Skip to content
Snippets Groups Projects
Commit 757ba11d authored by BITARD Michaël's avatar BITARD Michaël Committed by BITARD Michaël
Browse files

feat(infra): déploie la dev sur ecoCompose

parent cf231ac5
No related branches found
No related tags found
No related merge requests found
.dev.env 0 → 100644
ENV=ENC[AES256_GCM,data:N8MX,iv:wN0q6jCrrccSfV4o+PZUHt9Zb8OvSlGTENyvAWgPqp4=,tag:onil8sHwTAC+B3HYDGLEqQ==,type:str]
#ENC[AES256_GCM,data:zYlhfu8=,iv:r/Q4pHaS5jsNJH27RJar1jV0uKFnxaQ1KfNdaoRDN2I=,tag:5yvtSX/w18W4dajyLozjeQ==,type:comment]
NODE_ENV=ENC[AES256_GCM,data:zyJ5Yq+qPMZJsg==,iv:WTfqlNMebb6slFO5nDw1pbKLc+Ct1FtJgLWYyEp1MTs=,tag:KJZOzZPAbWNq6wqFywAv1A==,type:str]
API_PORT=ENC[AES256_GCM,data:EwL97A==,iv:dEpskgI6IqW5ILqJ5kVYRbPh1q1pihuiN8lVizMdGDU=,tag:r1ik8NXnjZo/A2IA+ctYeA==,type:str]
UI_PORT=ENC[AES256_GCM,data:vRSbPA==,iv:nmsZ5BMdeYqaAVs/MLblIIzskLkKfJ+3N02oCnl2sx0=,tag:Oc7q/xdHFBKBzLE4UZGeRA==,type:str]
DOC_PORT=ENC[AES256_GCM,data:TUQ=,iv:mc06CqoBYv9gG7/9dPt1Pe6QedKVXz89y8SuowX3NPw=,tag:9HHc6jan6eJ9YNzhJOcYEQ==,type:str]
STORYBOOK_PORT=ENC[AES256_GCM,data:N38=,iv:6jI750lQ986UAQAevbr4h5ityByrHnJkMtdnuAO5KDc=,tag:A2ADpHLy/nXv1IEnqd5AqQ==,type:str]
OAUTH_PORT=ENC[AES256_GCM,data:A0fWbA==,iv:cQvYWgpZepiYJKCxYL9e7vjlTif8B1YpSzCPSiwR+c4=,tag:c9PtKq27Og8l282XSfAP1A==,type:str]
KEYCLOAK_PORT=ENC[AES256_GCM,data:FHTEnQ==,iv:zhgTJX3oLYT8LJIRSvWouvIfioqALROiVunOgHoq37Y=,tag:d2lQkKpMS+RSRIR2j8y+Zg==,type:str]
#ENC[AES256_GCM,data:9VfKVtjSfZa8x4WDSnBBvguze0YbBFDrjfs8/s1t448=,iv:nX8M12I3amp23KzLoet4f6rKpPj+G/+jZqcjW2SsR0U=,tag:Mj2bvaZGrStnuO65TiGlJQ==,type:comment]
API_HOST=ENC[AES256_GCM,data:ppxHo1M8nlI90oTfeA6oO+VgUsWJkP4FTMYR,iv:SzlwqJYigBtIFouczmzN6xhoxwPSPmhTzQ1mAwOcetY=,tag:JqaIngvJh7Yh1jF4kpWDyw==,type:str]
API_URL=ENC[AES256_GCM,data:h7Mxr+oQuCbMb7+SJRBVgV7fBYwrut3IfHNJKRSb5cXI/OE=,iv:JJwWodtCKeono5ibWgB79VPmJBZc7sqoXolnpc4R8iQ=,tag:DBn3XXBgSJO5ABcC4pYaWQ==,type:str]
OAUTH_HOST=ENC[AES256_GCM,data:kSNIWC4FOEnyKvkEnXVmY1ydZSOQRrk=,iv:zyzeIgntrpPVyTxToYJW4GSnK5V0sQZ1Mz9H1wZaNTc=,tag:5A2AQfPkWoi6+V83bL+F1w==,type:str]
OAUTH_URL=ENC[AES256_GCM,data:bx5FezRC7UFYSErz2uCUNy4lJWRsJGtfzG2kWRhNuA==,iv:xfiKz99yQAUoLSwa9e5xocsZ5+qwqIMwzwZT0G43uX0=,tag:w32d39xq/P92PG7/pu39+w==,type:str]
KEYCLOAK_HOST=ENC[AES256_GCM,data:ak53fW32qxbBegx/WUPh8B9yLNRbURJOTUXAMw==,iv:s//sTsTo9Zl8uNSmOqFkgz3BP8VeStjAfOoHpKEzuCg=,tag:8g2v3lQow4JlX408nDK+oA==,type:str]
KEYCLOAK_LOGOUT_URL=ENC[AES256_GCM,data:DFhtPXleDN46k7RWWmnervHVv/zp5TlNm1a44YW7nbjVLnCfWjkrMzQhL4wOdW2VLpHXgW31vJnRqFyNxaJzrengL3ESR1Vq1R+G5islO/ix,iv:pYfocQ7iyDmOQtfYYdiT7MvqqcZ3nSUTwfnrOkJqgcY=,tag:FlQNoQNwZBgBOr2cqtdH+Q==,type:str]
KEYCLOAK_RESET_PASSWORD_URL=ENC[AES256_GCM,data:ZKyg9hGKhUEL9X2cU4gGA+372d59hyzv0REmLK1aq2cRDCyzsEfYXUhDP5mtWkNLJt/DAYh47kFxhrNA/rY2SSdHmzenMl4C+kSlxrpy7g==,iv:zzaZbnKdaJbOn+QyxdzDAGC0uOhboyLIgxzrtYTzu7E=,tag:w7VLAX/1kp0J9jEVmGeMhA==,type:str]
#ENC[AES256_GCM,data:irtfoU6eSKIgpR4=,iv:jfaGO1DIiwt8Fm4Cxdsw1nIqQ3AZMj1+TgpzNsUsyr0=,tag:Bf6JbP847HD78g/F8yaMOg==,type:comment]
#ENC[AES256_GCM,data:oT8n6oflUz2BuOIauQGLvwnoJchmnEQ+9O+4T7/Rhj4uTGSii2VAZ5/v/ugEH48Bs+lGZekbRRAboDMpj6eY32+7h0rALBd6CQT19qDylXTkyikGEfZ2lwFaGGaMlHk=,iv:MAAkymqlYNjHe06zpUcoQIeV/yUAgK+9vnb+L86jXRA=,tag:c5FWYnR7Ye9he31g4gEsrg==,type:comment]
JWT_SECRET=ENC[AES256_GCM,data:P6xGg58M9M1d6J4TN/Elj5EJpHt+b6wV5IjiL2XsZ2HEhS3i+nkB+q8aEp/vROCHkAGbVSjH0VcQke+fA0tDRMMQQCT8rikQPUHkZF2tYXdYdUZP0ln9IyupLR92QLp2J85JNchzEFAQ0Nsibcg504DypTzIldHEfuK18//Lv7qHu+0Xl29YMKFs8XU1Sjeat/tYtNRkhCmqB4Ae+3OeZUk2N7wyU9M8kTILCgT7OcSMkvQMyMMFIu+b1nlqmOsDTuZbjjDUfhFSebT+huFabNSJOg5pJvnUgpEn/AtmxlDlpcYLYQGvEDzj0i1PTCIi/yOLgEfwngYHRgW1rcMY+Edr+qkjUdbMrx924p7KCyTzcbSUWqH3WzUgVsKFrRyqlq9WAMPAdSHodVZK/On4rBneVLk1udxb6SvNXap6TPMG5+iphKMl9kLdpEJCcFiSr+SxsRuPPJRPTrHa3bBCUJYK7a9ymgs/uNaYxrwMxZ7Kvirn7aU+F0qyXjnWVhUinydJOu6LPDwag7LCA7UqlwCsj/Y/owXlyDduBOWv50hbTarUB00k3EGPVOz9lo8FnsXjMaSdhbpf2YK7X34=,iv:lt99zvzAZjsWqDYzTbG1THbRx8JHFXb8/78LJWc3f8c=,tag:qWLrwZbIG6/ErxNw5chlcQ==,type:str]
JWT_SECRET_ALGORITHM=ENC[AES256_GCM,data:djS5DLRONg==,iv:JYa3r7LbXm6CQttKaHcCNX5PjVMNGRcKt25mNyYFq94=,tag:y3bcFAYVoex958hbfzPkLQ==,type:str]
KEYCLOAK_CLIENT_ID=ENC[AES256_GCM,data:uNllqkao1wqz4g==,iv:89kRD6Xz7+LmlxGZOjeo13nqD+KkFg/JjW1DPLsVCIY=,tag:ieVtYRnz+9teU8wgJ+2Wlw==,type:str]
KEYCLOAK_CLIENT_SECRET=ENC[AES256_GCM,data:Ushno6bxzNd4Qsk3cyyWHX7sI29eTrKYVT63ND3EB6A=,iv:Mj6Y5lt3+aoP30M8JDeXae5GbohiYLJ+ek85rEjI7f0=,tag:2loKaAx3HNfxgziUgykPEQ==,type:str]
KEYCLOAK_API_CLIENT_ID=ENC[AES256_GCM,data:QUBathvfI+2jKw==,iv:uzAs9NbnrBLj5txWafFORnzB+wmxr+v4ci0qatSzsII=,tag:eUkBgJQFLvwYCF5neVF71Q==,type:str]
KEYCLOAK_API_CLIENT_SECRET=ENC[AES256_GCM,data:7RTAHs+Ygw3u7CPyMj6ZhNEmOvHSXdE7zyVLypGL51U=,iv:WFaLue/Stde/Eyi04Oob4J1sv2JBpgAr8fyt9iXi13s=,tag:6bnQ4VCdwwcVnSfhTfHTKg==,type:str]
KEYCLOAK_URL=ENC[AES256_GCM,data:dtlKooD1qdE/4Ltgjb1HI1Te03rnWWJJQrul1khmEivCBQUO,iv:hbOc0GAE9SH0IqtcMhx94KrMd4jRtCg0WByUmPmdsTs=,tag:8zQ3F0idT/NMqCNUesKoAQ==,type:str]
OAUTH2_COOKIE_SECRET=ENC[AES256_GCM,data:CsSeicRC/v10XsVLsoDunbP1kdbICTgt1MUK72x9FFYk8mXxUDNvgdRUK9Q=,iv:BjgbUYnsS3ePMsCGwlRnIGlk6+WrT3Cm+JmCHzRiKsI=,tag:/F8UobxuE/fJFyhEdFk2GQ==,type:str]
DOC_HOST=ENC[AES256_GCM,data:PIPQl0Kc2Kg8QopJ93c5AKOX8f3VbPZ3f/H50g==,iv:Co0JtqZD9avEcrPg6SvQh7q54qeG4iiCuH4MzZWUqmw=,tag:4W2q3TJCnDw4yy/w8hC5dg==,type:str]
DOC_URL=ENC[AES256_GCM,data:NVvHjw3nYXQL1j9wQR+b1YoJ/NbqyP2sFzXDPc2CNEbkCJpd,iv:yZ4AGY+Nj2vq6lZqW6Xy3mYoUMrJz+z7fXYLUY8bpuM=,tag:Hvj9hMN7ny1I+gtupLBqUQ==,type:str]
#ENC[AES256_GCM,data:VWYO6rWiueYM,iv:1sP4YbFXrjVfUwk29X4/9Yv0xggMYzag0BuIl2HbfZw=,tag:6Ijct5/Nu42rxYWe56t08w==,type:comment]
PGHOST=ENC[AES256_GCM,data:NnY13347+8Ne,iv:3DuhjgqPBJHrEoH0wML2DsXyun/gCDFLJ5pQm/6kvJ0=,tag:AdwuIoiR2/zE5p0elzYqkw==,type:str]
PGPORT=ENC[AES256_GCM,data:fXe0gg==,iv:YH+JdwqBrck+B+RZdAoWKKHduHvcFLfaN+zZBMKzbec=,tag:csaPwVOXLs1GwHnyNRi55g==,type:str]
PGDATABASE=ENC[AES256_GCM,data:Iqj6eb7P,iv:+OKwYFh1gmLRHJYfHDzVMrWM1pu6irLobMhr5fVot/c=,tag:GQGRydEjniXoVdMlVbhgjw==,type:str]
PGUSER=ENC[AES256_GCM,data:RlVDNV4yDWI=,iv:FHHNCNVIGv+GFgaD6LRffFbVJ/IL6qL6xnfSkcIntK8=,tag:qU9RHOLr3YIySdY4Dr/4WQ==,type:str]
PGPASSWORD=ENC[AES256_GCM,data:0RQzo6V7ixo=,iv:lKI8fSM5F3MeslqEBDCvwm2FL1+rg78+rNuhZWcdYis=,tag:DTZI13dO2dMh3c+KstKCfQ==,type:str]
#ENC[AES256_GCM,data:pJ1QNDsc,iv:Vl5SMP6O6MqsIQrSfAEY0VwKZA0LIwDC3QdMrnDasFg=,tag:iE8irhuVBM9jA0C42aj0ew==,type:comment]
ADMIN_EMAIL=ENC[AES256_GCM,data:nowzIsySXRGh0EC5ghWbHO+tew==,iv:lqw/oyOyHJOGCb65HubGEgOOi9wf7prrSwUsu3exvIA=,tag:JjepFmZiyKeI8HJ0sBUj5Q==,type:str]
#ENC[AES256_GCM,data:RqlsmsQ6R0zBKE4T,iv:eT/KiFGfFbOQiVXF2gGVYtB8QpgZxJXPi2Veye8gwqM=,tag:5iwSGeZ3IlzTMc1lya66Ew==,type:comment]
API_MAILJET_REPLY_TO_EMAIL=ENC[AES256_GCM,data:dSjnpsvi1vxLpR+Q72XMmbnQNA==,iv:qWS/+eYMQ1SQkoC8qhZs4ms0U+t465iS+PpmLCix8lk=,tag:0P5T3+GOYnzZ3imYow53pA==,type:str]
API_MAILJET_EMAIL=ENC[AES256_GCM,data:JPezOxrEEn0/nqKATontOc42jpv5oJTg0jNI,iv:9lsexACAHAmlRqa9EPuydCbrE1WLVZaGjPbCqin7V1k=,tag:ghzY4rV9HNYKlnf1sQcxug==,type:str]
API_MAILJET_KEY=ENC[AES256_GCM,data:Ytz3O+XKq34bFfZgh2aETyz6RNrdhlWfKnjY/aVoMx8=,iv:RxStZ6e63TNZfNjiSbq5nelsaHwCp8MqnvxjI8aUCuo=,tag:s3mjSKDM0JFfYZe9JHQyKw==,type:str]
API_MAILJET_SECRET=ENC[AES256_GCM,data:0N/h8yrsBztgnczDW5nCYDFxwj0ap7qSCa46w8SzaVE=,iv:b/Nr5kfNCO+p9T2BVIaULJZ5WpzhpehePlIsYAy12Ts=,tag:C4IkQFFAlo/OD5rqn64FEg==,type:str]
API_MAILJET_SERVER=ENC[AES256_GCM,data:C2/+PO4V/mgoyY0XKv53Fbs=,iv:M6QzHNsokd9Qj5mZMZzGAPtN9JnjUeEnyJcl7B1N0s8=,tag:7CKv+aQvDXymWNt97mbukw==,type:str]
API_MAILJET_CONTACTS_LIST_ID=ENC[AES256_GCM,data:vuMj6K8Z0sE=,iv:c9+MLzfvcEA5aRaGZgfmsFWB4A0F9YmhXWS402QgJPg=,tag:Oh6G2G7pe8EEq6qFHa5riA==,type:str]
API_MAILJET_EXPLOITANTS_GUYANE_LIST_ID=ENC[AES256_GCM,data:awXRRnNUbV0=,iv:+zZCviN7KT08MLxUSx8EB0GPtTo+NZt6mCqlC5pFFic=,tag:0IEcqQVZojB1AE0O23zlsQ==,type:str]
#ENC[AES256_GCM,data:EeClVKKy1PRlzuLKw6dIRZPF0g==,iv:D8c0g1lcaIebiz2Caf14hn3SIl+dI9kkoCE7N9sm3Q8=,tag:mw5SoWNB7c/vIgsFa6L2ug==,type:comment]
API_ADMINISTRATION_URL=ENC[AES256_GCM,data:YwbrMwA9hrI9j6K1iRc/lBZ/3PQVXcAcuVQDylUI3YXniCBCBEGrYMr8cRU=,iv:V9B4YgEY8fLKrFKhCbYk8NGojibCq0EMkxzliGB4ZzE=,tag:gytuVB89LlY6YwPooTsYiw==,type:str]
#ENC[AES256_GCM,data:N0YtoCLrdcUnBQ==,iv:puUHPLRJUaxaMNiLfT8//utW6VwMhDFD8u9PQCcyqlw=,tag:YQ+XO7Du2L3Jh54vTBHRIQ==,type:comment]
API_INSEE_KEY=ENC[AES256_GCM,data:VdrZtPbUTuQCyDqErJ6wn2JTEQ0q/PxCENKvPw==,iv:2Oohi8cfMLDfVcSupaCZ/uAqjRnmcL6mjVUXZSTJ+lk=,tag:LFVVjdwxmKziumbkGFtPAw==,type:str]
API_INSEE_SECRET=ENC[AES256_GCM,data:cezcbqkrTZY5dTzSpZGLZJp8dW4DiGGgdSpfJw==,iv:frnBhiYUMavRThy778TZ7VCTFTrDenVS5oZV3gWQiV4=,tag:uYf/OAoHgld/z3UpiEwtug==,type:str]
API_INSEE_URL=ENC[AES256_GCM,data:eIeSk33A6fRPTn66EVbJWa/Ovx9zjQ==,iv:vVYwIGpnP0MQme/tl1cPV0qSsl2rW9W4S8O+PqqB+p0=,tag:ag2+wwf/0Et6lnFodOJJjQ==,type:str]
#ENC[AES256_GCM,data:Pjkf9gTSnsWgip0=,iv:KXVVIjjD4/5AMReYlfDufh4wS9IpIyvb/vIqlEb08nM=,tag:QHy/aAp7Jsa4iBVp7tiXcA==,type:comment]
API_MATOMO_URL=ENC[AES256_GCM,data:uRDmilJ8i+pYg4M3dIPUGAvNiGGvuN+EkBCtFNiTq6eAupNj7vyQ29QtFi1mTsU7sWZNkMe5NctmYQ==,iv:zP3oZojfkbbghf2uzn4yCm18sVZg1aQmFMOAVUjifyI=,tag:QJX/q4sVrL9I56fW7JuELQ==,type:str]
API_MATOMO_ID=ENC[AES256_GCM,data:eJRGIg==,iv:P/Yr1mMf1iRumAuwL9Tgz4o658EhlQaqn3mlqgDKDEc=,tag:N926M1dbHlzT/YZSjeAAJg==,type:str]
API_SENTRY_URL=ENC[AES256_GCM,data:IXm8GNSelD5NhAtozRMk1FcXkYUzQFvZFtwb5neAm5NNXamsx2h21IxeYTnb/Cnl+o0p/3p5SCs5kqPCmDBppKs=,iv:eZEzBbjpqbLPeQodfpZizArStrZQ8kMdoSu4FpxNaNU=,tag:NDDMYMqF6gaslyDnTi2xOg==,type:str]
sops_age__list_0__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkMGY3K21yQytGWWdVdkI0\nTGpQZ3Y5azJLNlRUcEJZeEtQTmhxZXIyV3lrCkk4ejJnSHl4bldvWnpsd3U5RHBO\nQ2J4eThPTWNMQWhPcnNsaE5XZE4zWGsKLS0tIGx1MU0wQUFGNzg3dWxmSTdOL1JT\nNzRFS3lWZUtHcGtCQkZLazdNWWYxNkUKMWDnNhjxH+RcJNoLyV0YiqNiFnXOQ+V1\nhQc4LGJuK+TgdDjXZWHtJcVZooo7/X4WaxFGkOv+oYjuTiUOVdNczA==\n-----END AGE ENCRYPTED FILE-----\n
sops_age__list_0__map_recipient=age1m0v4x0c32qjqs6rl3y6h2vee3sdm5y6rvzwyccl306n48d8lzvhse52hp4
sops_age__list_1__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBUc2hDLzZQNzdBL2p3cGRt\nWldBb01vYkV0aTVhQTRtazNtWjZMeXh0YTNjCmdIUmVpWWxKbHFtcmtkUG1RN1Nk\ncGFnY0lvdHEySS9PcU91TFRxdUlvcTQKLS0tIG41UFZmSGRIejNzYXR4WHJ4dDhn\ndjZIbytMOXViclREWDk5bTJHSktqOXcKtLiJyg3SK22YpOhqQGYUKeupnkEuNzam\ni7jTSFlWQhkTjzf9G6Ig5HqT1A/hLKFuSXqJwuzA7EFApYhKk1eXhQ==\n-----END AGE ENCRYPTED FILE-----\n
sops_age__list_1__map_recipient=age1z4cm6tk86r05u84w8rxf4c04ndnuc7wj03psqugfwy03uwqutv0s88wz6f
sops_lastmodified=2024-10-07T09:32:22Z
sops_mac=ENC[AES256_GCM,data:ZZhiXr64q3nc1XhxV+zzXrhELI9UXSmynhMMGOnXqPzg8Hmhjf3xXTWowcfuC+O0ar5ZZAeAvJqy1PY1/SjULMyF14tTcSz0qlgGTakj5ORgDKxYkXooRe6XhqrTl+RaHigfOgQ0Z0qdoIa/eWplhEffa3hh6DI+o5NFrp+zTmQ=,iv:zpIoh4FVAi1y4zgT8xD4h2X6bE92wNy2Vvxzu2qzdvw=,tag:xGsvkkF39MyYrLUb7ox6uQ==,type:str]
sops_unencrypted_suffix=_unencrypted
sops_version=3.9.1
...@@ -12,3 +12,5 @@ packages/ui/storybook-static/ ...@@ -12,3 +12,5 @@ packages/ui/storybook-static/
.vscode .vscode
**/coverage **/coverage
.cargo .cargo
team.age
*.no-commit.env
...@@ -2,27 +2,47 @@ default: ...@@ -2,27 +2,47 @@ default:
tags: [global, shared] tags: [global, shared]
interruptible: true interruptible: true
stages: include:
- prepare - project: 'share/devops/squelettes/gitlab/eco'
- test file: 'deploy_eco_compose.yaml'
- build ref: 'main'
- deploy
build-ci-image: get_camino_tag:
stage: prepare stage: deploy
image: script: echo "CAMINO_TAG=${CI_COMMIT_SHA}" > out.env
name: gcr.io/kaniko-project/executor:debug
entrypoint: [""]
script: .gitlab/build-ci-image.sh
artifacts: artifacts:
reports: reports:
dotenv: out.env dotenv: out.env
retry: deploy_app_via_compose:
max: 2 tags: [dnum-paas-eco]
needs: [get_camino_tag]
extends: .deploy_eco_compose
stage: deploy
script:
- paas-docker-down-and-up --compose-path docker-compose.yml --dotenv-path .dev.env --vars CAMINO_TAG
include:
- local: .gitlab/global.yml stages:
- local: .gitlab/deploy.yml # - prepare
- local: .gitlab/ci/*.yml # - test
rules: # - build
- if: $CI_COMMIT_BRANCH && $CI_COMMIT_BRANCH != "prod" && $CI_COMMIT_BRANCH != "preprod" - deploy
# build-ci-image:
# stage: prepare
# image:
# name: gcr.io/kaniko-project/executor:debug
# entrypoint: [""]
# script: .gitlab/build-ci-image.sh
# artifacts:
# reports:
# dotenv: out.env
# retry:
# max: 2
# include:
# - local: .gitlab/global.yml
# - local: .gitlab/deploy.yml
# - local: .gitlab/ci/*.yml
# rules:
# - if: $CI_COMMIT_BRANCH && $CI_COMMIT_BRANCH != "prod" && $CI_COMMIT_BRANCH != "preprod"
FROM quay.io/keycloak/keycloak:25.0.5
# Utiliser le makefile, mettre à jour la version à la main
COPY keycloak-franceconnect-6.2.0.jar /opt/keycloak/providers/keycloak-franceconnect-6.2.0.jar
COPY keycloak-bcrypt-1.6.0.jar /opt/keycloak/providers/keycloak-bcrypt-1.6.0.jar
COPY keycloak_theme/ /opt/keycloak/themes/camino/
...@@ -240,3 +240,16 @@ graphql/check: ...@@ -240,3 +240,16 @@ graphql/check:
echo $$f; \ echo $$f; \
graphql-inspector validate --noStrictFragments "$$f" packages/api/src/api/graphql/schemas/index.graphql || exit 1; \ graphql-inspector validate --noStrictFragments "$$f" packages/api/src/api/graphql/schemas/index.graphql || exit 1; \
done done
dev/chiffre:
SOPS_AGE_RECIPIENTS=$$(cat team.age.pub ecocompose.age.pub | sed -z 's/\n/,/g;s/,$$/\n/') sops --encrypt --input-type dotenv --output-type dotenv .dev.no-commit.env > .dev.env
dev/dechiffre:
SOPS_AGE_KEY_FILE=team.age sops -d --input-type dotenv --output-type dotenv .dev.env
keycloak/build:
docker build -t caminofr/camino-keycloak:25.0.5 -f Dockerfile.keycloak infra/roles/camino/files/
keycloak/push:
docker push caminofr/camino-keycloak:25.0.5
...@@ -11,8 +11,6 @@ services: ...@@ -11,8 +11,6 @@ services:
APPLICATION_VERSION: ${CAMINO_TAG} APPLICATION_VERSION: ${CAMINO_TAG}
VIRTUAL_HOST: ${API_HOST} VIRTUAL_HOST: ${API_HOST}
VIRTUAL_PORT: ${API_PORT} VIRTUAL_PORT: ${API_PORT}
LETSENCRYPT_HOST: ${API_HOST}
LETSENCRYPT_EMAIL: ${LETSENCRYPT_EMAIL}
PGHOST: db PGHOST: db
expose: expose:
- ${API_PORT} - ${API_PORT}
...@@ -45,8 +43,6 @@ services: ...@@ -45,8 +43,6 @@ services:
environment: environment:
VIRTUAL_HOST: ${DOC_HOST} VIRTUAL_HOST: ${DOC_HOST}
VIRTUAL_PORT: ${DOC_PORT} VIRTUAL_PORT: ${DOC_PORT}
LETSENCRYPT_HOST: ${DOC_HOST}
LETSENCRYPT_EMAIL: ${LETSENCRYPT_EMAIL}
expose: expose:
- ${DOC_PORT} - ${DOC_PORT}
networks: networks:
...@@ -77,8 +73,6 @@ services: ...@@ -77,8 +73,6 @@ services:
environment: environment:
VIRTUAL_HOST: ${OAUTH_HOST} VIRTUAL_HOST: ${OAUTH_HOST}
VIRTUAL_PORT: ${OAUTH_PORT} VIRTUAL_PORT: ${OAUTH_PORT}
LETSENCRYPT_HOST: ${OAUTH_HOST}
LETSENCRYPT_EMAIL: ${LETSENCRYPT_EMAIL}
OAUTH2_PROXY_PROVIDER: 'keycloak-oidc' OAUTH2_PROXY_PROVIDER: 'keycloak-oidc'
OAUTH2_PROXY_CLIENT_ID: ${KEYCLOAK_CLIENT_ID} OAUTH2_PROXY_CLIENT_ID: ${KEYCLOAK_CLIENT_ID}
OAUTH2_PROXY_CLIENT_SECRET: ${KEYCLOAK_CLIENT_SECRET} OAUTH2_PROXY_CLIENT_SECRET: ${KEYCLOAK_CLIENT_SECRET}
...@@ -108,7 +102,7 @@ services: ...@@ -108,7 +102,7 @@ services:
- nginx-proxy - nginx-proxy
keycloak: keycloak:
container_name: camino_keycloak container_name: camino_keycloak
image: quay.io/keycloak/keycloak:25.0.5 image: caminofr/camino-keycloak:25.0.5
depends_on: depends_on:
- db - db
environment: environment:
...@@ -121,14 +115,6 @@ services: ...@@ -121,14 +115,6 @@ services:
KC_PROXY: "edge" KC_PROXY: "edge"
VIRTUAL_HOST: ${KEYCLOAK_HOST} VIRTUAL_HOST: ${KEYCLOAK_HOST}
VIRTUAL_PORT: ${KEYCLOAK_PORT} VIRTUAL_PORT: ${KEYCLOAK_PORT}
LETSENCRYPT_HOST: ${KEYCLOAK_HOST}
LETSENCRYPT_EMAIL: ${LETSENCRYPT_EMAIL}
volumes:
# A Synchroniser avec ansible infra/roles/camino/tasks
- ./keycloak-franceconnect-6.2.0.jar:/opt/keycloak/providers/keycloak-franceconnect-6.2.0.jar
# FROM https://github.com/leroyguillaume/keycloak-bcrypt
- ./keycloak-bcrypt-1.6.0.jar:/opt/keycloak/providers/keycloak-bcrypt-1.6.0.jar
- ./keycloak_theme/:/opt/keycloak/themes/camino/
command: "start" command: "start"
expose: expose:
- ${KEYCLOAK_PORT} - ${KEYCLOAK_PORT}
...@@ -136,7 +122,24 @@ services: ...@@ -136,7 +122,24 @@ services:
networks: networks:
- default - default
- nginx-proxy - nginx-proxy
nginx-proxy:
image: nginxproxy/nginx-proxy:1.6.1
container_name: nginx-proxy
restart: unless-stopped
logging:
options:
max-size: "10m"
max-file: "3"
ports:
- "80:80"
- "443:443"
volumes:
# FIXME
# - /srv/www/nginx-proxy/proxy.conf:/etc/nginx/proxy.conf
- certs:/etc/nginx/certs
- vhost:/etc/nginx/vhost.d
- html:/usr/share/nginx/html
- /var/run/docker.sock:/tmp/docker.sock:ro
networks: networks:
nginx-proxy: nginx-proxy:
external: true external: true
age1z4cm6tk86r05u84w8rxf4c04ndnuc7wj03psqugfwy03uwqutv0s88wz6f
age1m0v4x0c32qjqs6rl3y6h2vee3sdm5y6rvzwyccl306n48d8lzvhse52hp4
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment