modified: serv_nginx/nginx/Dockerfile
revert nginx Dockerfile to ald version without keycloak settings
This commit is contained in:
+21
-33
@@ -1,40 +1,28 @@
|
||||
FROM quay.io/keycloak/keycloak:22.0.0 as builder
|
||||
FROM nginx:alpine
|
||||
|
||||
# Enable health and metrics support
|
||||
ENV KC_HEALTH_ENABLED=true
|
||||
ENV KC_METRICS_ENABLED=true
|
||||
# Установка зависимостей
|
||||
RUN apk add --no-cache bash openssl
|
||||
|
||||
# Configure a database vendor
|
||||
ENV KC_DB=postgres
|
||||
# Создание директории для сертификатов
|
||||
RUN mkdir -p /etc/nginx/ssl
|
||||
|
||||
WORKDIR /opt/keycloak
|
||||
# Генерация самоподписанных сертификатов (действительны 365 дней)
|
||||
RUN openssl req -x509 -nodes -days 365 \
|
||||
-newkey rsa:2048 \
|
||||
-keyout /etc/nginx/ssl/dummy.key \
|
||||
-out /etc/nginx/ssl/dummy.crt \
|
||||
-subj "/C=US/ST=State/L=City/O=Organization/CN=localhost"
|
||||
|
||||
# For demonstration purposes, please consider using proper certificates in production instead
|
||||
RUN keytool -genkeypair -storepass password -storetype PKCS12 -keyalg RSA -keysize 2048 -dname "CN=server" -alias server -ext "SAN:c=DNS:localhost,IP:127.0.0.1" -keystore conf/server.keystore
|
||||
# Копируем обе конфигурации
|
||||
COPY nginx-http.conf /etc/nginx/nginx-http.conf
|
||||
COPY nginx-ssl.conf /etc/nginx/nginx-ssl.conf
|
||||
|
||||
RUN /opt/keycloak/bin/kc.sh build
|
||||
# Создаем симлинк по умолчанию на HTTP конфиг
|
||||
RUN ln -sf /etc/nginx/nginx-http.conf /etc/nginx/conf.d/default.conf
|
||||
|
||||
FROM quay.io/keycloak/keycloak:22.0.0
|
||||
COPY --from=builder /opt/keycloak/ /opt/keycloak/
|
||||
# Скрипт для проверки сертификатов и переключения конфига
|
||||
COPY switch-config.sh /docker-entrypoint.d/switch-config.sh
|
||||
RUN chmod +x /docker-entrypoint.d/switch-config.sh
|
||||
|
||||
# Change these values to point to a running postgres instance
|
||||
ENV KC_DB=postgres
|
||||
ENV KC_DB_URL_HOST=keycloak-db
|
||||
ENV KC_DB_URL_PORT=5432
|
||||
ENV KC_DB_URL_DATABASE=keycloak
|
||||
ENV KC_DB_USERNAME=keycloak
|
||||
ENV KC_DB_PASSWORD=keycloak
|
||||
|
||||
ENV KC_HOSTNAME=yalarba.ru
|
||||
ENV KC_HOSTNAME_STRICT=true
|
||||
ENV KC_HOSTNAME_STRICT_HTTPS=true
|
||||
ENV KC_HOSTNAME_PATH=/auth
|
||||
ENV KC_HTTP_ENABLED=true
|
||||
ENV KC_HTTP_PORT=8080
|
||||
ENV KC_HTTP_RELATIVE_PATH=/auth
|
||||
ENV KC_PROXY=edge
|
||||
|
||||
ENV KEYCLOAK_ADMIN=admin
|
||||
ENV KEYCLOAK_ADMIN_PASSWORD=admin
|
||||
|
||||
ENTRYPOINT ["/opt/keycloak/bin/kc.sh"]
|
||||
# Создаем необходимые директории
|
||||
RUN mkdir -p /var/www/certbot
|
||||
Reference in New Issue
Block a user