Open Source Identity and Access Management https://id.autonomic.zone
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
This repo is archived. You can view files and clone it, but cannot push or open issues/pull-requests.

73 lines
1.7 KiB

---
version: "3.8"
services:
keycloak:
image: "jboss/keycloak:9.0.3"
networks:
- proxy
- internal
secrets:
- admin_passwd
- db_passwd
environment:
- DB_ADDR=mariadb
- DB_DATABASE=keycloak
- DB_PASSWORD_FILE=/run/secrets/db_passwd
- DB_USER=keycloak
- DB_VENDOR=mariadb
- KEYCLOAK_PASSWORD_FILE=/run/secrets/admin_passwd
- KEYCLOAK_USER=autonomic
- PROXY_ADDRESS_FORWARDING=true
depends_on:
- mariadb
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:8080"]
interval: 30s
timeout: 10s
retries: 10
start_period: 1m
deploy:
update_config:
failure_action: rollback
order: start-first
labels:
- "traefik.enable=true"
- "traefik.http.routers.keycloak.rule=Host(`id.autonomic.zone`)"
- "traefik.http.routers.keycloak.entrypoints=web-secure"
- "traefik.http.services.keycloak.loadbalancer.server.port=8080"
- "traefik.http.routers.keycloak.tls.certresolver=production"
mariadb:
image: "mariadb:10.5"
environment:
- MYSQL_DATABASE=keycloak
- MYSQL_USER=keycloak
- MYSQL_PASSWORD_FILE=/run/secrets/db_passwd
- MYSQL_ROOT_PASSWORD_FILE=/run/secrets/db_root_passwd
secrets:
- db_passwd
- db_root_passwd
volumes:
- "mariadb:/var/lib/mysql"
networks:
- internal
networks:
internal:
proxy:
external: true
secrets:
admin_passwd:
name: keycloak_admin_passwd_v1
external: true
db_passwd:
name: keycloak_db_passwd_v1
external: true
db_root_passwd:
name: keycloak_db_root_passwd_v1
external: true
volumes:
mariadb: