system-config/playbooks/roles/keycloak/templates/docker-compose.yaml.j2

# Version 2 is the latest that is supported by docker-compose in
# Ubuntu Xenial.
version: '2'

services:
  mariadb:
    # 10.11 was synonymous with the "lts" tag when we brought up the service
    image: docker.io/library/mariadb:10.11
    network_mode: host
    restart: always
    environment:
      MARIADB_ROOT_PASSWORD: "{{ keycloak_root_db_password }}"
      MARIADB_DATABASE: keycloak
      MARIADB_USER: keycloak
      MARIADB_PASSWORD: "{{ keycloak_db_password }}"
    volumes:
      - /var/lib/keycloak/db:/var/lib/mysql
      - /var/lib/keycloak/99-bind-address.cnf:/etc/mysql/conf.d/99-bind-address.cnf:ro
    logging:
      driver: syslog
      options:
        tag: docker-mariadb
  keycloak:
    depends_on:
      - mariadb
    image: quay.io/keycloak/keycloak:23.0
    network_mode: host
    restart: always
    environment:
      KC_DB_PASSWORD: "{{ keycloak_db_password }}"
      KC_DB_USERNAME: keycloak
      KEYCLOAK_ADMIN: admin
      KEYCLOAK_ADMIN_PASSWORD: "{{ keycloak_admin_password }}"
    command:
      - 'start'
      - '--hostname-strict=false'
      - '--http-enabled=true'
      - '--http-host=::1'
      - '--proxy=edge'
      - '--db=mariadb'
      # Wrap the DB host address here because it ends up inserted into a
      # colon-delimited JDBC URL internally.
      - '--db-url-host=[::1]'
      - '--db-url-port=3306'
      - '--db-url-database=keycloak'
    logging:
      driver: syslog
      options:
        tag: docker-keycloak