5 +++--
 services/web/Containerfile |  4 ++--
 4 files changed, 17 insertions(+), 8 deletions(-)

diff --git a/env.template b/env.template
index 6e640f2..2934934 100644
--- a/env.template
+++ b/env.template
@@ -1,5 +1,5 @@
 DOMAIN=localhost
 
-SMTP_USERNAME=admin
+SMTP_USER=admin
 SMTP_HOST=localhost
 SMTP_PORT=587
diff --git a/services/auth.yaml b/services/auth.yaml
index 087cc36..494e6ef 100644
--- a/services/auth.yaml
+++ b/services/auth.yaml
@@ -20,11 +20,19 @@ services:
       ZITADEL_DATABASE_COCKROACH_HOST: crdb
       ZITADEL_EXTERNALSECURE: true
       ZITADEL_EXTERNALDOMAIN: auth.${DOMAIN}
-      ZITADEL_EXTERNALPORT: 8321
+      ZITADEL_EXTERNALPORT: 443
       ZITADEL_WEBAUTHN_NAME: ${DOMAIN}
+      ZITADEL_FIRSTINSTANCE_ORG_NAME: basement
+      ZITADEL_FIRSTINSTANCE_ORG_HUMAN_USERNAME: ${ADMIN_USER}
+      ZITADEL_FIRSTINSTANCE_ORG_HUMAN_PASSWORD: ${ADMIN_PASS}
+      ZITADEL_DEFAULTINSTANCE_SMTPCONFIGURATION_FROM: basement
+      ZITADEL_DEFAULTINSTANCE_SMTPCONFIGURATION_FROMNAME: ${DOMAIN}
+      ZITADEL_DEFAULTINSTANCE_SMTPCONFIGURATION_SMTP_HOST: "${SMTP_HOST}:${SMTP_PORT}"
+      ZITADEL_DEFAULTINSTANCE_SMTPCONFIGURATION_SMTP_USER: ${SMTP_USER}
+      ZITADEL_DEFAULTINSTANCE_SMTPCONFIGURATION_SMTP_PASSWORD: ${SMTP_PASS}
     secrets:
       - MASTER_KEY
-    command: "start-from-init --masterkeyFile /run/secrets/MASTER_KEY --tlsMode disabled"
+    command: "start-from-init --masterkeyFile /run/secrets/MASTER_KEY --tlsMode external"
     depends_on:
       generate-secrets:
         condition: 'service_completed_successfully'
@@ -33,7 +41,7 @@ services:
       crdb:
         condition: 'service_healthy'
     ports:
-      - '8321:8080'
+      - '8080:8080'
 
   crdb:
     restart: unless-stopped
diff --git a/services/auth/Proxyfile b/services/auth/Proxyfile
index 9a45724..656cb41 100644
--- a/services/auth/Proxyfile
+++ b/services/auth/Proxyfile
@@ -1,3 +1,4 @@
-auth.{$DOMAIN} {
-	reverse_proxy zitadel:8321
+auth.{$DOMAIN}:443 {
+    reverse_proxy zitadel:8080
+    tls internal
 }
diff --git a/services/web/Containerfile b/services/web/Containerfile
index 2311967..84e1d19 100644
--- a/services/web/Containerfile
+++ b/services/web/Containerfile
@@ -1,8 +1,8 @@
-FROM caddy:2.7.5-builder-alpine AS builder
+FROM caddy:builder-alpine AS builder
 
 RUN xcaddy build \
     --with github.com/mholt/caddy-webdav
 
-FROM caddy:latest
+FROM caddy:alpine
 
 COPY --from=builder /usr/bin/caddy /usr/bin/caddy