-
Notifications
You must be signed in to change notification settings - Fork 9
/
auth.yml
44 lines (44 loc) · 1.43 KB
/
auth.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
version: '3.9'
networks:
intranet:
external: true
volumes:
keycloakdata:
name: keycloakdata
services:
keycloak:
image: jboss/keycloak
container_name: keycloak
restart: always
networks:
- intranet
volumes:
- keycloakdata:/opt/jboss/keycloak/standalone/data
environment:
DB_VENDOR: h2
KEYCLOAK_USER: admin
KEYCLOAK_PASSWORD: password
PROXY_ADDRESS_FORWARDING: "true"
labels:
- "traefik.enable=true"
- "traefik.http.routers.keycloak.rule=Host(`auth.example.com`)"
- "traefik.http.routers.keycloak.tls=true"
- "traefik.http.routers.keycloak.tls.certresolver=leresolver"
traefik-forward-auth:
image: thomseddon/traefik-forward-auth
container_name: traefik-forward-auth
restart: always
networks:
- intranet
environment:
- DEFAULT_PROVIDER=oidc
- PROVIDERS_OIDC_ISSUER_URL=https://auth.example.com/auth/realms/example
- PROVIDERS_OIDC_CLIENT_ID=traefik
- PROVIDERS_OIDC_CLIENT_SECRET=7afb20e5-74f3-4909-a55b-29c506fc1dc1
- SECRET=ovnenwonroevnponpoi
- LOG_LEVEL=debug
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.traefik-forward-auth.forwardauth.address=http://traefik-forward-auth:4181"
- "traefik.http.middlewares.traefik-forward-auth.forwardauth.authResponseHeaders=X-Forwarded-User"
- "traefik.http.services.traefik-forward-auth.loadbalancer.server.port=4181"