digitaldemocratic/dd-sso/docker-compose-parts/keycloak.yml

63 lines
2.4 KiB
YAML

#
# Copyright © 2021,2022 IsardVDI S.L.
#
# This file is part of DD
#
# DD is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or (at your
# option) any later version.
#
# DD is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
# details.
#
# You should have received a copy of the GNU Affero General Public License
# along with DD. If not, see <https://www.gnu.org/licenses/>.
#
# SPDX-License-Identifier: AGPL-3.0-or-later
version: '3.7'
services:
dd-sso-keycloak:
image: ${KEYCLOAK_IMG}
build:
context: ${BUILD_SSO_ROOT_PATH}/docker/keycloak
args:
- IMG=${KEYCLOAK_IMG}
container_name: dd-sso-keycloak
volumes:
- /etc/localtime:/etc/localtime:ro
- ${BUILD_SSO_ROOT_PATH}/init/keycloak/jsons:/opt/jboss/keycloak/imports
- ${BUILD_SSO_ROOT_PATH}/init/keycloak/scripts/:/opt/jboss/startup-scripts/
- ${CUSTOM_PATH}/custom/img:/opt/jboss/keycloak/themes/dd/login/resources/custom-img
- ${BUILD_SSO_ROOT_PATH}/docker/keycloak/extensions/avatar-minio-extension-bundle-1.0.1.0-SNAPSHOT.ear:/opt/jboss/keycloak/standalone/deployments/avatar-minio-extension-bundle-1.0.1.0-SNAPSHOT.ear
environment:
- AVATARS_SERVER_URL=http://dd-sso-avatars:9000
- AVATARS_ACCESS_KEY=${AVATARS_ACCESS_KEY:-AKIAIOSFODNN7EXAMPLE}
- AVATARS_SECRET_KEY=${AVATARS_SECRET_KEY:-wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY}
- KEYCLOAK_IMPORT=/opt/jboss/keycloak/imports/realm.json
- DB_VENDOR=POSTGRES
- DB_ADDR=${KEYCLOAK_DB_ADDR}
- DB_DATABASE=${KEYCLOAK_DB_DATABASE}
- DB_USER=${KEYCLOAK_DB_USER}
- DB_SCHEMA=public
- DB_PASSWORD=${KEYCLOAK_DB_PASSWORD}
- KEYCLOAK_USER=${KEYCLOAK_USER}
- KEYCLOAK_PASSWORD=${KEYCLOAK_PASSWORD}
- PROXY_ADDRESS_FORWARDING=true
- KEYCLOAK_FRONTEND_URL=https://sso.${DOMAIN}/auth/
- DDADMIN_USER=${DDADMIN_USER}
- DDADMIN_PASSWORD=${DDADMIN_PASSWORD}
- DDDOMAIN=${DOMAIN}
depends_on:
- ${KEYCLOAK_DB_ADDR}
restart: unless-stopped
networks:
- dd_net
logging:
driver: "json-file"
options:
max-size: "5m"
max-file: "10"