Commit 670508bc authored by Adam Fekete's avatar Adam Fekete
Browse files

initialising user + importing realm into keycloak

parent 94d68f7c
Pipeline #135796 passed with stages
in 39 minutes and 34 seconds
......@@ -9,10 +9,10 @@ server {
proxy_set_header Host $host;
location /keycloak {
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# proxy_set_header Host $host;
# proxy_set_header X-Real-IP $remote_addr;
rewrite /keycloak/(.*) /$1 break;
proxy_pass http://keycloak:8080;
......
services:
api_host: 'localhost'
api_base_path: '/nomad-oasis'
oasis:
is_oasis: true
uses_central_user_management: false
north:
jupyterhub_crypt_key: '978bfb2e13a8448a253c629d8dd84ff89587f30e635b753153960930cad9d36d'
hub_ip_connect: '172.17.0.1'
keycloak:
server_url: 'http://keycloak:8080/auth/'
public_server_url: 'http://localhost/keycloak/auth/'
realm_name: nomad
username: 'admin'
password: 'password'
meta:
deployment: 'oasis'
deployment_id: 'my_oasis'
maintainer_email: 'me@my-oasis.org'
mongo:
db_name: nomad_oasis_v1
elastic:
entries_index: nomad_oasis_entries_v1
materials_index: nomad_oasis_materials_v1
\ No newline at end of file
......@@ -3,23 +3,24 @@ version: '3'
services:
# keycloak user management
keycloak:
restart: always
restart: unless-stopped
image: jboss/keycloak:16.1.1
container_name: nomad_oasis_keycloak
environment:
- PROXY_ADDRESS_FORWARDING=true
- KEYCLOAK_USER=admin
- KEYCLOAK_PASSWORD=password
- KEYCLOAK_FRONTEND_URL=http://localhost/keycloak/auth
- KEYCLOAK_ARGS="-Dkeycloak.import=/realm.json -Dkeycloak.migration.strategy=IGNORE_EXISTING"
# - KEYCLOAK_IMPORT="/tmp/nomad-realm.json"
command:
- "-Dkeycloak.import=/tmp/nomad-realm.json -Dkeycloak.migration.strategy=IGNORE_EXISTING"
volumes:
- keycloak:/opt/jboss/keycloak/standalone/data
- ./configs/nomad-realm.json:/realm.json
# Uncomment to get access to the admin console.
# ports:
# - 8080:8080
- ./configs/nomad-realm.json:/tmp/nomad-realm.json
# broker for celery
rabbitmq:
restart: always
restart: unless-stopped
image: rabbitmq:3.9.13
container_name: nomad_oasis_rabbitmq
environment:
......@@ -32,7 +33,7 @@ services:
# the search engine
elastic:
restart: always
restart: unless-stopped
image: docker.elastic.co/elasticsearch/elasticsearch:7.17.1
container_name: nomad_oasis_elastic
environment:
......@@ -43,7 +44,7 @@ services:
# the user data db
mongo:
restart: always
restart: unless-stopped
image: mongo:5.0.6
container_name: nomad_oasis_mongo
environment:
......@@ -56,7 +57,7 @@ services:
# nomad worker (processing)
worker:
restart: always
restart: unless-stopped
image: gitlab-registry.mpcdf.mpg.de/nomad-lab/nomad-fair:v1.1.1
container_name: nomad_oasis_worker
environment:
......@@ -76,7 +77,7 @@ services:
# nomad app (api + proxy)
app:
restart: always
restart: unless-stopped
image: gitlab-registry.mpcdf.mpg.de/nomad-lab/nomad-fair:v1.1.1
container_name: nomad_oasis_app
environment:
......@@ -98,7 +99,7 @@ services:
# nomad remote tools hub (JupyterHUB, e.g. for AI Toolkit)
north:
restart: always
restart: unless-stopped
image: gitlab-registry.mpcdf.mpg.de/nomad-lab/nomad-fair:v1.1.1
container_name: nomad_oasis_north
environment:
......@@ -116,14 +117,14 @@ services:
- app
volumes:
- ./configs/nomad.yaml:/app/nomad.yaml
- /var/run/docker.sock:/var/run/docker.sock
- ./.volumes/fs:/app/.volumes/fs
- /var/run/docker.sock:/var/run/docker.sock
command: python -m nomad.cli admin run hub
user: 1000:991
# nomad proxy (a reverse proxy for nomad)
proxy:
restart: always
restart: unless-stopped
image: nginx:1.13.9-alpine
container_name: nomad_oasis_proxy
command: nginx -g 'daemon off;'
......@@ -143,8 +144,6 @@ volumes:
name: "nomad_oasis_elastic"
rabbitmq:
name: "nomad_oasis_rabbitmq"
files:
name: "nomad_oasis_files"
keycloak:
name: "nomad_oasis_keycloak"
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment