forked from keycloak/keycloak-containers
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Moved server-x container to https://github.com/keycloak/keycloak/tree…
…/main/quarkus/container. Updated tags for legacy distribution to include :legacy Closes keycloak#370
- Loading branch information
Showing
14 changed files
with
37 additions
and
172 deletions.
There are no files selected for viewing
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,86 +1,3 @@ | ||
| # Keycloak.X Docker Image | ||
| # Keycloak Quarkus distribution image | ||
|
|
||
| The `Dockerfile` for Keycloak.X Docker Image. | ||
|
|
||
| See the `Build` section for more details on how to build the image. | ||
|
|
||
| Once built, you can run the server in the same manner as when using the Keycloak.X distribution by passing any command-line argument: | ||
|
|
||
| docker run --name keycloak -p 8080:8080 \ | ||
| -e KEYCLOAK_ADMIN=admin -e KEYCLOAK_ADMIN_PASSWORD=change_me \ | ||
| IMAGE[:TAG] \ | ||
| start-dev | ||
| ## Extending the Image | ||
|
|
||
| To customize the base image, create a new `Dockerfile` similar to following: | ||
|
|
||
| ``` | ||
| FROM quay.io/keycloak/keycloak-x | ||
| WORKDIR /opt/keycloak | ||
| RUN keytool -genkeypair -storepass password -storetype PKCS12 -keyalg RSA -keysize 2048 -dname "CN=server" -alias server -ext "SAN:c=DNS:localhost,IP:127.0.0.1" -keystore conf/server.keystore | ||
| ``` | ||
|
|
||
| In the example above, you are basically creating a new image `FROM` this image and adding a Java Keystore to configure HTTPS using a self-signed certificate (only for example purposes, never do that for production). | ||
|
|
||
| As another example, you can install any custom provider you may have (include themes within a JAR file) as follows: | ||
|
|
||
| ``` | ||
| FROM quay.io/keycloak/keycloak-x | ||
| COPY my-providers/ /opt/keycloak/providers/ | ||
| WORKDIR /opt/keycloak | ||
| RUN keytool -genkeypair -storepass password -storetype PKCS12 -keyalg RSA -keysize 2048 -dname "CN=server" -alias server -ext "SAN:c=DNS:localhost,IP:127.0.0.1" -keystore conf/server.keystore | ||
| # Run the build command to install custom providers | ||
| RUN ./bin/kc.sh build | ||
| ``` | ||
|
|
||
| In the example above, any JAR files within the directory `my-providers` will be copied to the image's `/opt/keycloak/providers` directory. Then the `build` command is executed to install the custom providers. | ||
|
|
||
| For last, you can configure the server using any configuration option available as follows: | ||
|
|
||
| ``` | ||
| FROM quay.io/keycloak/keycloak-x | ||
| COPY my-providers/ /opt/keycloak/providers/ | ||
| WORKDIR /opt/keycloak | ||
| RUN keytool -genkeypair -storepass password -storetype PKCS12 -keyalg RSA -keysize 2048 -dname "CN=server" -alias server -ext "SAN:c=DNS:localhost,IP:127.0.0.1" -keystore conf/server.keystore | ||
| RUN ./bin/kc.sh build --db=postgres --db-url=jdbc:postgresql://$DB_HOST/keycloak --db-username=keycloak --db-password=password | ||
| ``` | ||
|
|
||
| In the example above, the configuration is being set to use a PostgreSQL database. | ||
|
|
||
| NOTE: Note that we are using separated `RUN` steps for illustrative purposes, ideally you should reduce the number of layers and execute both steps in a single one. | ||
|
|
||
| ## Auto-Build | ||
|
|
||
| Given the immutability of containers, you can use the `--auto-build` option in order to apply any configuration when running a new container. Once the container is created, subsequent restarts will never go through the configuration phase again but just start the server with the configuration previously defined. | ||
|
|
||
| docker run --name keycloak -p 8080:8080 \ | ||
| -e KEYCLOAK_ADMIN=admin -e KEYCLOAK_ADMIN_PASSWORD=change_me \ | ||
| IMAGE[:TAG] \ | ||
| --auto-build --db=postgres -Dkc.db.url.host=<DB_HOST> --db-username=keycloak --db-password=change_me --http-enabled=true | ||
|
|
||
| The command above should be enough to run a server using a PostgreSQL database listening on a given `DB_HOST`. | ||
|
|
||
| The recommended approach should be to create your own image from this one and configure it accordingly to your needs. The `--auto-build` is intended for helping to get a running server with different options without having to create your own image, with the cost that every time you run a new container, the build step will run and your container will take longer to start. | ||
|
|
||
| However, the `--auto-build` option should help when trying out Keycloak and for development purposes. | ||
|
|
||
| ## Build | ||
|
|
||
| It is possible to download the Keycloak distribution from a URL: | ||
|
|
||
| docker build --build-arg KEYCLOAK_DIST=http://<HOST>:<PORT>/keycloak.x-<VERSION>.tar.gz . -t <TAG> | ||
|
|
||
| For Keycloak built locally you need to copy the distribution to the local `server-x` folder: | ||
|
|
||
| cp $KEYCLOAK_SOURCE/distribution/server-x/target/keycloak.x-<VERSION>.tar.gz . | ||
| docker build --build-arg KEYCLOAK_DIST=keycloak.x-<VERSION>.tar.gz . -t <TAG> | ||
| Moved to https://github.com/keycloak/keycloak/tree/main/quarkus/container |
Oops, something went wrong.