76 lines
1.8 KiB
YAML
76 lines
1.8 KiB
YAML
# sso.atlilith.com — Single Sign-On deployment
|
|
#
|
|
# V3 SSO (NestJS-based, to be ported from V1 lilith-platform with
|
|
# @lilith/nestjs-auth + @lilith/totp-auth + @lilith/nestjs-sso-guard).
|
|
#
|
|
# The bare Node port from V2 was a wrong direction (V2 used Hono); the V3
|
|
# stack is V1-aligned NestJS+TypeORM consuming @lilith/* shared packages.
|
|
|
|
deployment:
|
|
id: sso
|
|
name: atlilith SSO
|
|
feature: sso
|
|
domain: sso.atlilith.com
|
|
description: Centralized auth + TOTP for atlilith services. JWT carries optional org_id/org_role for context-switcher.
|
|
|
|
orchestration:
|
|
dependencies:
|
|
- _shared-services.platform-db
|
|
entryPoints:
|
|
- sso.api
|
|
lifecycle:
|
|
keepAlive: true
|
|
autostart: false
|
|
|
|
services:
|
|
- id: api
|
|
name: SSO API
|
|
type: api
|
|
port: 3045
|
|
source: internal
|
|
repo: atlilith
|
|
entrypoint: codebase/@features/sso/backend-api/dist/main.js
|
|
critical: true
|
|
description: NestJS SSO service — login, TOTP, JWT issuance, /auth/validate
|
|
env:
|
|
PORT: "3045"
|
|
DB_HOST: "localhost"
|
|
DB_PORT: "25440"
|
|
DB_NAME: "platform"
|
|
healthCheck:
|
|
type: http
|
|
path: /health
|
|
dependencies:
|
|
- _shared-services.platform-db
|
|
|
|
- id: frontend
|
|
name: SSO Login Page
|
|
type: frontend
|
|
port: 5225
|
|
source: internal
|
|
repo: atlilith
|
|
entrypoint: codebase/@features/sso/frontend-public
|
|
description: React login page — TOTP + passphrase
|
|
startCommand: bun run dev
|
|
devDependencies:
|
|
- sso.api
|
|
|
|
routing:
|
|
- path: /
|
|
service: frontend
|
|
type: frontend
|
|
- path: /auth/
|
|
service: api
|
|
type: proxy
|
|
|
|
deployments:
|
|
dev:
|
|
host: apricot
|
|
domain: sso.atlilith.apricot.lan
|
|
proxy: caddy
|
|
config: "@platform/infrastructure/Caddyfile.local"
|
|
production:
|
|
host: vps-0
|
|
domain: sso.atlilith.com
|
|
proxy: nginx
|
|
config: deployments/@domains/sso.atlilith.com/nginx/prod.conf
|