https://github.com/OWASP/crAPI
curl -o docker-compose.yml https://raw.githubusercontent.com/OWASP/crAPI/develop/deploy/docker/docker-compose.yml
VERSION=develop docker-compose pull
VERSION=develop docker-compose -f docker-compose.yml --compatibility up -d
해당 명령어에서
[https://github.com/OWASP/crAPI/blob/develop/docs/troubleshooting.md]
1) 오류 사항은 docker-compose.yml 파일을 직접 수정하여 해결했다.
ERROR: Invalid interpolation format for "crapi-identity" option in service "services": "crapi/crapi-identity:${VERSION:-latest}"
2) 127.0.0.1 포트 포워딩도 0.0.0.0 으로 변경했다.
3) docker-compose 는 yum으로 설치시 에러가 발생하여 직접 다운로드 하여 대체했다.
sudo curl -SL https://github.com/docker/compose/releases/download/v2.11.2/docker-compose-linux-x86_64 -o /usr/bin/docker-compose
[https://github.com/OWASP/crAPI/blob/develop/postman_collections/crAPI.postman_collection.json]
위 파일의 계정 정보를 이용해 로그인 했는데, admin은 대시보드에서 에러가 발생하여 화면에 나오지 않았다
"raw": "{\"email\":\"jhon@example.com\",\"password\":\"Admin1@#\"}"
"raw": "{\"email\":\"admin@example.com\",\"password\":\"Admin!123\"}"
[docker-compose.yml]
# Licensed under the Apache License, Version 2.0 (the “License”);
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an “AS IS” BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
services:
crapi-identity:
container_name: crapi-identity
image: crapi/crapi-identity:latest
#ports:
# - "${LISTEN_IP:-127.0.0.1}:8080:8080"
volumes:
- ./keys:/keys
environment:
- DB_NAME=crapi
- DB_USER=admin
- DB_PASSWORD=crapisecretpassword
- DB_HOST=postgresdb
- DB_PORT=5432
- SERVER_PORT=8080
- ENABLE_SHELL_INJECTION=false
- JWT_SECRET=crapi
- MAILHOG_HOST=mailhog
- MAILHOG_PORT=1025
- MAILHOG_DOMAIN=example.com
- SMTP_HOST=smtp.example.com
- SMTP_PORT=587
- SMTP_EMAIL=user@example.com
- SMTP_PASS=xxxxxxxxxxxxxx
- SMTP_FROM=no-reply@example.com
- SMTP_AUTH=true
- SMTP_STARTTLS=true
- JWT_EXPIRATION=604800000
- ENABLE_LOG4J=false
- API_GATEWAY_URL=https://api.mypremiumdealership.com
- TLS_ENABLED=false
- TLS_KEYSTORE_TYPE=PKCS12
- TLS_KEYSTORE=classpath:certs/server.p12
- TLS_KEYSTORE_PASSWORD=passw0rd
- TLS_KEY_PASSWORD=passw0rd
- TLS_KEY_ALIAS=identity
depends_on:
postgresdb:
condition: service_healthy
mongodb:
condition: service_healthy
healthcheck:
test: /app/health.sh
interval: 15s
timeout: 15s
retries: 15
deploy:
resources:
limits:
cpus: '0.8'
memory: 384M
crapi-community:
container_name: crapi-community
image: crapi/crapi-community:latest
#ports:
# - "${LISTEN_IP:-127.0.0.1}:8087:8087"
environment:
- IDENTITY_SERVICE=crapi-identity:8080
- DB_NAME=crapi
- DB_USER=admin
- DB_PASSWORD=crapisecretpassword
- DB_HOST=postgresdb
- DB_PORT=5432
- SERVER_PORT=8087
- MONGO_DB_HOST=mongodb
- MONGO_DB_PORT=27017
- MONGO_DB_USER=admin
- MONGO_DB_PASSWORD=crapisecretpassword
- MONGO_DB_NAME=crapi
- TLS_ENABLED=false
- TLS_CERTIFICATE=certs/server.crt
- TLS_KEY=certs/server.key
depends_on:
postgresdb:
condition: service_healthy
mongodb:
condition: service_healthy
crapi-identity:
condition: service_healthy
healthcheck:
test: /app/health.sh
interval: 15s
timeout: 15s
retries: 15
deploy:
resources:
limits:
cpus: '0.3'
memory: 192M
crapi-workshop:
container_name: crapi-workshop
image: crapi/crapi-workshop:latest
#ports:
# - "${LISTEN_IP:-127.0.0.1}:8000:8000"
environment:
- IDENTITY_SERVICE=crapi-identity:8080
- DB_NAME=crapi
- DB_USER=admin
- DB_PASSWORD=crapisecretpassword
- DB_HOST=postgresdb
- DB_PORT=5432
- SERVER_PORT=8000
- MONGO_DB_HOST=mongodb
- MONGO_DB_PORT=27017
- MONGO_DB_USER=admin
- MONGO_DB_PASSWORD=crapisecretpassword
- MONGO_DB_NAME=crapi
- SECRET_KEY=crapi
- API_GATEWAY_URL=https://api.mypremiumdealership.com
- TLS_ENABLED=false
- TLS_CERTIFICATE=certs/server.crt
- TLS_KEY=certs/server.key
depends_on:
postgresdb:
condition: service_healthy
mongodb:
condition: service_healthy
crapi-identity:
condition: service_healthy
crapi-community:
condition: service_healthy
healthcheck:
test: /app/health.sh
interval: 15s
timeout: 15s
retries: 15
deploy:
resources:
limits:
cpus: '0.3'
memory: 128M
crapi-web:
container_name: crapi-web
image: crapi/crapi-web:latest
ports:
- "0.0.0.0:8888:80"
- "0.0.0.0:8443:443"
environment:
- COMMUNITY_SERVICE=crapi-community:8087
- IDENTITY_SERVICE=crapi-identity:8080
- WORKSHOP_SERVICE=crapi-workshop:8000
- TLS_ENABLED=false
depends_on:
crapi-community:
condition: service_healthy
crapi-identity:
condition: service_healthy
crapi-workshop:
condition: service_healthy
healthcheck:
test: curl 0.0.0.0:80/web/health
interval: 15s
timeout: 15s
retries: 15
deploy:
resources:
limits:
cpus: '0.3'
memory: 128M
postgresdb:
container_name: postgresdb
image: 'postgres:14'
command: ["postgres", "-c", "max_connections=500"]
environment:
POSTGRES_USER: admin
POSTGRES_PASSWORD: crapisecretpassword
POSTGRES_DB: crapi
#ports:
# - "${LISTEN_IP:-127.0.0.1}:5432:5432"
healthcheck:
test: [ "CMD-SHELL", "pg_isready" ]
interval: 15s
timeout: 15s
retries: 15
volumes:
- postgresql-data:/var/lib/postgresql/data/
deploy:
resources:
limits:
cpus: '0.5'
memory: 256M
mongodb:
container_name: mongodb
image: 'mongo:4.4'
environment:
MONGO_INITDB_ROOT_USERNAME: admin
MONGO_INITDB_ROOT_PASSWORD: crapisecretpassword
#ports:
# - "${LISTEN_IP:-127.0.0.1}:27017:27017"
healthcheck:
test: echo 'db.runCommand("ping").ok' | mongo mongodb:27017/test --quiet
interval: 15s
timeout: 15s
retries: 15
start_period: 20s
volumes:
- mongodb-data:/data/db
deploy:
resources:
limits:
cpus: '0.3'
memory: 128M
mailhog:
user: root
container_name: mailhog
image: crapi/mailhog:latest
environment:
MH_MONGO_URI: admin:crapisecretpassword@mongodb:27017
MH_STORAGE: mongodb
ports:
# - "127.0.0.1:1025:1025" # smtp server
- "0.0.0.0:8025:8025" # Mail ui
healthcheck:
test: [ "CMD", "nc", "-z", "localhost", "8025" ]
interval: 15s
timeout: 15s
retries: 15
deploy:
resources:
limits:
cpus: '0.3'
memory: 128M
api.mypremiumdealership.com:
container_name: api.mypremiumdealership.com
image: crapi/gateway-service:latest
#ports:
# - "${LISTEN_IP:-127.0.0.1}:8443:443" # https
healthcheck:
test: echo -n "GET / HTTP/1.1\n\n" > /dev/tcp/127.0.0.1/443
interval: 15s
timeout: 15s
retries: 15
start_period: 15s
deploy:
resources:
limits:
cpus: '0.1'
memory: 50M
volumes:
mongodb-data:
postgresql-data:
댓글 달기