- name: setup keycloak containers for sso.data.coop
  docker_compose:
    project_name: "keycloak"
    pull: "yes"
    definition:
      version: "3.6"
      services:

        postgres:
          image: "postgres:10"
          restart: "unless-stopped"
          networks:
            - "keycloak"
          volumes:
            - "{{ services.keycloak.volume_folder }}/data:/var/lib/postgresql/data"
          environment:
            POSTGRES_USER: "keycloak"
            POSTGRES_PASSWORD: "{{ postgres_passwords.keycloak }}"
            POSTGRES_DB: "keycloak"

        app:
          image: "quay.io/keycloak/keycloak:{{ services.keycloak.version }}"
          restart: "unless-stopped"
          networks:
            - "keycloak"
            - "postfix"
            - "external_services"
          command: "start --db=postgres --db-url=jdbc:postgresql://postgres:5432/keycloak --db-username=keycloak --db-password={{ postgres_passwords.keycloak }} --hostname={{ services.keycloak.domain }} --proxy=edge --https-port=8080 --http-relative-path=/auth"
          environment:
            VIRTUAL_HOST: "{{ services.keycloak.domain }}"
            VIRTUAL_PORT: "8080"
            LETSENCRYPT_HOST: "{{ services.keycloak.domain }}"
            LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"

      networks:
        keycloak:
        postfix:
          external: true
        external_services:
          external: true