Skip to content

Instantly share code, notes, and snippets.

@manhhailua
Created December 28, 2019 02:37
Show Gist options
  • Save manhhailua/7b4deed3eca3bce2c55dc2b738d6a705 to your computer and use it in GitHub Desktop.
Save manhhailua/7b4deed3eca3bce2c55dc2b738d6a705 to your computer and use it in GitHub Desktop.
# Deploy nextcloud in a swarm cluster with https enable
# - traefik is living outside of this stack and in public_proxy network
# - traefik has http and https entrypoints enabled
version: '3.7'
services:
postgres:
image: postgres
volumes:
- postgres_data:/var/lib/postgresql/data
environment:
POSTGRES_DB: keycloak
POSTGRES_USER: keycloak
POSTGRES_PASSWORD: password
server:
image: jboss/keycloak
environment:
DB_VENDOR: POSTGRES
DB_ADDR: postgres
DB_DATABASE: keycloak
DB_USER: keycloak
DB_SCHEMA: public
DB_PASSWORD: password
KEYCLOAK_USER: admin
KEYCLOAK_PASSWORD: admin
PROXY_ADDRESS_FORWARDING: 'true'
# Uncomment the line below if you want to specify JDBC parameters. The parameter below is just an example, and it shouldn't be used in production without knowledge. It is highly recommended that you read the PostgreSQL JDBC driver documentation in order to use it.
#JDBC_PARAMS: "ssl=true"
deploy:
labels:
- "traefik.enable=true"
# Routers
- "traefik.http.routers.keycloak_http_router.entrypoints=http"
- "traefik.http.routers.keycloak_http_router.middlewares=httpsRedirectScheme"
- "traefik.http.routers.keycloak_http_router.rule=Host(`keycloak.example.com`)"
- "traefik.http.routers.keycloak_http_router.service=keycloak_service"
- "traefik.http.routers.keycloak_https_router.entrypoints=https"
- "traefik.http.routers.keycloak_https_router.rule=Host(`keycloak.example.com`)"
- "traefik.http.routers.keycloak_https_router.service=keycloak_service"
- "traefik.http.routers.keycloak_https_router.tls.certresolver=httpChallenge"
# Services
- "traefik.http.services.keycloak_service.loadbalancer.server.port=8080"
networks:
- default
- public_proxy
networks:
public_proxy:
external: true
volumes:
postgres_data:
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment