version: '3.6'

services:       
  keycloak:
    build:
      context: ${BUILD_ROOT_PATH}/docker/keycloak
      dockerfile: Dockerfile
      target: production
    container_name: keycloak
    hostname: sso.mydomain.com
    volumes:
      - ./imports:/opt/jboss/keycloak/imports
      - /sys/fs/cgroup:/sys/fs/cgroup:ro
    environment:
      KEYCLOAK_IMPORT: /opt/jboss/keycloak/imports/realm-export.json -Dkeycloak.profile.feature.upload_scripts=enabled
      DB_VENDOR: POSTGRES
      DB_ADDR: postgres
      DB_DATABASE: keycloak
      DB_USER: keycloak
      DB_SCHEMA: public
      DB_PASSWORD: k3ycl0ak
      KEYCLOAK_USER: admin
      KEYCLOAK_PASSWORD: k3ycl0ak
      #KEYCLOAK_LOGLEVEL: ALL
      PROXY_ADDRESS_FORWARDING: "true"
      KEYCLOAK_FRONTEND_URL: https://sso.mydomain.com/auth
      # Uncomment the line below if you want to specify JDBC parameters. The parameter below is just an example, and it shouldn't be used in production without knowledge. It is highly recommended that you read the PostgreSQL JDBC driver documentation in order to use it.
      #JDBC_PARAMS: "ssl=true"
      #ports:
      #  - 8080:8080
    #cap-add:
    #  - SYS_ADMIN 
    privileged: true
    depends_on:
      - postgres
    networks:
      - isard_net

networks:
  isard_net:
    name: isard_net