Skip to content

Commit

Permalink
fix(docker): dev docker compose + kratos configuration (#1429)
Browse files Browse the repository at this point in the history 
* fix(docker): dev docker compose + kratos configuration

* feat: upgrade to alpha 14

---------

Co-authored-by: dragosp1011 <dragosh1011@gmail.com>
  • Loading branch information
@golobitch @dragosp1011
golobitch and dragosp1011 authored Jun 28, 2024
1 parent 0acba60 commit 12ae3ef
Show file tree
Hide file tree
Showing 17 changed files with 203 additions and 178 deletions.
4 changes: 4 additions & 0 deletions docker/dbinit.sql
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,3 +13,7 @@ ALTER DATABASE wallet_backend OWNER TO wallet_backend;
CREATE USER boutique_backend WITH PASSWORD 'boutique_backend';
CREATE DATABASE boutique_backend;
ALTER DATABASE boutique_backend OWNER TO boutique_backend;

CREATE USER kratos WITH PASSWORD 'kratos';
CREATE DATABASE kratos;
ALTER DATABASE kratos OWNER TO kratos;
42 changes: 36 additions & 6 deletions docker/dev/docker-compose.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ services:
AUTH_IDENTITY_SERVER_SECRET: ${AUTH_IDENTITY_SERVER_SECRET}
SENDGRID_API_KEY: ${SENDGRID_API_KEY}
FROM_EMAIL: ${FROM_EMAIL}
SEND_EMAIL: ${SEND_EMAIL}
SEND_EMAIL: ${SEND_EMAIL:-false}
RATE_API_KEY: ${RATE_API_KEY}
BASE_ASSET_SCALE: 2
MAX_ASSET_SCALE: 9
Expand Down Expand Up @@ -90,7 +90,7 @@ services:
# Rafiki
rafiki-auth:
container_name: rafiki-auth
image: ghcr.io/interledger/rafiki-auth:v1.0.0-alpha.13
image: ghcr.io/interledger/rafiki-auth:v1.0.0-alpha.14
restart: always
networks:
- testnet
Expand All @@ -105,8 +105,8 @@ services:
AUTH_SERVER_URL: http://localhost:3006
AUTH_DATABASE_URL: postgresql://rafiki_auth:rafiki_auth@postgres/rafiki_auth
IDENTITY_SERVER_URL: http://localhost:4003/grant-interactions
IDENTITY_SERVER_SECRET: ${AUTH_IDENTITY_SERVER_SECRET}
COOKIE_KEY: ${AUTH_COOKIE_KEY}
IDENTITY_SERVER_SECRET: ${AUTH_IDENTITY_SERVER_SECRET:-327132b5-99e9-4eb8-8a25-2b7d7738ece1}
COOKIE_KEY: ${AUTH_COOKIE_KEY:-8fd398393c47dd27a3167d9c081c094f}
WAIT_SECONDS: 1
REDIS_URL: redis://redis:6379/0
depends_on:
Expand All @@ -115,7 +115,7 @@ services:

rafiki-backend:
container_name: rafiki-backend
image: ghcr.io/interledger/rafiki-backend:v1.0.0-alpha.13
image: ghcr.io/interledger/rafiki-backend:v1.0.0-alpha.14
restart: always
privileged: true
volumes:
Expand All @@ -141,6 +141,7 @@ services:
AUTH_SERVER_GRANT_URL: http://rafiki-auth:3006
AUTH_SERVER_INTROSPECTION_URL: http://rafiki-auth:3007
ILP_ADDRESS: test.net
ILP_CONNECTOR_URL: http://127.0.0.1:3002
STREAM_SECRET: BjPXtnd00G2mRQwP/8ZpwyZASOch5sUXT5o0iR5b5wU=
ADMIN_KEY: admin
OPEN_PAYMENTS_URL: http://rafiki-backend
Expand All @@ -154,14 +155,15 @@ services:
AUTO_PEERING_SERVER_PORT: 3005
INSTANCE_NAME: 'Testnet Wallet'
SLIPPAGE: 0.01
KEY_ID: rafiki
depends_on:
- postgres
- redis
<<: *logging

rafiki-frontend:
container_name: rafiki-frontend
image: ghcr.io/interledger/rafiki-frontend:v1.0.0-alpha.13
image: ghcr.io/interledger/rafiki-frontend:v1.0.0-alpha.14
depends_on:
- rafiki-backend
restart: always
Expand All @@ -174,8 +176,28 @@ services:
PORT: 3012
GRAPHQL_URL: http://rafiki-backend:3001/graphql
OPEN_PAYMENTS_URL: https://rafiki-backend/
ENABLE_INSECURE_MESSAGE_COOKIE: true
KRATOS_CONTAINER_PUBLIC_URL: 'http://kratos:4433'
KRATOS_BROWSER_PUBLIC_URL: 'http://localhost:4433'
KRATOS_ADMIN_URL: 'http://kratos:4434/admin'
<<: *logging

kratos:
image: 'oryd/kratos:v0.13.0'
privileged: true
depends_on:
- postgres
- mailslurper
ports:
- '4433:4433'
volumes:
- ../entrypoint.sh:/entrypoint.sh
- ../identity.schema.json:/etc/config/kratos/identity.schema.json
- ./kratos.yml:/etc/config/kratos/kratos.yml
entrypoint: ['/entrypoint.sh']
networks:
- testnet

tigerbeetle:
image: ghcr.io/tigerbeetle/tigerbeetle:0.15.3
privileged: true
Expand Down Expand Up @@ -208,6 +230,14 @@ services:
networks:
- testnet

mailslurper:
image: oryd/mailslurper:latest-smtps
ports:
- '4436:4436'
- '4437:4437'
networks:
- testnet

networks:
testnet:
driver: bridge
Expand Down
91 changes: 91 additions & 0 deletions docker/dev/kratos.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,91 @@
version: v0.13.0

dsn: postgres://cloud_nine_kratos:kratos_password@shared-database:5432/cloud_nine_kratos?sslmode=disable&max_conns=20&max_idle_conns=4

serve:
public:
base_url: http://localhost:4433/
cors:
enabled: true
admin:
base_url: http://kratos:4434/

selfservice:
default_browser_return_url: http://localhost:3010/
allowed_return_urls:
- http://localhost:3010

methods:
link:
config:
lifespan: 1h
base_url: http://localhost:4433
enabled: true
password:
enabled: true

flows:
error:
ui_url: http://localhost:3010/error

settings:
ui_url: http://localhost:3010/settings
privileged_session_max_age: 15m
required_aal: highest_available

recovery:
enabled: true
ui_url: http://localhost:3010/auth/recovery
use: link
after:
hooks:
- hook: revoke_active_sessions

verification:
enabled: false

logout:
after:
default_browser_return_url: http://localhost:3010/auth

login:
ui_url: http://localhost:3010/auth/login
lifespan: 10m

registration:
enabled: false

log:
level: debug
format: json
leak_sensitive_values: true

secrets:
cookie:
- PLEASE-CHANGE-ME-I-AM-VERY-INSECURE
cipher:
- 32-LONG-SECRET-NOT-SECURE-AT-ALL

ciphers:
algorithm: xchacha20-poly1305

hashers:
algorithm: bcrypt
bcrypt:
cost: 8

identity:
schemas:
- id: default
url: file:///etc/config/kratos/identity.schema.json

courier:
smtp:
connection_uri: smtps://test:test@mailslurper:1025/?skip_ssl_verify=true

session:
lifespan: 1h
cookie:
persistent: false
same_site: Strict
path: /
0 docker/prod/entrypoint.sh → docker/entrypoint.sh
View file
File renamed without changes.
0 docker/prod/identity.schema.json → docker/identity.schema.json
View file
File renamed without changes.
10 changes: 5 additions & 5 deletions docker/prod/docker-compose.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -119,7 +119,7 @@ services:
<<: *logging

rafiki-auth:
image: ghcr.io/interledger/rafiki-auth:v1.0.0-alpha.13
image: ghcr.io/interledger/rafiki-auth:v1.0.0-alpha.14
container_name: rafiki-auth
environment:
NODE_ENV: ${NODE_ENV}
Expand All @@ -145,7 +145,7 @@ services:
<<: *logging

rafiki-backend:
image: ghcr.io/interledger/rafiki-backend:v1.0.0-alpha.13
image: ghcr.io/interledger/rafiki-backend:v1.0.0-alpha.14
container_name: rafiki-backend
depends_on:
- postgres
Expand Down Expand Up @@ -214,7 +214,7 @@ services:
<<: *logging

rafiki-frontend:
image: ghcr.io/interledger/rafiki-frontend:v1.0.0-alpha.13
image: ghcr.io/interledger/rafiki-frontend:v1.0.0-alpha.14
container_name: rafiki-frontend
depends_on:
- rafiki-backend
Expand Down Expand Up @@ -271,8 +271,8 @@ services:
ports:
- '4433:4433'
volumes:
- ./entrypoint.sh:/entrypoint.sh
- ./identity.schema.json:/etc/config/kratos/identity.schema.json
- ../entrypoint.sh:/entrypoint.sh
- ../identity.schema.json:/etc/config/kratos/identity.schema.json
- ./kratos.yml:/etc/config/kratos/kratos.yml
entrypoint: ['/entrypoint.sh']
networks:
Expand Down
2 changes: 1 addition & 1 deletion packages/wallet/backend/src/createContainer.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -114,7 +114,7 @@ export async function createContainer(
authGraphQLClient: asFunction(createAuthGraphQLClient).singleton(),
rapydClient: asClassSingletonWithLogger(RapydClient, logger),
rapydService: asClass(RapydService).singleton(),
rafikiClient: asClassSingletonWithLogger(RafikiClient, logger).singleton(),
rafikiClient: asClass(RafikiClient).singleton(),
rafikiAuthService: asClass(RafikiAuthService).singleton(),
accountService: asClass(AccountService).singleton(),
ratesService: asClass(RatesService).singleton(),
Expand Down
Loading

0 comments on commit 12ae3ef

Please sign in to comment.