小无编辑摘要 标签:2017版源代码编辑 |
小无编辑摘要 |
||
| (未显示同一用户的4个中间版本) | |||
| 第1行: | 第1行: | ||
== Install == | == Install == | ||
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
docker run --name | docker network create dev-zone | ||
docker stop yai-postgres && docker rm yai-postgres | |||
docker run \ | |||
--name yai-postgres \ | |||
-p 5432:5432 \ | |||
-e POSTGRES_USER=${POSTGRES_USER} \ | |||
-e POSTGRES_DB=development-db \ | |||
-e POSTGRES_PASSWORD=${POSTGRES_PASSWORD} \ | |||
-v ./postgres-data:/var/lib/postgresql/18/docker \ | |||
--network dev-zone \ | |||
-d postgres:18 | |||
# create the schema manually | |||
docker run --name yai-keycloak \ | |||
-p 8081:8080 -d \ | -p 8081:8080 -d \ | ||
-e KC_BOOTSTRAP_ADMIN_USERNAME= | -e KC_BOOTSTRAP_ADMIN_USERNAME=${KC_BOOTSTRAP_ADMIN_USERNAME} \ | ||
-e KC_BOOTSTRAP_ADMIN_PASSWORD= | -e KC_BOOTSTRAP_ADMIN_PASSWORD=${KC_BOOTSTRAP_ADMIN_PASSWORD} \ | ||
quay.io/keycloak/keycloak:26. | -e KC_DB=postgres \ | ||
--hostname=https:// | -e KC_DB_URL=jdbc:postgresql://yai-postgres:5432/development-db \ | ||
-e KC_DB_SCHEMA=keycloak \ | |||
-e KC_DB_USERNAME=${POSTGRES_USER} \ | |||
-e KC_DB_PASSWORD=${POSTGRES_PASSWORD} \ | |||
--network yai-zone \ | |||
quay.io/keycloak/keycloak:26.3.2 start-dev \ | |||
--hostname=https://auth.example.com | |||
</syntaxhighlight> | </syntaxhighlight> | ||
Reversed proxy<ref>https://medium.com/@asynchronouscal/keycloak-production-mode-with-docker-step-by-step-guide-b284927e72c0</ref>: | Reversed proxy<ref>https://medium.com/@asynchronouscal/keycloak-production-mode-with-docker-step-by-step-guide-b284927e72c0</ref> <ref>https://www.keycloak.org/server/reverseproxy</ref>: | ||
<syntaxhighlight lang="config"> | <syntaxhighlight lang="config"> | ||
2025年10月8日 (三) 09:54的最新版本
Install
docker network create dev-zone
docker stop yai-postgres && docker rm yai-postgres
docker run \
--name yai-postgres \
-p 5432:5432 \
-e POSTGRES_USER=${POSTGRES_USER} \
-e POSTGRES_DB=development-db \
-e POSTGRES_PASSWORD=${POSTGRES_PASSWORD} \
-v ./postgres-data:/var/lib/postgresql/18/docker \
--network dev-zone \
-d postgres:18
# create the schema manually
docker run --name yai-keycloak \
-p 8081:8080 -d \
-e KC_BOOTSTRAP_ADMIN_USERNAME=${KC_BOOTSTRAP_ADMIN_USERNAME} \
-e KC_BOOTSTRAP_ADMIN_PASSWORD=${KC_BOOTSTRAP_ADMIN_PASSWORD} \
-e KC_DB=postgres \
-e KC_DB_URL=jdbc:postgresql://yai-postgres:5432/development-db \
-e KC_DB_SCHEMA=keycloak \
-e KC_DB_USERNAME=${POSTGRES_USER} \
-e KC_DB_PASSWORD=${POSTGRES_PASSWORD} \
--network yai-zone \
quay.io/keycloak/keycloak:26.3.2 start-dev \
--hostname=https://auth.example.com
server {
server_name oauth.example.com;
location / {
root html;
index index.html index.htm;
proxy_pass http://localhost:8081;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port 443;
}
...
}Configure
- Create realm: my-org
- Create users: whatever
- Create client: my-app
- Client ID: my-app
- Valid redirect URIs: http://localhost:5173/auth/callback
- Valid post logout redirect URIs : http://localhost:5173
- Web origins: http://localhost:5173 (No slash at end!!!)
- Client authentication: off (for public clients)
- Authentication flow: Standard flow, Direct access grants