-
Notifications
You must be signed in to change notification settings - Fork 31
/
Copy pathdocker-compose-wallet.yml
111 lines (105 loc) · 4.66 KB
/
docker-compose-wallet.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
#
# SecureKey Technologies Inc. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
version: '3'
services:
router.agent.example.com:
container_name: router.agent.example.com
image: ${HUB_ROUTER_IMAGE}:${HUB_ROUTER_IMAGE_TAG}
environment:
- HUB_ROUTER_HOST_URL=${DIDCOMM_ROUTER_HOST}:${DIDCOMM_ROUTER_API_PORT}
- HUB_ROUTER_TLS_CACERTS=/etc/tls/trustbloc-dev-ca.crt
- HUB_ROUTER_TLS_SYSTEMCERTPOOL=true
- HUB_ROUTER_TLS_SERVE_CERT=/etc/tls/trustbloc.local.crt
- HUB_ROUTER_TLS_SERVE_KEY=/etc/tls/trustbloc.local.key
- HUB_ROUTER_DIDCOMM_HTTP_HOST=${DIDCOMM_ROUTER_HOST}:${DIDCOMM_ROUTER_HTTP_INBOUND_PORT}
- HUB_ROUTER_DIDCOMM_HTTP_HOST_EXTERNAL=https://router.trustbloc.local
- HUB_ROUTER_DIDCOMM_WS_HOST=${DIDCOMM_ROUTER_HOST}:${DIDCOMM_ROUTER_WS_INBOUND_PORT}
- HUB_ROUTER_DIDCOMM_WS_HOST_EXTERNAL=wss://router.trustbloc.local:${DIDCOMM_ROUTER_WS_INBOUND_PORT}
- HUB_ROUTER_DSN_PERSISTENT=mysql://hubrouter:hubrouter-secret-pw@tcp(mysql:3306)/
- HUB_ROUTER_DSN_TRANSIENT=mysql://hubrouter:hubrouter-secret-pw@tcp(mysql:3306)/
- HUB_ROUTER_DSN_TIMEOUT=120
- VIRTUAL_HOST=router.trustbloc.local
- VIRTUAL_PORT=${DIDCOMM_ROUTER_HTTP_INBOUND_PORT}
- VIRTUAL_PROTO=https
ports:
- ${DIDCOMM_ROUTER_API_PORT}:${DIDCOMM_ROUTER_API_PORT}
- ${DIDCOMM_ROUTER_HTTP_INBOUND_PORT}:${DIDCOMM_ROUTER_HTTP_INBOUND_PORT}
- ${DIDCOMM_ROUTER_WS_INBOUND_PORT}:${DIDCOMM_ROUTER_WS_INBOUND_PORT}
entrypoint: ""
command: /bin/sh -c "hub-router start"
volumes:
- ../keys/tls:/etc/tls
networks:
- demo_demo-net
user.agent.example.com:
container_name: user.agent.example.com
image: ${USER_AGENT_SUPPORT_IMAGE}:${USER_AGENT_SUPPORT_IMAGE_tag}
environment:
- AGENT_UI_URL=https://myagent.trustbloc.local
- HTTP_SERVER_HOST_URL=0.0.0.0:8092
- VIRTUAL_HOST=myagent-support.trustbloc.local
- HTTP_SERVER_HUB_AUTH_URL=https://auth-rest.trustbloc.local
- HTTP_SERVER_OIDC_OPURL=https://auth-rest-hydra.trustbloc.local:11201/
- HTTP_SERVER_OIDC_CLIENTID=user-agent
- HTTP_SERVER_OIDC_CLIENTSECRET=user-agent-secret
- HTTP_SERVER_OIDC_CALLBACK=https://myagent-support.trustbloc.local/oidc/callback
- HTTP_SERVER_DEP_MAXRETRIES=180
- HTTP_SERVER_COOKIE_AUTH_KEY=/etc/keys/session_cookies/auth.key
- HTTP_SERVER_COOKIE_ENC_KEY=/etc/keys/session_cookies/enc.key
- TLS_CACERTS=/etc/keys/tls/trustbloc-dev-ca.crt
- ARIESD_LOG_LEVEL=DEBUG
# TODO configure this (added dummy values as to unblock -
# ref https://github.com/trustbloc/edge-agent/pull/482/files#diff-0325567f17eab8064d99ba9a4ac40c08a40d423010c14d597c0ab8eae6e62ce1R78-R80)
- HTTP_SERVER_RP_DISPLAY_NAME=trustbloc
- HTTP_SERVER_RP_ORIGIN_NAME=https://myagent.trustbloc.local
- HTTP_SERVER_RP_ID=myagent.trustbloc.local
- HTTP_SERVER_AUTHZ_KMS_URL=https://oathkeeper-auth-keyserver.trustbloc.local
- HTTP_SERVER_OPS_KMS_URL=https://oathkeeper-ops-keyserver.trustbloc.local
- HTTP_SERVER_KEY_EDV_URL=https://edv-oathkeeper-proxy.trustbloc.local/encrypted-data-vaults
- HTTP_SERVER_USER_EDV_URL=https://edv-oathkeeper-proxy.trustbloc.local/encrypted-data-vaults
- [email protected]:8093
- ARIESD_INBOUND_HOST_EXTERNAL=http@https://user.agent.example.com:8093
- ARIESD_DEFAULT_LABEL=user-agent
- ARIESD_DATABASE_TYPE=mysql
- ARIESD_DATABASE_PREFIX=edgeagent_usragdb
- ARIESD_DATABASE_TIMEOUT=60
- ARIESD_DATABASE_URL=edgeagent:edgeagent-secret-pw@tcp(mysql:3306)/
ports:
- 8092:8092
volumes:
- ../keys:/etc/keys
command: start
networks:
- demo_demo-net
user.ui.agent.example.com:
container_name: user.ui.agent.example.com
image: ${USER_AGENT_IMAGE}:${USER_AGENT_IMAGE_TAG}
volumes:
- ../keys/tls:/etc/nginx/certs
ports:
- 8091:443
environment:
- TLS_CERT=/etc/nginx/certs/trustbloc.local.crt
- TLS_KEY=/etc/nginx/certs/trustbloc.local.key
- VIRTUAL_HOST=myagent.trustbloc.local
- HTTP_RESOLVER_URL=${HTTP_RESOLVER}
- AGENT_DEFAULT_LABEL=user-agent
- BLOC_DOMAIN=${BLOC_DOMAIN}
- EDGE_AGENT_SERVER=https://myagent-support.trustbloc.local
- WALLET_MEDIATOR_URL=${WALLET_ROUTER_URL}
- BLINDED_ROUTING=${SUPPORT_BLINDED_ROUTING}
- EDV_SERVER_URL=https://edv-oathkeeper-proxy.trustbloc.local/encrypted-data-vaults
- STORAGE_TYPE=edv
- USE_EDV_CACHE=true
- EDV_CLEAR_CACHE=10m
- KMS_TYPE=webkms
- USE_EDV_BATCH=true
- LOG_LEVEL=WARNING
networks:
- demo_demo-net
networks:
demo_demo-net:
external: true