This repository contains the infrastructure configuration for ClassCompass, managed via Docker Compose.
ClassCompass is a multi-tenant system designed for managing and viewing academic schedules, institutional structures, and physical resources in educational entities. It allows multiple schools to operate on a shared infrastructure while keeping their data isolated.
The infrastructure repository coordinates the orchestration, deployment configurations, and runtime boundaries of the entire platform.
- Containerization: Configures and manages the multi-service deployment using Docker Compose.
- Network Isolation: Separates the application runtime and databases from the security services through isolated container networks.
- Reverse Proxy: Deploys Ory Oathkeeper as an Identity-Aware Proxy (IAP) to inspect incoming request signatures before they reach the backend.
Open a terminal and run the following commands:
git clone https://github.com/shestakov-dev/ClassCompassInfrastructure
cd ClassCompassInfrastructureCopy all files ending with .example in the config/env/ directory, removing the .example suffix (e.g., kratos.env.example becomes kratos.env). Then open each file and edit the values according to your requirements.
cd config/env
cp app-postgres.env.example app-postgres.env
cp keto.env.example keto.env
cp kratos.env.example kratos.env
cp ory-postgres.env.example ory-postgres.env
cp server.env.example server.env
# Edit the files with your preferred editor
nano app-postgres.env # etc...Copy the file config/databases/redis/users.acl.example and rename it to users.acl. Open it and replace <YOUR_USERNAME> and <YOUR_PASSWORD> with your values.
cd config/databases/redis
cp users.acl.example users.aclEdit users.acl to set your Redis username and password:
user <YOUR_USERNAME> on ><YOUR_PASSWORD> ~* +@all
Oathkeeper requires a JWK file used for signing request data passed through the proxy. Run the following command from the repository root to generate it:
docker run --rm oryd/oathkeeper:v25.4.0 credentials generate --alg RS256 > config/ory/oathkeeper/jwks.jsonOathkeeper uses rules to determine which requests are forwarded to which service. If you're using a domain other than classcompass.shestakov.app (the default), you need to edit the rules file in addition to the environment variables. In config/ory/oathkeeper/rules.yml, replace all occurrences of the domain with your new one.
The final step is to start the application:
docker compose up -dThis command will start all required containers for the application and monitor for new versions of the server and client images. When new versions are detected, they will be automatically pulled and started.