################################################################################
-# Copyright 2021 highstreet technologies GmbH
+# Copyright 2022 highstreet technologies GmbH
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
#
version: '3.8'
services:
+
identity:
image: ${IDENTITY_IMAGE}
container_name: identity
- ports:
- - ${IDENTITY_PORT}:${IDENTITY_PORT}
- environment:
- - KEYCLOAK_USER=${ADMIN_USERNAME}
- - KEYCLOAK_PASSWORD=${ADMIN_PASSWORD}
- - JAVA_OPTS=-Djboss.http.port=${IDENTITY_PORT}
- networks:
- dmz:
-
- topology:
- image: ${TOPOLOGY_IMAGE}
- container_name: topology
ports:
- - 3001:3001
+ - ${IDENTITY_PORT_HTTPS}:${IDENTITY_PORT_HTTPS}
+ environment:
+ - KEYCLOAK_HTTPS_PORT=${IDENTITY_PORT_HTTPS}
+ - KEYCLOAK_CREATE_ADMIN_USER=true
+ - KEYCLOAK_ADMIN_USER=${ADMIN_USERNAME}
+ - KEYCLOAK_ADMIN_PASSWORD=${ADMIN_PASSWORD}
+ - KEYCLOAK_MANAGEMENT_USER=${IDENTITY_MGMT_USERNAME}
+ - KEYCLOAK_MANAGEMENT_PASSWORD=${IDENTITY_MGMT_PASSWORD}
+ - KEYCLOAK_DATABASE_HOST=identitydb
+ - KEYCLOAK_DATABASE_NAME=keycloak
+ - KEYCLOAK_DATABASE_USER=keycloak
+ - KEYCLOAK_DATABASE_PASSWORD=keycloak
+ - KEYCLOAK_JDBC_PARAMS=sslmode=disable&connectTimeout=30000
+ - KEYCLOAK_PRODUCTION=false
+ - KEYCLOAK_ENABLE_TLS=true
+ - KEYCLOAK_TLS_KEYSTORE_FILE=/opt/bitnami/keycloak/certs/keystore.jks
+ - KEYCLOAK_TLS_TRUSTSTORE_FILE=/opt/bitnami/keycloak/certs/truststore.jks
+ - KEYCLOAK_TLS_KEYSTORE_PASSWORD=password
+ - KEYCLOAK_TLS_TRUSTSTORE_PASSWORD=changeit
+ # - JAVA_OPTS=-Djboss.http.port=${IDENTITY_PORT}
+ # - JAVA_OPTS=-Djboss.bind.address.private=[::1] -Djboss.bind.address=[::1] -Djava.net.preferIPv6Addresses=true -Djava.net.preferIPv4Stack=false
+ volumes:
+ - /etc/localtime:/etc/localtime:ro
+ - ./identity/standalone.xml:/opt/jboss/keycloak/standalone/configuration/standalone.xml
+ - ./identity/keystore.jks:/opt/bitnami/keycloak/certs/keystore.jks
+ - ./identity/truststoreONAPall.jks:/opt/bitnami/keycloak/certs/truststore.jks
+ depends_on:
+ - identitydb
+ networks:
+ - dmz
+
+ identitydb:
+ image: docker.io/bitnami/postgresql:13
+ container_name: identitydb
environment:
- - AUTH_ENABLED=true
- - AUTH_HOST_URL=${IDENTITY_PROVIDER_URL}
- # - AUTH_CONFIG_FILE
- - PROVIDERS=${TOPOLOGY_PROVIDERS}
- - LOAD_PACKAGES=com.highstreet
-
+ - ALLOW_EMPTY_PASSWORD=no
+ - POSTGRESQL_USERNAME=keycloak
+ - POSTGRESQL_DATABASE=keycloak
+ - POSTGRESQL_PASSWORD=keycloak
+ networks:
+ - dmz
+
+
persistence:
image: ${PERSISTENCE_IMAGE}
container_name: persistence
- zookeeper
- kafka
+ o-ran-sc-topology-service:
+ image: "${O_RAN_SC_TOPOLOGY_IMAGE}"
+ container_name: o-ran-sc-topology-service
+ hostname: o-ran-sc-topology-service
+ ports:
+ - 18181:8181
+ volumes:
+ - ./o-ran-sc-topology-service/tapi-common-operational.json:/opt/dev/deploy/data/tapi-common-operational.json
+ - ./o-ran-sc-topology-service/tapi-common-running.json:/opt/dev/deploy/data/tapi-common-running.json
+
+ wireshark:
+ image: "${WIRESHARK_IMAGE}"
+ container_name: wireshark
+ cap_add:
+ - NET_ADMIN
+ network_mode: host
+ environment:
+ - PUID=1000
+ - PGID=1000
+ - TZ=Europe/London
+ volumes:
+ - ./wireshark:/config
+ # no port mappbecause of network mode host.
+ # ports:
+ # - 3000:3000
+ restart: unless-stopped
networks:
dmz:
driver: bridge
Code Review / oam.git / blobdiff