version: '3.8'

services:

  postgres:
      container_name: postgres_keycloak
      image: postgres:15.7-alpine3.19
      volumes:
        - postgres_volume:/var/lib/postgresql/data
        # - ./pg_hba.conf:/var/lib/postgresql/data/pg_hba.conf
      environment:
        POSTGRES_DB: ${POSTGRES_DB}
        POSTGRES_USER: ${POSTGRES_USER}
        POSTGRES_PASSWORD: "test1234"
      # ports:
        #- "2345:5432"
      networks:
        - keycloak

  auth:
    container_name: keycloak
    image: quay.io/keycloak/keycloak:23.0.7
      # restart: unless-stopped
    ports:
      - "8080:8080"
    environment:
      - KC_DB=postgres
      - KC_DB_URL_HOST=${DB_HOST}
      - KC_DB_URL_DATABASE=${POSTGRES_DB}
      - KC_DB_USERNAME=${POSTGRES_USER}
      - KC_DB_PASSWORD=test1234
      - KC_PROXY=edge
      - KC_HOSTNAME=${HOSTNAME}
      - KC_HOSTNAME_ADMIN=${HOSTNAME}
      # - KC_TRANSACTION_XA_ENABLED=false
      - KC_METRICS_ENABLED=true
      - KC_HEALTH_ENABLED=true
      - KC_HOSTNAME_STRICT=false
      - KC_HTTP_ENABLED=true
      - KC_HOSTNAME_STRICT_HTTPS=false
        # - PROXY_ADDRESS_FORWARDING=true
      - KC_LOG_LEVEL=INFO
    depends_on:
      - postgres
        # entrypoint: ["/opt/keycloak/wait-for-postgres.sh", "postgres_keycloak", "/opt/keycloak/bin/kc.sh", "start"]
        # entrypoint: ["/opt/keycloak/bin/kc.sh", "start", "--db-password='test1234'"]
    entrypoint: ["/opt/keycloak/bin/kc.sh", "start"]
    volumes:
      - ./auth/import:/opt/keycloak/data/import
      - ./keywind.jar:/opt/keycloak/providers/keywind.jar
      - ./wait-for-postgres.sh:/opt/keycloak/wait-for-postgres.sh
    networks:
      - keycloak

networks:
  keycloak:
    external: true

volumes:
  postgres_volume:
    external: true