Jafner/Jafner.net
1
0
Fork 0
Code Issues 16 Pull Requests Actions Packages Projects Releases Wiki Activity
cc5f33f971
Jafner.net/homelab/server/config/keycloak/docker-compose.yml
Joey Hafner 8caa189706 Refactor env
2022-10-17 10:03:05 -07:00

68 lines
2.2 KiB
YAML
Raw Blame History

version: '3'
services:
keycloak:
image: quay.io/keycloak/keycloak:latest
container_name: keycloak_keycloak
logging:
driver: loki
options:
loki-url: http://localhost:3100/loki/api/v1/push
loki-batch-size: "50"
loki-retries: "1"
loki-timeout: "2s"
keep-file: "true"
volumes:
- $KEYCLOAK_DATA:/opt/keycloak/data
networks:
web:
aliases:
- keycloak
restart: "no"
command: start-dev --hostname-url=https://keycloak.jafner.net --proxy=passthrough
environment:
- KEYCLOAK_ADMIN=$KEYCLOAK_ADMIN
- KEYCLOAK_ADMIN_PASSWORD=$KEYCLOAK_ADMIN_PASSWORD
labels:
traefik.http.routers.keycloak.rule: Host(`keycloak.jafner.net`)
traefik.http.routers.keycloak.tls.certresolver: lets-encrypt
traefik.http.routers.keycloak.middlewares: lan-only@file
traefik.http.services.keycloak.loadbalancer.server.port: 8080
forwardauth:
image: mesosphere/traefik-forward-auth:3.1.0
container_name: keycloak_forwardauth
logging:
driver: loki
options:
loki-url: http://localhost:3100/loki/api/v1/push
loki-batch-size: "50"
loki-retries: "1"
loki-timeout: "2s"
keep-file: "true"
networks:
web:
restart: "no"
environment:
- SECRET=$SECRET
- ENCRYPTION_KEY=$ENCRYPTION_KEY
- PROVIDER_URI=$PROVIDER_URI
- CLIENT_ID=$CLIENT_ID
- CLIENT_SECRET=$CLIENT_SECRET
- LOG_LEVEL=$LOG_LEVEL
labels:
#- "traefik.enable=true"
#- "traefik.docker.network=web"
#- "traefik.http.services.forwardauth.loadbalancer.server.port=4181"
#- "traefik.http.routers.forwardauth.entrypoints=websecure"
- "traefik.http.routers.forwardauth.rule=Path(`/_oauth`)"
- "traefik.http.routers.forwardauth.middlewares=traefik-forward-auth"
- "traefik.http.routers.forwardauth.tls.certresolver=lets-encrypt"
- "traefik.http.middlewares.traefik-forward-auth.forwardauth.address=http://forwardauth:4181"
- "traefik.http.middlewares.traefik-forward-auth.forwardauth.authResponseHeaders=X-Forwarded-User"
- "traefik.http.middlewares.traefik-forward-auth.forwardauth.trustForwardHeader=true"
networks:
web:
external: true
Reference in New Issue View Git Blame Copy Permalink