From 297864c0cfab919bd03d0d71950b5b9fcdf8fa95 Mon Sep 17 00:00:00 2001 From: DragonSlayer_14 Date: Tue, 10 Feb 2026 17:33:11 +0100 Subject: [PATCH] =?UTF-8?q?F=C3=BCgt=20docker-compose=20hinzu?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- docker-compose.yaml | 81 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 81 insertions(+) create mode 100644 docker-compose.yaml diff --git a/docker-compose.yaml b/docker-compose.yaml new file mode 100644 index 0000000..4308e8b --- /dev/null +++ b/docker-compose.yaml @@ -0,0 +1,81 @@ +services: + zitadel: + restart: unless-stopped + image: ghcr.io/zitadel/zitadel:latest + command: start-from-init --masterkey ${MASTERKEY} + environment: + # See "What's next" to learn about how to serve Zitadel on a different domain or IP. + ZITADEL_EXTERNALDOMAIN: ${ZITADEL_EXTERNALDOMAIN:-localhost} + + # See "What's next" to learn about how to enable TLS. + ZITADEL_EXTERNALSECURE: ${ZITADEL_EXTERNALSECURE:-false} + ZITADEL_TLS_ENABLED: ${ZITADEL_TLS_ENABLED:-false} + + # Database connection settings. + ZITADEL_DATABASE_POSTGRES_HOST: ${ZITADEL_DATABASE_POSTGRES_HOST:-db} + ZITADEL_DATABASE_POSTGRES_PORT: ${ZITADEL_DATABASE_POSTGRES_PORT:-5432} + # The database is created by the init job if it does not exist. + ZITADEL_DATABASE_POSTGRES_DATABASE: ${ZITADEL_DATABASE_POSTGRES_DATABASE:-zitadel} + # The admin user must already exist in the database. + ZITADEL_DATABASE_POSTGRES_ADMIN_USERNAME: ${ZITADEL_DATABASE_POSTGRES_ADMIN_USERNAME:-postgres} + ZITADEL_DATABASE_POSTGRES_ADMIN_PASSWORD: ${ZITADEL_DATABASE_POSTGRES_ADMIN_PASSWORD:-postgres} + ZITADEL_DATABASE_POSTGRES_ADMIN_SSL_MODE: ${ZITADEL_DATABASE_POSTGRES_ADMIN_SSL_MODE:-disable} + # The zitadel user is created by the init job if it does not exist. + ZITADEL_DATABASE_POSTGRES_USER_USERNAME: ${ZITADEL_DATABASE_POSTGRES_USER_USERNAME:-zitadel} + ZITADEL_DATABASE_POSTGRES_USER_PASSWORD: ${ZITADEL_DATABASE_POSTGRES_USER_PASSWORD:-zitadel} + ZITADEL_DATABASE_POSTGRES_USER_SSL_MODE: ${ZITADEL_DATABASE_POSTGRES_USER_SSL_MODE:-disable} + + # By configuring a login application, the setup job creates a user of type machine with the role IAM_LOGIN_CLIENT. + # It writes a PAT to the path specified in ZITADEL_FIRSTINSTANCE_LOGINCLIENTPATPATH. + # The PAT is passed to the login container via the environment variable ZITADEL_SERVICE_USER_TOKEN_FILE. + ZITADEL_FIRSTINSTANCE_LOGINCLIENTPATPATH: /current-dir/login-client.pat + ZITADEL_FIRSTINSTANCE_ORG_HUMAN_PASSWORDCHANGEREQUIRED: true + ZITADEL_FIRSTINSTANCE_ORG_LOGINCLIENT_MACHINE_USERNAME: login-client + ZITADEL_FIRSTINSTANCE_ORG_LOGINCLIENT_MACHINE_NAME: Automatically Initialized IAM_LOGIN_CLIENT + ZITADEL_FIRSTINSTANCE_ORG_LOGINCLIENT_PAT_EXPIRATIONDATE: '2029-01-01T00:00:00Z' + # Activate the login v2 on an installation from scratch. + # To activate the login v2 on an existing installation, read the "What's next" section. + ZITADEL_DEFAULTINSTANCE_FEATURES_LOGINV2_REQUIRED: true # To use the login v1, set this to false. + ZITADEL_DEFAULTINSTANCE_FEATURES_LOGINV2_BASEURI: http://localhost:3000/ui/v2/login + # Configure the redirection paths to the login v2. + ZITADEL_OIDC_DEFAULTLOGINURLV2: http://localhost:3000/ui/v2/login/login?authRequest= + ZITADEL_OIDC_DEFAULTLOGOUTURLV2: http://localhost:3000/ui/v2/login/logout?post_logout_redirect= + ZITADEL_SAML_DEFAULTLOGINURLV2: http://localhost:3000/ui/v2/login/login?samlRequest= + + healthcheck: + test: + - CMD + - /app/zitadel + - ready + interval: 10s + timeout: 60s + retries: 5 + start_period: 10s + volumes: + - zitadel-data:/current-dir + ports: + - 8080:8080 + - 3000:3000 + networks: + - zitadel + + login: + restart: unless-stopped + image: ghcr.io/zitadel/zitadel-login:latest + # If you can't use the network_mode service:zitadel, you can pass the environment variables ZITADEL_API_URL=http://zitadel:8080 and CUSTOM_REQUEST_HEADERS=Host:localhost instead. + environment: + - NEXT_PUBLIC_BASE_PATH=/ui/v2/login + - ZITADEL_SERVICE_USER_TOKEN_FILE=/current-dir/login-client.pat + network_mode: service:zitadel + volumes: + - zitadel-data:/current-dir:ro + depends_on: + zitadel: + condition: service_healthy + restart: false + +networks: + zitadel: + +volumes: + zitadel-data: