rstudio/compose.keycloak.yml

37 lines
1.1 KiB
YAML

---
version: "3.8"
# WARNING: Requires your own Keycloak and is a work-around for the server pro
# restrictions for SSO integration. This is experimental. Please speak
# to washnote.com folks if you need support, it is being used there.
services:
app:
configs:
- source: pam_exec_oauth2_yaml
target: /opt/pam-exec-oauth2/pam-exec-oauth2.yaml
mode: 0600
- source: pam_script_auth_sh
target: /usr/share/libpam-script/pam_script_auth
mode: 0555
environment:
- KEYCLOAK_ENABLED
- KEYCLOAK_CLIENT_ID
- KEYCLOAK_TOKEN_URL
secrets:
- keycloak_client_secret
configs:
pam_exec_oauth2_yaml:
name: ${STACK_NAME}_pam_exec_oauth2_yaml_${PAM_EXEC_OAUTH2_YAML_VERSION}
file: pam-exec-oauth2.yaml.tmpl
template_driver: golang
pam_script_auth_sh:
name: ${STACK_NAME}_pam_script_auth_sh_${PAM_SCRIPT_AUTH_VERSION}
file: pam_script_auth.sh
secrets:
keycloak_client_secret:
name: ${STACK_NAME}_keycloak_client_secret_${SECRET_KEYCLOAK_CLIENT_SECRET_VERSION}
external: true