harald/teepot
1
0
Fork 0
mirror of https://github.com/matter-labs/teepot.git synced 2025-07-21 15:13:56 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

chore: cleanup and nixify

Browse source 
* create containers with nix
* updated README.md
* added SPDX license headers

Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
This commit is contained in:
Harald Hoyer 2024-02-27 12:04:31 +01:00
parent c8082debc7
commit 91f1612e0f
Signed by: harald
GPG key ID: F519A1143B3FBE32
36 changed files with 900 additions and 659 deletions
Download patch file Download diff file Expand all files Collapse all files

63
examples/docker-compose.yml
View file

@ -4,29 +4,30 @@ services:
tvu-1:
build:
context: .
dockerfile: bin/tee-vault-unseal/Dockerfile-azure
dockerfile: packages/container-vault-unseal-sgx-azure/Dockerfile
image: tee-vault-unseal
restart: "no"
ports:
- 8413:8443
- 8413
environment:
PORT: "8413"
VAULT_ADDR: "https://vault-1:8210"
VAULT_SGX_MRSIGNER: "c5591a72b8b86e0d8814d6e8750e3efe66aea2d102b8ba2405365559b858697d"
VAULT_SGX_ALLOWED_TCB_LEVELS: "SwHardeningNeeded"
ALLOWED_TCB_LEVELS: "SwHardeningNeeded"
privileged: true
init: true
volumes:
- /run/aesmd:/run/aesmd
- /dev/sgx_enclave:/dev/sgx_enclave
- shared-1:/opt/vault/tls
vault-1:
build:
context: .
dockerfile: vault/Dockerfile
dockerfile: packages/container-vault-sgx-azure/Dockerfile
image: vault
restart: "no"
ports:
- 8210:8210
# - 8211:8211
- 8210
environment:
VAULT_API_ADDR: "https://vault-1:8210"
VAULT_CLUSTER_ADDR: "https://vault-1:8211"
@ -36,29 +37,29 @@ services:
volumes:
- /run/aesmd:/run/aesmd
- /dev/sgx_enclave:/dev/sgx_enclave
- shared-1:/opt/vault/tls
- data-1:/opt/vault/data
tvu-2:
image: tee-vault-unseal
restart: "no"
ports:
- 8423:8443
- 8423
environment:
PORT: "8423"
VAULT_ADDR: "https://vault-2:8210"
VAULT_SGX_MRSIGNER: "c5591a72b8b86e0d8814d6e8750e3efe66aea2d102b8ba2405365559b858697d"
VAULT_SGX_ALLOWED_TCB_LEVELS: "SwHardeningNeeded"
ALLOWED_TCB_LEVELS: "SwHardeningNeeded"
privileged: true
init: true
volumes:
- /run/aesmd:/run/aesmd
- /dev/sgx_enclave:/dev/sgx_enclave
- shared-2:/opt/vault/tls
vault-2:
image: vault
restart: "no"
ports:
- 8220:8210
# - 8221:8211
environment:
VAULT_API_ADDR: "https://vault-2:8210"
VAULT_CLUSTER_ADDR: "https://vault-2:8211"
@ -68,29 +69,29 @@ services:
volumes:
- /run/aesmd:/run/aesmd
- /dev/sgx_enclave:/dev/sgx_enclave
- shared-2:/opt/vault/tls
- data-2:/opt/vault/data
tvu-3:
image: tee-vault-unseal
restart: "no"
ports:
- 8433:8443
- 8433
environment:
PORT: "8433"
VAULT_ADDR: "https://vault-3:8210"
VAULT_SGX_MRSIGNER: "c5591a72b8b86e0d8814d6e8750e3efe66aea2d102b8ba2405365559b858697d"
VAULT_SGX_ALLOWED_TCB_LEVELS: "SwHardeningNeeded"
ALLOWED_TCB_LEVELS: "SwHardeningNeeded"
privileged: true
init: true
volumes:
- /run/aesmd:/run/aesmd
- /dev/sgx_enclave:/dev/sgx_enclave
- shared-3:/opt/vault/tls
vault-3:
image: vault
restart: "no"
ports:
- 8230:8210
# - 8231:8211
environment:
VAULT_API_ADDR: "https://vault-3:8210"
VAULT_CLUSTER_ADDR: "https://vault-3:8211"
@ -100,17 +101,17 @@ services:
volumes:
- /run/aesmd:/run/aesmd
- /dev/sgx_enclave:/dev/sgx_enclave
- shared-3:/opt/vault/tls
- data-3:/opt/vault/data
admin:
build:
context: .
dockerfile: bin/tee-vault-admin/Dockerfile-azure
dockerfile: packages/container-vault-admin-sgx-azure/Dockerfile
restart: "no"
ports:
- 8444:8444
environment:
PORT: "8444"
VAULT_ADDR: "https://vault-1:8210"
VAULT_SGX_MRSIGNER: "c5591a72b8b86e0d8814d6e8750e3efe66aea2d102b8ba2405365559b858697d"
VAULT_SGX_ALLOWED_TCB_LEVELS: "SwHardeningNeeded"
@ -121,21 +122,21 @@ services:
- /run/aesmd:/run/aesmd
- /dev/sgx_enclave:/dev/sgx_enclave
stress:
build:
context: .
dockerfile: bin/tee-stress-client/Dockerfile-azure
restart: "no"
environment:
VAULT_ADDR: "https://vault-1:8210"
VAULT_SGX_MRSIGNER: "c5591a72b8b86e0d8814d6e8750e3efe66aea2d102b8ba2405365559b858697d"
VAULT_SGX_ALLOWED_TCB_LEVELS: "SwHardeningNeeded"
ALLOWED_TCB_LEVELS: "SwHardeningNeeded"
privileged: true
init: true
volumes:
- /run/aesmd:/run/aesmd
- /dev/sgx_enclave:/dev/sgx_enclave
# stress:
# build:
# context: .
# dockerfile: bin/tee-stress-client/Dockerfile-azure
# restart: "no"
# environment:
# VAULT_ADDR: "https://vault-1:8210"
# VAULT_SGX_MRSIGNER: "c5591a72b8b86e0d8814d6e8750e3efe66aea2d102b8ba2405365559b858697d"
# VAULT_SGX_ALLOWED_TCB_LEVELS: "SwHardeningNeeded"
# ALLOWED_TCB_LEVELS: "SwHardeningNeeded"
# privileged: true
# init: true
# volumes:
# - /run/aesmd:/run/aesmd
# - /dev/sgx_enclave:/dev/sgx_enclave
volumes:
shared-1: