57 lines
1.9 KiB
YAML
57 lines
1.9 KiB
YAML
oauthkeycloakdb:
|
|
image: docker.io/library/postgres:16-alpine
|
|
container_name: oauthkeycloakdb
|
|
environment:
|
|
POSTGRES_DB: keycloak
|
|
POSTGRES_USER: keycloak
|
|
POSTGRES_PASSWORD: password
|
|
volumes:
|
|
- ./docker/blocks/auth/jwt_proxy/cloak.sql:/docker-entrypoint-initdb.d/cloak.sql
|
|
restart: unless-stopped
|
|
|
|
oauthkeycloak:
|
|
image: quay.io/keycloak/keycloak:23.0
|
|
container_name: oauthkeycloak
|
|
command: start-dev
|
|
environment:
|
|
KC_DB: postgres
|
|
KC_DB_URL: jdbc:postgresql://oauthkeycloakdb/keycloak
|
|
KC_DB_USERNAME: keycloak
|
|
KC_DB_PASSWORD: password
|
|
KEYCLOAK_ADMIN: admin
|
|
KEYCLOAK_ADMIN_PASSWORD: admin
|
|
PROXY_ADDRESS_FORWARDING: "true"
|
|
ports:
|
|
- 8087:8080
|
|
depends_on:
|
|
- oauthkeycloakdb
|
|
links:
|
|
- "oauthkeycloakdb:oauthkeycloakdb"
|
|
restart: unless-stopped
|
|
|
|
oauthproxy:
|
|
image: docker.io/bitnami/oauth2-proxy:7.4.0
|
|
container_name: oauthproxy
|
|
command: [
|
|
"--cookie-secret=yI-CWT5s4sBR2Zd0DDJJlTYc0aQ3jwGH15jYA18ZAQA=",
|
|
"--upstream=http://env.grafana.local:3000",
|
|
"--provider=keycloak",
|
|
"--client-id=grafana-oauth",
|
|
"--client-secret=d17b9ea9-bcb1-43d2-b132-d339e55872a8",
|
|
"--login-url=http://env.grafana.local:8087/realms/grafana/protocol/openid-connect/auth",
|
|
"--redeem-url=http://env.grafana.local:8087/realms/grafana/protocol/openid-connect/token",
|
|
"--profile-url=http://env.grafana.local:8087/realms/grafana/protocol/openid-connect/userinfo",
|
|
"--validate-url=http://env.grafana.local:8087/realms/grafana/protocol/openid-connect/userinfo",
|
|
"--cookie-secure=false",
|
|
"--http-address=0.0.0.0:8088",
|
|
"--redirect-url=http://env.grafana.local:8088/oauth2/callback",
|
|
"--pass-access-token=true",
|
|
"--email-domain=*",
|
|
]
|
|
depends_on:
|
|
- oauthkeycloak
|
|
extra_hosts:
|
|
- "env.grafana.local:host-gateway"
|
|
ports:
|
|
- 8088:8088
|
|
restart: unless-stopped |