curl -O https://raw.githubusercontent.com/Evolveum/midpoint-docker/master/docker-compose.ymlDocker Compose
This page describes midPoint installation in Docker and includes Docker Compose samples.
You can use the Docker environment provided by midPoint out-of-box, however, small syntax updates may be required.
For broader context, see :
-
Common containers related information with options to customize the installation.
-
Kubernetes related information with a sample configuration.
-
Container customization related information.
Preparing the Environment
To have a working midPoint environment, more than just one application is needed. To address this complexity, we prepared a description file which can be easily processed - a Docker Compose file. This file contains a definition for all parts and also provides the necessary settings. You can "run" the file and thus create an isolated working environment.
Docker Engine
To install midPoint, you will need Docker Compose which requires a Docker environment. The environment must include the Docker Engine.
|
See Docker documentation related to installation based on your OS:
|
Docker Compose Definition
Download the Docker Compose file from Github.
In your terminal, you can download it by running the following curl command:
It is recommended not to rename the downloaded docker-compose.yml file.
If you use a different name, you need to define it explicitly in all Docker Compose commands with the -f parameter.
|
All objects based on the Docker Compose file will contain the directory name as a prefix. |
Database Password Initialization (Optional)
You can find a "static" password for the database in the Docker Compose definition file, db.secret.pw.007.
This configuration is less secure, but the focus is on deploying quickly in this case.
If you want to manage passwords more securely, refer to Secrets in Compose.
|
To use secrets in Docker Compose, you need to append the _FILE suffix to all environment variables that store passwords. Namely, rename:
This is because the value of each variable will be the path to a file containing the secret instead of the secret itself as a plain string. Any image used in the provided Docker Compose file can work with this suffix. |
Managing the Environment
The basic management commands are used to:
-
Start the environment in the background:
docker compose up -dThe web GUI becomes available once the environment starts and the initiation (loading initial objects into the empty repository, etc.) is completed. Depending on your environment, this may take several minutes.
If you encounter problems, you can check midPoint logs in the console using the Docker logging mechanism: docker logs midpoint_server
|
-
Stop the environment:
docker compose downThis command stops the container but keeps it defined. The data stays available for the next run.
-
Stop and reset the environment (clean up the data):
docker compose down -vUsing the -v parameter also removes the volumes. Volumes are spaces where data is stored outside of containers, i.e. a persistent storage that holds data so that it can be re-used after removing or re-creating containers.
In other words, if you use the -v parameter, user data related to the container will also be removed, for example the DB (repository) content.
The following table shows the most common commands:
| Command | Result |
|---|---|
|
Starts the environment based on the Docker Compose file content. |
|
Stops the environment (the stored data is kept). |
|
Stops the environment and cleans up the relevant data. |
|
Lists all currently running containers. |
|
Lists all containers currently used in the system (including stopped containers). |
|
If you have installed Docker Desktop, you can also start/stop the environment in GUI. The services defined in the Docker Compose file are grouped. The name of the group is the name of the directory where the Docker Compose file is located. After running the first 
Figure 1. Docker Desktop with the midPoint environment
|
MidPoint User Interface
MidPoint has a web administration user interface.
This is the primary user interface for using and configuring midPoint.
By default, the user interface is accessible at port 8080:
Logging In
Log in to user interface as the administrator user:
-
In midPoint 4.8.1 and newer versions, there is no default password for security reasons. With the first run, an administrator user is initialized and a new password is generated. This is then saved in a log file. See Administrator Initial Password for details.
-
In midPoint 4.8 and lower versions, the default credentials are as follows:
Username
administratorPassword
5ecr3t
Take a Look Around
The administrator is an all-powerful user. Therefore, all capabilities of midPoint are at your disposal.
-
The Self Service part of the interface is used to manage the identity and privileges of the currently logged in user.
-
The Administration part of the user interface is used to manage user identities, roles, organizational structure, and policies. This part is used for routine administration of the system. At this stage, this is perhaps the most interesting part of midPoint to explore.
-
The Configuration part of the user interface is used to customize midPoint behavior, going deep into the midPoint internals.
Was this page helpful?
YES
NO
Thanks for your feedback