diff --git a/.env.example b/.env.example
index 0fc203ec..e19fdad4 100644
--- a/.env.example
+++ b/.env.example
@@ -1067,3 +1067,15 @@ SOKETI_METRICS_SERVER_PORT=9601
### ONEDEV ##################################################
ONEDEV_HTTP_PORT=6610
ONEDEV_SSH_PORT=6611
+
+### Keycloak ################################################
+KEYCLOAK_VERSION=latest
+KEYCLOAK_POSTGRES_INIT=true
+KEYCLOAK_HTTP_PORT=8081
+KEYCLOAK_CREATE_ADMIN_USER=true
+KEYCLOAK_ADMIN_USER='admin'
+KEYCLOAK_ADMIN_PASSWORD='secret'
+KEYCLOAK_POSTGRES_HOST=postgres
+KEYCLOAK_POSTGRES_USER=laradock_keycloak
+KEYCLOAK_POSTGRES_PASSWORD=laradock_keycloak
+KEYCLOAK_POSTGRES_DB=laradock_keycloak
diff --git a/DOCUMENTATION/content/documentation/index.md b/DOCUMENTATION/content/documentation/index.md
index bdee05ad..f21be32e 100644
--- a/DOCUMENTATION/content/documentation/index.md
+++ b/DOCUMENTATION/content/documentation/index.md
@@ -1490,6 +1490,23 @@ docker-compose exec tarantool console
7 - There you can operate with tarantool database ([official documentation](https://www.tarantool.io/en/doc/latest/) can be helpful).
+
+
+## Use Keycloak
+
+1. Run the Keycloak Container (`keycloak`) with the `docker-compose up` command. Example:
+
+```bash
+docker-compose up -d keycloak
+```
+
+2. Open your browser and visit the localhost on port 8081: `http://localhost:8081`
+
+3. Login with the following credentials:
+
+ - Username: `admin`
+ - Password: `secret`
+
diff --git a/docker-compose.yml b/docker-compose.yml
index 19f1518b..5d4fc027 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -631,6 +631,10 @@ services:
- GITLAB_POSTGRES_USER=${GITLAB_POSTGRES_USER}
- GITLAB_POSTGRES_PASSWORD=${GITLAB_POSTGRES_PASSWORD}
- GITLAB_POSTGRES_DB=${GITLAB_POSTGRES_DB}
+ - KEYCLOAK_POSTGRES_INIT=${KEYCLOAK_POSTGRES_INIT}
+ - KEYCLOAK_POSTGRES_USER=${KEYCLOAK_POSTGRES_USER}
+ - KEYCLOAK_POSTGRES_PASSWORD=${KEYCLOAK_POSTGRES_PASSWORD}
+ - KEYCLOAK_POSTGRES_DB=${KEYCLOAK_POSTGRES_DB}
- JUPYTERHUB_POSTGRES_INIT=${JUPYTERHUB_POSTGRES_INIT}
- JUPYTERHUB_POSTGRES_USER=${JUPYTERHUB_POSTGRES_USER}
- JUPYTERHUB_POSTGRES_PASSWORD=${JUPYTERHUB_POSTGRES_PASSWORD}
@@ -2100,3 +2104,24 @@ services:
- frontend
- backend
restart: always
+
+ ### keycloak ##################################################
+ keycloak:
+ image: bitnami/keycloak:${KEYCLOAK_VERSION}
+ ports:
+ - "${KEYCLOAK_HTTP_PORT}:${KEYCLOAK_HTTP_PORT}"
+ environment:
+ - KEYCLOAK_HTTP_PORT=${KEYCLOAK_HTTP_PORT}
+ - KEYCLOAK_CREATE_ADMIN_USER=${KEYCLOAK_CREATE_ADMIN_USER}
+ - KEYCLOAK_ADMIN_USER=${KEYCLOAK_ADMIN_USER}
+ - KEYCLOAK_ADMIN_PASSWORD=${KEYCLOAK_ADMIN_PASSWORD}
+ - KEYCLOAK_DATABASE_HOST=${KEYCLOAK_POSTGRES_HOST}
+ - KEYCLOAK_DATABASE_PORT=${POSTGRES_PORT}
+ - KEYCLOAK_DATABASE_NAME=${KEYCLOAK_POSTGRES_DB}
+ - KEYCLOAK_DATABASE_USER=${KEYCLOAK_POSTGRES_USER}
+ - KEYCLOAK_DATABASE_PASSWORD=${KEYCLOAK_POSTGRES_PASSWORD}
+ depends_on:
+ - postgres
+ networks:
+ - frontend
+ - backend
diff --git a/postgres/docker-entrypoint-initdb.d/init_keycloak_db.sh b/postgres/docker-entrypoint-initdb.d/init_keycloak_db.sh
new file mode 100755
index 00000000..70661017
--- /dev/null
+++ b/postgres/docker-entrypoint-initdb.d/init_keycloak_db.sh
@@ -0,0 +1,44 @@
+#!/bin/bash
+#
+# Copy createdb.sh.example to createdb.sh
+# then uncomment then set database name and username to create you need databases
+#
+# example: .env POSTGRES_USER=appuser and need db name is myshop_db
+#
+# psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL
+# CREATE USER myuser WITH PASSWORD 'mypassword';
+# CREATE DATABASE myshop_db;
+# GRANT ALL PRIVILEGES ON DATABASE myshop_db TO myuser;
+# EOSQL
+#
+# this sh script will auto run when the postgres container starts and the $DATA_PATH_HOST/postgres not found.
+#
+#
+# psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL
+# CREATE USER db1 WITH PASSWORD 'db1';
+# CREATE DATABASE db1;
+# GRANT ALL PRIVILEGES ON DATABASE db1 TO db1;
+# EOSQL
+#
+# psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL
+# CREATE USER db2 WITH PASSWORD 'db2';
+# CREATE DATABASE db2;
+# GRANT ALL PRIVILEGES ON DATABASE db2 TO db2;
+# EOSQL
+#
+# psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL
+# CREATE USER db3 WITH PASSWORD 'db3';
+# CREATE DATABASE db3;
+# GRANT ALL PRIVILEGES ON DATABASE db3 TO db3;
+# EOSQL
+#
+### default database and user for keycloak ##############################################
+if [ "$KEYCLOAK_POSTGRES_INIT" == 'true' ]; then
+ psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL
+ CREATE USER $KEYCLOAK_POSTGRES_USER WITH PASSWORD '$KEYCLOAK_POSTGRES_PASSWORD';
+ CREATE DATABASE $KEYCLOAK_POSTGRES_DB;
+ GRANT ALL PRIVILEGES ON DATABASE $KEYCLOAK_POSTGRES_DB TO $KEYCLOAK_POSTGRES_USER;
+ ALTER ROLE $KEYCLOAK_POSTGRES_USER CREATEROLE SUPERUSER;
+ EOSQL
+ echo
+fi