I have deployed KeyCloak in a Docker container and configured NGINX for TLS termination. While the welcome page works fine, the KeyCloak Admin Console is stuck at the loading screen.
My Setup:
Keycloak Docker Container (via docker-compose.yml)
Nginx Configuration (for TLS termination and proxying)
Keycloak Docker Compose:
version: '3.4'
services:
example-idp:
image: quay.io/keycloak/keycloak:20.0.5
container_name: example.Identity
command: start --optimized
environment:
- KEYCLOAK_ADMIN=XXXXXX
- KEYCLOAK_ADMIN_PASSWORD=XXXXXXXXX
- KC_HOSTNAME_URL=https://example.ir
- KC_HOSTNAME_PATH=/auth
- KC_HOSTNAME_ADMIN_URL=https://www.example.ir/auth/
- KC_FRONTEND_URL=https://www.example.ir/auth/
- KC_HTTP_ENABLED=true
- KC_HTTP_RELATIVE_PATH=/auth
- KC_HOSTNAME_STRICT=false
- PROXY_ADDRESS_FORWARDING='true'
- KC_PROXY=edge
volumes:
- ./.containers/identity:/opt/keycloak/data
- ./.files/example-realm-export.json:/opt/keycloak/data/import/realm.json
ports:
- 8080:8080 # Expose HTTP port
restart: always
networks:
example-network:
driver: bridge
server {
server_name example.ir www.example.ir;
root /var/www/example-client;
index index.html;
location / {
try_files $uri /index.html;
}
listen 443 ssl;
ssl_certificate /etc/letsencrypt/live/example.ir/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.ir/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
location /auth/ {
proxy_pass http://localhost:8080/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_redirect http://localhost:8080/auth/ https://example.ir/auth/;
proxy_redirect http://localhost:8080/ https://example.ir/auth/;
}
}
server {
if ($host = www.example.ir) {
return 301 https://$host$request_uri;
}
if ($host = example.ir) {
return 301 https://$host$request_uri;
}
listen 80;
server_name example.ir www.example.ir;
return 404;
location /auth/ {
return 301 https://$host$request_uri;
}
}