1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
|
captainVersion: 4
services:
$$cap_appname-db:
image: postgres:$$cap_postgres_version
volumes:
- $$cap_appname-db-data:/var/lib/postgresql/data
restart: always
environment:
POSTGRES_USER: keycloak
POSTGRES_PASSWORD: $$cap_pg_pass
POSTGRES_DB: keycloak
caproverExtra:
notExposeAsWebApp: 'true'
$$cap_appname:
depends_on:
- $$cap_appname-db
restart: always
environment:
KEYCLOAK_ADMIN: $$cap_keycloak_admin
KEYCLOAK_ADMIN_PASSWORD: $$cap_keycloak_password
KC_DB_PASSWORD: $$cap_pg_pass
caproverExtra:
containerHttpPort: '8080'
dockerfileLines:
- FROM quay.io/keycloak/keycloak:$$cap_keycloak_version as builder
- ENV KC_HEALTH_ENABLED=true
- ENV KC_METRICS_ENABLED=false
- ENV KC_FEATURES=token-exchange,recovery-codes
- ENV KC_DB=postgres
- RUN /opt/keycloak/bin/kc.sh build
- FROM quay.io/keycloak/keycloak:$$cap_keycloak_version
- COPY --from=builder /opt/keycloak/ /opt/keycloak/
- WORKDIR /opt/keycloak
- ENV KC_DB_URL=jdbc:postgresql://srv-captain--$$cap_appname-db/keycloak
- ENV KC_DB_USERNAME=keycloak
- ENV KC_DB_PASSWORD=$$cap_pg_pass
- ENV KC_HOSTNAME=$$cap_appname.$$cap_root_domain
- ENTRYPOINT ["/opt/keycloak/bin/kc.sh", "start", "--optimized", "--proxy=edge"]
caproverOneClickApp:
variables:
- id: $$cap_postgres_version
label: Postgres Version
defaultValue: '15'
description: Check out Keycloak DB page for any valid major tested https://www.keycloak.org/server/db
validRegex: /^([^\s^\/])+$/
- id: $$cap_keycloak_version
label: Keycloak Version
defaultValue: '23.0.1'
description: v23.0.1 current as of 2023-12-06. Check out Keycloak Docker page for the valid tags https://quay.io/repository/keycloak/keycloak?tab=tags
validRegex: /^([^\s^\/])+$/
- id: $$cap_pg_pass
label: Postgres Password
description: 'App-to-app database credential. 12-20 characters.'
defaultValue: $$cap_gen_random_hex(20)
validRegex: /.{12,20}/
- id: $$cap_keycloak_admin
label: Keycloak admin user
description: 'Login username for the admin web user.'
defaultValue: 'admin'
validRegex: /.{1,}/
- id: $$cap_keycloak_password
label: Keycloak admin password
description: 'Login password for the admin web user. 12-20 characters.'
defaultValue: $$cap_gen_random_hex(20)
validRegex: /.{12,20}/
instructions:
start: >-
Keycloak is an Open Source Identity and Access Management solution for modern Applications and Services. It makes it easy to secure applications and services with little to no code.
For documentation, see: https://www.keycloak.org/documentation.html
For source code, see: https://github.com/keycloak/keycloak
For docker image, see: https://quay.io/repository/keycloak/keycloak
Enter your Keycloak Configuration parameters and click on next.
end: >
Keycloak is deployed and available as $$cap_appname.
Before starting using Keycloak, you'll need to
- Enable HTTPS
- Force HTTPS by redirecting all HTTP traffic to HTTPS
IMPORTANT: It will take up to 1 minutes for Keycloak to be ready. Before that, you might see 502 error page.
displayName: 'Keycloak'
isOfficial: true
description: Keycloak is an open source identity and access management solution
documentation: Taken from https://github.com/keycloak/keycloak-containers/blob/main/docker-compose-examples/keycloak-postgres.yml
|
