i have created the keycloak docker runs behind the traefik with a domain associated. With something like this:
traefik.http.routers.keycloak.rule: Host("keycloak.${DOMAINNAME}")
traefik.http.routers.keycloak.entrypoints: web, websecure
traefik.http.routers.keycloak.tls: true
traefik.http.routers.keycloak.tls.certresolver: production
And everything is working fine. But i want to use the hostname feature of keycloak realm, as mentioned in this document keycloak-community/hostname-default-provider.md at main · keycloak/keycloak-community · GitHub
im trying to do something like this with traefik:
It is not possible to override the context-path. It may be useful to be able to host Keycloak publicly through a reverse proxy on for example `https://auth.mycompany.com` which would be mapped to `https://keycloak.mycompany.local/auth/realms/myrealm` .
I tried to define a new router with middleware to handle the redirect,
http:
routers:
newDomain:
rule: "Host(`login.newdoamin.com`)"
middlewares: testMid
tls:
certResolver: production
middlewares:
testMid:
redirectregex:
regex: ^https:\\\\login\.newdoamin\.com\/?$$
replacement: https://keycloak.${DOMAINNAME}/auth/realms/myrealm/"
but as mentioned in the documentation, it must be associated with a service, i cannot even see these newly configured router and middleware in dashboard.
Then i tried to add these label inside the keyloak service:
traefik.http.routers.keycloak.rule: Host("keycloak.${DOMAINNAME}", "login.newdomain.com")
traefik.http.routers.keycloak.entrypoints: web, websecure
traefik.http.routers.keycloak.tls: true
traefik.http.routers.keycloak.tls.certresolver: production
traefik.http.routers.keycloak.middlewares: testMid
traefik.http.middlewares.testMid.redirectregex.regex: ^https:\\\\login\.newdomain\.com\/?$$
traefik.http.middlewares.testMid.redirectregex.replacement: https://keycloak.${DOMAINNAME}/auth/realms/myrealm/"
but the ssl cannot be generated, for the new domain.
any ideas?