Traefik 后面的 Keycloak 无法正常工作
问题描述 投票:0回答:1
我尝试了很多次来了解发生了什么,但我厌倦了尝试却一无所获!
我从https://github.com/heyValdemar/keycloak-traefik-letsencrypt-docker-compose.git
下载了一个docker-compose更改了一些属性,例如主机名和电子邮件。
这是我的撰写文件:
这里我们有 2 个数据库,一个用于备份,一个用于 keycloak 生产、traefik 和 keycloak。
我评论了 https 重定向命令,现在我不使用证书。
networks:
keycloak-network:
external: true
traefik-network:
external: true
volumes:
keycloak-postgres:
keycloak-postgres-backup:
keycloak-database-backups:
traefik-certificates:
services:
postgres:
image: ${KEYCLOAK_POSTGRES_IMAGE_TAG}
volumes:
- keycloak-postgres:/var/lib/postgresql/data
environment:
POSTGRES_DB: ${KEYCLOAK_DB_NAME}
POSTGRES_USER: ${KEYCLOAK_DB_USER}
POSTGRES_PASSWORD: ${KEYCLOAK_DB_PASSWORD}
networks:
- keycloak-network
healthcheck:
test: [ "CMD", "pg_isready", "-q", "-d", "${KEYCLOAK_DB_NAME}", "-U", "${KEYCLOAK_DB_USER}" ]
interval: 10s
timeout: 5s
retries: 3
start_period: 60s
restart: unless-stopped
keycloak:
image: ${KEYCLOAK_IMAGE_TAG}
environment:
KEYCLOAK_DATABASE_VENDOR: ${KEYCLOAK_DB_TYPE}
KEYCLOAK_DATABASE_HOST: postgres
KEYCLOAK_DATABASE_PORT: 5432
KEYCLOAK_DATABASE_NAME: ${KEYCLOAK_DB_NAME}
KEYCLOAK_DATABASE_USER: ${KEYCLOAK_DB_USER}
KEYCLOAK_DATABASE_PASSWORD: ${KEYCLOAK_DB_PASSWORD}
KEYCLOAK_DATABASE_SCHEMA: public
KEYCLOAK_ADMIN_USER: ${KEYCLOAK_ADMIN_USERNAME}
KEYCLOAK_ADMIN_PASSWORD: ${KEYCLOAK_ADMIN_PASSWORD}
KEYCLOAK_ENABLE_HEALTH_ENDPOINTS: 'true'
KEYCLOAK_ENABLE_STATISTICS: 'true'
KC_HOSTNAME: ${KEYCLOAK_HOSTNAME}
KC_PROXY: edge
KC_PROXY_ADDRESS_FORWARDING: 'true'
KC_HTTP_ENABLED: 'true'
KC_HOSTNAME_STRICT: 'false'
networks:
- keycloak-network
- traefik-network
healthcheck:
test: timeout 10s bash -c ':> /dev/tcp/127.0.0.1/8080' || exit 1
interval: 10s
timeout: 5s
retries: 3
start_period: 90s
labels:
- "traefik.enable=true"
- "traefik.http.routers.keycloak.rule=Host(`${KEYCLOAK_HOSTNAME}`)"
- "traefik.http.routers.keycloak.service=keycloak"
- "traefik.http.routers.keycloak.entrypoints=web"
- "traefik.http.services.keycloak.loadbalancer.server.port=8080"
- "traefik.http.routers.keycloak.tls=true"
- "traefik.http.routers.keycloak.tls.certresolver=letsencrypt"
- "traefik.http.services.keycloak.loadbalancer.passhostheader=true"
- "traefik.http.routers.keycloak.middlewares=compresstraefik"
- "traefik.http.middlewares.compresstraefik.compress=true"
- "traefik.docker.network=traefik-network"
restart: unless-stopped
depends_on:
postgres:
condition: service_healthy
traefik:
image: ${TRAEFIK_IMAGE_TAG}
command:
- "--log.level=${TRAEFIK_LOG_LEVEL}"
- "--accesslog=true"
- "--api.dashboard=true"
- "--api.insecure=true"
- "--ping=true"
- "--ping.entrypoint=ping"
- "--entryPoints.ping.address=:8082"
- "--entryPoints.web.address=:80"
- "--entryPoints.websecure.address=:443"
- "--providers.docker=true"
- "--providers.docker.endpoint=unix:///var/run/docker.sock"
- "--providers.docker.exposedByDefault=false"
- "--certificatesresolvers.letsencrypt.acme.tlschallenge=true"
- "--certificatesresolvers.letsencrypt.acme.email=${TRAEFIK_ACME_EMAIL}"
- "--certificatesresolvers.letsencrypt.acme.storage=/etc/traefik/acme/acme.json"
- "--metrics.prometheus=true"
- "--metrics.prometheus.buckets=0.1,0.3,1.2,5.0"
- "--global.checkNewVersion=true"
- "--global.sendAnonymousUsage=false"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- traefik-certificates:/etc/traefik/acme
networks:
- traefik-network
ports:
- "127.0.0.1:8080:8080"
- "80:80"
- "443:443"
healthcheck:
test: ["CMD", "wget", "http://localhost:8082/ping","--spider"]
interval: 10s
timeout: 5s
retries: 3
start_period: 5s
labels:
- "traefik.enable=true"
- "traefik.http.routers.dashboard.rule=Host(`${TRAEFIK_HOSTNAME}`)"
- "traefik.http.routers.dashboard.service=api@internal"
- "traefik.http.routers.dashboard.entrypoints=web"
- "traefik.http.services.dashboard.loadbalancer.server.port=8080"
- "traefik.http.routers.dashboard.tls=true"
- "traefik.http.routers.dashboard.tls.certresolver=letsencrypt"
- "traefik.http.services.dashboard.loadbalancer.passhostheader=true"
- "traefik.http.routers.dashboard.middlewares=authtraefik"
- "traefik.http.middlewares.authtraefik.basicauth.users=${TRAEFIK_BASIC_AUTH}"
- "traefik.http.routers.http-catchall.rule=HostRegexp(`{host:.+}`)"
- "traefik.http.routers.http-catchall.entrypoints=web"
# - "traefik.http.routers.http-catchall.middlewares=redirect-to-https"
# - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
restart: unless-stopped
backups:
image: ${KEYCLOAK_POSTGRES_IMAGE_TAG}
command: >-
sh -c 'sleep $KEYCLOAK_BACKUP_INIT_SLEEP &&
while true; do
pg_dump -h postgres -p 5432 -d $KEYCLOAK_DB_NAME -U $KEYCLOAK_DB_USER | gzip > $KEYCLOAK_POSTGRES_BACKUPS_PATH/$KEYCLOAK_POSTGRES_BACKUP_NAME-$(date "+%Y-%m-%d_%H-%M").gz &&
find $KEYCLOAK_POSTGRES_BACKUPS_PATH -type f -mtime +$KEYCLOAK_POSTGRES_BACKUP_PRUNE_DAYS | xargs rm -f &&
sleep $KEYCLOAK_BACKUP_INTERVAL; done'
volumes:
- keycloak-postgres-backup:/var/lib/postgresql/data
- keycloak-database-backups:${KEYCLOAK_POSTGRES_BACKUPS_PATH}
environment:
KEYCLOAK_DB_NAME: ${KEYCLOAK_DB_NAME}
KEYCLOAK_DB_USER: ${KEYCLOAK_DB_USER}
PGPASSWORD: ${KEYCLOAK_DB_PASSWORD}
KEYCLOAK_BACKUP_INIT_SLEEP: ${KEYCLOAK_BACKUP_INIT_SLEEP}
KEYCLOAK_BACKUP_INTERVAL: ${KEYCLOAK_BACKUP_INTERVAL}
KEYCLOAK_POSTGRES_BACKUP_PRUNE_DAYS: ${KEYCLOAK_POSTGRES_BACKUP_PRUNE_DAYS}
KEYCLOAK_POSTGRES_BACKUPS_PATH: ${KEYCLOAK_POSTGRES_BACKUPS_PATH}
KEYCLOAK_POSTGRES_BACKUP_NAME: ${KEYCLOAK_POSTGRES_BACKUP_NAME}
networks:
- keycloak-network
restart: unless-stopped
depends_on:
postgres:
condition: service_healthy
这是我的环境变量:
与下载的一样,仅更改 TRAEFIK_HOSTNAME 和 KEYCLOAK_HOSTNAME。电子邮件我留空给你们看。
我将这两个主机名添加到我的 Windows 主机文件中。
# Traefik Variables
TRAEFIK_IMAGE_TAG=traefik:2.9
TRAEFIK_LOG_LEVEL=WARN
TRAEFIK_ACME_EMAIL=
TRAEFIK_HOSTNAME=traefik.keycloak.labs.net
# Basic Authentication for Traefik Dashboard
# Username: traefikadmin
# Passwords must be encoded using MD5, SHA1, or BCrypt https://hostingcanada.org/htpasswd-generator/
TRAEFIK_BASIC_AUTH=traefikadmin:$$2y$$10$$sMzJfirKC75x/hVpiINeZOiSm.Jkity9cn4KwNkRvO7hSQVFc5FLO
# Keycloak Variables
KEYCLOAK_POSTGRES_IMAGE_TAG=postgres:14
KEYCLOAK_IMAGE_TAG=bitnami/keycloak:22.0.1
KEYCLOAK_DB_TYPE=postgresql
KEYCLOAK_DB_NAME=keycloakdb
KEYCLOAK_DB_USER=keycloakdbuser
KEYCLOAK_DB_PASSWORD=EqhvLbsPhrkkZjcaGWcV7qT
KEYCLOAK_ADMIN_USERNAME=keycloakadmin
KEYCLOAK_ADMIN_PASSWORD=rwXPqspCABJzqh47i723wf9
KEYCLOAK_HOSTNAME=keycloak.labs.net
KEYCLOAK_LOG_LEVEL=WARN
# Backup Variables
KEYCLOAK_BACKUP_INIT_SLEEP=30m
KEYCLOAK_BACKUP_INTERVAL=24h
KEYCLOAK_POSTGRES_BACKUP_PRUNE_DAYS=7
KEYCLOAK_POSTGRES_BACKUPS_PATH=/srv/keycloak-postgres/backups
KEYCLOAK_POSTGRES_BACKUP_NAME=keycloak-postgres-backup
我访问 Traefik 没有问题,但是当我尝试访问 Keycloak 时,我只收到:ERR_NAME_NOT_RESOLVED 或 404 页面未找到。
本地主机:8080/admin 或者 keycloak.labs.net/admin
我已经阅读了所有这篇文章:https://www.keycloak.org/getting-started/getting-started-docker
这是我所有的 docker 容器:
这是来自Keycloak的日志,我真的没有收到任何请求。尝试了很多。
尝试将端口、主机名、方法从 http 更改为 https... 尝试通过财务 ip:port 进行连接。
1个回答
0
投票
投票
您同时在 traefik 后面运行 keycloak 吗?
最新问题
- jssor 画廊 - 几个问题
- 在android studio中停止项目后运行flutter应用程序后显示白屏
- 函数返回的字符串文字的生命周期是多少?
- 如何检查单元格是否包含形状?
- 优化查找每年最大值、字符串、属性
- GetText 0 复数化
- 如何在转储过程中使用 SnakeYaml 控制 yaml 缩进?
- PDO rowCount() 支持的数据库
- 如何避免手动将 $registry 容器传递到我创建的每个新类的构造函数中?
- 如果没有空格就断线
- 使用 ONS API 进行选区和选区
- Visual Studio Bundler 和 Minifier 上下文菜单不起作用
- 请问,在启用自动计算的情况下,当一个单元格(布尔变量)的值被另一个单元格更改时,如何调用宏?
- Twig i18n 扩展
- 我的情节没有保持我的小标题在 R 中的顺序
- PowerShell 在命令提示符问题下,“Format-Table”不被识别为内部或外部命令、可操作程序或批处理文件
- 获取上个月的所有记录,每个用户有一个结果以及每个用户的最大列数
- 在 Linux 上通过 xsltproc 将 XML 块插入到 .xml 文件中
- Logstash 结合数据流和索引模板
- kotlin/mockito:无法模拟重新调整布尔值的方法
© www.soinside.com 2019 - 2024. All rights reserved.