67 lines
1.6 KiB
YAML
67 lines
1.6 KiB
YAML
---
|
|
version: "3.8"
|
|
|
|
services:
|
|
keycloak:
|
|
image: "jboss/keycloak:9.0.2"
|
|
networks:
|
|
- proxy
|
|
- internal
|
|
secrets:
|
|
- admin_passwd
|
|
- db_passwd
|
|
environment:
|
|
- DB_ADDR=mariadb
|
|
- DB_DATABASE=keycloak
|
|
- DB_PASSWORD_FILE=/run/secrets/db_passwd
|
|
- DB_USER=keycloak
|
|
- DB_VENDOR=mariadb
|
|
- KEYCLOAK_PASSWORD_FILE=/run/secrets/admin_passwd
|
|
- KEYCLOAK_USER="${ADMIN_USERNAME}"
|
|
- PROXY_ADDRESS_FORWARDING=true
|
|
depends_on:
|
|
- mariadb
|
|
deploy:
|
|
update_config:
|
|
failure_action: rollback
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.http.routers.keycloak.rule=Host(`${DOMAIN}`)"
|
|
- "traefik.http.routers.keycloak.entrypoints=web-secure"
|
|
- "traefik.http.services.keycloak.loadbalancer.server.port=8000"
|
|
- "traefik.http.routers.keycloak.tls.certresolver=${LETS_ENCRYPT_ENV}"
|
|
|
|
mariadb:
|
|
image: "mariadb:10.5"
|
|
environment:
|
|
- MYSQL_DATABASE=keycloak
|
|
- MYSQL_USER=keycloak
|
|
- MYSQL_PASSWORD_FILE=/run/secrets/db_passwd
|
|
- MYSQL_ROOT_PASSWORD_FILE=/run/secrets/db_root_passwd
|
|
secrets:
|
|
- db_passwd
|
|
- db_root_passwd
|
|
volumes:
|
|
- "mariadb:/var/lib/mariadb"
|
|
networks:
|
|
- internal
|
|
|
|
networks:
|
|
internal:
|
|
proxy:
|
|
external: true
|
|
|
|
secrets:
|
|
admin_passwd:
|
|
name: ${STACK_NAME}_admin_passwd_${ADMIN_PASSWD_VERSION}
|
|
external: true
|
|
db_passwd:
|
|
name: ${STACK_NAME}_db_passwd_${DB_PASSWD_VERSION}
|
|
external: true
|
|
db_root_passwd:
|
|
name: ${STACK_NAME}_db_root_passwd_${DB_ROOT_PASSWD_VERSION}
|
|
external: true
|
|
|
|
volumes:
|
|
mariadb:
|