IAM Installation Method

####Since 1.15.0, our default compose file contains two web server (caddy or nginx). As the consequences, you need to choose which one to use on deployment command

To install/ deploy this service, we support the following method:

  1. Fully Dockerized for Development
  2. Fully Dockerized for Deployment and Production
  3. Use Symfony console
  4. Fully use native OS services

1. Fully Dockerized For Development


This method only require you to have Docker Engine installed on the host.


First, clone this repository:

$ git clone [email protected]:dadangnh/iam.git some_dir
$ cd some_dir

Then, create your environment by editing .env and save as .env.local or you can use OS's environment variable or use Symfony Secrets. Create your JWT passphrase on the JWT_PASSPHRASE key. Make sure to adjust the credentials on the environment for the Docker. You can find inside docker-compose.yaml file

Create the docker environment with caddy:

$ docker-compose up -d database redis php caddy

Create the docker environment with nginx:

$ docker-compose up -d database redis php nginx

Generate Private and public key for JWT Token (or you can use your own key and place it to config/jwt folder):

On Linux:

$ docker-compose exec php sh -c '
    set -e
    apk add openssl
    mkdir -p config/jwt
    jwt_passphrase=${JWT_PASSPHRASE:-$(grep ''^JWT_PASSPHRASE='' .env | cut -f 2 -d ''='')}
    echo "$jwt_passphrase" | openssl genpkey -out config/jwt/private.pem -pass stdin -aes256 -algorithm rsa -pkeyopt rsa_keygen_bits:4096
    echo "$jwt_passphrase" | openssl pkey -in config/jwt/private.pem -passin stdin -out config/jwt/public.pem -pubout
    setfacl -R -m u:www-data:rX -m u:"$(whoami)":rwX config/jwt
    setfacl -dR -m u:www-data:rX -m u:"$(whoami)":rwX config/jwt

On Windows:

> docker-compose exec php /bin/sh

You will enter docker shell, then run (line by line, do not paste it as a whole):

set -e
apk add openssl
mkdir -p config/jwt
export jwt_passphrase=${JWT_PASSPHRASE:-$(grep ''^JWT_PASSPHRASE='' .env | cut -f 2 -d ''='')}
echo "$jwt_passphrase" | openssl genpkey -out config/jwt/private.pem -aes256 -algorithm rsa -pkeyopt rsa_keygen_bits:4096 --pass stdin
echo "$jwt_passphrase" | openssl pkey -in config/jwt/private.pem -out config/jwt/public.pem -pubout --passin stdin
setfacl -R -m u:www-data:rX -m u:"$(whoami)":rwX config/jwt
setfacl -dR -m u:www-data:rX -m u:"$(whoami)":rwX config/jwt

Install dependency

$ docker-compose exec php composer install


run the migration:

$  docker-compose exec php bin/console doctrine:migrations:migrate --no-interaction

Add default data (optional on non production)

run the following to add dummy data:

$  docker-compose exec php bin/console doctrine:fixtures:load --no-interaction

Now your app are ready to use:

Landing page: https://localhost/

API Endpoint and Docs: https://localhost/api

Admin page: https://localhost/admin

Unit testing also available with the following command:

$ docker-compose exec php bin/phpunit

2. Fully Dockerized for Deployment and Production


This method only require you to have Docker Engine installed on the host.


Copy your project on the server using git clone, scp or any other tool that may fit your need. If you use GitHub, you may want to use a deploy key. Deploy keys are also supported by GitLab.

Example with Git:

$ git clone [email protected]:dadangnh/iam.git

Go into the directory containing your project (<project-name>), and start the app in production mode (caddy):

$ docker-compose -f docker-compose.yml -f up -d database redis php caddy

Be sure to replace by your actual domain name.

Your server is up and running, and a Let's Encrypt HTTPS certificate has been automatically generated for you. Go to and enjoy!

Disabling HTTPS on Caddy

Alternatively, if you don't want to expose an HTTPS server but only an HTTP one, run the following command:

$ SERVER_NAME=:80 docker-compose -f docker-compose.yml -f up -d database redis php caddy

Disabling HTTPS on nginx

By default, the nginx image run both on http and https protocol, there is no redirection yet, so it can be run with:

$ SERVER_NAME=:80 docker-compose -f docker-compose.yml -f up -d database redis php nginx

3. Use Symfony console


This method only require you to have the following tools:

  1. Docker Engine installed on the host.

  2. PHP Engine version 8.0.1 or newer

  3. Symfony console


First, clone this repository:

$ git clone [email protected]:dadangnh/iam.git some_dir
$ cd some_dir

Then, create your environment by editing .env and save as .env.local or you can use OS's environment variable or use Symfony Secrets. Create your JWT passphrase on the JWT_PASSPHRASE key. Make sure to adjust the credentials on the environment for the Docker. You can find inside docker-compose.yaml file

Create the docker environment for the database and redis:

$ docker-compose up -d database redis

Create public and private key

$ mkdir -p config/jwt
$ openssl genpkey -out config/jwt/private.pem -aes256 -algorithm rsa -pkeyopt rsa_keygen_bits:4096
$ openssl pkey -in config/jwt/private.pem -out config/jwt/public.pem -pubout

Install dependency

$ symfony composer install


run the migration:

$  docker-compose exec php bin/console doctrine:migrations:migrate --no-interaction

Add default data (optional on non production)

run the following to add dummy data:

$  docker-compose exec php bin/console doctrine:fixtures:load --no-interaction

Now your app are ready to use:

Landing page: https://localhost:8080/

API Endpoint and Docs: https://localhost:8080/api

Admin page: https://localhost:8080/admin

Unit testing also available with the following command:

$ php bin/phpunit

4. Fully use native OS services


This method only require you to have the following tools:

  1. PHP Engine version 8.0.1 or newer

  2. Symfony console

  3. Postgre SQL version 13 or newer

  4. Redis


First, clone this repository:

$ git clone [email protected]:dadangnh/iam.git some_dir
$ cd some_dir

Then, create your environment by editing .env and save as .env.local or you can use OS's environment variable or use Symfony Secrets. Create your JWT passphrase on the JWT_PASSPHRASE key.

Create public and private key

$ mkdir -p config/jwt
$ openssl genpkey -out config/jwt/private.pem -aes256 -algorithm rsa -pkeyopt rsa_keygen_bits:4096
$ openssl pkey -in config/jwt/private.pem -out config/jwt/public.pem -pubout

Install dependency

$ symfony composer install


run the migration:

$  php bin/console doctrine:migrations:migrate --no-interaction

Add default data (optional on non production)

run the following to add dummy data:

$  php bin/console doctrine:fixtures:load --no-interaction

Now your app are ready to use:

Landing page: https://localhost:8080/

API Endpoint and Docs: https://localhost:8080/api

Admin page: https://localhost:8080/admin

Unit testing also available with the following command:

$ php bin/phpunit