diff --git a/blueprints/zitadel/docker-compose.yml b/blueprints/zitadel/docker-compose.yml new file mode 100644 index 00000000..38746614 --- /dev/null +++ b/blueprints/zitadel/docker-compose.yml @@ -0,0 +1,63 @@ +version: '3.8' + +services: + zitadel: + restart: 'always' + image: 'ghcr.io/zitadel/zitadel:latest' + command: 'start-from-init --masterkey "${ZITADEL_MASTERKEY}" --tlsMode disabled' + environment: + # Database Configuration + ZITADEL_DATABASE_POSTGRES_HOST: db + ZITADEL_DATABASE_POSTGRES_PORT: 5432 + ZITADEL_DATABASE_POSTGRES_DATABASE: zitadel + ZITADEL_DATABASE_POSTGRES_USER_USERNAME: zitadel + ZITADEL_DATABASE_POSTGRES_USER_PASSWORD: "${POSTGRES_PASSWORD}" + ZITADEL_DATABASE_POSTGRES_USER_SSL_MODE: disable + ZITADEL_DATABASE_POSTGRES_ADMIN_USERNAME: postgres + ZITADEL_DATABASE_POSTGRES_ADMIN_PASSWORD: "${POSTGRES_PASSWORD}" + ZITADEL_DATABASE_POSTGRES_ADMIN_SSL_MODE: disable + + # External Configuration for HTTP only - TLS mode disabled + ZITADEL_EXTERNALSECURE: false + ZITADEL_EXTERNALPORT: 8080 + ZITADEL_EXTERNALDOMAIN: "${EXTERNAL_DOMAIN}" + ZITADEL_TLS_ENABLED: false + + # Disable Email Notifications + ZITADEL_NOTIFICATIONS_SMTP_HOST: "" + ZITADEL_NOTIFICATIONS_SMTP_PORT: "" + + # Custom Admin User Configuration + ZITADEL_FIRSTINSTANCE_ORG_HUMAN_USERNAME: "${ZITADEL_FIRSTINSTANCE_ORG_HUMAN_USERNAME}" + ZITADEL_FIRSTINSTANCE_ORG_HUMAN_PASSWORD: "${ZITADEL_FIRSTINSTANCE_ORG_HUMAN_PASSWORD}" + ZITADEL_FIRSTINSTANCE_ORG_HUMAN_EMAIL_ADDRESS: "${ZITADEL_FIRSTINSTANCE_ORG_HUMAN_EMAIL_ADDRESS}" + ZITADEL_FIRSTINSTANCE_ORG_HUMAN_FIRSTNAME: "${ZITADEL_FIRSTINSTANCE_ORG_HUMAN_FIRSTNAME}" + ZITADEL_FIRSTINSTANCE_ORG_HUMAN_LASTNAME: "${ZITADEL_FIRSTINSTANCE_ORG_HUMAN_LASTNAME}" + + depends_on: + db: + condition: 'service_healthy' + ports: + - '8080' + volumes: + - zitadel_data:/app/data + + db: + restart: 'always' + image: postgres:17-alpine + environment: + PGUSER: postgres + POSTGRES_PASSWORD: "${POSTGRES_PASSWORD}" + POSTGRES_DB: zitadel + volumes: + - postgres_data:/var/lib/postgresql/data + healthcheck: + test: ["CMD-SHELL", "pg_isready", "-d", "zitadel", "-U", "postgres"] + interval: '10s' + timeout: '30s' + retries: 5 + start_period: '20s' + +volumes: + postgres_data: + zitadel_data: \ No newline at end of file diff --git a/blueprints/zitadel/template.toml b/blueprints/zitadel/template.toml new file mode 100644 index 00000000..f04da0be --- /dev/null +++ b/blueprints/zitadel/template.toml @@ -0,0 +1,28 @@ +[variables] +main_domain = "${domain}" +postgres_password = "${password:32}" +zitadel_masterkey = "${password:32}" +admin_username = "${username}" +admin_email = "${email}" +admin_password = "AdminPassword123!" + +[config] +[[config.domains]] +serviceName = "zitadel" +port = 8080 +host = "${main_domain}" +path = "/" + +[config.env] +POSTGRES_PASSWORD = "${postgres_password}" +ZITADEL_MASTERKEY = "${zitadel_masterkey}" +EXTERNAL_DOMAIN = "${main_domain}" + +# Custom Admin User Configuration +ZITADEL_FIRSTINSTANCE_ORG_HUMAN_USERNAME = "${admin_username}" +ZITADEL_FIRSTINSTANCE_ORG_HUMAN_PASSWORD = "${admin_password}" +ZITADEL_FIRSTINSTANCE_ORG_HUMAN_EMAIL_ADDRESS = "${admin_email}" +ZITADEL_FIRSTINSTANCE_ORG_HUMAN_FIRSTNAME = "Admin" +ZITADEL_FIRSTINSTANCE_ORG_HUMAN_LASTNAME = "User" + +[[config.mounts]] diff --git a/blueprints/zitadel/zitadel.png b/blueprints/zitadel/zitadel.png new file mode 100644 index 00000000..fee75a15 Binary files /dev/null and b/blueprints/zitadel/zitadel.png differ diff --git a/meta.json b/meta.json index 501795ef..621bd350 100644 --- a/meta.json +++ b/meta.json @@ -3289,5 +3289,28 @@ "queue", "rabbitmq" ] + }, + { + "id": "zitadel", + "name": "Zitadel", + "version": "latest", + "description": "Open-source identity and access management platform with multi-tenancy, OpenID Connect, SAML, and OAuth 2.0 support.", + "logo": "zitadel.png", + "links": { + "github": "https://github.com/zitadel/zitadel", + "website": "https://zitadel.com/", + "docs": "https://zitadel.com/docs/" + }, + "tags": [ + "identity", + "authentication", + "authorization", + "iam", + "security", + "oauth", + "openid-connect", + "saml", + "multi-tenant" + ] } ] \ No newline at end of file