Deploy ThunderID with Docker

This guide walks you through deploying ThunderID using Docker. You can run ThunderID as a single container for development or pair it with an external PostgreSQL database for production use.

Prerequisites

Before you begin, ensure the following tools are installed:

Tool	Minimum Version	Installation Guide	Version Check
Docker	20.10	Install Docker	`docker --version`
Docker Compose	2.0	Install Docker Compose	`docker compose version`

Verify your installation:

docker --version
docker compose version
docker run hello-world

ThunderID listens on port 8090 by default. Ensure that port is available on your host.

Run ThunderID with Docker

Step 1: Pull the Image

docker pull ghcr.io/thunder-id/thunder-id:latest

Step 2: Set Up the Server

Run the one-time setup script before starting ThunderID for the first time. The setup initializes the configuration and database:

docker run -it --rm \
  ghcr.io/thunder-id/thunder-id:latest \
  ./setup.sh

The container exits after setup completes. If you are using SQLite as the database, mount a volume to persist the database file so the setup data is available when you start the server.

Step 3: Start the Server

docker run --rm \
  -p 8090:8090 \
  ghcr.io/thunder-id/thunder-id:latest

ThunderID is now running at https://localhost:8090.

Customize the Configuration

To override the default server configuration, mount a custom deployment.yaml file. Create a deployment.yaml based on the default configuration and pass it to the container:

docker run --rm \
  -p 8090:8090 \
  -v $(pwd)/deployment.yaml:/opt/thunder/repository/conf/deployment.yaml \
  ghcr.io/thunder-id/thunder-id:latest

To also use custom TLS certificates, mount them alongside the configuration:

docker run --rm \
  -p 8090:8090 \
  -v $(pwd)/deployment.yaml:/opt/thunder/repository/conf/deployment.yaml \
  -v $(pwd)/certs/server.cert:/opt/thunder/repository/resources/security/server.cert \
  -v $(pwd)/certs/server.key:/opt/thunder/repository/resources/security/server.key \
  ghcr.io/thunder-id/thunder-id:latest

Access ThunderID

Once the container is running, access ThunderID at the following endpoints:

Endpoint	URL
Application	`https://localhost:8090`
Sign-in / Register	`https://localhost:8090/signin`
ThunderID Console	`https://localhost:8090/console`

Database Setup

Embedded SQLite (Default)

ThunderID uses SQLite by default. No additional setup is required for development or local testing.

External PostgreSQL

For production deployments, use an external PostgreSQL database. ThunderID ships with a Docker Compose file for running a local PostgreSQL instance.

Navigate to the install/local-development directory:
```
cd install/local-development
```
Start PostgreSQL in the background:
```
docker compose up -d
```
View PostgreSQL logs:
```
docker compose logs -f
```
Stop PostgreSQL:
```
docker compose down
```
To stop PostgreSQL and delete all data:
```
docker compose down -v
```

Next Steps

Deploy ThunderID on Kubernetes — Deploy ThunderID to a Kubernetes cluster using Helm.
Deploy ThunderID on OpenChoreo — Deploy ThunderID on the OpenChoreo platform.

Prerequisites​

Run ThunderID with Docker​

Step 1: Pull the Image​

Step 2: Set Up the Server​

Step 3: Start the Server​

Customize the Configuration​

Access ThunderID​

Database Setup​

Embedded SQLite (Default)​

External PostgreSQL​

Next Steps​