From c0bfefd89f7b8909434762a5a98f0c3693bdbc7d Mon Sep 17 00:00:00 2001
From: Jacob Benz <jacob.benz@h-da.de>
Date: Fri, 17 Jan 2025 11:39:13 +0100
Subject: [PATCH] Offer all necessary services for LW under one exposed port
---
docker-compose-keycloak-firstrun.yml | 6 ++---
docker-compose-keycloak.yml | 10 +++++---
.../nginx_internal_forwarding.conf | 25 +++++++++++++++++++
3 files changed, 35 insertions(+), 6 deletions(-)
create mode 100644 nginx_docker_internal_proxy/nginx_internal_forwarding.conf
diff --git a/docker-compose-keycloak-firstrun.yml b/docker-compose-keycloak-firstrun.yml
index 8e1766b..2e777fb 100644
--- a/docker-compose-keycloak-firstrun.yml
+++ b/docker-compose-keycloak-firstrun.yml
@@ -10,7 +10,7 @@ services:
keycloak-firstrun:
image: adorsys/keycloak-config-cli:latest
environment:
- - KEYCLOAK_URL=http://keycloak:8080/
+ - KEYCLOAK_URL=http://keycloak:8080/keycloak
- KEYCLOAK_USER=tempadmin
- KEYCLOAK_PASSWORD=tempadmin
- KEYCLOAK_AVAILABILITYCHECK_ENABLED=true
@@ -30,7 +30,7 @@ services:
keycloak-secondrun:
image: adorsys/keycloak-config-cli:latest
environment:
- - KEYCLOAK_URL=http://keycloak:8080/
+ - KEYCLOAK_URL=http://keycloak:8080/keycloak
- KEYCLOAK_USER=tempadmin
- KEYCLOAK_PASSWORD=tempadmin
- KEYCLOAK_AVAILABILITYCHECK_ENABLED=true
@@ -53,7 +53,7 @@ services:
keycloak-thirdrun:
image: adorsys/keycloak-config-cli:latest
environment:
- - KEYCLOAK_URL=http://keycloak:8080/
+ - KEYCLOAK_URL=http://keycloak:8080/keycloak
- KEYCLOAK_USER=${keycloak_admin}
- KEYCLOAK_PASSWORD=${keycloak_password}
- KEYCLOAK_AVAILABILITYCHECK_ENABLED=true
diff --git a/docker-compose-keycloak.yml b/docker-compose-keycloak.yml
index 44f6b5d..1f4f557 100644
--- a/docker-compose-keycloak.yml
+++ b/docker-compose-keycloak.yml
@@ -15,11 +15,11 @@ services:
- ./keycloak-data:/var/lib/postgresql/data
networks:
- keycloak-net
+ restart: always
+
keycloak:
image: keycloak/keycloak
command: start
- ports:
- - "8080:8080"
links:
- keycloakdb
depends_on:
@@ -35,12 +35,16 @@ services:
- KC_DB_PASSWORD=postgres
- KC_DB=postgres
- KC_DB_URL=jdbc:postgresql://keycloakdb/keycloak
- - KC_HOSTNAME=localhost
+ - KC_HOSTNAME=${leafwriter_domain}/keycloak
- KC_HOSTNAME_PORT=8080
- KC_HOSTNAME_STRICT_BACKCHANNEL=false
+ - KC_HOSTNAME_STRICT=false
+ - KC_PROXY_HEADERS=xforwarded
+ - KC_HTTP_RELATIVE_PATH=/keycloak
- KC_HTTP_ENABLED=true
- KC_HOSTNAME_STRICT_HTTPS=false
- KC_HEALTH_ENABLED=true
+ restart: always
networks:
keycloak-net:
\ No newline at end of file
diff --git a/nginx_docker_internal_proxy/nginx_internal_forwarding.conf b/nginx_docker_internal_proxy/nginx_internal_forwarding.conf
new file mode 100644
index 0000000..0626d89
--- /dev/null
+++ b/nginx_docker_internal_proxy/nginx_internal_forwarding.conf
@@ -0,0 +1,25 @@
+server {
+
+ server_name localhost;
+ listen 3000;
+ listen [::]:3000;
+
+
+ location /keycloak {
+ proxy_pass http://keycloak:8080;
+ proxy_pass_request_headers on;
+ }
+
+ location /auth-api {
+ rewrite /auth-api/(.*) /$1 break;
+ proxy_pass http://auth-api:3000;
+ proxy_pass_request_headers on;
+ }
+
+ location / {
+ proxy_pass http://leafwriter:3000;
+ proxy_pass_request_headers on;
+ }
+
+}
+
--
GitLab