Skip to Content

Changes for page KeyCloak

Last modified by chrisby on 2024/03/03 14:52
From version 1.4
edited by chrisby
on 2023/12/22 21:35
Change comment: There is no comment for this version
To version 1.6
edited by chrisby
on 2024/03/03 14:52
Change comment: There is no comment for this version

Summary

Details

Page properties
Content
... ... @@ -1,82 +1,78 @@
1 1  ###### Dockerfile
2 2  
3 -```Dockerfile
4 -FROM quay.io/keycloak/keycloak:22.0.1 as builder
5 -ENV KC_HEALTH_ENABLED=false
6 -ENV KC_METRICS_ENABLED=false
7 -ENV KC_DB=postgres
8 -WORKDIR /opt/keycloak
9 -RUN /opt/keycloak/bin/kc.sh build
3 + FROM quay.io/keycloak/keycloak:22.0.1 as builder
4 + ENV KC_HEALTH_ENABLED=false
5 + ENV KC_METRICS_ENABLED=false
6 + ENV KC_DB=postgres
7 + WORKDIR /opt/keycloak
8 + RUN /opt/keycloak/bin/kc.sh build
9 +
10 + FROM quay.io/keycloak/keycloak:22.0.1
11 + COPY --from=builder /opt/keycloak/ /opt/keycloak/
12 + ENTRYPOINT ["/opt/keycloak/bin/kc.sh"]
10 10  
11 -FROM quay.io/keycloak/keycloak:22.0.1
12 -COPY --from=builder /opt/keycloak/ /opt/keycloak/
13 -ENTRYPOINT ["/opt/keycloak/bin/kc.sh"]
14 -```
15 -
16 16  ###### docker-compose.yml
17 17  
18 -```yaml
19 -version: '3'
20 -
21 -services:
22 - traefik:
23 - image: "traefik:v2.9"
24 - container_name: keycloak-traefik
25 - command:
26 - - "--api.insecure=true"
27 - - "--providers.docker=true"
28 - - "--providers.docker.exposedbydefault=false"
29 - - "--entrypoints.websecure.address=:443"
30 - - "--certificatesresolvers.myresolver.acme.tlschallenge=true"
31 - - "--certificatesresolvers.myresolver.acme.email=<your-email>"
32 - - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
33 - # Uncomment for generating fake certificates and enabling debugging. Used for development, not production.
34 - # - "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
35 - #- "--log.level=DEBUG"
36 - ports:
37 - - "443:443"
16 + version: '3'
17 +
18 + services:
19 + traefik:
20 + image: "traefik:v2.9"
21 + container_name: keycloak-traefik
22 + command:
23 + - "--api.insecure=true"
24 + - "--providers.docker=true"
25 + - "--providers.docker.exposedbydefault=false"
26 + - "--entrypoints.websecure.address=:443"
27 + - "--certificatesresolvers.myresolver.acme.tlschallenge=true"
28 + - "--certificatesresolvers.myresolver.acme.email=<your-email>"
29 + - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
30 + # Uncomment for generating fake certificates and enabling debugging. Used for development, not production.
31 + # - "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
32 + #- "--log.level=DEBUG"
33 + ports:
34 + - "443:443"
35 + volumes:
36 + - "./data/letsencrypt:/letsencrypt"
37 + - "/var/run/docker.sock:/var/run/docker.sock:ro"
38 +
39 + keycloak-postgres:
40 + image: postgres:13.2
41 + container_name: keycloak-postgres
42 + volumes:
43 + - keycloak-postgres:/var/lib/postgresql/data
44 + environment:
45 + POSTGRES_DB: keycloak
46 + POSTGRES_USER: keycloak
47 + POSTGRES_PASSWORD: <enter-postgres-password>
48 +
49 + mykeycloak:
50 + build: ./
51 + image: mykeycloak
52 + container_name: keycloak-keycloak
53 + command:
54 + - start --optimized --proxy edge
55 + environment:
56 + KC_HOSTNAME: <subdomain>
57 + KEYCLOAK_ADMIN: admin
58 + KEYCLOAK_ADMIN_PASSWORD: <enter-admin-password>
59 + KC_DB: postgres
60 + KC_DB_URL: jdbc:postgresql://keycloak-postgres:5432/keycloak
61 + KC_DB_USERNAME: keycloak
62 + KC_DB_PASSWORD: <enter-postgres-password>
63 + # KC_LOG_LEVEL: DEBUG
64 + depends_on:
65 + - keycloak-postgres
66 + labels:
67 + - "traefik.enable=true"
68 + - "traefik.http.routers.keycloak.rule=Host(`<subdomain>`)"
69 + - "traefik.http.routers.keycloak.entrypoints=websecure"
70 + - "traefik.http.routers.keycloak.tls.certresolver=myresolver"
71 + - "traefik.http.services.keycloak.loadbalancer.server.port=8080"
72 +
38 38   volumes:
39 - - "./data/letsencrypt:/letsencrypt"
40 - - "/var/run/docker.sock:/var/run/docker.sock:ro"
74 + keycloak-postgres:
41 41  
42 - keycloak-postgres:
43 - image: postgres:13.2
44 - container_name: keycloak-postgres
45 - volumes:
46 - - keycloak-postgres:/var/lib/postgresql/data
47 - environment:
48 - POSTGRES_DB: keycloak
49 - POSTGRES_USER: keycloak
50 - POSTGRES_PASSWORD: <enter-postgres-password>
51 -
52 - mykeycloak:
53 - build: ./
54 - image: mykeycloak
55 - container_name: keycloak-keycloak
56 - command:
57 - - start --optimized --proxy edge
58 - environment:
59 - KC_HOSTNAME: <subdomain>
60 - KEYCLOAK_ADMIN: admin
61 - KEYCLOAK_ADMIN_PASSWORD: <enter-admin-password>
62 - KC_DB: postgres
63 - KC_DB_URL: jdbc:postgresql://keycloak-postgres:5432/keycloak
64 - KC_DB_USERNAME: keycloak
65 - KC_DB_PASSWORD: <enter-postgres-password>
66 - # KC_LOG_LEVEL: DEBUG
67 - depends_on:
68 - - keycloak-postgres
69 - labels:
70 - - "traefik.enable=true"
71 - - "traefik.http.routers.keycloak.rule=Host(`<subdomain>`)"
72 - - "traefik.http.routers.keycloak.entrypoints=websecure"
73 - - "traefik.http.routers.keycloak.tls.certresolver=myresolver"
74 - - "traefik.http.services.keycloak.loadbalancer.server.port=8080"
75 -
76 -volumes:
77 - keycloak-postgres:
78 -```
79 -
80 80  ###### Instructions
81 81  
82 82  * Execute `docker-compose up -d`