Skoruba docker run: #252
Description
Question
I am unable to run on docker (debian)
docker-compose.yml
version: '3.8'
services:
admin-ui:
image: skoruba/duende-identityserver-admin:2.5.0
container_name: skoruba-admin-ui
restart: unless-stopped
environment:
- VIRTUAL_HOST=admin-sts.bliysa.com
- ASPNETCORE_ENVIRONMENT=Production
- AdminConfiguration__PageTitle=IS-Admin
- AdminConfiguration__FaviconUri=~/favicon.ico
- AdminConfiguration__IdentityAdminRedirectUri=https://admin-sts.bliysa.com/signin-oidc
- AdminConfiguration__IdentityServerBaseUrl=https://sts.bliysa.com
- AdminConfiguration__IdentityAdminCookieName=IdentityServerAdmin
- AdminConfiguration__IdentityAdminCookieExpiresUtcHours=12
- AdminConfiguration__RequireHttpsMetadata=true
- AdminConfiguration__TokenValidationClaimName=name
- AdminConfiguration__TokenValidationClaimRole=role
- AdminConfiguration__ClientId=admin.client
- AdminConfiguration__ClientSecret=01948049-90fc-7132-96a2-d3c390c31a51
- AdminConfiguration__OidcResponseType=code
- AdminConfiguration__Scopes__0=openid
- AdminConfiguration__Scopes__1=profile
- AdminConfiguration__Scopes__2=email
- AdminConfiguration__Scopes__3=roles
- AdminConfiguration__AdministrationRole=Admin
- ConnectionStrings__ConfigurationDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=P@8xK#mN9$$vL2^pH5qW;TrustServerCertificate=True;Timeout=30;ConnectRetryCount=3;ConnectRetryInterval=10
- ConnectionStrings__PersistedGrantDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=P@8xK#mN9$$vL2^pH5qW;TrustServerCertificate=True;Timeout=30;ConnectRetryCount=3;ConnectRetryInterval=10
- ConnectionStrings__IdentityDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=P@8xK#mN9$$vL2^pH5qW;TrustServerCertificate=True;Timeout=30;ConnectRetryCount=3;ConnectRetryInterval=10
- ConnectionStrings__AdminLogDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=P@8xK#mN9$$vL2^pH5qW;TrustServerCertificate=True;Timeout=30;ConnectRetryCount=3;ConnectRetryInterval=10
- ConnectionStrings__AdminAuditLogDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=P@8xK#mN9$$vL2^pH5qW;TrustServerCertificate=True;Timeout=30;ConnectRetryCount=3;ConnectRetryInterval=10
- ConnectionStrings__DataProtectionDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=P@8xK#mN9$$vL2^pH5qW;TrustServerCertificate=True;Timeout=30;ConnectRetryCount=3;ConnectRetryInterval=10
- DatabaseProviderConfiguration__ProviderType=SqlServer
depends_on:
db:
condition: service_healthy
networks:
- skoruba-network
admin-api:
image: skoruba/duende-identityserver-admin-api:2.5.0
container_name: skoruba-admin-api
restart: unless-stopped
environment:
- VIRTUAL_HOST=admin-api.bliysa.com
- ASPNETCORE_ENVIRONMENT=Production
- AdminApiConfiguration__ApiName=IS-Admin Api
- AdminApiConfiguration__ApiVersion=v1
- AdminApiConfiguration__ApiBaseUrl=https://admin-api.bliysa.com
- AdminApiConfiguration__IdentityServerBaseUrl=https://sts.bliysa.com
- AdminApiConfiguration__OidcSwaggerUIClientId=admin.client_api_swaggerui
- AdminApiConfiguration__OidcApiName=admin.client_api
- AdminApiConfiguration__AdministrationRole=Admin
- AdminApiConfiguration__RequireHttpsMetadata=true
- AdminApiConfiguration__CorsAllowAnyOrigin=false
- AdminApiConfiguration__CorsAllowOrigins__0=https://admin-sts.bliysa.com
- ConnectionStrings__ConfigurationDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=P@8xK#mN9$$vL2^pH5qW;TrustServerCertificate=True;Timeout=30;ConnectRetryCount=3;ConnectRetryInterval=10
- ConnectionStrings__PersistedGrantDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=P@8xK#mN9$$vL2^pH5qW;TrustServerCertificate=True;Timeout=30;ConnectRetryCount=3;ConnectRetryInterval=10
- ConnectionStrings__IdentityDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=P@8xK#mN9$$vL2^pH5qW;TrustServerCertificate=True;Timeout=30;ConnectRetryCount=3;ConnectRetryInterval=10
- ConnectionStrings__AdminLogDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=P@8xK#mN9$$vL2^pH5qW;TrustServerCertificate=True;Timeout=30;ConnectRetryCount=3;ConnectRetryInterval=10
- ConnectionStrings__AdminAuditLogDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=P@8xK#mN9$$vL2^pH5qW;TrustServerCertificate=True;Timeout=30;ConnectRetryCount=3;ConnectRetryInterval=10
depends_on:
db:
condition: service_healthy
networks:
- skoruba-network
sts-identity:
image: skoruba/duende-identityserver-sts-identity:2.5.0
container_name: skoruba-sts
restart: unless-stopped
environment:
- VIRTUAL_HOST=sts.bliysa.com
- ASPNETCORE_ENVIRONMENT=Production
- AdminConfiguration__PageTitle=Skoruba Duende IdentityServer
- AdminConfiguration__HomePageLogoUri=~/images/skoruba-icon.png
- AdminConfiguration__FaviconUri=~/favicon.ico
- AdminConfiguration__IdentityAdminBaseUrl=https://admin-sts.bliysa.com
- AdminConfiguration__AdministrationRole=Admin
- ConnectionStrings__ConfigurationDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=P@8xK#mN9$$vL2^pH5qW;TrustServerCertificate=True;Timeout=30;ConnectRetryCount=3;ConnectRetryInterval=10
- ConnectionStrings__PersistedGrantDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=P@8xK#mN9$$vL2^pH5qW;TrustServerCertificate=True;Timeout=30;ConnectRetryCount=3;ConnectRetryInterval=10
- ConnectionStrings__IdentityDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=P@8xK#mN9$$vL2^pH5qW;TrustServerCertificate=True;Timeout=30;ConnectRetryCount=3;ConnectRetryInterval=10
- ConnectionStrings__DataProtectionDbConnection=Server=db;Database=IdentityServerAdmin;User Id=sa;Password=P@8xK#mN9$$vL2^pH5qW;TrustServerCertificate=True;Timeout=30;ConnectRetryCount=3;ConnectRetryInterval=10
- DatabaseProviderConfiguration__ProviderType=SqlServer
- CertificateConfiguration__UseTemporarySigningKeyForDevelopment=false
- IdentityServerOptions__Events__RaiseErrorEvents=true
- IdentityServerOptions__Events__RaiseInformationEvents=true
- IdentityServerOptions__Events__RaiseFailureEvents=true
- IdentityServerOptions__Events__RaiseSuccessEvents=true
depends_on:
db:
condition: service_healthy
networks:
- skoruba-network
db:
image: mcr.microsoft.com/mssql/server:2022-latest
container_name: skoruba-db
restart: unless-stopped
environment:
- ACCEPT_EULA=Y
- MSSQL_SA_PASSWORD=P@8xK#mN9$$vL2^pH5qW
- MSSQL_MEMORY_LIMIT_MB=2048
volumes:
- type: volume
source: dbdata
target: /var/opt/mssql
healthcheck:
test: /opt/mssql-tools18/bin/sqlcmd -S localhost -U sa -P "P@8xK#mN9$$vL2^pH5qW" -Q "SELECT 1" || exit 1
interval: 30s
timeout: 30s
retries: 3
start_period: 120s
networks:
- skoruba-network
nginx-proxy:
image: nginx:alpine
container_name: nginx-proxy
restart: unless-stopped
ports:
- "8080:80"
- "8443:443"
volumes:
- type: bind
source: ./nginx/conf.d
target: /etc/nginx/conf.d
- type: bind
source: ./nginx/certs
target: /etc/nginx/certs
- type: bind
source: /etc/letsencrypt/live
target: /etc/letsencrypt/live
read_only: true
- type: bind
source: /etc/letsencrypt/archive
target: /etc/letsencrypt/archive
read_only: true
networks:
- skoruba-network
networks:
skoruba-network:
driver: bridge
volumes:
dbdata:
driver: local
Nginx.conf on /root/skoruba-admin/nginx/conf.d/skoruba.conf:
server {
listen 80;
server_name sts.bliysa.com admin-sts.bliysa.com admin-api.bliysa.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name sts.bliysa.com;
ssl_certificate /etc/letsencrypt/live/sts.bliysa.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/sts.bliysa.com/privkey.pem;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5;
location / {
proxy_pass http://skoruba-sts:80;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
server {
listen 443 ssl;
server_name admin-sts.bliysa.com;
ssl_certificate /etc/letsencrypt/live/admin-sts.bliysa.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/admin-sts.bliysa.com/privkey.pem;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5;
location / {
proxy_pass http://skoruba-admin-ui:80;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
server {
listen 443 ssl;
server_name admin-api.bliysa.com;
ssl_certificate /etc/letsencrypt/live/admin-api.bliysa.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/admin-api.bliysa.com/privkey.pem;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5;
location / {
proxy_pass http://skoruba-admin-api:80;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
Where i am wrong ?
SSL has been created correctly