├── docker-compose.yml ├── docker-compose-yml-for-pre-1.9.docker.client ├── tyk.conf ├── tyk_analytics.conf ├── README.md └── setup.sh /docker-compose.yml: -------------------------------------------------------------------------------- 1 | ambassador: 2 | image: cpuguy83/docker-grand-ambassador 3 | volumes: 4 | - /var/run/docker.sock:/run/docker.sock 5 | command: "-name tykquickstart_tyk_gateway_1 -name tykquickstart_tyk_dashboard_1" 6 | tyk_gateway: 7 | image: tykio/tyk-gateway:latest 8 | links: 9 | - tyk_redis:redis 10 | - tyk_mongo:mongo 11 | - ambassador:tyk_dashboard 12 | ports: 13 | - "80:8080" 14 | - "8080:8080" 15 | volumes: 16 | - ./tyk.conf:/opt/tyk-gateway/tyk.conf 17 | tyk_dashboard: 18 | image: tykio/tyk-dashboard:latest 19 | links: 20 | - tyk_redis:redis 21 | - tyk_mongo:mongo 22 | - tyk_gateway:tyk_gateway 23 | - ambassador:tyk_gateway 24 | ports: 25 | - "3000:3000" 26 | volumes: 27 | - ./tyk_analytics.conf:/opt/tyk-dashboard/tyk_analytics.conf 28 | tyk_redis: 29 | image: redis:latest 30 | hostname: redis 31 | tyk_mongo: 32 | image: mongo:latest 33 | command: ["mongod", "--smallfiles"] 34 | hostname: mongo 35 | -------------------------------------------------------------------------------- /docker-compose-yml-for-pre-1.9.docker.client: -------------------------------------------------------------------------------- 1 | dnsdock: 2 | image: tonistiigi/dnsdock 3 | volumes: 4 | - /var/run/docker.sock:/run/docker.sock 5 | ports: 6 | - 172.17.42.1:53:53/udp 7 | tyk_gateway: 8 | image: tykio/tyk-gateway:latest 9 | links: 10 | - tyk_redis:redis 11 | - tyk_mongo:mongo 12 | ports: 13 | - "80:8080" 14 | - "8080:8080" 15 | volumes: 16 | - ./tyk.conf:/opt/tyk-gateway/tyk.conf 17 | dns: 172.17.42.1 18 | environment: 19 | - DNSDOCK_NAME=tyk_gateway 20 | tyk_dashboard: 21 | image: tykio/tyk-dashboard:latest 22 | links: 23 | - tyk_redis:redis 24 | - tyk_mongo:mongo 25 | - tyk_gateway:tyk_gateway 26 | ports: 27 | - "3000:3000" 28 | volumes: 29 | - ./tyk_analytics.conf:/opt/tyk-dashboard/tyk_analytics.conf 30 | dns: 172.17.42.1 31 | environment: 32 | - DNSDOCK_NAME=tyk_dashboard 33 | tyk_redis: 34 | image: redis:latest 35 | hostname: redis 36 | tyk_mongo: 37 | image: mongo:latest 38 | command: ["mongod", "--smallfiles"] 39 | hostname: mongo 40 | -------------------------------------------------------------------------------- /tyk.conf: -------------------------------------------------------------------------------- 1 | { 2 | "listen_port": 8080, 3 | "secret": "352d20ee67be67f6340b4c0605b044b7", 4 | "template_path": "/opt/tyk-gateway/templates", 5 | "tyk_js_path": "/opt/tyk-gateway/js/tyk.js", 6 | "middleware_path": "/opt/tyk-gateway/middleware", 7 | "use_db_app_configs": true, 8 | "app_path": "/opt/tyk-gateway/apps/", 9 | "storage": { 10 | "type": "redis", 11 | "host": "redis", 12 | "port": 6379, 13 | "username": "", 14 | "password": "", 15 | "database": 0, 16 | "optimisation_max_idle": 100 17 | }, 18 | "enable_analytics": true, 19 | "analytics_config": { 20 | "type": "mongo", 21 | "csv_dir": "/tmp", 22 | "mongo_url": "mongodb://mongo:27017/tyk_analytics", 23 | "mongo_db_name": "tyk_analytics", 24 | "mongo_collection": "tyk_analytics", 25 | "purge_delay": 10, 26 | "ignored_ips": [] 27 | }, 28 | "health_check": { 29 | "enable_health_checks": true, 30 | "health_check_value_timeouts": 60 31 | }, 32 | "optimisations_use_async_session_write": true, 33 | "allow_master_keys": false, 34 | "policies": { 35 | "policy_source": "mongo", 36 | "policy_record_name": "tyk_policies" 37 | }, 38 | "hash_keys": true, 39 | "close_connections": true 40 | } 41 | -------------------------------------------------------------------------------- /tyk_analytics.conf: -------------------------------------------------------------------------------- 1 | { 2 | "listen_port": 3000, 3 | "tyk_api_config": { 4 | "Host": "http://ambassador_1", 5 | "Port": "8080", 6 | "Secret": "352d20ee67be67f6340b4c0605b044b7" 7 | }, 8 | "mongo_url": "mongodb://mongo:27017/tyk_analytics", 9 | "page_size": 10, 10 | "admin_secret": "12345", 11 | "redis_port": 6379, 12 | "redis_host": "redis", 13 | "redis_password": "", 14 | "force_api_defaults": false, 15 | "notify_on_change": true, 16 | "license_owner": "NA", 17 | "hash_keys": true, 18 | "email_backend": {}, 19 | "hide_listen_path": false, 20 | "use_sentry": false, 21 | "sentry_code": "", 22 | "sentry_js_code": "", 23 | "show_org_id": true, 24 | "enable_duplicate_slugs": true, 25 | "host_config" : { 26 | "override_hostname": "www.tyk-portal-test.com", 27 | "disable_org_slug_prefix": true, 28 | "enable_host_names": false, 29 | "hostname": "", 30 | "portal_domains": {}, 31 | "portal_root_path": "/portal" 32 | }, 33 | "http_server_options": { 34 | "use_ssl": false, 35 | "certificates": [ 36 | {} 37 | ] 38 | }, 39 | "ui": { 40 | "login_page": {}, 41 | "nav" : {}, 42 | "uptime": {}, 43 | "portal": {}, 44 | "designer": {} 45 | }, 46 | "home_dir": "/opt/tyk-dashboard" 47 | } 48 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Tyk Quickstart with Docker/Compose 2 | 3 | Make sure you have installed [docker](https://docs.docker.com/installation/) and [compose](https://docs.docker.com/compose/install/). 4 | 5 | Launch the stack: 6 | 7 | docker-compose up -d 8 | 9 | Setup your organization/user and portal: 10 | 11 | ./setup.sh 127.0.0.1 your.portal.domain 12 | 13 | Or for OSX Users: 14 | echo $DOCKER_HOST 15 | ./setup.sh YOUR_DOCKER_IP your.portal.domain 16 | 17 | Then log in using the instructions. 18 | 19 | ### Note to enable the portal: 20 | 21 | The setup script will automatically create locally routed proxies for the dashboard (so that your docker container can serve both APIs and your portal from Port 80). In a traditional setup without docker, internal networking allows us to use `localhost` to refer to the upstream dashboard as in the proxy, however in docker, we need to route around a local DNS. 22 | 23 | This means the fixtures we use to set up the portal routes for an organisation to be proxied by the gateway ned to be modified for docker, this is pretty easy: 24 | 25 | ### To enable the portal: 26 | 27 | - Go to the APIs section 28 | - In each API that is greyed out, edit it and replace `localhost` in the Target URL with `ambassador_1` 29 | - Save each API 30 | 31 | This will reload the proxies and enable the custom portal domain you have specified to proxy via Tyk Gateway to the appropriate configuration in the dashboard, obviously make sure that your portal domain is pointing at your docker instance. 32 | 33 | If you wish to change your portal domain - **DO NOT USE** the drop-down option in the navigation, instead, change the domain names in the three site entries in the API section. However, if you want clean URLs constructed for your APIs in the dashboard, setting this value will show the URLs for your APIs as relative to the domain you've set. 34 | -------------------------------------------------------------------------------- /setup.sh: -------------------------------------------------------------------------------- 1 | #! /bin/bash 2 | 3 | # This script will set up a full tyk environment on your machine 4 | # and also create a demo user for you with one command 5 | 6 | # USAGE 7 | # ----- 8 | # 9 | # $> ./setup.sh {IP ADDRESS OF DOCKER VM} 10 | 11 | # OSX users will need to specify a virtual IP, linux users can use 127.0.0.1 12 | 13 | # Tyk dashboard settings 14 | TYK_DASHBOARD_USERNAME="test$RANDOM@test.com" 15 | TYK_DASHBOARD_PASSWORD="test123" 16 | 17 | # Tyk portal settings 18 | TYK_PORTAL_DOMAIN="www.tyk-portal-test.com" 19 | 20 | DOCKER_IP=127.0.0.1 21 | 22 | if [ -n "$DOCKER_HOST" ] 23 | then 24 | echo "Detected a Docker VM..." 25 | REMTCP=${DOCKER_HOST#tcp://} 26 | DOCKER_IP=${REMTCP%:*} 27 | fi 28 | 29 | if [ -n "$1" ] 30 | then 31 | DOCKER_IP=$1 32 | echo "Docker host address explicitly set." 33 | echo "Using $DOCKER_IP as Tyk host address." 34 | fi 35 | 36 | if [ -n "$2" ] 37 | then 38 | TYK_PORTAL_DOMAIN=$2 39 | echo "Docker portal domain address explicitly set." 40 | echo "Using $TYK_PORTAL_DOMAIN as Tyk host address." 41 | fi 42 | 43 | if [ -z "$1" ] 44 | then 45 | echo "Using $DOCKER_IP as Tyk host address." 46 | echo "If this is wrong, please specify the instance IP address (e.g. ./setup.sh 192.168.1.1)" 47 | fi 48 | 49 | echo "Creating Organisation" 50 | ORG_DATA=$(curl --silent --header "admin-auth: 12345" --header "Content-Type:application/json" --data '{"owner_name": "TestOrg5 Ltd.","owner_slug": "testorg", "cname_enabled":true}' http://$DOCKER_IP:3000/admin/organisations 2>&1) 51 | ORG_ID=$(echo $ORG_DATA | python -c 'import json,sys;obj=json.load(sys.stdin);print obj["Meta"]') 52 | echo "ORG ID: $ORG_ID" 53 | 54 | echo "Adding new user" 55 | USER_DATA=$(curl --silent --header "admin-auth: 12345" --header "Content-Type:application/json" --data '{"first_name": "John","last_name": "Smith","email_address": "'$TYK_DASHBOARD_USERNAME'","active": true,"org_id": "'$ORG_ID'"}' http://$DOCKER_IP:3000/admin/users 2>&1) 56 | USER_AUTH=$(echo $USER_DATA | python -c 'import json,sys;obj=json.load(sys.stdin);print obj["Message"]') 57 | USER_LIST=$(curl --silent --header "authorization: $USER_AUTH" http://$DOCKER_IP:3000/api/users 2>&1) 58 | USER_ID=$(echo $USER_LIST | python -c 'import json,sys;obj=json.load(sys.stdin);print obj["users"][0]["id"]') 59 | echo "USER AUTH: $USER_AUTH" 60 | echo "USER ID: $USER_ID" 61 | 62 | echo "Setting password" 63 | OK=$(curl --silent --header "authorization: $USER_AUTH" --header "Content-Type:application/json" http://$DOCKER_IP:3000/api/users/$USER_ID/actions/reset --data '{"new_password":"'$TYK_DASHBOARD_PASSWORD'"}') 64 | 65 | echo "Setting up the portal domain" 66 | OK=$(curl --silent -d "domain="$TYK_PORTAL_DOMAIN"" -H "admin-auth:12345" http://$DOCKER_IP:3000/admin/organisations/$ORG_ID/generate-portals) 67 | 68 | echo "" 69 | 70 | echo "DONE" 71 | echo "====" 72 | echo "Login at http://$DOCKER_IP:3000/" 73 | echo "Username: $TYK_DASHBOARD_USERNAME" 74 | echo "Password: $TYK_DASHBOARD_PASSWORD" 75 | echo "Portal: http://$TYK_PORTAL_DOMAIN" 76 | echo "" 77 | --------------------------------------------------------------------------------