From 59bd22567ecfc3ac12c093141f482eb3d1fcf39a Mon Sep 17 00:00:00 2001 From: Mark Ettema Date: Sat, 15 May 2021 18:27:57 +0700 Subject: [PATCH] Adding Dockerfiles for supporting services. Updating keycloak container to be able to add SSL cert --- develop/keycloak/Dockerfile | 19 +++++++++++++++++++ develop/keycloak/add-to-truststore.sh | 10 ++++++++++ develop/proxy/Dockerfile | 3 +++ .../proxy/proxy_ssl.conf | 0 docker-compose.yml | 14 +++++++++----- 5 files changed, 41 insertions(+), 5 deletions(-) create mode 100644 develop/keycloak/Dockerfile create mode 100644 develop/keycloak/add-to-truststore.sh create mode 100644 develop/proxy/Dockerfile rename proxy_ssl.conf => develop/proxy/proxy_ssl.conf (100%) diff --git a/develop/keycloak/Dockerfile b/develop/keycloak/Dockerfile new file mode 100644 index 0000000..cbc4d2a --- /dev/null +++ b/develop/keycloak/Dockerfile @@ -0,0 +1,19 @@ +FROM jboss/keycloak + +USER root + +# Install sudo and utils to configure jboss user +RUN microdnf update -y && \ + microdnf install -y sudo shadow-utils passwd && \ + microdnf clean all + +# 'Fix' jboss user, add to sudoers +RUN usermod --password jboss jboss && \ + usermod -aG wheel jboss && \ + sed -i 's/# includedir/includedir/' /etc/sudoers && \ + echo "jboss ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers.d/jboss + +ADD ./add-to-truststore.sh /opt/jboss/startup-scripts/add-to-truststore.sh +RUN chmod +x /opt/jboss/startup-scripts/add-to-truststore.sh + +USER jboss \ No newline at end of file diff --git a/develop/keycloak/add-to-truststore.sh b/develop/keycloak/add-to-truststore.sh new file mode 100644 index 0000000..5499c3f --- /dev/null +++ b/develop/keycloak/add-to-truststore.sh @@ -0,0 +1,10 @@ +#!/usr/bin/env bash + +CACERTS=$(readlink -e $(dirname $(readlink -e $(which keytool)))"/../lib/security/cacerts") + +sudo keytool \ + -import -trustcacerts \ + -alias "dev.local.crt" -file /tmp/dev.local.crt \ + -keystore ${CACERTS} \ + -storepass changeit \ + -noprompt \ No newline at end of file diff --git a/develop/proxy/Dockerfile b/develop/proxy/Dockerfile new file mode 100644 index 0000000..275df43 --- /dev/null +++ b/develop/proxy/Dockerfile @@ -0,0 +1,3 @@ +FROM nginx + +ADD ./develop/proxy/proxy_ssl.conf /etc/nginx/conf.d/proxy_ssl.conf \ No newline at end of file diff --git a/proxy_ssl.conf b/develop/proxy/proxy_ssl.conf similarity index 100% rename from proxy_ssl.conf rename to develop/proxy/proxy_ssl.conf diff --git a/docker-compose.yml b/docker-compose.yml index 328323c..aedde3a 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -6,6 +6,11 @@ # volumes: # - "/dev.local.crt:/tmp/dev.local.crt" # - "/dev.local.key:/tmp/dev.local.key" +# +# keycloak: +# volumes: +# - "/dev.local.crt:/tmp/dev.local.crt" +# # steamidp: # environment: # Steam__ApplicationKey: @@ -19,10 +24,9 @@ volumes: services: proxy: - image: nginx + image: neothor/proxy:develop + build: ./develop/proxy container_name: proxy - volumes: - - "./proxy_ssl.conf:/etc/nginx/conf.d/proxy_ssl.conf" ports: - 443:443 links: @@ -40,7 +44,8 @@ services: POSTGRES_PASSWORD: password keycloak: - image: jboss/keycloak + image: neothor/keycloak:develop + build: ./develop/keycloak container_name: keycloak environment: DB_VENDOR: POSTGRES @@ -56,7 +61,6 @@ services: - postgres extra_hosts: - "dev.local:host-gateway" - steamidp: image: neothor/steam-openid-connect-provider:develop