Show last authors
| author | version | line-number | content |
|---|---|---|---|
| 1 | ###### Dockerfile | ||
| 2 | |||
| 3 | ```Dockerfile | ||
| 4 | FROM quay.io/keycloak/keycloak:22.0.1 as builder | ||
| 5 | ENV KC_HEALTH_ENABLED=false | ||
| 6 | ENV KC_METRICS_ENABLED=false | ||
| 7 | ENV KC_DB=postgres | ||
| 8 | WORKDIR /opt/keycloak | ||
| 9 | RUN /opt/keycloak/bin/kc.sh build | ||
| 10 | |||
| 11 | FROM quay.io/keycloak/keycloak:22.0.1 | ||
| 12 | COPY --from=builder /opt/keycloak/ /opt/keycloak/ | ||
| 13 | ENTRYPOINT ["/opt/keycloak/bin/kc.sh"] | ||
| 14 | ``` | ||
| 15 | |||
| 16 | ###### docker-compose.yml | ||
| 17 | |||
| 18 | ```yaml | ||
| 19 | version: '3' | ||
| 20 | |||
| 21 | services: | ||
| 22 | traefik: | ||
| 23 | image: "traefik:v2.9" | ||
| 24 | container_name: keycloak-traefik | ||
| 25 | command: | ||
| 26 | - "--api.insecure=true" | ||
| 27 | - "--providers.docker=true" | ||
| 28 | - "--providers.docker.exposedbydefault=false" | ||
| 29 | - "--entrypoints.websecure.address=:443" | ||
| 30 | - "--certificatesresolvers.myresolver.acme.tlschallenge=true" | ||
| 31 | - "--certificatesresolvers.myresolver.acme.email=<your-email>" | ||
| 32 | - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json" | ||
| 33 | # Uncomment for generating fake certificates and enabling debugging. Used for development, not production. | ||
| 34 | # - "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory" | ||
| 35 | #- "--log.level=DEBUG" | ||
| 36 | ports: | ||
| 37 | - "443:443" | ||
| 38 | volumes: | ||
| 39 | - "./data/letsencrypt:/letsencrypt" | ||
| 40 | - "/var/run/docker.sock:/var/run/docker.sock:ro" | ||
| 41 | |||
| 42 | keycloak-postgres: | ||
| 43 | image: postgres:13.2 | ||
| 44 | container_name: keycloak-postgres | ||
| 45 | volumes: | ||
| 46 | - keycloak-postgres:/var/lib/postgresql/data | ||
| 47 | environment: | ||
| 48 | POSTGRES_DB: keycloak | ||
| 49 | POSTGRES_USER: keycloak | ||
| 50 | POSTGRES_PASSWORD: <enter-postgres-password> | ||
| 51 | |||
| 52 | mykeycloak: | ||
| 53 | build: ./ | ||
| 54 | image: mykeycloak | ||
| 55 | container_name: keycloak-keycloak | ||
| 56 | command: | ||
| 57 | - start --optimized --proxy edge | ||
| 58 | environment: | ||
| 59 | KC_HOSTNAME: <subdomain> | ||
| 60 | KEYCLOAK_ADMIN: admin | ||
| 61 | KEYCLOAK_ADMIN_PASSWORD: <enter-admin-password> | ||
| 62 | KC_DB: postgres | ||
| 63 | KC_DB_URL: jdbc:postgresql://keycloak-postgres:5432/keycloak | ||
| 64 | KC_DB_USERNAME: keycloak | ||
| 65 | KC_DB_PASSWORD: <enter-postgres-password> | ||
| 66 | # KC_LOG_LEVEL: DEBUG | ||
| 67 | depends_on: | ||
| 68 | - postgres | ||
| 69 | labels: | ||
| 70 | - "traefik.enable=true" | ||
| 71 | - "traefik.http.routers.keycloak.rule=Host(`<subdomain>`)" | ||
| 72 | - "traefik.http.routers.keycloak.entrypoints=websecure" | ||
| 73 | - "traefik.http.routers.keycloak.tls.certresolver=myresolver" | ||
| 74 | - "traefik.http.services.keycloak.loadbalancer.server.port=8080" | ||
| 75 | |||
| 76 | volumes: | ||
| 77 | keycloak-postgres: | ||
| 78 | ``` | ||
| 79 | |||
| 80 | ###### Instructions | ||
| 81 | |||
| 82 | * Execute `docker-compose up -d` | ||
| 83 | * Go to `https://<subdomain>` | ||
| 84 | * Login as 'admin' with password used for `<enter-admin-password>`. |