| env | Description |
|---|---|
| KEYCLOAK_PASSWORD | Password of Keycloak admin user admin. Needs to be set. |
| KEYCLOAK_TRUSTED | Trusted Hosts used for Openid Client Registration. |
| DOMAIN_REALM | Name of Realm to be created during startup. |
| DOMAIN_ADMINNAME | Name of Administrator user of the domain realm. |
| DOMAIN_ADMINPASSWORD | Password of Administrator user of the domain realm. |
| FACEBOOK_CLIENTID | Client ID used to configure Facebook Identity Provider. |
| FACEBOOK_CLIENTSECRET | Client Secret used to configure Facebook Identity Provider. |
| GOOGLE_CLIENTID | Client ID used to configure Google Identity Provider. |
| GOOGLE_CLIENTSECRET | Client Secret used to configure Google Identity Provider. |
| LOGIN_INTERNATIONALISATION | Specify with true and false whether internationalisation should be enabled for login page (currently hardcoded en and de) |
| LOGIN_REGISTER_URL | Url that points to registration page |
| LOGIN_PASSWORDRESET_URL | Url that points to the password reset page |
KEYCLOAK_PASSWORD and KEYCLOAK_TRUSTEDneeds to be set in order for keycloak
to start.
DOMAIN_REALM let's you specify a custom realm. Be aware that when specifying a
custom realm you also need to specify DOMAIN_ADMINNAME and DOMAIN_ADMINPASSWORD.
Currently Google and Facebook are supported as Social Media Identity Providers. You can configure them with the env variables described above.
You can put a .zip with your login theme to /opt/app-root/logintheme/logintheme.zip
and its content will be copied into /opt/app-root/keycloak/themes/keycloak/login
folder at keycloak startup.
If you added a custom login theme you can set the url that points to a registration
website and to a password reset website with LOGIN_REGISTER_URL and LOGIN_PASSWORDRESET_URL.
At startup the container will go through all .properties files in /opt/app-root/keycloak/themes/keycloak/login/messages/
and tries to replace the doRegisterLink= and doForgotPasswordLink= properties
with the urls you specified in the env variables.