Initial commit
This commit is contained in:
3
.env
Normal file
3
.env
Normal file
@@ -0,0 +1,3 @@
|
|||||||
|
POSTGRES_USER=keycloak
|
||||||
|
POSTGRES_PASSWORD=changeme
|
||||||
|
POSTGRES_DB=keycloak
|
||||||
2
.gitignore
vendored
Normal file
2
.gitignore
vendored
Normal file
@@ -0,0 +1,2 @@
|
|||||||
|
postgres
|
||||||
|
keycloakify-starter
|
||||||
51
docker-compose.yml
Normal file
51
docker-compose.yml
Normal file
@@ -0,0 +1,51 @@
|
|||||||
|
services:
|
||||||
|
keycloak:
|
||||||
|
image: keycloak/keycloak:26.1
|
||||||
|
container_name: keycloak
|
||||||
|
environment:
|
||||||
|
KC_BOOTSTRAP_ADMIN_USERNAME: admin
|
||||||
|
KC_BOOTSTRAP_ADMIN_PASSWORD: admin # temporay password to change when first time logged in
|
||||||
|
KC_DB: postgres
|
||||||
|
KC_DB_URL: jdbc:postgresql://postgres:5432/keycloak
|
||||||
|
KC_DB_USERNAME: ${POSTGRES_USER}
|
||||||
|
KC_DB_PASSWORD: ${POSTGRES_PASSWORD}
|
||||||
|
KC_METRICS_ENABLED: "true"
|
||||||
|
KC_HEALTH_ENABLED: "true"
|
||||||
|
KC_LOG_LEVEL: INFO
|
||||||
|
KC_HOSTNAME: http://auth.localhost
|
||||||
|
KC_PROXY: edge
|
||||||
|
KC_HTTP_ENABLED: "true"
|
||||||
|
volumes:
|
||||||
|
- ./keycloak/themes:/opt/keycloak/providers/
|
||||||
|
depends_on:
|
||||||
|
keycloak-database:
|
||||||
|
condition: service_healthy
|
||||||
|
command:
|
||||||
|
- start-dev
|
||||||
|
- --http-enabled=true
|
||||||
|
- --proxy-headers=xforwarded
|
||||||
|
|
||||||
|
keycloak-database:
|
||||||
|
image: postgres:17
|
||||||
|
container_name: postgres
|
||||||
|
environment:
|
||||||
|
POSTGRES_USER: ${POSTGRES_USER}
|
||||||
|
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
|
||||||
|
POSTGRES_DB: ${POSTGRES_DB}
|
||||||
|
volumes:
|
||||||
|
- ./postgres/data:/var/lib/postgresql/data # save data in a volume
|
||||||
|
healthcheck:
|
||||||
|
test: ["CMD-SHELL", "pg_isready"]
|
||||||
|
interval: 10s
|
||||||
|
timeout: 5s
|
||||||
|
retries: 5
|
||||||
|
|
||||||
|
nginx:
|
||||||
|
image: nginx
|
||||||
|
container_name: nginx
|
||||||
|
ports:
|
||||||
|
- 80:80
|
||||||
|
volumes:
|
||||||
|
- ./nginx/conf.d:/etc/nginx/conf.d
|
||||||
|
depends_on:
|
||||||
|
- keycloak
|
||||||
BIN
keycloak/themes/keycloak-theme-for-kc-all-other-versions.jar
Normal file
BIN
keycloak/themes/keycloak-theme-for-kc-all-other-versions.jar
Normal file
Binary file not shown.
28
nginx/conf.d/keycloak.conf
Normal file
28
nginx/conf.d/keycloak.conf
Normal file
@@ -0,0 +1,28 @@
|
|||||||
|
upstream keycloak {
|
||||||
|
server keycloak:8080;
|
||||||
|
}
|
||||||
|
|
||||||
|
server {
|
||||||
|
server_name auth.localhost;
|
||||||
|
listen 80;
|
||||||
|
|
||||||
|
# deny access to home page
|
||||||
|
# exposed path recommendations https://www.keycloak.org/server/reverseproxy#_exposed_path_recommendations
|
||||||
|
location = / {
|
||||||
|
deny all;
|
||||||
|
return 404;
|
||||||
|
}
|
||||||
|
|
||||||
|
location / {
|
||||||
|
proxy_buffering off;
|
||||||
|
proxy_buffer_size 128k;
|
||||||
|
proxy_buffers 4 256k;
|
||||||
|
|
||||||
|
proxy_pass http://keycloak;
|
||||||
|
|
||||||
|
proxy_set_header Host $host;
|
||||||
|
proxy_set_header X-Real-IP $remote_addr;
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
proxy_set_header X-Forwarded-Proto https;
|
||||||
|
}
|
||||||
|
}
|
||||||
Reference in New Issue
Block a user