59 lines
1.9 KiB
YAML
59 lines
1.9 KiB
YAML
version: '3'
|
|
services:
|
|
postgresql:
|
|
image: postgres:16
|
|
security_opt:
|
|
- apparmor:unconfined
|
|
environment:
|
|
- POSTGRES_USER=${POSTGRES_USER}
|
|
- POSTGRES_DB=keycloak
|
|
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
|
|
volumes:
|
|
- /docker/appdata/keycloak/postgresql_data:/var/lib/postgresql/data
|
|
networks:
|
|
keycloak:
|
|
|
|
keycloak:
|
|
image: quay.io/keycloak/keycloak:22.0.3
|
|
security_opt:
|
|
- apparmor:unconfined
|
|
restart: always
|
|
command: start
|
|
depends_on:
|
|
- postgresql
|
|
environment:
|
|
- KC_PROXY_ADDRESS_FORWARDING=true
|
|
- KC_HOSTNAME_STRICT=false
|
|
- KC_HOSTNAME=keycloak.yourdomain.com # Change this to your domain
|
|
- KC_PROXY=edge
|
|
- KC_HTTP_ENABLED=true
|
|
- KC_DB=postgres
|
|
- KC_DB_USERNAME=${POSTGRES_USER}
|
|
- KC_DB_PASSWORD=${POSTGRES_PASSWORD}
|
|
- KC_DB_URL_HOST=postgres
|
|
- KC_DB_URL_PORT=5432
|
|
- KC_DB_URL_DATABASE=keycloak
|
|
- KEYCLOAK_ADMIN=${KEYCLOAK_ADMIN}
|
|
- KEYCLOAK_ADMIN_PASSWORD=${KEYCLOAK_ADMIN_PASSWORD}
|
|
ports:
|
|
- 8085:8080
|
|
networks:
|
|
frontend:
|
|
keycloak:
|
|
labels:
|
|
- traefik.enable=true
|
|
- traefik.http.routers.keycloak.entrypoints=web
|
|
- traefik.http.routers.keycloak.rule=Host(`keycloak.yourdomain.com`) # Change this to your domain
|
|
- traefik.http.middlewares.keycloak-https-redirect.redirectscheme.scheme=websecure
|
|
- traefik.http.routers.keycloak.middlewares=keycloak-https-redirect
|
|
- traefik.http.routers.keycloak-secure.entrypoints=websecure
|
|
- traefik.http.routers.keycloak-secure.rule=Host(`keycloak.yourdomain.com`) # Change this to your domain
|
|
- traefik.http.routers.keycloak-secure.tls=true
|
|
- traefik.http.routers.keycloak-secure.service=keycloak
|
|
- traefik.http.services.keycloak.loadbalancer.server.port=8080
|
|
- traefik.docker.network=frontend
|
|
|
|
networks:
|
|
frontend:
|
|
external: true
|
|
keycloak: |