# Running Dex With Docker Compose I previously wrote on how to run Dex using docker. In this article, I will create nearly the same setup using docker-compose. This will allow you to run, stop, and restart the setup from a central location. ## Setting up the docker-compose file You'll want to make sure that you have the same Dex config file from the previous article but with one small change. The `issuer` field should be changed to `http://dex:5556/dex` to match the service name that will be used in the docker-compose file. If the `issuer` field is not changed, the example app will try to find Dex within the container it is running in and will not be able to reach it. Changing it to `http://dex:5556/dex` will allow the example app to reach Dex through the network that docker-compose creates. Create a `docker-compose.yml` file alongside the `config.yaml` file. ### Adding Dex to the docker-compose file Adding Dex to the compose file will look very similar to the command that was previously used run Dex. Placing the command in the `docker-compose.yml` file will make it much easier to work with. Add the following to the `docker-compose.yml` file: ```yaml dex: restart: always container_name: dex image: dexidp/dex:latest volumes: - ./config.docker.yaml:/etc/dex/config.docker.yaml ports: - 5556:5556 ``` This will specify the Dex image, volume mount the config, expose the ports needed to reach Dex, name the container, and make sure it always restarts in case of an error. ### Adding the example app to the docker-compose file Another benefit of using docker-compose is that the example app can now be ran within docker without having to deal with setting up a separate network since docker-compose will do it for you. ```yaml example-app: container_name: example-app restart: always image: ghcr.io/dexidp/example-app:latest depends_on: - dex ports: - 5555:5555 entrypoint: [ "example-app", "--issuer", "http://dex:5556/dex", "--listen", "http://0.0.0.0:5555", ] ``` This specifies the same fields as the Dex service but it also specifies that it depends on the Dex service and overrides the entrypoint for this specific setup. Note that the issuer is the same as what we changed in the Dex config file and the listen address is set to 0.0.0.0 to accept connections from any IP address. ## Modifying /etc/hosts The last step to make Dex work with the example app is to modify the `/etc/hosts` file to point `dex` to `127.0.0.1`. This will the changes we made to the `issuer` field in the Dex config file to point to the hostname `dex` but make the systems browser requests to `dex` go to the localhost. ```bash echo " 127.0.0.1 dex " | sudo tee -a /etc/hosts ``` ## Final steps The final steps are to run the following command to start the services: ```bash docker-compose up ``` This will start the Dex and example app services. You can now navigate to `http://localhost:5555` to see the example app running and follow the same authentication flow as the previous example. ## Summary This example takes the previous article and makes it easier to manage by using docker-compose. This will allow you to run, stop, and restart the setup from a central location. ## Full docker-compose file ```yaml services: dex: restart: always container_name: dex image: dexidp/dex:latest volumes: - ./config.docker.yaml:/etc/dex/config.docker.yaml ports: - 5556:5556 example-app: container_name: example-app restart: always image: ghcr.io/dexidp/example-app:latest depends_on: - dex ports: - 5555:5555 entrypoint: [ "example-app", "--issuer", "http://dex:5556/dex", "--listen", "http://0.0.0.0:5555", ] ``` ## Full config.yaml file ```yaml issuer: http://dex:5556/dex storage: type: sqlite3 web: http: 0.0.0.0:5556 staticClients: - id: example-app redirectURIs: - "http://127.0.0.1:5555/callback" name: "Example App" secret: ZXhhbXBsZS1hcHAtc2VjcmV0 enablePasswordDB: true staticPasswords: - email: "admin@example.com" hash: "$2a$10$2b2cU8CPhOTaGrs1HRQuAueS7JTT5ZHsHSzYiFPm1leZck7Mc8T4W" username: "admin" userID: "08a8684b-db88-4b73-90a9-3cd1661f5466" ```