WassimAkachi/Dockerfile

## cache-ispn-jdbc-ping.xml
<?xml version="1.0" encoding="UTF-8"?>
<infinispan
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="urn:infinispan:config:11.0 http://www.infinispan.org/schemas/infinispan-config-11.0.xsd"
    xmlns="urn:infinispan:config:11.0">

  <!-- custom stack goes into the jgroups element -->
  <jgroups>
    <stack name="jdbc-ping-tcp" extends="tcp">
      <JDBC_PING connection_driver="org.postgresql.Driver"
                 connection_username="${env.KC_DB_USERNAME}" connection_password="${env.KC_DB_PASSWORD}"
                 connection_url="jdbc:postgresql://${env.KC_DB_URL_HOST}/${env.KC_DB_URL_DATABASE}"
                 initialize_sql="CREATE TABLE IF NOT EXISTS JGROUPSPING (own_addr varchar(200) NOT NULL, cluster_name varchar(200) NOT NULL, ping_data BYTEA, constraint PK_JGROUPSPING PRIMARY KEY (own_addr, cluster_name));"
                 info_writer_sleep_time="500"
                 remove_all_data_on_view_change="true"
                 stack.combine="REPLACE"
                 stack.position="MPING" />
    </stack>
  </jgroups>

  <cache-container name="keycloak">
    <!-- custom stack must be referenced by name in the stack attribute of the transport element -->
    <transport lock-timeout="60000" stack="jdbc-ping-tcp"/>
    <local-cache name="realms">
      <encoding>
        <key media-type="application/x-java-object"/>
        <value media-type="application/x-java-object"/>
      </encoding>
      <memory max-count="10000"/>
    </local-cache>
    <local-cache name="users">
      <encoding>
        <key media-type="application/x-java-object"/>
        <value media-type="application/x-java-object"/>
      </encoding>
      <memory max-count="10000"/>
    </local-cache>
    <distributed-cache name="sessions" owners="2">
      <expiration lifespan="-1"/>
    </distributed-cache>
    <distributed-cache name="authenticationSessions" owners="2">
      <expiration lifespan="-1"/>
    </distributed-cache>
    <distributed-cache name="offlineSessions" owners="2">
      <expiration lifespan="-1"/>
    </distributed-cache>
    <distributed-cache name="clientSessions" owners="2">
      <expiration lifespan="-1"/>
    </distributed-cache>
    <distributed-cache name="offlineClientSessions" owners="2">
      <expiration lifespan="-1"/>
    </distributed-cache>
    <distributed-cache name="loginFailures" owners="2">
      <expiration lifespan="-1"/>
    </distributed-cache>
    <local-cache name="authorization">
      <encoding>
        <key media-type="application/x-java-object"/>
        <value media-type="application/x-java-object"/>
      </encoding>
      <memory max-count="10000"/>
    </local-cache>
    <replicated-cache name="work">
      <expiration lifespan="-1"/>
    </replicated-cache>
    <local-cache name="keys">
      <encoding>
        <key media-type="application/x-java-object"/>
        <value media-type="application/x-java-object"/>
      </encoding>
      <expiration max-idle="3600000"/>
      <memory max-count="1000"/>
    </local-cache>
    <distributed-cache name="actionTokens" owners="2">
      <encoding>
        <key media-type="application/x-java-object"/>
        <value media-type="application/x-java-object"/>
      </encoding>
      <expiration max-idle="-1" lifespan="-1" interval="300000"/>
      <memory max-count="-1"/>
    </distributed-cache>
  </cache-container>
</infinispan>

## docker-compose.yml
version: '3'

volumes:
  postgres_data:
    driver: local

services:
  postgres:
    image: postgres:11
    volumes:
      - postgres_data:/var/lib/postgresql/data
    environment:
      POSTGRES_DB: keycloak
      POSTGRES_USER: keycloak
      POSTGRES_PASSWORD: password
    ports:
      - 5433:5432
  keycloak:
    build:
      context: "./keycloakx"
      dockerfile: "./Dockerfile"
    environment:
      KEYCLOAK_ADMIN: admin
      KEYCLOAK_ADMIN_PASSWORD: admin
      KC_DB_URL_HOST: postgres
      KC_DB_URL_DATABASE: keycloak
      KC_DB_SCHEMA: public
      KC_DB_USERNAME: keycloak
      KC_DB_PASSWORD: password
      KC_HOSTNAME_STRICT: false
      KC_HTTP_ENABLED: true
      KC_LOG_LEVEL: INFO,org.infinispan:DEBUG,org.jgroups:DEBUG
    ports:
      - 8080:8080
      - 8443:8443
    depends_on:
      - postgres

## Dockerfile
FROM quay.io/keycloak/keycloak:17.0.0 as builder

ENV KC_METRICS_ENABLED=true
ENV KC_FEATURES=preview
ENV KC_DB=postgres
ENV KC_HTTP_RELATIVE_PATH=/auth
# specify the custom cache config file here
ENV KC_CACHE_CONFIG_FILE=cache-ispn-jdbc-ping.xml

# copy the custom cache config file into the keycloak conf dir
COPY ./cache-ispn-jdbc-ping.xml /opt/keycloak/conf/cache-ispn-jdbc-ping.xml

RUN /opt/keycloak/bin/kc.sh build

FROM quay.io/keycloak/keycloak:17.0.0
COPY --from=builder /opt/keycloak/lib/quarkus/ /opt/keycloak/lib/quarkus/
WORKDIR /opt/keycloak
# for demonstration purposes only, please make sure to use proper certificates in production instead
RUN keytool -genkeypair -storepass password -storetype PKCS12 -keyalg RSA -keysize 2048 -dname "CN=server" -alias server -ext "SAN:c=DNS:localhost,IP:127.0.0.1" -keystore conf/server.keystore

ENTRYPOINT ["/opt/keycloak/bin/kc.sh", "start"]
	<?xml version="1.0" encoding="UTF-8"?>
	<infinispan
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="urn:infinispan:config:11.0 http://www.infinispan.org/schemas/infinispan-config-11.0.xsd"
	xmlns="urn:infinispan:config:11.0">

	<!-- custom stack goes into the jgroups element -->
	<jgroups>
	<stack name="jdbc-ping-tcp" extends="tcp">
	<JDBC_PING connection_driver="org.postgresql.Driver"
	connection_username="${env.KC_DB_USERNAME}" connection_password="${env.KC_DB_PASSWORD}"
	connection_url="jdbc:postgresql://${env.KC_DB_URL_HOST}/${env.KC_DB_URL_DATABASE}"
	initialize_sql="CREATE TABLE IF NOT EXISTS JGROUPSPING (own_addr varchar(200) NOT NULL, cluster_name varchar(200) NOT NULL, ping_data BYTEA, constraint PK_JGROUPSPING PRIMARY KEY (own_addr, cluster_name));"
	info_writer_sleep_time="500"
	remove_all_data_on_view_change="true"
	stack.combine="REPLACE"
	stack.position="MPING" />
	</stack>
	</jgroups>

	<cache-container name="keycloak">
	<!-- custom stack must be referenced by name in the stack attribute of the transport element -->
	<transport lock-timeout="60000" stack="jdbc-ping-tcp"/>
	<local-cache name="realms">
	<encoding>
	<key media-type="application/x-java-object"/>
	<value media-type="application/x-java-object"/>
	</encoding>
	<memory max-count="10000"/>
	</local-cache>
	<local-cache name="users">
	<encoding>
	<key media-type="application/x-java-object"/>
	<value media-type="application/x-java-object"/>
	</encoding>
	<memory max-count="10000"/>
	</local-cache>
	<distributed-cache name="sessions" owners="2">
	<expiration lifespan="-1"/>
	</distributed-cache>
	<distributed-cache name="authenticationSessions" owners="2">
	<expiration lifespan="-1"/>
	</distributed-cache>
	<distributed-cache name="offlineSessions" owners="2">
	<expiration lifespan="-1"/>
	</distributed-cache>
	<distributed-cache name="clientSessions" owners="2">
	<expiration lifespan="-1"/>
	</distributed-cache>
	<distributed-cache name="offlineClientSessions" owners="2">
	<expiration lifespan="-1"/>
	</distributed-cache>
	<distributed-cache name="loginFailures" owners="2">
	<expiration lifespan="-1"/>
	</distributed-cache>
	<local-cache name="authorization">
	<encoding>
	<key media-type="application/x-java-object"/>
	<value media-type="application/x-java-object"/>
	</encoding>
	<memory max-count="10000"/>
	</local-cache>
	<replicated-cache name="work">
	<expiration lifespan="-1"/>
	</replicated-cache>
	<local-cache name="keys">
	<encoding>
	<key media-type="application/x-java-object"/>
	<value media-type="application/x-java-object"/>
	</encoding>
	<expiration max-idle="3600000"/>
	<memory max-count="1000"/>
	</local-cache>
	<distributed-cache name="actionTokens" owners="2">
	<encoding>
	<key media-type="application/x-java-object"/>
	<value media-type="application/x-java-object"/>
	</encoding>
	<expiration max-idle="-1" lifespan="-1" interval="300000"/>
	<memory max-count="-1"/>
	</distributed-cache>
	</cache-container>
	</infinispan>
	version: '3'

	volumes:
	postgres_data:
	driver: local

	services:
	postgres:
	image: postgres:11
	volumes:
	- postgres_data:/var/lib/postgresql/data
	environment:
	POSTGRES_DB: keycloak
	POSTGRES_USER: keycloak
	POSTGRES_PASSWORD: password
	ports:
	- 5433:5432
	keycloak:
	build:
	context: "./keycloakx"
	dockerfile: "./Dockerfile"
	environment:
	KEYCLOAK_ADMIN: admin
	KEYCLOAK_ADMIN_PASSWORD: admin
	KC_DB_URL_HOST: postgres
	KC_DB_URL_DATABASE: keycloak
	KC_DB_SCHEMA: public
	KC_DB_USERNAME: keycloak
	KC_DB_PASSWORD: password
	KC_HOSTNAME_STRICT: false
	KC_HTTP_ENABLED: true
	KC_LOG_LEVEL: INFO,org.infinispan:DEBUG,org.jgroups:DEBUG
	ports:
	- 8080:8080
	- 8443:8443
	depends_on:
	- postgres
	FROM quay.io/keycloak/keycloak:17.0.0 as builder

	ENV KC_METRICS_ENABLED=true
	ENV KC_FEATURES=preview
	ENV KC_DB=postgres
	ENV KC_HTTP_RELATIVE_PATH=/auth
	# specify the custom cache config file here
	ENV KC_CACHE_CONFIG_FILE=cache-ispn-jdbc-ping.xml

	# copy the custom cache config file into the keycloak conf dir
	COPY ./cache-ispn-jdbc-ping.xml /opt/keycloak/conf/cache-ispn-jdbc-ping.xml

	RUN /opt/keycloak/bin/kc.sh build

	FROM quay.io/keycloak/keycloak:17.0.0
	COPY --from=builder /opt/keycloak/lib/quarkus/ /opt/keycloak/lib/quarkus/
	WORKDIR /opt/keycloak
	# for demonstration purposes only, please make sure to use proper certificates in production instead
	RUN keytool -genkeypair -storepass password -storetype PKCS12 -keyalg RSA -keysize 2048 -dname "CN=server" -alias server -ext "SAN:c=DNS:localhost,IP:127.0.0.1" -keystore conf/server.keystore

	ENTRYPOINT ["/opt/keycloak/bin/kc.sh", "start"]