From b55349faf2dda4556595f2aea458849d4dd8c40b Mon Sep 17 00:00:00 2001 From: juarez Date: Mon, 27 Nov 2023 19:39:16 +0100 Subject: [PATCH] Add Keycloak to MTBA --- bridgehead | 1 + ccp/modules/mtba-compose.yml | 7 +++++++ ccp/vars | 2 +- 3 files changed, 9 insertions(+), 1 deletion(-) diff --git a/bridgehead b/bridgehead index a1cb708..4e25da7 100755 --- a/bridgehead +++ b/bridgehead @@ -41,6 +41,7 @@ case "$PROJECT" in ;; esac +# TODO: Please add proper documentation for variable priorities (1. secrets, 2. vars, 3. PROJECT.local.conf, 4. PROJECT.conf, 5. ??? loadVars() { # Load variables from /etc/bridgehead and /srv/docker/bridgehead set -a diff --git a/ccp/modules/mtba-compose.yml b/ccp/modules/mtba-compose.yml index b448378..fb7b19a 100644 --- a/ccp/modules/mtba-compose.yml +++ b/ccp/modules/mtba-compose.yml @@ -20,11 +20,18 @@ services: FILE_END_OF_LINE: ${MTBA_FILE_END_OF_LINE} CSV_DELIMITER: ${MTBA_CSV_DELIMITER} HTTP_RELATIVE_PATH: "/mtba" + KEYCLOAK_ADMIN_GROUP: "${KEYCLOAK_ADMIN_GROUP}" + KEYCLOAK_CLIENT_ID: "${KEYCLOAK_PRIVATE_CLIENT_ID}" + KEYCLOAK_CLIENT_SECRET: "${OIDC_CLIENT_SECRET}" + KEYCLOAK_REALM: "${KEYCLOAK_REALM}" + KEYCLOAK_URL: "${KEYCLOAK_URL}" + labels: - "traefik.enable=true" - "traefik.http.routers.mtba_ccp.rule=PathPrefix(`/mtba`)" - "traefik.http.services.mtba_ccp.loadbalancer.server.port=8480" - "traefik.http.routers.mtba_ccp.tls=true" + - "traefik.http.middlewares.mtba_ccp_strip.stripprefix.prefixes=/mtba" - "traefik.http.routers.mtba_ccp.middlewares=mtba_ccp_strip, auth" volumes: diff --git a/ccp/vars b/ccp/vars index 5ca76a2..b051cee 100644 --- a/ccp/vars +++ b/ccp/vars @@ -18,7 +18,7 @@ KEYCLOAK_ADMIN_GROUP="DKTK_CCP_$(capitalize_first_letter ${SITE_ID})_Verwalter" KEYCLOAK_PRIVATE_CLIENT_ID=${SITE_ID}-private KEYCLOAK_PUBLIC_CLIENT_ID=${SITE_ID}-public # TODO: Change Keycloak Realm to productive. "test-realm-01" is only for testing -KEYCLOAK_REALM="test-realm-01" +KEYCLOAK_REALM="${KEYCLOAK_REALM:-test-realm-01}" KEYCLOAK_URL="https://login.verbis.dkfz.de" KEYCLOAK_TOKEN_GROUP="groups" POSTGRES_TAG=15.6-alpine