bridgehead/ccp/modules/login-compose.yml

version: "3.7"

services:

  login-db:
    image: docker.verbis.dkfz.de/cache/postgres:15.4-alpine
    container_name: bridgehead-login-db
    environment:
      POSTGRES_USER: "keycloak"
      POSTGRES_PASSWORD: "${KEYCLOAK_DB_PASSWORD}" # Set in login-setup.sh
      POSTGRES_DB: "keycloak"
    tmpfs:
      - /var/lib/postgresql/data
# Consider removing this comment once we have collected experience in production.
#    volumes:
#      - "bridgehead-login-db:/var/lib/postgresql/data"

  login:
    image: docker.verbis.dkfz.de/ccp/dktk-keycloak:latest
    container_name: bridgehead-login
    environment:
      KEYCLOAK_ADMIN: "admin"
      KEYCLOAK_ADMIN_PASSWORD: "${LDM_AUTH}"
      TEILER_ADMIN: "${PROJECT}"
      TEILER_ADMIN_PASSWORD: "${LDM_AUTH}"
      TEILER_ADMIN_FIRST_NAME: "${OPERATOR_FIRST_NAME}"
      TEILER_ADMIN_LAST_NAME: "${OPERATOR_LAST_NAME}"
      TEILER_ADMIN_EMAIL: "${OPERATOR_EMAIL}"
      KC_DB_PASSWORD: "${KEYCLOAK_DB_PASSWORD}" # Set in login-setup.sh
      KC_HOSTNAME_URL: "https://${HOST}/login"
      KC_HOSTNAME_STRICT: "false"
      KC_PROXY_ADDRESS_FORWARDING: "true"
      TEILER_ORCHESTRATOR_EXTERN_URL: "https://${HOST}/ccp-teiler"
    command:
      - start-dev --import-realm --proxy edge --http-relative-path=/login
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.login.rule=PathPrefix(`/login`)"
      - "traefik.http.services.login.loadbalancer.server.port=8080"
      - "traefik.http.routers.login.tls=true"
    depends_on:
      - login-db

# Consider removing this comment once we have collected experience in production.
#volumes:
#  bridgehead-login-db:
#    name: "bridgehead-login-db"
Bugfix: Add version in every docker compose file 2023-09-11 13:27:08 +02:00			`version: "3.7"`

Adapt teiler-ui to traefik 2023-03-22 14:41:07 +01:00			`services:`
Rewrite comments 2023-09-15 10:24:44 +02:00
Adapt teiler-ui to traefik 2023-03-22 14:41:07 +01:00			`login-db:`
Postgres 15.4 in datashield, exporter and login 2023-09-19 14:21:15 +02:00			`image: docker.verbis.dkfz.de/cache/postgres:15.4-alpine`
Adapt teiler-ui to traefik 2023-03-22 14:41:07 +01:00			`container_name: bridgehead-login-db`
			`environment:`
			`POSTGRES_USER: "keycloak"`
Fix comment in login-compose.yml 2023-08-10 21:43:44 +02:00			`POSTGRES_PASSWORD: "${KEYCLOAK_DB_PASSWORD}" # Set in login-setup.sh`
Adapt teiler-ui to traefik 2023-03-22 14:41:07 +01:00			`POSTGRES_DB: "keycloak"`
Prevent anonymous volume creation 2023-09-22 10:24:10 +02:00			`tmpfs:`
			`- /var/lib/postgresql/data`
Rewrite comments 2023-09-15 10:24:44 +02:00			`# Consider removing this comment once we have collected experience in production.`
Comment Keycloak volume 2023-08-10 21:50:52 +02:00			`# volumes:`
			`# - "bridgehead-login-db:/var/lib/postgresql/data"`
Adapt teiler-ui to traefik 2023-03-22 14:41:07 +01:00
			`login:`
			`image: docker.verbis.dkfz.de/ccp/dktk-keycloak:latest`
			`container_name: bridgehead-login`
			`environment:`
			`KEYCLOAK_ADMIN: "admin"`
Bugfix: LDM_AUTH instead of LDM_PASSWORD 2023-09-04 15:15:34 +02:00			`KEYCLOAK_ADMIN_PASSWORD: "${LDM_AUTH}"`
Add Teiler Admin to Keycloak 2023-08-09 16:29:44 +02:00			`TEILER_ADMIN: "${PROJECT}"`
Bugfix: LDM_AUTH instead of LDM_PASSWORD 2023-09-04 15:15:34 +02:00			`TEILER_ADMIN_PASSWORD: "${LDM_AUTH}"`
Add Teiler Admin to Keycloak 2023-08-09 16:29:44 +02:00			`TEILER_ADMIN_FIRST_NAME: "${OPERATOR_FIRST_NAME}"`
			`TEILER_ADMIN_LAST_NAME: "${OPERATOR_LAST_NAME}"`
			`TEILER_ADMIN_EMAIL: "${OPERATOR_EMAIL}"`
Fix comment in login-compose.yml 2023-08-10 21:43:44 +02:00			`KC_DB_PASSWORD: "${KEYCLOAK_DB_PASSWORD}" # Set in login-setup.sh`
Adapt teiler-ui to traefik 2023-03-22 14:41:07 +01:00			`KC_HOSTNAME_URL: "https://${HOST}/login"`
			`KC_HOSTNAME_STRICT: "false"`
			`KC_PROXY_ADDRESS_FORWARDING: "true"`
Rename Teiler Backend, Teiler Dashboard and Teiler Orchestrator 2023-08-17 18:10:12 +02:00			`TEILER_ORCHESTRATOR_EXTERN_URL: "https://${HOST}/ccp-teiler"`
Adapt teiler-ui to traefik 2023-03-22 14:41:07 +01:00			`command:`
			`- start-dev --import-realm --proxy edge --http-relative-path=/login`
			`labels:`
			`- "traefik.enable=true"`
			- "traefik.http.routers.login.rule=PathPrefix(`/login`)"
			`- "traefik.http.services.login.loadbalancer.server.port=8080"`
			`- "traefik.http.routers.login.tls=true"`
			`depends_on:`
			`- login-db`

Rewrite comments 2023-09-15 10:24:44 +02:00			`# Consider removing this comment once we have collected experience in production.`
Comment Keycloak volume 2023-08-10 21:50:52 +02:00			`#volumes:`
			`# bridgehead-login-db:`
			`# name: "bridgehead-login-db"`