101 lines
2.8 KiB
YAML
101 lines
2.8 KiB
YAML
services:
|
|
keycloak:
|
|
build:
|
|
context: .
|
|
dockerfile: Dockerfile
|
|
container_name: ${KEYCLOAK_CONTAINER_NAME:-local-keycloak}
|
|
environment:
|
|
# Admin configuration
|
|
KEYCLOAK_ADMIN: ${KEYCLOAK_ADMIN:-admin}
|
|
KEYCLOAK_ADMIN_PASSWORD: ${KEYCLOAK_ADMIN_PASSWORD:-admin}
|
|
|
|
# Database configuration
|
|
KC_DB: ${KC_DB:-postgres}
|
|
KC_DB_URL: ${KC_DB_URL:-jdbc:postgresql://postgres:5432/gnsso}
|
|
KC_DB_USERNAME: ${KC_DB_USERNAME:-keycloak}
|
|
KC_DB_PASSWORD: ${KC_DB_PASSWORD:-password}
|
|
|
|
# Network configuration
|
|
KC_HOSTNAME_STRICT: ${KC_HOSTNAME_STRICT:-false}
|
|
KC_HOSTNAME_STRICT_HTTPS: ${KC_HOSTNAME_STRICT_HTTPS:-false}
|
|
KC_HTTP_ENABLED: ${KC_HTTP_ENABLED:-true}
|
|
|
|
# Features
|
|
environment:
|
|
# KC_FEATURES: scripts
|
|
KC_HEALTH_ENABLED: ${KC_HEALTH_ENABLED:-true}
|
|
KC_METRICS_ENABLED: ${KC_METRICS_ENABLED:-true}
|
|
|
|
# Logging
|
|
KC_LOG_LEVEL: ${LOG_LEVEL:-INFO}
|
|
ports:
|
|
- "${KEYCLOAK_PORT:-8080}:8080"
|
|
- "9000:9000" # Health check port
|
|
depends_on:
|
|
postgres:
|
|
condition: service_healthy
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "timeout 5s sh -c '</dev/tcp/localhost/9000' || exit 1"]
|
|
interval: 30s
|
|
timeout: 10s
|
|
retries: 5
|
|
start_period: 60s
|
|
networks:
|
|
- keycloak-network
|
|
volumes:
|
|
- ./keycloak_data:/opt/keycloak/data
|
|
|
|
keycloak-postgres:
|
|
image: postgres:15-alpine
|
|
container_name: ${POSTGRES_CONTAINER_NAME:-keycloak-postgres}
|
|
environment:
|
|
POSTGRES_DB: ${POSTGRES_DB:-keycloak}
|
|
POSTGRES_USER: ${POSTGRES_USER:-keycloak}
|
|
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-password}
|
|
POSTGRES_INITDB_ARGS: "--encoding=UTF8 --lc-collate=C --lc-ctype=C"
|
|
volumes:
|
|
- ./postgres_data:/var/lib/postgresql/data
|
|
- ./init-scripts:/docker-entrypoint-initdb.d
|
|
ports:
|
|
- "${POSTGRES_PORT:-5432}:5432"
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER:-keycloak} -d ${POSTGRES_DB:-keycloak}"]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 5
|
|
start_period: 30s
|
|
networks:
|
|
- keycloak-network
|
|
|
|
openldap:
|
|
image: osixia/openldap
|
|
container_name: keycloak-openldap
|
|
restart: always
|
|
volumes:
|
|
- ./keycloak/ldap_ldif:/container/service/slapd/assets/config/bootstrap/ldif/custom
|
|
- ./keycloak/ldap_db:/var/lib/ldap
|
|
- ./keycloak/ldap_conf:/etc/ldap/slapd.d
|
|
command: ["--copy-service"]
|
|
env_file:
|
|
- .env
|
|
tty: true
|
|
stdin_open: true
|
|
domainname: legaragenumerique.fr
|
|
hostname: "ldap"
|
|
ports:
|
|
- "389:389"
|
|
- "636:636"
|
|
networks:
|
|
- keycloak-network
|
|
|
|
volumes:
|
|
postgres_data:
|
|
driver: local
|
|
keycloak_data:
|
|
driver: local
|
|
|
|
networks:
|
|
keycloak-network:
|
|
driver: bridge
|
|
name: keycloak-network
|
