IQSS · ErykKul · Oct 3, 2024 · Oct 3, 2024 · Oct 3, 2024 · Oct 3, 2024
diff --git a/docker-compose-dev.yml b/docker-compose-dev.yml
@@ -16,13 +16,12 @@ services:
       ENABLE_RELOAD: "1"
       SKIP_DEPLOY: "${SKIP_DEPLOY}"
       DATAVERSE_JSF_REFRESH_PERIOD: "1"
-      DATAVERSE_FEATURE_API_BEARER_AUTH: "1"
       DATAVERSE_MAIL_SYSTEM_EMAIL: "dataverse@localhost"
       DATAVERSE_MAIL_MTA_HOST: "smtp"
-      DATAVERSE_AUTH_OIDC_ENABLED: "1"
-      DATAVERSE_AUTH_OIDC_CLIENT_ID: test
-      DATAVERSE_AUTH_OIDC_CLIENT_SECRET: 94XHrfNRwXsjqTqApRrwWmhDLDHpIYV8
-      DATAVERSE_AUTH_OIDC_AUTH_SERVER_URL: http://keycloak.mydomain.com:8090/realms/test
+      DATAVERSE_AUTH_API_OIDC_CLIENT_ID: oauth2-proxy
+      DATAVERSE_AUTH_API_OIDC_CLIENT_SECRET: 72341b6d-7065-4518-a0e4-50ee15025608
+      DATAVERSE_AUTH_API_OIDC_PROVIDER_URI: http://172.17.0.1:9080/realms/oauth2-proxy
+      DATAVERSE_AUTH_API_OIDC_REDIRECT_URI: http://localhost:8080/api/v1/callback/token
       DATAVERSE_SPI_EXPORTERS_DIRECTORY: "/dv/exporters"
       # These two oai settings are here to get HarvestingServerIT to pass
       dataverse_oai_server_maxidentifiers: "2"
@@ -164,24 +163,24 @@ services:
     tmpfs:
       - /mail:mode=770,size=128M,uid=1000,gid=1000
 
-  dev_keycloak:
-    container_name: "dev_keycloak"
-    image: 'quay.io/keycloak/keycloak:21.0'
+  keycloak:
+    container_name: keycloak
+    image: keycloak/keycloak:25.0
     hostname: keycloak
+    command:
+      - 'start-dev'
+      - '--http-port=9080'
+      - '--import-realm'
+    volumes:
+      - ./keycloak:/opt/keycloak/data/import
     environment:
-      - KEYCLOAK_ADMIN=kcadmin
-      - KEYCLOAK_ADMIN_PASSWORD=kcpassword
-      - KEYCLOAK_LOGLEVEL=DEBUG
-      - KC_HOSTNAME_STRICT=false
-    networks:
-      dataverse:
-        aliases:
-          - keycloak.mydomain.com #create a DNS alias within the network (add the same alias to your /etc/hosts to get a working OIDC flow)
-    command: start-dev --import-realm --http-port=8090  # change port to 8090, so within the network and external the same port is used
+      KC_HTTP_PORT: 9080
+      KEYCLOAK_ADMIN: admin@kuleuven.be
+      KEYCLOAK_ADMIN_PASSWORD: password
     ports:
-      - "8090:8090"
-    volumes:
-      - './conf/keycloak/test-realm.json:/opt/keycloak/data/import/test-realm.json'
+      - 9080:9080
+    networks:
+     - dataverse
 
   # This proxy configuration is only intended to be used for development purposes!
   # DO NOT USE IN PRODUCTION! HIGH SECURITY RISK!