-
Notifications
You must be signed in to change notification settings - Fork 0
/
docker-compose.yml
107 lines (101 loc) · 3.42 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
version: "3.9"
x-logging: &logging
driver: "json-file"
options:
max-size: "10m"
max-file: "3"
services:
postgres:
image: postgres:${POSTGRES_VERSION}
restart: unless-stopped
healthcheck:
test: ["CMD", "pg_isready", "-U", "keycloak"]
environment:
POSTGRES_DB: keycloak
POSTGRES_USER: keycloak
POSTGRES_PASSWORD: password
volumes:
- ./data/postgresql:/var/lib/postgresql/data
logging: *logging
keycloak:
image: quay.io/keycloak/keycloak:${KC_VERSION}
command: ["start-dev", "--import-realm"]
restart: unless-stopped
environment:
KC_DB: postgres
KC_DB_USERNAME: keycloak
KC_DB_PASSWORD: password
KC_DB_URL: "jdbc:postgresql://postgres:5432/keycloak"
KC_METRICS_ENABLED: true
KC_LOG_LEVEL: ${KC_LOG_LEVEL}
KC_REALM_NAME: ${KC_REALM_NAME}
KEYCLOAK_ADMIN: ${KEYCLOAK_ADMIN}
KEYCLOAK_ADMIN_PASSWORD: ${KEYCLOAK_ADMIN_PASSWORD}
GF_URL: ${GF_HOSTNAME}:${GF_SERVER_HTTP_PORT}
GF_ADMIN_USERNAME: ${GF_ADMIN_USERNAME}
GF_ADMIN_PASSWORD: ${GF_ADMIN_PASSWORD}
ports:
- ${KC_PORT}:8080
volumes:
- ./keycloak/realm.json:/opt/keycloak/data/import/realm.json:ro
logging: *logging
prometheus:
image: prom/prometheus:${PROMETHEUS_VERSION}
command:
- "--config.file=/etc/prometheus/prometheus.yml"
- "--storage.tsdb.path=/prometheus"
- "--storage.tsdb.retention.time=30d"
- "--storage.tsdb.wal-compression"
- "--web.enable-lifecycle"
restart: unless-stopped
healthcheck:
test:
[
"CMD",
"wget",
"--tries=1",
"--spider",
"http://localhost:9090/-/healthy",
]
ports:
- ${PROMETHEUS_PORT}:9090
volumes:
- ./prometheus/prometheus.yml:/etc/prometheus/prometheus.yml:ro
logging: *logging
grafana:
image: grafana/grafana-oss:${GF_VERSION}
restart: unless-stopped
ports:
- ${GF_SERVER_HTTP_PORT}:${GF_SERVER_HTTP_PORT}
healthcheck:
test:
[
"CMD",
"wget",
"--spider",
"http://localhost:${GF_SERVER_HTTP_PORT}/api/health",
]
environment:
GF_SERVER_HTTP_PORT: ${GF_SERVER_HTTP_PORT}
GF_LOG_LEVEL: ${GF_LOG_LEVEL}
GF_AUTH_BASIC_ENABLED: true
GF_AUTH_DISABLE_LOGIN_FORM: true
GF_AUTH_GENERIC_OAUTH_TLS_SKIP_VERIFY_INSECURE: true
GF_AUTH_GENERIC_OAUTH_ENABLED: true
GF_AUTH_GENERIC_OAUTH_NAME: Keycloak
GF_AUTH_GENERIC_OAUTH_ALLOW_SIGN_UP: true
GF_AUTH_GENERIC_OAUTH_CLIENT_ID: "grafana"
GF_AUTH_GENERIC_OAUTH_EMAIL_ATTRIBUTE_NAME: "email:primary"
GF_AUTH_GENERIC_OAUTH_SCOPES: "openid profile email"
GF_AUTH_GENERIC_OAUTH_AUTH_URL: ${KC_HOSTNAME}:${KC_PORT}/realms/${KC_REALM_NAME}/protocol/openid-connect/auth
GF_AUTH_GENERIC_OAUTH_TOKEN_URL: http://keycloak:${KC_PORT}/realms/${KC_REALM_NAME}/protocol/openid-connect/token
GF_AUTH_GENERIC_OAUTH_API_URL: ${KC_HOSTNAME}:${KC_PORT}/realms/${KC_REALM_NAME}/protocol/openid-connect/userinfo
volumes:
- ./grafana/dashboards:/etc/grafana/provisioning/dashboards:ro
- ./grafana/datasources:/etc/grafana/provisioning/datasources:ro
logging: *logging
postgres-exporter:
image: quay.io/prometheuscommunity/postgres-exporter
restart: unless-stopped
environment:
DATA_SOURCE_NAME: "postgresql://keycloak:password@postgres:5432/keycloak?sslmode=disable"