volumes:
  mariadb_data:
    driver: local

networks:
  local:
    ipam:
      config:
        - subnet: 172.16.0.0/29

services:
  mariadb:
    image: mariadb:latest
    environment:
      MARIADB_ROOT_PASSWORD: mariadbpassword
      MARIADB_DATABASE: keycloak
      MARIADB_USER: keycloakuser
      MARIADB_PASSWORD: mariadbpassword
    mem_limit: 300m
    container_name: mariadb
    volumes:
      - mariadb_data:/var/lib/mysql
    restart: always
    networks:
      - local
  keycloak:
    image: quay.io/keycloak/keycloak:${KEYCLOAK_VERSION:-latest}
    environment:
      KC_DB: mariadb
      KC_DB_SCHEMA: keycloak
      KC_DB_USERNAME: keycloakuser
      KC_DB_PASSWORD: mariadbpassword
      KC_DB_URL_HOST: mariadb
      KEYCLOAK_ADMIN: admin
      KEYCLOAK_ADMIN_PASSWORD: adminpassword
      KC_PROXY_HEADERS: xforwarded
      KC_HTTP_ENABLED: true
      KC_HOSTNAME_STRICT: false
      KC_HOSTNAME_URL: https://your.domain
    mem_limit: 500m
    command: start
    ports:
     - 8080:8080
    container_name: keycloak
    restart: always
    networks:
      - local
    depends_on:
      - mariadb