diff --git a/.env.sample. b/.env.sample. index de06e63bd2de5efb61d1ed4162b167df7ab00fae..ef78c1a137d4b00f62c0dc3fee7f62c3d78fde49 100644 --- a/.env.sample. +++ b/.env.sample. @@ -1,7 +1,10 @@ -COMPOSE_FILE=docker-compose.yml:ports.yml +COMPOSE_FILE=docker-compose.yml:ports.yml + +NAME=keycloak +HOST=keycloak.xema.tetras-libre.fr # KeyCloak KC_ADMIN=admin -KC_ADMIN_PASSWD=admin +KC_ADMIN_PASSWD=admin RESTART=always diff --git a/docker-compose.yml b/docker-compose.yml index a65d2787f1081d1ca1778df47895b8376d3a2575..cd6223b6c6775d248ef40adf6977ba7c5828a99b 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,12 +1,13 @@ -version: "3" - -services: +version: "3" + +services: keycloak: image : quay.io/keycloak/keycloak:24.0.3 container_name: keycloak - ports: - - 9090:8080 environment: - - KEYCLOAK_ADMIN=admin - - KEYCLOAK_ADMIN_PASSWORD=admin - command: ["start-dev", "--import-realm"] + - KEYCLOAK_ADMIN=${KC_ADMIN} + - KEYCLOAK_ADMIN_PASSWORD=${KC_ADMIN_PASSWD} + # cf https://github.com/keycloak/keycloak/issues/11170 for below variable + - KC_HOSTNAME_URL=https://${HOST} + - KC_HOSTNAME_ADMIN_URL=https://${HOST} + command: ["start-dev", "--import-realm", "--verbose"] diff --git a/traefik.yml b/traefik.yml new file mode 100644 index 0000000000000000000000000000000000000000..0db09508a6d4de45a51460d3f4bbc022dc36ebaf --- /dev/null +++ b/traefik.yml @@ -0,0 +1,21 @@ +version: "3" + +services: + keycloak: + networks: + - default + - traefik + expose: + - 8080 + labels: + - "traefik.enable=true" + - "traefik.docker.network=traefik" + - "traefik.http.routers.${NAME}.rule=Host(`${HOST}`)" + - "traefik.http.routers.${NAME}.tls.certresolver=myresolver" + - "traefik.http.routers.${NAME}.entrypoints=web,websecure" + - "traefik.http.routers.${NAME}.middlewares=hardening@docker" + + +networks: + traefik: + external: true