-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdocker-compose.yaml
More file actions
77 lines (73 loc) · 2.31 KB
/
docker-compose.yaml
File metadata and controls
77 lines (73 loc) · 2.31 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
services:
postgres:
image: postgres:latest
container_name: postgres
environment:
POSTGRES_DB: productdb
POSTGRES_USER: productuser
POSTGRES_PASSWORD: productpass
ports:
- "5433:5432"
volumes:
- postgres_data:/var/lib/postgresql/data
- ./oauth2-resource-server/init-db.sh:/docker-entrypoint-initdb.d/init-db.sh
healthcheck:
test: ["CMD-SHELL", "pg_isready -U productuser -d productdb"]
interval: 10s
timeout: 5s
retries: 5
keycloak:
image: quay.io/keycloak/keycloak:20.0.3
container_name: keycloak
environment:
KEYCLOAK_ADMIN: admin
KEYCLOAK_ADMIN_PASSWORD: admin
KC_DB: dev-file
KC_HTTP_RELATIVE_PATH: /
KC_HOSTNAME_STRICT: "false"
KC_HOSTNAME_STRICT_HTTPS: "false"
KC_HTTP_ENABLED: "true"
KC_HEALTH_ENABLED: "true"
ports:
- "8081:8080"
volumes:
- ./keycloak-realm.json:/opt/keycloak/data/import/realm.json
command:
- start-dev
- --import-realm
healthcheck:
test: [ "CMD", "curl", "-f", "http://localhost:8080/health/ready" ]
interval: 10s
timeout: 5s
retries: 5
start_period: 30s
resource-server:
build:
context: ./oauth2-resource-server
container_name: oauth2-resource-server
environment:
SPRING_DATASOURCE_URL: jdbc:postgresql://postgres:5432/productdb
SPRING_DATASOURCE_USERNAME: productuser
SPRING_DATASOURCE_PASSWORD: productpass
SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_ISSUER_URI: http://keycloak:8080/realms/product-realm
SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_JWK_SET_URI: http://keycloak:8080/realms/product-realm/protocol/openid-connect/certs
ports:
- "8080:8080"
depends_on:
postgres:
condition: service_healthy
keycloak:
condition: service_healthy
oauth2-client:
build:
context: ./oauth2-client
container_name: oauth2-client
environment:
SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_KEYCLOAK_ISSUER_URI: http://keycloak:8080/realms/product-realm
SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_KEYCLOAK_TOKEN_URI: http://keycloak:8080/realms/product-realm/protocol/openid-connect/token
RESOURCE_SERVER_URL: http://resource-server:8080
ports:
- "8082:8080"
volumes:
postgres_data:
keycloak_data: