Docker compose#

Warning This image is for testing and development purposes only. Use Janssen helm charts for production setups.

Docker monolith image packaging for Janssen. This image packs janssen services including the auth-server, config-api, fido2, and scim.

Pre-requisites#

Environment Variables#

Installation depends on the set of environment variables shown below. These environment variables can be set to customize installation as per the need. If not set, the installer uses default values.

ENV	Description	Default
`CN_HOSTNAME`	Hostname to install janssen with.	`demoexample.jans.io`
`CN_ADMIN_PASS`	Password of the admin user.	`1t5Fin3#security`
`CN_ORG_NAME`	Organization name. Used for ssl cert generation.	`Janssen`
`CN_EMAIL`	Email. Used for ssl cert generation.	`support@jans.io`
`CN_CITY`	City. Used for ssl cert generation.	`Austin`
`CN_STATE`	State. Used for ssl cert generation	`TX`
`CN_COUNTRY`	Country. Used for ssl cert generation.	`US`
`CN_INSTALL_MYSQL`	Install jans with mysql as the backend	`false`
`CN_INSTALL_PGSQL`	Install jans with Postgres as the backend	`false`
`CN_INSTALL_CONFIG_API`	Installs the Config API service.	`true`
`CN_INSTALL_SCIM`	Installs the SCIM API service.	`true`
`CN_INSTALL_FIDO2`	Installs the FIDO2 API service.	`true`
`RDBMS_DATABASE`	RDBMS jans database for MySQL or Postgres.	`jans`
`RDBMS_USER`	RDBMS database user for MySQL or Postgres.	`jans`
`RDBMS_PASSWORD`	RDBMS database user password for MySQL or Postgres.	`1t5Fin3#security`
`RDBMS_HOST`	RDBMS host for MySQL or Postgres.	`mysql` which is the docker compose service name
`TEST_CLIENT_ID`	ID of test client in UUID which has all available scopes to access any jans API	`9876baac-de39-4c23-8a78-674b59df8c09`
`TEST_CLIENT_SECRET`	Secret for test client	`1t5Fin3#security`
`TEST_CLIENT_TRUSTED`	Trust test client	`true`
`TEST_CLIENT_REDIRECT_URI`	Not Implemented yet Redirect URI for test client. Multiple uri's with comma may be provided, if not provided redirect uris will be same as the config-api-client	``

How to run#

Download the compose file of your chosen persistence from mysql or postgres.

MySQLPostgreSQL

wget https://raw.githubusercontent.com/JanssenProject/jans/main/docker-jans-monolith/jans-mysql-compose.yml

wget https://raw.githubusercontent.com/JanssenProject/jans/main/docker-jans-monolith/jans-postgres-compose.yml

Download the script files

wget https://raw.githubusercontent.com/JanssenProject/jans/main/docker-jans-monolith/up.sh /
wget https://raw.githubusercontent.com/JanssenProject/jans/main/docker-jans-monolith/down.sh /
wget https://raw.githubusercontent.com/JanssenProject/jans/main/docker-jans-monolith/clean.sh

Give execute permission to the scripts chmod u+x up.sh down.sh clean.sh

Create and Start Containers#

up.sh script invokes the appropriate compose file based on parameter passed. You can pass mysql or postgres as an argument to the script. If you don't pass any, it will default to mysql.

It creates two containers, a janssen monolith container and a container for persistence.

Troubleshooting

Sometimes the command below runs into an error regarding TLS handshake timeout while trying to connect to docker registry. Try restarting docker services. Root-cause of this error is not known.

service docker restart

MySQLPostgreSQL

./up.sh mysql

./up.sh pgsql

To view the containers running

MySQLPostgreSQL

docker compose -f jans-mysql-compose.yml ps

docker compose -f jans-postgres-compose.yml ps

To stop the containers.

./down.sh #You can pass mysql|postgres as an argument to the script. If you don't pass any, it will default to mysql.

Configure Janssen Server#

Access the Docker container shell using:

docker compose -f jans-mysql-compose.yml exec jans /bin/bash #This opens a bash terminal in the running container

You can grab client_id and client_pw(secret) pairs and other values from setup.properties or /opt/jans/jans-setup/setup.properties.last
Use the CLI tools located under /opt/jans/jans-cli/ to configure Janssen as needed. For example you can run the TUI:
```
python3 /opt/jans/jans-cli/config-cli-tui.py
```

Access endpoints externally#

Add to your /etc/hosts file the ip domain record which should be the ip of the instance docker is installed at and the domain used in the env above CN_HOSTNAME.

# For-example
172.22.0.3      demoexample.jans.io

After adding the record you can hit endpoints such as https://demoexample.jans.io/.well-known/openid-configuration

Clean up#

Remove setup and volumes

./clean.sh #You can pass mysql|postgres as an argument to the script. If you don't pass any, it will default to mysql.

Last update: 2025-06-11
Created: 2022-09-14