Hi,
I'm using the aerogear unified push docker container as described on:
with environment variables as explained on:
This describes:
KEYCLOAK_SERVICE_HOST
URL of a KeyCloak server providing authentication.
KEYCLOAK_SERVICE_PORT
KeyCloak service port.
which are used in servers/universal/src/main/docker/entrypoint.sh as follows:
if [ ! -z "${KEYCLOAK_SERVICE_HOST}" ]; then
/opt/jboss/wildfly/bin/standalone.sh -
Dups.realm.name=aerogear -Dups.auth.server.url=http://${KEYCLOAK_SERVICE_HOST}:${KEYCLOAK_SERVICE_PORT}/auth -b 0.0.0.0
else
/opt/jboss/wildfly/bin/standalone.sh -b 0.0.0.0
fi
This makes that keycloak MUST reside on http. I run keycloak under https. Minor point is that i'd rather also not specify the port.
Questions:
1) Are there any other options I could/should use?
and if not:
2) Would you welcome a pull request which changes this to one environment variable KEYCLOAK_SERVICE_URL (which expects something like
https://yourkeycloakserver.tld/auth )? This would be a breaking change.
Another option would be to have an extra (optional) environment variable KEYCLOAK_SERVICE_PROTOCOL which expects https, http or nothing (defaulting to http, making this a non-breaking change).
Thanks,
Bram Vonk