From 40d4c10e11ab4fd2d1953e3015c40a9535f3e52e Mon Sep 17 00:00:00 2001 From: juarez Date: Tue, 13 Feb 2024 15:18:37 +0100 Subject: [PATCH] Removed:Login-compose --- ccp/modules/login-compose.yml | 47 ----------------------------------- ccp/modules/login-setup.sh | 7 ------ ccp/modules/login.md | 13 ---------- 3 files changed, 67 deletions(-) delete mode 100644 ccp/modules/login-setup.sh delete mode 100644 ccp/modules/login.md diff --git a/ccp/modules/login-compose.yml b/ccp/modules/login-compose.yml index 787d4b2..e69de29 100644 --- a/ccp/modules/login-compose.yml +++ b/ccp/modules/login-compose.yml @@ -1,47 +0,0 @@ -version: "3.7" - -services: - - login-db: - image: docker.verbis.dkfz.de/cache/postgres:${POSTGRES_TAG} - container_name: bridgehead-login-db - environment: - POSTGRES_USER: "keycloak" - POSTGRES_PASSWORD: "${KEYCLOAK_DB_PASSWORD}" # Set in login-setup.sh - POSTGRES_DB: "keycloak" - tmpfs: - - /var/lib/postgresql/data -# Consider removing this comment once we have collected experience in production. -# volumes: -# - "bridgehead-login-db:/var/lib/postgresql/data" - - login: - image: docker.verbis.dkfz.de/ccp/dktk-keycloak:latest - container_name: bridgehead-login - environment: - KEYCLOAK_ADMIN: "admin" - KEYCLOAK_ADMIN_PASSWORD: "${LDM_AUTH}" - TEILER_ADMIN: "${PROJECT}" - TEILER_ADMIN_PASSWORD: "${LDM_AUTH}" - TEILER_ADMIN_FIRST_NAME: "${OPERATOR_FIRST_NAME}" - TEILER_ADMIN_LAST_NAME: "${OPERATOR_LAST_NAME}" - TEILER_ADMIN_EMAIL: "${OPERATOR_EMAIL}" - KC_DB_PASSWORD: "${KEYCLOAK_DB_PASSWORD}" # Set in login-setup.sh - KC_HOSTNAME_URL: "https://${HOST}/login" - KC_HOSTNAME_STRICT: "false" - KC_PROXY_ADDRESS_FORWARDING: "true" - TEILER_ORCHESTRATOR_EXTERN_URL: "https://${HOST}/ccp-teiler" - command: - - start-dev --import-realm --proxy edge --http-relative-path=/login - labels: - - "traefik.enable=true" - - "traefik.http.routers.login.rule=PathPrefix(`/login`)" - - "traefik.http.services.login.loadbalancer.server.port=8080" - - "traefik.http.routers.login.tls=true" - depends_on: - - login-db - -# Consider removing this comment once we have collected experience in production. -#volumes: -# bridgehead-login-db: -# name: "bridgehead-login-db" diff --git a/ccp/modules/login-setup.sh b/ccp/modules/login-setup.sh deleted file mode 100644 index 1981b87..0000000 --- a/ccp/modules/login-setup.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/bash -e - -if [ "$ENABLE_LOGIN" == true ]; then - log INFO "Login setup detected -- will start Login services." - OVERRIDE+=" -f ./$PROJECT/modules/login-compose.yml" - KEYCLOAK_DB_PASSWORD="$(generate_password \"local Keycloak\")" -fi diff --git a/ccp/modules/login.md b/ccp/modules/login.md deleted file mode 100644 index eee488c..0000000 --- a/ccp/modules/login.md +++ /dev/null @@ -1,13 +0,0 @@ -# Login -The login component is a local Keycloak instance. In the future will be replaced by the central keycloak instance -or maybe can be used to add local identity providers to the bridgehead or just to simplify the configuration of -the central keycloak instance for the integration of every new bridgehead. -The basic configuration of our Keycloak instance is contained in a small json file. - -### Teiler User -Currently, the local keycloak is used by the teiler. There is a basic admin user in the basic configuration of keycloak. -The user can be configured with the environment variables TEILER_ADMIN_XXX. - -## Login-DB -Keycloak requires a local database for its configuration. However, as we use an initial json configuration file, if no -local identity provider is configured nor any local user, theoretically we don't need a volume for the login.