This is a short and simple example on how to build a proper Keycloak cluster, using JDBC_PING as discovery protocol and an NGINX server as reverse proxy.
As this is for legacy Keycloak version (Wildfly based, up until version 17), you can find an example for more current and uptodate versions at this gist here: https://gist.github.com/dasniko/3a57913047af3ca1b6b0a83b294dc1a1
Please see also my video about Keycloak Clustering: http://www.youtube.com/watch?v=P96VQkBBNxU
Docker allows storing configurations outside docker images and running containers. This feature, named configs, eliminates the need to use volumes, bind-mount, or environment variables to pass configurations to containers.
The configs have the following characteristics:
| { | |
| "meta": { | |
| "theme": "elegant" | |
| }, | |
| "basics": { | |
| "name": "Thomas Davis", | |
| "label": "Web Developer", | |
| "image": "https://avatars0.githubusercontent.com/u/416209?s=460&u=38f220a2c9c658141804f881c334c594eb1642ac&v=4", | |
| "summary": "I'm a full stack web developer who can build apps from the ground up. I've worked mostly at startups so I am used to wearing many hats. I am a very product focused developer who prioritizes user feedback first and foremost. I'm generally very flexible when investigating new roles. ", | |
| "website": "https://lordajax.com", |
| # Cache sudo password | |
| sudo -v | |
| # Enable installation of 32-bit packages | |
| sudo dpkg --add-architecture i386 | |
| # Enable the Ubuntu partner repository (this doesn't seem to be necessary for 20.04) | |
| if [ $(lsb_release -r | awk '{print $2}') == '18.04' ]; then | |
| sudo sed -i 's/^# deb http:\/\/archive.canonical.com\/ubuntu/deb http:\/\/archive.canonical.com\/ubuntu/' /etc/apt/sources.list | |
| sudo apt update |
| #!/bin/bash | |
| for domain in "github.com" "bitbucket.org"; do | |
| echo $domain | |
| sed -i "/$domain/d" ~/.ssh/known_hosts | |
| line=$(ssh-keyscan $domain,`nslookup $domain | awk '/^Address: / { print $2 ; exit }'`) | |
| echo $line >> ~/.ssh/known_hosts | |
| done |
| // ==UserScript== | |
| // @name Google Bookmarks fix | |
| // @match https://www.google.com/bookmarks/* | |
| // @grant none | |
| // @require https://code.jquery.com/jquery-1.12.4.min.js | |
| // @require https://code.jquery.com/ui/1.12.1/jquery-ui.js | |
| // ==/UserScript== | |
| $(function() { | |
| try { |
| #!/bin/bash | |
| #usage: mysql-drop-all-tables -d database -u dbuser -p dbpass | |
| TEMP_FILE_PATH='./drop_all_tables.sql' | |
| while getopts d:u:p: option | |
| do | |
| case "${option}" | |
| in |
| import logging | |
| import sys | |
| from logging.handlers import TimedRotatingFileHandler | |
| FORMATTER = logging.Formatter("%(asctime)s - %(name)s - %(levelname)s - %(message)s") | |
| LOG_FILE = "my_app.log" | |
| def get_console_handler(): | |
| console_handler = logging.StreamHandler(sys.stdout) | |
| console_handler.setFormatter(FORMATTER) |
| #!/bin/bash | |
| set -euo pipefail | |
| openssl req -new -text -passout pass:abcd -subj /CN=localhost -out server.req -keyout privkey.pem | |
| openssl rsa -in privkey.pem -passin pass:abcd -out server.key | |
| openssl req -x509 -in server.req -text -key server.key -out server.crt | |
| chmod 600 server.key | |
| test $(uname -s) = Linux && chown 70 server.key | |
| docker run -d --name postgres -e POSTGRES_HOST_AUTH_METHOD=trust -v "$(pwd)/server.crt:/var/lib/postgresql/server.crt:ro" -v "$(pwd)/server.key:/var/lib/postgresql/server.key:ro" postgres:12-alpine -c ssl=on -c ssl_cert_file=/var/lib/postgresql/server.crt -c ssl_key_file=/var/lib/postgresql/server.key |