From dc2a6ec866719619ebfed1845cd463b5df1916dd Mon Sep 17 00:00:00 2001 From: valitovgaziz Date: Tue, 21 Oct 2025 23:10:15 +0500 Subject: [PATCH] modified: serv_nginx/nginx/Dockerfile revert nginx Dockerfile to ald version without keycloak settings --- serv_nginx/nginx/Dockerfile | 54 +++++++++++++++---------------------- 1 file changed, 21 insertions(+), 33 deletions(-) diff --git a/serv_nginx/nginx/Dockerfile b/serv_nginx/nginx/Dockerfile index f5c0067..debd912 100644 --- a/serv_nginx/nginx/Dockerfile +++ b/serv_nginx/nginx/Dockerfile @@ -1,40 +1,28 @@ -FROM quay.io/keycloak/keycloak:22.0.0 as builder +FROM nginx:alpine -# Enable health and metrics support -ENV KC_HEALTH_ENABLED=true -ENV KC_METRICS_ENABLED=true +# Установка зависимостей +RUN apk add --no-cache bash openssl -# Configure a database vendor -ENV KC_DB=postgres +# Создание директории для сертификатов +RUN mkdir -p /etc/nginx/ssl -WORKDIR /opt/keycloak +# Генерация самоподписанных сертификатов (действительны 365 дней) +RUN openssl req -x509 -nodes -days 365 \ + -newkey rsa:2048 \ + -keyout /etc/nginx/ssl/dummy.key \ + -out /etc/nginx/ssl/dummy.crt \ + -subj "/C=US/ST=State/L=City/O=Organization/CN=localhost" -# For demonstration purposes, please consider using proper certificates in production instead -RUN keytool -genkeypair -storepass password -storetype PKCS12 -keyalg RSA -keysize 2048 -dname "CN=server" -alias server -ext "SAN:c=DNS:localhost,IP:127.0.0.1" -keystore conf/server.keystore +# Копируем обе конфигурации +COPY nginx-http.conf /etc/nginx/nginx-http.conf +COPY nginx-ssl.conf /etc/nginx/nginx-ssl.conf -RUN /opt/keycloak/bin/kc.sh build +# Создаем симлинк по умолчанию на HTTP конфиг +RUN ln -sf /etc/nginx/nginx-http.conf /etc/nginx/conf.d/default.conf -FROM quay.io/keycloak/keycloak:22.0.0 -COPY --from=builder /opt/keycloak/ /opt/keycloak/ +# Скрипт для проверки сертификатов и переключения конфига +COPY switch-config.sh /docker-entrypoint.d/switch-config.sh +RUN chmod +x /docker-entrypoint.d/switch-config.sh -# Change these values to point to a running postgres instance -ENV KC_DB=postgres -ENV KC_DB_URL_HOST=keycloak-db -ENV KC_DB_URL_PORT=5432 -ENV KC_DB_URL_DATABASE=keycloak -ENV KC_DB_USERNAME=keycloak -ENV KC_DB_PASSWORD=keycloak - -ENV KC_HOSTNAME=yalarba.ru -ENV KC_HOSTNAME_STRICT=true -ENV KC_HOSTNAME_STRICT_HTTPS=true -ENV KC_HOSTNAME_PATH=/auth -ENV KC_HTTP_ENABLED=true -ENV KC_HTTP_PORT=8080 -ENV KC_HTTP_RELATIVE_PATH=/auth -ENV KC_PROXY=edge - -ENV KEYCLOAK_ADMIN=admin -ENV KEYCLOAK_ADMIN_PASSWORD=admin - -ENTRYPOINT ["/opt/keycloak/bin/kc.sh"] \ No newline at end of file +# Создаем необходимые директории +RUN mkdir -p /var/www/certbot \ No newline at end of file