keycloak and portainer
712 views
Skip to first unread message
mtint hpc
Oct 31, 2023, 1:56:54 PM10/31/23
to Keycloak User
Hi All,
I am new to keycloak and portainer,.
getting 'we are sorry - client not found'
i have user created on both portainer and keycloak within the realm.
please advise, next i need to integrate gitlab-ce with
---------
setup sso for portainer and it is currently running in my test env.
General Settings
Client ID * portainer
Name portainer
Description portainer
Always display in UI Off
Access settings
Root URL http://172.17.0.1:9000
Home URL http://172.17.0.1:9000
Valid redirect URIs http://172.17.0.1:9000
Valid post logout http://172.17.0.1:9000
redirect URIs
Web origins http://172.17.0.1:9000
Admin URL http://172.17.0.1:9000
Capability config
Client authentication On
Authorization Off
Authentication flow [x] Standard flow
[x] Direct access grants
[ ] Implicit flow
[x] Service accounts roles
[ ] OAuth 2.0 Device Authorization Grant
[ ] OIDC CIBA Grant
Client ID * portainer
Name portainer
Description portainer
Always display in UI Off
Access settings
Root URL http://172.17.0.1:9000
Home URL http://172.17.0.1:9000
Valid redirect URIs http://172.17.0.1:9000
Valid post logout http://172.17.0.1:9000
redirect URIs
Web origins http://172.17.0.1:9000
Admin URL http://172.17.0.1:9000
Capability config
Client authentication On
Authorization Off
Authentication flow [x] Standard flow
[x] Direct access grants
[ ] Implicit flow
[x] Service accounts roles
[ ] OAuth 2.0 Device Authorization Grant
[ ] OIDC CIBA Grant
version: '3.7'
services:
portainer:
image: portainer/portainer-ce:latest
container_name: portainer
hostname: 'portainer'
ports:
- '8000:8000'
- '9443:9443'
- '9000:9000'
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- portainer_data:/data
restart: unless-stopped
environment:
- AUTH_METHOD=keycloak
volumes:
portainer_data:
services:
portainer:
image: portainer/portainer-ce:latest
container_name: portainer
hostname: 'portainer'
ports:
- '8000:8000'
- '9443:9443'
- '9000:9000'
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- portainer_data:/data
restart: unless-stopped
environment:
- AUTH_METHOD=keycloak
volumes:
portainer_data:
---------
services:
postgresql:
image: elestio/postgres:15
restart: always
env_file:
- .env
ports:
- '5672:5432'
volumes:
- postgres_data:/var/lib/postgresql/data
networks:
- keycloak-network
keycloak:
user: 0:0
image: elestio/keycloak:${SOFTWARE_VERSION_TAG}
restart: always
entrypoint: "/opt/keycloak/bin/kc.sh start --hostname-strict=false --http-enabled=true --proxy edge --import-realm"
env_file:
- .env
ports:
- '8080:8080'
volumes:
- ./tmp:/tmp:rw
- ./realm.json:/opt/keycloak/data/import/realm.json
environment:
- KEYCLOAK_LOGLEVEL=ALL
- QUARKUS_TRANSACTION_MANAGER_ENABLE_RECOVERY=true
- PROXY_ADDRESS_FORWARDING=true
- KEYCLOAK_HTTP_ENABLED=true
- KEYCLOAK_ADMIN=$KEYCLOAK_ADMIN_USER
- KEYCLOAK_PASSWORD=$KEYCLOAK_ADMIN_PASSWORD
- KC_DB_USERNAME=$POSTGRES_USER
- KC_DB_PASSWORD=$POSTGRES_PASSWORD
- KC_DB=postgres
- KC_DB_URL_HOST=postgresql
- KC_DB_URL_DATABASE=$POSTGRES_DB
- KC_DB_URL_PORT=5432
- KC_DB_SCHEMA=public
- KEYCLOAK_PRODUCTION=true
- KEYCLOAK_PROXY=edge
- KEYCLOAK_EXTRA_ARGS=--auto-build
- JAVA_OPTS=-XX:MaxRAMPercentage=75.0
depends_on:
- postgresql
networks:
- keycloak-network
pgadmin4:
image: dpage/pgadmin4:latest
restart: always
env_file:
- .env
hostname: 'pgadmin4'
container_name: pgadmin4
environment:
PGADMIN_DEFAULT_EMAIL: x...@gmail.com
PGADMIN_DEFAULT_PASSWORD: xxxxx
PGADMIN_LISTEN_PORT: 8080
ports:
- '8095:8080'
volumes:
- servers.json:/pgadmin4/servers.json
- pgadmin-data:/var/lib/pgadmin
networks:
- keycloak-network
postgresql:
image: elestio/postgres:15
restart: always
env_file:
- .env
ports:
- '5672:5432'
volumes:
- postgres_data:/var/lib/postgresql/data
networks:
- keycloak-network
keycloak:
user: 0:0
image: elestio/keycloak:${SOFTWARE_VERSION_TAG}
restart: always
entrypoint: "/opt/keycloak/bin/kc.sh start --hostname-strict=false --http-enabled=true --proxy edge --import-realm"
env_file:
- .env
ports:
- '8080:8080'
volumes:
- ./tmp:/tmp:rw
- ./realm.json:/opt/keycloak/data/import/realm.json
environment:
- KEYCLOAK_LOGLEVEL=ALL
- QUARKUS_TRANSACTION_MANAGER_ENABLE_RECOVERY=true
- PROXY_ADDRESS_FORWARDING=true
- KEYCLOAK_HTTP_ENABLED=true
- KEYCLOAK_ADMIN=$KEYCLOAK_ADMIN_USER
- KEYCLOAK_PASSWORD=$KEYCLOAK_ADMIN_PASSWORD
- KC_DB_USERNAME=$POSTGRES_USER
- KC_DB_PASSWORD=$POSTGRES_PASSWORD
- KC_DB=postgres
- KC_DB_URL_HOST=postgresql
- KC_DB_URL_DATABASE=$POSTGRES_DB
- KC_DB_URL_PORT=5432
- KC_DB_SCHEMA=public
- KEYCLOAK_PRODUCTION=true
- KEYCLOAK_PROXY=edge
- KEYCLOAK_EXTRA_ARGS=--auto-build
- JAVA_OPTS=-XX:MaxRAMPercentage=75.0
depends_on:
- postgresql
networks:
- keycloak-network
pgadmin4:
image: dpage/pgadmin4:latest
restart: always
env_file:
- .env
hostname: 'pgadmin4'
container_name: pgadmin4
environment:
PGADMIN_DEFAULT_EMAIL: x...@gmail.com
PGADMIN_DEFAULT_PASSWORD: xxxxx
PGADMIN_LISTEN_PORT: 8080
ports:
- '8095:8080'
volumes:
- servers.json:/pgadmin4/servers.json
- pgadmin-data:/var/lib/pgadmin
networks:
- keycloak-network
Reply all
Reply to author
Forward
0 new messages