added keycloak
This commit is contained in:
parent
a8b15a8a75
commit
0d77884c7d
4 changed files with 81 additions and 2 deletions
|
|
@ -21,7 +21,7 @@ repos:
|
||||||
hooks:
|
hooks:
|
||||||
- id: reorder-python-imports
|
- id: reorder-python-imports
|
||||||
- repo: https://github.com/astral-sh/ruff-pre-commit
|
- repo: https://github.com/astral-sh/ruff-pre-commit
|
||||||
rev: v0.4.7
|
rev: v0.5.4
|
||||||
hooks:
|
hooks:
|
||||||
- id: ruff
|
- id: ruff
|
||||||
args: [--fix, --exit-non-zero-on-fix]
|
args: [--fix, --exit-non-zero-on-fix]
|
||||||
|
|
|
||||||
|
|
@ -15,7 +15,7 @@ servers = [
|
||||||
"ssh_user": "root",
|
"ssh_user": "root",
|
||||||
"web_server": True,
|
"web_server": True,
|
||||||
"services": [
|
"services": [
|
||||||
"nginx", "immich", "nodered",
|
"nginx", "immich", "nodered", "keycloak",
|
||||||
],
|
],
|
||||||
},
|
},
|
||||||
),
|
),
|
||||||
|
|
|
||||||
22
services/keycloak/.env.template
Normal file
22
services/keycloak/.env.template
Normal file
|
|
@ -0,0 +1,22 @@
|
||||||
|
HOST=auth.katuwoss.dev
|
||||||
|
|
||||||
|
POSTGRES_USER={{ username['38493af8-18b7-409a-b3ba-84b1b2070873'] }}
|
||||||
|
POSTGRES_PASSWORD={{ password['38493af8-18b7-409a-b3ba-84b1b2070873'] }}
|
||||||
|
POSTGRES_DATABASE=keycloak
|
||||||
|
|
||||||
|
KEYCLOAK_ADMIN={{ username['fc557059-7c93-4851-8eae-888a664e5594'] }}
|
||||||
|
KEYCLOAK_ADMIN_PASSWORD={{ password['fc557059-7c93-4851-8eae-888a664e5594'] }}
|
||||||
|
|
||||||
|
KC_HTTP_ENABLED=true
|
||||||
|
KC_HOSTNAME=https://auth.katuwoss.dev
|
||||||
|
KC_HOSTNAME_ADMIN=https://auth.katuwoss.dev
|
||||||
|
KC_PROXY_HEADERS=xforwarded
|
||||||
|
|
||||||
|
KC_DB=postgres
|
||||||
|
KC_DB_URL_HOST=db
|
||||||
|
KC_DB_URL_DATABASE=keycloak
|
||||||
|
KC_DB_USERNAME={{ username['38493af8-18b7-409a-b3ba-84b1b2070873'] }}
|
||||||
|
KC_DB_PASSWORD={{ password['38493af8-18b7-409a-b3ba-84b1b2070873'] }}
|
||||||
|
|
||||||
|
# DEBUG
|
||||||
|
KC_LOG_LEVEL=DEBUG
|
||||||
57
services/keycloak/docker-compose.yml
Normal file
57
services/keycloak/docker-compose.yml
Normal file
|
|
@ -0,0 +1,57 @@
|
||||||
|
networks:
|
||||||
|
traefik-net:
|
||||||
|
name: traefik-net
|
||||||
|
external: true
|
||||||
|
|
||||||
|
volumes:
|
||||||
|
keycloak-pg-data:
|
||||||
|
name: keycloak-pg-data
|
||||||
|
keycloak-pg-backup:
|
||||||
|
name: keycloak-pg-backup
|
||||||
|
|
||||||
|
services:
|
||||||
|
backup:
|
||||||
|
image: prodrigestivill/postgres-backup-local:15
|
||||||
|
depends_on:
|
||||||
|
- db
|
||||||
|
volumes:
|
||||||
|
- keycloak-pg-backup:/backups
|
||||||
|
environment:
|
||||||
|
- POSTGRES_EXTRA_OPTS=-Z 6 -F c
|
||||||
|
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
|
||||||
|
- POSTGRES_USER=${POSTGRES_USER}
|
||||||
|
- POSTGRES_DB=${POSTGRES_DATABASE}
|
||||||
|
- POSTGRES_HOST=db
|
||||||
|
|
||||||
|
db:
|
||||||
|
image: postgres:15
|
||||||
|
volumes:
|
||||||
|
- keycloak-pg-data:/var/lib/postgresql/data
|
||||||
|
restart: unless-stopped
|
||||||
|
networks:
|
||||||
|
- default
|
||||||
|
environment:
|
||||||
|
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
|
||||||
|
- POSTGRES_USER=${POSTGRES_USER}
|
||||||
|
- POSTGRES_DB=${POSTGRES_DATABASE}
|
||||||
|
|
||||||
|
keycloak:
|
||||||
|
image: quay.io/keycloak/keycloak:25.0.2
|
||||||
|
depends_on:
|
||||||
|
- db
|
||||||
|
restart: unless-stopped
|
||||||
|
command:
|
||||||
|
- start
|
||||||
|
networks:
|
||||||
|
- traefik-net
|
||||||
|
- default
|
||||||
|
env_file:
|
||||||
|
- .env
|
||||||
|
deploy:
|
||||||
|
labels:
|
||||||
|
- traefik.enable=true
|
||||||
|
- traefik.docker.network=traefik-net
|
||||||
|
- traefik.http.routers.keycloak.rule=Host(`${HOST}`)
|
||||||
|
- traefik.http.routers.keycloak.entrypoints=websecure
|
||||||
|
- traefik.http.routers.keycloak.tls.certresolver=le
|
||||||
|
- traefik.http.services.keycloak.loadbalancer.server.port=8080
|
||||||
Loading…
Reference in a new issue