This tip is a quick and basic walkaround to set up FTP, SFTP, SMTP, Cache, LDAP, SSO servers and GUI clients in Docker.
Background
When setting up a new project, there is sometimes a comprehensive list of prerequisites to be able to run the project, this could lead us to use multiple external services. Docker is great for running local servers in a development environment. Here, we will explore docker-compose.yml files to set up FTP, SFTP, SMTP, Cache, LDAP, SSO servers and GUI clients in Docker. This will be a quick and basic walkaround.
FTP/SFTP Server
version: "3.7"
services:
ftp:
image: fauria/vsftpd:latest
container_name: Ftp
restart: always
environment:
- FTP_USER=adminuser
- FTP_PASS=adminpass
- PASV_ADDRESS=127.0.0.1
- PASV_MIN_PORT=21100
- PASV_MAX_PORT=21110
volumes:
- ftp-data:/home/vsftpd
- ftp-log-data:/var/log/vsftpd
ports:
- 0.0.0.0:20:20
- 0.0.0.0:21:21
- "21100-21110:21100-21110"
sftp:
image: atmoz/sftp:latest
container_name: Sftp
restart: always
command: adminuser:adminpass:1001
volumes:
- sftp-data:/home/foo/upload
ports:
- 0.0.0.0:2222:22
volumes:
ftp-data:
ftp-log-data:
sftp-data:
FTP
To use FTP from the host machine, use:
- Host
127.0.0.1 - Port
21 - User
adminuser - Password
adminpass
SFTP
To use SFTP from the host machine, use:
- Host
127.0.0.1 - Port
22 - User
adminuser - Password
adminpass
SMTP Server
Here, we are using MailHog as a server:
version: "3.7"
services:
mailhog:
image: mailhog/mailhog
container_name: MailHog
restart: always
ports:
- 1025:1025 # smtp
- 8025:8025 # ui
Ui will be available at http://localhost:8025/.
Testing using PowerShell from the host machine:
Send-MailMessage -To "recipient@test.com" -From "sender@test.com"
-Subject "Mail subject" -Body "Some important plain text!"
-SmtpServer "127.0.0.1" -Port 1025
To use the server from the host machine, we need to use the IP 127.0.0.1 and port 1025.
Cache Server
Here, we use Redis as the server and RedisInsight as the UI client.
version: "3.7"
services:
redis:
image: redis:alpine
container_name: redis
restart: always
command: ["sh", "-c", "redis-server --requirepass \"$REDIS_PASSWORD\""]
environment:
- REDIS_PASSWORD=adminpass
volumes:
- redis-data:/data/redis
ports:
- 6379:6379
redis-ui:
image: redislabs/redisinsight:1.12.0
container_name: RedisInsight
restart: always
ports:
- 8001:8001
volumes:
redis-data:
UI Client
This will be available at http://localhost:8001/. Let's connect to the server using:
- Host
redis - Port
6379 - User
default - Password
adminpass
Testing in redis container:
redis-cli SET key1 "Hello"
redis-cli GET key1
redis-cli DEL key1
redis-cli FLUSHDB
redis-cli FLUSHALL
To use the server from the host machine, we need to use the IP 127.0.0.1 and port 6379.
LDAP Server
Here, we are using OpenLDAP as server and phpLDAPadmin as UI client.
version: "3.7"
services:
openldap:
image: osixia/openldap:1.5.0
container_name: openldap
volumes:
- openldap-data:/var/lib/ldap
#- ./data/certificates:/container/service/slapd/assets/certs
#- ./storage/ldap_config:/etc/ldap/slapd.d
environment:
- LDAP_ORGANISATION=example
- LDAP_DOMAIN=example.org
- LDAP_ADMIN_PASSWORD=adminpass
- LDAP_CONFIG_PASSWORD=configpass
- LDAP_RFC2307BIS_SCHEMA=true
- LDAP_REMOVE_CONFIG_AFTER_SETUP=true
- LDAP_TLS_VERIFY_CLIENT=never
- LDAP_READONLY_USER=true
- LDAP_READONLY_USER_USERNAME=userro
- LDAP_READONLY_USER_PASSWORD=userropass
ports:
- 389:389
- 636:636
networks:
- openldap
phpldapadmin:
image: osixia/phpldapadmin:latest
container_name: phpldapadmin
hostname: phpldapadmin
environment:
- PHPLDAPADMIN_LDAP_HOSTS=openldap
- PHPLDAPADMIN_HTTPS=false
ports:
- 8081:80
depends_on:
- openldap
networks:
- openldap
networks:
openldap:
name: openldap
volumes:
openldap-data:
phpLDAPadmin UI will be available at http://localhost:8081/.
Admin User
- Username
cn=admin,dc=example,dc=org - Password
adminpass
Readonly User
- Username
cn=userro,dc=example,dc=org - Password
userropass
Testing credentials in openldap container:
ldapsearch -x -h openldap -b 'dc=example,dc=org'
-D 'cn=admin,dc=example,dc=org' -w "adminpass"
ldapsearch -x -b 'dc=example,dc=org' -D 'cn=userro,
dc=example,dc=org' -w "userropass"
To access the server from host machine, we need to use ldap://127.0.0.1:389.
Alternative
bitnami/openldap can be another option:
version: "3.7"
services:
openldap-bitnami:
image: bitnami/openldap:2.6.2
container_name: openldap-bitnami
volumes:
- openldap-bitnami-data:/bitnami/openldap
environment:
- LDAP_ROOT=dc=example,dc=org
- LDAP_ADMIN_USERNAME=admin
- LDAP_ADMIN_PASSWORD=adminpass
- LDAP_USERS=user01,user02
- LDAP_PASSWORDS=password1,password2
ports:
- 1389:1389
- 1636:1636
networks:
- openldap-bitnami
networks:
openldap-bitnami:
name: openldap-bitnami
volumes:
openldap-bitnami-data:
Testing credentials in openldap-bitnami container:
ldapsearch -x -H ldap://openldap-bitnami:1389 -b 'dc=example,dc=org'
-D 'cn=admin,dc=example,dc=org' -w "adminpass"
ldapsearch -x -H ldap://openldap-bitnami:1389 -D "cn=user01,
ou=users,dc=example,dc=org" -b "ou=users,dc=example,dc=org" -w "password1"
To access the server from host machine, we need to use ldap://127.0.0.1:1389.
Important!
Organization wise data hierarchy can de different. So, we need to set the hierarchy as expected.
SSO Server
For the SSO example, here we are using keycloak.
version: '3.7'
services:
postgres:
image: postgres:13
container_name: keycloak-db
environment:
POSTGRES_DB: keycloak
POSTGRES_USER: keycloak
POSTGRES_PASSWORD: password
PGDATA: /var/lib/postgresql/data
volumes:
- pgsql-data:/var/lib/postgresql/data
ports:
- 5432:5432
pgadmin:
image: dpage/pgadmin4:4.18
container_name: keycloak-pgadmin
restart: always
environment:
PGADMIN_DEFAULT_EMAIL: admin
PGADMIN_DEFAULT_PASSWORD: secret
PGADMIN_LISTEN_PORT: 80
ports:
- 8087:80
volumes:
- pgadmin-data:/var/lib/pgadmin
mailhog:
image: mailhog/mailhog:latest
container_name: keycloak-mail
ports:
- 8025:8025
keycloak:
image: quay.io/keycloak/keycloak:11.0.3 #jboss/keycloak:11.0.3
container_name: keycloak
environment:
DB_VENDOR: POSTGRES
DB_ADDR: keycloak-db #user service name postgres
#or container name
DB_DATABASE: keycloak
DB_SCHEMA: public
DB_USER: keycloak
DB_PASSWORD: password
KEYCLOAK_USER: admin
KEYCLOAK_PASSWORD: password
ROXY_ADDRESS_FORWARDING: "true"
TZ: UTC
#KEYCLOAK_DEFAULT_THEME: theme-minimal #custom theme
#KEYCLOAK_WELCOME_THEME: theme-minimal
# Uncomment the line below if you want to specify JDBC parameters.
# The parameter below is just an example, and it shouldn't be used
# in production without knowledge. It is highly recommended that you
# read the PostgreSQL JDBC driver documentation in order to use it.
#JDBC_PARAMS: "ssl=true"
ports:
- 8080:8080
volumes:
- keycloak-data:/opt/jboss/keycloak/
depends_on:
- postgres
- mailhog
volumes:
pgsql-data:
pgadmin-data:
keycloak-data:
UI Client
The UI will be available at http://localhost:8080/auth/ where we need to select console or http://localhost:8080/auth/realms/master/protocol/openid-connect/auth?client_id=security-admin-console.
Admin User
- Username
admin - Password
password
Docker Commands
Ftp/sftp
docker-compose -f docker-compose.ftp.yml up -d
Smtp
docker-compose -f docker-compose.smtp.yml up -d
Cache
docker-compose -f docker-compose.cache.yml up -d
LDAP
docker-compose -f docker-compose.ldap.yml up -d
docker-compose -f docker-compose.ldap.bitnami.yml up -d
SSO
docker-compose -f docker-compose.sso.yml up -d
Others
References
LDAP
SSO
History
- 17th July 2022: Initial version
