manhhailua/keycloak-stack.yaml

## keycloak-stack.yaml
# Deploy nextcloud in a swarm cluster with https enable
# - traefik is living outside of this stack and in public_proxy network
# - traefik has http and https entrypoints enabled

version: '3.7'

services:
  postgres:
      image: postgres
      volumes:
        - postgres_data:/var/lib/postgresql/data
      environment:
        POSTGRES_DB: keycloak
        POSTGRES_USER: keycloak
        POSTGRES_PASSWORD: password
  server:
    image: jboss/keycloak
    environment:
        DB_VENDOR: POSTGRES
        DB_ADDR: postgres
        DB_DATABASE: keycloak
        DB_USER: keycloak
        DB_SCHEMA: public
        DB_PASSWORD: password
        KEYCLOAK_USER: admin
        KEYCLOAK_PASSWORD: admin
        PROXY_ADDRESS_FORWARDING: 'true'
        # Uncomment the line below if you want to specify JDBC parameters. The parameter below is just an example, and it shouldn't be used in production without knowledge. It is highly recommended that you read the PostgreSQL JDBC driver documentation in order to use it.
        #JDBC_PARAMS: "ssl=true"
    deploy:
      labels:
        - "traefik.enable=true"
        # Routers
        - "traefik.http.routers.keycloak_http_router.entrypoints=http"
        - "traefik.http.routers.keycloak_http_router.middlewares=httpsRedirectScheme"
        - "traefik.http.routers.keycloak_http_router.rule=Host(`keycloak.example.com`)"
        - "traefik.http.routers.keycloak_http_router.service=keycloak_service"
        - "traefik.http.routers.keycloak_https_router.entrypoints=https"
        - "traefik.http.routers.keycloak_https_router.rule=Host(`keycloak.example.com`)"
        - "traefik.http.routers.keycloak_https_router.service=keycloak_service"
        - "traefik.http.routers.keycloak_https_router.tls.certresolver=httpChallenge"
        # Services
        - "traefik.http.services.keycloak_service.loadbalancer.server.port=8080"
    networks:
      - default
      - public_proxy

networks:
  public_proxy:
     external: true

volumes:
  postgres_data:
	# Deploy nextcloud in a swarm cluster with https enable
	# - traefik is living outside of this stack and in public_proxy network
	# - traefik has http and https entrypoints enabled

	version: '3.7'

	services:
	postgres:
	image: postgres
	volumes:
	- postgres_data:/var/lib/postgresql/data
	environment:
	POSTGRES_DB: keycloak
	POSTGRES_USER: keycloak
	POSTGRES_PASSWORD: password
	server:
	image: jboss/keycloak
	environment:
	DB_VENDOR: POSTGRES
	DB_ADDR: postgres
	DB_DATABASE: keycloak
	DB_USER: keycloak
	DB_SCHEMA: public
	DB_PASSWORD: password
	KEYCLOAK_USER: admin
	KEYCLOAK_PASSWORD: admin
	PROXY_ADDRESS_FORWARDING: 'true'
	# Uncomment the line below if you want to specify JDBC parameters. The parameter below is just an example, and it shouldn't be used in production without knowledge. It is highly recommended that you read the PostgreSQL JDBC driver documentation in order to use it.
	#JDBC_PARAMS: "ssl=true"
	deploy:
	labels:
	- "traefik.enable=true"
	# Routers
	- "traefik.http.routers.keycloak_http_router.entrypoints=http"
	- "traefik.http.routers.keycloak_http_router.middlewares=httpsRedirectScheme"
	- "traefik.http.routers.keycloak_http_router.rule=Host(`keycloak.example.com`)"
	- "traefik.http.routers.keycloak_http_router.service=keycloak_service"
	- "traefik.http.routers.keycloak_https_router.entrypoints=https"
	- "traefik.http.routers.keycloak_https_router.rule=Host(`keycloak.example.com`)"
	- "traefik.http.routers.keycloak_https_router.service=keycloak_service"
	- "traefik.http.routers.keycloak_https_router.tls.certresolver=httpChallenge"
	# Services
	- "traefik.http.services.keycloak_service.loadbalancer.server.port=8080"
	networks:
	- default
	- public_proxy

	networks:
	public_proxy:
	external: true

	volumes:
	postgres_data: