version: '3.7'

networks:
  back-tier:
    external: True
  front-tier:
    external: True

volumes:
  {{ keycloak_id }}-postgres-data: {}

services:
  {{ keycloak_id }}:
    image: "{{ keycloak_image_name }}:{{ keycloak_version }}"
    container_name: "{{ keycloak_id }}"
    command: "start"
    restart: always
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.{{ keycloak_id }}.service={{ keycloak_id }}"
      - "traefik.http.routers.{{ keycloak_id }}.rule=Host(`{{ keycloak_id }}.smardigo.digital`)"
      - "traefik.http.routers.{{ keycloak_id }}.entrypoints=websecure"
      - "traefik.http.routers.{{ keycloak_id }}.tls=true"
      - "traefik.http.routers.{{ keycloak_id }}.tls.certresolver={{ keycloak_compact_tls_cert_resolver }}"
      - "traefik.http.services.{{ keycloak_id }}.loadbalancer.server.port=8080"
{% if
  keycloak_external_subdomain is defined
%}
      - "traefik.http.routers.{{ keycloak_id }}-extern.service={{ keycloak_id }}-extern"
      - "traefik.http.routers.{{ keycloak_id }}-extern.rule=Host(`{{ keycloak_external_subdomain }}.smardigo.digital`)"
      - "traefik.http.routers.{{ keycloak_id }}-extern.entrypoints=websecure"
      - "traefik.http.routers.{{ keycloak_id }}-extern.tls=true"
      - "traefik.http.routers.{{ keycloak_id }}-extern.tls.certresolver={{ keycloak_compact_tls_cert_resolver }}"
      - "traefik.http.services.{{ keycloak_id }}-extern.loadbalancer.server.port=8080"
{% endif %}
    environment:
      KEYCLOAK_USER: "{{ keycloak_admin_username }}"
      KEYCLOAK_ADMIN_PASSWORD: "{{ keycloak_admin_password }}"
      KC_PROXY: "edge"
      KC_HOSTNAME: "{{ keycloak_id }}.{{ domain_env }}"
      KC_DB: "postgres"
      KC_DB_USERNAME: "{{ keycloak_postgres_username }}"
      KC_DB_PASSWORD: "{{ keycloak_postgres_password }}"
      KC_DB_URL: "jdbc:postgresql://{{ keycloak_id }}-postgres:{{ service_port_postgres }}/keycloak-postgres"
    networks:
      - "back-tier"
      - "front-tier"
    ports:
      - "8110:8080"
  {{ keycloak_id }}-postgres:
    image: "postgres:12"
    container_name: "{{ keycloak_id }}-postgres"
    restart: always
    environment:
      POSTGRES_DB: "keycloak-postgres"
      POSTGRES_USER: "{{ keycloak_postgres_username }}"
      POSTGRES_PASSWORD: "{{ keycloak_postgres_password }}"
    volumes:
      - "{{ keycloak_id }}-postgres-data:/var/lib/postgresql/data"
    networks:
      - "back-tier"