fix: correc domain name for keycloak according to the subject

2026-03-03 16:32:35 +01:00 · 2026-03-03 16:32:35 +01:00 · 7ef624d74b
parent 09dbbe46b7
commit 7ef624d74b
8 changed files with 15 additions and 12 deletions
--- a/README.md
+++ b/README.md
@ -78,7 +78,7 @@ ssh-copy-id -p 2222 bapasqui@localhost

 ## for peertube
 What you need to do in Keycloak
-1. Go to https://keycloak.chatons.duckdns.org > Admin Console
+1. Go to https://auth.chatons.duckdns.org > Admin Console
 2. Create realm chatons (if it doesn't exist)
 3. Go to Clients > Create client:
   - Client type: OpenID Connect
--- a/core/caddy/config/sites/auth.caddy
+++ b/core/caddy/config/sites/auth.caddy
@ -0,0 +1,3 @@
+auth.chatons.duckdns.org {
+	reverse_proxy keycloak:8080
+}
--- a/core/caddy/config/sites/keycloak.caddy
+++ b/core/caddy/config/sites/keycloak.caddy
@ -1,3 +0,0 @@
-keycloak.chatons.duckdns.org {
-	reverse_proxy keycloak:8080
-}
--- a/core/caddy/config/sites/outils.caddy
+++ b/core/caddy/config/sites/outils.caddy
@ -49,7 +49,7 @@ outils.chatons.duckdns.org {
 						<li><a href="https://cloud.chatons.duckdns.org">Nextcloud</a></li>
 						<li><a href="https://peertube.chatons.duckdns.org">Nextcloud</a></li>
 						<li><a href="https://vogsphere.chatons.duckdns.org">Gitea</a></li>
-						<li><a href="https://keycloak.chatons.duckdns.org">Keycloak</a></li>
+						<li><a href="https://auth.chatons.duckdns.org">Keycloak</a></li>
 						<li><a href="https://diagrams.chatons.duckdns.org">Diagrams</a></li>
 					</ul>
 				</body>
--- a/core/keycloak/buildtime.env
+++ b/core/keycloak/buildtime.env
--- a/core/keycloak/compose.yml
+++ b/core/keycloak/compose.yml
@ -2,18 +2,18 @@ services:
  keycloak:
    image: quay.io/keycloak/keycloak
    container_name: keycloak
-    ports:
-      - 8080
+    expose:
+      - "8080"
    networks:
      - proxy
+    env_file:
+      - runtime.env
    environment:
      KC_DB: postgres
      KC_DB_URL: jdbc:postgresql://postgres:3212/keycloak
      KC_DB_USERNAME: bapasqui
-      KC_DB_PASSWORD: ${KC_DB_PASSWORD}
-      KC_BOOTSTRAP_ADMIN_USERNAME: ${KC_BOOTSTRAP_ADMIN_USERNAME}
-      KC_BOOTSTRAP_ADMIN_PASSWORD: ${KC_BOOTSTRAP_ADMIN_PASSWORD}
-      KC_HOSTNAME: https://keycloak.chatons.duckdns.org
+      KC_HOSTNAME: https://auth.chatons.duckdns.org
+      KC_HEALTH_ENABLED: "true"
    command:
      - start-dev
    restart: unless-stopped
--- a/core/keycloak/runtime.env
+++ b/core/keycloak/runtime.env
@ -0,0 +1,3 @@
+KC_DB_PASSWORD=password
+KC_BOOTSTRAP_ADMIN_USERNAME=admin
+KC_BOOTSTRAP_ADMIN_PASSWORD=admin
--- a/core/peertube/compose.yml
+++ b/core/peertube/compose.yml
@ -22,7 +22,7 @@ services:
      - PEERTUBE_SECRET=${PEERTUBE_SECRET}
      - PEERTUBE_ADMIN_EMAIL=${PEERTUBE_ADMIN_EMAIL}
      - PT_INITIAL_ROOT_PASSWORD=${PT_INITIAL_ROOT_PASSWORD}
-      - PEERTUBE_PLUGIN_AUTH_OPENID_CONNECT_DISCOVER_URL=https://keycloak.chatons.duckdns.org/realms/chatons/.well-known/openid-configuration
+      - PEERTUBE_PLUGIN_AUTH_OPENID_CONNECT_DISCOVER_URL=https://auth.chatons.duckdns.org/realms/chatons/.well-known/openid-configuration
      - PEERTUBE_PLUGIN_AUTH_OPENID_CONNECT_CLIENT_ID=peertube
      - PEERTUBE_PLUGIN_AUTH_OPENID_CONNECT_CLIENT_SECRET=${PEERTUBE_OIDC_CLIENT_SECRET}
      - PEERTUBE_PLUGIN_AUTH_OPENID_CONNECT_SCOPE=openid profile email