save changes
This commit is contained in:
master
@@ -265,10 +265,12 @@ services:
|
||||
ConnectionStrings__Redis: "cache.stella-ops.local:6379"
|
||||
Platform__Authority__Issuer: "https://stella-ops.local"
|
||||
Platform__Authority__RequireHttpsMetadata: "false"
|
||||
Platform__Authority__BypassNetworks__0: "172.19.0.0/16"
|
||||
Platform__Storage__Driver: "postgres"
|
||||
Platform__Storage__PostgresConnectionString: *postgres-connection
|
||||
Platform__EnvironmentSettings__RedirectUri: "https://stella-ops.local/auth/callback"
|
||||
Platform__EnvironmentSettings__PostLogoutRedirectUri: "https://stella-ops.local/"
|
||||
Platform__EnvironmentSettings__Scope: "openid profile email ui.read ui.admin authority:tenants.read authority:users.read authority:roles.read authority:clients.read authority:tokens.read authority:branding.read authority.audit.read graph:read sbom:read scanner:read policy:read policy:simulate policy:author policy:review policy:approve orch:read analytics.read advisory:read vex:read exceptions:read exceptions:approve aoc:verify findings:read release:read scheduler:read scheduler:operate notify.viewer notify.operator notify.admin notify.escalate export.viewer export.operator export.admin vuln:view vuln:investigate vuln:operate vuln:audit"
|
||||
STELLAOPS_ROUTER_URL: "http://router.stella-ops.local"
|
||||
STELLAOPS_PLATFORM_URL: "http://platform.stella-ops.local"
|
||||
STELLAOPS_AUTHORITY_URL: "http://authority.stella-ops.local"
|
||||
@@ -381,10 +383,12 @@ services:
|
||||
restart: unless-stopped
|
||||
depends_on: *depends-infra
|
||||
environment:
|
||||
ASPNETCORE_URLS: "http://+:8080"
|
||||
ASPNETCORE_URLS: "http://+:80;http://+:8080"
|
||||
<<: *kestrel-cert
|
||||
ConnectionStrings__Default: *postgres-connection
|
||||
ConnectionStrings__Redis: "cache.stella-ops.local:6379"
|
||||
Gateway__Auth__Authority__Issuer: "https://authority.stella-ops.local/"
|
||||
Gateway__Auth__Authority__RequireHttpsMetadata: "false"
|
||||
volumes:
|
||||
- *cert-volume
|
||||
ports:
|
||||
@@ -743,6 +747,8 @@ services:
|
||||
<<: *kestrel-cert
|
||||
ConnectionStrings__Default: *postgres-connection
|
||||
ConnectionStrings__Redis: "cache.stella-ops.local:6379"
|
||||
Postgres__ConnectionString: *postgres-connection
|
||||
Postgres__SchemaName: "vexhub"
|
||||
volumes:
|
||||
- *cert-volume
|
||||
ports:
|
||||
@@ -818,8 +824,13 @@ services:
|
||||
<<: *kestrel-cert
|
||||
STELLAOPS_POLICY_ENGINE_Postgres__Policy__ConnectionString: *postgres-connection
|
||||
STELLAOPS_POLICY_ENGINE_ConnectionStrings__Redis: "cache.stella-ops.local:6379"
|
||||
STELLAOPS_POLICY_ENGINE_PolicyEngine__ResourceServer__Authority: "http://authority.stella-ops.local"
|
||||
STELLAOPS_POLICY_ENGINE_PolicyEngine__ResourceServer__Authority: "https://authority.stella-ops.local/"
|
||||
STELLAOPS_POLICY_ENGINE_PolicyEngine__ResourceServer__MetadataAddress: "http://authority.stella-ops.local/.well-known/openid-configuration"
|
||||
STELLAOPS_POLICY_ENGINE_PolicyEngine__ResourceServer__RequireHttpsMetadata: "false"
|
||||
STELLAOPS_POLICY_ENGINE_PolicyEngine__ResourceServer__Audiences__0: "/scanner"
|
||||
STELLAOPS_POLICY_ENGINE_PolicyEngine__ResourceServer__BypassNetworks__0: "172.19.0.0/16"
|
||||
STELLAOPS_POLICY_ENGINE_PolicyEngine__ResourceServer__BypassNetworks__1: "127.0.0.1/32"
|
||||
STELLAOPS_POLICY_ENGINE_PolicyEngine__ResourceServer__BypassNetworks__2: "::1/128"
|
||||
volumes:
|
||||
- *cert-volume
|
||||
ports:
|
||||
@@ -845,8 +856,14 @@ services:
|
||||
<<: *kestrel-cert
|
||||
ConnectionStrings__Default: *postgres-connection
|
||||
ConnectionStrings__Redis: "cache.stella-ops.local:6379"
|
||||
Postgres__Policy__ConnectionString: *postgres-connection
|
||||
PolicyGateway__ResourceServer__Authority: "http://authority.stella-ops.local"
|
||||
PolicyGateway__ResourceServer__RequireHttpsMetadata: "false"
|
||||
PolicyGateway__ResourceServer__BypassNetworks__0: "172.19.0.0/16"
|
||||
# Bootstrap-prefixed vars (read by StellaOpsConfigurationBootstrapper before DI)
|
||||
STELLAOPS_POLICY_GATEWAY_PolicyGateway__ResourceServer__Authority: "http://authority.stella-ops.local"
|
||||
STELLAOPS_POLICY_GATEWAY_PolicyGateway__ResourceServer__RequireHttpsMetadata: "false"
|
||||
STELLAOPS_POLICY_GATEWAY_Postgres__Policy__ConnectionString: *postgres-connection
|
||||
volumes:
|
||||
- *cert-volume
|
||||
ports:
|
||||
@@ -1012,6 +1029,7 @@ services:
|
||||
<<: *kestrel-cert
|
||||
ConnectionStrings__Default: *postgres-connection
|
||||
ConnectionStrings__Redis: "cache.stella-ops.local:6379"
|
||||
Scheduler__Authority__Enabled: "false"
|
||||
volumes:
|
||||
- *cert-volume
|
||||
tmpfs:
|
||||
@@ -1224,6 +1242,7 @@ services:
|
||||
findings__ledger__Database__ConnectionString: *postgres-connection
|
||||
findings__ledger__Authority__Issuer: "http://authority.stella-ops.local"
|
||||
findings__ledger__Authority__RequireHttpsMetadata: "false"
|
||||
findings__ledger__Authority__BypassNetworks__0: "172.19.0.0/16"
|
||||
findings__ledger__Attachments__EncryptionKey: "IiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiI="
|
||||
findings__ledger__Attachments__SignedUrlBase: "http://findings.stella-ops.local/attachments"
|
||||
findings__ledger__Attachments__SignedUrlSecret: "dev-signed-url-secret"
|
||||
@@ -1254,6 +1273,9 @@ services:
|
||||
<<: *kestrel-cert
|
||||
ConnectionStrings__Default: *postgres-connection
|
||||
ConnectionStrings__Redis: "cache.stella-ops.local:6379"
|
||||
Doctor__Authority__Issuer: "http://authority.stella-ops.local"
|
||||
Doctor__Authority__RequireHttpsMetadata: "false"
|
||||
Doctor__Authority__BypassNetworks__0: "172.19.0.0/16"
|
||||
volumes:
|
||||
- *cert-volume
|
||||
ports:
|
||||
@@ -1373,6 +1395,10 @@ services:
|
||||
NOTIFY_NOTIFY__STORAGE__CONNECTIONSTRING: *postgres-connection
|
||||
NOTIFY_NOTIFY__STORAGE__DATABASE: "notify"
|
||||
NOTIFY_NOTIFY__PLUGINS__BASEDIRECTORY: "/app"
|
||||
NOTIFY_NOTIFY__AUTHORITY__ENABLED: "false"
|
||||
NOTIFY_NOTIFY__AUTHORITY__ALLOWANONYMOUSFALLBACK: "true"
|
||||
NOTIFY_NOTIFY__AUTHORITY__DEVELOPMENTSIGNINGKEY: "StellaOps-Development-Key-NotifyService-2026!!"
|
||||
NOTIFY_Postgres__Notify__ConnectionString: *postgres-connection
|
||||
Postgres__Notify__ConnectionString: *postgres-connection
|
||||
volumes:
|
||||
- ../../etc/notify:/app/etc/notify:ro
|
||||
@@ -1642,6 +1668,7 @@ services:
|
||||
ConnectionStrings__Redis: "cache.stella-ops.local:6379"
|
||||
Authority__ResourceServer__Authority: "http://authority.stella-ops.local"
|
||||
Authority__ResourceServer__RequireHttpsMetadata: "false"
|
||||
Authority__ResourceServer__BypassNetworks__0: "172.19.0.0/16"
|
||||
volumes:
|
||||
- *cert-volume
|
||||
ports:
|
||||
|
||||
Reference in New Issue
Block a user