This is docker-compose setup for Keycloak server configured with postgres database, with nginx https termination and lightweight mail server.
- openfact/keycloak-postgres
- postgres, 9.5
- nginx configuration for https termination, borrowed from anvilreserach and customized for Keycloak
- mailcatcher
- Clone this repository and run
docker-compose up - In separate shell, run
./add-cert-to-java-truststore.sh. Fix script for your local java setup, idea is to put custom (self-signed) certificate into javacacerts - Add to your
/etc/hostsfile record foridentity.keycloak.tomreferencing127.0.0.1127.0.0.1 identity.keycloak.tom
- To use nignx as docker uncomment the lines of nignx on docker-compose.yml
- For this installation we will use nginx service (cp nginx keyclock.conf to nginx folder)
- default admin account added to Keycloak is:
- Username: admin
- Password: password
- in
standalone.xml(To use the SSL with nignx):- line 410:
<http-listener name="default" socket-binding="http" redirect-socket="https" proxy-address-forwarding="true"/>- This modification tells Keycloak to pull the client’s IP address from the X-Forwarded-For header since it's behind nginx.
- line 410:
cat /etc/os-release:NAME="Ubuntu" VERSION="18.04.5 LTS (Bionic Beaver)" ID=ubuntu ID_LIKE=debian PRETTY_NAME="Ubuntu 18.04.5 LTS" VERSION_ID="18.04" HOME_URL="https://www.ubuntu.com/" SUPPORT_URL="https://help.ubuntu.com/" BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/" PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy" VERSION_CODENAME=bionic UBUNTU_CODENAME=bionicuname -a: Linux ns3077990 4.15.0-154-generic #161-Ubuntu SMP Fri Jul 30 13:04:17 UTC 2021 x86_64 x86_64 x86_64 GNU/Linuxdocker --version: Docker version 20.10.8, build 3967b7ddocker-compose --version: docker-compose version 1.25.4, build 8d51620a