infrastructure/ansible/plays/services/keycloak/docker-compose.yaml

---
version: '3.9'

services:
  postgres:
    image: postgres:15
    restart: always
    environment:
      - "POSTGRES_DB={{ auth.db.name }}"
      - "POSTGRES_USER={{ auth.db.user }}"
      - "POSTGRES_PASSWORD={{ auth.db.password }}"
    volumes:
      - pg_data:/var/lib/postgresql/data
    networks:
      - backend
    healthcheck:
      test: ["CMD-SHELL", "pg_isready", "-U", "keycloak"]
      interval: 10s
      timeout: 5s
      retries: 5

  keycloak:
    image: registry.tobiasmanske.de/keycloak:main
    command: start
    depends_on:
      postgres:
        condition: service_healthy
    environment:
      - "KC_DB=postgres"
      - "KC_DB_URL_HOST=postgres"
      - "KC_DB_URL_DATABASE={{ auth.db.name }}"
      - "KC_DB_USERNAME={{ auth.db.user }}"
      - "KC_DB_PASSWORD={{ auth.db.password }}"
      - "KEYCLOAK_ADMIN={{ auth.keycloak.user }}"
      - "KEYCLOAK_ADMIN_PASSWORD={{ auth.keycloak.password }}"
      - "KC_PROXY=edge"
      - "KC_HOSTNAME=auth.tobiasmanske.de"
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.keycloak.rule=Host(`auth.tobiasmanske.de`)"
      - "traefik.http.routers.keycloak.entryPoints=websecure"
      - "traefik.http.services.keycloak.loadbalancer.server.port=8080"
    restart: always
    networks:
      - backend
      - default # keycloak needs to talk to social logins

networks:
  backend:
    internal: true

volumes:
  pg_data:
...
Setup Keycloak 2022-09-25 14:04:21 +02:00			`---`
			`version: '3.9'`

			`services:`
			`postgres:`
Keycloak: Update postgres 2023-08-12 03:17:32 +02:00			`image: postgres:15`
Setup Keycloak 2022-09-25 14:04:21 +02:00			`restart: always`
			`environment:`
			`- "POSTGRES_DB={{ auth.db.name }}"`
			`- "POSTGRES_USER={{ auth.db.user }}"`
			`- "POSTGRES_PASSWORD={{ auth.db.password }}"`
			`volumes:`
			`- pg_data:/var/lib/postgresql/data`
			`networks:`
			`- backend`
Postgres Health Checks 2022-10-27 00:55:39 +02:00			`healthcheck:`
Keycloak: Update postgres 2023-08-12 03:17:32 +02:00			`test: ["CMD-SHELL", "pg_isready", "-U", "keycloak"]`
Postgres Health Checks 2022-10-27 00:55:39 +02:00			`interval: 10s`
			`timeout: 5s`
			`retries: 5`
Setup Keycloak 2022-09-25 14:04:21 +02:00
			`keycloak:`
Update Keycloak 2023-04-06 19:13:09 +02:00			`image: registry.tobiasmanske.de/keycloak:main`
Setup Keycloak 2022-09-25 14:04:21 +02:00			`command: start`
			`depends_on:`
Postgres Health Checks 2022-10-27 00:55:39 +02:00			`postgres:`
			`condition: service_healthy`
Setup Keycloak 2022-09-25 14:04:21 +02:00			`environment:`
			`- "KC_DB=postgres"`
			`- "KC_DB_URL_HOST=postgres"`
			`- "KC_DB_URL_DATABASE={{ auth.db.name }}"`
			`- "KC_DB_USERNAME={{ auth.db.user }}"`
			`- "KC_DB_PASSWORD={{ auth.db.password }}"`
			`- "KEYCLOAK_ADMIN={{ auth.keycloak.user }}"`
			`- "KEYCLOAK_ADMIN_PASSWORD={{ auth.keycloak.password }}"`
			`- "KC_PROXY=edge"`
			`- "KC_HOSTNAME=auth.tobiasmanske.de"`
			`labels:`
			`- "traefik.enable=true"`
			- "traefik.http.routers.keycloak.rule=Host(`auth.tobiasmanske.de`)"
			`- "traefik.http.routers.keycloak.entryPoints=websecure"`
			`- "traefik.http.services.keycloak.loadbalancer.server.port=8080"`
			`restart: always`
			`networks:`
			`- backend`
Keycloak: Fix social logins 2023-08-12 03:22:22 +02:00			`- default # keycloak needs to talk to social logins`
Setup Keycloak 2022-09-25 14:04:21 +02:00
			`networks:`
			`backend:`
			`internal: true`

			`volumes:`
			`pg_data:`
			`...`