A multi-service development stack using Docker Compose, including MySQL, PostgreSQL, Keycloak, phpMyAdmin, pgAdmin, Portainer, Nginx proxy, and a website container. This stack is designed for local development and testing.
- Docker Desktop (Windows, Mac) or Docker Engine (Linux)
- Docker Compose (usually included with Docker Desktop)
-
Clone the repository
git https://github.com/NoMercy-Entertainment/NoMercyStack.git cd NoMercyStack -
Provide SSL Certificates
- Place your SSL certificate files (
cert.pemandkey.pem) in theproxy/certificates/directory. - These files are required for the Nginx proxy to serve HTTPS traffic.
- Place your SSL certificate files (
-
Configure Domain and Environment Variables
- Copy
.env.exampleto.envif provided, and adjust values as needed. - Some services may require additional configuration in their respective folders.
- Copy
-
Access Services
- Website: https://example.com
- phpMyAdmin: https://phpmyadmin.example.com
- pgAdmin: https://pgadmin.example.com
- Keycloak: https://auth.example.com
- Portainer: https://portainer.example.com
- Nginx Proxy: Handles routing to the above services
Replace
example.comwith your actual domain as configured in theproxy/sites/conf files. -
Start the Stack
docker compose up -d
This will start all services defined in
docker-compose.ymland referenced compose files.
To enable Keycloak authentication in Portainer:
-
Log in to Portainer at https://portainer.example.com as an admin.
-
Go to Settings > Authentication.
-
Select OAuth as the authentication method.
-
Enter the following values (replace
example.comwith your actual domain):- Client ID:
master - Client Secret:
*******(your Keycloak client secret) - Authorization URL:
https://auth.example.com/realms/master/protocol/openid-connect/auth - Access Token URL:
https://auth.example.com/realms/master/protocol/openid-connect/token - Resource URL:
https://auth.example.com/realms/master/protocol/openid-connect/userinfo - Redirect URL:
https://portainer.example.com - Logout URL:
https://auth.example.com/realms/master/protocol/openid-connect/logout?redirect_uri=https://portainer.example.com/#!/auth - User Identifier:
email - Scopes:
openid profile email - Auth Style: (leave as default or as required by your setup)
- Client ID:
-
Save the settings. You should now be able to log in to Portainer using Keycloak.
docker/- Additional compose files for Cloudflared tunnel and GitHub runner.keycloak/- Keycloak service and custom themesmysql/- MySQL service and datapgadmin/- pgAdmin servicephpmyadmin/- phpMyAdmin serviceportainer/- Portainer service and datapostgres/- PostgreSQL service and datapostgres-kc/- Separate PostgreSQL for Keycloakproxy/- Nginx reverse proxy, configs, certificates, and site definitionswebsite/- Website container (PHP, Nginx, etc.)shares/- Shared files (if any)
Every folder placed in the shares/ directory will automatically become available as a subdomain. For example, if you add a folder named docs inside shares/, it will be accessible at https://docs.example.com (replace example.com with your actual domain).
This allows you to easily expose additional static sites or resources as separate subdomains by simply adding folders to the shares/ directory.
- Data folders (e.g.,
mysql/data/,postgres/data/) are git-ignored for safety and performance. - Custom Keycloak themes can be placed in
keycloak/themes/<your theme name>/. - Configuration files for each service are in their respective folders.
- PHPMyAdmin has a keycloak login flow
- Ensure no other services are running on the same ports.
- Check logs with
docker compose logs <service>for debugging. - For permission issues on data folders, ensure Docker has access to your drive.
For further information or support, visit NoMercy.tv or contact our support team.
Made with ❤️ by NoMercy Entertainment
Feel free to customize this stack for your development needs!