forked from kprasad99/spring-webflux-keycloak-angular
-
Notifications
You must be signed in to change notification settings - Fork 0
/
docker-compose.yml
118 lines (117 loc) · 4.21 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
version: '3.7'
services:
traefik:
image: "traefik:v2.6"
command:
# - "--log.level=DEBUG"
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
ports:
- "80:80"
- "443:443"
networks:
- k-network
volumes:
- "/var/run/docker.sock:/var/run/docker.sock:ro"
# app-store:
# image: kprasad99/app-store:v0.1.0
# build: ./app-store
# networks:
# - k-network
# labels:
# - "traefik.enable=true"
# - "traefik.http.routers.app-store.rule=PathPrefix(`/`)"
# - "traefik.http.routers.app-store.entrypoints=web"
# environment:
# app_conf_sts_server: "http://192.168.56.121/auth/realms/universal"
# app_conf_redirect_url: "http://192.168.56.121/app-store/"
# app_conf_client_id: "kp_prod_appstore"
# app_conf_response_type: "code"
# app_conf_scope: "openid profile email"
# app_conf_post_logout_redirect_uri: "http://192.168.56.121/app-store/#/sign-out"
# app_conf_start_check_session: "true"
# app_conf_silent_renew: "true"
# app_conf_silent_renew_url: "http://192.168.56.121/app-store/assets/silent-renew.html"
# app_conf_post_login_route: "/home"
# app_conf_forbidden_route: "/forbidden"
# app_conf_unauthorized_route: "/unauthorized"
# app_conf_disable_iat_offset_validation: "true"
# emp-app:
# image: kprasad99/employee-app:v0.1.0
# build: ./employee-app
# networks:
# - k-network
# labels:
# - "traefik.enable=true"
# - "traefik.http.routers.emp-app.rule=PathPrefix(`/emp-app`)"
# - "traefik.http.routers.emp-app.entrypoints=web"
# environment:
# app_conf_sts_server: "http://192.168.56.121/auth/realms/universal"
# app_conf_redirect_url: "http://192.168.56.121/emp-app/"
# app_conf_client_id: "kp_prod_app1"
# app_conf_response_type: "code"
# app_conf_scope: "openid profile email"
# app_conf_post_logout_redirect_uri: "http://192.168.56.121/emp-app/#/sign-out"
# app_conf_start_check_session: "true"
# app_conf_silent_renew: "true"
# app_conf_silent_renew_url: "http://192.168.56.121/emp-app/assets/silent-renew.html"
# app_conf_post_login_route: "/home"
# app_conf_forbidden_route: "/forbidden"
# app_conf_unauthorized_route: "/unauthorized"
# app_conf_disable_iat_offset_validation: "true"
# employee-backend:
# image: kprasad99/employee-backend:v0.1.0
# build: ./employee-backend
# networks:
# - k-network
# labels:
# - "traefik.enable=true"
# - "traefik.http.routers.employee-backend.rule=PathPrefix(`/api`)"
# - "traefik.http.routers.employee-backend.entrypoints=web"
# environment:
# spring.security.oauth2.resourceserver.jwt.issuer-uri: http://192.168.56.121/auth/realms/universal
keycloak:
image: quay.io/keycloak/keycloak:16.1.0
networks:
- k-network
ports:
- 18080:8080
volumes:
- ${PWD}/keycloak/universal-realm.json:/tmp/universal-realm.json
labels:
- "traefik.enable=true"
- "traefik.http.routers.web.rule=PathPrefix(`/auth`)"
# http with redirection
- traefik.http.middlewares.redirect-middleware.redirectscheme.scheme=https
- traefik.http.routers.web.entrypoints=web
#- traefik.http.routers.web-router.rule=Host(`auth.kp.local`)
- traefik.http.routers.web.middlewares=redirect-middleware
# https
- "traefik.http.routers.websecure.rule=PathPrefix(`/auth`)"
- traefik.http.routers.websecure.entrypoints=websecure
- traefik.http.routers.websecure.tls=true
#- traefik.http.routers.websecure.rule=Host(`auth.kp.local`)
environment:
KEYCLOAK_USER: admin
KEYCLOAK_PASSWORD: password
KEYCLOAK_IMPORT: /tmp/universal-realm.json
PROXY_ADDRESS_FORWARDING: "true"
DB_VENDOR: h2
# DB_VENDOR: mysql
# DB_DATABASE: keycloak
# DB_USER: keycloak
# DB_PASSWORD: password
# mysql:
# image: mysql
# networks:
# - k-network
# environment:
# MYSQL_ROOT_PASSWORD: password
# MYSQL_DATABASE: keycloak
# MYSQL_USER: keycloak
# MYSQL_PASSWORD: password
networks:
k-network: