env/keycloak/docker-compose.yaml

version: '3'

volumes:
  mysql_data:
      driver: local

services:
  mysql:
      image: mysql:5.7
      restart: always
      volumes:
        - ../data/keycloak/database:/var/lib/mysql
      environment:
        MYSQL_ROOT_PASSWORD: root
        MYSQL_DATABASE: keycloak
        MYSQL_USER: keycloak
        MYSQL_PASSWORD: password

  keycloak:
      image: quay.io/keycloak/keycloak:18.0.0
      restart: always
      entrypoint: /opt/keycloak/bin/kc.sh start --hostname="$${KEYCLOAK_HOSTNAME}" --proxy=edge
      user: "0:0" # otherwise the persistent data directory is not writable
      env_file:
        - ../env.production
        - env.production
        - ../data/keycloak/env.secrets
      environment:
        DB_VENDOR: MYSQL
        DB_ADDR: mysql
        DB_DATABASE: keycloak
        DB_USER: keycloak
        DB_PASSWORD: password
        KEYCLOAK_ADMIN: admin
        # KEYCLOAK_ADMIN_PASSWORD should be set in env.secrets
        PROXY_ADDRESS_FORWARDING: 'true'
      volumes:
        - ../data/keycloak/certs:/etc/x509/https
        - ../data/keycloak/keycloak:/opt/keycloak/data
      ports:
        - 8080:8080
      depends_on:
        - mysql
keycloak and hedgedoc initial state 3 years ago			`version: '3'`

			`volumes:`
			`mysql_data:`
			`driver: local`

			`services:`
			`mysql:`
			`image: mysql:5.7`
restart: always 3 years ago			`restart: always`
keycloak and hedgedoc initial state 3 years ago			`volumes:`
data: relocate all data volumes to separate directory 3 years ago			`- ../data/keycloak/database:/var/lib/mysql`
keycloak and hedgedoc initial state 3 years ago			`environment:`
			`MYSQL_ROOT_PASSWORD: root`
			`MYSQL_DATABASE: keycloak`
			`MYSQL_USER: keycloak`
			`MYSQL_PASSWORD: password`
keycloak: make data local 3 years ago
keycloak and hedgedoc initial state 3 years ago			`keycloak:`
			`image: quay.io/keycloak/keycloak:18.0.0`
restart: always 3 years ago			`restart: always`
nginx renewal fixes, oauth mastodon setup, secret restructure, etc 3 years ago			`entrypoint: /opt/keycloak/bin/kc.sh start --hostname="$${KEYCLOAK_HOSTNAME}" --proxy=edge`
			`user: "0:0" # otherwise the persistent data directory is not writable`
overhaul the env.production files, add more nginx wrappers, split things into setup scripts 3 years ago			`env_file:`
			`- ../env.production`
			`- env.production`
move env.secrets into data/ subdir 3 years ago			`- ../data/keycloak/env.secrets`
keycloak and hedgedoc initial state 3 years ago			`environment:`
			`DB_VENDOR: MYSQL`
			`DB_ADDR: mysql`
			`DB_DATABASE: keycloak`
			`DB_USER: keycloak`
			`DB_PASSWORD: password`
			`KEYCLOAK_ADMIN: admin`
nginx renewal fixes, oauth mastodon setup, secret restructure, etc 3 years ago			`# KEYCLOAK_ADMIN_PASSWORD should be set in env.secrets`
overhaul the env.production files, add more nginx wrappers, split things into setup scripts 3 years ago			`PROXY_ADDRESS_FORWARDING: 'true'`
keycloak and hedgedoc initial state 3 years ago			`volumes:`
data: relocate all data volumes to separate directory 3 years ago			`- ../data/keycloak/certs:/etc/x509/https`
			`- ../data/keycloak/keycloak:/opt/keycloak/data`
keycloak and hedgedoc initial state 3 years ago			`ports:`
			`- 8080:8080`
			`depends_on:`
			`- mysql`