Datenschutzcenter/Docker-Compose
2
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

add .env.local

Browse source
This commit is contained in:
holzi1005 2024-12-08 18:39:50 +01:00
parent 5f201e3515
commit bc86eac194
2 changed files with 50 additions and 31 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

30
.docker-compose.http.yml
View file

@ -22,16 +22,10 @@ services:
db-odc: db-odc:
condition: service_healthy condition: service_healthy
restart: unless-stopped restart: unless-stopped
env_file:
environment: - ./.env
DATABASE_URL: mysql://odc:<odcMySqlPw>@db-odc:3306/odc - ./.env.local
OAUTH_KEYCLOAK_CLIENT_ID: opendatenschutzcenter - ./.env.custom
OAUTH_KEYCLOAK_CLIENT_SECRET: <clientsecret>
OAUTH_KEYCLOAK_SERVER: '<httpMethod>://<clientUrl>/keycloak'
OAUTH_KEYCLOAK_REALM: opendatenschutzcenter
MAILER_DSN: 'null://null'
laF_version: 3.0.4
demo_installation: demo
labels: labels:
- "traefik.enable=true" - "traefik.enable=true"
- "traefik.http.routers.app-odc.rule=Host(`<clientUrl>`)" - "traefik.http.routers.app-odc.rule=Host(`<clientUrl>`)"
@ -62,18 +56,10 @@ services:
depends_on: depends_on:
db-odc: db-odc:
condition: service_healthy condition: service_healthy
environment: env_file:
KEYCLOAK_ADMIN: admin - ./.env
KEYCLOAK_ADMIN_PASSWORD: <keycloakAdminPw> - ./.env.local
KC_DB: mariadb - ./.env.custom
KC_DB_PASSWORD: <keycloak-pw>
KC_DB_URL: jdbc:mariadb://db-odc:3306/keycloak
KC_DB_USERNAME: keycloak
KC_HOSTNAME_URL: <httpMethod>://<clientUrl>/keycloak
KC_HOSTNAME_PATH: <httpMethod>://<clientUrl>/keycloak
KC_HOSTNAME_ADMIN_URL: <httpMethod>://<clientUrl>/keycloak
KC_HTTP_RELATIVE_PATH: /keycloak
KC_PROXY: passthrough
command: command:
- start-dev - start-dev
- --import-realm - --import-realm

51
setup.sh
View file

@ -38,11 +38,11 @@ else
KEYCLOAK_PW=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1) KEYCLOAK_PW=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)
ODC_DB_PW=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1) ODC_DB_PW=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)
KEYCLOAK_ADMIN_PW=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1) KEYCLOAK_ADMIN_PW=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)
OAUTH_KEYCLOAK_CLIENT_ID=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1) NEW_UUID=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)
echo "KEYCLOAK_PW=$KEYCLOAK_PW" >> $FILE echo "KEYCLOAK_PW=$KEYCLOAK_PW" >> $FILE
echo "KEYCLOAK_ADMIN_PW=$KEYCLOAK_ADMIN_PW" >> $FILE echo "KEYCLOAK_ADMIN_PW=$KEYCLOAK_ADMIN_PW" >> $FILE
echo "OAUTH_KEYCLOAK_CLIENT_ID=$OAUTH_KEYCLOAK_CLIENT_ID" >> $FILE echo "NEW_UUID=$NEW_UUID" >> $FILE
echo "ODC_DB_PW=$ODC_DB_PW" >> $FILE echo "ODC_DB_PW=$ODC_DB_PW" >> $FILE
source $FILE source $FILE
fi fi
@ -68,7 +68,7 @@ echo ------------------------------------------------------------
echo "" echo ""
cp keycloak/.realm-export.json keycloak/realm-export.json cp keycloak/.realm-export.json keycloak/realm-export.json
sed -i "s|<clientsecret>|$OAUTH_KEYCLOAK_CLIENT_ID|g" keycloak/realm-export.json sed -i "s|<clientsecret>|$NEW_UUID|g" keycloak/realm-export.json
sed -i "s|<clientUrl>|$HTTP_METHOD://$PUBLIC_URL|g" keycloak/realm-export.json sed -i "s|<clientUrl>|$HTTP_METHOD://$PUBLIC_URL|g" keycloak/realm-export.json
echo ------------------------------------------------------------ echo ------------------------------------------------------------
@ -80,21 +80,54 @@ cp mysql-initdb/.init-userdb.sql mysql-initdb/init-userdb.sql
sed -i "s|<open-datenschutzcenter-pw>|$ODC_DB_PW|g" mysql-initdb/init-userdb.sql sed -i "s|<open-datenschutzcenter-pw>|$ODC_DB_PW|g" mysql-initdb/init-userdb.sql
sed -i "s|<keycloak-pw>|$KEYCLOAK_PW|g" mysql-initdb/init-userdb.sql sed -i "s|<keycloak-pw>|$KEYCLOAK_PW|g" mysql-initdb/init-userdb.sql
echo ------------------------------------------------------------ echo ------------------------------------------------------------
echo --------- 3. Build Docker Compose File --------------------- echo --------- 3. Setup .ENV.LOCAL ------------------------------
echo ------------------------------------------------------------
echo ""
if [ -f .env.local ]; then
rm .env.local
fi
cat <<EOL > .env.local
# ENV FOR ODC
PUBLIC_URL='$PUBLIC_URL'
MAILER_DSN='null://null'
DATABASE_URL='mysql://odc:$JITSI_ADMIN_PW@db-odc:3306/odc'
OAUTH_KEYCLOAK_CLIENT_SECRET=$NEW_UUID
OAUTH_KEYCLOAK_SERVER='$HTTP_METHOD://$PUBLIC_URL/keycloak'
OAUTH_KEYCLOAK_CLIENT_ID=opendatenschutzcenter
OAUTH_KEYCLOAK_REALM=opendatenschutzcenter
laF_version: 3.0.4
demo_installation: demo
# ENV FOR KEYCLOAK
KEYCLOAK_ADMIN=admin
KEYCLOAK_ADMIN_PASSWORD=$KEYCLOAK_ADMIN_PW
KC_DB=mariadb
KC_DB_USERNAME=keycloak
KC_DB_PASSWORD=$KEYCLOAK_PW
KC_DB_URL='jdbc:mariadb://db-odc:3306/keycloak'
KC_HOSTNAME_URL='$HTTP_METHOD://$PUBLIC_URL/keycloak'
KC_HOSTNAME_PATH='$HTTP_METHOD://$PUBLIC_URL/keycloak'
KC_HOSTNAME_ADMIN_URL='$HTTP_METHOD://$PUBLIC_URL/keycloak'
KC_HTTP_RELATIVE_PATH=/keycloak
KC_PROXY=passthrough
EOL
echo ------------------------------------------------------------
echo ------------ 4. Build Docker Compose File ------------------
echo ------------------------------------------------------------ echo ------------------------------------------------------------
echo "" echo ""
cp .docker-compose.$HTTP_METHOD.yml docker-compose.yml cp .docker-compose.$HTTP_METHOD.yml docker-compose.yml
sed -i "s|<keycloakAdminPw>|$KEYCLOAK_ADMIN_PW|g" docker-compose.yml
sed -i "s|<keycloak-pw>|$KEYCLOAK_PW|g" docker-compose.yml
sed -i "s|<clientsecret>|$OAUTH_KEYCLOAK_CLIENT_ID|g" docker-compose.yml
sed -i "s|<clientUrl>|$PUBLIC_URL|g" docker-compose.yml sed -i "s|<clientUrl>|$PUBLIC_URL|g" docker-compose.yml
sed -i "s|<httpMethod>|$HTTP_METHOD|g" docker-compose.yml
sed -i "s|<odcMySqlPw>|$ODC_DB_PW|g" docker-compose.yml
sed -i "s|<hostIp>|$HOST_IP|g" docker-compose.yml sed -i "s|<hostIp>|$HOST_IP|g" docker-compose.yml
echo "" echo ""
echo "" echo ""
echo ------------------------------------------------------------ echo ------------------------------------------------------------