Skip to Content

Changes for page KeyCloak

Last modified by chrisby on 2024/03/03 14:52
From version 1.7
edited by chrisby
on 2024/03/03 14:52
Change comment: There is no comment for this version
To version 1.4
edited by chrisby
on 2023/12/22 21:35
Change comment: There is no comment for this version

Summary

Details

Page properties
Content
... ... @@ -1,78 +1,82 @@
1 1  ###### Dockerfile
2 2  
3 - FROM quay.io/keycloak/keycloak:22.0.1 as builder
4 - ENV KC_HEALTH_ENABLED=false
5 - ENV KC_METRICS_ENABLED=false
6 - ENV KC_DB=postgres
7 - WORKDIR /opt/keycloak
8 - RUN /opt/keycloak/bin/kc.sh build
9 -
10 - FROM quay.io/keycloak/keycloak:22.0.1
11 - COPY --from=builder /opt/keycloak/ /opt/keycloak/
12 - ENTRYPOINT ["/opt/keycloak/bin/kc.sh"]
3 +```Dockerfile
4 +FROM quay.io/keycloak/keycloak:22.0.1 as builder
5 +ENV KC_HEALTH_ENABLED=false
6 +ENV KC_METRICS_ENABLED=false
7 +ENV KC_DB=postgres
8 +WORKDIR /opt/keycloak
9 +RUN /opt/keycloak/bin/kc.sh build
13 13  
11 +FROM quay.io/keycloak/keycloak:22.0.1
12 +COPY --from=builder /opt/keycloak/ /opt/keycloak/
13 +ENTRYPOINT ["/opt/keycloak/bin/kc.sh"]
14 +```
15 +
14 14  ###### docker-compose.yml
15 15  
16 - version: '3'
17 -
18 - services:
19 - traefik:
20 - image: "traefik:v2.9"
21 - container_name: keycloak-traefik
22 - command:
23 - - "--api.insecure=true"
24 - - "--providers.docker=true"
25 - - "--providers.docker.exposedbydefault=false"
26 - - "--entrypoints.websecure.address=:443"
27 - - "--certificatesresolvers.myresolver.acme.tlschallenge=true"
28 - - "--certificatesresolvers.myresolver.acme.email=<your-email>"
29 - - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
30 - # Uncomment for generating fake certificates and enabling debugging. Used for development, not production.
31 - # - "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
32 - #- "--log.level=DEBUG"
33 - ports:
34 - - "443:443"
35 - volumes:
36 - - "./data/letsencrypt:/letsencrypt"
37 - - "/var/run/docker.sock:/var/run/docker.sock:ro"
38 -
39 - keycloak-postgres:
40 - image: postgres:13.2
41 - container_name: keycloak-postgres
42 - volumes:
43 - - keycloak-postgres:/var/lib/postgresql/data
44 - environment:
45 - POSTGRES_DB: keycloak
46 - POSTGRES_USER: keycloak
47 - POSTGRES_PASSWORD: <enter-postgres-password>
48 -
49 - mykeycloak:
50 - build: ./
51 - image: mykeycloak
52 - container_name: keycloak-keycloak
53 - command:
54 - - start --optimized --proxy edge
55 - environment:
56 - KC_HOSTNAME: <subdomain>
57 - KEYCLOAK_ADMIN: admin
58 - KEYCLOAK_ADMIN_PASSWORD: <enter-admin-password>
59 - KC_DB: postgres
60 - KC_DB_URL: jdbc:postgresql://keycloak-postgres:5432/keycloak
61 - KC_DB_USERNAME: keycloak
62 - KC_DB_PASSWORD: <enter-postgres-password>
63 - # KC_LOG_LEVEL: DEBUG
64 - depends_on:
65 - - keycloak-postgres
66 - labels:
67 - - "traefik.enable=true"
68 - - "traefik.http.routers.keycloak.rule=Host(`<subdomain>`)"
69 - - "traefik.http.routers.keycloak.entrypoints=websecure"
70 - - "traefik.http.routers.keycloak.tls.certresolver=myresolver"
71 - - "traefik.http.services.keycloak.loadbalancer.server.port=8080"
72 -
18 +```yaml
19 +version: '3'
20 +
21 +services:
22 + traefik:
23 + image: "traefik:v2.9"
24 + container_name: keycloak-traefik
25 + command:
26 + - "--api.insecure=true"
27 + - "--providers.docker=true"
28 + - "--providers.docker.exposedbydefault=false"
29 + - "--entrypoints.websecure.address=:443"
30 + - "--certificatesresolvers.myresolver.acme.tlschallenge=true"
31 + - "--certificatesresolvers.myresolver.acme.email=<your-email>"
32 + - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
33 + # Uncomment for generating fake certificates and enabling debugging. Used for development, not production.
34 + # - "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
35 + #- "--log.level=DEBUG"
36 + ports:
37 + - "443:443"
73 73   volumes:
74 - keycloak-postgres:
39 + - "./data/letsencrypt:/letsencrypt"
40 + - "/var/run/docker.sock:/var/run/docker.sock:ro"
75 75  
42 + keycloak-postgres:
43 + image: postgres:13.2
44 + container_name: keycloak-postgres
45 + volumes:
46 + - keycloak-postgres:/var/lib/postgresql/data
47 + environment:
48 + POSTGRES_DB: keycloak
49 + POSTGRES_USER: keycloak
50 + POSTGRES_PASSWORD: <enter-postgres-password>
51 +
52 + mykeycloak:
53 + build: ./
54 + image: mykeycloak
55 + container_name: keycloak-keycloak
56 + command:
57 + - start --optimized --proxy edge
58 + environment:
59 + KC_HOSTNAME: <subdomain>
60 + KEYCLOAK_ADMIN: admin
61 + KEYCLOAK_ADMIN_PASSWORD: <enter-admin-password>
62 + KC_DB: postgres
63 + KC_DB_URL: jdbc:postgresql://keycloak-postgres:5432/keycloak
64 + KC_DB_USERNAME: keycloak
65 + KC_DB_PASSWORD: <enter-postgres-password>
66 + # KC_LOG_LEVEL: DEBUG
67 + depends_on:
68 + - keycloak-postgres
69 + labels:
70 + - "traefik.enable=true"
71 + - "traefik.http.routers.keycloak.rule=Host(`<subdomain>`)"
72 + - "traefik.http.routers.keycloak.entrypoints=websecure"
73 + - "traefik.http.routers.keycloak.tls.certresolver=myresolver"
74 + - "traefik.http.services.keycloak.loadbalancer.server.port=8080"
75 +
76 +volumes:
77 + keycloak-postgres:
78 +```
79 +
76 76  ###### Instructions
77 77  
78 78  * Execute `docker-compose up -d`