diff --git a/AllInOne/.env b/AllInOne/.env deleted file mode 100644 index 2e42c3a..0000000 --- a/AllInOne/.env +++ /dev/null @@ -1,148 +0,0 @@ - -dareVer=3.0.0 - - -PGLOGIN=admin -PGPASSWORD=admin - -# CAMUNDA env var -CAMUNDA_VERSION=8.8.0 -CAMUNDA_BUNDLE_VERSION=8.8.1 -ELASTIC_VERSION=8.17.5 - -CredentialAPISettingsStartWebhookUrl=http://connectors:8080/inbound/StartCredentials -CredentialAPISettingsRevokeWebhookUrl=http://connectors:8080/inbound/RevokeCredentials - -# TRE DB Credentials -TRE_DATA_SERVER=postgres -TRE_DATA_PORT=5432 -TRE_DATA_DATABASE=tredata -TRE_DATA_USER=admin -TRE_DATA_PASSWORD=admin - -# Set to true if you'd like to simulate execution, otherwise default to false: -DemoMode = true -# Allows Keycloak to not require https: -KeyCloakDemoMode=true - -http_proxy=http://192.168.10.15:8080 -https_proxy=http://192.168.10.15:8080 -ProxyAddresURLForExternalFetch=http://192.168.10.15:8080 - -useproxy=false -proxyurl=http://192.168.10.15:8080 -#If having issues with keycloak set this to false. -sslcookies=false -#If http only site set this to false -httpsRedirect=false - -MinioOpenidSecret=8a11bbcd-693a-4549-bda4-3e978fcf4de1 -MinioIdentityID=Dare-Control-Minio -MinioIdentityConfigURL=http://keycloak:8080/realms/Dare-Control/.well-known/openid-configuration -MinioTreOpenidSecret=71ee3de3-0e0c-49c8-a0b2-c0e490c90591 -MinioTreIdentityID=Dare-TRE-Minio -MinioTreIdentityConfigURL=http://keycloak:8080/realms/Dare-TRE/.well-known/openid-configuration - -MinioRootUser=minio -MinioRootPass=minio123 -MinioBrowser=http://localhost:9000 -#MinioServerApi=http://127.0.0.1:9000 - -UseTESK=false -UseRabbit=false - -# Where TESK or Funnel API is hosted: -TesAPIUrl=http://host.docker.internal:8000/v1/tasks -# Output bucket prefix for the TES executing agent to write results to -TesOutputBucketPrefix=s3:// - -IgnoreHutchSSL=true -HutchAPIAddress=https://localhost:7239 -HutchDbServer=theserver -HutchDbName=theDb -HutchDbPort=24 - -syncSchedule=2 -scanSchedule=1 -TreName=DEMO -EnableExternalHangfire=false - -HutchMinioURLOverride= -TreMinioAdminUser=minio -TreMinioAdminPassword=minio123 - -submissionMinioUrl=http://minioSubmission:9000 -#This is the 9001 url -submissionMinioAdminConsole=http://minioSubmission:9001 - - -EgressKeyCloakUseRedirect=false -EgressKeyCloakBaseRealmAddress=http://keycloak:8080/realms/Data-Egress -EgressKeyCloakAuthority=http://keycloak:8080/realms/Data-Egress/.well-known/openid-configuration -EgressKeyCloakMetadataAddress=http://keycloak:8080/realms/Data-Egress/.well-known/openid-configuration -EgressValidAudiences=Data-Egress-UI,Data-Egress-API -EgressKeyCloakClientUIRediretURL=https//localhost:8100/ -EgressKeyCloakTokenExpredAddressUI=http://localhost:8100/Account/LoginAfterTokenExpired -EgressKeyCloakSecret=81c1f071-8c45-49ef-a966-84ca8f420b7e -EgressKeyCloakClientID=Data-Egress-API - - -SubmissionAPIKeyCloakUseRedirect=false -SubmissionAPIKeyCloakClientId=Dare-Control-API -SubmissionAPIKeyCloakBaseRealmAddress=http://keycloak:8080/realms/Dare-Control -SubmissionAPIKeyCloakAuthority=http://keycloak:8080/realms/Dare-Control/.well-known/openid-configuration -SubmissionAPIKeyCloakMetadataAddress=http://keycloak:8080/realms/Dare-Control/.well-known/openid-configuration -SubmissionAPIValidAudiences=Dare-Control-UI,Dare-Control-API,Dare-Control-Minio -SubmissionAPIKeyCloakClientUIRedirectURL=http://localhost:8989/ -SubmissionAPIKeyCloakTokenExpredAddressUI=http://localhost:8989/Account/LoginAfterTokenExpired -SubmissionAPIKeyCloakSecret=2e60b956-16bc-4dea-8b49-118a8baac5e5 - - - -SubmissionUIAccountManagementURL=http://keycloak:8080/realms/Dare-Control/account -SubmissionUIKeyCloakBaseUrl=http://keycloak:8080/realms/Dare-Control -KeyCloakUseRedirect=false -KeyCloakClientUIRediretURL=http://localhost:8888/ -KeyCloakTokenExpredAddressUI=http://localhost:8888/Account/LoginAfterTokenExpired -SubmissionUIClientSecret=1218304e-bf92-4706-83f6-912e0b04ecb9 -SubmissionUIKeyCloakMetadataAddress=http://keycloak:8080/realms/Dare-Control/.well-known/openid-configuration -SubmissionUIKeyCloakAuthority=http://keycloak:8080/realms/Dare-Control/ - -TreKeyCloakUseRedirect=false -TreKeyCloakClientUIRediretURL=http://localhost:8989/ -TreKeyCloakTokenExpredAddressUI=http://localhost:8989/Account/LoginAfterTokenExpired -TreKeyCloakSecret=2de114bc-3599-45f1-9b61-5090c6859dfe -TreKeyCloakBaseRealmAddress=http://keycloak:8080/realms/Dare-TRE -TreKeyCloakAuthority=http://keycloak:8080/realms/Dare-TRE/.well-known/openid-configuration -TreKeyCloakClientId=Dare-TRE-UI -TreKeyCloakMetadataAddress=http://keycloak:8080/realms/Dare-TRE/.well-known/openid-configuration -TreAccountManagementURLUI=http://localhost:8085/realms/Dare-TRE/account -TreValidAudiences=Dare-TRE-API,Dare-TRE-UI - -TreAPIKeyCloakUseRedirect=false -TreAPIKeyCloakClientUIRediretURL=http://localhost:8989/ -TreAPIKeyCloakTokenExpredAddressUI=http://localhost:8989/Account/LoginAfterTokenExpired -TreAPIKeyCloakSecret=e9021a57-3f4f-4254-ba27-2cdbb99a2cb5 -TreAPIKeyCloakBaseRealmAddress=http://keycloak:8080/realms/Dare-TRE -TreAPIKeyCloakAuthority=http://keycloak:8080/realms/Dare-TRE/.well-known/openid-configuration -TreAPIKeyCloakClientId=Dare-TRE-API -TreAPIKeyCloakMetadataAddress=http://keycloak:8080/realms/Dare-TRE/.well-known/openid-configuration -TreAPIAccountManagementURLUI=http://localhost:8085/realms/Dare-TRE/account -TreAPIValidAudiences=Dare-TRE-API,Dare-TRE-UI - - -URLSettingsFrontEndQueryImage=harbor.ukserp.ac.uk/dare-trefx/control-tre-hasura:1.34.1 -URLSettingsFrontEndMinioUrl=localhost:9001 - -#SubmissionAPIKeyCloakUseRedirect=false -#SubmissionAPIClientSecret=1218304e-bf92-4706-83f6-912e0b04ecb9 -SuppressAntiforgery=false -SubmissionSignedOutRedirectUri=/ -SubmissionTokenRefreshSeconds=3600 -SubmissionValidAudiences=Dare-Control-UI,Dare-Control-API,Dare-Control-Minio -SubmissionServer=keycloak:8080 -SubmissionServerProtocol=http -SubmissionRealm=Dare-Control -SubmissionAutoTrustKeycloakCert=false -SubmissionValidIssuer= -SubmissionValidAudience= \ No newline at end of file diff --git a/AllInOne/config/creds.env b/AllInOne/config/creds.env new file mode 100644 index 0000000..b632618 --- /dev/null +++ b/AllInOne/config/creds.env @@ -0,0 +1,19 @@ +POSTGRES_USER=admin +POSTGRES_PASSWORD=admin + +TRE_DATA_USER=admin +TRE_DATA_PASSWORD=admin + +MinioTRESettings__AccessKey=minio +MinioTRESettings__SecretKey=minio123 + +MinioSettings__AccessKey=minio +MinioSettings__SecretKey=minio123 + +DemoModeDefaultP=password123 + +LDAP_ADMIN_PASSWORD="admin" +LDAP_CONFIG_PASSWORD="config" + +KC_BOOTSTRAP_ADMIN_USERNAME=admin +KC_BOOTSTRAP_ADMIN_PASSWORD=admin diff --git a/AllInOne/config/internal.env b/AllInOne/config/internal.env new file mode 100644 index 0000000..52ac510 --- /dev/null +++ b/AllInOne/config/internal.env @@ -0,0 +1,143 @@ +### internal.env +### This file contains config which users *should not edit* without good reason +### This file will be maintained by the developers + +# ============================================================================== +# Core Infrastructure +# ============================================================================== + +TRE_DATA_SERVER=postgres +TRE_DATA_PORT=5432 +TRE_DATA_DATABASE=tredata + +RabbitMQ__HostAddress=rabbitmq + +CAMUNDA_VERSION=8.8.0 +CAMUNDA_BUNDLE_VERSION=8.8.1 +ELASTIC_VERSION=8.17.5 + +URLSettingsFrontEnd__QueryImage=harbor.ukserp.ac.uk/dare-trefx/control-tre-hasura:1.34.1 + + +# ============================================================================== +# TRE API & UI +# ============================================================================== + +TreAPISettings__InternalApiBaseUrl=http://treAPI:8080 +TreAPISettings__PublicApiBaseUrl=http://localhost:8072 + +TreAPIKeyCloakUseRedirect=false +TreAPIKeyCloakSecret=e9021a57-3f4f-4254-ba27-2cdbb99a2cb5 +TreAPIKeyCloakBaseRealmAddress=http://keycloak:8080/realms/Dare-TRE +TreAPIKeyCloakAuthority=http://keycloak:8080/realms/Dare-TRE/.well-known/openid-configuration +TreAPIKeyCloakClientId=Dare-TRE-API +TreAPIKeyCloakMetadataAddress=http://keycloak:8080/realms/Dare-TRE/.well-known/openid-configuration +TreAPIAccountManagementURLUI=http://localhost:8085/realms/Dare-TRE/account +TreAPIValidAudiences=Dare-TRE-API,Dare-TRE-UI + + +# ============================================================================== +# TRE Keycloak Settings +# ============================================================================== + +TreKeyCloakSettings__Authority=http://keycloak:8080/realms/Dare-TRE/.well-known/openid-configuration +TreKeyCloakSettings__MetadataAddress=http://keycloak:8080/realms/Dare-TRE/.well-known/openid-configuratio +TreKeyCloakSettings__BaseUrl=http://keycloak:8080/realms/Dare-TRE +TreKeyCloakSettings__ClientId=Dare-TRE-UI +TreKeyCloakSettings__ClientSecret=2de114bc-3599-45f1-9b61-5090c6859dfe +TreKeyCloakSettings__ValidAudiences=Dare-TRE-API,Dare-TRE-UI +TreKeyCloakSettings__AccountManagementURL=http://localhost:8085/realms/Dare-TRE/account +TreKeyCloakSettings__BypassProxy="treAPI,seq-tre" +TreKeyCloakSettings__UseRedirectURL=false + +KeyCloakUseRedirect=false + + +# ============================================================================== +# Submission API & UI +# ============================================================================== + +DareAPISettings__Address=http://submissionAPI:8080 + +SubmissionUIAccountManagementURL=http://keycloak:8080/realms/Dare-Control/account +SubmissionUIKeyCloakBaseUrl=http://keycloak:8080/realms/Dare-Control +SubmissionUIClientSecret=1218304e-bf92-4706-83f6-912e0b04ecb9 +SubmissionUIKeyCloakMetadataAddress=http://keycloak:8080/realms/Dare-Control/.well-known/openid-configuration +SubmissionUIKeyCloakAuthority=http://keycloak:8080/realms/Dare-Control/ + +SubmissionKeyCloakSettings__Authority=http://keycloak:8080/realms/Dare-Control/.well-known/openid-configuration +SubmissionKeyCloakSettings__MetadataAddress=http://keycloak:8080/realms/Dare-Control/.well-known/openid-configuration +SubmissionKeyCloakSettings__BaseUrl=http://keycloak:8080/realms/Dare-Control +SubmissionKeyCloakSettings__ClientId=Dare-Control-API +SubmissionKeyCloakSettings__ClientSecret=2e60b956-16bc-4dea-8b49-118a8baac5e5 +SubmissionKeyCloakSettings__ValidAudiences=Dare-Control-UI,Dare-Control-API,Dare-Control-Minio +SubmissionKeyCloakSettings__BypassProxy="submissionAPI,seq-tre" +SubmissionKeyCloakSettings__UseRedirectURL=false +SubmissionKeyCloakSettings__SignedOutRedirectUri=/ +SubmissionKeyCloakSettings__TokenRefreshSeconds=3600 +SubmissionKeyCloakSettings__Server=keycloak:8080 +SubmissionKeyCloakSettings__Protocol=http +SubmissionKeyCloakSettings__Realm=Dare-Control +SubmissionKeyCloakSettings__AutoTrustKeycloakCert=false +SubmissionKeyCloakSettings__ValidIssuer= +SubmissionKeyCloakSettings__ValidAudience= + + +# ============================================================================== +# Data Egress +# ============================================================================== + +DataEgressAPISettings__Address=http://DataEgressAPI:8080 + +DataEgressKeyCloakSettings__Authority=http://keycloak:8080/realms/Data-Egress/.well-known/openid-configuration +DataEgressKeyCloakSettings__MetadataAddress=http://keycloak:8080/realms/Data-Egress/.well-known/openid-configuration +DataEgressKeyCloakSettings__BaseUrl=http://keycloak:8080/realms/Data-Egress +DataEgressKeyCloakSettings__ClientId=Data-Egress-API +DataEgressKeyCloakSettings__ClientSecret=81c1f071-8c45-49ef-a966-84ca8f420b7e +DataEgressKeyCloakSettings__ValidAudiences=Data-Egress-UI,Data-Egress-API +DataEgressKeyCloakSettings__UseRedirectURL=false +DataEgressKeyCloakSettings__BypassProxy="DataEgressUI,treAPI,seq-tre" + + +# ============================================================================== +# Credential API +# ============================================================================== + +CredentialAPISettingsStartWebhookUrl=http://connectors:8080/inbound/StartCredentials +CredentialAPISettingsRevokeWebhookUrl=http://connectors:8080/inbound/RevokeCredentials + + +# ============================================================================== +# Agent / TES Execution +# ============================================================================== + +AgentSettings__TESKOutputBucketPrefix=s3:// +AgentSettings__UseTESK=false +AgentSettings__UseRabbit=false +AgentSettings__TESKAPIURL= + + +# ============================================================================== +# Hutch +# ============================================================================== + +Hutch__DbServer=theserver +Hutch__DbName=theDb +Hutch__DbPort=24 + + +# ============================================================================== +# Jobs & Scheduling +# ============================================================================== + +JobSettings__scanSchedule=1 +JobSettings__syncSchedule=2 +EnableExternalHangfire=false + + +# ============================================================================== +# Logging +# ============================================================================== + +Serilog__SeqServerUrl=http://seq:5341 + diff --git a/AllInOne/config/ldap.env b/AllInOne/config/ldap.env new file mode 100644 index 0000000..12ec767 --- /dev/null +++ b/AllInOne/config/ldap.env @@ -0,0 +1,8 @@ +# LDAP settings +LdapSettings__Host=openldap +LdapSettings__Port=389 +LdapSettings__AdminDn=cn=admin,dc=camundaephemeral,dc=local +LdapSettings__AdminPassword=admin +LdapSettings__BaseDn=dc=camundaephemeral,dc=local +LdapSettings__UserOu=ou=Users +LdapSettings__UseSSL=false diff --git a/AllInOne/config/minio.env b/AllInOne/config/minio.env new file mode 100644 index 0000000..848b4e7 --- /dev/null +++ b/AllInOne/config/minio.env @@ -0,0 +1,21 @@ +MINIO_IDENTITY_OPENID_DISPLAY_NAME=SSO_IDENTIFIER +MINIO_IDENTITY_OPENID_SCOPES=openid + +MinioOpenidSecret=8a11bbcd-693a-4549-bda4-3e978fcf4de1 +MinioIdentityIDURL=Dare-Control-Minio +MinioIdentityConfigURL=http://keycloak:8080/realms/Dare-Control/.well-known/openid-configuration + +MinioTreOpenidSecret=71ee3de3-0e0c-49c8-a0b2-c0e490c90591 +MinioTreIdentityID=Dare-TRE-Minio +MinioTreIdentityConfigURL=http://keycloak:8080/realms/Dare-TRE/.well-known/openid-configuration + +MinioTRESettings__Url=http://minioTRE:9000 +MinioTRESettings__AdminConsole=http://minioTRE:9001 +MinioTRESettings__AWSRegion=us-east-1 + +MinioSubSettings__Url=http://minioSubmission:9000 +MinioSubSettings__AdminConsole=http://minioSubmission:9001 +MinioSubSettings__BucketName=testbucket +MinioSubSettings__AWSRegion=us-east-1 + +MinioSettings__BucketName=testbucket diff --git a/AllInOne/config/postgres.env b/AllInOne/config/postgres.env new file mode 100644 index 0000000..0b740b1 --- /dev/null +++ b/AllInOne/config/postgres.env @@ -0,0 +1 @@ +POSTGRES_DB=DARE-Control \ No newline at end of file diff --git a/AllInOne/config/routes.env b/AllInOne/config/routes.env new file mode 100644 index 0000000..3d8cf77 --- /dev/null +++ b/AllInOne/config/routes.env @@ -0,0 +1,40 @@ +### routes.env +### This file contains the public URLs used by the stack, these should be +### customised for your domain and needs + +# ------------------------------------------------------------------------------- +# External routes + +MinioBrowser=http://localhost:9000 +#MinioServerApi=http://127.0.0.1:9000 + +# Where TESK or Funnel API is hosted: +TesAPIUrl=http://host.docker.internal:8000/v1/tasks + +# Hutch config +Hutch__HutchAPIAddress=https://localhost:7239 +MinioTRESettings__HutchMinioURLOverride= + +# Egress config +DataEgressKeyCloakSettings__RedirectURL=https//localhost:8100/ +DataEgressKeyCloakSettings__TokenExpiredAddress=http://localhost:8100/Account/LoginAfterTokenExpired + +# Submission config +SubmissionKeyCloakSettings__TokenExpiredAddress=http://localhost:8989/Account/LoginAfterTokenExpired +SubmissionKeyCloakSettings__RedirectURL=http://localhost:8989/ + +# Keycloak config +KeyCloakClientUIRediretURL=http://localhost:8888/ +KeyCloakTokenExpredAddressUI=http://localhost:8888/Account/LoginAfterTokenExpired + +# TRE config +TreKeyCloakSettings__RedirectURL=http://localhost:8989/ +TreKeyCloakSettings__TokenExpiredAddress=http://localhost:8989/Account/LoginAfterTokenExpired + +# TRE API config +TreAPIKeyCloakClientUIRediretURL=http://localhost:8989/ +TreAPIKeyCloakTokenExpredAddressUI=http://localhost:8989/Account/LoginAfterTokenExpired +URLSettingsFrontEnd__MinioUrl=localhost:9001 + +# Keycloak UI +KEYCLOAK_FRONTEND_URL=http://localhost:8085/auth \ No newline at end of file diff --git a/AllInOne/config/user.env b/AllInOne/config/user.env new file mode 100644 index 0000000..859e88a --- /dev/null +++ b/AllInOne/config/user.env @@ -0,0 +1,24 @@ +### user.env +### This file contains config users are likely to set for themselves, +### carefully read and select the options most suitable to you + +# Name the TRE +TreName=DEMO + +# Set to true if you'd like to simulate execution, otherwise default to false: +DemoMode = true + +# Allows Keycloak to not require https: +KeyCloakDemoMode=true + +# Outgoing proxy config (if needed) +useproxy=false +http_proxy=http://192.168.10.15:8080 +https_proxy=http://192.168.10.15:8080 +ProxyAddresURLForExternalFetch=http://192.168.10.15:8080 +proxyurl=http://192.168.10.15:8080 + +#If having issues with keycloak set this to false. +sslcookies=false +#If http only site set this to false +httpsRedirect=false \ No newline at end of file diff --git a/AllInOne/config/vault.env b/AllInOne/config/vault.env new file mode 100644 index 0000000..b89d556 --- /dev/null +++ b/AllInOne/config/vault.env @@ -0,0 +1,6 @@ +VaultSettings__BaseUrl=http://vault:8200 +VaultSettings__Token=dev-only-token +VaultSettings__TimeoutSeconds=30 +VaultSettings__SecretEngine=secret +VaultSettings__EnableRetry=true +VaultSettings__MaxRetryAttempts=3 diff --git a/AllInOne/config/zeebee.env b/AllInOne/config/zeebee.env new file mode 100644 index 0000000..d9df65e --- /dev/null +++ b/AllInOne/config/zeebee.env @@ -0,0 +1,6 @@ +ZeebeBootstrap__Client__GatewayAddress=orchestration:26500 +ZeebeBootstrap__Worker__MaxJobsActive=5 +ZeebeBootstrap__Worker__TimeoutInMilliseconds=500 +ZeebeBootstrap__Worker__PollIntervalInMilliseconds=50 +ZeebeBootstrap__Worker__PollingTimeoutInMilliseconds=1000 +ZeebeBootstrap__Worker__RetryTimeoutInMilliseconds=1000 diff --git a/AllInOne/docker-compose.yml b/AllInOne/docker-compose.yml index a90686f..c1f47b9 100644 --- a/AllInOne/docker-compose.yml +++ b/AllInOne/docker-compose.yml @@ -15,27 +15,13 @@ services: - 8989:8080 depends_on: - tre-api + env_file: + - config/internal.env + - config/routes.env + - config/user.env environment: - - TreAPISettings__InternalApiBaseUrl=http://treAPI:8080 - - TreAPISettings__PublicApiBaseUrl=http://localhost:8072 - - Serilog__SeqServerUrl=http://seq:5341 - - DemoMode=${DemoMode} - - KeyCloakDemoMode=${KeyCloakDemoMode} - - TreKeyCloakSettings__Authority=${TreKeyCloakAuthority} - - TreKeyCloakSettings__MetadataAddress=${TreKeyCloakMetadataAddress} - - TreKeyCloakSettings__BaseUrl=${TreKeyCloakBaseRealmAddress} - - TreKeyCloakSettings__ClientId=${TreKeyCloakClientId} - - TreKeyCloakSettings__ClientSecret=${TreKeyCloakSecret} - - TreKeyCloakSettings__ValidAudiences=${TreValidAudiences} - TreKeyCloakSettings__Proxy=${useproxy} - TreKeyCloakSettings__ProxyAddresURL=${proxyurl} - - sslcookies=${sslcookies} - - httpsRedirect=${httpsRedirect} - - TreKeyCloakSettings__AccountManagementURL=${TreAccountManagementURLUI} - - TreKeyCloakSettings__BypassProxy="treAPI,seq-tre" - - TreKeyCloakSettings__TokenExpiredAddress=${TreKeyCloakTokenExpredAddressUI} - - TreKeyCloakSettings__UseRedirectURL=${TreKeyCloakUseRedirect} - - TreKeyCloakSettings__RedirectURL=${TreKeyCloakClientUIRediretURL} tre-api: image: harbor.ukserp.ac.uk:443/dare-trefx/control-tre-api:${dareVer} @@ -63,98 +49,30 @@ services: condition: service_healthy orchestration: condition: service_healthy + env_file: + - config/creds.env + - config/internal.env + - config/minio.env + - config/routes.env + - config/user.env + - config/vault.env environment: - Features__DemoAllInOne=${DemoMode} - Features__EphemeralCredentials=true - - KeyCloakDemoMode=${KeyCloakDemoMode} - - DemoModeDefaultP=password123 - - ConnectionStrings__DefaultConnection=Server=postgres;Port=5432;Database=DARE-Tre;Include Error Detail=true;User Id=${PGLOGIN};Password=${PGPASSWORD};TrustServerCertificate=True; - - ConnectionStrings__CredentialsConnection=Server=postgres;Port=5432;Database=TRE_Credentials;Include Error Detail=true;User Id=${PGLOGIN};Password=${PGPASSWORD};TrustServerCertificate=True; - - RabbitMQ__HostAddress=rabbitmq - - Serilog__SeqServerUrl=http://seq:5341 - - DareAPISettings__Address=http://submissionAPI:8080 - - DataEgressAPISettings__Address=https://egressAPI:8080 - - EnableExternalHangfire=${EnableExternalHangfire} - - IgnoreHutchSSL=${IgnoreHutchSSL} - - TreKeyCloakSettings__Authority=${TreKeyCloakAuthority} - - TreKeyCloakSettings__MetadataAddress=${TreKeyCloakMetadataAddress} - - TreKeyCloakSettings__BaseUrl=${TreKeyCloakBaseRealmAddress} - - TreKeyCloakSettings__ClientId=${TreKeyCloakClientId} - - TreKeyCloakSettings__ClientSecret=${TreKeyCloakSecret} - - TreKeyCloakSettings__ValidAudiences=${TreValidAudiences} + - ConnectionStrings__DefaultConnection=Server=postgres;Port=5432;Database=DARE-Tre;Include Error Detail=true;User Id=${POSTGRES_USER};Password=${POSTGRES_PASSWORD};TrustServerCertificate=True; + - TreKeyCloakSettings__ClientId=Dare-TRE-API - TreKeyCloakSettings__Proxy=${useproxy} - - EnableExternalHangfire=true - TreKeyCloakSettings__ProxyAddresURL=${proxyurl} - - TreKeyCloakSettings__BypassProxy="treAPI,seq-tre" - - TreKeyCloakSettings__TokenExpiredAddress=${TreKeyCloakTokenExpredAddressUI} - - TreKeyCloakSettings__UseRedirectURL=${TreKeyCloakUseRedirect} - - TreKeyCloakSettings__RedirectURL=${TreKeyCloakClientUIRediretURL} - - DataEgressKeyCloakSettings__Authority=${EgressKeyCloakAuthority} - - DataEgressKeyCloakSettings__MetadataAddress=${EgressKeyCloakMetadataAddress} - - DataEgressKeyCloakSettings__BaseUrl=${EgressKeyCloakBaseRealmAddress} - - DataEgressKeyCloakSettings__ClientId=${EgressKeyCloakClientID} - - DataEgressKeyCloakSettings__ClientSecret=${EgressKeyCloakSecret} - - DataEgressKeyCloakSettings__ValidAudiences=${EgressValidAudiences} + - TreKeyCloakSettings__TokenExpiredAddress= - DataEgressKeyCloakSettings__Proxy=${useproxy} - DataEgressKeyCloakSettings__ProxyAddresURL=${proxyurl} - - DataEgressKeyCloakSettings__BypassProxy="DataEgressUI,treAPI,seq-tre" - - DataEgressKeyCloakSettings__TokenExpiredAddress=${EgressKeyCloakTokenExpredAddressUI} - - DataEgressKeyCloakSettings__UseRedirectURL=${EgressKeyCloakUseRedirect} - - DataEgressKeyCloakSettings__RedirectURL=${EgressKeyCloakClientUIRediretURL} - - SubmissionKeyCloakSettings__Authority=${SubmissionAPIKeyCloakAuthority} - - SubmissionKeyCloakSettings__MetadataAddress=${SubmissionAPIKeyCloakMetadataAddress} - - SubmissionKeyCloakSettings__BaseUrl=${SubmissionAPIKeyCloakBaseRealmAddress} - - SubmissionKeyCloakSettings__ClientId=${SubmissionAPIKeyCloakClientId} - - SubmissionKeyCloakSettings__ClientSecret=${SubmissionAPIKeyCloakSecret} - - SubmissionKeyCloakSettings__ValidAudiences=${SubmissionAPIValidAudiences} - SubmissionKeyCloakSettings__Proxy=${useproxy} - SubmissionKeyCloakSettings__ProxyAddresURL=${proxyurl} - - SubmissionKeyCloakSettings__BypassProxy="treAPI,seq-tre" - - SubmissionKeyCloakSettings__TokenExpiredAddress=${SubmissionAPIKeyCloakTokenExpredAddressUI} - - SubmissionKeyCloakSettings__UseRedirectURL=${SubmissionAPIKeyCloakUseRedirect} - - SubmissionKeyCloakSettings__RedirectURL=${SubmissionAPIKeyCloakClientUIRedirectURL} - - AgentSettings__UseTESK=${UseTESK} - - AgentSettings__UseRabbit=${UseRabbit} - - JobSettings__scanSchedule=${scanSchedule} - - JobSettings__syncSchedule=${syncSchedule} - - DataEgressAPISettings__Address=http://DataEgressAPI:8080 - - AgentSettings__TESKAPIURL=${TesAPIUrl} - - AgentSettings__TESKOutputBucketPrefix=${TesOutputBucketPrefix} - - TreName=${TreName} - - MinioTRESettings__Url=http://minioTRE:9000 - - MinioTRESettings__HutchURLOverride=${HutchMinioURLOverride} - - MinioTRESettings__AccessKey=${TreMinioAdminUser} - - MinioTRESettings__SecretKey=${TreMinioAdminPassword} - - MinioTRESettings__AdminConsole=http://minioTRE:9001 - - MinioSubSettings__Url=${submissionMinioUrl} - - MinioSubSettings__AccessKey=${MinioRootUser} - - MinioSubSettings__SecretKey=${MinioRootPass} - - MinioSubSettings__AdminConsole=${submissionMinioAdminConsole} - - MinioSubSettings__BucketName=testbucket - - MinioSubSettings__AWSRegion=us-east-1 - - MinioTRESettings__AWSRegion=us-east-1 - - Hutch__APIAddress=${HutchAPIAddress} - - Hutch__DbServer=${HutchDbServer} - - Hutch__DbName=${HutchDbName} - - Hutch__DbPort=${HutchDbPort} - CredentialAPISettings__StartWebhookUrl=${CredentialAPISettingsStartWebhookUrl} - CredentialAPISettings__RevokeWebhookUrl=${CredentialAPISettingsRevokeWebhookUrl} - - VaultSettings__BaseUrl=http://vault:8200 - - VaultSettings__Token=dev-only-token - - VaultSettings__TimeoutSeconds=30 - - VaultSettings__SecretEngine=secret - - VaultSettings__EnableRetry=true - - VaultSettings__MaxRetryAttempts=3 - DmnFilePath=app/ProcessModels - TreUISettings__Address=http://localhost:8989 - TreAPISettings__Address=http://localhost:8072 - # Zeebe settings - - ZeebeBootstrap__Client__GatewayAddress=orchestration:26500 - - ZeebeBootstrap__Worker__MaxJobsActive=5 - - ZeebeBootstrap__Worker__TimeoutInMilliseconds=500 - - ZeebeBootstrap__Worker__PollIntervalInMilliseconds=50 - - ZeebeBootstrap__Worker__PollingTimeoutInMilliseconds=1000 - - ZeebeBootstrap__Worker__RetryTimeoutInMilliseconds=1000 ###################################################### # DataEgress LAYER @@ -170,26 +88,15 @@ services: - 8100:8080 depends_on: - DataEgressAPI + env_file: + - config/internal.env + - config/minio.env + - config/routes.env + - config/user.env environment: - - DemoMode=${DemoMode} - - KeyCloakDemoMode=${KeyCloakDemoMode} - - Serilog__SeqServerUrl=http://seq:5341 - - DataEgressKeyCloakSettings__Authority=${EgressKeyCloakAuthority} - - DataEgressKeyCloakSettings__MetadataAddress=${EgressKeyCloakMetadataAddress} - - DataEgressKeyCloakSettings__BaseUrl=${EgressKeyCloakBaseRealmAddress} - - DataEgressKeyCloakSettings__ClientId=${EgressKeyCloakClientID} - - DataEgressKeyCloakSettings__ClientSecret=${EgressKeyCloakSecret} - - DataEgressKeyCloakSettings__ValidAudiences=${EgressValidAudiences} - DataEgressKeyCloakSettings__Proxy=${useproxy} - DataEgressKeyCloakSettings__ProxyAddresURL=${proxyurl} - - DataEgressKeyCloakSettings__BypassProxy=treAPI,seq-tre - - DataEgressKeyCloakSettings__TokenExpiredAddress=${EgressKeyCloakTokenExpredAddressUI} - - DataEgressKeyCloakSettings__UseRedirectURL=${EgressKeyCloakUseRedirect} - - DataEgressKeyCloakSettings__RedirectURL=${EgressKeyCloakClientUIRediretURL} - - DataEgressAPISettings__Address=http://DataEgressAPI:8080 - - MinioSettings__Url=http://localhost:9003 - - sslcookies=${sslcookies} - - httpsRedirect=${httpsRedirect} + - MinioSettings__Url=${MinioTRESettings__Url} DataEgressAPI: image: harbor.ukserp.ac.uk:443/dare-trefx/control-egress-api:${dareVer} @@ -206,43 +113,21 @@ services: condition: service_healthy keycloak: condition: service_healthy + env_file: + - config/creds.env + - config/internal.env + - config/minio.env + - config/user.env environment: - - DemoMode=${DemoMode} - - KeyCloakDemoMode=${KeyCloakDemoMode} - - DemoModeDefaultP=password123 - - ConnectionStrings__DefaultConnection=Server=postgres;Port=5432;Database=DATA-Egress;Include Error Detail=true;User Id=${PGLOGIN};Password=${PGPASSWORD};TrustServerCertificate=True; - - RabbitMQ__HostAddress=rabbitmq-tre - - Serilog__SeqServerUrl=http://seq:5341 - - TreKeyCloakSettings__Authority=${TreAPIKeyCloakAuthority} - - TreKeyCloakSettings__MetadataAddress=${TreAPIKeyCloakMetadataAddress} - - TreKeyCloakSettings__BaseUrl=${TreAPIKeyCloakBaseRealmAddress} - - TreKeyCloakSettings__ClientId=${TreAPIKeyCloakClientId} - - TreKeyCloakSettings__ClientSecret=${TreAPIKeyCloakSecret} - - TreKeyCloakSettings__ValidAudiences=${TreAPIValidAudiences} + - ConnectionStrings__DefaultConnection=Server=postgres;Port=5432;Database=DATA-Egress;Include Error Detail=true;User Id=${POSTGRES_USER};Password=${POSTGRES_PASSWORD};TrustServerCertificate=True; - TreKeyCloakSettings__Proxy=${useproxy} - TreKeyCloakSettings__ProxyAddresURL=${proxyurl} - - TreKeyCloakSettings__BypassProxy="treAPI,seq-tre" - - TreKeyCloakSettings__TokenExpiredAddress=${TreAPIKeyCloakTokenExpredAddressUI} - - TreKeyCloakSettings__UseRedirectURL=${TreKeyCloakUseRedirect} - - TreKeyCloakSettings__RedirectURL=${TreKeyCloakClientUIRediretURL} - - DataEgressKeyCloakSettings__Authority=${EgressKeyCloakAuthority} - - DataEgressKeyCloakSettings__MetadataAddress=${EgressKeyCloakMetadataAddress} - - DataEgressKeyCloakSettings__BaseUrl=${EgressKeyCloakBaseRealmAddress} - - DataEgressKeyCloakSettings__ClientId=${EgressKeyCloakClientID} - - DataEgressKeyCloakSettings__ClientSecret=${EgressKeyCloakSecret} - - DataEgressKeyCloakSettings__ValidAudiences=${EgressKeyCloakClientID} - DataEgressKeyCloakSettings__Proxy=${useproxy} - DataEgressKeyCloakSettings__ProxyAddresURL=${proxyurl} - - DataEgressKeyCloakSettings__BypassProxy="treAPI,seq-tre" - - DataEgressKeyCloakSettings__TokenExpiredAddress=${EgressKeyCloakTokenExpredAddressUI} - - DataEgressKeyCloakSettings__UseRedirectURL=${EgressKeyCloakUseRedirect} - - MinioSettings__Url=http://minioTRE:9000 - - MinioSettings__AccessKey=${TreMinioAdminUser} - - MinioSettings__SecretKey=${TreMinioAdminPassword} - - MinioSettings__BucketName=testbucket - - MinioSettings__AdminConsole=http://minioIn:9001 + - MinioSettings__Url=${MinioTRESettings__Url} + - MinioSettings__AdminConsole=${MinioTRESettings__AdminConsole} - TreAPISettings__Address=http://treapi:8080 - - DataEgressAPISettings__Address=http://DataEgressAPI:8100 + ###################################################### # SUBMISSION LAYER @@ -261,30 +146,18 @@ services: - submissionAPI volumes: - data-protection:/root/.aspnet/DataProtection-Keys + env_file: + - config/creds.env + - config/internal.env + - config/minio.env + - config/routes.env + - config/user.env environment: - - DemoMode=${DemoMode} - - KeyCloakDemoMode=${KeyCloakDemoMode} - - Serilog__SeqServerUrl=http://seq:5341 - KeyCloakSettings__Proxy=false - - DareAPISettings__Address=http://submissionAPI:8080 - DareAPISettings_HelpAddress=http://submissionAPI:8080 - FormIOSettings__UseInternal=true - SubmissionKeyCloakSettings__Proxy=${useproxy} - SubmissionKeyCloakSettings__ProxyAddresURL=${proxyurl} - - SubmissionKeyCloakSettings__BypassProxy="submissionAPI,seq" - - SubmissionKeyCloakSettings__TokenExpiredAddress=${KeyCloakTokenExpredAddressUI} - - SubmissionKeyCloakSettings__UseRedirectURL=${KeyCloakUseRedirect} - - SubmissionKeyCloakSettings__RedirectURL=${KeyCloakClientUIRediretURL} - - SubmissionKeyCloakSettings__ClientSecret=${SubmissionUIClientSecret} - - SubmissionKeyCloakSettings__AccountManagementURL=${SubmissionUIAccountManagementURL} - - SubmissionKeyCloakSettings__BaseUrl=${SubmissionUIKeyCloakBaseUrl} - - SuppressAntiforgery=${SuppressAntiforgery} - - SubmissionKeyCloakSettings__MetadataAddress=${SubmissionUIKeyCloakMetadataAddress} - - SubmissionKeyCloakSettings__Authority=${SubmissionUIKeyCloakAuthority} - - URLSettingsFrontEnd__QueryImage=${URLSettingsFrontEndQueryImage} - - URLSettingsFrontEnd__MinioUrl=${URLSettingsFrontEndMinioUrl} - - sslcookies=${sslcookies} - - httpsRedirect=${httpsRedirect} submissionAPI: image: harbor.ukserp.ac.uk:443/dare-trefx/control-main-api:${dareVer} @@ -312,38 +185,17 @@ services: condition: service_healthy minioSubmission: condition: service_healthy + env_file: + - config/creds.env + - config/internal.env + - config/minio.env + - config/user.env environment: - - DemoMode=${DemoMode} - - KeyCloakDemoMode=${KeyCloakDemoMode} - - ConnectionStrings__DefaultConnection=Server=postgres;Port=5432;Database=DARE-Control;Include Error Detail=true;User Id=${PGLOGIN};Password=${PGPASSWORD};TrustServerCertificate=True; - - RabbitMQ__HostAddress=rabbitmq - - Serilog__SeqServerUrl=http://seq:5341 - - MinioSettings__Url=http://minioSubmission:9000 - - MinioSettings__AccessKey=${MinioRootUser} - - MinioSettings__SecretKey=${MinioRootPass} - - MinioSettings__BucketName=testbucket - - SuppressAntiforgery=${SuppressAntiforgery} - - MinioSettings__AdminConsole=http://minioSubmission:9001 + - ConnectionStrings__DefaultConnection=Server=postgres;Port=5432;Database=DARE-Control;Include Error Detail=true;User Id=${POSTGRES_USER};Password=${POSTGRES_PASSWORD};TrustServerCertificate=True; + - MinioSettings__AdminConsole=${MinioSubSettings__AdminConsole} - SubmissionKeyCloakSettings__Proxy=${useproxy} - SubmissionKeyCloakSettings__ProxyAddresURL=${proxyurl} - SubmissionKeyCloakSettings__BypassProxy=minioSubmission,seq - - SubmissionKeyCloakSettings__TokenExpiredAddress=${KeyCloakTokenExpredAddressUI} - - SubmissionKeyCloakSettings__UseRedirectURL=${KeyCloakUseRedirect} - - SubmissionKeyCloakSettings__RedirectURL=${KeyCloakClientUIRediretURL} - - SubmissionKeyCloakSettings__BaseUrl=${SubmissionAPIKeyCloakBaseRealmAddress} - - SubmissionKeyCloakSettings__MetadataAddress=${SubmissionAPIKeyCloakMetadataAddress} - - SubmissionKeyCloakSettings__Authority=${SubmissionAPIKeyCloakAuthority} - - SubmissionKeyCloakSettings__ClientSecret=${SubmissionAPIKeyCloakSecret} - #- SubmissionKeyCloakSettings__RemoteSignOutPath=${SubmissionRemoteSignOutPath} - - SubmissionKeyCloakSettings__SignedOutRedirectUri=${SubmissionSignedOutRedirectUri} - - SubmissionKeyCloakSettings__TokenRefreshSeconds=${SubmissionTokenRefreshSeconds} - - SubmissionKeyCloakSettings__ValidAudiences=${SubmissionValidAudiences} - - SubmissionKeyCloakSettings__Server=${SubmissionServer} - - SubmissionKeyCloakSettings__Protocol=${SubmissionServerProtocol} - - SubmissionKeyCloakSettings__Realm=${SubmissionRealm} - - SubmissionKeyCloakSettings__AutoTrustKeycloakCert=${SubmissionAutoTrustKeycloakCert} - - SubmissionKeyCloakSettings__ValidIssuer=${SubmissionValidIssuer} - - SubmissionKeyCloakSettings__ValidAudience=${SubmissionValidAudience} ##################################################### # Credentials @@ -363,34 +215,14 @@ services: condition: service_healthy postgresql: condition: service_healthy + env_file: + - config/ldap.env + - config/vault.env + - config/zeebee.env environment: - Logging__LogLevel__Default=Information - Logging__LogLevel__Microsoft.AspNetCore=Warning - AllowedHosts=* - - Serilog__SeqServerUrl=http://seq:5341 - # Zeebe Bootstrap settings - - ZeebeBootstrap__Client__GatewayAddress=orchestration:26500 - - ZeebeBootstrap__Worker__MaxJobsActive=5 - - ZeebeBootstrap__Worker__TimeoutInMilliseconds=500 - - ZeebeBootstrap__Worker__PollIntervalInMilliseconds=50 - - ZeebeBootstrap__Worker__PollingTimeoutInMilliseconds=1000 - - ZeebeBootstrap__Worker__RetryTimeoutInMilliseconds=1000 - # LDAP settings - - LdapSettings__Host=openldap - - LdapSettings__Port=389 - - LdapSettings__AdminDn=cn=admin,dc=camundaephemeral,dc=local - - LdapSettings__AdminPassword=admin - - LdapSettings__BaseDn=dc=camundaephemeral,dc=local - - LdapSettings__UserOu=ou=Users - - LdapSettings__UseSSL=false - # Vault settings - - VaultSettings__BaseUrl=http://vault:8200 - - VaultSettings__Token=dev-only-token - - VaultSettings__TimeoutSeconds=30 - - VaultSettings__SecretEngine=secret - - VaultSettings__EnableRetry=true - - VaultSettings__MaxRetryAttempts=3 - - ConnectionStrings__CredentialsConnection=Server=postgres;Port=5432;Database=TRE_Credentials;Include Error Detail=true;User Id=${PGLOGIN};Password=${PGPASSWORD}; - ConnectionStrings__TREPostgresConnection=Server=${TRE_DATA_SERVER};Port=${TRE_DATA_PORT};Database=${TRE_DATA_DATABASE};Include Error Detail=true;User Id=${TRE_DATA_USER};Password=${TRE_DATA_PASSWORD}; ###################################################### @@ -399,25 +231,23 @@ services: keycloak: image: quay.io/keycloak/keycloak:26.0 container_name: keycloak + env_file: + - config/creds.env environment: KC_DB: postgres KC_DB_URL: jdbc:postgresql://postgres/keycloak - KC_DB_USERNAME: ${PGLOGIN} - KC_DB_PASSWORD: ${PGPASSWORD} + KC_DB_USERNAME: ${POSTGRES_USER} + KC_DB_PASSWORD: ${POSTGRES_PASSWORD} KC_HOSTNAME: http://localhost:8085 KC_HOSTNAME_PORT: 8085 KC_HOSTNAME_BACKCHANNEL_DYNAMIC: true #KC_HOSTNAME_STRICT: false #KC_HOSTNAME_STRICT_HTTPS: false - KEYCLOAK_FRONTEND_URL: http://localhost:8085/auth KC_LOG_LEVEL: info KC_METRICS_ENABLED: true KC_HEALTH_ENABLED: true KEYCLOAK_HEALTH_ENABLED: true KEYCLOAK_METRICS_ENABLED: true - # Admin credentials - KC_BOOTSTRAP_ADMIN_USERNAME: admin - KC_BOOTSTRAP_ADMIN_PASSWORD: admin networks: - sub-net command: start-dev --import-realm #--verbose @@ -447,10 +277,9 @@ services: image: postgres:17 container_name: postgres restart: always - environment: - - POSTGRES_USER=${PGLOGIN} - - POSTGRES_PASSWORD=${PGPASSWORD} - - POSTGRES_DB=DARE-Control + env_file: + - config/creds.env + - config/postgres.env networks: - sub-net ports: @@ -459,7 +288,7 @@ services: - "postgresql_data:/var/lib/postgresql/data" - ./init.sql:/docker-entrypoint-initdb.d/init.sql healthcheck: - test: ["CMD-SHELL", "pg_isready -q -U ${PGLOGIN} -d keycloak"] + test: ["CMD-SHELL", "pg_isready -q -U ${POSTGRES_USER} -d keycloak"] adminer: image: adminer @@ -468,10 +297,12 @@ services: - sub-net ports: - 8087:8080 + env_file: + - config/postgres.env environment: - ADMINER_DEFAULT_DB_DRIVER=psql - ADMINER_DEFAULT_DB_HOST=postgres - - ADMINER_DEFAULT_DB_NAME=postgres + - ADMINER_DEFAULT_DB_NAME=${POSTGRES_DB} depends_on: postgresql: condition: service_healthy @@ -514,16 +345,17 @@ services: depends_on: keycloak: condition: service_healthy + env_file: + - config/creds.env + - config/minio.env environment: - - MINIO_ROOT_USER=${MinioRootUser} - - MINIO_ROOT_PASSWORD=${MinioRootPass} + - MINIO_ROOT_USER=${MinioSettings__AccessKey} + - MINIO_ROOT_PASSWORD=${MinioSettings__SecretKey} - MINIO_BROWSER_REDIRECT_URL=http://localhost:9001 - MINIO_SERVER_URL=http://localhost:9000 - MINIO_IDENTITY_OPENID_CONFIG_URL=${MinioIdentityConfigURL} - MINIO_IDENTITY_OPENID_CLIENT_ID=${MinioIdentityID} - MINIO_IDENTITY_OPENID_CLIENT_SECRET=${MinioOpenidSecret} - - MINIO_IDENTITY_OPENID_DISPLAY_NAME=SSO_IDENTIFIER - - MINIO_IDENTITY_OPENID_SCOPES=openid - MINIO_IDENTITY_OPENID_REDIRECT_URI_DYNAMIC=off networks: - sub-net @@ -554,15 +386,16 @@ services: container_name: minioTRE restart: always command: server /data --console-address ":9001" + env_file: + - config/creds.env + - config/minio.env environment: - - MINIO_ROOT_USER=${MinioRootUser} - - MINIO_ROOT_PASSWORD=${MinioRootPass} + - MINIO_ROOT_USER=${MinioTRESettings__AccessKey} + - MINIO_ROOT_PASSWORD=${MinioTRESettings__SecretKey} - MINIO_BROWSER_REDIRECT_URL=http://localhost:9003 - MINIO_IDENTITY_OPENID_CONFIG_URL=${MinioTreIdentityConfigURL} - MINIO_IDENTITY_OPENID_CLIENT_ID=${MinioTreIdentityID} - MINIO_IDENTITY_OPENID_CLIENT_SECRET=${MinioTreOpenidSecret} - - MINIO_IDENTITY_OPENID_DISPLAY_NAME=SSO_IDENTIFIER - - MINIO_IDENTITY_OPENID_SCOPES=openid - MINIO_IDENTITY_OPENID_REDIRECT_URI_DYNAMIC=on networks: - sub-net @@ -704,8 +537,10 @@ services: restart: always ports: - "8200:8200" + env_file: + - config/vault.env environment: - - VAULT_DEV_ROOT_TOKEN_ID=dev-only-token + - VAULT_DEV_ROOT_TOKEN_ID=${VaultSettings__Token} - VAULT_DEV_LISTEN_ADDRESS=0.0.0.0:8200 - VAULT_ADDR=http://127.0.0.1:8200 volumes: @@ -730,12 +565,12 @@ services: openldap: image: osixia/openldap:1.5.0 container_name: openldap + env_file: + - config/creds.env environment: LDAP_LOG_LEVEL: "256" LDAP_ORGANISATION: "TRE Ephemeral Credentials" LDAP_DOMAIN: "camundaephemeral.local" - LDAP_ADMIN_PASSWORD: "admin" - LDAP_CONFIG_PASSWORD: "config" LDAP_TLS: "false" LDAP_ADD_LDIF_URL: "file:///container/service/slapd/assets/init.ldif" volumes: @@ -874,4 +709,4 @@ configs: type: elasticsearch elasticsearch: cluster-name: elasticsearch - url: "http://elasticsearch:9200" \ No newline at end of file + url: "http://elasticsearch:9200"