This is a Dockerfile for standalone Keycloak server which could be used for securing the DICOM Archive dcm4chee-arc-light.
See Running on Docker at the dcm4che Archive 5 Wiki.
Below explained environment variables can be set as per one's application to override the default values if need be.
An example of how one can set an env variable in docker run command is shown below :
-e KEYCLOAK_DEVICE_NAME=my-keycloak
Note : If default values of any environment variables were overridden in startup of slapd container,
then ensure that the same values are also used for overriding the defaults during startup of keycloak container.
This environment variable sets the host name for LDAP. Default value is ldap.
This environment variable sets the port for LDAP. Default value is 389.
This environment variable sets the base domain name for LDAP. Default value is dc=dcm4che,dc=org.
This environment variable sets the root password for LDAP. Default value is secret.
This environment variable sets the password for users who wish to change the schema configuration in LDAP.
Default value is secret.
This is the name of keycloak device that is configured in LDAP. Default value is keycloak
This environment variable sets the Http port of Wildfly. Default value is 8080.
This environment variable sets the Https port of Wildfly. Default value is 8443.
This environment variable sets the Management Http port of Wildfly. Default value is 9990.
This environment variable sets the admin user name for Wildfly. Default value is admin.
This environment variable sets the password for the WILDFLY_ADMIN_USER. Default value can be viewed in LDAP, it is set to admin.
This environment variable sets the admin user name for Keycloak master realm. Default value is not set, will use the default WILDFLY_ADMIN_USER to create an admin user for Keycloak master realm.
This environment variable sets the password for the KEYCLOAK_ADMIN_USER. Default value is not set.
This environment variable sets the user role to identify super users, which have unrestricted access to all UI functions
of the Archive, bypassing the verification of user permissions. Login/Logout of such users will emit an Audit Message
for Security Alert with EventTypeCode
(110127,DCM,"Emergency Override Started")/(110138,DCM,"Emergency Override Stopped"). Default value is admin.
This environment variable sets the keystore used in ssl server identities in Wildfly configuration. Default value is dcm4chee-arc/key.jks.
This environment variables sets the password of the keystore used in ssl server identities in Wildfly configuration. Default value is secret.
This environment variables sets the password of the key used in ssl server identities in Wildfly configuration. Default value is secret.
This environment variable sets the type of keystore that is used above. Default value is JKS.
This environment variable sets the truststore which will be used to verify archive's certificate and/or keycloak-proxy's certificate
in Https communication. Default value is keycloak/cacerts.jks.
This environment variable sets the password of the above truststore. Default value is secret.
This environment variable defines the SSL/HTTPS requirements for interacting with the realm. Default value is external.
Values which are accepted are : external, none or all.
This is the name of the realm configured in Keycloak for securing archive UI and RESTful services. Default value is dcm4che.
This environment variable sets the verification policy for the hostname to be validated/authenticated. Default value set is ANY.
Values which are accepted are : ANY, WILDCARD or STRICT.
This environment variable is the host name of logstash container used in wildfly configuration. Default value is logstash.
This environment variable sets the facility name needed by GELF logging used in wildfly configuration. Default value is dcm4chee-arc.
This environment variable sets the level of GELF logging used in wildfly configuration. Default value is WARN.
This environment variable is used to set the JAVA_OPTS during archive startup. Default value is
"-Xms64m -Xmx512m -XX:MetaspaceSize=96M -XX:MaxMetaspaceSize=256m -Djava.net.preferIPv4Stack=true -Djboss.modules.system.pkgs=org.jboss.byteman -Djava.awt.headless=true"