os2loop/docker-compose.server.oidc.yml at main · itk-dev/os2loop · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
# Use this file to enable test OIDC login on a test server, e.g.
#
# ``` sh
# # .env.docker.local
# COMPOSE_FILES=…,docker-compose.server.oidc.yml
# ```

services:
  idp-employee:
    image: ghcr.io/geigerzaehler/oidc-provider-mock:latest
    networks:
      - app
      - frontend
    labels:
      - "traefik.enable=true"
      - "traefik.docker.network=frontend"
      - "traefik.http.routers.idp-employee_${COMPOSE_PROJECT_NAME}-http.rule=Host(`idp-employee.${COMPOSE_SERVER_DOMAIN}`)"
      - "traefik.http.routers.idp-employee_${COMPOSE_PROJECT_NAME}-http.entrypoints=web"
      - "traefik.http.routers.idp-employee_${COMPOSE_PROJECT_NAME}-http.middlewares=redirect-to-https"
      - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
      - "traefik.http.routers.idp-employee_${COMPOSE_PROJECT_NAME}.rule=Host(`idp-employee.${COMPOSE_SERVER_DOMAIN}`)"
      - "traefik.http.routers.idp-employee_${COMPOSE_PROJECT_NAME}.entrypoints=websecure"
      - "traefik.http.services.idp-employee_${COMPOSE_PROJECT_NAME}.loadbalancer.server.port=9400"
    command:
      [
        "--user-claims",
        '{"sub": "user", "email": "user@example.com", "groups": ["authenticated"]}',
        "--user-claims",
        '{"sub": "administrator", "email": "administrator@example.com", "groups": ["os2loop_user_administrator"]}',
        "--user-claims",
        '{"sub": "user_administrator", "email": "user_administrator@example.com", "groups": ["os2loop_user_user_administrator"]}',
        "--user-claims",
        '{"sub": "manager", "email": "manager@example.com", "groups": ["os2loop_user_manager"]}',
        "--user-claims",
        '{"sub": "documentation_coordinator", "email": "documentation_coordinator@example.com", "groups": ["os2loop_user_documentation_coordinator"]}',
        "--user-claims",
        '{"sub": "document_collection_editor", "email": "document_collection_editor@example.com", "groups": ["os2loop_user_document_collection_editor"]}',
        "--user-claims",
        '{"sub": "document_author", "email": "document_author@example.com", "groups": ["os2loop_user_document_author"]}',
        "--user-claims",
        '{"sub": "external_sources_editor", "email": "external_sources_editor@example.com", "groups": ["os2loop_user_external_sources_editor"]}',
        "--user-claims",
        '{"sub": "post_author", "email": "post_author@example.com", "groups": ["os2loop_user_post_author"]}',
        "--user-claims",
        '{"sub": "read_only", "email": "read_only@example.com", "groups": ["os2loop_user_read_only"]}',
      ]