Hey all,
Trying to figure out what i’m doing here,
I’m trying to setup keycloak 20.0.3 running on a docker container, i’m using docker-compose.
Database: postgres
Backend: FreeIPA
I’ve had everything working etc, auth working fine etc.
When I specify features i’d like to use via either --features or KC_FEATURES they done get installed.
Ive tried;
Specifying envs via the .env file in the compose file
building an image with a docker file.
specifying the envs in the compose file directly.
Everytime i load up the admin console and the features are all listed as disabled, I specifically check for a feature called eclarative-user-profile, that should apear in the realm page under " User Profile", this tab is always missing.
My compose as it currently stands:
image: keycloak:local
env_file: $DOCKERDIR/keycloak/keycloak.env
container_name: keycloak
restart: unless-stopped
volumes:
- /etc/localtime:/etc/localtime:ro
# command:
# - start --optimized
networks:
default:
links:
- postgres
ports:
- "8085:8080"
depends_on:
postgres:
condition: service_healthy
logging:
driver: "json-file"
options:
max-size: "500m"
my docker file:
FROM quay.io/keycloak/keycloak:latest as builder
ENV KC_HEALTH_ENABLED=true
ENV KC_METRICS_ENABLED=true
ENV KC_DB=postgres
ENV KC_DB_SCHEMA=public
ENV KC_DB_USERNAME=<REDACTED>
ENV KC_DB_PASSWORD=<REDACTED>
ENV KC_DB_URL="jdbc:postgresql://<REDACTED>:5432/<REDACTED>"
ENV KC_DB_URL_PROPERTIES="verifyServerCertificate=false&ssl=allow"
ENV KC_HTTP_RELATIVE_PATH=/
FROM quay.io/keycloak/keycloak:latest
COPY --from=builder /opt/keycloak/ /opt/keycloak/
WORKDIR /opt/keycloak
RUN /opt/keycloak/bin/kc.sh build --db postgres --features authorization --features account2 --features account-api --features admin-fine-grained-authz --features admin-api --features admin --features admin2 --features docker --features impersonation --features openshift-integration --features scripts --features token-exchange --features web-authn --features client-policies --features ciba --features map-storage --features par --features declarative-user-profile --features dynamic-scopes --features client-secret-rotation --features step-up-authentication --features recovery-codes --features update-email --features js-adapter
ENTRYPOINT ["/opt/keycloak/bin/kc.sh","-v start --optimized"]
My .env file:
KEYCLOAK_ADMIN_PASSWORD=<REDACTED>
KEYCLOAK_ADMIN=<REDACTED>
KC_LOG_LEVEL=DEBUG
KC_DB=<REDACTED>
#KC_DB_ADDR=<REDACTED>
#KC_DB_URL_PORT=5432
#KC_DB_DATABASE=<REDACTED>
KC_DB_SCHEMA=public
KC_DB_USERNAME=<REDACTED>
KC_DB_PASSWORD=<REDACTED>
KC_DB_URL="jdbc:postgresql://<REDACTED>:5432/<REDACTED>"
KC_DB_URL_PROPERTIES="verifyServerCertificate=false&ssl=allow"
KC_PROXY_ADDRESS_FORWARDING="true"
KC_HOSTNAME=<REDACTED>
KC_PROXY="edge"
KC_TRUST_PROXY_VERIFICATION="true"
#KC_HEALTH_ENABLED=true
#KC_METRICS_ENABLED=true
KC_LOG_CONSOLE_COLOR=true
#KC_HTTP_RELATIVE_PATH=/
#KC_FEATURES=authorization, account2, account-api, admin-fine-grained-authz, admin-api, admin, admin2, docker, impersonation, openshift-integration, scripts, token-exchange, web-authn, client-policies, ciba, map-storage, par, declarative-user-profile, dynamic-scopes, client-secret-rotation, step-up-authentication, recovery-codes, update-email, js-adapter, preview