commit c15ff30d154ddf03913115cbd2a7e7b13e732b5f Author: sotiris Date: Thu Apr 24 20:42:11 2025 +0300 first commit diff --git a/README.md b/README.md new file mode 100644 index 0000000..fd4b720 --- /dev/null +++ b/README.md @@ -0,0 +1,69 @@ +# Keycloak + HA PostgreSQL on Docker Swarm +A **one-file stack** that launches the latest Keycloak (26.2.1) backed by a **three-node PostgreSQL 17 cluster** (Bitnami `postgresql-repmgr`). +The Keycloak container is totally stateless, so the scheduler can move it to any node without fuss. + +--- + +## Why you might want this + +* **Batteries included:** automatic leader election, streaming replication & fail-over via repmgr. +* **Swarm-native:** overlay network, named volumes, secrets – nothing fancy required. +* **Zero mounts on Keycloak:** scale it horizontally or reschedule it anywhere. +* **Old-school transparent:** no Helm, no Operator – just plain docker-compose like Torvalds would read. + +--- + +## Quick start + +```bash +# 1) Fire up a Swarm (skip if you already have one) +docker swarm init + +# 2) Create the required secrets (edit the values to taste) +echo -n 'SuperSecret1' | docker secret create KC_DB_PASSWORD - +echo -n 'kcadmin' | docker secret create KEYCLOAK_ADMIN - +echo -n 'AdminSecret2' | docker secret create KEYCLOAK_ADMIN_PASSWORD - +echo -n 'RepmgrPass3' | docker secret create REPMGR_PASSWORD - +echo -n 'RootDbP4ss' | docker secret create PG_SUPERUSER_PASSWORD - + +# 3) Deploy the stack +docker stack deploy -c docker-compose.yml keycloak + +Point your browser to **`http://:8080`** (or whatever port you expose) and log in with the `KEYCLOAK_ADMIN` creds you set above. + +--- + +## Scaling + +```bash +# Want three Keycloak pods? +docker service scale keycloak_keycloak=3 +``` + +Stick Traefik, HAProxy, or your LB of choice in front if you need sticky sessions. + +--- + +## File structure + +``` +docker-compose.yml # the only file you need +README.md # this doc +``` + +--- + +## Contributing + +Pull requests, issues, and brutally honest code reviews are **very welcome**. +Got a nicer way to wire the secrets, or fancy adding CI? Have at it! + +--- + +## License + +This project is released under the **GNU General Public License, version 2** (GPL-2.0). + +> “Free as in freedom, not as in free beer.” + +Happy hacking!