I'll provide you with a docker-compose configuration for deploying Ory Kratos with its default UI and self-service flows under the

/ui

path. Based on the knowledge sources, we can set up Ory Kratos with the Node.js UI that serves as the default UI implementation. Here's a docker-compose configuration:

yaml version: '3.7'  services:   kratos-migrate:     image: oryd/kratos:latest     environment:       - DSN=sqlite:///var/lib/sqlite/db.sqlite?_fk=true     volumes:       - type: volume         source: kratos-sqlite         target: /var/lib/sqlite       - type: bind         source: ./kratos         target: /etc/config/kratos     command: -c /etc/config/kratos/kratos.yml migrate sql -e --yes     restart: on-failure     networks:       - intranet    kratos:     depends_on:       - kratos-migrate     image: oryd/kratos:latest     ports:       - '4433:4433' # public       - '4434:4434' # admin     restart: unless-stopped     environment:       - DSN=sqlite:///var/lib/sqlite/db.sqlite?_fk=true       - LOG_LEVEL=debug     command: serve -c /etc/config/kratos/kratos.yml --dev     volumes:       - type: volume         source: kratos-sqlite         target: /var/lib/sqlite       - type: bind         source: ./kratos         target: /etc/config/kratos     networks:       - intranet    kratos-selfservice-ui-node:     image: oryd/kratos-selfservice-ui-node:latest     environment:       - KRATOS_PUBLIC_URL=<http://kratos:4433/>       - KRATOS_BROWSER_URL=<http://127.0.0.1:4433/>       - PORT=3000     networks:       - intranet     restart: unless-stopped     ports:       - "3000:3000"    mailslurper:     image: oryd/mailslurper:latest-smtps     ports:       - '4436:4436'       - '4437:4437'     networks:       - intranet    nginx:     image: nginx:latest     ports:       - "80:80"     volumes:       - ./nginx/nginx.conf:/etc/nginx/nginx.conf:ro     networks:       - intranet     depends_on:       - kratos       - kratos-selfservice-ui-node  networks:   intranet:  volumes:   kratos-sqlite:

You'll need to create a configuration file for Kratos. Here's a sample configuration that sets up the UI paths under `/ui`:

yaml # ./kratos/kratos.yml version: v0.11.0  dsn: sqlite:///var/lib/sqlite/db.sqlite?_fk=true  serve:   public:     base_url: <http://127.0.0.1:4433/>     cors:       enabled: true   admin:     base_url: <http://127.0.0.1:4434/>  selfservice:   default_browser_return_url: <http://127.0.0.1/ui/>      flows:     error:       ui_url: <http://127.0.0.1/ui/error>          settings:       ui_url: <http://127.0.0.1/ui/settings>       privileged_session_max_age: 15m          recovery:       enabled: true       ui_url: <http://127.0.0.1/ui/recovery>          verification:       enabled: true       ui_url: <http://127.0.0.1/ui/verification>          logout:       after:         default_browser_return_url: <http://127.0.0.1/ui/login>          login:       ui_url: <http://127.0.0.1/ui/login>          registration:       ui_url: <http://127.0.0.1/ui/registration>       after:         password:           hooks:             - hook: session

And finally, you'll need an Nginx configuration to route the

/ui

paths to the UI node service:

nginx # ./nginx/nginx.conf events {     worker_connections 1024; }  http {     server {         listen 80;                  location /ui/ {             proxy_pass <http://kratos-selfservice-ui-node:3000/;>             proxy_set_header Host $host;             proxy_set_header X-Real-IP $remote_addr;             proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;         }                  location / {             proxy_pass <http://kratos:4433/;>             proxy_set_header Host $host;             proxy_set_header X-Real-IP $remote_addr;             proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;         }     } }

This setup will: 1. Deploy Kratos with SQLite as the database 2. Set up the Kratos Node.js UI 3. Configure Nginx to route

/ui/*

paths to the UI service 4. Include MailSlurper for email testing The configuration is based on the Ory Kratos quickstart and deployment guides from the knowledge sources [Quickstart](https://www.ory.sh/docs/kratos/quickstart#clone-ory-kratos-and-run-it-in-docker) and [Deploy to production](https://www.ory.sh/docs/kratos/guides/deploy-kratos-example#configure-user-interface). Remember to create the necessary directories before starting:

mkdir -p kratos nginx

Then place the configuration files in their respective directories and run

docker-compose up -d

.

I'll modify the previous configuration to use HAProxy instead of Nginx for routing the Ory Kratos UI paths. Here's a docker-compose configuration with HAProxy:

yaml version: '3.7'  services:   kratos-migrate:     image: oryd/kratos:latest     environment:       - DSN=sqlite:///var/lib/sqlite/db.sqlite?_fk=true     volumes:       - type: volume         source: kratos-sqlite         target: /var/lib/sqlite       - type: bind         source: ./kratos         target: /etc/config/kratos     command: -c /etc/config/kratos/kratos.yml migrate sql -e --yes     restart: on-failure     networks:       - intranet    kratos:     depends_on:       - kratos-migrate     image: oryd/kratos:latest     ports:       - '4433:4433' # public       - '4434:4434' # admin     restart: unless-stopped     environment:       - DSN=sqlite:///var/lib/sqlite/db.sqlite?_fk=true       - LOG_LEVEL=debug     command: serve -c /etc/config/kratos/kratos.yml --dev     volumes:       - type: volume         source: kratos-sqlite         target: /var/lib/sqlite       - type: bind         source: ./kratos         target: /etc/config/kratos     networks:       - intranet    kratos-selfservice-ui-node:     image: oryd/kratos-selfservice-ui-node:latest     environment:       - KRATOS_PUBLIC_URL=<http://kratos:4433/>       - KRATOS_BROWSER_URL=<http://127.0.0.1:4433/>       - PORT=3000     networks:       - intranet     restart: unless-stopped    mailslurper:     image: oryd/mailslurper:latest-smtps     ports:       - '4436:4436'       - '4437:4437'     networks:       - intranet    haproxy:     image: haproxy:latest     ports:       - "80:80"     volumes:       - ./haproxy/haproxy.cfg:/usr/local/etc/haproxy/haproxy.cfg:ro     networks:       - intranet     depends_on:       - kratos       - kratos-selfservice-ui-node  networks:   intranet:  volumes:   kratos-sqlite:

You'll need to create a HAProxy configuration file. Here's a sample configuration that routes the

/ui

paths to the UI node service:

# ./haproxy/haproxy.cfg global     daemon     maxconn 256  defaults     mode http     timeout connect 5000ms     timeout client 50000ms     timeout server 50000ms  frontend http-in     bind *:80     acl path_ui path_beg /ui/     use_backend ui-backend if path_ui     default_backend kratos-backend  backend ui-backend     server ui kratos-selfservice-ui-node:3000 check     http-request set-path %[path,regsub(^/ui/,/)]  backend kratos-backend     server kratos kratos:4433 check

The Kratos configuration file remains the same as in the previous example:

yaml # ./kratos/kratos.yml version: v0.11.0  dsn: sqlite:///var/lib/sqlite/db.sqlite?_fk=true  serve:   public:     base_url: <http://127.0.0.1:4433/>     cors:       enabled: true   admin:     base_url: <http://127.0.0.1:4434/>  selfservice:   default_browser_return_url: <http://127.0.0.1/ui/>      flows:     error:       ui_url: <http://127.0.0.1/ui/error>          settings:       ui_url: <http://127.0.0.1/ui/settings>       privileged_session_max_age: 15m          recovery:       enabled: true       ui_url: <http://127.0.0.1/ui/recovery>          verification:       enabled: true       ui_url: <http://127.0.0.1/ui/verification>          logout:       after:         default_browser_return_url: <http://127.0.0.1/ui/login>          login:       ui_url: <http://127.0.0.1/ui/login>          registration:       ui_url: <http://127.0.0.1/ui/registration>       after:         password:           hooks:             - hook: session

Before starting, create the necessary directories:

mkdir -p kratos haproxy

Place the configuration files in their respective directories and run

docker-compose up -d

. This setup will: 1. Deploy Kratos with SQLite as the database 2. Set up the Kratos Node.js UI 3. Configure HAProxy to route

/ui/*

paths to the UI service 4. Include MailSlurper for email testing The HAProxy configuration uses path-based routing to direct requests to either the UI service or directly to Kratos based on whether the path starts with

/ui/

.