.env-sample

@@ -1,15 +0,0 @@
-###
-# PostgreSQL
-#
-
-POSTGRES_DB=keycloak
-POSTGRES_USER=keycloak
-POSTGRES_PASSWORD=put-your-DB-password-here
-
-###
-# Keycloak
-#
-
-KEYCLOAK_HOSTNAME=acceso.txs.es
-KEYCLOAK_USER=admin
-KEYCLOAK_PASSWORD=put-your-Keycloak-admin-password-here

.gitignore

@@ -1,12 +0,0 @@
-## Ignore delicate files which may contain sensitive information
-
-/.env
-/certbot/conf/accounts/*
-/certbot/conf/archive/acceso.txs.es/*
-/certbot/conf/csr/*
-/certbot/conf/keys/*
-/certbot/conf/live/acceso.txs.es/*
-/certbot/conf/renewal/*.conf
-
-!/**/.gitkeep
-!/**/README

certbot/conf/cli.ini

@@ -1,3 +0,0 @@
-# Because we are using logrotate for greater flexibility, disable the
-# internal certbot logrotation.
-max-log-backups = 0

certbot/conf/live/README

@@ -1,14 +0,0 @@
-This directory contains your keys and certificates.
-
-`[cert name]/privkey.pem`  : the private key for your certificate.
-`[cert name]/fullchain.pem`: the certificate file used in most server software.
-`[cert name]/chain.pem`    : used for OCSP stapling in Nginx >=1.3.7.
-`[cert name]/cert.pem`     : will break many server configurations, and should not be used
-                 without reading further documentation (see link below).
-
-WARNING: DO NOT MOVE OR RENAME THESE FILES!
-         Certbot expects these files to remain in this location in order
-         to function properly!
-
-We recommend not moving these files. For more information, see the Certbot
-User Guide at https://certbot.eff.org/docs/using.html#where-are-my-certificates.

certbot/conf/live/acceso.txs.es/README

@@ -1,14 +0,0 @@
-This directory contains your keys and certificates.
-
-`privkey.pem`  : the private key for your certificate.
-`fullchain.pem`: the certificate file used in most server software.
-`chain.pem`    : used for OCSP stapling in Nginx >=1.3.7.
-`cert.pem`     : will break many server configurations, and should not be used
-                 without reading further documentation (see link below).
-
-WARNING: DO NOT MOVE OR RENAME THESE FILES!
-         Certbot expects these files to remain in this location in order
-         to function properly!
-
-We recommend not moving these files. For more information, see the Certbot
-User Guide at https://certbot.eff.org/docs/using.html#where-are-my-certificates.

certbot/conf/renewal/acceso.txs.es.conf-sample

@@ -1,16 +0,0 @@
-# renew_before_expiry = 30 days
-version = 1.30.0
-archive_dir = /etc/letsencrypt/archive/acceso.txs.es
-cert = /etc/letsencrypt/live/acceso.txs.es/cert.pem
-privkey = /etc/letsencrypt/live/acceso.txs.es/privkey.pem
-chain = /etc/letsencrypt/live/acceso.txs.es/chain.pem
-fullchain = /etc/letsencrypt/live/acceso.txs.es/fullchain.pem
-
-# Options used in the renewal process
-[renewalparams]
-account = put-your-certbot-account-ID-here
-authenticator = webroot
-webroot_path = /acme,
-server = https://acme-v02.api.letsencrypt.org/directory
-key_type = rsa
-[[webroot_map]]

docker-compose.yaml

@@ -1,57 +0,0 @@
-version: '3.3'
-
-networks:
-  keycloak_network:
-
-services:
-  nginx_proxy:
-    image: nginx:1.22.0
-    container_name: keycloak_nginx_proxy
-    restart: unless-stopped
-    networks:
-      - keycloak_network
-    volumes:
-      - /opt/nginx-proxy/nginx.conf:/etc/nginx/nginx.conf
-      - /opt/nginx-proxy/acme:/acme:ro
-      - /opt/nginx-proxy/certs:/certs:ro
-    ports:
-      - 80:80
-      - 443:443
-
-  postgres:
-    image: postgres:14.5
-    container_name: keycloak_postgresql
-    restart: unless-stopped
-    networks:
-      - keycloak_network
-    volumes:
-      - /opt/volumes/postgres/data:/var/lib/postgresql/data
-      - /etc/localtime:/etc/localtime:ro
-    environment:
-      - POSTGRES_DB=${POSTGRES_DB}
-      - POSTGRES_USER=${POSTGRES_USER}
-      - POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
-
-  keycloak:
-    image: quay.io/keycloak/keycloak:19.0.1
-    container_name: keycloak
-    restart: unless-stopped
-    networks:
-      - keycloak_network
-    depends_on:
-      - nginx_proxy
-      - postgres
-    command: start --optimized --hostname=${KEYCLOAK_HOSTNAME} --proxy=edge --hostname-strict-https=false
-    volumes:
-      - /etc/localtime:/etc/localtime:ro
-    environment:
-      - PROXY_ADDRESS_FORWARDING=true           # Important for reverse proxy
-      - KEYCLOAK_ADMIN=${KEYCLOAK_USER}
-      - KEYCLOAK_ADMIN_PASSWORD=${KEYCLOAK_PASSWORD}
-      - DB_VENDOR=POSTGRES
-      - DB_ADDR=postgres
-      - DB_SCHEMA=public
-      - DB_DATABASE=${POSTGRES_DB}
-      - DB_USER=${POSTGRES_USER}
-      - DB_PASSWORD=${POSTGRES_PASSWORD}
-

nginx-proxy/nginx.conf

@@ -1,38 +0,0 @@
-events {
-}
-
-http {
-
-  server {
-    listen 80;
-    server_name _;
-
-    location /.well-known/acme-challenge {
-      root /acme;
-      try_files $uri $uri/ =404;
-    }
-
-    location / {
-      return 301 https://$host$request_uri;
-    }
-  }
-
-  server {
-    listen 443 ssl;
-    server_name _;
-
-    include       /etc/nginx/mime.types;
-
-    ssl_protocols TLSv1.2 TLSv1.3;
-    ssl_certificate     /certs/keycloak-cert.pem;
-    ssl_certificate_key /certs/keycloak-key.pem;
-
-    proxy_set_header X-Forwarded-For $proxy_protocol_addr; # To forward the original client's IP address
-    proxy_set_header X-Forwarded-Proto $scheme;            # To forward the  original protocol (HTTP or HTTPS)
-    proxy_set_header Host $host;                           # To forward the original host requested by the client
-
-    location / {
-      proxy_pass http://keycloak:8080;       # 'keycloak' refers to Keycloak's container name in docker-compose
-    }
-  }
-}