OpenID hydra docker-compose
docker-compose
version: '3.3'
services:
ory-hydra-postgres:
image: postgres:9.6
#restart: always
environment:
- POSTGRES_USER=hydra
- POSTGRES_PASSWORD=secret
- POSTGRES_DB=hydra
volumes:
- hydradata:/var/lib/postgresql/data:rw
networks:
- openid
# 第一次執行postgres要做資料庫格式建立 PS: network依佈屬環境為主 docker network ls 確認
# docker run -it --rm \
# --network openid \
# oryd/hydra:latest \
# migrate sql --yes postgres://hydra:secret@ory-hydra-postgres:5432/hydra?sslmode=disable
ory-hydra:
image: oryd/hydra:latest
restart: unless-stopped
ports:
- "9001:4444"
- "9002:4445"
environment:
- SECRETS_SYSTEM=this_needs_to_be_the_same_a
- DSN=postgres://hydra:secret@ory-hydra-postgres:5432/hydra?sslmode=disable
- URLS_SELF_ISSUER=https://openid.hydra:9001/
- URLS_CONSENT=http://192.168.99.100:9020/consent
- URLS_LOGIN=http://192.168.99.100:9020/login
- LOG_LEVEL=debug
- OAUTH2_EXPOSE_INTERNAL_ERRORS=true
- SERVE_PUBLIC_CORS_ENABLED=true
- SERVE_PUBLIC_CORS_ALLOWED_METHODS=POST,GET,PUT,DELETE
- SERVE_ADMIN_CORS_ENABLED=true
- SERVE_ADMIN_CORS_ALLOWED_METHODS=POST,GET,PUT,DELETE
- SERVE_TLS_KEY_BASE64=LS0tLS1CRUdJTiBFQyBQQVJBTUVURVJTLS0tLS0KQmdVcmdRUUFJZz09Ci0tLS0tRU5EIEVDIFBBUkFNRVRFUlMtLS0tLQotLS0tLUJFR0lOIEVDIFBSSVZBVEUgS0VZLS0tLS0KTUlHa0FnRUJCRENLbkdnVnFJVzdZaW5iUWV5UEd5UTQ0R3U2VVFEelU5SENLYjMzTWlmeFJYRTBkbnU2KzdadQowdEJUcUhQRHVMeWdCd1lGSzRFRUFDS2haQU5pQUFSbng1Nk9jeGNyRWRsYmU4TXRSdUVxWGV2OEREcmh6ZWJGCjM4NlI4Q2RQWDRlUWI2Zll6ekFUL3V3STBsTDdvRmlEWEM3Q0JLWmZUcTdFSzN4TzNXWlpSSjJrMEQ3TnNLd2cKVEpZenJxT0JpczBNeGtva2FUWVVyemhKMXBKY3lmWT0KLS0tLS1FTkQgRUMgUFJJVkFURSBLRVktLS0tLQo=
- SERVE_TLS_CERT_BASE64=LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUNQVENDQWNLZ0F3SUJBZ0lKQU13RjRiVDRvSnh0TUFvR0NDcUdTTTQ5QkFNQ01Gd3hDekFKQmdOVkJBWVQKQWtGVk1STXdFUVlEVlFRSURBcFRiMjFsTFZOMFlYUmxNU0V3SHdZRFZRUUtEQmhKYm5SbGNtNWxkQ0JYYVdSbgphWFJ6SUZCMGVTQk1kR1F4RlRBVEJnTlZCQU1NREc5d1pXNXBaQzVvZVdSeVlUQWVGdzB4T1RBMk1UY3dNVEl4Ck16ZGFGdzB5T1RBMk1UUXdNVEl4TXpkYU1Gd3hDekFKQmdOVkJBWVRBa0ZWTVJNd0VRWURWUVFJREFwVGIyMWwKTFZOMFlYUmxNU0V3SHdZRFZRUUtEQmhKYm5SbGNtNWxkQ0JYYVdSbmFYUnpJRkIwZVNCTWRHUXhGVEFUQmdOVgpCQU1NREc5d1pXNXBaQzVvZVdSeVlUQjJNQkFHQnlxR1NNNDlBZ0VHQlN1QkJBQWlBMklBQkdmSG5vNXpGeXNSCjJWdDd3eTFHNFNwZDYvd01PdUhONXNYZnpwSHdKMDlmaDVCdnA5alBNQlArN0FqU1V2dWdXSU5jTHNJRXBsOU8KcnNRcmZFN2RabGxFbmFUUVBzMndyQ0JNbGpPdW80R0t6UXpHU2lScE5oU3ZPRW5Xa2x6SjlxTlFNRTR3SFFZRApWUjBPQkJZRUZHK3Z6ZkIxYmVnM1VadEpYRXZWOWRNa1hvNmdNQjhHQTFVZEl3UVlNQmFBRkcrdnpmQjFiZWczClVadEpYRXZWOWRNa1hvNmdNQXdHQTFVZEV3UUZNQU1CQWY4d0NnWUlLb1pJemowRUF3SURhUUF3WmdJeEFMUHYKODZFSFRUVElLcEJHdlQrY2NWN3djSC84SFIrc2xhZC9ZUFhLUlZwd2RDbzUyZVRPV3BDS2dGamtHNEJhd1FJeApBTGxGZFgwbEk2ZzhXS3lhRTVmKzJGZEkxYWVqQ0Ftd0xPTTZTRFJhNFVHbitDa2VwOEljeG1CTDIvQmUzSVZ6CjhnPT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=
networks:
- openid
#這行非常重要,docker成功運行後,要進geht console執行 admin.addPeer("enode://444a16729d32431bbdaa594272e3509cdeaaf3c995ffb583589163d35f8b36ad14394ab037ac186525f579700e6500cacfb1f953fdf066fa05da0e1d409f7f79@140.110.18.199:30301")
ory-hydra-login-consent:
#image: oryd/hydra-login-consent-node:latest
build:
context: hydra-login-consent-node/
restart: unless-stopped
ports:
- "9020:3000"
environment:
- HYDRA_ADMIN_URL=https://ory-hydra:4445
- NODE_TLS_REJECT_UNAUTHORIZED=0
volumes:
- hydraloginconsent:/usr/src/app:rw
networks:
- openid
# 快速建立 auth-doce-client PS: network依佈屬環境為主 docker network ls 確認
#docker run --rm -it \
# -e HYDRA_ADMIN_URL=https://ory-hydra:4445 \
# --network openid \
# oryd/hydra:latest \
# clients create --skip-tls-verify \
# --id auth-code-client \
# --secret secret \
# --grant-types authorization_code,refresh_token \
# --response-types code,id_token,token \
# --scope openid,offline,photos.read \
# --callbacks https://t.tt:9010/callback
volumes:
hydradata:
hydraloginconsent:
networks:
openid:
driver: bridge
ory-hydra-login-consent download
https://github.com/ory/hydra-login-consent-node
Directory name is hydra-login-consent-node
go run main.go
https://sueboy.blogspot.com/2019/06/openid-hydra-cant-finish-error.html
Broswer https://t.tt:9010
