# vim: ft=yaml.docker-compose
version: "3.8"

services:
  db:
    image: postgres:{{ services.keycloak.postgres_version }}
    restart: unless-stopped
    volumes:
      - "./data:/var/lib/postgresql/data"
    environment:
      POSTGRES_USER: keycloak
      POSTGRES_PASSWORD: "{{ postgres_passwords.keycloak }}"
      POSTGRES_DB: keycloak

  app:
    image: quay.io/keycloak/keycloak:{{ services.keycloak.version }}
    restart: unless-stopped
    networks:
      - default
      - postfix
      - external_services
    command:
      - "start"
      - "--db=postgres"
      - "--db-url=jdbc:postgresql://db:5432/keycloak"
      - "--db-username=keycloak"
      - "--db-password={{ postgres_passwords.keycloak }}"
      - "--hostname={{ services.keycloak.domain }}"
      - "--proxy=edge"
      - "--https-port=8080"
      - "--http-relative-path=/auth"
    environment:
      VIRTUAL_HOST: "{{ services.keycloak.domain }}"
      VIRTUAL_PORT: "8080"
      LETSENCRYPT_HOST: "{{ services.keycloak.domain }}"
      LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"

networks:
  postfix:
    external: true
  external_services:
    external: true