add nginx proxy & companion container

2023-01-26 13:32:24 +01:00 · 2023-01-26 13:32:24 +01:00 · 31213b8190
parent 9fac25fd4d
commit 31213b8190
2 changed files with 38 additions and 17 deletions
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -2,25 +2,20 @@ version: "3.7"

 services:    
  sso:
-    image: quay.io/keycloak/keycloak:15.0.2
+    image: quay.io/keycloak/keycloak:20.0.3
    container_name: "keycloak"
    volumes:
      - /etc/localtime:/etc/localtime:ro
-      - ./config/profile.properties:/opt/jboss/keycloak/standalone/configuration/profile.properties
-      # add plugins for hot deployment in running in KC
-      #- ./plugins:/opt/jboss/keycloak/standalone/deployments/
+      - ./keycloak.conf:/opt/keycloak/conf/keycloak.conf
+    command:
+      - bin/kc.sh start-dev
    environment:
      - KEYCLOAK_USER=admin
-      - KEYCLOAK_PASSWORD=changeme
+      - KEYCLOAK_ADMIN_PASSWORD=changeme
      - PROXY_ADDRESS_FORWARDING=true
-      - KEYCLOAK_LOGLEVEL=INFO 
-      - KEYCLOAK_STATISTICS=all
-      - DB_VENDOR=POSTGRES
-      - DB_ADDR=postgres
-      - DB_USER=keycloak
-      - DB_PASSWORD=changeme
-      - DB_DATABASE=keycloak
-      - DB_SCHEMA=public
+      - VIRTUAL_HOST=dev-keycloak.mydomain.com
+      - VIRTUAL_PORT=8080
+      - LETSENCRYPT_HOE=dev-keycloak.mydomain.com
    networks:
      - internal

@ -35,16 +30,30 @@ services:
      - postgres_data:/var/lib/postgresql/data
    networks:
      - internal
-
  proxy:
-    image: nginx:latest
+    image: nginxproxy/nginx-proxy
    container_name: nginx
    ports:
      - "443:443"
      - "80:80"
    volumes:
-      - ./nginx/nginx.conf:/etc/nginx/conf.d/default.conf
-      - ./certs:/etc/nginx/ssl
+      - certs:/etc/nginx/certs
+      - vhost:/etc/nginx/vhost.d
+      - html:/usr/share/nginx/html
+      - /var/run/docker.sock:/tmp/docker.sock:ro
+    networks:
+      - internal
+
+  acme-companion:
+    image: nginxproxy/acme-companion
+    environment:
+      - DEFAULT_EMAIL=<YOUREMAIL@YOURDOMAIN.COM>
+    volumes:
+      - certs:/etc/nginx/certs
+      - vhost:/etc/nginx/vhost.d
+      - html:/usr/share/nginx/html
+      - acme:/etc/acme.sh
+      - /var/run/docker.sock:/var/run/docker.sock:ro
    networks:
      - internal

@ -58,3 +67,6 @@ networks:

 volumes:
  postgres_data:
+  certs:
+  vhost:
+  html:
--- a/keycloak.conf
+++ b/keycloak.conf
@ -0,0 +1,9 @@
+proxy=edge
+db=postgres
+db-url-host=postgres
+db-user=keycloak
+db-password=changeme
+db-database=keycloak
+db-schema=public
+hostname-strict=false
+http-enabled=true