Dockerized setup with custom theme

Getting advice
1

Hi

it looks very simple to use a custom theme with docker.
All i did was creating a dockerfile that looks like this:

FROM jboss/keycloak
COPY custom-theme/myTheme /opt/jboss/keycloak/themes/myTheme

The folder custom-theme/myTheme contains the theme and i can assign it to a realm - perfect.

To deploy it - i create an image of that dockerfile and use it on the server with a docker-compose script (using this keycloak image and postgreSQL)

Now the problem:
From time to time the theme changes.
So i get back to the theme folder, do the changes, create a new docker image with a different version and deploy it to my docker registry.

In my docker-compose file on the server, i just exchange the image version and restart the docker-compose setup. The docker-compose file looks like this:

--- 
networks:
  keycloak:
    name: keycloak
services: 
  keycloak: 
    depends_on: 
      - postgres
    environment: 
      DB_ADDR: postgres
      DB_DATABASE: <DB_DATABASE>
      DB_PASSWORD: <DB_PASSWORD>
      DB_SCHEMA: public
      DB_USER: <DB_USER>
      DB_VENDOR: POSTGRES
      KEYCLOAK_PASSWORD: <KEYCLOAK_PASSWORD>
      KEYCLOAK_USER: <KEYCLOAK_USER>      
      PROXY_ADDRESS_FORWARDING: 'true'
      JAVA_OPTS_APPEND: "-Dkeycloak.profile.feature.upload_scripts=enabled -Dkeycloak.profile.feature.token_exchange=enabled -Dkeycloak.profile.feature.admin_fine_grained_authz=enabled"          
    image: "myregistry.com/keycloak:v2.1"
    networks: 
      - keycloak
  postgres: 
    environment: 
      POSTGRES_DB: <DB_DATABASE>
      POSTGRES_PASSWORD: <DB_PASSWORD>
      POSTGRES_USER: <DB_USER>
    image: postgres
    networks: 
      - keycloak
    volumes: 
      - "postgres_data:/var/lib/postgresql/data"
version: "2"
volumes: 
  postgres_data: 
    driver: local

result is: all data from my postgreSQL instance is gone!
When i just restart the docker-container setup (without using a new image version) all data is still there…

What do i wrong?

2

Maybe a cache issue ?

In my docker compose I put this :

- ../../cli/themes-cache-disable.cli:/opt/jboss/startup-scripts/themes-cache-disable.cli

with the content of the script :

# Disable cache of themes
# ONLY for LOCAL DEV

embed-server --std-out=echo --server-config=standalone-ha.xml

batch

echo "--------------------------------------------------------------------------"
echo "Disabling THEME CACHE..."
/subsystem=keycloak-server/theme=defaults/:write-attribute(name=cacheThemes,value=false)
/subsystem=keycloak-server/theme=defaults/:write-attribute(name=cacheTemplates,value=false)
/subsystem=keycloak-server/theme=defaults/:write-attribute(name=staticMaxAge,value=-1)
echo "--------------------------------------------------------------------------"

run-batch

stop-embedded-server
1 Like
3

You just took the dev docker-compose file, so the postgres data is stored in a docker volume.
This volume gets removed if you do a docker-compose down -v ( I think this is in the dev descriptions, but only ment for testing where you always want to start from scratch)
For long-term persistence you probably want to mount a host volume instead.

I general, getting a good understanding of the tools used before deploying to production for such security critical applications is a good idea.

1 Like
4

but the postgres service has a volume:

..
volumes: 
      - "postgres_data:/var/lib/postgresql/data"
..

using

volumes: 
      - "./database:/var/lib/postgresql/data"

does the same

5

Try changing the DB_VENDOR string to lowercase (or just omit the DB_VENDOR, that should work as well). My guess is that keycloak is falling back to using a H2-db that is not persisted.
See Docker Hub for details.

1 Like
6

cool - it seems to work now.
i removed DB_VENDOR - exchanging the image and restart docker-compose works now.

Thanks a lot for your help!