diff --git a/README.md b/README.md index 9c9e46a..54ef022 100644 --- a/README.md +++ b/README.md @@ -2,48 +2,69 @@ Proxy pour service redirigeant vers Keycloak pour authentification -## PRE REQUIS +![](docs/principe.png) -- Docker / docker compose +## PRE REQUIS :paperclip: + +- Docker / docker compose :whale: - Instance Keycloak -## CONFIFURATION +## CONFIFURATION :wrench: ### Gatekeeper #### Config file (TO DO): - Renseigner gatekeeper-config.yml: ```bash - +# TO DO ``` -#### Commandes: +#### DOCKER COMPOSE - Renseigner les champs suivants: ```bash - "--discovery-url=https:///auth/realms//.well-known/openid-configuration" - "--client-id=" - "--client-secret=" + # le port écouté doit être le même que celui mappé sur l'hôte - "--listen=0.0.0.0:8880" - "--upstream-url=http://:" ``` -### Keycloak +:warning: Le port renseigné dans "--upstream-url=http://:" doit correspondre au port exposé par le conteneur. + +:skull: Les port mappés pour le service gatekeeper doivent être les mêmes et doivent correspondre avec celui renseigné au niveau de "--listen=0.0.0.0:8880" + +### Keycloak :key: - Créer un client: -```bash +![keycloak illustration](docs/keycloak-1.png) + +![keycloak illustration](docs/keycloak-2.png) + +> Le client secret se trouve dans l'inglet "credentials" + +- Créer une audience: + +![keycloak illustration 2](docs/keycloak-3.png) + +![keycloak illustration](docs/keycloak-4.png) + +## UTILISATION :rocket: + +- Cloner le projet: +```bash +git clone --submodules https://git.legaragenumerique.fr/GARAGENUM/keycloak-gatekeeper +cd keycloak-gatekeeper ``` - -![keycloak illustration](docs/pic_1.png) - -## UTILISATION - +- Lancer les conteneurs: ```bash docker compose up -d ``` -## TO DO +## TO DO :bookmark_tabs: - [ ] Injecter gatekeeper-config.yml via volumes -- [ ] Keycloak client config illustrations \ No newline at end of file +- [X] Keycloak client config illustrations +- [ ] Illustration workflow \ No newline at end of file diff --git a/docker-compose.yml b/docker-compose.yml index 7f9c5d3..f83d2a2 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,8 +1,16 @@ version: "3.9" services: + + service: + image: exemple.service + # ports: + # - NO:NO + gatekeeper: image: dockerregistry.legaragenumerique.fr/gatekeeper + build: + context: keycloak-gatekeeper/ container_name: gatekeeper restart: always ports: diff --git a/docs/keycloak-1.png b/docs/keycloak-1.png new file mode 100644 index 0000000..02f7a10 Binary files /dev/null and b/docs/keycloak-1.png differ diff --git a/docs/keycloak-2.png b/docs/keycloak-2.png new file mode 100644 index 0000000..917df13 Binary files /dev/null and b/docs/keycloak-2.png differ diff --git a/docs/keycloak-3.png b/docs/keycloak-3.png new file mode 100644 index 0000000..a864a91 Binary files /dev/null and b/docs/keycloak-3.png differ diff --git a/docs/keycloak-4.png b/docs/keycloak-4.png new file mode 100644 index 0000000..1f9c98a Binary files /dev/null and b/docs/keycloak-4.png differ diff --git a/docs/principe.png b/docs/principe.png new file mode 100644 index 0000000..5cca896 Binary files /dev/null and b/docs/principe.png differ