docker-compose.yml

version: '3'

volumes:
  kc_postgres_data:
    driver: local
  sdb_postgres_data:
    driver: local

services:
  kc_postgres:
    image: postgres:latest
    volumes:
      - kc_postgres_data:/var/lib/postgresql/data
    environment:
      POSTGRES_DB: keycloak
      POSTGRES_USER: keycloak
      POSTGRES_PASSWORD: password
    ports:
      - 5433:5432
  keycloak:
    build: .
    image: dguhr/keycloak_spicedbtest
    environment:
      KEYCLOAK_USER: admin
      KEYCLOAK_PASSWORD: password
      KEYCLOAK_ADMIN: admin
      KEYCLOAK_ADMIN_PASSWORD: password
      KC_DB_URL_HOST: kc_postgres
      KC_DB_URL_DATABASE: keycloak
      KC_DB_SCHEMA: public
      KC_DB_USERNAME: keycloak
      KC_DB_PASSWORD: password
      KC_HOSTNAME_STRICT: 'false'
      KC_HTTP_ENABLED: 'true'
      KC_HOSTNAME_ADMIN: localhost
      KC_HOSTNAME: localhost
      # Keycloak SpiceDB Event Listener SPI configuration
      KC_SPI_EVENTS_LISTENER_SPICEDB_EVENTS_SERVICE_HANDLER_NAME: SPICEDB
      KC_SPI_EVENTS_LISTENER_SPICEDB_EVENTS_SPICEDB_TOKEN: abcdefgh
      KC_SPI_EVENTS_LISTENER_SPICEDB_EVENTS_SPICEDB_HOST: host.docker.internal
      KC_SPI_EVENTS_LISTENER_SPICEDB_EVENTS_SPICEDB_PORT: 50051
      #KC_SPI_EVENTS_LISTENER_SPICEDB_EVENTS_CLIENT_ID: keycloak-producer
      #KC_SPI_EVENTS_LISTENER_SPICEDB_EVENTS_ADMIN_TOPIC: spicedb-topic
      #KC_SPI_EVENTS_LISTENER_SPICEDB_EVENTS_BOOTSTRAP_SERVERS: PLAINTEXT://kafka:19092
      KC_LOG_LEVEL: INFO, io.dguhr:debug
      DEBUG_PORT: "*:8787"
    ports:
      - 8080:8080
      - 8443:8443
      - 8787:8787 # debug
    entrypoint: ["/opt/keycloak/bin/init.sh"]
    depends_on:
      - kc_postgres
      - spicedb
    networks:
      default:
        aliases:
          -  keycloak
  spicedb:
    image: authzed/spicedb
    command: "serve --datastore-bootstrap-files /var/lib/spicedb/initial/initial_schema.yml"
    restart: "always"
    volumes:
      - ./schema.yml:/var/lib/spicedb/initial/initial_schema.yml
    ports:
      - "8081:8080"
      - "9090:9090"
      - "50051:50051"
    environment:
      - "SPICEDB_GRPC_PRESHARED_KEY=abcdefgh"
      - "SPICEDB_DATASTORE_ENGINE=postgres"
      - "SPICEDB_DATASTORE_CONN_URI=postgres://spicedb:secret@sdb-database:5432/spicedb?sslmode=disable"
    depends_on:
      - "migrate"

  migrate:
    image: "authzed/spicedb"
    command: "migrate head"
    restart: "on-failure"
    environment:
      - "SPICEDB_DATASTORE_ENGINE=postgres"
      - "SPICEDB_DATASTORE_CONN_URI=postgres://spicedb:secret@sdb-database:5432/spicedb?sslmode=disable"
    depends_on:
      - "sdb-database"

  sdb-database:
    image: postgres:latest
    ports:
      - "5432:5432"
    volumes:
      - sdb_postgres_data:/var/lib/postgresql/data
    environment:
      KEYCLOAK_USER: admin
      POSTGRES_USER: spicedb
      POSTGRES_PASSWORD: secret
      POSTGRES_DB: spicedb