forked from HarunOr/keycloak-compose
-
Notifications
You must be signed in to change notification settings - Fork 58
/
Copy pathcompose.yml
90 lines (86 loc) · 3.19 KB
/
compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
x-logging: &logging
driver: "json-file"
options:
max-size: "10m"
max-file: "3"
services:
postgres:
image: postgres:${POSTGRES_VERSION}
restart: unless-stopped
healthcheck:
test: ["CMD", "pg_isready", "-U", "keycloak"]
environment:
POSTGRES_DB: keycloak
POSTGRES_USER: keycloak
POSTGRES_PASSWORD: password
volumes:
- type: tmpfs
target: /var/lib/postgresql/data
tmpfs:
size: 100000000
logging: *logging
keycloak:
image: quay.io/keycloak/keycloak:${KC_VERSION}
command: ["start-dev", "--import-realm"]
restart: unless-stopped
environment:
KC_DB: postgres
KC_DB_USERNAME: keycloak
KC_DB_PASSWORD: password
KC_DB_URL: "jdbc:postgresql://postgres:5432/keycloak"
KC_METRICS_ENABLED: true
KC_LOG_LEVEL: ${KC_LOG_LEVEL}
KC_REALM_NAME: ${KC_REALM_NAME}
KC_BOOTSTRAP_ADMIN_USERNAME: ${KEYCLOAK_ADMIN}
KC_BOOTSTRAP_ADMIN_PASSWORD: ${KEYCLOAK_ADMIN_PASSWORD}
GF_URL: ${GF_HOSTNAME}:${GF_SERVER_HTTP_PORT}
GF_ADMIN_USERNAME: ${GF_ADMIN_USERNAME}
GF_ADMIN_PASSWORD: ${GF_ADMIN_PASSWORD}
ports:
- ${KC_PORT}:8080
volumes:
- ./keycloak/realm.json:/opt/keycloak/data/import/realm.json:ro
logging: *logging
prometheus:
image: prom/prometheus:${PROMETHEUS_VERSION}
command:
- '--config.file=/etc/prometheus/prometheus.yml'
- '--storage.tsdb.path=/prometheus'
- '--storage.tsdb.retention.time=30d'
- '--storage.tsdb.wal-compression'
- '--web.enable-lifecycle'
restart: unless-stopped
healthcheck:
test: ["CMD", "wget", "--tries=1", "--spider", "http://localhost:9090/-/healthy"]
ports:
- ${PROMETHEUS_PORT}:9090
volumes:
- ./prometheus/prometheus.yml:/etc/prometheus/prometheus.yml:ro
logging: *logging
grafana:
image: grafana/grafana-oss:${GF_VERSION}
restart: unless-stopped
ports:
- ${GF_SERVER_HTTP_PORT}:${GF_SERVER_HTTP_PORT}
healthcheck:
test: ["CMD", "wget", "--spider", "http://localhost:${GF_SERVER_HTTP_PORT}/api/health"]
environment:
GF_SERVER_HTTP_PORT: ${GF_SERVER_HTTP_PORT}
GF_SERVER_ROOT_URL: ${GF_HOSTNAME}:${GF_SERVER_HTTP_PORT}
GF_LOG_LEVEL: ${GF_LOG_LEVEL}
GF_AUTH_BASIC_ENABLED: true
GF_AUTH_DISABLE_LOGIN_FORM: true
GF_AUTH_GENERIC_OAUTH_TLS_SKIP_VERIFY_INSECURE: true
GF_AUTH_GENERIC_OAUTH_ENABLED: true
GF_AUTH_GENERIC_OAUTH_NAME: Keycloak
GF_AUTH_GENERIC_OAUTH_ALLOW_SIGN_UP: true
GF_AUTH_GENERIC_OAUTH_CLIENT_ID: "grafana"
GF_AUTH_GENERIC_OAUTH_EMAIL_ATTRIBUTE_NAME: "email:primary"
GF_AUTH_GENERIC_OAUTH_SCOPES: "openid profile email"
GF_AUTH_GENERIC_OAUTH_AUTH_URL: ${KC_HOSTNAME}:${KC_PORT}/realms/${KC_REALM_NAME}/protocol/openid-connect/auth
GF_AUTH_GENERIC_OAUTH_TOKEN_URL: http://keycloak:${KC_PORT}/realms/${KC_REALM_NAME}/protocol/openid-connect/token
GF_AUTH_GENERIC_OAUTH_API_URL: ${KC_HOSTNAME}:${KC_PORT}/realms/${KC_REALM_NAME}/protocol/openid-connect/userinfo
volumes:
- ./grafana/dashboards:/etc/grafana/provisioning/dashboards:ro
- ./grafana/datasources:/etc/grafana/provisioning/datasources:ro
logging: *logging