add zitadel template (#209)

* add casdoor templates * fix meta json casdoor * fix casdoor templates * improve templates * fix meta and improve casdoor template * fix app conf * fix db casdoor app conf * update app conf var path * app config mount fix v6 * fix appconf v7 * fix casbin url image * test postgress anjg * mounted file is wrong * remove casdoor * add zitadel templates * update passwd masterkey * update master key length * improve env var default template * improve env var for default login * passwd generated dont meet zitadel criteria * disable smtp host for first launch app * use tls as default * tls mode external * remove unused env * change tls model * change external port * test tls traefik * test disable tls * disable tls * external port * remove env var * port binding fix * remove bridge network and fix and update meta json
2026-03-11 17:48:11 -05:00 · 2025-07-07 11:34:00 +07:00
parent e83a6cc569
commit 5dd4f752e0
4 changed files with 114 additions and 0 deletions
--- a/blueprints/zitadel/docker-compose.yml
+++ b/blueprints/zitadel/docker-compose.yml
@@ -0,0 +1,63 @@
+version: '3.8'
+
+services:
+  zitadel:
+    restart: 'always'
+    image: 'ghcr.io/zitadel/zitadel:latest'
+    command: 'start-from-init --masterkey "${ZITADEL_MASTERKEY}" --tlsMode disabled'
+    environment:
+      # Database Configuration
+      ZITADEL_DATABASE_POSTGRES_HOST: db
+      ZITADEL_DATABASE_POSTGRES_PORT: 5432
+      ZITADEL_DATABASE_POSTGRES_DATABASE: zitadel
+      ZITADEL_DATABASE_POSTGRES_USER_USERNAME: zitadel
+      ZITADEL_DATABASE_POSTGRES_USER_PASSWORD: "${POSTGRES_PASSWORD}"
+      ZITADEL_DATABASE_POSTGRES_USER_SSL_MODE: disable
+      ZITADEL_DATABASE_POSTGRES_ADMIN_USERNAME: postgres
+      ZITADEL_DATABASE_POSTGRES_ADMIN_PASSWORD: "${POSTGRES_PASSWORD}"
+      ZITADEL_DATABASE_POSTGRES_ADMIN_SSL_MODE: disable
+
+      # External Configuration for HTTP only - TLS mode disabled
+      ZITADEL_EXTERNALSECURE: false
+      ZITADEL_EXTERNALPORT: 8080
+      ZITADEL_EXTERNALDOMAIN: "${EXTERNAL_DOMAIN}"
+      ZITADEL_TLS_ENABLED: false
+
+      # Disable Email Notifications
+      ZITADEL_NOTIFICATIONS_SMTP_HOST: ""
+      ZITADEL_NOTIFICATIONS_SMTP_PORT: ""
+
+      # Custom Admin User Configuration
+      ZITADEL_FIRSTINSTANCE_ORG_HUMAN_USERNAME: "${ZITADEL_FIRSTINSTANCE_ORG_HUMAN_USERNAME}"
+      ZITADEL_FIRSTINSTANCE_ORG_HUMAN_PASSWORD: "${ZITADEL_FIRSTINSTANCE_ORG_HUMAN_PASSWORD}"
+      ZITADEL_FIRSTINSTANCE_ORG_HUMAN_EMAIL_ADDRESS: "${ZITADEL_FIRSTINSTANCE_ORG_HUMAN_EMAIL_ADDRESS}"
+      ZITADEL_FIRSTINSTANCE_ORG_HUMAN_FIRSTNAME: "${ZITADEL_FIRSTINSTANCE_ORG_HUMAN_FIRSTNAME}"
+      ZITADEL_FIRSTINSTANCE_ORG_HUMAN_LASTNAME: "${ZITADEL_FIRSTINSTANCE_ORG_HUMAN_LASTNAME}"
+
+    depends_on:
+      db:
+        condition: 'service_healthy'
+    ports:
+      - '8080'
+    volumes:
+      - zitadel_data:/app/data
+
+  db:
+    restart: 'always'
+    image: postgres:17-alpine
+    environment:
+      PGUSER: postgres
+      POSTGRES_PASSWORD: "${POSTGRES_PASSWORD}"
+      POSTGRES_DB: zitadel
+    volumes:
+      - postgres_data:/var/lib/postgresql/data
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready", "-d", "zitadel", "-U", "postgres"]
+      interval: '10s'
+      timeout: '30s'
+      retries: 5
+      start_period: '20s'
+
+volumes:
+  postgres_data:
+  zitadel_data:
--- a/blueprints/zitadel/template.toml
+++ b/blueprints/zitadel/template.toml
@@ -0,0 +1,28 @@
+[variables]
+main_domain = "${domain}"
+postgres_password = "${password:32}"
+zitadel_masterkey = "${password:32}"
+admin_username = "${username}"
+admin_email = "${email}"
+admin_password = "AdminPassword123!"
+
+[config]
+[[config.domains]]
+serviceName = "zitadel"
+port = 8080
+host = "${main_domain}"
+path = "/"
+
+[config.env]
+POSTGRES_PASSWORD = "${postgres_password}"
+ZITADEL_MASTERKEY = "${zitadel_masterkey}"
+EXTERNAL_DOMAIN = "${main_domain}"
+
+# Custom Admin User Configuration
+ZITADEL_FIRSTINSTANCE_ORG_HUMAN_USERNAME = "${admin_username}"
+ZITADEL_FIRSTINSTANCE_ORG_HUMAN_PASSWORD = "${admin_password}"
+ZITADEL_FIRSTINSTANCE_ORG_HUMAN_EMAIL_ADDRESS = "${admin_email}"
+ZITADEL_FIRSTINSTANCE_ORG_HUMAN_FIRSTNAME = "Admin"
+ZITADEL_FIRSTINSTANCE_ORG_HUMAN_LASTNAME = "User"
+
+[[config.mounts]]
--- a/blueprints/zitadel/zitadel.png
+++ b/blueprints/zitadel/zitadel.png
--- a/meta.json
+++ b/meta.json
@@ -3289,5 +3289,28 @@
      "queue",
      "rabbitmq"
    ]
+  },
+  {
+    "id": "zitadel",
+    "name": "Zitadel",
+    "version": "latest",
+    "description": "Open-source identity and access management platform with multi-tenancy, OpenID Connect, SAML, and OAuth 2.0 support.",
+    "logo": "zitadel.png",
+    "links": {
+      "github": "https://github.com/zitadel/zitadel",
+      "website": "https://zitadel.com/",
+      "docs": "https://zitadel.com/docs/"
+    },
+    "tags": [
+      "identity",
+      "authentication",
+      "authorization",
+      "iam",
+      "security",
+      "oauth",
+      "openid-connect",
+      "saml",
+      "multi-tenant"
+    ]
  }
 ]