DefGuard
diff --git a/‎.env-template‎
Lines changed: 0 additions & 37 deletions b/‎.env-template‎
Lines changed: 0 additions & 37 deletions
diff --git a/‎.env.example‎
Lines changed: 28 additions & 0 deletions b/‎.env.example‎
Lines changed: 28 additions & 0 deletions
diff --git a/‎.github/workflows/release.yml‎
Lines changed: 5 additions & 5 deletions b/‎.github/workflows/release.yml‎
Lines changed: 5 additions & 5 deletions
diff --git a/‎docker-compose.e2e.yaml‎
Lines changed: 9 additions & 9 deletions b/‎docker-compose.e2e.yaml‎
Lines changed: 9 additions & 9 deletions
diff --git a/‎docker-compose.ldap.yaml‎
Lines changed: 29 additions & 47 deletions b/‎docker-compose.ldap.yaml‎
Lines changed: 29 additions & 47 deletions
@@ -0,0 +1,28 @@
+### DB configuration ###
+DEFGUARD_DB_HOST="localhost"
+DEFGUARD_DB_PORT=5432
+DEFGUARD_DB_NAME="defguard"
+DEFGUARD_DB_USER="defguard"
+DEFGUARD_DB_PASSWORD="defguard"
+# for SQLX CLI
+DATABASE_URL="postgresql://defguard:defguard@localhost/defguard"
+
+### For localhost only ###
+# DEFGUARD_COOKIE_INSECURE=true
+
+### Logging ###
+DEFGUARD_LOG_LEVEL=info
+
+### HTTP Port ###
+DEFGUARD_HTTP_PORT=8000
+
+### GRPC Port ###
+DEFGUARD_GRPC_PORT=50055
+# DEFGUARD_GRPC_BIND_ADDRESS=
+# DEFGUARD_HTTP_BIND_ADDRESS=
+
+### OpenID Connect ###
+# DEFGUARD_OPENID_KEY=
+
+### Docker-compose images ###
+IMAGE_TAG=dev
@@ -149,7 +149,7 @@ jobs:
           fpm_args:
             "defguard-${{ env.VERSION }}-x86_64-unknown-linux-gnu=/usr/bin/defguard
             defguard.service=/usr/lib/systemd/system/defguard.service
-            .env-template=/etc/defguard/core.conf"
+            .env.example=/etc/defguard/core.conf"
           fpm_opts: "--architecture amd64 --output-type deb --version ${{ env.VERSION }} --package defguard-${{ env.VERSION }}-x86_64-unknown-linux-gnu.deb"
 
       - name: Build aarch64 DEB package
@@ -158,7 +158,7 @@ jobs:
           fpm_args:
             "defguard-${{ env.VERSION }}-aarch64-unknown-linux-gnu=/usr/bin/defguard
             defguard.service=/usr/lib/systemd/system/defguard.service
-            .env-template=/etc/defguard/core.conf"
+            .env.example=/etc/defguard/core.conf"
           fpm_opts: "--architecture arm64 --output-type deb --version ${{ env.VERSION }} --package defguard-${{ env.VERSION }}-aarch64-unknown-linux-gnu.deb"
 
       - name: Build x86_64 RPM package
@@ -167,7 +167,7 @@ jobs:
           fpm_args:
             "defguard-${{ env.VERSION }}-x86_64-unknown-linux-gnu=/usr/bin/defguard
             defguard.service=/usr/lib/systemd/system/defguard.service
-            .env-template=/etc/defguard/core.conf"
+            .env.example=/etc/defguard/core.conf"
           fpm_opts: "--architecture amd64 --output-type rpm --version ${{ env.VERSION }} --package defguard-${{ env.VERSION }}-x86_64-unknown-linux-gnu.rpm"
 
       - name: Build aarch64 RPM package
@@ -176,7 +176,7 @@ jobs:
           fpm_args:
             "defguard-${{ env.VERSION }}-aarch64-unknown-linux-gnu=/usr/bin/defguard
             defguard.service=/usr/lib/systemd/system/defguard.service
-            .env-template=/etc/defguard/core.conf"
+            .env.example=/etc/defguard/core.conf"
           fpm_opts: "--architecture arm64 --output-type rpm --version ${{ env.VERSION }} --package defguard-${{ env.VERSION }}-aarch64-unknown-linux-gnu.rpm"
 
       - name: Build FreeBSD package
@@ -185,7 +185,7 @@ jobs:
           fpm_args:
             "defguard-${{ env.VERSION }}-x86_64-unknown-freebsd=/usr/local/bin/defguard
             defguard.service.freebsd=/usr/local/etc/rc.d/defguard
-            .env-template=/etc/defguard/core.conf"
+            .env.example=/etc/defguard/core.conf"
           fpm_opts: "--architecture amd64 --output-type freebsd --version ${{ env.VERSION }} --package defguard-${{ env.VERSION }}_x86_64-unknown-freebsd.pkg --freebsd-osversion '*' --depends openssl"
 
       - name: Upload Linux x86_64 archive
 
@@ -2,29 +2,26 @@ services:
   core:
     image: ghcr.io/defguard/defguard:${IMAGE_TAG}
     environment:
-      DEFGUARD_DEFAULT_ADMIN_PASSWORD: pass123
       DEFGUARD_COOKIE_INSECURE: true
       DEFGUARD_COOKIE_DOMAIN: localhost
       DEFGUARD_LOG_LEVEL: debug
-      DEFGUARD_SECRET_KEY: aa5a506b11d719dd7170f57f5d9947faf8eb0bc2be1325e42aa0237c3dcfd26456e73dff9eef3b12c7bcf8711b45e3e703d8e21ee1c08520f5e12e3f5772da94
-      DEFGUARD_AUTH_SECRET: defguard-auth-secret
-      DEFGUARD_GATEWAY_SECRET: defguard-gateway-secret
-      DEFGUARD_YUBIBRIDGE_SECRET: defguard-yubibridge-secret
       DEFGUARD_DB_HOST: db
       DEFGUARD_DB_PORT: 5432
       DEFGUARD_DB_USER: defguard
       DEFGUARD_DB_PASSWORD: defguard
       DEFGUARD_DB_NAME: defguard
-      DEFGUARD_URL: http://localhost:8000
-      DEFGUARD_LICENSE_KEY: ${DEFGUARD_LICENSE_KEY:-}
+      DEFGUARD_GRPC_PORT: 50055
       RUST_BACKTRACE: 1
     ports:
+      # REST API
       - "8000:8000"
+      # Default Core GRPC port
+      - "50055:50055"
     depends_on:
       - db
 
   db:
-    image: public.ecr.aws/docker/library/postgres:17-alpine
+    image: postgres:18-alpine
     environment:
       POSTGRES_DB: defguard
       POSTGRES_USER: defguard
@@ -38,10 +35,13 @@ services:
       retries: 5
       start_period: 5s
 
-  proxy:
+  edge:
     image: ghcr.io/defguard/defguard-proxy:${IMAGE_TAG}
     ports:
+      # REST API
       - "8080:8080"
+      # Default Edge GRPC port
+      - "50051:50051"
     environment:
       DEFGUARD_PROXY_GRPC_PORT: 50051
       RUST_BACKTRACE: 1
@@ -1,87 +1,69 @@
 services:
   core:
-    image: ghcr.io/defguard/defguard:latest
+    image: ghcr.io/defguard/defguard:${IMAGE_TAG}
     build:
       context: .
       dockerfile: Dockerfile
     environment:
-      DEFGUARD_COOKIE_INSECURE: "true"
-      DEFGUARD_SECRET_KEY: aa5a506b11d719dd7170f57f5d9947faf8eb0bc2be1325e42aa0237c3dcfd26456e73dff9eef3b12c7bcf8711b45e3e703d8e21ee1c08520f5e12e3f5772da94
-      DEFGUARD_AUTH_SECRET: defguard-auth-secret
-      DEFGUARD_GATEWAY_SECRET: defguard-gateway-secret
-      DEFGUARD_YUBIBRIDGE_SECRET: defguard-yubibridge-secret
       DEFGUARD_DB_HOST: db
       DEFGUARD_DB_PORT: 5432
       DEFGUARD_DB_USER: defguard
       DEFGUARD_DB_PASSWORD: defguard
       DEFGUARD_DB_NAME: defguard
-      DEFGUARD_URL: http://localhost:8000
       RUST_BACKTRACE: 1
     ports:
-      # rest api
+      # REST API
       - "8000:8000"
-      # grpc
+      # Default Core GRPC port
       - "50055:50055"
     depends_on:
       - db
 
   gateway:
-    image: ghcr.io/defguard/gateway:latest
-    environment:
-      DEFGUARD_GRPC_URL: http://core:50055
-      DEFGUARD_STATS_PERIOD: 60
-      DEFGUARD_TOKEN: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJEZWZHdWFyZCIsInN1YiI6IlRlc3ROZXQiLCJjbGllbnRfaWQiOiIiLCJleHAiOjU5NjE3NDcwNzYsIm5iZiI6MTY2Njc3OTc4MSwicm9sZXMiOltdfQ.uEUMnw_gO23W0K2q3N1lToeP0D2zAY1swr8N-84sRHA
-      RUST_LOG: debug
+    image: ghcr.io/defguard/gateway:${IMAGE_TAG}
     ports:
       # WireGuard endpoint
       - "50051:50051/udp"
+      # Default Gateway GRPC port
+      - "50066:50066"
     depends_on:
       - core
     cap_add:
       - NET_ADMIN
 
   db:
-    image: postgres:17-alpine
+    image: postgres:18-alpine
     environment:
       POSTGRES_DB: defguard
       POSTGRES_USER: defguard
       POSTGRES_PASSWORD: defguard
     volumes:
-      - ./.volumes/db:/var/lib/postgresql/data
+      - ./.volumes/db:/var/lib/postgresql
     ports:
       - "5432:5432"
 
-  device:
-    build:
-      context: .
-      dockerfile: Dockerfile.device
-    depends_on:
-      - gateway
-    cap_add:
-      - NET_ADMIN
+  # vector:
+  #   image: timberio/vector:latest-alpine
+  #   profiles:
+  #     - observability
+  #   container_name: vector
+  #   volumes:
+  #     - ./configs/vector.yaml:/etc/vector/vector.yaml:ro
+  #     - ./configs/key.pem:/etc/vector/key.pem:ro
+  #     - ./configs/cert.pem:/etc/vector/cert.pem:ro
+  #   command: ["--config", "/etc/vector/vector.yaml"]
+  #   ports:
+  #     - "8686:8686"
+  #     - "8001:8001"
 
-  vector:
-    image: timberio/vector:latest-alpine
-    profiles:
-      - observability
-    container_name: vector
-    volumes:
-      - ./configs/vector.yaml:/etc/vector/vector.yaml:ro
-      - ./configs/key.pem:/etc/vector/key.pem:ro
-      - ./configs/cert.pem:/etc/vector/cert.pem:ro
-    command: ["--config", "/etc/vector/vector.yaml"]
-    ports:
-      - "8686:8686"
-      - "8001:8001"
-
-  logstash:
-    image: docker.elastic.co/logstash/logstash:8.14.0
-    profiles:
-      - observability
-    ports:
-      - "8002:8002"
-    volumes:
-      - ./configs/logstash.conf:/usr/share/logstash/pipeline/logstash.conf:ro
+  # logstash:
+  #   image: docker.elastic.co/logstash/logstash:8.14.0
+  #   profiles:
+  #     - observability
+  #   ports:
+  #     - "8002:8002"
+  #   volumes:
+  #     - ./configs/logstash.conf:/usr/share/logstash/pipeline/logstash.conf:ro
 
   openldap:
     image: bitnamilegacy/openldap:2.6