micro
/
woodbine.nyc
1
0
Fork 0
Code Issues 4 Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: micro:72d21c65dbe185a5f45ae388c2490b98170abfdc
Branches Tags
micro:main
micro:authelia
micro:caddy-docker-proxy
..
compare: micro:093c844366ca025fae7a779637ce3162255b716e
Branches Tags
micro:main
micro:authelia
micro:caddy-docker-proxy

No commits in common. '72d21c65dbe185a5f45ae388c2490b98170abfdc' and '093c844366ca025fae7a779637ce3162255b716e' have entirely different histories.
72d21c65db ... 093c844366

7 changed files with 9 additions and 26 deletions
Show Stats

2
env.template
Unescape View File

@ -1,5 +1,5 @@
DOMAIN=localhost
SMTP_USER=admin
SMTP_USERNAME=admin
SMTP_HOST=localhost
SMTP_PORT=587

4
readme.md
Unescape View File

@ -29,10 +29,6 @@ To stop all the containers, you can ctrl+c, or
./scripts/down
To generate secrets for all services
./scripts/secrets
## port forwarding
The caddy service expects to be able to bind to ports 80 and 443

4
scripts/generate-secrets
Unescape View File

@ -1,4 +0,0 @@
echo generating zitadel secrets; {
openssl rand -hex 16 | tr -d '\n' >! secrets/auth/zitadel/MASTER_KEY
openssl rand -hex 32 | tr -d '\n' >! secrets/auth/zitadel/STORAGE_PASSWORD
}

14
services/auth.yaml
Unescape View File

@ -20,19 +20,11 @@ services:
ZITADEL_DATABASE_COCKROACH_HOST: crdb
ZITADEL_EXTERNALSECURE: true
ZITADEL_EXTERNALDOMAIN: auth.${DOMAIN}
ZITADEL_EXTERNALPORT: 443
ZITADEL_EXTERNALPORT: 8321
ZITADEL_WEBAUTHN_NAME: ${DOMAIN}
ZITADEL_FIRSTINSTANCE_ORG_NAME: basement
ZITADEL_FIRSTINSTANCE_ORG_HUMAN_USERNAME: ${ADMIN_USER}
ZITADEL_FIRSTINSTANCE_ORG_HUMAN_PASSWORD: ${ADMIN_PASS}
ZITADEL_DEFAULTINSTANCE_SMTPCONFIGURATION_FROM: basement
ZITADEL_DEFAULTINSTANCE_SMTPCONFIGURATION_FROMNAME: ${DOMAIN}
ZITADEL_DEFAULTINSTANCE_SMTPCONFIGURATION_SMTP_HOST: "${SMTP_HOST}:${SMTP_PORT}"
ZITADEL_DEFAULTINSTANCE_SMTPCONFIGURATION_SMTP_USER: ${SMTP_USER}
ZITADEL_DEFAULTINSTANCE_SMTPCONFIGURATION_SMTP_PASSWORD: ${SMTP_PASS}
secrets:
- MASTER_KEY
command: "start-from-init --masterkeyFile /run/secrets/MASTER_KEY --tlsMode external"
command: "start-from-init --masterkeyFile /run/secrets/MASTER_KEY --tlsMode disabled"
depends_on:
generate-secrets:
condition: 'service_completed_successfully'
@ -41,7 +33,7 @@ services:
crdb:
condition: 'service_healthy'
ports:
- '8080:8080'
- '8321:8080'
crdb:
restart: unless-stopped

5
services/auth/Proxyfile
Unescape View File

@ -1,4 +1,3 @@
auth.{$DOMAIN}:443 {
reverse_proxy zitadel:8080
tls internal
auth.{$DOMAIN} {
reverse_proxy zitadel:8321
}

2
services/secrets/generate-secrets
Unescape View File

@ -9,5 +9,5 @@ set -o pipefail
for secret in /secrets/*/*/* ; do
test -d "$secret" && rmdir "$secret"
test -s "$secret" && continue
openssl rand -hex ${2:-64} > $secret
openssl rand -hex 64 > $secret
done

4
services/web/Containerfile
Unescape View File

@ -1,8 +1,8 @@
FROM caddy:builder-alpine AS builder
FROM caddy:2.7.5-builder-alpine AS builder
RUN xcaddy build \
--with github.com/mholt/caddy-webdav
FROM caddy:alpine
FROM caddy:latest
COPY --from=builder /usr/bin/caddy /usr/bin/caddy

Write Preview
Loading…
Cancel
Save