From f5fdab61b100879ff17a0919e847db40755ae377 Mon Sep 17 00:00:00 2001 From: kawaiipunk Date: Tue, 2 Jun 2026 23:25:11 +0100 Subject: [PATCH 1/2] Add Keycloak SSO compose override file --- compose.keycloak.yml | 14 ++++++++++++++ 1 file changed, 14 insertions(+) create mode 100644 compose.keycloak.yml diff --git a/compose.keycloak.yml b/compose.keycloak.yml new file mode 100644 index 0000000..027bc4d --- /dev/null +++ b/compose.keycloak.yml @@ -0,0 +1,14 @@ +version: "3.8" +services: + app: + secrets: + - keycloak_client_id + - keycloak_client_secret + +secrets: + keycloak_client_id: + external: true + name: ${STACK_NAME}_keycloak_client_id_${SECRET_KEYCLOAK_CLIENT_ID_VERSION} + keycloak_client_secret: + external: true + name: ${STACK_NAME}_keycloak_client_secret_${SECRET_KEYCLOAK_CLIENT_SECRET_VERSION} -- 2.49.0 From cb1df12c7240839c3fdf731c28899eec02a12275 Mon Sep 17 00:00:00 2001 From: kawaiipunk Date: Tue, 2 Jun 2026 23:50:07 +0100 Subject: [PATCH 2/2] docs: add Keycloak SSO entry to .env.sample, fix missing quote on public-db line --- .env.sample | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/.env.sample b/.env.sample index d74bed7..4da335b 100644 --- a/.env.sample +++ b/.env.sample @@ -72,13 +72,19 @@ SECRET_DB_PASSWORD_VERSION=v1 #SECRET_AUTHENTIK_ID_VERSION=v1 #LOGIN_TYPE='auto' +# Keycloak SSO +#COMPOSE_FILE="$COMPOSE_FILE:compose.keycloak.yml" +#KEYCLOAK_DOMAIN=keycloak.example.com +#SECRET_KEYCLOAK_CLIENT_ID_VERSION=v1 +#SECRET_KEYCLOAK_CLIENT_SECRET_VERSION=v1 + # Matrix .well-known redirect #COMPOSE_FILE="$COMPOSE_FILE:compose.matrix.yml" #MATRIX_DOMAIN=matrix.example.com # Allow remote connections to db # 🚩🚩 dangerous, use only for development sites! -#COMPOSE_FILE="$COMPOSE_FILE:compose.public-db.yml +#COMPOSE_FILE="$COMPOSE_FILE:compose.public-db.yml" # Wide-open CORS # 🚩🚩 dangerous, use only for development sites! -- 2.49.0