Dockerize Keycloak 21 with a custom theme
3 min readJun 17, 2023
What will we accomplish?
- Dockerizing the latest Keycloak 21
- Customize the welcome, login, and admin console page
Dockerizing Keycloak 21
- Create a folder that will hold all our files and folder — custom-auth-service
- Inside the custom-auth-service folder create a file called Dockerfile with the content below that will help us build our Keycloak docker image
FROM quay.io/keycloak/keycloak:21.0 as builder
# Configure a database vendor
ENV KC_DB=postgres
WORKDIR /opt/keycloak
# for demonstration purposes only, please make sure to use proper certificates in production instead
RUN keytool -genkeypair -storepass password -storetype PKCS12 -keyalg RSA -keysize 2048 -dname "CN=server" -alias server -ext "SAN:c=DNS:localhost,IP:127.0.0.1" -keystore conf/server.keystore
RUN /opt/keycloak/bin/kc.sh build
FROM quay.io/keycloak/keycloak:latest
COPY --from=builder /opt/keycloak/ /opt/keycloak/
ENTRYPOINT ["/opt/keycloak/bin/kc.sh"]
- Create a docker-compose.yaml file that will spin up Postgres DB(Database used by Keycloak to store all data) and a Keycloak instance created from the image built from the above Dockerfile.
version: '3'
volumes:
keycloak-db-data:
driver: local
services:
postgres:
image: postgres:13.7
container_name: postgres
volumes:
- keycloak-db-data:/var/lib/postgresql/data
environment:
POSTGRES_DB: keycloak
POSTGRES_USER: my_keycloak
POSTGRES_PASSWORD: My863Keycloak
keycloak:
build: .
container_name: custom-auth-service
environment:
#Admin Credentials
KC_HOSTNAME_STRICT: 'false'
KC_HOSTNAME_STRICT_HTTPS: 'false'
KEYCLOAK_ADMIN: admin
KEYCLOAK_ADMIN_PASSWORD: MyKeycloak493
KEYCLOAK_USER: admin
KEYCLOAK_PASSWORD: MyKeycloak493
KC_DB_URL: 'jdbc:postgresql://postgres/keycloak'
KC_DB_USERNAME: my_keycloak
KC_DB_PASSWORD: My863Keycloak
KC_HEALTH_ENABLED: 'true'
KC_METRICS_ENABLED: 'true'
KC_HOSTNAME: localhost
PROXY_ADDRESS_FORWARDING: "true"
command:
- "-v start --optimized
"
ports:
- 8443:8443
- 8080:8080
depends_on:
- postgres
- Build Keycloak image
docker-compose build
- Start keycloak
docker-compose up
Custom Theme in a Dockerized Keycloak 21
- Inside the custom-auth-service folder create a folder named themes. copy the my-theme folder and all its content inside the themes folder from here.
- Update the Dockerfile to copy my-theme folder from to the image
FROM quay.io/keycloak/keycloak:21.0 as builder
# Configure a database vendor
ENV KC_DB=postgres
WORKDIR /opt/keycloak
# for demonstration purposes only, please make sure to use proper certificates in production instead
RUN keytool -genkeypair -storepass password -storetype PKCS12 -keyalg RSA -keysize 2048 -dname "CN=server" -alias server -ext "SAN:c=DNS:localhost,IP:127.0.0.1" -keystore conf/server.keystore
RUN /opt/keycloak/bin/kc.sh build
FROM quay.io/keycloak/keycloak:latest
COPY --from=builder /opt/keycloak/ /opt/keycloak/
COPY ./themes/my-theme/ /opt/keycloak/themes/my-theme
ENTRYPOINT ["/opt/keycloak/bin/kc.sh"]
- Update the docker-compose file to set my-theme as the default theme. Add the below variable to the environment section:
KC_SPI_THEME_DEFAULT: 'my-theme'
- Rebuild the image and start the Keycloak instance and et voilà!
Find the complete code at GitHub here.
Custom Welcome Page
Custom Login Page
Happy Coding!