forked from jnimmo/catalyst-setup
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdocker-compose.tmpl.yml
77 lines (71 loc) · 2.26 KB
/
docker-compose.tmpl.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
version: '2.2'
services:
nginx:
image: nginx:1.21
restart: unless-stopped
ports: [ "80:80", "443:443" ]
depends_on: [ catalyst ]
networks: [ catalyst ]
volumes:
- "./nginx/nginx.conf:/etc/nginx/nginx.conf:ro"
- "./nginx/certs:/etc/nginx/certs:ro"
catalyst:
image: ghcr.io/securitybrewery/catalyst:v0.10.3
restart: unless-stopped
environment:
SECRET: "__SECRET__"
EXTERNAL_ADDRESS: __ADDR__
OIDC_ISSUER: http://authelia:8082
OIDC_AUTH_URL: __AUTHELIA_ADDR__/api/oidc/authorization
OIDC_CLIENT_ID: "catalyst"
OIDC_CLIENT_SECRET: "__AUTHELIA_CLIENT_SECRET__"
ARANGO_DB_HOST: http://arangodb:8529
ARANGO_DB_USER: root
ARANGO_DB_PASSWORD: "__ARANGO_ROOT_PASSWORD__"
S3_PASSWORD: "__S3_PASSWORD__"
AUTH_BLOCK_NEW: "false"
AUTH_DEFAULT_ROLES: "analyst"
AUTH_ADMIN_USERS: "__ADMIN_USER__"
INITIAL_API_KEY: "__INITIAL_API_KEY__"
volumes:
- "/var/run/docker.sock:/var/run/docker.sock"
depends_on: [ arangodb, minio, authelia ]
networks: [ catalyst ]
arangodb:
image: arangodb/arangodb:3.8.1
restart: unless-stopped
environment:
ARANGO_ROOT_PASSWORD: "__ARANGO_ROOT_PASSWORD__"
volumes:
- "arangodb:/var/lib/arangodb3"
networks: [ catalyst ]
minio:
image: minio/minio
restart: unless-stopped
environment:
MINIO_ROOT_USER: minio
MINIO_ROOT_PASSWORD: "__S3_PASSWORD__"
volumes:
- "minio:/data"
command: server /data
networks: [ catalyst ]
authelia:
image: authelia/authelia:4.37.5
restart: unless-stopped
environment:
AUTHELIA_JWT_SECRET: "__AUTHELIA_JWT_SECRET__"
AUTHELIA_IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY_FILE: "/config/private.pem"
AUTHELIA_IDENTITY_PROVIDERS_OIDC_HMAC_SECRET: "__AUTHELIA_HMAC_SECRET__"
AUTHELIA_STORAGE_ENCRYPTION_KEY: "__AUTHELIA_STORAGE_ENCRYPTION_KEY__"
AUTHELIA_SESSION_SECRET: "__AUTHELIA_SESSION_SECRET__"
networks: [ catalyst ]
volumes:
- "./authelia/configuration.yml:/config/configuration.yml:ro"
- "./authelia/private.pem:/config/private.pem:ro"
- "./authelia/users_database.yml:/config/users_database.yml:ro"
volumes:
arangodb:
minio:
networks:
catalyst:
name: catalyst