From 709f37af86b410641d4ae97c3b064f90dd0e1ae4 Mon Sep 17 00:00:00 2001 From: Hien To Date: Wed, 23 Aug 2023 16:28:24 +0700 Subject: [PATCH 01/11] Initiate gitsubmodule --- .gitmodules | 9 +++++++++ app-backend | 1 + mobile-client | 1 + web-client | 1 + 4 files changed, 12 insertions(+) create mode 100644 .gitmodules create mode 160000 app-backend create mode 160000 mobile-client create mode 160000 web-client diff --git a/.gitmodules b/.gitmodules new file mode 100644 index 000000000..e47d163a3 --- /dev/null +++ b/.gitmodules @@ -0,0 +1,9 @@ +[submodule "web-client"] + path = web-client + url = git@github.com:janhq/jan-web.git +[submodule "app-backend"] + path = app-backend + url = git@github.com:janhq/app-backend.git +[submodule "mobile-client"] + path = mobile-client + url = git@github.com:janhq/jan-react-native.git diff --git a/app-backend b/app-backend new file mode 160000 index 000000000..46a00caeb --- /dev/null +++ b/app-backend @@ -0,0 +1 @@ +Subproject commit 46a00caebdc433404ce60ef99704e6af8b84e089 diff --git a/mobile-client b/mobile-client new file mode 160000 index 000000000..ccb78d1ee --- /dev/null +++ b/mobile-client @@ -0,0 +1 @@ +Subproject commit ccb78d1ee050f7029f19587ac1b84d6c46fc52e3 diff --git a/web-client b/web-client new file mode 160000 index 000000000..a8d672c55 --- /dev/null +++ b/web-client @@ -0,0 +1 @@ +Subproject commit a8d672c55340337f0a258f6c99bea286b709b38a From 38b3647eaa900a4b07f249e3a24c0788a034eec0 Mon Sep 17 00:00:00 2001 From: Hien To Date: Thu, 24 Aug 2023 14:26:55 +0700 Subject: [PATCH 02/11] update new commit for jan-web and app-backend --- app-backend | 2 +- web-client | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/app-backend b/app-backend index 46a00caeb..74273d1e0 160000 --- a/app-backend +++ b/app-backend @@ -1 +1 @@ -Subproject commit 46a00caebdc433404ce60ef99704e6af8b84e089 +Subproject commit 74273d1e0c50b8851faa96358369e1a0070c705e diff --git a/web-client b/web-client index a8d672c55..e105df566 160000 --- a/web-client +++ b/web-client @@ -1 +1 @@ -Subproject commit a8d672c55340337f0a258f6c99bea286b709b38a +Subproject commit e105df5665055b1132ed485b6889e5b7382a599d From 22c73baf383af2fce20588e877eacdb36093ea22 Mon Sep 17 00:00:00 2001 From: Hien To Date: Thu, 24 Aug 2023 17:06:00 +0700 Subject: [PATCH 03/11] initiate docker-compose for monorepo --- conf/keycloak_conf/example-realm.json | 2303 +++++++++++++++++++++++++ conf/sample.env_app-backend | 21 + conf/sample.env_app-backend-postgres | 1 + conf/sample.env_web-client | 19 + docker-compose.yml | 85 +- .env.sample => sample.env | 0 6 files changed, 2410 insertions(+), 19 deletions(-) create mode 100644 conf/keycloak_conf/example-realm.json create mode 100644 conf/sample.env_app-backend create mode 100644 conf/sample.env_app-backend-postgres create mode 100644 conf/sample.env_web-client rename .env.sample => sample.env (100%) diff --git a/conf/keycloak_conf/example-realm.json b/conf/keycloak_conf/example-realm.json new file mode 100644 index 000000000..4187c2653 --- /dev/null +++ b/conf/keycloak_conf/example-realm.json @@ -0,0 +1,2303 @@ +{ + "id": "d3ebd3d9-2493-4aa2-942b-3118a216b430", + "realm": "hasura", + "notBefore": 0, + "defaultSignatureAlgorithm": "RS256", + "revokeRefreshToken": false, + "refreshTokenMaxReuse": 0, + "accessTokenLifespan": 300, + "accessTokenLifespanForImplicitFlow": 900, + "ssoSessionIdleTimeout": 1800, + "ssoSessionMaxLifespan": 36000, + "ssoSessionIdleTimeoutRememberMe": 0, + "ssoSessionMaxLifespanRememberMe": 0, + "offlineSessionIdleTimeout": 2592000, + "offlineSessionMaxLifespanEnabled": false, + "offlineSessionMaxLifespan": 5184000, + "clientSessionIdleTimeout": 0, + "clientSessionMaxLifespan": 0, + "clientOfflineSessionIdleTimeout": 0, + "clientOfflineSessionMaxLifespan": 0, + "accessCodeLifespan": 60, + "accessCodeLifespanUserAction": 300, + "accessCodeLifespanLogin": 1800, + "actionTokenGeneratedByAdminLifespan": 43200, + "actionTokenGeneratedByUserLifespan": 300, + "oauth2DeviceCodeLifespan": 600, + "oauth2DevicePollingInterval": 5, + "enabled": true, + "sslRequired": "external", + "registrationAllowed": false, + "registrationEmailAsUsername": false, + "rememberMe": false, + "verifyEmail": false, + "loginWithEmailAllowed": true, + "duplicateEmailsAllowed": false, + "resetPasswordAllowed": false, + "editUsernameAllowed": false, + "bruteForceProtected": false, + "permanentLockout": false, + "maxFailureWaitSeconds": 900, + "minimumQuickLoginWaitSeconds": 60, + "waitIncrementSeconds": 60, + "quickLoginCheckMilliSeconds": 1000, + "maxDeltaTimeSeconds": 43200, + "failureFactor": 30, + "roles": { + "realm": [ + { + "id": "7219280c-2d93-4cb5-9ff9-fa4b639716fd", + "name": "uma_authorization", + "description": "${role_uma_authorization}", + "composite": false, + "clientRole": false, + "containerId": "d3ebd3d9-2493-4aa2-942b-3118a216b430", + "attributes": {} + }, + { + "id": "7fb465bc-beae-431b-8a38-06afa8b4c75c", + "name": "user", + "description": "", + "composite": false, + "clientRole": false, + "containerId": "d3ebd3d9-2493-4aa2-942b-3118a216b430", + "attributes": {} + }, + { + "id": "b34240e1-92b8-48e9-aaa5-82eecbdcb283", + "name": "default-roles-hasura", + "description": "${role_default-roles}", + "composite": true, + "composites": { + "realm": ["offline_access", "uma_authorization"], + "client": { + "account": ["manage-account", "view-profile"] + } + }, + "clientRole": false, + "containerId": "d3ebd3d9-2493-4aa2-942b-3118a216b430", + "attributes": {} + }, + { + "id": "3ece9760-6a06-4d75-9efc-27164c8253c8", + "name": "offline_access", + "description": "${role_offline-access}", + "composite": false, + "clientRole": false, + "containerId": "d3ebd3d9-2493-4aa2-942b-3118a216b430", + "attributes": {} + } + ], + "client": { + "realm-management": [ + { + "id": "c8c637d4-39a5-4170-8d2f-1aef0a2f9720", + "name": "query-groups", + "description": "${role_query-groups}", + "composite": false, + "clientRole": true, + "containerId": "5d7dda49-d56d-4c64-8a01-ee5dd5310c81", + "attributes": {} + }, + { + "id": "e81f684f-c4ff-425e-861d-80507258b321", + "name": "manage-authorization", + "description": "${role_manage-authorization}", + "composite": false, + "clientRole": true, + "containerId": "5d7dda49-d56d-4c64-8a01-ee5dd5310c81", + "attributes": {} + }, + { + "id": "88d97cbc-e7e1-4561-ad9c-8cf1161a55a0", + "name": "query-realms", + "description": "${role_query-realms}", + "composite": false, + "clientRole": true, + "containerId": "5d7dda49-d56d-4c64-8a01-ee5dd5310c81", + "attributes": {} + }, + { + "id": "67063d5f-8023-4be9-8db2-37f81dfeb90b", + "name": "view-identity-providers", + "description": "${role_view-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "5d7dda49-d56d-4c64-8a01-ee5dd5310c81", + "attributes": {} + }, + { + "id": "024c8120-8208-4ad4-b098-27c7c9d549df", + "name": "view-realm", + "description": "${role_view-realm}", + "composite": false, + "clientRole": true, + "containerId": "5d7dda49-d56d-4c64-8a01-ee5dd5310c81", + "attributes": {} + }, + { + "id": "a2fe97c7-b0d2-444f-bdba-efb2bfecda0f", + "name": "create-client", + "description": "${role_create-client}", + "composite": false, + "clientRole": true, + "containerId": "5d7dda49-d56d-4c64-8a01-ee5dd5310c81", + "attributes": {} + }, + { + "id": "bc2425ed-2269-431c-81f6-eb4401020952", + "name": "query-users", + "description": "${role_query-users}", + "composite": false, + "clientRole": true, + "containerId": "5d7dda49-d56d-4c64-8a01-ee5dd5310c81", + "attributes": {} + }, + { + "id": "a2cb5869-dc32-4373-8a10-71b9132c850e", + "name": "view-authorization", + "description": "${role_view-authorization}", + "composite": false, + "clientRole": true, + "containerId": "5d7dda49-d56d-4c64-8a01-ee5dd5310c81", + "attributes": {} + }, + { + "id": "a8b11879-261c-4e4f-8b05-414069988810", + "name": "manage-identity-providers", + "description": "${role_manage-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "5d7dda49-d56d-4c64-8a01-ee5dd5310c81", + "attributes": {} + }, + { + "id": "0810aa4f-a32c-432a-9c16-0374233f17e6", + "name": "view-clients", + "description": "${role_view-clients}", + "composite": true, + "composites": { + "client": { + "realm-management": ["query-clients"] + } + }, + "clientRole": true, + "containerId": "5d7dda49-d56d-4c64-8a01-ee5dd5310c81", + "attributes": {} + }, + { + "id": "53b48727-828f-406c-aa7e-b0d1c4109d0b", + "name": "impersonation", + "description": "${role_impersonation}", + "composite": false, + "clientRole": true, + "containerId": "5d7dda49-d56d-4c64-8a01-ee5dd5310c81", + "attributes": {} + }, + { + "id": "27751c74-74f3-4fbf-b42a-124de7207dc0", + "name": "manage-clients", + "description": "${role_manage-clients}", + "composite": false, + "clientRole": true, + "containerId": "5d7dda49-d56d-4c64-8a01-ee5dd5310c81", + "attributes": {} + }, + { + "id": "44c4d09a-8b0e-413e-91a4-c383ef17b345", + "name": "query-clients", + "description": "${role_query-clients}", + "composite": false, + "clientRole": true, + "containerId": "5d7dda49-d56d-4c64-8a01-ee5dd5310c81", + "attributes": {} + }, + { + "id": "837d8209-0fbf-406d-a1f4-d3672879fd7c", + "name": "manage-realm", + "description": "${role_manage-realm}", + "composite": false, + "clientRole": true, + "containerId": "5d7dda49-d56d-4c64-8a01-ee5dd5310c81", + "attributes": {} + }, + { + "id": "90b904a0-ddf1-4542-902e-f0f0cd4bc23e", + "name": "manage-users", + "description": "${role_manage-users}", + "composite": false, + "clientRole": true, + "containerId": "5d7dda49-d56d-4c64-8a01-ee5dd5310c81", + "attributes": {} + }, + { + "id": "49328548-01c4-477e-90e8-5cdec6ede9d2", + "name": "view-events", + "description": "${role_view-events}", + "composite": false, + "clientRole": true, + "containerId": "5d7dda49-d56d-4c64-8a01-ee5dd5310c81", + "attributes": {} + }, + { + "id": "5f381d33-4e28-4b50-87be-0cc0e4887e2f", + "name": "realm-admin", + "description": "${role_realm-admin}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "query-groups", + "manage-authorization", + "view-realm", + "view-identity-providers", + "query-realms", + "create-client", + "view-authorization", + "query-users", + "manage-identity-providers", + "view-clients", + "impersonation", + "manage-clients", + "query-clients", + "manage-realm", + "manage-users", + "view-events", + "view-users", + "manage-events" + ] + } + }, + "clientRole": true, + "containerId": "5d7dda49-d56d-4c64-8a01-ee5dd5310c81", + "attributes": {} + }, + { + "id": "13b75adb-cf15-4f02-8c1e-b70bf405b692", + "name": "view-users", + "description": "${role_view-users}", + "composite": true, + "composites": { + "client": { + "realm-management": ["query-groups", "query-users"] + } + }, + "clientRole": true, + "containerId": "5d7dda49-d56d-4c64-8a01-ee5dd5310c81", + "attributes": {} + }, + { + "id": "b5126b18-1e29-4989-a0ce-3350feb02b42", + "name": "manage-events", + "description": "${role_manage-events}", + "composite": false, + "clientRole": true, + "containerId": "5d7dda49-d56d-4c64-8a01-ee5dd5310c81", + "attributes": {} + } + ], + "security-admin-console": [], + "admin-cli": [], + "account-console": [], + "broker": [ + { + "id": "ba86f97b-0032-465d-b52d-06d0cb1514b5", + "name": "read-token", + "description": "${role_read-token}", + "composite": false, + "clientRole": true, + "containerId": "4a3abf8b-7ce0-4eb3-8733-0b76bde3125d", + "attributes": {} + } + ], + "account": [ + { + "id": "8107bb62-629a-4c05-a6b3-9ec05db9feab", + "name": "manage-consent", + "description": "${role_manage-consent}", + "composite": true, + "composites": { + "client": { + "account": ["view-consent"] + } + }, + "clientRole": true, + "containerId": "ce02d0ff-b633-4d79-8a33-2c8241017d72", + "attributes": {} + }, + { + "id": "cb761f1a-f422-4292-9f27-aeca063ae6ad", + "name": "view-applications", + "description": "${role_view-applications}", + "composite": false, + "clientRole": true, + "containerId": "ce02d0ff-b633-4d79-8a33-2c8241017d72", + "attributes": {} + }, + { + "id": "b87631c3-f3bb-4684-825e-53b7b784687d", + "name": "manage-account", + "description": "${role_manage-account}", + "composite": true, + "composites": { + "client": { + "account": ["manage-account-links"] + } + }, + "clientRole": true, + "containerId": "ce02d0ff-b633-4d79-8a33-2c8241017d72", + "attributes": {} + }, + { + "id": "81a519c5-d106-4b4c-986d-3416537d91b6", + "name": "view-groups", + "description": "${role_view-groups}", + "composite": false, + "clientRole": true, + "containerId": "ce02d0ff-b633-4d79-8a33-2c8241017d72", + "attributes": {} + }, + { + "id": "e563f5f3-e86f-491c-882a-7acc3d84c6f0", + "name": "view-consent", + "description": "${role_view-consent}", + "composite": false, + "clientRole": true, + "containerId": "ce02d0ff-b633-4d79-8a33-2c8241017d72", + "attributes": {} + }, + { + "id": "4434c108-c594-43e9-b8d4-8ded56196cc5", + "name": "view-profile", + "description": "${role_view-profile}", + "composite": false, + "clientRole": true, + "containerId": "ce02d0ff-b633-4d79-8a33-2c8241017d72", + "attributes": {} + }, + { + "id": "c342ec0b-6885-4d8d-b036-1aafdc376c06", + "name": "delete-account", + "description": "${role_delete-account}", + "composite": false, + "clientRole": true, + "containerId": "ce02d0ff-b633-4d79-8a33-2c8241017d72", + "attributes": {} + }, + { + "id": "5c200c4e-fd80-4cd1-8723-562ba7430398", + "name": "manage-account-links", + "description": "${role_manage-account-links}", + "composite": false, + "clientRole": true, + "containerId": "ce02d0ff-b633-4d79-8a33-2c8241017d72", + "attributes": {} + } + ], + "hasura": [ + { + "id": "e971ec56-92a0-4c06-a8a2-a35946852ee6", + "name": "uma_protection", + "composite": false, + "clientRole": true, + "containerId": "4be1cdcc-b0b3-4581-957b-54fa17c0d929", + "attributes": {} + }, + { + "id": "8cbd62f4-daa2-4809-850b-88870e2c70fc", + "name": "user", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "4be1cdcc-b0b3-4581-957b-54fa17c0d929", + "attributes": {} + } + ] + } + }, + "groups": [], + "defaultRole": { + "id": "b34240e1-92b8-48e9-aaa5-82eecbdcb283", + "name": "default-roles-hasura", + "description": "${role_default-roles}", + "composite": true, + "clientRole": false, + "containerId": "d3ebd3d9-2493-4aa2-942b-3118a216b430" + }, + "requiredCredentials": ["password"], + "otpPolicyType": "totp", + "otpPolicyAlgorithm": "HmacSHA1", + "otpPolicyInitialCounter": 0, + "otpPolicyDigits": 6, + "otpPolicyLookAheadWindow": 1, + "otpPolicyPeriod": 30, + "otpPolicyCodeReusable": false, + "otpSupportedApplications": [ + "totpAppGoogleName", + "totpAppMicrosoftAuthenticatorName", + "totpAppFreeOTPName" + ], + "webAuthnPolicyRpEntityName": "keycloak", + "webAuthnPolicySignatureAlgorithms": ["ES256"], + "webAuthnPolicyRpId": "", + "webAuthnPolicyAttestationConveyancePreference": "not specified", + "webAuthnPolicyAuthenticatorAttachment": "not specified", + "webAuthnPolicyRequireResidentKey": "not specified", + "webAuthnPolicyUserVerificationRequirement": "not specified", + "webAuthnPolicyCreateTimeout": 0, + "webAuthnPolicyAvoidSameAuthenticatorRegister": false, + "webAuthnPolicyAcceptableAaguids": [], + "webAuthnPolicyPasswordlessRpEntityName": "keycloak", + "webAuthnPolicyPasswordlessSignatureAlgorithms": ["ES256"], + "webAuthnPolicyPasswordlessRpId": "", + "webAuthnPolicyPasswordlessAttestationConveyancePreference": "not specified", + "webAuthnPolicyPasswordlessAuthenticatorAttachment": "not specified", + "webAuthnPolicyPasswordlessRequireResidentKey": "not specified", + "webAuthnPolicyPasswordlessUserVerificationRequirement": "not specified", + "webAuthnPolicyPasswordlessCreateTimeout": 0, + "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister": false, + "webAuthnPolicyPasswordlessAcceptableAaguids": [], + "users": [ + { + "username": "username", + "enabled": true, + "emailVerified": true, + "credentials": [ + { + "type": "password", + "value": "password" + } + ] + }, + { + "id": "8728e38e-6b60-44d2-8830-f1e2ad284a02", + "createdTimestamp": 1692777925764, + "username": "service-account-hasura", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "hasura", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": ["user", "default-roles-hasura"], + "clientRoles": { + "hasura": ["uma_protection"] + }, + "notBefore": 0, + "groups": [] + } + ], + "scopeMappings": [ + { + "clientScope": "offline_access", + "roles": ["offline_access"] + }, + { + "clientScope": "hasura", + "roles": ["user"] + } + ], + "clientScopeMappings": { + "account": [ + { + "client": "account-console", + "roles": ["manage-account", "view-groups"] + } + ] + }, + "clients": [ + { + "id": "ce02d0ff-b633-4d79-8a33-2c8241017d72", + "clientId": "account", + "name": "${client_account}", + "rootUrl": "${authBaseUrl}", + "baseUrl": "/realms/hasura/account/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "oMtCPAV7diKpE564SBspgKj4HqlKM4Hy", + "redirectUris": ["/realms/hasura/account/*"], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "post.logout.redirect.uris": "+" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "acr", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "101df256-3450-4b5c-8d0f-d29b531e3499", + "clientId": "account-console", + "name": "${client_account-console}", + "rootUrl": "${authBaseUrl}", + "baseUrl": "/realms/hasura/account/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": ["/realms/hasura/account/*"], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "post.logout.redirect.uris": "+", + "pkce.code.challenge.method": "S256" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "b06a98d0-6d91-4260-9406-aea123f842dc", + "name": "audience resolve", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-resolve-mapper", + "consentRequired": false, + "config": {} + } + ], + "defaultClientScopes": [ + "web-origins", + "acr", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "db12bda8-7624-46cc-a84f-9c83cf99b370", + "clientId": "admin-cli", + "name": "${client_admin-cli}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "acr", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "4a3abf8b-7ce0-4eb3-8733-0b76bde3125d", + "clientId": "broker", + "name": "${client_broker}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "acr", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "4be1cdcc-b0b3-4581-957b-54fa17c0d929", + "clientId": "hasura", + "name": "Hasura", + "description": "", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": ["http://localhost:3000/*"], + "webOrigins": ["http://localhost:3000"], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": true, + "authorizationServicesEnabled": true, + "publicClient": false, + "frontchannelLogout": true, + "protocol": "openid-connect", + "attributes": { + "oidc.ciba.grant.enabled": "false", + "oauth2.device.authorization.grant.enabled": "false", + "client.secret.creation.time": "1692777925", + "backchannel.logout.session.required": "true", + "backchannel.logout.revoke.offline.tokens": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "c4016925-f659-455a-9cdb-29bba88327e9", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "client_id", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "client_id", + "jsonType.label": "String" + } + }, + { + "id": "e80e0f4c-cd0d-4bb8-a1e4-108a49f4d1a7", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "3cb8ba1a-81f2-42b7-91b0-3fbe29126262", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "acr", + "roles", + "profile", + "hasura", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ], + "authorizationSettings": { + "allowRemoteResourceManagement": true, + "policyEnforcementMode": "ENFORCING", + "resources": [ + { + "name": "Default Resource", + "type": "urn:hasura:resources:default", + "ownerManagedAccess": false, + "attributes": {}, + "_id": "088f6856-3491-4600-ac5d-0287da57511c", + "uris": ["/*"] + } + ], + "policies": [ + { + "id": "f82ec078-33ce-4204-83c9-627a802c0821", + "name": "Default Policy", + "description": "A policy that grants access only for users within this realm", + "type": "role", + "logic": "POSITIVE", + "decisionStrategy": "AFFIRMATIVE", + "config": { + "roles": "[{\"id\":\"default-roles-hasura\",\"required\":false}]" + } + }, + { + "id": "2cad4a9f-b0f6-4067-98a7-4f42ed5e33ef", + "name": "Default Permission", + "description": "A permission that applies to the default resource type", + "type": "resource", + "logic": "POSITIVE", + "decisionStrategy": "UNANIMOUS", + "config": { + "defaultResourceType": "urn:hasura:resources:default", + "applyPolicies": "[\"Default Policy\"]" + } + } + ], + "scopes": [], + "decisionStrategy": "UNANIMOUS" + } + }, + { + "id": "5d7dda49-d56d-4c64-8a01-ee5dd5310c81", + "clientId": "realm-management", + "name": "${client_realm-management}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "acr", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "29f3fff6-2a63-4f7b-9474-d2385f0eff32", + "clientId": "security-admin-console", + "name": "${client_security-admin-console}", + "rootUrl": "${authAdminUrl}", + "baseUrl": "/admin/hasura/console/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": ["/admin/hasura/console/*"], + "webOrigins": ["+"], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "post.logout.redirect.uris": "+", + "pkce.code.challenge.method": "S256" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "795b2582-0f87-46ac-8be0-13518ad27445", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "acr", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + } + ], + "clientScopes": [ + { + "id": "7df17b55-8301-4667-b9f3-41f9520a92cf", + "name": "offline_access", + "description": "OpenID Connect built-in scope: offline_access", + "protocol": "openid-connect", + "attributes": { + "consent.screen.text": "${offlineAccessScopeConsentText}", + "display.on.consent.screen": "true" + } + }, + { + "id": "9cf833ae-3238-4aa3-9a9a-bbb8bc3767e3", + "name": "roles", + "description": "OpenID Connect scope for add user roles to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "true", + "consent.screen.text": "${rolesScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "8d49f2bc-7ffc-4ee0-ae71-d82623330caf", + "name": "client roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-client-role-mapper", + "consentRequired": false, + "config": { + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "resource_access.${client_id}.roles", + "jsonType.label": "String", + "multivalued": "true" + } + }, + { + "id": "7e1a84a8-47d0-4cd8-ba0f-dc689588b7ec", + "name": "realm roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "realm_access.roles", + "jsonType.label": "String", + "multivalued": "true" + } + }, + { + "id": "807ae7c0-7c18-4d46-b1c6-9d191294bf7b", + "name": "audience resolve", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-resolve-mapper", + "consentRequired": false, + "config": {} + } + ] + }, + { + "id": "ad8bfcfe-469b-4e72-82ab-2e8b564efc14", + "name": "acr", + "description": "OpenID Connect scope for add acr (authentication context class reference) to the token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "false" + }, + "protocolMappers": [ + { + "id": "96589cee-a8cc-4919-8b60-00a77a34ff87", + "name": "acr loa level", + "protocol": "openid-connect", + "protocolMapper": "oidc-acr-mapper", + "consentRequired": false, + "config": { + "id.token.claim": "true", + "access.token.claim": "true" + } + } + ] + }, + { + "id": "2a8948cb-65cf-4ce4-ae11-fae5d9391fd3", + "name": "microprofile-jwt", + "description": "Microprofile - JWT built-in scope", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "false" + }, + "protocolMappers": [ + { + "id": "6679f3f8-c764-4cd4-ae63-9da31200e7c5", + "name": "upn", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "upn", + "jsonType.label": "String" + } + }, + { + "id": "09a8bf42-8326-40a5-b1d3-0a65fe6236c3", + "name": "groups", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "multivalued": "true", + "user.attribute": "foo", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "groups", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "794f2bc0-4b14-4cb3-a7f2-730b2fabc84d", + "name": "hasura", + "description": "", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "gui.order": "", + "consent.screen.text": "" + }, + "protocolMappers": [ + { + "id": "74c7a728-24a3-480e-bbb9-2129bd2dccb1", + "name": "x-hasura-default-role", + "protocol": "openid-connect", + "protocolMapper": "oidc-hardcoded-claim-mapper", + "consentRequired": false, + "config": { + "claim.value": "user", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "https://hasura\\.io/jwt/claims.x-hasura-default-role", + "jsonType.label": "String", + "access.tokenResponse.claim": "false" + } + }, + { + "id": "b451832d-670a-4e0d-878e-904c2b1598c2", + "name": "x-hasura-user-id", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "id", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "https://hasura\\.io/jwt/claims.x-hasura-user-id", + "jsonType.label": "String" + } + }, + { + "id": "eb62cfc4-ea5f-454a-9c78-384cb5e80373", + "name": "x-hasura-allowed-roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-client-role-mapper", + "consentRequired": false, + "config": { + "multivalued": "true", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "https://hasura\\.io/jwt/claims.x-hasura-allowed-roles", + "jsonType.label": "String", + "usermodel.clientRoleMapping.clientId": "hasura" + } + } + ] + }, + { + "id": "8321f73d-4f9e-486e-ae03-cde49fc78bc1", + "name": "role_list", + "description": "SAML role list", + "protocol": "saml", + "attributes": { + "consent.screen.text": "${samlRoleListScopeConsentText}", + "display.on.consent.screen": "true" + }, + "protocolMappers": [ + { + "id": "56bb56c7-0237-4263-b858-7f9cdba57a1d", + "name": "role list", + "protocol": "saml", + "protocolMapper": "saml-role-list-mapper", + "consentRequired": false, + "config": { + "single": "false", + "attribute.nameformat": "Basic", + "attribute.name": "Role" + } + } + ] + }, + { + "id": "c2c39673-f405-4fed-81a5-3bc3aa333b8b", + "name": "email", + "description": "OpenID Connect built-in scope: email", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${emailScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "01e5705c-f668-476d-8526-7d8851531832", + "name": "email", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "email", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email", + "jsonType.label": "String" + } + }, + { + "id": "66d6d45a-d4ca-4574-bcbe-b26982b4c7f8", + "name": "email verified", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "emailVerified", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email_verified", + "jsonType.label": "boolean" + } + } + ] + }, + { + "id": "f03591f6-3ea2-405b-b47c-6eb797ec5926", + "name": "profile", + "description": "OpenID Connect built-in scope: profile", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${profileScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "3c61cc63-50f9-4cfb-b45e-422c59161709", + "name": "full name", + "protocol": "openid-connect", + "protocolMapper": "oidc-full-name-mapper", + "consentRequired": false, + "config": { + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "2dfbc3d5-81f1-4160-9b0a-c58fd997fe68", + "name": "picture", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "picture", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "picture", + "jsonType.label": "String" + } + }, + { + "id": "a5e7f48a-219c-4bca-a491-d54e8788d8be", + "name": "username", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "preferred_username", + "jsonType.label": "String" + } + }, + { + "id": "837efb21-32d2-47e5-8b1c-fdf5d3ea17bc", + "name": "website", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "website", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "website", + "jsonType.label": "String" + } + }, + { + "id": "d1200744-27c1-426c-8332-ce4b0c433c50", + "name": "zoneinfo", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "zoneinfo", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "zoneinfo", + "jsonType.label": "String" + } + }, + { + "id": "63eae02f-f44b-4fe6-91f2-a16d096c46db", + "name": "birthdate", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "birthdate", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "birthdate", + "jsonType.label": "String" + } + }, + { + "id": "5cbb20a8-2947-420d-9a5d-1ce4eb928117", + "name": "given name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "firstName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "given_name", + "jsonType.label": "String" + } + }, + { + "id": "fdb72b90-48f8-4dcf-be77-e246fc77814c", + "name": "family name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "lastName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "family_name", + "jsonType.label": "String" + } + }, + { + "id": "a61f7495-5229-48a8-a1d2-0596f13d1c06", + "name": "nickname", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "nickname", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "nickname", + "jsonType.label": "String" + } + }, + { + "id": "ac4150b4-0b5f-4187-a81f-21e582fde2b4", + "name": "profile", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "profile", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "profile", + "jsonType.label": "String" + } + }, + { + "id": "2f8cf479-e0f5-49a6-a46b-f4708f60840e", + "name": "middle name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "middleName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "middle_name", + "jsonType.label": "String" + } + }, + { + "id": "2530d28b-3135-442d-aabe-3dcd20d6370c", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + }, + { + "id": "68ca4cca-c6d3-4fa4-8079-ee0c81286577", + "name": "gender", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "gender", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "gender", + "jsonType.label": "String" + } + }, + { + "id": "ef95b412-17ff-4ef5-b9e9-8b95f7cc44b3", + "name": "updated at", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "updatedAt", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "updated_at", + "jsonType.label": "long" + } + } + ] + }, + { + "id": "8b3ba733-fa23-489f-b954-a0b89fba8b54", + "name": "web-origins", + "description": "OpenID Connect scope for add allowed web origins to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "false", + "consent.screen.text": "" + }, + "protocolMappers": [ + { + "id": "43ee6247-a7fd-4649-8770-5c966a23b831", + "name": "allowed web origins", + "protocol": "openid-connect", + "protocolMapper": "oidc-allowed-origins-mapper", + "consentRequired": false, + "config": {} + } + ] + }, + { + "id": "818f4f96-a63c-4c1d-9251-d999517ede72", + "name": "address", + "description": "OpenID Connect built-in scope: address", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${addressScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "f9fbf5ed-195e-44f1-a5d3-6bf64919bb2b", + "name": "address", + "protocol": "openid-connect", + "protocolMapper": "oidc-address-mapper", + "consentRequired": false, + "config": { + "user.attribute.formatted": "formatted", + "user.attribute.country": "country", + "user.attribute.postal_code": "postal_code", + "userinfo.token.claim": "true", + "user.attribute.street": "street", + "id.token.claim": "true", + "user.attribute.region": "region", + "access.token.claim": "true", + "user.attribute.locality": "locality" + } + } + ] + }, + { + "id": "e3f2c7fe-ca50-4b01-b999-098c82beb362", + "name": "phone", + "description": "OpenID Connect built-in scope: phone", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${phoneScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "7ae1a4ac-99db-4a27-8f18-f537a8020e4f", + "name": "phone number", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "phoneNumber", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "phone_number", + "jsonType.label": "String" + } + }, + { + "id": "edd5d134-b2c1-47d8-9cc5-3558559cf407", + "name": "phone number verified", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "phoneNumberVerified", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "phone_number_verified", + "jsonType.label": "boolean" + } + } + ] + } + ], + "defaultDefaultClientScopes": [ + "role_list", + "profile", + "email", + "roles", + "web-origins", + "acr", + "hasura" + ], + "defaultOptionalClientScopes": [ + "offline_access", + "address", + "phone", + "microprofile-jwt" + ], + "browserSecurityHeaders": { + "contentSecurityPolicyReportOnly": "", + "xContentTypeOptions": "nosniff", + "referrerPolicy": "no-referrer", + "xRobotsTag": "none", + "xFrameOptions": "SAMEORIGIN", + "contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';", + "xXSSProtection": "1; mode=block", + "strictTransportSecurity": "max-age=31536000; includeSubDomains" + }, + "smtpServer": {}, + "eventsEnabled": false, + "eventsListeners": ["jboss-logging"], + "enabledEventTypes": [], + "adminEventsEnabled": false, + "adminEventsDetailsEnabled": false, + "identityProviders": [], + "identityProviderMappers": [], + "components": { + "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy": [ + { + "id": "e2254ce7-52d6-4450-aa77-5ba2b40b8e26", + "name": "Allowed Client Scopes", + "providerId": "allowed-client-templates", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allow-default-scopes": ["true"] + } + }, + { + "id": "b88f3a6b-b2a8-476d-9433-904ca547f64c", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "saml-user-attribute-mapper", + "oidc-usermodel-property-mapper", + "oidc-sha256-pairwise-sub-mapper", + "oidc-full-name-mapper", + "saml-user-property-mapper", + "saml-role-list-mapper", + "oidc-usermodel-attribute-mapper", + "oidc-address-mapper" + ] + } + }, + { + "id": "d9ba5290-8c0e-4fa7-bf53-afc4fab4ec4b", + "name": "Allowed Client Scopes", + "providerId": "allowed-client-templates", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allow-default-scopes": ["true"] + } + }, + { + "id": "1c24034f-5374-4020-b8e2-ba2eb4c0a944", + "name": "Full Scope Disabled", + "providerId": "scope", + "subType": "anonymous", + "subComponents": {}, + "config": {} + }, + { + "id": "e66a399a-317f-42c0-8ec7-9e2ba781a53d", + "name": "Consent Required", + "providerId": "consent-required", + "subType": "anonymous", + "subComponents": {}, + "config": {} + }, + { + "id": "eec0d3e9-e1e2-41c0-8a03-cc5f06c0f77e", + "name": "Trusted Hosts", + "providerId": "trusted-hosts", + "subType": "anonymous", + "subComponents": {}, + "config": { + "host-sending-registration-request-must-match": ["true"], + "client-uris-must-match": ["true"] + } + }, + { + "id": "01f2436b-aa02-4f55-ac64-6132dd6ee375", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "oidc-usermodel-property-mapper", + "saml-user-property-mapper", + "oidc-usermodel-attribute-mapper", + "saml-user-attribute-mapper", + "oidc-full-name-mapper", + "oidc-address-mapper", + "oidc-sha256-pairwise-sub-mapper", + "saml-role-list-mapper" + ] + } + }, + { + "id": "86fe59f0-cb96-4a39-8476-ae092479fb69", + "name": "Max Clients Limit", + "providerId": "max-clients", + "subType": "anonymous", + "subComponents": {}, + "config": { + "max-clients": ["200"] + } + } + ], + "org.keycloak.keys.KeyProvider": [ + { + "id": "796db70c-b8e9-4efa-b225-91d8cc8099ea", + "name": "rsa-enc-generated", + "providerId": "rsa-enc-generated", + "subComponents": {}, + "config": { + "priority": ["100"], + "algorithm": ["RSA-OAEP"] + } + }, + { + "id": "06ed66b9-a1ac-4662-afb4-889d176189b3", + "name": "hmac-generated", + "providerId": "hmac-generated", + "subComponents": {}, + "config": { + "priority": ["100"], + "algorithm": ["HS256"] + } + }, + { + "id": "fc8169fe-cb2b-4edb-befa-fa136215a184", + "name": "aes-generated", + "providerId": "aes-generated", + "subComponents": {}, + "config": { + "priority": ["100"] + } + }, + { + "id": "9c40d8de-d867-4f6a-9637-b99500551f15", + "name": "rsa-generated", + "providerId": "rsa-generated", + "subComponents": {}, + "config": { + "priority": ["100"] + } + } + ] + }, + "internationalizationEnabled": false, + "supportedLocales": [], + "authenticationFlows": [ + { + "id": "da3e4aa5-578c-4a70-a0ee-6bd0ac54acd5", + "alias": "Account verification options", + "description": "Method with which to verity the existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-email-verification", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "autheticatorFlow": true, + "flowAlias": "Verify Existing Account by Re-authentication", + "userSetupAllowed": false + } + ] + }, + { + "id": "489875e5-f48e-484a-8a82-d49e8af1834a", + "alias": "Browser - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "autheticatorFlow": false, + "userSetupAllowed": false + } + ] + }, + { + "id": "43d1a926-1785-4391-bf16-519da996ab47", + "alias": "Direct Grant - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "direct-grant-validate-otp", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "autheticatorFlow": false, + "userSetupAllowed": false + } + ] + }, + { + "id": "27d47660-5e77-4732-b781-36e88d2f6baf", + "alias": "First broker login - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "autheticatorFlow": false, + "userSetupAllowed": false + } + ] + }, + { + "id": "a7d1c2ef-57c8-4907-b21b-0d2df675c9c0", + "alias": "Handle Existing Account", + "description": "Handle what to do if there is existing account with same email/username like authenticated identity provider", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-confirm-link", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "autheticatorFlow": true, + "flowAlias": "Account verification options", + "userSetupAllowed": false + } + ] + }, + { + "id": "5f97b94f-e60d-498e-8874-d719adbcc985", + "alias": "Reset - Conditional OTP", + "description": "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "reset-otp", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "autheticatorFlow": false, + "userSetupAllowed": false + } + ] + }, + { + "id": "22b24e38-53ff-4788-ae8a-dcbce66819a7", + "alias": "User creation or linking", + "description": "Flow for the existing/non-existing user alternatives", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "create unique user config", + "authenticator": "idp-create-user-if-unique", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "autheticatorFlow": true, + "flowAlias": "Handle Existing Account", + "userSetupAllowed": false + } + ] + }, + { + "id": "aa67bda7-bfc9-4cd2-84a5-22e371e89135", + "alias": "Verify Existing Account by Re-authentication", + "description": "Reauthentication of existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "autheticatorFlow": true, + "flowAlias": "First broker login - Conditional OTP", + "userSetupAllowed": false + } + ] + }, + { + "id": "f9b90830-656d-4378-bd98-c11d8a20295c", + "alias": "browser", + "description": "browser based authentication", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-cookie", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "auth-spnego", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 20, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "identity-provider-redirector", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 25, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 30, + "autheticatorFlow": true, + "flowAlias": "forms", + "userSetupAllowed": false + } + ] + }, + { + "id": "9b00a800-deea-4b4a-b9cb-530886a7098a", + "alias": "clients", + "description": "Base authentication for clients", + "providerId": "client-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "client-secret", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "client-jwt", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 20, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "client-secret-jwt", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 30, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "client-x509", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 40, + "autheticatorFlow": false, + "userSetupAllowed": false + } + ] + }, + { + "id": "88c2fd63-c912-4727-8323-63d31333efaf", + "alias": "direct grant", + "description": "OpenID Connect Resource Owner Grant", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "direct-grant-validate-username", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "direct-grant-validate-password", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 30, + "autheticatorFlow": true, + "flowAlias": "Direct Grant - Conditional OTP", + "userSetupAllowed": false + } + ] + }, + { + "id": "12a8d6fe-ad7e-4443-9b40-b8855535def0", + "alias": "docker auth", + "description": "Used by Docker clients to authenticate against the IDP", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "docker-http-basic-authenticator", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + } + ] + }, + { + "id": "c64af03f-9326-4689-ad7e-d804b3fe0d60", + "alias": "first broker login", + "description": "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "review profile config", + "authenticator": "idp-review-profile", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "autheticatorFlow": true, + "flowAlias": "User creation or linking", + "userSetupAllowed": false + } + ] + }, + { + "id": "b0e1e734-a068-4ab1-b643-9ac5e18b54b9", + "alias": "forms", + "description": "Username, password, otp and other auth forms.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "autheticatorFlow": true, + "flowAlias": "Browser - Conditional OTP", + "userSetupAllowed": false + } + ] + }, + { + "id": "8978b81a-5145-40bf-9a02-4b9f5c2270cf", + "alias": "registration", + "description": "registration flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-page-form", + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": true, + "flowAlias": "registration form", + "userSetupAllowed": false + } + ] + }, + { + "id": "dd0879d0-a1c7-47dd-8343-5495259359dc", + "alias": "registration form", + "description": "registration form", + "providerId": "form-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-user-creation", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "registration-profile-action", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 40, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "registration-password-action", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 50, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "registration-recaptcha-action", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 60, + "autheticatorFlow": false, + "userSetupAllowed": false + } + ] + }, + { + "id": "2b5b0164-695d-406a-831d-de8e0864ba8b", + "alias": "reset credentials", + "description": "Reset credentials for a user if they forgot their password or something", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "reset-credentials-choose-user", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "reset-credential-email", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticator": "reset-password", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 30, + "autheticatorFlow": false, + "userSetupAllowed": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 40, + "autheticatorFlow": true, + "flowAlias": "Reset - Conditional OTP", + "userSetupAllowed": false + } + ] + }, + { + "id": "b26ac227-95e1-4dea-9673-9cf6f72950d7", + "alias": "saml ecp", + "description": "SAML ECP Profile Authentication Flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "http-basic-authenticator", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "autheticatorFlow": false, + "userSetupAllowed": false + } + ] + } + ], + "authenticatorConfig": [ + { + "id": "2c59769e-dc23-4813-8ab7-deaa7cde4de5", + "alias": "create unique user config", + "config": { + "require.password.update.after.registration": "false" + } + }, + { + "id": "49f039b3-3d77-43d1-9a32-706285b18e3d", + "alias": "review profile config", + "config": { + "update.profile.on.first.login": "missing" + } + } + ], + "requiredActions": [ + { + "alias": "CONFIGURE_TOTP", + "name": "Configure OTP", + "providerId": "CONFIGURE_TOTP", + "enabled": true, + "defaultAction": false, + "priority": 10, + "config": {} + }, + { + "alias": "TERMS_AND_CONDITIONS", + "name": "Terms and Conditions", + "providerId": "TERMS_AND_CONDITIONS", + "enabled": false, + "defaultAction": false, + "priority": 20, + "config": {} + }, + { + "alias": "UPDATE_PASSWORD", + "name": "Update Password", + "providerId": "UPDATE_PASSWORD", + "enabled": true, + "defaultAction": false, + "priority": 30, + "config": {} + }, + { + "alias": "UPDATE_PROFILE", + "name": "Update Profile", + "providerId": "UPDATE_PROFILE", + "enabled": true, + "defaultAction": false, + "priority": 40, + "config": {} + }, + { + "alias": "VERIFY_EMAIL", + "name": "Verify Email", + "providerId": "VERIFY_EMAIL", + "enabled": true, + "defaultAction": false, + "priority": 50, + "config": {} + }, + { + "alias": "delete_account", + "name": "Delete Account", + "providerId": "delete_account", + "enabled": false, + "defaultAction": false, + "priority": 60, + "config": {} + }, + { + "alias": "webauthn-register", + "name": "Webauthn Register", + "providerId": "webauthn-register", + "enabled": true, + "defaultAction": false, + "priority": 70, + "config": {} + }, + { + "alias": "webauthn-register-passwordless", + "name": "Webauthn Register Passwordless", + "providerId": "webauthn-register-passwordless", + "enabled": true, + "defaultAction": false, + "priority": 80, + "config": {} + }, + { + "alias": "update_user_locale", + "name": "Update User Locale", + "providerId": "update_user_locale", + "enabled": true, + "defaultAction": false, + "priority": 1000, + "config": {} + } + ], + "browserFlow": "browser", + "registrationFlow": "registration", + "directGrantFlow": "direct grant", + "resetCredentialsFlow": "reset credentials", + "clientAuthenticationFlow": "clients", + "dockerAuthenticationFlow": "docker auth", + "attributes": { + "cibaBackchannelTokenDeliveryMode": "poll", + "cibaExpiresIn": "120", + "cibaAuthRequestedUserHint": "login_hint", + "oauth2DeviceCodeLifespan": "600", + "oauth2DevicePollingInterval": "5", + "parRequestUriLifespan": "60", + "cibaInterval": "5", + "realmReusableOtpCode": "false" + }, + "keycloakVersion": "22.0.0", + "userManagedAccessAllowed": false, + "clientProfiles": { + "profiles": [] + }, + "clientPolicies": { + "policies": [] + } +} diff --git a/conf/sample.env_app-backend b/conf/sample.env_app-backend new file mode 100644 index 000000000..1de335a67 --- /dev/null +++ b/conf/sample.env_app-backend @@ -0,0 +1,21 @@ +## postgres database to store Hasura metadata +HASURA_GRAPHQL_METADATA_DATABASE_URL=postgres://postgres:postgrespassword@postgres:5432/postgres +## this env var can be used to add the above postgres database to Hasura as a data source. this can be removed/updated based on your needs +PG_DATABASE_URL=postgres://postgres:postgrespassword@postgres:5432/postgres +## enable the console served by server +HASURA_GRAPHQL_ENABLE_CONSOLE="true" # set to "false" to disable console +## enable debugging mode. It is recommended to disable this in production +HASURA_GRAPHQL_DEV_MODE="true" +HASURA_GRAPHQL_ENABLED_LOG_TYPES=startup, http-log, webhook-log, websocket-log, query-log +## uncomment next line to run console offline (i.e load console assets from server instead of CDN) +# HASURA_GRAPHQL_CONSOLE_ASSETS_DIR: /srv/console-assets +## uncomment next line to set an admin secret +HASURA_GRAPHQL_ADMIN_SECRET=myadminsecretkey +HASURA_GRAPHQL_UNAUTHORIZED_ROLE="public" +HASURA_GRAPHQL_METADATA_DEFAULTS='{"backend_configs":{"dataconnector":{"athena":{"uri":"http://data-connector-agent:8081/api/v1/athena"},"mariadb":{"uri":"http://data-connector-agent:8081/api/v1/mariadb"},"mysql8":{"uri":"http://data-connector-agent:8081/api/v1/mysql"},"oracle":{"uri":"http://data-connector-agent:8081/api/v1/oracle"},"snowflake":{"uri":"http://data-connector-agent:8081/api/v1/snowflake"}}}}' +HASURA_GRAPHQL_JWT_SECRET={"type": "RS256", "key": "-----BEGIN CERTIFICATE-----\n...\n-----END CERTIFICATE-----"} + +# Environment variable for auto migrate +HASURA_GRAPHQL_MIGRATIONS_DIR=/migrations +HASURA_GRAPHQL_METADATA_DIR=/metadata +HASURA_GRAPHQL_ENABLE_CONSOLE='true' diff --git a/conf/sample.env_app-backend-postgres b/conf/sample.env_app-backend-postgres new file mode 100644 index 000000000..39aa93db5 --- /dev/null +++ b/conf/sample.env_app-backend-postgres @@ -0,0 +1 @@ +POSTGRES_PASSWORD=postgrespassword \ No newline at end of file diff --git a/conf/sample.env_web-client b/conf/sample.env_web-client new file mode 100644 index 000000000..591a2dcd6 --- /dev/null +++ b/conf/sample.env_web-client @@ -0,0 +1,19 @@ +NEXT_PUBLIC_ENV=development +NEXT_PUBLIC_API_URL= +NEXT_PUBLIC_WEB_URL= +NEXT_PUBLIC_SSE_INFERENCE_ENDPOINT= +NEXT_PUBLIC_BE_KEY=aCOHRBM6uJEdLQpp +NEXT_PUBLIC_DISCORD_INVITATION_URL= +NEXT_PUBLIC_GLEAP_API_KEY= +NEXT_PUBLIC_DOWNLOAD_APP_IOS= +NEXT_PUBLIC_DOWNLOAD_APP_ANDROID= +NEXT_PUBLIC_POSTHOG_API_KEY= +NEXT_PUBLIC_SENTRY_DNS= +KEYCLOAK_CLIENT_ID=ce02d0ff-b633-4d79-8a33-2c8241017d72 +KEYCLOAK_CLIENT_SECRET=oMtCPAV7diKpE564SBspgKj4HqlKM4Hy +AUTH_ISSUER=http://keycloak:8088/realms/hasura +NEXTAUTH_URL=http://localhost:3000 +NEXTAUTH_SECRET=my-secret +END_SESSION_URL=http://keycloak:8088/realms/new-realm/protocol/openid-connect/logout +REFRESH_TOKEN_URL=http://keycloak:8088/realms/new-realm/protocol/openid-connect/token +HASURA_ADMIN_TOKEN=myadminsecretkey \ No newline at end of file diff --git a/docker-compose.yml b/docker-compose.yml index d3025ead0..844f547ba 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,13 +1,14 @@ # docker version version: "3" -volumes: - keycloak_postgres_data: +# volumes: +# keycloak_postgres_data: +# db_data: services: keycloak: image: quay.io/keycloak/keycloak:${KEYCLOAK_VERSION-22.0.0} - command: start-dev + command: ["start-dev", "--import-realm", "--http-port", "8088"] environment: KC_DB: postgres KC_DB_URL_HOST: keycloak_postgres @@ -17,8 +18,10 @@ services: KC_DB_SCHEMA: ${KC_DB_SCHEMA:-public} KEYCLOAK_ADMIN: ${KEYCLOAK_ADMIN-admin} KEYCLOAK_ADMIN_PASSWORD: ${KEYCLOAK_ADMIN_PASSWORD-admin} + volumes: + - ./conf/keycloak_conf:/opt/keycloak/data/import ports: - - "8080:8080" + - "8088:8088" depends_on: keycloak_postgres: condition: service_healthy @@ -37,27 +40,71 @@ services: PGPORT: ${POSTGRES_PORT:-5432} healthcheck: test: "exit 0" - volumes: - - keycloak_postgres_data:/data/postgres + # volumes: + # - keycloak_postgres_data:/data/postgres ports: - ${POSTGRES_PORT:-5432}:${POSTGRES_PORT:-5432} networks: jan_community: - keycloak_config_cli: - image: adorsys/keycloak-config-cli:latest - depends_on: - - keycloak + postgres: + image: postgres:13 + restart: always + # volumes: + # - db_data:/var/lib/postgresql/data + env_file: + - conf/sample.env_app-backend-postgres + graphql-engine: + image: hasura/graphql-engine:v2.31.0.cli-migrations-v3 + ports: + - "8080:8080" + restart: always + env_file: + - conf/sample.env_app-backend volumes: - - ./conf/keycloak_conf:/config + - ./app-backend/hasura/migrations:/migrations + - ./app-backend/hasura/metadata:/metadata + depends_on: + data-connector-agent: + condition: service_healthy + networks: + jan_community: + + data-connector-agent: + image: hasura/graphql-data-connector:v2.31.0 + restart: always + ports: + - 8081:8081 environment: - KEYCLOAK_URL: http://keycloak:8080 - KEYCLOAK_USER: ${KEYCLOAK_ADMIN-admin} - KEYCLOAK_PASSWORD: ${KEYCLOAK_ADMIN_PASSWORD-admin} - KEYCLOAK_AVAILABILITYCHECK_ENABLED: 'true' - KEYCLOAK_AVAILABILITYCHECK_TIMEOUT: 120s - IMPORT_FILES_LOCATIONS: '/config/*' - DEBUG: 'true' + QUARKUS_LOG_LEVEL: ERROR # FATAL, ERROR, WARN, INFO, DEBUG, TRACE + ## https://quarkus.io/guides/opentelemetry#configuration-reference + QUARKUS_OPENTELEMETRY_ENABLED: "false" + ## QUARKUS_OPENTELEMETRY_TRACER_EXPORTER_OTLP_ENDPOINT: http://jaeger:4317 + healthcheck: + test: ["CMD", "curl", "-f", "http://localhost:8081/api/v1/athena/health"] + interval: 5s + timeout: 10s + retries: 5 + start_period: 5s + networks: + jan_community: + + web: + build: + context: ./web-client + dockerfile: dev.Dockerfile + container_name: jan_web + restart: always + env_file: + - conf/sample.env_web-client + volumes: + - .:/app + ports: + - "3000:3000" + environment: + NODE_ENV: development + networks: + jan_community: networks: - jan_community: \ No newline at end of file + jan_community: diff --git a/.env.sample b/sample.env similarity index 100% rename from .env.sample rename to sample.env From afbdec26d1d2962165fe3c4f232e3cda093f1d8a Mon Sep 17 00:00:00 2001 From: Hien To <> Date: Fri, 25 Aug 2023 10:38:38 +0700 Subject: [PATCH 04/11] Chore: Update new env and commit for app-backend --- app-backend | 2 +- conf/sample.env_app-backend | 4 +++- conf/sample.env_web-client | 3 ++- docker-compose.yml | 14 ++++++++++++++ web-client | 2 +- 5 files changed, 21 insertions(+), 4 deletions(-) diff --git a/app-backend b/app-backend index 74273d1e0..4a58195b2 160000 --- a/app-backend +++ b/app-backend @@ -1 +1 @@ -Subproject commit 74273d1e0c50b8851faa96358369e1a0070c705e +Subproject commit 4a58195b2e3ff1cb6b465764c6ff5ba98ea42ab1 diff --git a/conf/sample.env_app-backend b/conf/sample.env_app-backend index 1de335a67..605f65b09 100644 --- a/conf/sample.env_app-backend +++ b/conf/sample.env_app-backend @@ -13,9 +13,11 @@ HASURA_GRAPHQL_ENABLED_LOG_TYPES=startup, http-log, webhook-log, websocket-log, HASURA_GRAPHQL_ADMIN_SECRET=myadminsecretkey HASURA_GRAPHQL_UNAUTHORIZED_ROLE="public" HASURA_GRAPHQL_METADATA_DEFAULTS='{"backend_configs":{"dataconnector":{"athena":{"uri":"http://data-connector-agent:8081/api/v1/athena"},"mariadb":{"uri":"http://data-connector-agent:8081/api/v1/mariadb"},"mysql8":{"uri":"http://data-connector-agent:8081/api/v1/mysql"},"oracle":{"uri":"http://data-connector-agent:8081/api/v1/oracle"},"snowflake":{"uri":"http://data-connector-agent:8081/api/v1/snowflake"}}}}' -HASURA_GRAPHQL_JWT_SECRET={"type": "RS256", "key": "-----BEGIN CERTIFICATE-----\n...\n-----END CERTIFICATE-----"} +HASURA_GRAPHQL_JWT_SECRET={"jwk_url": "http://keycloak:8088/realms/hasura/protocol/openid-connect/certs"} # Environment variable for auto migrate HASURA_GRAPHQL_MIGRATIONS_DIR=/migrations HASURA_GRAPHQL_METADATA_DIR=/metadata HASURA_GRAPHQL_ENABLE_CONSOLE='true' +HASURA_ACTION_STABLE_DIFFUSION_URL=http://stablediffusion:8087 +HASURA_EVENTS_HOOK_URL="http://worker:8787" \ No newline at end of file diff --git a/conf/sample.env_web-client b/conf/sample.env_web-client index 591a2dcd6..43b01085f 100644 --- a/conf/sample.env_web-client +++ b/conf/sample.env_web-client @@ -16,4 +16,5 @@ NEXTAUTH_URL=http://localhost:3000 NEXTAUTH_SECRET=my-secret END_SESSION_URL=http://keycloak:8088/realms/new-realm/protocol/openid-connect/logout REFRESH_TOKEN_URL=http://keycloak:8088/realms/new-realm/protocol/openid-connect/token -HASURA_ADMIN_TOKEN=myadminsecretkey \ No newline at end of file +HASURA_ADMIN_TOKEN=myadminsecretkey +NEXT_PUBLIC_GRAPHQL_ENGINE_URL=hasura:8080 diff --git a/docker-compose.yml b/docker-compose.yml index 844f547ba..1c93252d0 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -70,6 +70,20 @@ services: networks: jan_community: + worker: + build: + context: ./app-backend + dockerfile: ./worker/Dockerfile + restart: always + environment: + - "NODE_ENV=development" + volumes: + - .:/worker + ports: + - "8787:8787" + networks: + jan_community: + data-connector-agent: image: hasura/graphql-data-connector:v2.31.0 restart: always diff --git a/web-client b/web-client index e105df566..eb00c6650 160000 --- a/web-client +++ b/web-client @@ -1 +1 @@ -Subproject commit e105df5665055b1132ed485b6889e5b7382a599d +Subproject commit eb00c6650dc62aa1515b8ff5ef47e8395e1baba5 From 8af674e97aef4e88688aed49bc1579ea9e7ece6c Mon Sep 17 00:00:00 2001 From: Hien To Date: Fri, 25 Aug 2023 14:09:13 +0700 Subject: [PATCH 05/11] Chore: add network for postgres and fix wrong path jan-web --- docker-compose.yml | 7 ++++--- web-client | 2 +- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index 1c93252d0..e70d6ee20 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -54,6 +54,9 @@ services: # - db_data:/var/lib/postgresql/data env_file: - conf/sample.env_app-backend-postgres + networks: + jan_community: + graphql-engine: image: hasura/graphql-engine:v2.31.0.cli-migrations-v3 ports: @@ -106,13 +109,11 @@ services: web: build: context: ./web-client - dockerfile: dev.Dockerfile + dockerfile: ./dev.Dockerfile container_name: jan_web restart: always env_file: - conf/sample.env_web-client - volumes: - - .:/app ports: - "3000:3000" environment: diff --git a/web-client b/web-client index eb00c6650..64eb6f531 160000 --- a/web-client +++ b/web-client @@ -1 +1 @@ -Subproject commit eb00c6650dc62aa1515b8ff5ef47e8395e1baba5 +Subproject commit 64eb6f531700cff692313f3b4249d00d0fef29eb From eb671d79794dbe5c78edbd5be2e63f7850ac6275 Mon Sep 17 00:00:00 2001 From: Hien To Date: Fri, 25 Aug 2023 08:50:11 +0700 Subject: [PATCH 06/11] Integrate with llm --- app-backend | 2 +- conf/sample.env_web-client | 6 +-- docker-compose.yml | 79 +++++++++++++++++++++++++++++++++++++- sample.env | 12 +++--- 4 files changed, 87 insertions(+), 12 deletions(-) diff --git a/app-backend b/app-backend index 4a58195b2..4aa041a1b 160000 --- a/app-backend +++ b/app-backend @@ -1 +1 @@ -Subproject commit 4a58195b2e3ff1cb6b465764c6ff5ba98ea42ab1 +Subproject commit 4aa041a1bf4e652240514b9fb7acc0860287699a diff --git a/conf/sample.env_web-client b/conf/sample.env_web-client index 43b01085f..3c33c1ad0 100644 --- a/conf/sample.env_web-client +++ b/conf/sample.env_web-client @@ -11,10 +11,10 @@ NEXT_PUBLIC_POSTHOG_API_KEY= NEXT_PUBLIC_SENTRY_DNS= KEYCLOAK_CLIENT_ID=ce02d0ff-b633-4d79-8a33-2c8241017d72 KEYCLOAK_CLIENT_SECRET=oMtCPAV7diKpE564SBspgKj4HqlKM4Hy -AUTH_ISSUER=http://keycloak:8088/realms/hasura +AUTH_ISSUER=http://172.20.0.9:8088/realms/hasura NEXTAUTH_URL=http://localhost:3000 NEXTAUTH_SECRET=my-secret -END_SESSION_URL=http://keycloak:8088/realms/new-realm/protocol/openid-connect/logout -REFRESH_TOKEN_URL=http://keycloak:8088/realms/new-realm/protocol/openid-connect/token +END_SESSION_URL=http://172.20.0.9:8088/realms/hasura/protocol/openid-connect/logout +REFRESH_TOKEN_URL=http://172.20.0.9:8088/realms/hasura/protocol/openid-connect/token HASURA_ADMIN_TOKEN=myadminsecretkey NEXT_PUBLIC_GRAPHQL_ENGINE_URL=hasura:8080 diff --git a/docker-compose.yml b/docker-compose.yml index e70d6ee20..d0d15c725 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -21,12 +21,13 @@ services: volumes: - ./conf/keycloak_conf:/opt/keycloak/data/import ports: - - "8088:8088" + - "8088:8088" depends_on: keycloak_postgres: condition: service_healthy networks: jan_community: + ipv4_address: 172.20.0.9 keycloak_postgres: image: postgres:13 @@ -46,6 +47,7 @@ services: - ${POSTGRES_PORT:-5432}:${POSTGRES_PORT:-5432} networks: jan_community: + ipv4_address: 172.20.0.10 postgres: image: postgres:13 @@ -56,11 +58,12 @@ services: - conf/sample.env_app-backend-postgres networks: jan_community: + ipv4_address: 172.20.0.11 graphql-engine: image: hasura/graphql-engine:v2.31.0.cli-migrations-v3 ports: - - "8080:8080" + - "8080:8080" restart: always env_file: - conf/sample.env_app-backend @@ -72,6 +75,7 @@ services: condition: service_healthy networks: jan_community: + ipv4_address: 172.20.0.12 worker: build: @@ -86,6 +90,7 @@ services: - "8787:8787" networks: jan_community: + ipv4_address: 172.20.0.13 data-connector-agent: image: hasura/graphql-data-connector:v2.31.0 @@ -103,8 +108,10 @@ services: timeout: 10s retries: 5 start_period: 5s + networks: jan_community: + ipv4_address: 172.20.0.14 web: build: @@ -118,8 +125,76 @@ services: - "3000:3000" environment: NODE_ENV: development + networks: jan_community: + ipv4_address: 172.20.0.15 + + # Service to download a model file. + downloader: + image: busybox + # The command extracts the model filename from MODEL_URL and downloads it if it doesn't exist. + command: /bin/sh -c "LLM_MODEL_FILE=$(basename ${MODEL_URL}); if [ ! -f /models/$LLM_MODEL_FILE ]; then wget -O /models/$LLM_MODEL_FILE ${MODEL_URL}; fi" + # Mount a local directory to store the downloaded model. + volumes: + - ./jan-inference/llm/models:/models + + networks: + jan_community: + ipv4_address: 172.20.0.16 + + # Service to wait for the downloader service to finish downloading the model. + wait-for-downloader: + image: busybox + # The command waits until the model file (specified in MODEL_URL) exists. + command: /bin/sh -c "LLM_MODEL_FILE=$(basename ${MODEL_URL}); echo 'Waiting for downloader to finish'; while [ ! -f /models/$LLM_MODEL_FILE ]; do sleep 1; done; echo 'Model downloaded!'" + # Specifies that this service should start after the downloader service has started. + depends_on: + downloader: + condition: service_started + # Mount the same local directory to check for the downloaded model. + volumes: + - ./jan-inference/llm/models:/models + + networks: + jan_community: + ipv4_address: 172.20.0.17 + + # Service to run the Llama web application. + llm: + image: ghcr.io/abetlen/llama-cpp-python:latest + # Mount the directory that contains the downloaded model. + volumes: + - ./jan-inference/llm/models:/models + ports: + - 8000:8000 + environment: + # Specify the path to the model for the web application. + MODEL: /models/llama-2-7b-chat.ggmlv3.q4_1.bin + PYTHONUNBUFFERED: 1 + # Health check configuration + # healthcheck: + # test: ["CMD", "wget", "--quiet", "--tries=1", "--spider", "http://localhost:8000"] + # interval: 30s + # timeout: 10s + # retries: 3 + # start_period: 30s + # Restart policy configuration + restart: on-failure + # Specifies that this service should start only after wait-for-downloader has completed successfully. + depends_on: + wait-for-downloader: + condition: service_completed_successfully + # Connect this service to two networks: inference_net and traefik_public. + + networks: + jan_community: + ipv4_address: 172.20.0.18 networks: jan_community: + driver: bridge + ipam: + driver: default + config: + - subnet: 172.20.0.0/16 \ No newline at end of file diff --git a/sample.env b/sample.env index d29332dd2..2f2911923 100644 --- a/sample.env +++ b/sample.env @@ -1,11 +1,11 @@ KEYCLOAK_VERSION=22.0.0 -POSTGRES_DB_NAME=your_db_name -POSTGRES_PASSWORD=your_db_pw -POSTGRES_USERNAME=your_db_username -POSTGRES_PORT=your_db_port +POSTGRES_DB_NAME=keycloak +POSTGRES_PASSWORD=postgres +POSTGRES_USERNAME=postgres +POSTGRES_PORT=5432 KC_DB_SCHEMA=public -KEYCLOAK_ADMIN=your_keycloak_admin_username -KEYCLOAK_ADMIN_PASSWORD=your_keycloak_admin_password +KEYCLOAK_ADMIN=admin +KEYCLOAK_ADMIN_PASSWORD=admin # Inference ## LLM From b140765a39bad4ad3cc0e9c62b55b7bf7fdf7a60 Mon Sep 17 00:00:00 2001 From: Hien To Date: Fri, 25 Aug 2023 16:58:51 +0700 Subject: [PATCH 07/11] Keycloak config add role for user --- conf/keycloak_conf/example-realm.json | 14 +++++++++++--- conf/sample.env_web-client | 6 +++--- 2 files changed, 14 insertions(+), 6 deletions(-) diff --git a/conf/keycloak_conf/example-realm.json b/conf/keycloak_conf/example-realm.json index 4187c2653..bc10dac64 100644 --- a/conf/keycloak_conf/example-realm.json +++ b/conf/keycloak_conf/example-realm.json @@ -467,7 +467,16 @@ "type": "password", "value": "password" } - ] + ], + "realmRoles": [ + "user", + "default-roles-hasura" + ], + "clientRoles": { + "hasura": [ + "user" + ] + } }, { "id": "8728e38e-6b60-44d2-8830-f1e2ad284a02", @@ -516,7 +525,6 @@ "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", - "secret": "oMtCPAV7diKpE564SBspgKj4HqlKM4Hy", "redirectUris": ["/realms/hasura/account/*"], "webOrigins": [], "notBefore": 0, @@ -690,7 +698,7 @@ "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", - "secret": "**********", + "secret": "oMtCPAV7diKpE564SBspgKj4HqlKM4Hy", "redirectUris": ["http://localhost:3000/*"], "webOrigins": ["http://localhost:3000"], "notBefore": 0, diff --git a/conf/sample.env_web-client b/conf/sample.env_web-client index 3c33c1ad0..37844ace3 100644 --- a/conf/sample.env_web-client +++ b/conf/sample.env_web-client @@ -1,5 +1,5 @@ NEXT_PUBLIC_ENV=development -NEXT_PUBLIC_API_URL= +NEXT_PUBLIC_API_URL=localhost:8080 NEXT_PUBLIC_WEB_URL= NEXT_PUBLIC_SSE_INFERENCE_ENDPOINT= NEXT_PUBLIC_BE_KEY=aCOHRBM6uJEdLQpp @@ -9,7 +9,7 @@ NEXT_PUBLIC_DOWNLOAD_APP_IOS= NEXT_PUBLIC_DOWNLOAD_APP_ANDROID= NEXT_PUBLIC_POSTHOG_API_KEY= NEXT_PUBLIC_SENTRY_DNS= -KEYCLOAK_CLIENT_ID=ce02d0ff-b633-4d79-8a33-2c8241017d72 +KEYCLOAK_CLIENT_ID=hasura KEYCLOAK_CLIENT_SECRET=oMtCPAV7diKpE564SBspgKj4HqlKM4Hy AUTH_ISSUER=http://172.20.0.9:8088/realms/hasura NEXTAUTH_URL=http://localhost:3000 @@ -17,4 +17,4 @@ NEXTAUTH_SECRET=my-secret END_SESSION_URL=http://172.20.0.9:8088/realms/hasura/protocol/openid-connect/logout REFRESH_TOKEN_URL=http://172.20.0.9:8088/realms/hasura/protocol/openid-connect/token HASURA_ADMIN_TOKEN=myadminsecretkey -NEXT_PUBLIC_GRAPHQL_ENGINE_URL=hasura:8080 +NEXT_PUBLIC_GRAPHQL_ENGINE_URL=localhost:8080 From f3c8f411807fe37096ab40868a0aeb54d6018fe1 Mon Sep 17 00:00:00 2001 From: Louis Date: Sat, 26 Aug 2023 14:47:24 +0700 Subject: [PATCH 08/11] fix: web-client next not found and worker not hot reloaded --- app-backend | 2 +- docker-compose.yml | 10 +++++++--- web-client | 2 +- 3 files changed, 9 insertions(+), 5 deletions(-) diff --git a/app-backend b/app-backend index 4aa041a1b..11d66335f 160000 --- a/app-backend +++ b/app-backend @@ -1 +1 @@ -Subproject commit 4aa041a1bf4e652240514b9fb7acc0860287699a +Subproject commit 11d66335f19c6379566524742cf588959c49676f diff --git a/docker-compose.yml b/docker-compose.yml index d0d15c725..1857b385d 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -79,13 +79,13 @@ services: worker: build: - context: ./app-backend - dockerfile: ./worker/Dockerfile + context: ./app-backend/worker + dockerfile: ./Dockerfile restart: always environment: - "NODE_ENV=development" volumes: - - .:/worker + - ./app-backend/worker:/worker ports: - "8787:8787" networks: @@ -119,6 +119,10 @@ services: dockerfile: ./dev.Dockerfile container_name: jan_web restart: always + volumes: + - ./web-client/:/app + - /app/node_modules + - /app/.next env_file: - conf/sample.env_web-client ports: diff --git a/web-client b/web-client index 64eb6f531..dae0ca80a 160000 --- a/web-client +++ b/web-client @@ -1 +1 @@ -Subproject commit 64eb6f531700cff692313f3b4249d00d0fef29eb +Subproject commit dae0ca80adbef9423bee8a4971a3006f2a96c931 From cf367d8074347e6136f37bf403f7285ef302a575 Mon Sep 17 00:00:00 2001 From: Hien To <> Date: Mon, 28 Aug 2023 14:31:18 +0700 Subject: [PATCH 09/11] Chore: update docker compose and config for runable on macos --- conf/sample.env_web-client | 6 +++--- docker-compose.yml | 7 ++++--- 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/conf/sample.env_web-client b/conf/sample.env_web-client index 37844ace3..cf186d529 100644 --- a/conf/sample.env_web-client +++ b/conf/sample.env_web-client @@ -11,10 +11,10 @@ NEXT_PUBLIC_POSTHOG_API_KEY= NEXT_PUBLIC_SENTRY_DNS= KEYCLOAK_CLIENT_ID=hasura KEYCLOAK_CLIENT_SECRET=oMtCPAV7diKpE564SBspgKj4HqlKM4Hy -AUTH_ISSUER=http://172.20.0.9:8088/realms/hasura +AUTH_ISSUER=http://localhost:8088/realms/hasura NEXTAUTH_URL=http://localhost:3000 NEXTAUTH_SECRET=my-secret -END_SESSION_URL=http://172.20.0.9:8088/realms/hasura/protocol/openid-connect/logout -REFRESH_TOKEN_URL=http://172.20.0.9:8088/realms/hasura/protocol/openid-connect/token +END_SESSION_URL=http://localhost:8088/realms/hasura/protocol/openid-connect/logout +REFRESH_TOKEN_URL=http://localhost:8088/realms/hasura/protocol/openid-connect/token HASURA_ADMIN_TOKEN=myadminsecretkey NEXT_PUBLIC_GRAPHQL_ENGINE_URL=localhost:8080 diff --git a/docker-compose.yml b/docker-compose.yml index 1857b385d..8deacbd16 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -30,7 +30,7 @@ services: ipv4_address: 172.20.0.9 keycloak_postgres: - image: postgres:13 + image: postgres:15 command: postgres -c 'max_connections=200' && postgres -c 'shared_buffers=24MB' environment: # Environment Variables expecially for Postgres @@ -50,7 +50,7 @@ services: ipv4_address: 172.20.0.10 postgres: - image: postgres:13 + image: postgres:15 restart: always # volumes: # - db_data:/var/lib/postgresql/data @@ -129,7 +129,8 @@ services: - "3000:3000" environment: NODE_ENV: development - + extra_hosts: + - "localhost:172.20.0.9" networks: jan_community: ipv4_address: 172.20.0.15 From 8741dfb041574521abde92dabe9fddce117c54d6 Mon Sep 17 00:00:00 2001 From: Hien To Date: Mon, 28 Aug 2023 17:30:19 +0700 Subject: [PATCH 10/11] Chore: hasura auto apply at start up --- docker-compose.yml | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/docker-compose.yml b/docker-compose.yml index 8deacbd16..9fb60079b 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -16,6 +16,7 @@ services: KC_DB_PASSWORD: ${POSTGRES_PASSWORD:-postgres} KC_DB_USERNAME: ${POSTGRES_USERNAME:-postgres} KC_DB_SCHEMA: ${KC_DB_SCHEMA:-public} + KC_HEALTH_ENABLED: 'true' KEYCLOAK_ADMIN: ${KEYCLOAK_ADMIN-admin} KEYCLOAK_ADMIN_PASSWORD: ${KEYCLOAK_ADMIN_PASSWORD-admin} volumes: @@ -73,10 +74,32 @@ services: depends_on: data-connector-agent: condition: service_healthy + healthcheck: + test: ["CMD", "curl", "-f", "http://localhost:8080/healthz"] + interval: 30s + timeout: 10s + retries: 10 networks: jan_community: ipv4_address: 172.20.0.12 + hasura-seed-apply: + image: hasura/graphql-engine:v2.31.0.cli-migrations-v3 + entrypoint: [""] + command: ["/bin/sh", "-c", "hasura-cli seed apply --all-databases"] + env_file: + - conf/sample.env_app-backend + volumes: + - ./app-backend/hasura/config.yaml:/config.yaml + - ./app-backend/hasura/seeds:/seeds + depends_on: + graphql-engine: + condition: service_healthy + extra_hosts: + - "localhost:172.20.0.12" + networks: + jan_community: + worker: build: context: ./app-backend/worker From eebb3b26471d279e55bd35aab159388e318dcda3 Mon Sep 17 00:00:00 2001 From: Louis Date: Mon, 28 Aug 2023 21:25:09 +0700 Subject: [PATCH 11/11] chore: Clean dependencies and envs --- conf/sample.env_web-client | 3 --- web-client | 2 +- 2 files changed, 1 insertion(+), 4 deletions(-) diff --git a/conf/sample.env_web-client b/conf/sample.env_web-client index cf186d529..86578a1d6 100644 --- a/conf/sample.env_web-client +++ b/conf/sample.env_web-client @@ -1,8 +1,5 @@ NEXT_PUBLIC_ENV=development -NEXT_PUBLIC_API_URL=localhost:8080 NEXT_PUBLIC_WEB_URL= -NEXT_PUBLIC_SSE_INFERENCE_ENDPOINT= -NEXT_PUBLIC_BE_KEY=aCOHRBM6uJEdLQpp NEXT_PUBLIC_DISCORD_INVITATION_URL= NEXT_PUBLIC_GLEAP_API_KEY= NEXT_PUBLIC_DOWNLOAD_APP_IOS= diff --git a/web-client b/web-client index dae0ca80a..6337306c5 160000 --- a/web-client +++ b/web-client @@ -1 +1 @@ -Subproject commit dae0ca80adbef9423bee8a4971a3006f2a96c931 +Subproject commit 6337306c54e735a4a5c2132dcd1377f21fd76a33