diff --git a/.env b/.env index 48fe451a9..73a5f57a6 100644 --- a/.env +++ b/.env @@ -27,6 +27,13 @@ DB_PASS=postgrespass DB_PORT=5432 DB_NAME=postgres +## Keycloak ## +############## +KEYCLOAK_DB_VENDOR=POSTGRES +KEYCLOAK_DB_USER=keycloak +KEYCLOAK_DB_PASSWORD=keycloak +KEYCLOAK_DB_NAME=keycloak + ## Local prisma db url DATABASE_URL=postgres://postgres:postgrespass@localhost:5432/postgres?schema=api diff --git a/db/init.d/create-keycloak-db.sh b/db/init.d/create-keycloak-db.sh new file mode 100644 index 000000000..e56909abb --- /dev/null +++ b/db/init.d/create-keycloak-db.sh @@ -0,0 +1,9 @@ +#!/bin/bash + +set -e +set -u + +psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" <<-EOSQL + CREATE USER keycloak WITH PASSWORD 'keycloak'; + CREATE DATABASE keycloak; + GRANT ALL PRIVILEGES ON DATABASE keycloak TO keycloak; \ No newline at end of file diff --git a/db/init.d/init.sql b/db/init.d/init.sql index 793a0612c..4ea7b3f52 100644 --- a/db/init.d/init.sql +++ b/db/init.d/init.sql @@ -2,3 +2,4 @@ \set ON_ERROR_STOP on CREATE SCHEMA "api"; +CREATE SCHEMA "public"; \ No newline at end of file diff --git a/docker-compose.yml b/docker-compose.yml index 73f5a4ea1..e1a1631c3 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -51,7 +51,7 @@ services: restart: 'no' environment: DATABASE_URL: postgres://${DB_USER?}:${DB_PASS?}@${DB_HOST?}:${DB_PORT?}/${DB_NAME?}?schema=api - entrypoint: ["sh", "-c", "sleep 5 && yarn prisma migrate deploy"] + entrypoint: ['sh', '-c', 'sleep 5 && yarn prisma migrate deploy'] depends_on: - pg-db networks: @@ -65,7 +65,7 @@ services: restart: 'no' environment: DATABASE_URL: postgres://${DB_USER?}:${DB_PASS?}@${DB_HOST?}:${DB_PORT?}/${DB_NAME?}?schema=api - entrypoint: ["sh", "-c", "sleep 15 && yarn prisma generate && yarn prisma db seed"] + entrypoint: ['sh', '-c', 'sleep 15 && yarn prisma generate && yarn prisma db seed'] depends_on: - pg-db networks: @@ -81,8 +81,9 @@ services: restart: always volumes: - - pg-db-data:/bitnami/postgresql - + # Keycloak creates it's own /data and /conf folders + - keycloak-db-data:/var/lib/keycloak + - pg-db-data:/var/lib/postgresql/data ports: - '${DB_PORT?}:5432' @@ -95,7 +96,6 @@ services: networks: - backend-net - ######################################## ## LOCAL IDENTITY PROVIDER - KEYCLOAK ## ######################################## @@ -108,22 +108,27 @@ services: profiles: ['local-keycloak'] restart: always environment: - - KEYCLOAK_USER=${KEYCLOAK_PASSWORD} - - KEYCLOAK_PASSWORD=${KEYCLOAK_PASSWORD} + - KEYCLOAK_USER=${KEYCLOAK_USER?} + - KEYCLOAK_PASSWORD=${KEYCLOAK_PASSWORD?} - JAVA_OPTS_APPEND=-Dkeycloak.profile.feature.token_exchange=enabled -Dkeycloak.profile.feature.admin_fine_grained_authz=enabled - KEYCLOAK_IMPORT=/opt/jboss/keycloak/config/keycloak-webapp-realm.json - DEBUG=true - DEBUG_PORT='*:8787' - - DB_VENDOR=H2 - - TZ=Europe/Sofia + - DB_VENDOR=${KEYCLOAK_DB_VENDOR?} + - DB_USER=${KEYCLOAK_DB_USER?} + - DB_PASSWORD=${KEYCLOAK_DB_PASSWORD?} + - DB_ADDR=${COMPOSE_PROJECT_NAME?}-pg-db + - DB_DATABASE=${KEYCLOAK_DB_NAME?} ports: - '8180:8080' - '8787:8787' volumes: - './manifests/keycloak/theme_podkrepi:/opt/jboss/keycloak/themes/theme_podkrepi' - './manifests/keycloak/config:/opt/jboss/keycloak/config' + depends_on: + - pg-db networks: - backend-net: + - backend-net # ## KEYCLOAK CONFIGURATOR - removes the need to recreate keycloak container upon config changes # ## uncomment if you plan to tune the keycloak realm configuration @@ -147,6 +152,7 @@ services: # backend-net: volumes: pg-db-data: + driver: local keycloak-db-data: driver: local