docker-compose

services:

  reverse-proxy:
    image: traefik:v3.1
    command:
      - "--log.level=DEBUG"
      - "--providers.docker"
      - "--providers.docker.exposedbydefault=false"
      - "--certificatesresolvers.myresolver.acme.tlschallenge=true"
      - "[email protected]"
      - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme-v1.json"
      - "--entrypoints.web.address=:8080"
      - "--entrypoints.websecure.address=:443"
      - "--entrypoints.websecure.asDefault=true"
      - "--entrypoints.web.http.redirections.entrypoint.to=websecure"
      - "--entrypoints.web.http.redirections.entrypoint.scheme=https"
    ports:
      - "8080:8080"
      - "443:443"
    volumes:
      - letsencrypt:/letsencrypt
      - /var/run/docker.sock:/var/run/docker.sock
    networks:
      - webnet

  kcdb:
    container_name: kcdb
    image: postgres:16.2
    restart: unless-stopped
    environment:
      - POSTGRES_USER=${POSTGRES_USER}
      - POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
      - POSTGRES_DB=${POSTGRES_DB}
    expose:
      - 5432
    volumes:
      - pgdata:/var/lib/postgresql/data
    networks:
      - webnet

  keycloak:
    image: quay.io/keycloak/keycloak:26.0.7
    command: start
    environment:
      KC_HOSTNAME: keycloak.thesispath.cloud
      PROXY_ADDRESS_FORWARDING: true
      KC_HOSTNAME_PORT: 8088
      KC_HOSTNAME_STRICT: false
      KC_PROXY_HEADERS: 'xforwarded'
      KC_HTTP_ENABLED: true
      KEYCLOAK_LOGLEVEL: DEBUG
      KC_HEALTH_ENABLED: true
      KEYCLOAK_ADMIN: ${KEYCLOAK_ADMIN}
      KEYCLOAK_ADMIN_PASSWORD: ${KEYCLOAK_ADMIN_PASSWORD}
      KC_DB: postgres
      KC_DB_URL: jdbc:postgresql://kcdb/${POSTGRES_DB}
      KC_DB_USERNAME: ${POSTGRES_USER}
      KC_DB_PASSWORD: ${POSTGRES_PASSWORD}
    restart: always
    ports:
      - "8088:8088"
    depends_on:
      - kcdb
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.keycloak.rule=Host(`keycloak.domain.cloud`)"
      - "traefik.http.routers.keycloak.entrypoints=websecure"
      - "traefik.http.routers.keycloak.tls.certresolver=myresolver"
    networks:
      - webnet

  webApp:
    image: webApp:v6.1
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.webApp.rule=Host(`webApp.domain.cloud`)"
      - "traefik.http.routers.webApp.entrypoints=websecure"
      - "traefik.http.routers.webApp.tls.certresolver=myresolver"
    networks:
      - webnet
      
networks:
  webnet:
    driver: bridge
volumes:
  pgdata:
  letsencrypt:
Editor is loading...