doabl/sso
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

made some changes to conform with naming conventions as provided by bitnami

Browse source
This commit is contained in:
sotiris 2025-04-24 20:56:17 +03:00
parent 7c2f41da66
commit 2ff6ca6d66
1 changed files with 41 additions and 50 deletions
Download patch file Download diff file Expand all files Collapse all files

91
compose.yml
View file

@ -4,109 +4,100 @@ networks:
keycloak-net: keycloak-net:
driver: overlay driver: overlay
volumes:
pg0_data:
pg1_data:
pg2_data:
services: services:
# ---------- IDENTITY PROVIDER ---------- # ────────── KEYCLOAK ────────────────────────────────────────────────
keycloak: keycloak:
image: quay.io/keycloak/keycloak:26.2.1 # latest as of 2025-04-24 image: quay.io/keycloak/keycloak:26.2.1 # 23 Apr 2025 latest :contentReference[oaicite:0]{index=0}
command: > command: >
start --optimized start --optimized
--cache=ispn # recommended default --cache=ispn
--hostname-strict=false --hostname-strict=false
environment: environment:
KC_DB: postgres KC_DB: postgres
KC_DB_URL_HOST: pg-primary # the service name below KC_DB_URL_HOST: pg-0 # <- new primary name
KC_DB_URL_PORT: 5432 KC_DB_URL_PORT: 5432
KC_DB_USERNAME: keycloak KC_DB_USERNAME: keycloak
KC_DB_PASSWORD: ${KC_DB_PASSWORD} # 🔑 secret KC_DB_PASSWORD: ${KC_DB_PASSWORD}
KEYCLOAK_ADMIN: ${KEYCLOAK_ADMIN} # 🔑 secret KEYCLOAK_ADMIN: ${KEYCLOAK_ADMIN}
KEYCLOAK_ADMIN_PASSWORD: ${KEYCLOAK_ADMIN_PASSWORD} # 🔑 KEYCLOAK_ADMIN_PASSWORD: ${KEYCLOAK_ADMIN_PASSWORD}
depends_on: [pg-0]
networks: [keycloak-net]
deploy: deploy:
replicas: 1 # scale horizontally if you like replicas: 1
restart_policy: { condition: on-failure }
placement: placement:
constraints: constraints:
- node.role == worker - node.role == worker
restart_policy:
condition: on-failure
networks: [keycloak-net]
depends_on: [pg-primary]
# ---------- POSTGRESQL HA CLUSTER ---------- # ────────── POSTGRESQL-REPMGR HA CLUSTER ────────────────────────────
# Primary ------------------------------------------------------------ pg-0: # primary
pg-primary:
image: bitnami/postgresql-repmgr:17 image: bitnami/postgresql-repmgr:17
environment: environment:
POSTGRESQL_POSTGRES_PASSWORD: ${PG_SUPERUSER_PASSWORD} # 🔑 POSTGRESQL_POSTGRES_PASSWORD: ${PG_SUPERUSER_PASSWORD}
POSTGRESQL_USERNAME: keycloak POSTGRESQL_USERNAME: keycloak
POSTGRESQL_PASSWORD: ${KC_DB_PASSWORD} # same as above POSTGRESQL_PASSWORD: ${KC_DB_PASSWORD}
POSTGRESQL_DATABASE: keycloak POSTGRESQL_DATABASE: keycloak
# REPMGR_USERNAME: repmgr
# repmgr config REPMGR_PASSWORD: ${REPMGR_PASSWORD}
REPMGR_PASSWORD: ${REPMGR_PASSWORD} # 🔑 REPMGR_NODE_ID: 1000
REPMGR_PRIMARY_HOST: pg-primary REPMGR_NODE_NAME: pg-0
REPMGR_NODE_NAME: pg-primary REPMGR_NODE_NETWORK_NAME: pg-0
REPMGR_NODE_NETWORK_NAME: pg-primary REPMGR_PRIMARY_HOST: pg-0
REPMGR_PARTNER_NODES: pg-primary,pg-replica-1,pg-replica-2 REPMGR_PARTNER_NODES: pg-0,pg-1,pg-2
volumes: volumes:
- /store/new-age/data/kc-pg-data-r0:/bitnami/postgresql - /store/new-age/data/kc-pg-data-r0:/bitnami/postgresql
networks: [keycloak-net] networks: [keycloak-net]
deploy: deploy:
restart_policy: { condition: on-failure }
placement: placement:
constraints: constraints:
- node.labels.server_id == lnd1 - node.labels.server_id == lnd1 # your pin
restart_policy:
condition: on-failure
# Replica-1 ---------------------------------------------------------- pg-1: # replica-1
pg-replica-1:
image: bitnami/postgresql-repmgr:17 image: bitnami/postgresql-repmgr:17
environment: environment:
POSTGRESQL_POSTGRES_PASSWORD: ${PG_SUPERUSER_PASSWORD} POSTGRESQL_POSTGRES_PASSWORD: ${PG_SUPERUSER_PASSWORD}
POSTGRESQL_USERNAME: keycloak POSTGRESQL_USERNAME: keycloak
POSTGRESQL_PASSWORD: ${KC_DB_PASSWORD} POSTGRESQL_PASSWORD: ${KC_DB_PASSWORD}
POSTGRESQL_DATABASE: keycloak POSTGRESQL_DATABASE: keycloak
#
POSTGRESQL_REPLICATION_MODE: slave POSTGRESQL_REPLICATION_MODE: slave
REPMGR_PRIMARY_HOST: pg-primary REPMGR_USERNAME: repmgr
REPMGR_NODE_NAME: pg-replica-1
REPMGR_NODE_NETWORK_NAME: pg-replica-1
REPMGR_PASSWORD: ${REPMGR_PASSWORD} REPMGR_PASSWORD: ${REPMGR_PASSWORD}
REPMGR_PARTNER_NODES: pg-primary,pg-replica-1,pg-replica-2 REPMGR_NODE_ID: 1001
REPMGR_NODE_NAME: pg-1
REPMGR_NODE_NETWORK_NAME: pg-1
REPMGR_PRIMARY_HOST: pg-0
REPMGR_PARTNER_NODES: pg-0,pg-1,pg-2
volumes: volumes:
- /store/new-age/data/kc-pg-data-r1:/bitnami/postgresql - /store/new-age/data/kc-pg-data-r1:/bitnami/postgresql
networks: [keycloak-net] networks: [keycloak-net]
deploy: deploy:
restart_policy: restart_policy: { condition: on-failure }
condition: on-failure
placement: placement:
constraints: constraints:
- node.labels.server_id == nyc3 - node.labels.server_id == nyc3
# Replica-2 ---------------------------------------------------------- pg-2: # replica-2
pg-replica-2:
image: bitnami/postgresql-repmgr:17 image: bitnami/postgresql-repmgr:17
environment: environment:
POSTGRESQL_POSTGRES_PASSWORD: ${PG_SUPERUSER_PASSWORD} POSTGRESQL_POSTGRES_PASSWORD: ${PG_SUPERUSER_PASSWORD}
POSTGRESQL_USERNAME: keycloak POSTGRESQL_USERNAME: keycloak
POSTGRESQL_PASSWORD: ${KC_DB_PASSWORD} POSTGRESQL_PASSWORD: ${KC_DB_PASSWORD}
POSTGRESQL_DATABASE: keycloak POSTGRESQL_DATABASE: keycloak
#
POSTGRESQL_REPLICATION_MODE: slave POSTGRESQL_REPLICATION_MODE: slave
REPMGR_PRIMARY_HOST: pg-primary REPMGR_USERNAME: repmgr
REPMGR_NODE_NAME: pg-replica-2
REPMGR_NODE_NETWORK_NAME: pg-replica-2
REPMGR_PASSWORD: ${REPMGR_PASSWORD} REPMGR_PASSWORD: ${REPMGR_PASSWORD}
REPMGR_PARTNER_NODES: pg-primary,pg-replica-1,pg-replica-2 REPMGR_NODE_ID: 1002
REPMGR_NODE_NAME: pg-2
REPMGR_NODE_NETWORK_NAME: pg-2
REPMGR_PRIMARY_HOST: pg-0
REPMGR_PARTNER_NODES: pg-0,pg-1,pg-2
volumes: volumes:
- /store/new-age/data/kc-pg-data-r2:/bitnami/postgresql - /store/new-age/data/kc-pg-data-r2:/bitnami/postgresql
networks: [keycloak-net] networks: [keycloak-net]
deploy: deploy:
restart_policy: restart_policy: { condition: on-failure }
condition: on-failure
placement: placement:
constraints: constraints:
- node.labels.server_id == amd1 - node.labels.server_id == amd1