92 lines
2.4 KiB
Django/Jinja
92 lines
2.4 KiB
Django/Jinja
version: "3"
|
|
services:
|
|
whoami:
|
|
image: traefik/whoami
|
|
container_name: whoami-app
|
|
restart: always
|
|
ports:
|
|
- "4421:80"
|
|
networks:
|
|
auth:
|
|
|
|
# This docker-compose file can be used to bring up an example instance of oauth2-proxy
|
|
# for manual testing and exploration of features.
|
|
# Alongside OAuth2-Proxy, this file also starts Keycloak to act as the identity provider,
|
|
# whoami as an example upstream.
|
|
#
|
|
# This can either be created using docker-compose
|
|
# docker-compose -f docker-compose-keycloak.yaml <command>
|
|
# Or:
|
|
# make keycloak-<command> (eg. make keycloak-up, make keycloak-down)
|
|
#
|
|
# Access http://oauth2-proxy.localtest.me:4180 to initiate a login cycle using user=admin@example.com, password=password
|
|
# Access http://keycloak.localtest.me:9080 with the same credentials to check out the settings
|
|
oauth2-proxy:
|
|
container_name: oauth2-proxy
|
|
image: quay.io/oauth2-proxy/oauth2-proxy:v7.6.0
|
|
command: --config /oauth2-proxy.cfg
|
|
hostname: oauth2-proxy
|
|
volumes:
|
|
- "./oauth2-proxy-keycloak.cfg:/oauth2-proxy.cfg"
|
|
restart: unless-stopped
|
|
ports:
|
|
- 4180:4180/tcp
|
|
networks:
|
|
auth:
|
|
depends_on:
|
|
- keycloak
|
|
|
|
keycloak:
|
|
container_name: keycloak-app
|
|
image: jboss/keycloak:10.0.0
|
|
hostname: keycloak
|
|
command:
|
|
[
|
|
'-b',
|
|
'0.0.0.0',
|
|
'-Djboss.socket.binding.port-offset=1000',
|
|
'-Dkeycloak.migration.action=import',
|
|
'-Dkeycloak.migration.provider=dir',
|
|
'-Dkeycloak.migration.dir=/realm-config',
|
|
'-Dkeycloak.migration.strategy=IGNORE_EXISTING'
|
|
]
|
|
environment:
|
|
DB_VENDOR: POSTGRES
|
|
DB_ADDR: keycloak-db
|
|
DB_DATABASE: keycloak
|
|
DB_USER: keycloak
|
|
DB_SCHEMA: public
|
|
DB_PASSWORD: password
|
|
KEYCLOAK_USER: admin@example.com
|
|
KEYCLOAK_PASSWORD: password
|
|
ports:
|
|
- 9080:9080/tcp
|
|
networks:
|
|
auth:
|
|
depends_on:
|
|
- keycloak-db
|
|
|
|
keycloak-db:
|
|
image: postgres
|
|
container_name: keycloak-db
|
|
volumes:
|
|
- keycloak-db_data:/var/lib/postgresql/data
|
|
environment:
|
|
POSTGRES_DB: keycloak
|
|
POSTGRES_USER: keycloak
|
|
POSTGRES_PASSWORD: password
|
|
|
|
######## Volumes ########
|
|
volumes:
|
|
keycloak-db_data:
|
|
######## Networks ########
|
|
networks:
|
|
traefik:
|
|
external: true
|
|
auth:
|
|
external: true
|
|
|
|
# todo
|
|
# prufen ob dier uzielcontsainer alle netwzwerke rbaucht
|
|
# healtchecks
|