Adding Dockerfiles for supporting services.

Updating keycloak container to be able to add SSL cert
2025-01-09 18:06:22 +00:00 · 2021-05-15 18:27:57 +07:00 · 2021-05-15 18:27:57 +07:00 · 59bd22567e
commit 59bd22567e
parent 3cd36724c9
5 changed files with 41 additions and 5 deletions
--- a/develop/keycloak/Dockerfile
+++ b/develop/keycloak/Dockerfile
@ -0,0 +1,19 @@
+FROM jboss/keycloak
+
+USER root
+
+# Install sudo and utils to configure jboss user
+RUN microdnf update -y && \
+    microdnf install -y sudo shadow-utils passwd && \
+    microdnf clean all
+
+# 'Fix' jboss user, add to sudoers
+RUN usermod --password jboss jboss && \
+    usermod -aG wheel jboss && \
+    sed -i 's/# includedir/includedir/' /etc/sudoers && \
+    echo "jboss        ALL=(ALL)       NOPASSWD: ALL" >> /etc/sudoers.d/jboss
+
+ADD ./add-to-truststore.sh /opt/jboss/startup-scripts/add-to-truststore.sh
+RUN chmod +x /opt/jboss/startup-scripts/add-to-truststore.sh
+
+USER jboss
--- a/develop/keycloak/add-to-truststore.sh
+++ b/develop/keycloak/add-to-truststore.sh
@ -0,0 +1,10 @@
+#!/usr/bin/env bash
+
+CACERTS=$(readlink -e $(dirname $(readlink -e $(which keytool)))"/../lib/security/cacerts")
+
+sudo keytool \
+    -import -trustcacerts \
+    -alias "dev.local.crt" -file /tmp/dev.local.crt \
+    -keystore ${CACERTS} \
+    -storepass changeit \
+    -noprompt
--- a/develop/proxy/Dockerfile
+++ b/develop/proxy/Dockerfile
@ -0,0 +1,3 @@
+FROM nginx
+
+ADD ./develop/proxy/proxy_ssl.conf /etc/nginx/conf.d/proxy_ssl.conf
--- a/develop/proxy/proxy_ssl.conf
+++ b/develop/proxy/proxy_ssl.conf
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -6,6 +6,11 @@
 #         volumes: 
 #             - "<your-certs>/dev.local.crt:/tmp/dev.local.crt"
 #             - "<your-certs>/dev.local.key:/tmp/dev.local.key"
+#  
+#     keycloak:
+#         volumes: 
+#             - "<your-certs>/dev.local.crt:/tmp/dev.local.crt"
+#             
 #     steamidp:
 #         environment: 
 #             Steam__ApplicationKey: <your-app-key>
@ -19,10 +24,9 @@ volumes:

 services: 
    proxy:
-        image: nginx
+        image: neothor/proxy:develop
+        build: ./develop/proxy
        container_name: proxy
-        volumes: 
-            - "./proxy_ssl.conf:/etc/nginx/conf.d/proxy_ssl.conf"
        ports:
            - 443:443
        links:
@ -40,7 +44,8 @@ services:
          POSTGRES_PASSWORD: password

    keycloak:
-        image: jboss/keycloak
+        image: neothor/keycloak:develop
+        build: ./develop/keycloak
        container_name: keycloak
        environment: 
            DB_VENDOR: POSTGRES
@ -56,7 +61,6 @@ services:
            - postgres    
        extra_hosts:
            - "dev.local:host-gateway"
-            
    
    steamidp:
        image: neothor/steam-openid-connect-provider:develop