Spaces:
Paused
Paused
Update Dockerfile
Browse files- Dockerfile +2 -19
Dockerfile
CHANGED
|
@@ -1,21 +1,11 @@
|
|
| 1 |
-
# -----------------
|
| 2 |
-
# Build Keycloak
|
| 3 |
-
# -----------------
|
| 4 |
FROM quay.io/keycloak/keycloak:25.0.6 as builder
|
| 5 |
RUN /opt/keycloak/bin/kc.sh build
|
| 6 |
|
| 7 |
-
# -----------------
|
| 8 |
-
# Final image
|
| 9 |
-
# -----------------
|
| 10 |
FROM quay.io/keycloak/keycloak:25.0.6
|
| 11 |
|
| 12 |
-
# Copy built Keycloak
|
| 13 |
COPY --from=builder /opt/keycloak/ /opt/keycloak/
|
| 14 |
|
| 15 |
-
# Install keytool (comes with JDK, already available in image)
|
| 16 |
USER root
|
| 17 |
-
|
| 18 |
-
# Generate self-signed JKS keystore
|
| 19 |
RUN mkdir -p /opt/keycloak/certs && \
|
| 20 |
keytool -genkeypair \
|
| 21 |
-alias selfsigned \
|
|
@@ -26,26 +16,19 @@ RUN mkdir -p /opt/keycloak/certs && \
|
|
| 26 |
-storepass changeit \
|
| 27 |
-keypass changeit \
|
| 28 |
-validity 365 \
|
| 29 |
-
-dname "CN=localhost, OU=Dev, O=POC, L=Nowhere, ST=None, C=XX"
|
| 30 |
-
|
| 31 |
-
# Change ownership
|
| 32 |
-
RUN chown -R 1000:0 /opt/keycloak/certs
|
| 33 |
|
| 34 |
-
# Switch back to Keycloak user
|
| 35 |
USER 1000
|
| 36 |
|
| 37 |
-
# Expose Hugging Face Space port
|
| 38 |
EXPOSE 7860
|
| 39 |
|
| 40 |
-
# Admin credentials
|
| 41 |
ENV KEYCLOAK_ADMIN=admin
|
| 42 |
ENV KEYCLOAK_ADMIN_PASSWORD=admin
|
| 43 |
|
| 44 |
-
# Start Keycloak with HTTPS via JKS
|
| 45 |
ENTRYPOINT ["/opt/keycloak/bin/kc.sh", "start", \
|
| 46 |
"--https-port=7860", \
|
| 47 |
"--https-key-store-file=/opt/keycloak/certs/keystore.jks", \
|
| 48 |
"--https-key-store-password=changeit", \
|
| 49 |
"--hostname-strict=false", \
|
| 50 |
-
"--hostname-strict-https=false", \
|
| 51 |
"--db=dev-mem"]
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1 |
FROM quay.io/keycloak/keycloak:25.0.6 as builder
|
| 2 |
RUN /opt/keycloak/bin/kc.sh build
|
| 3 |
|
|
|
|
|
|
|
|
|
|
| 4 |
FROM quay.io/keycloak/keycloak:25.0.6
|
| 5 |
|
|
|
|
| 6 |
COPY --from=builder /opt/keycloak/ /opt/keycloak/
|
| 7 |
|
|
|
|
| 8 |
USER root
|
|
|
|
|
|
|
| 9 |
RUN mkdir -p /opt/keycloak/certs && \
|
| 10 |
keytool -genkeypair \
|
| 11 |
-alias selfsigned \
|
|
|
|
| 16 |
-storepass changeit \
|
| 17 |
-keypass changeit \
|
| 18 |
-validity 365 \
|
| 19 |
+
-dname "CN=localhost, OU=Dev, O=POC, L=Nowhere, ST=None, C=XX" && \
|
| 20 |
+
chown -R 1000:0 /opt/keycloak/certs
|
|
|
|
|
|
|
| 21 |
|
|
|
|
| 22 |
USER 1000
|
| 23 |
|
|
|
|
| 24 |
EXPOSE 7860
|
| 25 |
|
|
|
|
| 26 |
ENV KEYCLOAK_ADMIN=admin
|
| 27 |
ENV KEYCLOAK_ADMIN_PASSWORD=admin
|
| 28 |
|
|
|
|
| 29 |
ENTRYPOINT ["/opt/keycloak/bin/kc.sh", "start", \
|
| 30 |
"--https-port=7860", \
|
| 31 |
"--https-key-store-file=/opt/keycloak/certs/keystore.jks", \
|
| 32 |
"--https-key-store-password=changeit", \
|
| 33 |
"--hostname-strict=false", \
|
|
|
|
| 34 |
"--db=dev-mem"]
|