g

docker-compose/keycloak/docker-compose.yml.j2

@@ -0,0 +1,54 @@
+version: '3'
+services:
+  Keycloak:
+    image: quay.io/keycloak/keycloak:22.0.5
+    environment:
+      KC_DB: postgres
+      KC_DB_URL_DATABASE: keycloak
+      KC_DB_SCHEMA: public
+      KC_DB_URL: jdbc:postgresql://postgres/keycloak
+      KC_DB_USERNAME: keycloak
+      KC_DB_PASSWORD: password
+      KEYCLOAK_ADMIN: admin
+      KEYCLOAK_ADMIN_PASSWORD: password
+      KC_HTTP_RELATIVE_PATH: /auth
+    ports:
+      - "8089:8080" # Externe-Portnummer:Interne-Portnummer
+    depends_on:
+      - keycloak-db
+    container_name: keycloak-app
+    networks:
+      - intern
+      - auth
+      - traefik
+
+  keycloak-db:
+    image: "postgres:16.2"
+    container_name: keycloak-db
+    environment:
+      POSTGRES_DB: keycloak
+      POSTGRES_USER: keycloak
+      POSTGRES_PASSWORD: password
+    volumes:
+      - db16:/var/lib/postgresql/data
+    healthcheck:
+      test: ["CMD", "pg_isready", "-U", "postgres"]
+      interval: 10s
+      start_period: 30s
+    networks:
+      - intern
+
+######## Volumes ########
+volumes:
+  db16:
+######## Networks ########
+networks:
+  traefik:
+    external: true
+  auth:
+    external: true
+  intern:
+# todo
+# prufen ob dier uzielcontsainer alle netwzwerke rbaucht
+# healtchecks
+# verison gesetzt

docker-compose/whoami/docker-compose.yml.j2

@@ -34,53 +34,7 @@ services:
     networks:
       auth:
     depends_on:
-      - keycloak
-
-  keycloak:
-    container_name: keycloak-app
-    image: jboss/keycloak:10.0.0
-    hostname: keycloak
-    command:
-      [
-        '-b',
-        '0.0.0.0',
-        '-Djboss.socket.binding.port-offset=1000',
-        '-Dkeycloak.migration.action=import',
-        '-Dkeycloak.migration.provider=dir',
-        '-Dkeycloak.migration.dir=/realm-config',
-        '-Dkeycloak.migration.strategy=IGNORE_EXISTING'
-      ]
-    environment:
-      DB_VENDOR: POSTGRES
-      DB_ADDR: keycloak-db
-      DB_DATABASE: keycloak
-      DB_USER: keycloak
-      DB_SCHEMA: public
-      DB_PASSWORD: password
-      KEYCLOAK_USER: admin@example.com
-      KEYCLOAK_PASSWORD: password
-    ports:
-      - 9080:9080/tcp
-    networks:
-      auth:
-    depends_on:
-      - keycloak-db
-
-  keycloak-db:
-    image: postgres
-    container_name: keycloak-db
-    volumes:
-      - keycloak-db_data:/var/lib/postgresql/data
-    environment:
-      POSTGRES_DB: keycloak
-      POSTGRES_USER: keycloak
-      POSTGRES_PASSWORD: password
-    networks:
-      auth:
-
-######## Volumes ########
-volumes:
-  keycloak-db_data:
+      - keycloak-app
 ######## Networks ########
 networks:
   traefik:
@@ -91,3 +45,4 @@ networks:
 # todo
 # prufen ob dier uzielcontsainer alle netwzwerke rbaucht
 # healtchecks
+# verison gesetzt

host_vars/docker10.mgrote.net.yml

@@ -75,7 +75,9 @@ compose_files:
   - name: whoami
     state: present
     network: auth
-
+  - name: keycloak
+    state: present
+    network: auth
 ### oefenweb.ufw
 ufw_rules:
   - rule: allow