ansible/roles/docker/templates/compose-files/keycloak.yml.j2

# vim: ft=yaml.docker-compose
version: "3.8"

services:
  db:
    image: postgres:{{ services.keycloak.postgres_version }}
    restart: unless-stopped
    volumes:
      - "./data:/var/lib/postgresql/data"
    environment:
      POSTGRES_USER: keycloak
      POSTGRES_PASSWORD: "{{ postgres_passwords.keycloak }}"
      POSTGRES_DB: keycloak

  app:
    image: quay.io/keycloak/keycloak:{{ services.keycloak.version }}
    restart: unless-stopped
    networks:
      - default
      - postfix
      - external_services
    command:
      - "start"
      - "--db=postgres"
      - "--db-url=jdbc:postgresql://db:5432/keycloak"
      - "--db-username=keycloak"
      - "--db-password={{ postgres_passwords.keycloak }}"
      - "--hostname={{ services.keycloak.domain }}"
      - "--proxy=edge"
      - "--https-port=8080"
      - "--http-relative-path=/auth"
    environment:
      VIRTUAL_HOST: "{{ services.keycloak.domain }}"
      VIRTUAL_PORT: "8080"
      LETSENCRYPT_HOST: "{{ services.keycloak.domain }}"
      LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"

networks:
  postfix:
    external: true
  external_services:
    external: true
Move compose files into templates and upload them to the host 2023-09-30 14:25:06 +00:00			`# vim: ft=yaml.docker-compose`
			`version: "3.8"`

			`services:`
			`db:`
			`image: postgres:{{ services.keycloak.postgres_version }}`
			`restart: unless-stopped`
			`volumes:`
			`- "./data:/var/lib/postgresql/data"`
			`environment:`
			`POSTGRES_USER: keycloak`
			`POSTGRES_PASSWORD: "{{ postgres_passwords.keycloak }}"`
			`POSTGRES_DB: keycloak`

			`app:`
			`image: quay.io/keycloak/keycloak:{{ services.keycloak.version }}`
			`restart: unless-stopped`
			`networks:`
			`- default`
			`- postfix`
			`- external_services`
			`command:`
			`- "start"`
			`- "--db=postgres"`
			`- "--db-url=jdbc:postgresql://db:5432/keycloak"`
			`- "--db-username=keycloak"`
			`- "--db-password={{ postgres_passwords.keycloak }}"`
			`- "--hostname={{ services.keycloak.domain }}"`
			`- "--proxy=edge"`
			`- "--https-port=8080"`
			`- "--http-relative-path=/auth"`
			`environment:`
			`VIRTUAL_HOST: "{{ services.keycloak.domain }}"`
			`VIRTUAL_PORT: "8080"`
			`LETSENCRYPT_HOST: "{{ services.keycloak.domain }}"`
			`LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"`

			`networks:`
			`postfix:`
			`external: true`
			`external_services:`
			`external: true`