jairsjunior/docker-compose.yml

## docker-compose.yml
version: '3.5'

services:

  #################################### KAFKA BROKER ####################################
  kafka:
    image: jairsjunior/kafka-with-oauth
    ports:
      - "9092:9092"
    links:
      - hydra:hydra
      - zookeeper:zookeeper
    depends_on:
      - hydra
    environment:
      # KAFKA Configuration
      KAFKA_ZOOKEEPER_CONNECT: "zookeeper:2181"
      EXTRA_ARGS: "-Djava.security.auth.login.config=/opt/kafka/config/kafka_server_jaas.conf"
      KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: SASL_PLAINTEXT:SASL_PLAINTEXT
      KAFKA_LISTENERS: "SASL_PLAINTEXT://:9092"
      KAFKA_ADVERTISED_LISTENERS: "SASL_PLAINTEXT://kafka:9092"
      # KAFKA Security
      KAFKA_SECURITY_INTER_BROKER_PROTOCOL: SASL_PLAINTEXT
      KAFKA_SASL_MECHANISM_INTER_BROKER_PROTOCOL: OAUTHBEARER
      KAFKA_SASL_ENABLED_MECHANISMS: OAUTHBEARER
      # OAuth Configuration
      OAUTH_WITH_SSL: "false"
      OAUTH_LOGIN_SERVER : "hydra:4444"
      OAUTH_LOGIN_ENDPOINT : "/oauth2/token"
      OAUTH_LOGIN_GRANT_TYPE: "client_credentials"
      OAUTH_LOGIN_SCOPE: "broker.kafka"
      OAUTH_AUTHORIZATION : "Basic YnJva2VyLWthZmthOmJyb2tlci1rYWZrYQ=="
      OAUTH_INTROSPECT_SERVER : "hydra:4445"
      OAUTH_INTROSPECT_ENDPOINT : "/oauth2/introspect"
      OAUTH_INTROSPECT_AUTHORIZATION : "Basic YnJva2VyLWthZmthOmJyb2tlci1rYWZrYQ=="

  zookeeper:
    image: wurstmeister/zookeeper:latest
    ports:
      - "2181:2181"

  #################################### OAUTH SERVER ####################################
  hydra-migrate:
    image: oryd/hydra:v1.0.0-rc.2_oryOS.9
    links:
      - postgresd:postgresd
    environment:
      - DATABASE_URL=postgres://hydra:secret@postgresd:5432/hydra?sslmode=disable
    command:
      migrate sql -e
    restart: on-failure

  hydra:
    image: oryd/hydra:v1.0.0-rc.2_oryOS.9
    links:
      - postgresd:postgresd
    depends_on:
      - hydra-migrate
    ports:
      # Public port
      - "4444:4444"
      # Admin port
      - "4445:4445"
    command: "serve all --dangerous-force-http"
    environment:
      - OAUTH2_ISSUER_URL=http://localhost:4444
      - OAUTH2_CONSENT_URL=http://localhost:3000/consent
      - OAUTH2_LOGIN_URL=http://localhost:3000/login
      - DATABASE_URL=postgres://hydra:secret@postgresd:5432/hydra?sslmode=disable
      - SYSTEM_SECRET=youReallyNeedToChangeThis
      - FORCE_ROOT_CLIENT_CREDENTIALS=hydra:changeme
      - OAUTH2_SHARE_ERROR_DEBUG=1
      - OIDC_SUBJECT_TYPES_SUPPORTED=public,pairwise
      - OIDC_SUBJECT_TYPE_PAIRWISE_SALT=youReallyNeedToChangeThis
      - HYDRA_ADMIN_URL=http://localhost:4445
    restart: unless-stopped

  hydra-import:
    image: jairsjunior/hydra-import
    depends_on:
      - hydra
    links:
      - hydra:hydra
    environment:
      CLUSTER_URL: http://hydra:4444
      CLIENT_ID: hydra
      CLIENT_SECRET: changeme

  postgresd:
    image: postgres:9.6
    ports:
      - "5432:5432"
    environment:
      - POSTGRES_USER=hydra
      - POSTGRES_PASSWORD=secret
      - POSTGRES_DB=hydra

  #################################### KAFKA PRODUCER AND CONSUMER ####################################

  producer:
    image: jairsjunior/kafka-node-oauth-producer:latest
    links:
      - kafka:kafka
      - hydra:hydra
    depends_on:
      - kafka
    restart: always
    environment:
      # Kafka Variables
      KAFKA_HOST: "kafka:9092"
      KAFKA_TOPIC: "topic1"
      KAFKA_GROUP_ID: "group-id"
      # OAuth Variables
      OAUTH_PROTOCOL: "http"
      OAUTH_GRANT_TYPE: "client_credentials"
      OAUTH_SCOPE: "producer.kafka"
      OAUTH_HOST: "hydra:4444"
      OAUTH_ENDPOINT: "/oauth2/token"
      OAUTH_TOKEN: "Basic cHJvZHVjZXIta2Fma2E6cHJvZHVjZXIta2Fma2E="

  consumer:
    image: jairsjunior/kafka-node-oauth-consumer:latest
    links:
      - kafka:kafka
      - hydra:hydra
    depends_on:
      - kafka
    restart: always
    environment:
      # Kafka Variables
      KAFKA_HOST: "kafka:9092"
      KAFKA_TOPIC: "topic1"
      KAFKA_GROUP_ID: "group-id"
      # OAuth Variables
      OAUTH_PROTOCOL: "http"
      OAUTH_GRANT_TYPE: "client_credentials"
      OAUTH_SCOPE: "consumer.kafka"
      OAUTH_HOST: "hydra:4444"
      OAUTH_ENDPOINT: "/oauth2/token"
      OAUTH_TOKEN: "Basic Y29uc3VtZXIta2Fma2E6Y29uc3VtZXIta2Fma2E="
	version: '3.5'

	services:

	#################################### KAFKA BROKER ####################################
	kafka:
	image: jairsjunior/kafka-with-oauth
	ports:
	- "9092:9092"
	links:
	- hydra:hydra
	- zookeeper:zookeeper
	depends_on:
	- hydra
	environment:
	# KAFKA Configuration
	KAFKA_ZOOKEEPER_CONNECT: "zookeeper:2181"
	EXTRA_ARGS: "-Djava.security.auth.login.config=/opt/kafka/config/kafka_server_jaas.conf"
	KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: SASL_PLAINTEXT:SASL_PLAINTEXT
	KAFKA_LISTENERS: "SASL_PLAINTEXT://:9092"
	KAFKA_ADVERTISED_LISTENERS: "SASL_PLAINTEXT://kafka:9092"
	# KAFKA Security
	KAFKA_SECURITY_INTER_BROKER_PROTOCOL: SASL_PLAINTEXT
	KAFKA_SASL_MECHANISM_INTER_BROKER_PROTOCOL: OAUTHBEARER
	KAFKA_SASL_ENABLED_MECHANISMS: OAUTHBEARER
	# OAuth Configuration
	OAUTH_WITH_SSL: "false"
	OAUTH_LOGIN_SERVER : "hydra:4444"
	OAUTH_LOGIN_ENDPOINT : "/oauth2/token"
	OAUTH_LOGIN_GRANT_TYPE: "client_credentials"
	OAUTH_LOGIN_SCOPE: "broker.kafka"
	OAUTH_AUTHORIZATION : "Basic YnJva2VyLWthZmthOmJyb2tlci1rYWZrYQ=="
	OAUTH_INTROSPECT_SERVER : "hydra:4445"
	OAUTH_INTROSPECT_ENDPOINT : "/oauth2/introspect"
	OAUTH_INTROSPECT_AUTHORIZATION : "Basic YnJva2VyLWthZmthOmJyb2tlci1rYWZrYQ=="

	zookeeper:
	image: wurstmeister/zookeeper:latest
	ports:
	- "2181:2181"

	#################################### OAUTH SERVER ####################################
	hydra-migrate:
	image: oryd/hydra:v1.0.0-rc.2_oryOS.9
	links:
	- postgresd:postgresd
	environment:
	- DATABASE_URL=postgres://hydra:secret@postgresd:5432/hydra?sslmode=disable
	command:
	migrate sql -e
	restart: on-failure

	hydra:
	image: oryd/hydra:v1.0.0-rc.2_oryOS.9
	links:
	- postgresd:postgresd
	depends_on:
	- hydra-migrate
	ports:
	# Public port
	- "4444:4444"
	# Admin port
	- "4445:4445"
	command: "serve all --dangerous-force-http"
	environment:
	- OAUTH2_ISSUER_URL=http://localhost:4444
	- OAUTH2_CONSENT_URL=http://localhost:3000/consent
	- OAUTH2_LOGIN_URL=http://localhost:3000/login
	- DATABASE_URL=postgres://hydra:secret@postgresd:5432/hydra?sslmode=disable
	- SYSTEM_SECRET=youReallyNeedToChangeThis
	- FORCE_ROOT_CLIENT_CREDENTIALS=hydra:changeme
	- OAUTH2_SHARE_ERROR_DEBUG=1
	- OIDC_SUBJECT_TYPES_SUPPORTED=public,pairwise
	- OIDC_SUBJECT_TYPE_PAIRWISE_SALT=youReallyNeedToChangeThis
	- HYDRA_ADMIN_URL=http://localhost:4445
	restart: unless-stopped

	hydra-import:
	image: jairsjunior/hydra-import
	depends_on:
	- hydra
	links:
	- hydra:hydra
	environment:
	CLUSTER_URL: http://hydra:4444
	CLIENT_ID: hydra
	CLIENT_SECRET: changeme

	postgresd:
	image: postgres:9.6
	ports:
	- "5432:5432"
	environment:
	- POSTGRES_USER=hydra
	- POSTGRES_PASSWORD=secret
	- POSTGRES_DB=hydra

	#################################### KAFKA PRODUCER AND CONSUMER ####################################

	producer:
	image: jairsjunior/kafka-node-oauth-producer:latest
	links:
	- kafka:kafka
	- hydra:hydra
	depends_on:
	- kafka
	restart: always
	environment:
	# Kafka Variables
	KAFKA_HOST: "kafka:9092"
	KAFKA_TOPIC: "topic1"
	KAFKA_GROUP_ID: "group-id"
	# OAuth Variables
	OAUTH_PROTOCOL: "http"
	OAUTH_GRANT_TYPE: "client_credentials"
	OAUTH_SCOPE: "producer.kafka"
	OAUTH_HOST: "hydra:4444"
	OAUTH_ENDPOINT: "/oauth2/token"
	OAUTH_TOKEN: "Basic cHJvZHVjZXIta2Fma2E6cHJvZHVjZXIta2Fma2E="

	consumer:
	image: jairsjunior/kafka-node-oauth-consumer:latest
	links:
	- kafka:kafka
	- hydra:hydra
	depends_on:
	- kafka
	restart: always
	environment:
	# Kafka Variables
	KAFKA_HOST: "kafka:9092"
	KAFKA_TOPIC: "topic1"
	KAFKA_GROUP_ID: "group-id"
	# OAuth Variables
	OAUTH_PROTOCOL: "http"
	OAUTH_GRANT_TYPE: "client_credentials"
	OAUTH_SCOPE: "consumer.kafka"
	OAUTH_HOST: "hydra:4444"
	OAUTH_ENDPOINT: "/oauth2/token"
	OAUTH_TOKEN: "Basic Y29uc3VtZXIta2Fma2E6Y29uc3VtZXIta2Fma2E="