elestio/keycloak
Keycloak, verified and packaged by Elestio
50K+
Keycloak is an open source software product to allow single sign-on with identity and access management aimed at modern applications and services.
Deploy a fully managed keycloak on elest.io if you want automated backups, reverse proxy with SSL termination, firewall, automated OS & Software updates, and a team of Linux experts and open source enthusiasts to ensure your services are always safe, and functional.
Here are some example snippets to help you get started creating a container.
version: "3.3"
services:
postgresql:
image: elestio/postgres:15
restart: always
env_file:
- .env
ports:
- 172.17.0.1:5672:5432
volumes:
- ./postgres_data:/var/lib/postgresql/data
networks:
- keycloak-network
keycloak:
user: 0:0
image: elestio/keycloak:${SOFTWARE_VERSION_TAG}
restart: always
entrypoint: "/opt/keycloak/bin/kc.sh start --hostname-strict=false --http-enabled=true --proxy-headers=xforwarded"
volumes:
- ./providers:/opt/keycloak/providers
- ./themes:/opt/keycloak/themes
env_file:
- .env
ports:
- "172.17.0.1:8080:8080"
environment:
- KEYCLOAK_LOGLEVEL=ALL
- QUARKUS_TRANSACTION_MANAGER_ENABLE_RECOVERY=true
- PROXY_ADDRESS_FORWARDING=true
- KEYCLOAK_HTTP_ENABLED=true
- KEYCLOAK_ADMIN=$KEYCLOAK_ADMIN_USER
- KEYCLOAK_PASSWORD=$KEYCLOAK_ADMIN_PASSWORD
- KC_DB_USERNAME=$POSTGRES_USER
- KC_DB_PASSWORD=$POSTGRES_PASSWORD
- KC_DB=postgres
- KC_DB_URL_HOST=postgresql
- KC_DB_URL_DATABASE=$POSTGRES_DB
- KC_DB_URL_PORT=5432
- KC_DB_SCHEMA=public
- KEYCLOAK_PRODUCTION=true
- KEYCLOAK_PROXY=edge
- KEYCLOAK_EXTRA_ARGS=--auto-build
- JAVA_OPTS=-XX:MaxRAMPercentage=75.0
depends_on:
- postgresql
networks:
- keycloak-network
networks:
keycloak-network:
driver: bridge
Variable | Value (example) |
---|---|
SOFTWARE_VERSION_TAG | latest |
SOFTWARE_PASSWORD | Q6WZFax1-YB7g-tYh2AXqF |
POSTGRES_DB | keycloak |
POSTGRES_USER | keycloak |
POSTGRES_PASSWORD | Q6WZFax1-YB7g-tYh2AXqF |
KEYCLOAK_ADMIN_USER | root |
KEYCLOAK_ADMIN_PASSWORD | Q6WZFax1-YB7g-tYh2AXqF |
KEYCLOAK_MANAGEMENT_USER | manager |
KEYCLOAK_MANAGEMENT_PASSWORD | Q6WZFax1-YB7g-tYh2AXqF |
KEYCLOAK_DATABASE_HOST | postgresql |
KEYCLOAK_DATABASE_PORT | 5432 |
KEYCLOAK_ENABLE_STATISTICS | true |
ADMIN_LOGIN | root |
You can access the Web UI at: http://your-domain:8080
The Elestio Keycloak Docker image sends the container logs to stdout. To view the logs, you can use the following command:
docker-compose logs -f
To stop the stack you can use the following command:
docker-compose down
To make backup and restore operations easier, we are using folder volume mounts. You can simply stop your stack with docker-compose down, then backup all the files and subfolders in the folder near the docker-compose.yml file.
Creating a ZIP Archive For example, if you want to create a ZIP archive, navigate to the folder where you have your docker-compose.yml file and use this command:
zip -r myarchive.zip .
Restoring from ZIP Archive To restore from a ZIP archive, unzip the archive into the original folder using the following command:
unzip myarchive.zip -d /path/to/original/folder
Starting Your Stack Once your backup is complete, you can start your stack again with the following command:
docker-compose up -d
That's it! With these simple steps, you can easily backup and restore your data volumes using Docker Compose.
docker pull elestio/keycloak