35 Zeilen
1.1 KiB
Plaintext
35 Zeilen
1.1 KiB
Plaintext
#ifndef SOURCE
|
|
#define SOURCE gitea.sebastian-tobie.de/docker/keycloak:latest-orig
|
|
#endif
|
|
FROM SOURCE as builder
|
|
ENV PATH="/opt/keycloak/bin:/usr/bin:/usr/local/bin"
|
|
|
|
ENV KC_HEALTH_ENABLED=false
|
|
ENV KC_DB=postgres
|
|
ENV KC_CACHE_STACK=tcp
|
|
ENV KC_HTTPS_CLIENT_AUTH=request
|
|
ENV KC_FEATURES=dynamic-scopes,recovery-codes,preview
|
|
ENV KC_DB_URL=postgresql://postgres.services.tobie:5432/keycloak
|
|
RUN kc.sh build
|
|
|
|
FROM SOURCE
|
|
ENV PATH="/opt/keycloak/bin:/usr/bin:/usr/local/bin"
|
|
|
|
COPY --from=builder /opt/keycloak/ /opt/keycloak/
|
|
|
|
WORKDIR /opt/keycloak
|
|
ENV KC_HOSTNAME_ADMIN_URL="https://admin.sso.sebastian-tobie.de"
|
|
ENV KC_HOSTNAME_URL="https://sso.sebastian-tobie.de"
|
|
ENV KC_DB_USERNAME=keycloak
|
|
ENV KC_DB_PASSWORD=changeme
|
|
ENV KC_DB_URL=postgresql://postgres.services.tobie:5432/keycloak
|
|
|
|
ENV KEYCLOAK_ADMIN="admin"
|
|
ENV KEYCLOAK_ADMIN_PASSWORD="admin"
|
|
EXPOSE 8080
|
|
COPY --chown=root:root tobie-ca.crt /etc/pki/ca-trust/source/anchors/tobie-ca.crt
|
|
USER root
|
|
RUN update-ca-trust
|
|
USER keycloak
|
|
ENTRYPOINT ["kc.sh", "start", "--optimized", "--http-enabled", "true", "--proxy", "edge", "--log-console-format", "'%-5p [%c] (%t) %s%e%n'", "--hostname-strict-backchannel=true"]
|