-
Notifications
You must be signed in to change notification settings - Fork 16
/
Copy pathdocker-compose.yml
107 lines (100 loc) · 2.5 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
version: '2'
services:
traefik:
image: traefik:v1.7.4-alpine
hostname: traefik.lab.com
environment:
TZ: Asia/Jakarta
ports:
- "80:80"
- "443:443"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
command: >
--logLevel='DEBUG'
--api.dashboard=true
--InsecureSkipVerify=true
--entryPoints='Name:http Address::80 Redirect.EntryPoint:https'
--entryPoints='Name:https Address::443 TLS'
--defaultentrypoints='http,https'
--docker
--docker.exposedbydefault=true
--docker.watch=true
--docker.swarmmode=false
--docker.endpoint='unix:///var/run/docker.sock'
networks:
auth_net:
service_net:
labels:
traefik.enable: true
keycloak_db:
image: postgres:11.2-alpine
environment:
- POSTGRES_DB=keycloak
- POSTGRES_USER=keycloak
- POSTGRES_PASSWORD=password
- POSTGRES_ROOT_PASSWORD=password
networks:
auth_net:
ports:
- "5432:5432"
volumes:
- keycloak_db_data_vol:/var/lib/postgresql/data
labels:
- "traefik.enable=false"
keycloak:
image: jboss/keycloak:7.0.1
hostname: keycloak
environment:
- DB_VENDOR=POSTGRES
- DB_ADDR=keycloak_db
- DB_DATABASE=keycloak
- DB_PORT=5432
- DB_USER=keycloak
- DB_SCHEMA=public
- DB_PASSWORD=password
- PROXY_ADDRESS_FORWARDING=true
- KEYCLOAK_LOGLEVEL=INFO
- KEYCLOAK_USER=admin
- KEYCLOAK_PASSWORD=password
networks:
auth_net:
depends_on:
- traefik
- keycloak_db
labels:
- traefik.port=8443
- traefik.frontend.rule=Host:auth.lab.com
- traefik.protocol=https
command: ["-b", "0.0.0.0", "-Dkeycloak.profile.feature.docker=enabled"]
keycloak-gatekeeper:
image: keycloak/keycloak-gatekeeper:7.0.0
labels:
- "traefik.port=3000"
- "traefik.frontend.rule=Host:service1.lab.com"
- "traefik.protocol=http"
restart: always
depends_on:
- keycloak
networks:
service_net:
external_links:
- traefik:auth.lab.com
volumes:
- ./keycloak-gatekeeper/keycloak-gatekeeper.conf:/etc/keycloak-gatekeeper.conf
entrypoint:
- /opt/keycloak-gatekeeper
- --config=/etc/keycloak-gatekeeper.conf
service_1:
image: containous/whoami
networks:
service_net:
depends_on:
- traefik
labels:
- "traefik.enable=false"
networks:
service_net:
auth_net:
volumes:
keycloak_db_data_vol: