update

2024-04-01 13:04:10 +02:00
parent 11b5fd8ff4
commit a572f949d3
7 changed files with 240 additions and 139 deletions
--- a/Keycloak/docker-compose.yaml
+++ b/Keycloak/docker-compose.yaml
@ -1,53 +1,64 @@
-version: '3'
+#### networks
+networks:
+  docker-traefik_front_network:
+    external: true
+  back_network:
+    driver: bridge
+    attachable: true
+
+
+#### services
 services:
-  postgresql:
-    image: postgres:16
+  postgres:
+    container_name: keycloak-postgres
+    hostname: keycloak-postgres
+    image: postgres:15.6-alpine
+    restart: always
+    healthcheck:
+      test: ["CMD", "pg_isready", "-U", "keycloak"]
    environment:
-      - POSTGRES_USER=keycloak
-      - POSTGRES_DB=keycloak
-      - POSTGRES_PASSWORD=SUPERsecret
+      POSTGRES_DB: keycloak_db
+      POSTGRES_USER: keycloak_user
+      POSTGRES_PASSWORD: 'P@ssword!Here!123456'
    volumes:
-      - '/home/ubuntu/docker/keycloak/postgresql_data:/var/lib/postgresql/data'
+      - ./data:/var/lib/postgresql/data
    networks:
-      keycloak:
+    - back_network

  keycloak:
-    image: quay.io/keycloak/keycloak:22.0.3
+    container_name: keycloak-app
+    hostname: keycloak-app
+    image: quay.io/keycloak/keycloak:latest
+    command: ["start-dev", "--import-realm"]
    restart: always
-    command: start
-    depends_on:
-      - postgresql
    environment:
-      - KC_PROXY_ADDRESS_FORWARDING=true
-      - KC_HOSTNAME_STRICT=false
-      - KC_HOSTNAME=keycloak.jimsgarage.co.uk
-      - KC_PROXY=edge
-      - KC_HTTP_ENABLED=true
-      - KC_DB=postgres
-      - KC_DB_USERNAME=keycloak
-      - KC_DB_PASSWORD=SUPERsecret
-      - KC_DB_URL_HOST=postgres
-      - KC_DB_URL_PORT=5432
-      - KC_DB_URL_DATABASE=keycloak
-      - KEYCLOAK_ADMIN=admin
-      - KEYCLOAK_ADMIN_PASSWORD=password
+      KC_DB: postgres
+      KC_DB_USERNAME: keycloak_user
+      KC_DB_PASSWORD: P@ssword!Here!123456
+      KC_DB_URL: "jdbc:postgresql://postgres:5432/keycloak_db"
+      KC_HOSTNAME: keycloak.tips-of-mine.local
+      KC_METRICS_ENABLED: true
+      KC_LOG_LEVEL: INFO
+      KC_REALM_NAME: grafana
+      KEYCLOAK_ADMIN: admin
+      KEYCLOAK_ADMIN_PASSWORD: keycloak
+      KC_PROXY: edge
+    ports:
+      - 8282:8080
    networks:
-      proxy:
-      keycloak:
+    - back_network
+    - docker-traefik_front_network
    labels:
      - "traefik.enable=true"
-      - "traefik.http.routers.keycloak.entrypoints=http"
-      - "traefik.http.routers.keycloak.rule=Host(`keycloak.yourdomain.com`)"
-      - "traefik.http.middlewares.keycloak-https-redirect.redirectscheme.scheme=https"
-      - "traefik.http.routers.keycloak.middlewares=keycloak-https-redirect"
-      - "traefik.http.routers.keycloak-secure.entrypoints=https"
-      - "traefik.http.routers.keycloak-secure.rule=Host(`keycloak.yourdomain.com`)"
-      - "traefik.http.routers.keycloak-secure.tls=true"
-      - "traefik.http.routers.keycloak-secure.service=keycloak"
-      - "traefik.http.services.keycloak.loadbalancer.server.port=8080"
-      - "traefik.docker.network=proxy"
-
-networks:
-  proxy:
-    external: true
-  keycloak:
+      - "traefik.docker.network=docker-traefik_front_network"
+# HTTP
+      - "traefik.http.routers.keycloak-http.rule=Host(`keycloak.tips-of-mine.local`)"
+      - "traefik.http.routers.keycloak-http.entrypoints=http"
+# HTTPS
+      - "traefik.http.routers.keycloak-https.rule=Host(`keycloak.tips-of-mine.local`)"
+      - "traefik.http.routers.keycloak-https.entrypoints=https"
+      - "traefik.http.routers.keycloak-https.tls=true"
+      - "traefik.http.routers.keycloak-https.service=keycloak-service"
+# Middleware
+# Service
+      - "traefik.http.services.keycloak-service.loadbalancer.server.port=8080"