forked from data.coop/ansible
51 lines
1.6 KiB
YAML
51 lines
1.6 KiB
YAML
# vim: ft=yaml.ansible
|
|
---
|
|
- name: setup keycloak containers for sso.data.coop
|
|
docker_compose:
|
|
project_name: "keycloak"
|
|
pull: "yes"
|
|
definition:
|
|
version: "3.6"
|
|
services:
|
|
postgres:
|
|
image: "postgres:{{ services.keycloak.postgres_version }}"
|
|
restart: "unless-stopped"
|
|
networks:
|
|
- "keycloak"
|
|
volumes:
|
|
- "{{ services.keycloak.volume_folder }}/data:/var/lib/postgresql/data"
|
|
environment:
|
|
POSTGRES_USER: "keycloak"
|
|
POSTGRES_PASSWORD: "{{ postgres_passwords.keycloak }}"
|
|
POSTGRES_DB: "keycloak"
|
|
|
|
app:
|
|
image: "quay.io/keycloak/keycloak:{{ services.keycloak.version }}"
|
|
restart: "unless-stopped"
|
|
networks:
|
|
- "keycloak"
|
|
- "postfix"
|
|
- "external_services"
|
|
command:
|
|
- "start"
|
|
- "--db=postgres"
|
|
- "--db-url=jdbc:postgresql://postgres:5432/keycloak"
|
|
- "--db-username=keycloak"
|
|
- "--db-password={{ postgres_passwords.keycloak }}"
|
|
- "--hostname={{ services.keycloak.domain }}"
|
|
- "--proxy=edge"
|
|
- "--https-port=8080"
|
|
- "--http-relative-path=/auth"
|
|
environment:
|
|
VIRTUAL_HOST: "{{ services.keycloak.domain }}"
|
|
VIRTUAL_PORT: "8080"
|
|
LETSENCRYPT_HOST: "{{ services.keycloak.domain }}"
|
|
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
|
|
|
|
networks:
|
|
keycloak:
|
|
postfix:
|
|
external: true
|
|
external_services:
|
|
external: true
|