This repository has been archived by the owner on Dec 18, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 2
/
keycloak.yml
63 lines (59 loc) · 2.08 KB
/
keycloak.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
version: '3'
services:
keycloak-postgres:
image: postgres:11-alpine
container_name: ${INSTANCE_ID:?Please configure INSTANCE_ID}-keycloak-database
environment:
POSTGRES_DB: keycloak
POSTGRES_USER: keycloak
POSTGRES_PASSWORD: keycloak
volumes:
- keycloak-postgres-data:/var/lib/postgresql/data
networks:
- keycloak-db-network
restart: unless-stopped
logging:
driver: ${DOCKER_LOGGING_DRIVER:-journald}
options:
labels: application
tag: keycloak-postgres
keycloak:
image: jboss/keycloak:12.0.4
container_name: ${INSTANCE_ID:?Please configure INSTANCE_ID}-keycloak
environment:
JAVA_OPTS_APPEND: '-Dkeycloak.profile.feature.token_exchange=enabled -Dkeycloak.profile.feature.admin_fine_grained_authz=enabled'
DB_VENDOR: POSTGRES
DB_ADDR: keycloak-postgres
DB_DATABASE: keycloak
DB_USER: keycloak
DB_PASSWORD: keycloak
KEYCLOAK_USER: ${KEYCLOAK_USER:-admin}
KEYCLOAK_PASSWORD: ${KEYCLOAK_PASSWORD:?Please generate a secure value for KEYCLOAK_PASSWORD, using a password manager.}
KEYCLOAK_HOSTNAME: ${KEYCLOAK_HOSTNAME:?Please configure KEYCLOAK_HOSTNAME.}
KEYCLOAK_HTTP_PORT: 80
KEYCLOAK_HTTPS_PORT: 443
KEYCLOAK_IMPORT: /tmp/realm-export.json
KEYCLOAK_REALM: ${KEYCLOAK_REALM:?Please configure KEYCLOAK_REALM}
KEYCLOAK_CLIENT_ID: ${KEYCLOAK_CLIENT_ID:?Please configure KEYCLOAK_CLIENT_ID}
PROXY_ADDRESS_FORWARDING: 'true'
GLOWINGBEAR_HOSTNAME: ${GLOWINGBEAR_HOSTNAME:?Please configure GLOWINGBEAR_HOSTNAME.}
ports:
- ${KEYCLOAK_PORT:-8080}:8080
depends_on:
- keycloak-postgres
networks:
- keycloak-db-network
volumes:
- ./keycloak/setup-realm.sh:/opt/jboss/startup-scripts/setup-realm.sh
- ./keycloak/realm-template.json:/tmp/realm-template.json
restart: unless-stopped
logging:
driver: ${DOCKER_LOGGING_DRIVER:-journald}
options:
labels: application
tag: keycloak
volumes:
keycloak-postgres-data:
networks:
keycloak-db-network:
driver: bridge