This tip is a quick and basic walkaround to set up FTP, SFTP, SMTP, Cache, LDAP, SSO servers and GUI clients in Docker.
Background
When setting up a new project, there is sometimes a comprehensive list of prerequisites to be able to run the project, this could lead us to use multiple external services. Docker is great for running local servers in a development environment. Here, we will explore docker-compose.yml files to set up FTP, SFTP, SMTP, Cache, LDAP, SSO servers and GUI clients in Docker. This will be a quick and basic walkaround.
FTP/SFTP Server
version: "3.7"
services:
ftp:
image: fauria/vsftpd:latest
container_name: Ftp
restart: always
environment:
- FTP_USER=adminuser
- FTP_PASS=adminpass
- PASV_ADDRESS=127.0.0.1
- PASV_MIN_PORT=21100
- PASV_MAX_PORT=21110
volumes:
- ftp-data:/home/vsftpd
- ftp-log-data:/var/log/vsftpd
ports:
- 0.0.0.0:20:20
- 0.0.0.0:21:21
- "21100-21110:21100-21110"
sftp:
image: atmoz/sftp:latest
container_name: Sftp
restart: always
command: adminuser:adminpass:1001
volumes:
- sftp-data:/home/foo/upload
ports:
- 0.0.0.0:2222:22
volumes:
ftp-data:
ftp-log-data:
sftp-data:
FTP
To use FTP from the host machine, use:
- Host
127.0.0.1
- Port
21
- User
adminuser
- Password
adminpass
SFTP
To use SFTP from the host machine, use:
- Host
127.0.0.1
- Port
22
- User
adminuser
- Password
adminpass
SMTP Server
Here, we are using MailHog
as a server:
version: "3.7"
services:
mailhog:
image: mailhog/mailhog
container_name: MailHog
restart: always
ports:
- 1025:1025 # smtp
- 8025:8025 # ui
Ui will be available at http://localhost:8025/.
Testing using PowerShell from the host machine:
Send-MailMessage -To "recipient@test.com" -From "sender@test.com"
-Subject "Mail subject" -Body "Some important plain text!"
-SmtpServer "127.0.0.1" -Port 1025
To use the server from the host machine, we need to use the IP 127.0.0.1
and port 1025
.
Cache Server
Here, we use Redis as the server and RedisInsight as the UI client.
version: "3.7"
services:
redis:
image: redis:alpine
container_name: redis
restart: always
command: ["sh", "-c", "redis-server --requirepass \"$REDIS_PASSWORD\""]
environment:
- REDIS_PASSWORD=adminpass
volumes:
- redis-data:/data/redis
ports:
- 6379:6379
redis-ui:
image: redislabs/redisinsight:1.12.0
container_name: RedisInsight
restart: always
ports:
- 8001:8001
volumes:
redis-data:
UI Client
This will be available at http://localhost:8001/. Let's connect to the server using:
- Host
redis
- Port
6379
- User
default
- Password
adminpass
Testing in redis container:
redis-cli SET key1 "Hello"
redis-cli GET key1
redis-cli DEL key1
redis-cli FLUSHDB
redis-cli FLUSHALL
To use the server from the host machine, we need to use the IP 127.0.0.1
and port 6379
.
LDAP Server
Here, we are using OpenLDAP
as server and phpLDAPadmin
as UI client.
version: "3.7"
services:
openldap:
image: osixia/openldap:1.5.0
container_name: openldap
volumes:
- openldap-data:/var/lib/ldap
#- ./data/certificates:/container/service/slapd/assets/certs
#- ./storage/ldap_config:/etc/ldap/slapd.d
environment:
- LDAP_ORGANISATION=example
- LDAP_DOMAIN=example.org
- LDAP_ADMIN_PASSWORD=adminpass
- LDAP_CONFIG_PASSWORD=configpass
- LDAP_RFC2307BIS_SCHEMA=true
- LDAP_REMOVE_CONFIG_AFTER_SETUP=true
- LDAP_TLS_VERIFY_CLIENT=never
- LDAP_READONLY_USER=true
- LDAP_READONLY_USER_USERNAME=userro
- LDAP_READONLY_USER_PASSWORD=userropass
ports:
- 389:389
- 636:636
networks:
- openldap
phpldapadmin:
image: osixia/phpldapadmin:latest
container_name: phpldapadmin
hostname: phpldapadmin
environment:
- PHPLDAPADMIN_LDAP_HOSTS=openldap
- PHPLDAPADMIN_HTTPS=false
ports:
- 8081:80
depends_on:
- openldap
networks:
- openldap
networks:
openldap:
name: openldap
volumes:
openldap-data:
phpLDAPadmin
UI will be available at http://localhost:8081/.
Admin User
- Username
cn=admin,dc=example,dc=org
- Password
adminpass
Readonly User
- Username
cn=userro,dc=example,dc=org
- Password
userropass
Testing credentials in openldap
container:
ldapsearch -x -h openldap -b 'dc=example,dc=org'
-D 'cn=admin,dc=example,dc=org' -w "adminpass"
ldapsearch -x -b 'dc=example,dc=org' -D 'cn=userro,
dc=example,dc=org' -w "userropass"
To access the server from host machine, we need to use ldap://127.0.0.1:389
.
Alternative
bitnami/openldap
can be another option:
version: "3.7"
services:
openldap-bitnami:
image: bitnami/openldap:2.6.2
container_name: openldap-bitnami
volumes:
- openldap-bitnami-data:/bitnami/openldap
environment:
- LDAP_ROOT=dc=example,dc=org
- LDAP_ADMIN_USERNAME=admin
- LDAP_ADMIN_PASSWORD=adminpass
- LDAP_USERS=user01,user02
- LDAP_PASSWORDS=password1,password2
ports:
- 1389:1389
- 1636:1636
networks:
- openldap-bitnami
networks:
openldap-bitnami:
name: openldap-bitnami
volumes:
openldap-bitnami-data:
Testing credentials in openldap-bitnami
container:
ldapsearch -x -H ldap://openldap-bitnami:1389 -b 'dc=example,dc=org'
-D 'cn=admin,dc=example,dc=org' -w "adminpass"
ldapsearch -x -H ldap://openldap-bitnami:1389 -D "cn=user01,
ou=users,dc=example,dc=org" -b "ou=users,dc=example,dc=org" -w "password1"
To access the server from host machine, we need to use ldap://127.0.0.1:1389
.
Important!
Organization wise data hierarchy can de different. So, we need to set the hierarchy as expected.
SSO Server
For the SSO example, here we are using keycloak
.
version: '3.7'
services:
postgres:
image: postgres:13
container_name: keycloak-db
environment:
POSTGRES_DB: keycloak
POSTGRES_USER: keycloak
POSTGRES_PASSWORD: password
PGDATA: /var/lib/postgresql/data
volumes:
- pgsql-data:/var/lib/postgresql/data
ports:
- 5432:5432
pgadmin:
image: dpage/pgadmin4:4.18
container_name: keycloak-pgadmin
restart: always
environment:
PGADMIN_DEFAULT_EMAIL: admin
PGADMIN_DEFAULT_PASSWORD: secret
PGADMIN_LISTEN_PORT: 80
ports:
- 8087:80
volumes:
- pgadmin-data:/var/lib/pgadmin
mailhog:
image: mailhog/mailhog:latest
container_name: keycloak-mail
ports:
- 8025:8025
keycloak:
image: quay.io/keycloak/keycloak:11.0.3 #jboss/keycloak:11.0.3
container_name: keycloak
environment:
DB_VENDOR: POSTGRES
DB_ADDR: keycloak-db #user service name postgres
#or container name
DB_DATABASE: keycloak
DB_SCHEMA: public
DB_USER: keycloak
DB_PASSWORD: password
KEYCLOAK_USER: admin
KEYCLOAK_PASSWORD: password
ROXY_ADDRESS_FORWARDING: "true"
TZ: UTC
#KEYCLOAK_DEFAULT_THEME: theme-minimal #custom theme
#KEYCLOAK_WELCOME_THEME: theme-minimal
# Uncomment the line below if you want to specify JDBC parameters.
# The parameter below is just an example, and it shouldn't be used
# in production without knowledge. It is highly recommended that you
# read the PostgreSQL JDBC driver documentation in order to use it.
#JDBC_PARAMS: "ssl=true"
ports:
- 8080:8080
volumes:
- keycloak-data:/opt/jboss/keycloak/
depends_on:
- postgres
- mailhog
volumes:
pgsql-data:
pgadmin-data:
keycloak-data:
UI Client
The UI will be available at http://localhost:8080/auth/ where we need to select console or http://localhost:8080/auth/realms/master/protocol/openid-connect/auth?client_id=security-admin-console.
Admin User
- Username
admin
- Password
password
Docker Commands
Ftp/sftp
docker-compose -f docker-compose.ftp.yml up -d
Smtp
docker-compose -f docker-compose.smtp.yml up -d
Cache
docker-compose -f docker-compose.cache.yml up -d
LDAP
docker-compose -f docker-compose.ldap.yml up -d
docker-compose -f docker-compose.ldap.bitnami.yml up -d
SSO
docker-compose -f docker-compose.sso.yml up -d
Others
References
LDAP
SSO
History
- 17th July 2022: Initial version