Docker Deployment

Run Identity Broker as a container using Docker or Docker Compose.

Dockerfile

FROM eclipse-temurin:21-jre-jammy

# Create app user
RUN groupadd -r idpbroker && useradd -r -g idpbroker idpbroker

# Set working directory
WORKDIR /app

# Copy WAR file
COPY idp-broker-1.0.7-beta.war /app/app.war

# Create necessary directories
RUN mkdir -p /app/data /app/logs && \
    chown -R idpbroker:idpbroker /app

# Switch to non-root user
USER idpbroker

# Expose port
EXPOSE 8080

# Health check
HEALTHCHECK --interval=30s --timeout=3s --start-period=40s \
  CMD curl -f http://localhost:8080/actuator/health || exit 1

# Run application
ENTRYPOINT ["java", "-Xms512m", "-Xmx1024m", "-jar", "/app/app.war"]

Docker Compose

version: '3.8'

services:
  idp-broker:
    build: ..
    container_name: idp-broker
    ports:
      - "8080:8080"
    environment:
      - BROKER_ISSUER=https://idp.yourdomain.com
      - BROKER_ISSUER_DYNAMIC=false
      - DB_PATH=/app/data/idp-broker.db
      - APP_LOGS_DIRECTORY=/app/logs
      - SECRET_ENCRYPTION_KEY=${SECRET_ENCRYPTION_KEY}
      # Vendor public key (PEM) to verify license files. Empty ⇒ runs the 30-day trial, then FREE.
      - LICENSE_PUBLIC_KEY=${LICENSE_PUBLIC_KEY}
      - REDIS_ENABLED=false
    volumes:
      - ./data:/app/data
      - ./logs:/app/logs
    restart: unless-stopped
    networks:
      - idp-network

  # Optional: Redis for session clustering
  redis:
    image: redis:7-alpine
    container_name: idp-redis
    ports:
      - "6379:6379"
    volumes:
      - redis-data:/data
    restart: unless-stopped
    networks:
      - idp-network

  # Optional: Nginx reverse proxy
  nginx:
    image: nginx:alpine
    container_name: idp-nginx
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - ./nginx.conf:/etc/nginx/nginx.conf:ro
      - ./ssl:/etc/nginx/ssl:ro
    depends_on:
      - idp-broker
    restart: unless-stopped
    networks:
      - idp-network

volumes:
  redis-data:

networks:
  idp-network:
    driver: bridge

Run:

# Build image
docker build -t idp-broker:1.0.7-beta .

# Run container
docker run -d \
  --name idp-broker \
  -p 8080:8080 \
  -v $(pwd)/data:/app/data \
  -v $(pwd)/logs:/app/logs \
  -e BROKER_ISSUER=https://idp.yourdomain.com \
  -e SECRET_ENCRYPTION_KEY=$(openssl rand -base64 32) \
  idp-broker:1.0.7-beta

# Or use docker-compose
docker-compose up -d

# View logs
docker logs -f idp-broker

Dockerfile​

Docker Compose​

Dockerfile

Docker Compose