forked from SK-CERT/Taranis-NG
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdocker-compose-keycloak-serv.yml
63 lines (59 loc) · 2.23 KB
/
docker-compose-keycloak-serv.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
version: "3.9"
services:
keycloak_db:
image: "postgres:${POSTGRES_TAG}"
restart: unless-stopped
environment:
POSTGRES_DB: "taranis-ng-keycloak"
POSTGRES_USER: "taranis-ng-keycloak"
POSTGRES_PASSWORD: "${POSTGRES_KEYCLOAK_PASSWORD}"
command: ["postgres", "-c", "shared_buffers=${DB_SHARED_BUFFERS}", "-c", "max_connections=${DB_MAX_CONNECTIONS}"]
volumes:
- "keycloak_db_data:/var/lib/postgresql/data"
logging:
driver: "json-file"
options:
max-size: "200k"
max-file: "10"
keycloak:
image: "skcert/taranis-ng-keycloak:${TARANIS_NG_TAG}"
build:
context: ..
dockerfile: ./docker/Dockerfile.keycloak
restart: unless-stopped
depends_on:
- keycloak_db
environment:
DB_VENDOR: postgres
DB_ADDR: keycloak_db
DB_PORT: 5432
DB_DATABASE: taranis-ng-keycloak
DB_USER: taranis-ng-keycloak
DB_PASSWORD: "${POSTGRES_KEYCLOAK_PASSWORD}"
KEYCLOAK_IMPORT: "/opt/jboss/keycloak/realm-export.json"
KEYCLOAK_FRONTEND_URL: "${TARANIS_NG_HTTPS_URI}/api/v1/keycloak/auth"
KEYCLOAK_USER: "${KEYCLOAK_USER}"
KEYCLOAK_PASSWORD: "${KEYCLOAK_PASSWORD}"
KEYCLOAK_DEFAULT_THEME: "taranis-ng"
PROXY_ADDRESS_FORWARDING: "false"
JAVA_OPTS: "-Dkeycloak.profile.feature.upload_scripts=enabled"
volumes:
- "keycloak_data:/opt/jboss/keycloak/standalone/data"
logging:
driver: "json-file"
options:
max-size: "200k"
max-file: "10"
labels:
traefik.enable: "true"
traefik.http.services.taranis-keycloak.loadbalancer.server.port: "8080"
traefik.http.middlewares.taranis-keycloak-stripprefix.stripprefix.prefixes: "/api/v1/keycloak"
traefik.http.routers.taranis-keycloak-443.entrypoints: "websecure"
traefik.http.routers.taranis-keycloak-443.rule: "PathPrefix(`/api/v1/keycloak/auth`)"
traefik.http.routers.taranis-keycloak-443.tls: "true"
traefik.http.routers.taranis-keycloak-443.tls.domains[0].main: "${TARANIS_NG_HOSTNAME}"
traefik.http.routers.taranis-keycloak-443.middlewares: "taranis-keycloak-stripprefix"
traefik.http.routers.taranis-keycloak-443.service: "taranis-keycloak"
volumes:
keycloak_db_data:
keycloak_data: