From af41f66bbe8ef7a77d593aba9ac49bfa03ed66f6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=D0=9F=D0=B5=D1=80=D0=B2=D0=BE=D0=B2=20=D0=90=D1=80=D1=82?= =?UTF-8?q?=D0=B5=D0=BC?= Date: Mon, 6 Apr 2026 00:26:59 +0300 Subject: [PATCH] Add initial Keycloak setup with custom theme and Docker configuration - Created .env.example for environment variable configuration. - Added .gitignore to exclude .env files. - Introduced docker-compose files for Keycloak and Postgres services. - Implemented custom Keycloak theme 'drill-luxe' with associated templates and styles. - Updated README with deployment instructions and repository details. --- .env.example | 6 + .gitignore | 1 + README.md | 25 ++ docker-compose.portainer.yml | 61 ++++ docker-compose.yml | 61 ++++ keycloak/Dockerfile | 3 + keycloak/themes/drill-luxe/login/error.ftl | 51 +++ keycloak/themes/drill-luxe/login/info.ftl | 55 +++ .../drill-luxe/login/login-reset-password.ftl | 66 ++++ keycloak/themes/drill-luxe/login/login.ftl | 109 ++++++ .../login/resources/css/drill-luxe.css | 317 ++++++++++++++++++ .../themes/drill-luxe/login/theme.properties | 4 + 12 files changed, 759 insertions(+) create mode 100644 .env.example create mode 100644 .gitignore create mode 100644 README.md create mode 100644 docker-compose.portainer.yml create mode 100644 docker-compose.yml create mode 100644 keycloak/Dockerfile create mode 100644 keycloak/themes/drill-luxe/login/error.ftl create mode 100644 keycloak/themes/drill-luxe/login/info.ftl create mode 100644 keycloak/themes/drill-luxe/login/login-reset-password.ftl create mode 100644 keycloak/themes/drill-luxe/login/login.ftl create mode 100644 keycloak/themes/drill-luxe/login/resources/css/drill-luxe.css create mode 100644 keycloak/themes/drill-luxe/login/theme.properties diff --git a/.env.example b/.env.example new file mode 100644 index 0000000..a12a888 --- /dev/null +++ b/.env.example @@ -0,0 +1,6 @@ +POSTGRES_DB=keycloak +POSTGRES_USER=keycloak_user +POSTGRES_PASSWORD=r8f\i?71XPB2/tm +KC_BOOTSTRAP_ADMIN_USERNAME=kc_admin +KC_BOOTSTRAP_ADMIN_PASSWORD=wVMR6R/S3>q9I?– +KC_PUBLIC_HOSTNAME=sso.greact.ru diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..4c49bd7 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.env diff --git a/README.md b/README.md new file mode 100644 index 0000000..2bcdad0 --- /dev/null +++ b/README.md @@ -0,0 +1,25 @@ +# Drill Keycloak + +Этот репозиторий собирает кастомный образ Keycloak `26.0.8` с темой `drill-luxe` и разворачивает его через Portainer stack. + +## Что внутри + +- `docker-compose.portainer.yml` — compose для Portainer +- `keycloak/Dockerfile` — образ Keycloak с темой +- `keycloak/themes/drill-luxe` — кастомная login theme +- `.env.example` — шаблон переменных + +## Важно + +- volume `keycloak_postgres_data` сохранен как внешний, чтобы не потерять текущую базу данных +- после первого запуска выберите тему в Keycloak: + - `Realm settings` + - `Themes` + - `Login theme = drill-luxe` + +## Развертывание через Portainer + +1. Подключите этот Git-репозиторий как источник stack. +2. Укажите `docker-compose.portainer.yml`. +3. Добавьте переменные из `.env` в environment Portainer stack или загрузите env-файл. +4. Запустите redeploy. diff --git a/docker-compose.portainer.yml b/docker-compose.portainer.yml new file mode 100644 index 0000000..f6d8fad --- /dev/null +++ b/docker-compose.portainer.yml @@ -0,0 +1,61 @@ +services: + keycloak-postgres: + image: postgres:16 + restart: unless-stopped + environment: + POSTGRES_DB: ${POSTGRES_DB} + POSTGRES_USER: ${POSTGRES_USER} + POSTGRES_PASSWORD: ${POSTGRES_PASSWORD} + PGDATA: /var/lib/postgresql/data/pgdata + expose: + - "5432" + networks: + - internal + volumes: + - keycloak_postgres_data:/var/lib/postgresql/data + healthcheck: + test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER} -d ${POSTGRES_DB}"] + interval: 10s + timeout: 5s + retries: 10 + start_period: 20s + + keycloak: + build: + context: ./keycloak + dockerfile: Dockerfile + restart: unless-stopped + command: start + environment: + KC_DB: postgres + KC_DB_URL: jdbc:postgresql://keycloak-postgres:5432/${POSTGRES_DB} + KC_DB_USERNAME: ${POSTGRES_USER} + KC_DB_PASSWORD: ${POSTGRES_PASSWORD} + KC_BOOTSTRAP_ADMIN_USERNAME: ${KC_BOOTSTRAP_ADMIN_USERNAME} + KC_BOOTSTRAP_ADMIN_PASSWORD: ${KC_BOOTSTRAP_ADMIN_PASSWORD} + KC_HOSTNAME: https://${KC_PUBLIC_HOSTNAME} + KC_HOSTNAME_STRICT: "true" + KC_HTTP_ENABLED: "true" + KC_PROXY_HEADERS: xforwarded + KC_METRICS_ENABLED: "true" + KC_HEALTH_ENABLED: "true" + expose: + - "8080" + - "9000" + networks: + - proxy + - internal + depends_on: + keycloak-postgres: + condition: service_healthy + +volumes: + keycloak_postgres_data: + external: true + name: keycloak_postgres_data + +networks: + proxy: + external: true + internal: + driver: bridge diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..f6d8fad --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,61 @@ +services: + keycloak-postgres: + image: postgres:16 + restart: unless-stopped + environment: + POSTGRES_DB: ${POSTGRES_DB} + POSTGRES_USER: ${POSTGRES_USER} + POSTGRES_PASSWORD: ${POSTGRES_PASSWORD} + PGDATA: /var/lib/postgresql/data/pgdata + expose: + - "5432" + networks: + - internal + volumes: + - keycloak_postgres_data:/var/lib/postgresql/data + healthcheck: + test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER} -d ${POSTGRES_DB}"] + interval: 10s + timeout: 5s + retries: 10 + start_period: 20s + + keycloak: + build: + context: ./keycloak + dockerfile: Dockerfile + restart: unless-stopped + command: start + environment: + KC_DB: postgres + KC_DB_URL: jdbc:postgresql://keycloak-postgres:5432/${POSTGRES_DB} + KC_DB_USERNAME: ${POSTGRES_USER} + KC_DB_PASSWORD: ${POSTGRES_PASSWORD} + KC_BOOTSTRAP_ADMIN_USERNAME: ${KC_BOOTSTRAP_ADMIN_USERNAME} + KC_BOOTSTRAP_ADMIN_PASSWORD: ${KC_BOOTSTRAP_ADMIN_PASSWORD} + KC_HOSTNAME: https://${KC_PUBLIC_HOSTNAME} + KC_HOSTNAME_STRICT: "true" + KC_HTTP_ENABLED: "true" + KC_PROXY_HEADERS: xforwarded + KC_METRICS_ENABLED: "true" + KC_HEALTH_ENABLED: "true" + expose: + - "8080" + - "9000" + networks: + - proxy + - internal + depends_on: + keycloak-postgres: + condition: service_healthy + +volumes: + keycloak_postgres_data: + external: true + name: keycloak_postgres_data + +networks: + proxy: + external: true + internal: + driver: bridge diff --git a/keycloak/Dockerfile b/keycloak/Dockerfile new file mode 100644 index 0000000..45720ca --- /dev/null +++ b/keycloak/Dockerfile @@ -0,0 +1,3 @@ +FROM quay.io/keycloak/keycloak:26.0.8 + +COPY themes/drill-luxe /opt/keycloak/themes/drill-luxe diff --git a/keycloak/themes/drill-luxe/login/error.ftl b/keycloak/themes/drill-luxe/login/error.ftl new file mode 100644 index 0000000..4e8c818 --- /dev/null +++ b/keycloak/themes/drill-luxe/login/error.ftl @@ -0,0 +1,51 @@ + + + + + + + + Drill View Error + <#if properties.styles?has_content> + <#list properties.styles?split(' ') as style> + + + + + +
+ + + +
+ + diff --git a/keycloak/themes/drill-luxe/login/info.ftl b/keycloak/themes/drill-luxe/login/info.ftl new file mode 100644 index 0000000..8fcf0b4 --- /dev/null +++ b/keycloak/themes/drill-luxe/login/info.ftl @@ -0,0 +1,55 @@ + + + + + + + + Drill View Notice + <#if properties.styles?has_content> + <#list properties.styles?split(' ') as style> + + + + + +
+ + + +
+ + diff --git a/keycloak/themes/drill-luxe/login/login-reset-password.ftl b/keycloak/themes/drill-luxe/login/login-reset-password.ftl new file mode 100644 index 0000000..5d58d87 --- /dev/null +++ b/keycloak/themes/drill-luxe/login/login-reset-password.ftl @@ -0,0 +1,66 @@ + + + + + + + + Drill View Password Reset + <#if properties.styles?has_content> + <#list properties.styles?split(' ') as style> + + + + + +
+ + + +
+ + diff --git a/keycloak/themes/drill-luxe/login/login.ftl b/keycloak/themes/drill-luxe/login/login.ftl new file mode 100644 index 0000000..c1b4b5d --- /dev/null +++ b/keycloak/themes/drill-luxe/login/login.ftl @@ -0,0 +1,109 @@ + + + + + + + + Drill View Login + + <#if properties.styles?has_content> + <#list properties.styles?split(' ') as style> + + + + + +
+ + + +
+ + diff --git a/keycloak/themes/drill-luxe/login/resources/css/drill-luxe.css b/keycloak/themes/drill-luxe/login/resources/css/drill-luxe.css new file mode 100644 index 0000000..fb72dd6 --- /dev/null +++ b/keycloak/themes/drill-luxe/login/resources/css/drill-luxe.css @@ -0,0 +1,317 @@ +:root { + --drill-bg-primary: #0f1115; + --drill-bg-secondary: #1a1d24; + --drill-bg-tertiary: #252932; + --drill-accent-primary: #c97a3d; + --drill-accent-secondary: #d4a574; + --drill-accent-tertiary: #e8c9a0; + --drill-text-primary: #f8fafc; + --drill-text-secondary: #cbd5e1; + --drill-text-muted: #94a3b8; + --drill-border: rgba(212, 165, 116, 0.18); + --drill-shadow-lg: 0 30px 80px rgba(0, 0, 0, 0.45); + --drill-shadow-glow: 0 0 40px rgba(201, 122, 61, 0.16); +} + +* { + box-sizing: border-box; +} + +body.drill-login { + margin: 0; + min-height: 100vh; + font-family: + "Inter Variable", + "Inter", + -apple-system, + BlinkMacSystemFont, + "Segoe UI", + sans-serif; + color: var(--drill-text-primary); + background: + radial-gradient(circle at top left, rgba(201, 122, 61, 0.22), transparent 28%), + radial-gradient(circle at bottom right, rgba(139, 90, 43, 0.26), transparent 30%), + linear-gradient(135deg, #090b0f 0%, #0f1115 45%, #181b22 100%); +} + +.drill-login__shell { + min-height: 100vh; + display: grid; + grid-template-columns: minmax(0, 1.15fr) minmax(380px, 520px); + gap: 28px; + align-items: stretch; + padding: 28px; +} + +.drill-login__brand, +.drill-login__panel { + position: relative; + overflow: hidden; + border-radius: 32px; + border: 1px solid var(--drill-border); + background: + linear-gradient(180deg, rgba(255, 255, 255, 0.04), rgba(255, 255, 255, 0.01)), + rgba(10, 13, 18, 0.72); + box-shadow: var(--drill-shadow-lg), var(--drill-shadow-glow); + backdrop-filter: blur(22px); +} + +.drill-login__brand { + padding: 44px; + display: flex; + flex-direction: column; + justify-content: space-between; +} + +.drill-login__brand::before, +.drill-login__panel::before { + content: ""; + position: absolute; + inset: 0; + background: + linear-gradient(120deg, transparent 0%, rgba(255, 255, 255, 0.06) 24%, transparent 48%), + radial-gradient(circle at top right, rgba(232, 201, 160, 0.12), transparent 32%); + pointer-events: none; +} + +.drill-login__brand-mark { + width: 72px; + height: 72px; + display: inline-flex; + align-items: center; + justify-content: center; + border-radius: 24px; + background: linear-gradient(135deg, rgba(201, 122, 61, 0.18), rgba(232, 201, 160, 0.12)); + border: 1px solid rgba(212, 165, 116, 0.28); + color: var(--drill-accent-tertiary); + font-size: 1.9rem; + font-weight: 700; + letter-spacing: 0.08em; +} + +.drill-login__brand-copy { + max-width: 640px; +} + +.drill-login__eyebrow { + display: inline-block; + color: var(--drill-accent-secondary); + text-transform: uppercase; + letter-spacing: 0.24em; + font-size: 0.74rem; + margin-bottom: 18px; +} + +.drill-login__brand h1, +.drill-login__panel h2 { + margin: 0; + font-weight: 500; + letter-spacing: -0.04em; + line-height: 1; +} + +.drill-login__brand h1 { + max-width: 720px; + font-size: clamp(3rem, 6vw, 5.6rem); +} + +.drill-login__brand p, +.drill-login__panel p, +.drill-login__feature-grid p { + color: var(--drill-text-secondary); + line-height: 1.65; +} + +.drill-login__feature-grid { + display: grid; + grid-template-columns: repeat(3, minmax(0, 1fr)); + gap: 16px; +} + +.drill-login__feature-grid article { + padding: 20px; + border-radius: 24px; + background: rgba(255, 255, 255, 0.03); + border: 1px solid rgba(212, 165, 116, 0.12); +} + +.drill-login__feature-grid span { + display: inline-block; + color: var(--drill-accent-secondary); + font-size: 0.8rem; + margin-bottom: 10px; +} + +.drill-login__feature-grid strong { + display: block; + margin-bottom: 10px; + font-size: 1rem; +} + +.drill-login__panel { + padding: 34px; + display: flex; + flex-direction: column; + justify-content: center; +} + +.drill-login__panel-head { + margin-bottom: 26px; +} + +.drill-login__panel h2 { + font-size: clamp(2rem, 4vw, 3rem); + margin-bottom: 12px; +} + +.drill-login__alert { + margin-bottom: 18px; + padding: 14px 16px; + border-radius: 18px; + border: 1px solid rgba(255, 255, 255, 0.08); + background: rgba(255, 255, 255, 0.04); + color: var(--drill-text-primary); +} + +.drill-login__alert--error { + border-color: rgba(248, 113, 113, 0.34); + background: rgba(127, 29, 29, 0.28); +} + +.drill-login__alert--success, +.drill-login__alert--info { + border-color: rgba(74, 222, 128, 0.24); + background: rgba(20, 83, 45, 0.22); +} + +.drill-login__form { + display: flex; + flex-direction: column; + gap: 16px; +} + +.drill-login__field { + display: flex; + flex-direction: column; + gap: 8px; +} + +.drill-login__field-row { + display: flex; + align-items: center; + justify-content: space-between; + gap: 16px; +} + +.drill-login__field label, +.drill-login__remember span, +.drill-login__field-row a { + font-size: 0.92rem; +} + +.drill-login__field-row a { + color: var(--drill-accent-secondary); + text-decoration: none; +} + +.drill-login__field input { + width: 100%; + border: 1px solid rgba(212, 165, 116, 0.16); + border-radius: 18px; + background: rgba(255, 255, 255, 0.03); + color: var(--drill-text-primary); + padding: 16px 18px; + font: inherit; + outline: none; + transition: border-color 180ms ease, box-shadow 180ms ease, background 180ms ease; +} + +.drill-login__field input::placeholder { + color: var(--drill-text-muted); +} + +.drill-login__field input:focus { + border-color: rgba(212, 165, 116, 0.44); + box-shadow: 0 0 0 4px rgba(201, 122, 61, 0.18); + background: rgba(255, 255, 255, 0.05); +} + +.drill-login__remember { + display: inline-flex; + align-items: center; + gap: 10px; + color: var(--drill-text-secondary); +} + +.drill-login__submit { + margin-top: 6px; + border: none; + border-radius: 20px; + padding: 16px 18px; + font: inherit; + font-weight: 600; + color: #180f08; + cursor: pointer; + background: linear-gradient(135deg, #c97a3d 0%, #d4a574 55%, #e8c9a0 100%); + box-shadow: 0 18px 30px rgba(201, 122, 61, 0.24); + transition: transform 180ms ease, box-shadow 180ms ease, filter 180ms ease; +} + +.drill-login__submit:hover { + transform: translateY(-1px); + box-shadow: 0 24px 40px rgba(201, 122, 61, 0.32); + filter: saturate(1.05); +} + +.drill-login__submit-link { + display: inline-flex; + align-items: center; + justify-content: center; + text-decoration: none; +} + +.drill-login__footer { + margin-top: 20px; + display: flex; + justify-content: space-between; + gap: 12px; + color: var(--drill-text-muted); + font-size: 0.82rem; +} + +.drill-login__footer a { + color: var(--drill-accent-secondary); + text-decoration: none; +} + +@media (max-width: 1180px) { + .drill-login__shell { + grid-template-columns: 1fr; + } + + .drill-login__brand { + min-height: 420px; + } + + .drill-login__feature-grid { + grid-template-columns: 1fr; + } +} + +@media (max-width: 640px) { + .drill-login__shell { + padding: 16px; + } + + .drill-login__brand, + .drill-login__panel { + padding: 22px; + border-radius: 24px; + } + + .drill-login__field-row, + .drill-login__footer { + flex-direction: column; + align-items: flex-start; + } +} diff --git a/keycloak/themes/drill-luxe/login/theme.properties b/keycloak/themes/drill-luxe/login/theme.properties new file mode 100644 index 0000000..b465a16 --- /dev/null +++ b/keycloak/themes/drill-luxe/login/theme.properties @@ -0,0 +1,4 @@ +parent=base +import=common/keycloak +styles=css/drill-luxe.css +locales=ru,en