modified: serv_nginx/nginx/Dockerfile
revert nginx Dockerfile to ald version without keycloak settings
This commit is contained in:
+21
-33
@@ -1,40 +1,28 @@
|
|||||||
FROM quay.io/keycloak/keycloak:22.0.0 as builder
|
FROM nginx:alpine
|
||||||
|
|
||||||
# Enable health and metrics support
|
# Установка зависимостей
|
||||||
ENV KC_HEALTH_ENABLED=true
|
RUN apk add --no-cache bash openssl
|
||||||
ENV KC_METRICS_ENABLED=true
|
|
||||||
|
|
||||||
# Configure a database vendor
|
# Создание директории для сертификатов
|
||||||
ENV KC_DB=postgres
|
RUN mkdir -p /etc/nginx/ssl
|
||||||
|
|
||||||
WORKDIR /opt/keycloak
|
# Генерация самоподписанных сертификатов (действительны 365 дней)
|
||||||
|
RUN openssl req -x509 -nodes -days 365 \
|
||||||
|
-newkey rsa:2048 \
|
||||||
|
-keyout /etc/nginx/ssl/dummy.key \
|
||||||
|
-out /etc/nginx/ssl/dummy.crt \
|
||||||
|
-subj "/C=US/ST=State/L=City/O=Organization/CN=localhost"
|
||||||
|
|
||||||
# For demonstration purposes, please consider using proper certificates in production instead
|
# Копируем обе конфигурации
|
||||||
RUN keytool -genkeypair -storepass password -storetype PKCS12 -keyalg RSA -keysize 2048 -dname "CN=server" -alias server -ext "SAN:c=DNS:localhost,IP:127.0.0.1" -keystore conf/server.keystore
|
COPY nginx-http.conf /etc/nginx/nginx-http.conf
|
||||||
|
COPY nginx-ssl.conf /etc/nginx/nginx-ssl.conf
|
||||||
|
|
||||||
RUN /opt/keycloak/bin/kc.sh build
|
# Создаем симлинк по умолчанию на HTTP конфиг
|
||||||
|
RUN ln -sf /etc/nginx/nginx-http.conf /etc/nginx/conf.d/default.conf
|
||||||
|
|
||||||
FROM quay.io/keycloak/keycloak:22.0.0
|
# Скрипт для проверки сертификатов и переключения конфига
|
||||||
COPY --from=builder /opt/keycloak/ /opt/keycloak/
|
COPY switch-config.sh /docker-entrypoint.d/switch-config.sh
|
||||||
|
RUN chmod +x /docker-entrypoint.d/switch-config.sh
|
||||||
|
|
||||||
# Change these values to point to a running postgres instance
|
# Создаем необходимые директории
|
||||||
ENV KC_DB=postgres
|
RUN mkdir -p /var/www/certbot
|
||||||
ENV KC_DB_URL_HOST=keycloak-db
|
|
||||||
ENV KC_DB_URL_PORT=5432
|
|
||||||
ENV KC_DB_URL_DATABASE=keycloak
|
|
||||||
ENV KC_DB_USERNAME=keycloak
|
|
||||||
ENV KC_DB_PASSWORD=keycloak
|
|
||||||
|
|
||||||
ENV KC_HOSTNAME=yalarba.ru
|
|
||||||
ENV KC_HOSTNAME_STRICT=true
|
|
||||||
ENV KC_HOSTNAME_STRICT_HTTPS=true
|
|
||||||
ENV KC_HOSTNAME_PATH=/auth
|
|
||||||
ENV KC_HTTP_ENABLED=true
|
|
||||||
ENV KC_HTTP_PORT=8080
|
|
||||||
ENV KC_HTTP_RELATIVE_PATH=/auth
|
|
||||||
ENV KC_PROXY=edge
|
|
||||||
|
|
||||||
ENV KEYCLOAK_ADMIN=admin
|
|
||||||
ENV KEYCLOAK_ADMIN_PASSWORD=admin
|
|
||||||
|
|
||||||
ENTRYPOINT ["/opt/keycloak/bin/kc.sh"]
|
|
||||||
Reference in New Issue
Block a user