Migrate Keycloak to Podman
This commit is contained in:
parent
0dae148541
commit
6610958d2b
5 changed files with 45 additions and 1 deletions
|
@ -124,6 +124,9 @@ def pullProj(project):
|
|||
pulledImages = []
|
||||
for image in images:
|
||||
currentId = getImageId(image)
|
||||
if re.search('^localhost/', image):
|
||||
runPodman("compose", ["-f", f"projects/{project}/compose.yaml.rendered", "build", "--pull"])
|
||||
else:
|
||||
runPodman("pull", image)
|
||||
pulledId = getImageId(image)
|
||||
if currentId != pulledId:
|
||||
|
|
12
projects/keycloak/.env.mako
Normal file
12
projects/keycloak/.env.mako
Normal file
|
@ -0,0 +1,12 @@
|
|||
QUARKUS_TRANSACTION_MANAGER_ENABLE_RECOVERY=true
|
||||
|
||||
#KEYCLOAK_ADMIN=
|
||||
#KEYCLOAK_ADMIN_PASSWORD=
|
||||
|
||||
KC_DB_URL_HOST=postgres.${env['domain']}
|
||||
KC_DB_URL_DATABASE=keycloak
|
||||
KC_DB_USERNAME=${secrets['postgres']['keycloak']['user']}
|
||||
KC_DB_PASSWORD='${secrets["postgres"]["keycloak"]["pass"]}'
|
||||
|
||||
KC_PROXY_HEADERS=xforwarded
|
||||
KC_HOSTNAME=https://kc.${env['domain']}
|
15
projects/keycloak/Dockerfile
Normal file
15
projects/keycloak/Dockerfile
Normal file
|
@ -0,0 +1,15 @@
|
|||
FROM quay.io/keycloak/keycloak:25.0 as builder
|
||||
|
||||
ENV KC_DB=postgres
|
||||
|
||||
WORKDIR /opt/keycloak
|
||||
|
||||
RUN keytool -genkeypair -storepass password -storetype PKCS12 -keyalg RSA -keysize 2048 -dname "CN=server" -alias server -ext "SAN:c=IP:127.0.0.1" -keystore conf/server.keystore
|
||||
RUN /opt/keycloak/bin/kc.sh build
|
||||
|
||||
|
||||
FROM quay.io/keycloak/keycloak:25.0
|
||||
COPY --from=builder /opt/keycloak/ /opt/keycloak/
|
||||
|
||||
ENTRYPOINT ["/opt/keycloak/bin/kc.sh"]
|
||||
CMD ["start", "--optimized"]
|
11
projects/keycloak/compose.yaml.mako
Normal file
11
projects/keycloak/compose.yaml.mako
Normal file
|
@ -0,0 +1,11 @@
|
|||
services:
|
||||
keycloak:
|
||||
container_name: keycloak
|
||||
build: .
|
||||
image: localhost/keycloak:latest
|
||||
network_mode: pasta:-a,${env['pasta']['keycloak']['ipv4']},-a,${env['pasta']['keycloak']['ipv6']}
|
||||
restart: always
|
||||
user: ${env['users']['keycloak']}:${env['users']['keycloak']}
|
||||
env_file: .env.rendered
|
||||
ports:
|
||||
- 127.0.0.1:${env['ports']['keycloak']}:8443
|
|
@ -64,6 +64,9 @@ pasta:
|
|||
hedgedoc:
|
||||
ipv4: 10.86.8.1
|
||||
ipv6: fc86::8
|
||||
keycloak:
|
||||
ipv4: 10.86.11.1
|
||||
ipv6: fc86::11
|
||||
mailserver:
|
||||
ipv4: 10.86.13.1
|
||||
ipv6: fc86::13
|
||||
|
|
Loading…
Reference in a new issue