Spaces:

binary1ne
/

keycloak

Paused

binary1ne commited on Aug 28, 2025

Commit

3463dc3

verified ·

1 Parent(s): 5f2df45

Update Dockerfile

Files changed (1) hide show

Dockerfile CHANGED Viewed

@@ -1,40 +1,24 @@
 FROM quay.io/keycloak/keycloak:25.0.6 as builder
-# Build Keycloak with default options (H2 in-memory for POC)
-RUN /opt/keycloak/bin/kc.sh build
 FROM quay.io/keycloak/keycloak:25.0.6
 WORKDIR /opt/keycloak
-# Admin credentials
 ENV KEYCLOAK_ADMIN=admin \
     KEYCLOAK_ADMIN_PASSWORD=admin
-# Expose HTTPS port (7860 instead of 8443)
 EXPOSE 7860
-# Generate a self-signed certificate (Java keystore)
-# RUN mkdir -p /opt/keycloak/certs && \
-#     keytool -genkeypair \
-#         -storepass password \
-#         -keypass password \
-#         -keyalg RSA \
-#         -keysize 2048 \
-#         -dname "CN=localhost" \
-#         -alias keycloak \
-#         -keystore /opt/keycloak/certs/keycloak.jks
-# # Let KC_HOSTNAME be injected dynamically by environment / Kubernetes
 ENV KC_HOSTNAME=0.0.0.0
-# "--https-key-store-file=/opt/keycloak/certs/keycloak.jks", \
-# "--https-key-store-password=password", \
-# "--hostname-strict=false", \
 ENTRYPOINT ["/opt/keycloak/bin/kc.sh"]
-# Run Keycloak HTTPS on 7860 with self-signed cert
-CMD ["start", \
-     "--https-port=7860", \
-     "--hostname=${KC_HOSTNAME}"]

 FROM quay.io/keycloak/keycloak:25.0.6 as builder
+# Build Keycloak with in-memory DB
+RUN /opt/keycloak/bin/kc.sh build --db=dev-mem
 FROM quay.io/keycloak/keycloak:25.0.6
 WORKDIR /opt/keycloak
+# Admin credentials (default for POC)
 ENV KEYCLOAK_ADMIN=admin \
     KEYCLOAK_ADMIN_PASSWORD=admin
+# Expose only port 7860 (the only open port in Hugging Face)
 EXPOSE 7860
+# Disable hostname strict mode so it won’t redirect to 0.0.0.0
+ENV KC_HOSTNAME_STRICT=false
 ENV KC_HOSTNAME=0.0.0.0
 ENTRYPOINT ["/opt/keycloak/bin/kc.sh"]
+# Run Keycloak on HTTP 7860
+CMD ["start-dev", "--http-port=7860", "--hostname-strict=false", "--hostname=0.0.0.0"]