-
Notifications
You must be signed in to change notification settings - Fork 6
/
Copy pathdocker-compose.full.env
142 lines (105 loc) · 3.49 KB
/
docker-compose.full.env
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
# ==========
# RDFM setup
# ==========
# The name of this file
SETUP_FILE=docker-compose.full.env
# Variables requiring modification
# ================================
# WARNING: If any of the variables within this section remains unmodified, it may pose a security threat
# to the created services.
# Server settings
# ---------------
# Public address base for the services
PUBLIC_ADDRESS=rdfm.com
# Public port for the frontend
RDFM_FRONTEND_PORT=443
# Database settings
# -----------------
# Hostname for the postgres container
DB_HOSTNAME=postgres
# Name of the database
DB_NAME=cloud-rdfm
# Name of the database user
DB_USER=db_user
# Password for DB_USER
DB_PASSWORD=db_password
# Keycloak settings
# -----------------
# Starting administrator for Keycloak
KEYCLOAK_ADMIN=admin
KEYCLOAK_ADMIN_PASSWORD="admin"
KC_HTTP_RELATIVE_PATH=/kc
# RDFM settings
# -------------
RDFM_OAUTH_CLIENT_ID=rdfm-server-introspection
RDFM_OAUTH_CLIENT_SEC=nsGrKQL8iwPzTz9IrP3sNI22J1vKVIh1
RDFM_JWT_SECRET=810592345
# Bucket settings
# ---------------
RDFM_STORAGE_DRIVER=s3
RDFM_S3_URL=https://minio:9000/
RDFM_S3_BUCKET=rdfm-packages
RDFM_S3_ACCESS_KEY_ID=admin
RDFM_S3_ACCESS_SECRET_KEY=admin123
# RDFM frontend adjustments
# -------------------------
# VITE_CUSTOM_FAVICON="${RDFM_FRONTEND_EXTERNAL_URL}/favicon.ico"
# VITE_CUSTOM_LOGO="${RDFM_FRONTEND_EXTERNAL_URL}/logo.svg"
# Remaining parameters
# ====================
# Some of the parameters below may be modified if needed
# Some of the parameters are inferred from other ones - those can be left unmodified
# Basic URLs
# ----------
# Internal address for RDFM Management Server
RDFM_SERVER_INTERNAL_URL=https://rdfm-server:5000
# RDFM main website
RDFM_FRONTEND_EXTERNAL_URL=https://${PUBLIC_ADDRESS}
# Keycloak main website
KEYCLOAK_PORT=8443
KEYCLOAK_INTERNAL_URL=https://keycloak:${KEYCLOAK_PORT}${KC_HTTP_RELATIVE_PATH}
KEYCLOAK_EXTERNAL_URL=https://${PUBLIC_ADDRESS}${KC_HTTP_RELATIVE_PATH}
# Name for RDFM realm for Keycloak
KEYCLOAK_REALM=rdfm
# Keycloak settings
# =================
# for more settings check https://www.keycloak.org/server/all-config
KC_HOSTNAME_ADMIN_URL=${KEYCLOAK_EXTERNAL_URL}
KC_PROXY=reencrypt
KC_HOSTNAME=${PUBLIC_ADDRESS}
KC_HTTPS_CERTIFICATE_FILE=/certs/KEYCLOAK.crt
KC_HTTPS_CERTIFICATE_KEY_FILE=/certs/KEYCLOAK.key
KC_PROXY_HEADERS=xforwarded
KC_HOSTNAME_BACKCHANNEL_DYNAMIC=true
KC_FEATURES="hostname:v2"
KC_DB=postgres
KC_DB_USERNAME=${DB_USER}
KC_DB_PASSWORD=${DB_PASSWORD}
KC_DB_URL=jdbc:postgresql://${DB_HOSTNAME}/${DB_NAME}
# KC_LOG_LEVEL=TRACE
# Application settings
# --------------------
RDFM_DB_CONNSTRING=postgresql://${DB_USER}:${DB_PASSWORD}@${DB_HOSTNAME}/${DB_NAME}
RDFM_HOSTNAME=rdfm-server
RDFM_API_PORT=5000
RDFM_LOCAL_PACKAGE_DIR=/tmp/
RDFM_GUNICORN_WORKER_TIMEOUT=7200
# OAuth settings
# --------------
RDFM_OAUTH_URL=${KEYCLOAK_INTERNAL_URL}/realms/${KEYCLOAK_REALM}/protocol/openid-connect/token/introspect
RDFM_LOGIN_URL=${KEYCLOAK_EXTERNAL_URL}/realms/${KEYCLOAK_REALM}/protocol/openid-connect/auth
RDFM_LOGOUT_URL=${KEYCLOAK_EXTERNAL_URL}/realms/${KEYCLOAK_REALM}/protocol/openid-connect/logout
# SSL settings
# ------------
RDFM_SERVER_CERT=/certs/SERVER.crt
RDFM_SERVER_KEY=/certs/SERVER.key
# Frontend configuration
# ----------------------
VITE_RDFM_BACKEND="false"
VITE_LOGIN_URL="${RDFM_LOGIN_URL}"
VITE_LOGOUT_URL="${RDFM_LOGOUT_URL}"
VITE_OAUTH2_CLIENT="${RDFM_OAUTH_CLIENT_ID}"
# nginx settings
# ==============
NGINX_CERTIFICATE=/etc/nginx/certs/FRONTEND.crt
NGINX_CERTIFICATE_KEY=/etc/nginx/certs/FRONTEND.key