valitovgaziz/tp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

22062025 7 51 50 early morning

Browse Source
This commit is contained in:
Газиз Валитов
2025-06-23 05:50:57 +03:00
parent b6dc0a0ef7
commit 01eff2d54a
4 changed files with 49 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docker-compose.yaml
+22 -13
View File
@@ -104,26 +104,35 @@ services:
restart: unless-stopped restart: unless-stopped
keycloak: keycloak:
image: quay.io/keycloak/keycloak:latest build:
context: ./keycloak
dockerfile: Dockerfile
container_name: keycloak container_name: keycloak
ports: ports:
- "8080:8080" - "8080:8080"
profiles: profiles:
- prod - prod
- dev - dev
- kk
environment: environment:
KEYCLOAK_ADMIN: admin KEYCLOAK_USER: admin
KEYCLOAK_ADMIN_PASSWORD: admin KEYCLOAK_PASSWORD: admi
KC_HOSTNAME: localhost KC_DB: postgres
DB_VENDOR: postgres KC_DB_URL: jdbc:postgresql://kk_db:5432/keycloak
DB_ADDR: kk_db # Имя сервиса PostgreSQL KC_DB_USERNAME: postgres
DB_DATABASE: keycloak KC_DB_PASSWORD: postgres
DB_USER: postgres KEYCLOAK_FRONTEND_URL: https://yalarba.ru/auth
DB_PASSWORD: postgres PROXY_ADDRESS_FORWARDING: "true"
KC_HTTP_ENABLED: "true" KEYCLOAK_LOGLEVEL: INFO
command: start-dev KEYCLOAK_HTTPS_PORT: 8443
depends_on: KEYCLOAK_HTTP_PORT: 8080
- kk_db KEYCLOAK_HTTP_PROXY: true
KEYCLOAK_HTTPS_REDIRECT: false
KC_HOSTNAME_STRICT: "false"
KC_PROXY: edge
KC_HOSTNAME: yalarba.ru
KC_HTTP_RELATIVE_PATH: /auth
command: start --optimized
networks: networks:
- internal - internal
keycloak/Dockerfile
+17
View File
@@ -0,0 +1,17 @@
FROM quay.io/keycloak/keycloak:latest AS builder
# Enable health and metrics support
ENV KC_HEALTH_ENABLED=true
ENV KC_METRICS_ENABLED=true
# Configure a database vendor
ENV KC_DB=postgres
WORKDIR /opt/keycloak
RUN /opt/keycloak/bin/kc.sh build
FROM quay.io/keycloak/keycloak:latest
COPY --from=builder /opt/keycloak/ /opt/keycloak/
ENTRYPOINT ["/opt/keycloak/bin/kc.sh"]
keycloak/start.sh
Executable
+5
View File
@@ -0,0 +1,5 @@
#!/bin/sh
set -e
# Применяем начальную загрузку и устанавливаем необходимые переменные
/opt/keycloak/bin/kc.sh build && /opt/keycloak/bin/kc.sh start
nginx/nginx-ssl.conf
+5 -5
View File
@@ -23,16 +23,16 @@ server {
index index.html; index index.html;
} }
location /auth/ { location /auth {
proxy_pass http://keycloak:8080/; # Имя сервиса из docker-compose proxy_pass http://keycloak:8080/;
proxy_set_header Host $host; proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;
# Важно для Keycloak
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Port $server_port; proxy_set_header X-Forwarded-Port $server_port;
proxy_connect_timeout 600;
proxy_send_timeout 600;
proxy_read_timeout 600;
} }
} }