doabl/sso
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

first commit

Browse source
This commit is contained in:
sotiris 2025-04-24 20:42:11 +03:00
commit c15ff30d15
1 changed files with 69 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

69
README.md Normal file
View file

@ -0,0 +1,69 @@
# Keycloak + HA PostgreSQL on Docker Swarm
A **one-file stack** that launches the latest Keycloak (26.2.1) backed by a **three-node PostgreSQL 17 cluster** (Bitnami `postgresql-repmgr`).
The Keycloak container is totally stateless, so the scheduler can move it to any node without fuss.
---
## Why you might want this
* **Batteries included:** automatic leader election, streaming replication & fail-over via repmgr.
* **Swarm-native:** overlay network, named volumes, secrets nothing fancy required.
* **Zero mounts on Keycloak:** scale it horizontally or reschedule it anywhere.
* **Old-school transparent:** no Helm, no Operator just plain docker-compose like Torvalds would read.
---
## Quick start
```bash
# 1) Fire up a Swarm (skip if you already have one)
docker swarm init
# 2) Create the required secrets (edit the values to taste)
echo -n 'SuperSecret1' | docker secret create KC_DB_PASSWORD -
echo -n 'kcadmin' | docker secret create KEYCLOAK_ADMIN -
echo -n 'AdminSecret2' | docker secret create KEYCLOAK_ADMIN_PASSWORD -
echo -n 'RepmgrPass3' | docker secret create REPMGR_PASSWORD -
echo -n 'RootDbP4ss' | docker secret create PG_SUPERUSER_PASSWORD -
# 3) Deploy the stack
docker stack deploy -c docker-compose.yml keycloak
Point your browser to **`http://<any-swarm-node>:8080`** (or whatever port you expose) and log in with the `KEYCLOAK_ADMIN` creds you set above.
---
## Scaling
```bash
# Want three Keycloak pods?
docker service scale keycloak_keycloak=3
```
Stick Traefik, HAProxy, or your LB of choice in front if you need sticky sessions.
---
## File structure
```
docker-compose.yml # the only file you need
README.md # this doc
```
---
## Contributing
Pull requests, issues, and brutally honest code reviews are **very welcome**.
Got a nicer way to wire the secrets, or fancy adding CI? Have at it!
---
## License
This project is released under the **GNU General Public License, version 2** (GPL-2.0).
> “Free as in freedom, not as in free beer.”
Happy hacking!