mirror of https://github.com/samply/bridgehead.git
Removed:Login-compose
This commit is contained in:
juarez
parent
1995997ac2
commit
97a558dd46
|
|
@ -1,47 +0,0 @@
|
||||||
version: "3.7"
|
|
||||||
|
|
||||||
services:
|
|
||||||
|
|
||||||
login-db:
|
|
||||||
image: docker.verbis.dkfz.de/cache/postgres:${POSTGRES_TAG}
|
|
||||||
container_name: bridgehead-login-db
|
|
||||||
environment:
|
|
||||||
POSTGRES_USER: "keycloak"
|
|
||||||
POSTGRES_PASSWORD: "${KEYCLOAK_DB_PASSWORD}" # Set in login-setup.sh
|
|
||||||
POSTGRES_DB: "keycloak"
|
|
||||||
tmpfs:
|
|
||||||
- /var/lib/postgresql/data
|
|
||||||
# Consider removing this comment once we have collected experience in production.
|
|
||||||
# volumes:
|
|
||||||
# - "bridgehead-login-db:/var/lib/postgresql/data"
|
|
||||||
|
|
||||||
login:
|
|
||||||
image: docker.verbis.dkfz.de/ccp/dktk-keycloak:latest
|
|
||||||
container_name: bridgehead-login
|
|
||||||
environment:
|
|
||||||
KEYCLOAK_ADMIN: "admin"
|
|
||||||
KEYCLOAK_ADMIN_PASSWORD: "${LDM_AUTH}"
|
|
||||||
TEILER_ADMIN: "${PROJECT}"
|
|
||||||
TEILER_ADMIN_PASSWORD: "${LDM_AUTH}"
|
|
||||||
TEILER_ADMIN_FIRST_NAME: "${OPERATOR_FIRST_NAME}"
|
|
||||||
TEILER_ADMIN_LAST_NAME: "${OPERATOR_LAST_NAME}"
|
|
||||||
TEILER_ADMIN_EMAIL: "${OPERATOR_EMAIL}"
|
|
||||||
KC_DB_PASSWORD: "${KEYCLOAK_DB_PASSWORD}" # Set in login-setup.sh
|
|
||||||
KC_HOSTNAME_URL: "https://${HOST}/login"
|
|
||||||
KC_HOSTNAME_STRICT: "false"
|
|
||||||
KC_PROXY_ADDRESS_FORWARDING: "true"
|
|
||||||
TEILER_ORCHESTRATOR_EXTERN_URL: "https://${HOST}/ccp-teiler"
|
|
||||||
command:
|
|
||||||
- start-dev --import-realm --proxy edge --http-relative-path=/login
|
|
||||||
labels:
|
|
||||||
- "traefik.enable=true"
|
|
||||||
- "traefik.http.routers.login.rule=PathPrefix(`/login`)"
|
|
||||||
- "traefik.http.services.login.loadbalancer.server.port=8080"
|
|
||||||
- "traefik.http.routers.login.tls=true"
|
|
||||||
depends_on:
|
|
||||||
- login-db
|
|
||||||
|
|
||||||
# Consider removing this comment once we have collected experience in production.
|
|
||||||
#volumes:
|
|
||||||
# bridgehead-login-db:
|
|
||||||
# name: "bridgehead-login-db"
|
|
||||||
|
|
@ -1,7 +0,0 @@
|
||||||
#!/bin/bash -e
|
|
||||||
|
|
||||||
if [ "$ENABLE_LOGIN" == true ]; then
|
|
||||||
log INFO "Login setup detected -- will start Login services."
|
|
||||||
OVERRIDE+=" -f ./$PROJECT/modules/login-compose.yml"
|
|
||||||
KEYCLOAK_DB_PASSWORD="$(generate_password \"local Keycloak\")"
|
|
||||||
fi
|
|
||||||
|
|
@ -1,13 +0,0 @@
|
||||||
# Login
|
|
||||||
The login component is a local Keycloak instance. In the future will be replaced by the central keycloak instance
|
|
||||||
or maybe can be used to add local identity providers to the bridgehead or just to simplify the configuration of
|
|
||||||
the central keycloak instance for the integration of every new bridgehead.
|
|
||||||
The basic configuration of our Keycloak instance is contained in a small json file.
|
|
||||||
|
|
||||||
### Teiler User
|
|
||||||
Currently, the local keycloak is used by the teiler. There is a basic admin user in the basic configuration of keycloak.
|
|
||||||
The user can be configured with the environment variables TEILER_ADMIN_XXX.
|
|
||||||
|
|
||||||
## Login-DB
|
|
||||||
Keycloak requires a local database for its configuration. However, as we use an initial json configuration file, if no
|
|
||||||
local identity provider is configured nor any local user, theoretically we don't need a volume for the login.
|
|
||||||
Loading…
Reference in New Issue