-
Notifications
You must be signed in to change notification settings - Fork 1
/
docker-compose.yml
115 lines (115 loc) · 3.91 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
version: '3.8'
services:
traefik:
image: library/traefik:alpine
container_name: ispn-traefik
networks:
- ispan_net
volumes:
- /var/run/docker.sock:/var/run/docker.sock
command: >
--logLevel=ERROR
--api.dashboard
--docker
--entrypoints="Name:http Address::80"
--defaultentrypoints="http"
ports:
- 80:80
- 3001:8080
keycloak:
image: quay.io/keycloak/keycloak:17.0.0-legacy
ports:
- "8180:8080"
depends_on:
- mysql
- infinispan
networks:
- ispan_net
volumes:
- ./keycloak/realm.json:/realm.json
#- ./keycloak/development-realm/vi-realm-zero-realm.json:/realm.json
- ./keycloak/password-blacklists/password_blacklist.txt:/opt/jboss/keycloak/standalone/data/password-blacklists/password-blacklists.txt
- ./keycloak/cli/startup.cli:/opt/jboss/startup-scripts/startup.cli
environment:
INFINISPAN_HOST: "infinispan"
INFINISPAN_PORT: 11222
JAVA_OPTS_APPEND: ${KEYCLOAK_JVM_MEMORY:--Xms64m -Xmx2g -XX:MetaspaceSize=96M -XX:MaxMetaspaceSize=256m} -Djava.net.preferIPv4Stack=true -Djboss.modules.system.pkgs=org.jboss.byteman -Djava.awt.headless=true
DB_VENDOR: mysql
DB_ADDR: mysql
DB_USER: keycloak
DB_PASSWORD: password
DB_DATABASE: keycloak
DB_SCHEMA: public
JDBC_PARAMS: useSSL=false
#JSTAT: "${KEYCLOAK_JSTAT:-false}"
HTTP_MAX_CONNECTIONS: ${KEYCLOAK_HTTP_MAX_CONNECTIONS:-50000}
AJP_MAX_CONNECTIONS: ${KEYCLOAK_AJP_MAX_CONNECTIONS:-50000}
WORKER_IO_THREADS: ${KEYCLOAK_WORKER_IO_THREADS:-2}
WORKER_TASK_MAX_THREADS: ${KEYCLOAK_WORKER_TASK_MAX_THREADS:-16}
DS_MIN_POOL_SIZE: ${KEYCLOAK_DS_MIN_POOL_SIZE:-10}
DS_MAX_POOL_SIZE: ${KEYCLOAK_DS_MAX_POOL_SIZE:-100}
DS_POOL_PREFILL: "${KEYCLOAK_DS_POOL_PREFILL:-true}"
DS_PS_CACHE_SIZE: ${KEYCLOAK_DS_PS_CACHE_SIZE:-100}
JGROUPS_DISCOVERY_PROTOCOL: JDBC_PING
JGROUPS_DISCOVERY_PROPERTIES: datasource_jndi_name=java:jboss/datasources/KeycloakDS,info_writer_sleep_time=500
CACHE_OWNERS_COUNT: 2
CACHE_OWNERS_AUTH_SESSIONS_COUNT: 2
KEYCLOAK_USER: ${KEYCLOAK_ADMIN_USER:-admin}
KEYCLOAK_PASSWORD: ${KEYCLOAK_ADMIN_PASSWORD:-admin}
KEYCLOAK_IMPORT: /realm.json
infinispan:
# image: quay.io/infinispan/server-native:14.0 > fails ISPN000660: DefaultCacheManager start failed, Unable to start JGroups Channel
# image: quay.io/infinispan/server:13.0.5.Final-2
build:
context: ./infinispan
dockerfile: Dockerfile
args:
INFINISPAN_VERSION: ${INFINISPAN_VERSION:-13.0.6.Final}
KEYCLOAK_VERSION: ${KEYCLOAK_VERSION:-17.0.0}
depends_on:
- mysql
networks:
- ispan_net
ports:
- 11222:11222
healthcheck:
test: [ "CMD-SHELL", "curl -k https://$$(ip route get 1.2.3.4 | awk '{print $$7}'):11222" ]
interval: 10s
timeout: 5s
retries: 5
# volumes:
# - ./data/infinispan-1:/opt/infinispan/server/mydata:z
environment:
- INFINISPAN_CACHE_STATISTICS=true
- USER=admin
- PASS=admin
- DB_ADDR=mysql
- DB_PORT=3306
- DB_USER=keycloak
- DB_PASSWORD=password
- DB_DATABASE=infinispan
#IDENTITIES_PATH="/user-config/identities.yaml"
#CONFIG_PATH="/user-config/config.yaml"
mysql:
image: mysql/mysql-server:${DB_VERSION:-5.7.34}
container_name: ispn-db
restart: always
ports:
- "3307:3306"
volumes:
- ./db:/docker-entrypoint-initdb.d
environment:
- MYSQL_DATABASE=${DB_DATABASE:-keycloak}
- MYSQL_USER=${DB_USER:-keycloak}
- MYSQL_PASSWORD=${DB_PASS:-password}
- MYSQL_ROOT_PASSWORD=${DB_ROOTPASS:-root_password}
- MYSQL_HOST=localhost
networks:
- ispan_net
healthcheck:
test: "mysqladmin ping -u root -p$${MYSQL_ROOT_PASSWORD}"
start_period: 10s
networks:
ispan_net:
name: ispan_network
driver: bridge