Migrate Keycloak to Podman
This commit is contained in:
parent
0dae148541
commit
6610958d2b
5 changed files with 45 additions and 1 deletions
|
@ -124,7 +124,10 @@ def pullProj(project):
|
||||||
pulledImages = []
|
pulledImages = []
|
||||||
for image in images:
|
for image in images:
|
||||||
currentId = getImageId(image)
|
currentId = getImageId(image)
|
||||||
runPodman("pull", image)
|
if re.search('^localhost/', image):
|
||||||
|
runPodman("compose", ["-f", f"projects/{project}/compose.yaml.rendered", "build", "--pull"])
|
||||||
|
else:
|
||||||
|
runPodman("pull", image)
|
||||||
pulledId = getImageId(image)
|
pulledId = getImageId(image)
|
||||||
if currentId != pulledId:
|
if currentId != pulledId:
|
||||||
pulledImages += image
|
pulledImages += image
|
||||||
|
|
12
projects/keycloak/.env.mako
Normal file
12
projects/keycloak/.env.mako
Normal file
|
@ -0,0 +1,12 @@
|
||||||
|
QUARKUS_TRANSACTION_MANAGER_ENABLE_RECOVERY=true
|
||||||
|
|
||||||
|
#KEYCLOAK_ADMIN=
|
||||||
|
#KEYCLOAK_ADMIN_PASSWORD=
|
||||||
|
|
||||||
|
KC_DB_URL_HOST=postgres.${env['domain']}
|
||||||
|
KC_DB_URL_DATABASE=keycloak
|
||||||
|
KC_DB_USERNAME=${secrets['postgres']['keycloak']['user']}
|
||||||
|
KC_DB_PASSWORD='${secrets["postgres"]["keycloak"]["pass"]}'
|
||||||
|
|
||||||
|
KC_PROXY_HEADERS=xforwarded
|
||||||
|
KC_HOSTNAME=https://kc.${env['domain']}
|
15
projects/keycloak/Dockerfile
Normal file
15
projects/keycloak/Dockerfile
Normal file
|
@ -0,0 +1,15 @@
|
||||||
|
FROM quay.io/keycloak/keycloak:25.0 as builder
|
||||||
|
|
||||||
|
ENV KC_DB=postgres
|
||||||
|
|
||||||
|
WORKDIR /opt/keycloak
|
||||||
|
|
||||||
|
RUN keytool -genkeypair -storepass password -storetype PKCS12 -keyalg RSA -keysize 2048 -dname "CN=server" -alias server -ext "SAN:c=IP:127.0.0.1" -keystore conf/server.keystore
|
||||||
|
RUN /opt/keycloak/bin/kc.sh build
|
||||||
|
|
||||||
|
|
||||||
|
FROM quay.io/keycloak/keycloak:25.0
|
||||||
|
COPY --from=builder /opt/keycloak/ /opt/keycloak/
|
||||||
|
|
||||||
|
ENTRYPOINT ["/opt/keycloak/bin/kc.sh"]
|
||||||
|
CMD ["start", "--optimized"]
|
11
projects/keycloak/compose.yaml.mako
Normal file
11
projects/keycloak/compose.yaml.mako
Normal file
|
@ -0,0 +1,11 @@
|
||||||
|
services:
|
||||||
|
keycloak:
|
||||||
|
container_name: keycloak
|
||||||
|
build: .
|
||||||
|
image: localhost/keycloak:latest
|
||||||
|
network_mode: pasta:-a,${env['pasta']['keycloak']['ipv4']},-a,${env['pasta']['keycloak']['ipv6']}
|
||||||
|
restart: always
|
||||||
|
user: ${env['users']['keycloak']}:${env['users']['keycloak']}
|
||||||
|
env_file: .env.rendered
|
||||||
|
ports:
|
||||||
|
- 127.0.0.1:${env['ports']['keycloak']}:8443
|
|
@ -64,6 +64,9 @@ pasta:
|
||||||
hedgedoc:
|
hedgedoc:
|
||||||
ipv4: 10.86.8.1
|
ipv4: 10.86.8.1
|
||||||
ipv6: fc86::8
|
ipv6: fc86::8
|
||||||
|
keycloak:
|
||||||
|
ipv4: 10.86.11.1
|
||||||
|
ipv6: fc86::11
|
||||||
mailserver:
|
mailserver:
|
||||||
ipv4: 10.86.13.1
|
ipv4: 10.86.13.1
|
||||||
ipv6: fc86::13
|
ipv6: fc86::13
|
||||||
|
|
Loading…
Reference in a new issue