keycloak/compose.yml

services:
  keycloak:
    build:
      context: .

      dockerfile: ./tools/Dockerfile.prod.
# FOR IMPORTING REALM
#      dockerfile: ./tools/Dockerfile.dev
#    command: ["start-dev", "--features=scripts"]
    container_name: ${KEYCLOAK_CONTAINER_NAME:-local-keycloak}
    environment:
      # Admin configuration
      KEYCLOAK_ADMIN: ${KEYCLOAK_ADMIN:-admin}
      KEYCLOAK_ADMIN_PASSWORD: ${KEYCLOAK_ADMIN_PASSWORD:-admin123}
      # Database configuration
      KC_DB: ${KC_DB:-keycloak-postgres}
      KC_DB_URL: ${KC_DB_URL:-jdbc:postgresql://keycloak-postgres:5432/keycloak}
      KC_DB_USERNAME: ${KC_DB_USERNAME:-keycloak}
      KC_DB_PASSWORD: ${KC_DB_PASSWORD:-password}
      # Network configuration
      KC_HOSTNAME_STRICT: ${KC_HOSTNAME_STRICT:-false}
      KC_HOSTNAME_STRICT_HTTPS: ${KC_HOSTNAME_STRICT_HTTPS:-false}
      KC_HTTP_ENABLED: ${KC_HTTP_ENABLED:-true}
      KC_HEALTH_ENABLED: ${KC_HEALTH_ENABLED:-true}
      KC_METRICS_ENABLED: ${KC_METRICS_ENABLED:-true}
      # Logging
      KC_LOG_LEVEL: ${LOG_LEVEL:-INFO}
    env_file:
      - .env
    ports:
      - "${KEYCLOAK_PORT:-8080}:8080"
      - "9000:9000"  # Health check
    depends_on:
      keycloak-postgres:
        condition: service_healthy
    healthcheck:
      test: ["CMD-SHELL", "timeout 5s sh -c '</dev/tcp/localhost/9000' || exit 1"]
      interval: 30s
      timeout: 10s
      retries: 5
      start_period: 60s
    networks:
      - keycloak-network
    volumes:
      - ./keycloak_data:/opt/keycloak/data

  keycloak-postgres:
    image: postgres:15-alpine
    container_name: ${POSTGRES_CONTAINER_NAME:-keycloak-postgres}
    environment:
      POSTGRES_DB: ${POSTGRES_DB:-keycloak}
      POSTGRES_USER: ${POSTGRES_USER:-keycloak}
      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-password}
      POSTGRES_INITDB_ARGS: "--encoding=UTF8 --lc-collate=C --lc-ctype=C"
    volumes:
      - ./postgres_data:/var/lib/postgresql/data
      - ./init-scripts:/docker-entrypoint-initdb.d
    ports:
      - "${POSTGRES_PORT:-5432}:5432"
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER:-keycloak} -d ${POSTGRES_DB:-keycloak}"]
      interval: 10s
      timeout: 5s
      retries: 5
      start_period: 30s
    networks:
      - keycloak-network

  openldap:
    image: osixia/openldap
    container_name: keycloak-openldap
    restart: always
    volumes:
      - ./keycloak/ldap_ldif:/container/service/slapd/assets/config/bootstrap/ldif/custom
      - ./keycloak/ldap_db:/var/lib/ldap
      - ./keycloak/ldap_conf:/etc/ldap/slapd.d
    command: ["--copy-service"]
    env_file:
      - .env
    tty: true
    stdin_open: true
    domainname: legaragenumerique.fr
    hostname: "ldap"
    ports:
      - "389:389"
      - "636:636"
    networks:
      - keycloak-network

# For Docker volume handling
# volumes:
#   postgres_data:
#     driver: local
#   keycloak_data:
#     driver: local

networks:
  keycloak-network:
    driver: bridge
    name: keycloak-network