From 8ba9ce6ae188f40ebfe363e5b57c9026a1e5292c Mon Sep 17 00:00:00 2001 From: valitovgaziz Date: Tue, 21 Oct 2025 05:24:48 +0500 Subject: [PATCH] modified: serv_nginx/docker-compose.yml new file: serv_nginx/keycloak/Dockerfile modified: serv_nginx/keycloak/keycloak.conf fix keycloak --- serv_nginx/docker-compose.yml | 13 +++++------ serv_nginx/keycloak/Dockerfile | 30 ++++++++++++++++++++++++++ serv_nginx/keycloak/keycloak.conf | 36 ++++++++++++++++++------------- 3 files changed, 56 insertions(+), 23 deletions(-) create mode 100644 serv_nginx/keycloak/Dockerfile diff --git a/serv_nginx/docker-compose.yml b/serv_nginx/docker-compose.yml index 6d2849d..f9c89b7 100644 --- a/serv_nginx/docker-compose.yml +++ b/serv_nginx/docker-compose.yml @@ -156,10 +156,12 @@ services: interval: 5s timeout: 10s retries: 5 - + keycloak: - image: quay.io/keycloak/keycloak:22.0.0 + build: + context: ./keycloak + dockerfile: Dockerfile container_name: keycloak restart: unless-stopped environment: @@ -168,23 +170,18 @@ services: KC_DB_PASSWORD: ${KEYCLOAK_DB_PASSWORD:-keycloak} volumes: - keycloak_data:/opt/keycloak/data - - ./keycloak/keycloak.conf:/opt/keycloak/conf/keycloak.conf networks: - keycloak-network - internal depends_on: keycloak-db: condition: service_healthy - command: - - start - - --optimized + # Команда теперь указана в Dockerfile keycloak-db: image: postgres:15-alpine container_name: keycloak-db restart: unless-stopped - ports: - - "5434:5432" environment: POSTGRES_DB: keycloak POSTGRES_USER: keycloak diff --git a/serv_nginx/keycloak/Dockerfile b/serv_nginx/keycloak/Dockerfile new file mode 100644 index 0000000..2350251 --- /dev/null +++ b/serv_nginx/keycloak/Dockerfile @@ -0,0 +1,30 @@ +FROM quay.io/keycloak/keycloak:22.0.0 as builder + +# Устанавливаем рабочую директорию +WORKDIR /opt/keycloak + +# Копируем конфигурационный файл +COPY keycloak.conf /opt/keycloak/conf/keycloak.conf + +# Собираем Keycloak в optimized режиме с PostgreSQL +RUN /opt/keycloak/bin/kc.sh build --db=postgres + +FROM quay.io/keycloak/keycloak:22.0.0 + +# Копируем собранную конфигурацию из builder stage +COPY --from=builder /opt/keycloak/ /opt/keycloak/ + +# Устанавливаем рабочую директорию +WORKDIR /opt/keycloak + +# Копируем финальный конфигурационный файл +COPY keycloak.conf /opt/keycloak/conf/keycloak.conf + +# Меняем владельца файлов +USER root +RUN chown -R keycloak:keycloak /opt/keycloak +USER keycloak + +# Команда для запуска в optimized режиме +ENTRYPOINT ["/opt/keycloak/bin/kc.sh"] +CMD ["start", "--optimized"] \ No newline at end of file diff --git a/serv_nginx/keycloak/keycloak.conf b/serv_nginx/keycloak/keycloak.conf index 633019a..877a804 100644 --- a/serv_nginx/keycloak/keycloak.conf +++ b/serv_nginx/keycloak/keycloak.conf @@ -1,21 +1,27 @@ # Database db=postgres -db-url=jdbc:postgresql://keycloak-db:5432/keycloak +db-url-host=keycloak-db +db-url-port=5432 +db-url-database=keycloak db-username=keycloak -db-password=${KEYCLOAK_DB_PASSWORD} +db-password=${KC_DB_PASSWORD} -# Hostname -hostname=auth.yalarba.ru -hostname-strict=true -hostname-strict-https=true -http-enabled=false -proxy=edge - -# Admin -admin=admin +# Admin credentials +admin-url=http://localhost:8080 +admin-username=${KEYCLOAK_ADMIN} admin-password=${KEYCLOAK_ADMIN_PASSWORD} -# Features -health-enabled=true -metrics-enabled=true -log-level=INFO \ No newline at end of file +# HTTP +http-enabled=true +http-port=8080 +http-relative-path=/ + +# Hostname +hostname-strict=false +hostname-strict-https=false + +# Proxy settings (если используете nginx) +proxy=edge + +# Health +health-enabled=true \ No newline at end of file