How to Dockerize your Keycloak set up with nginx reverse proxy

Ishan Liyanage
2 min readOct 31, 2020

If you have Dockerized Keycloak, you might need to access it over the internet or from outside your internal network. The most common standard is to run your Keycloak set up behind the reverse proxy. Then of course you have to configure HTTPS connection.

Flow

I will not write details on the setup. I assume you are familar with docker/docker-compose.

Keycloak docker-compose file

Below 3 settings in your docker-compose file are very important.

PROXY_ADDRESS_FORWARDING: "true"
REDIRECT_SOCKET: "proxy-https"
KEYCLOAK_FRONTEND_URL: https://keycloak.yourdomain.com/auth
version: '3'volumes:
mysql_data:
driver: local
services:mysql:
image: mysql:8.0.20
volumes:
- mysql_data:/var/lib/mysql
environment:
MYSQL_ROOT_PASSWORD: root
MYSQL_DATABASE: keycloak
MYSQL_USER: keycloak
MYSQL_PASSWORD: PASSWORD
ports:
- "3309:3306"
networks:
- your-docker-network
keycloak:
image: jboss/keycloak:latest
environment:
DB_VENDOR: MYSQL
DB_ADDR: mysql
DB_DATABASE: keycloak
DB_USER: keycloak
DB_PASSWORD: Pa55w0rd
KEYCLOAK_USER: admin…

--

--

Ishan Liyanage
Ishan Liyanage

Written by Ishan Liyanage

Passionate Technical Lead, Senior Software Developer and free and open source software advocate. Based in Singapore.

Responses (1)