This article is for those looking for a detailed and straightforward guide on installing Outline and Keycloak using Docker Compose.

Outline is a free standalone wiki engine and a collaborative knowledge base for teams.

💾 You can find the repository used in this guide on GitHub.

In this guide, Outline will use user accounts created in Keycloak for access to the Outline management panel, and MinIO for storing documents uploaded through Outline.

We’ll use Traefik as our reverse proxy. It’ll handle obtaining cryptographic certificates from Let’s Encrypt for your domain names and route requests to the corresponding services based on those domains.

❗ Remember that without a secure connection, the services will not work.

❗ To obtain cryptographic certificates, you will need A-type records in the external DNS zone, which point to the IP address of your server where Traefik is installed. If you have created these records recently, you should wait before starting the installation of the services. Full replication of these records between DNS servers can take from a few minutes to 48 hours or even longer in rare cases.

💡 Note that MinIO has a known limitation: you can’t use your domain or subdomain as the bucket name. For instance, if your wiki address is outline.<your-domain>.<tld>, choose a different name for your bucket.

❗ Ensure that your AWS_S3_UPLOAD_BUCKET_URL that is set in the .env file is a publicly accessible URL that corresponds to your domain. This is crucial because the Outline server will redirect traffic directly to MinIO.

In this guide, we will consider the case where you already have a server with Ubuntu Server 22.04 LTS installed on it.

You can find detailed information on how to install Ubuntu Server 22.04 LTS in my guide “Install Ubuntu Server 22.04 LTS”.

Docker Engine and Docker Compose must also be installed on the server.

You can learn how to install Docker Engine on Ubuntu Server by reading Install Docker Engine and Docker Compose on Ubuntu Server”.

In addition, OpenSSH must be installed on the server, and port 22 must be open in order to be able to connect to the server using the SSH protocol.

To install OpenSSH on the server you can use the command:

sudo apt install openssh-server

If you plan to connect to the server using the Windows operating system, you can use PuTTY or MobaXterm.

This guide covers connecting to the server using the terminal emulator iTerm2, installed on the macOS operating system.

💡 Please note, you will need to open the following TCP ports for access to the services:

  • TCP port 80 - to obtain a free cryptographic certificate through the Let’s Encrypt certification center.
  • TCP port 443 - to access the Outline web interface.

We connect to the server on which Outline is planned to be installed.

Now it is necessary to create networks for your services.

We create a network for Traefik using the command:

docker network create traefik-network

Install Outline and Keycloak Using Docker Compose

We create a network for Keycloak using the command:

docker network create keycloak-network

Install Outline and Keycloak Using Docker Compose

We create a network for Outline using the command:

docker network create outline-network

Install Outline and Keycloak Using Docker Compose

Next, you need to clone the repository that contains the configuration files, which include all the necessary conditions for Outline to work.

You can clone the repository using the command:

git clone https://github.com/heyValdemar/outline-keycloak-traefik-letsencrypt-docker-compose.git

Install Outline and Keycloak Using Docker Compose

Navigate to the directory with the repository using the command:

cd outline-keycloak-traefik-letsencrypt-docker-compose

Install Outline and Keycloak Using Docker Compose

Next, you need to change the variables in the .env file according to your requirements.

💡 Note that MinIO has a known limitation: you can’t use your domain or subdomain as the bucket name. For instance, if your wiki address is outline.<your-domain>.<tld>, choose a different name for your bucket.

❗ Ensure that your AWS_S3_UPLOAD_BUCKET_URL that is set in the .env file is a publicly accessible URL that corresponds to your domain. This is crucial because the Outline server will redirect traffic directly to MinIO.

💡 Note that the .env file should be in the same directory as 01-traefik-outline-letsencrypt-docker-compose.yml, 02-keycloak-outline-docker-compose.yml, and 03-outline-minio-redis-docker-compose.yml.

❗ The value for the OUTLINE_OIDC_CLIENT_SECRET variable can be obtained after installing Keycloak using 02-keycloak-outline-docker-compose.yml.

❗ Additionally, you need to specify your values for OUTLINE_SECRET_KEY and OUTLINE_UTILS_SECRET.

The values for OUTLINE_SECRET_KEY and OUTLINE_UTILS_SECRET can be generated using the command:

openssl rand -hex 32

Now we will start Traefik using the command:

docker compose -f 01-traefik-outline-letsencrypt-docker-compose.yml -p traefik up -d

Install Outline and Keycloak Using Docker Compose

Next, we will start Keycloak using the command:

docker compose -f 02-keycloak-outline-docker-compose.yml -p keycloak up -d

Install Outline and Keycloak Using Docker Compose

From the workstation, navigate to the link https://keycloak.outline.heyvaldemar.net, where keycloak.outline.heyvaldemar.net is the name of my subdomain for accessing the Keycloak management panel. Accordingly, you need to specify your domain name, which points to the IP address of your server with the installed Traefik service, which will redirect the request to Keycloak.

Click on the “Administration Console” button.

Install Outline and Keycloak Using Docker Compose

Enter the username and password that you previously set in the .env file, and click the “Sign In” button.

Install Outline and Keycloak Using Docker Compose

Now you need to create a new Realm and configure it correctly so that users can log into Outline using Keycloak.

Click the “Create Realm” button in the upper left corner.

Install Outline and Keycloak Using Docker Compose

In the “Realm name” field, enter “outline” (in lowercase) and click the “Create” button.

Install Outline and Keycloak Using Docker Compose

Next, select “Clients” in the “Manage” section and click the “Create client” button.

Install Outline and Keycloak Using Docker Compose

In the “Client type” field, select “OpenID Connect”.

In the “Client ID” field, enter “outline” (in lowercase) and click the “Next” button.

Install Outline and Keycloak Using Docker Compose

Next, you need to enable “Client authentication” and select “Standard flow” in the “Authentication flow” section.

All other values should be disabled.

Click the “Next” button.

Install Outline and Keycloak Using Docker Compose

In the “Root URL” field, enter https://outline.heyvaldemar.net/

In the “Home URL” field, enter https://outline.heyvaldemar.net/

In the “Valid redirect URIs” field, enter https://outline.heyvaldemar.net/*

💡 Please note, outline.heyvaldemar.net is the domain name of my service. Accordingly, you need to specify your domain name, which points to the IP address of your server with the installed Traefik service, which will redirect the request to Outline.

Click the “Save” button.

Install Outline and Keycloak Using Docker Compose

Navigate to the “Credentials” tab and copy the contents of the “Client secret” field.

Install Outline and Keycloak Using Docker Compose

Paste the copied contents of the “Client secret” field into the OUTLINE_OIDC_CLIENT_SECRET variable in the .env file.

Install Outline and Keycloak Using Docker Compose

Now let’s create a user who will be able to log into Outline using Keycloak.

Select “Users” in the “Manage” section and click the “Add user” button.

Install Outline and Keycloak Using Docker Compose

In the next step, you need to specify: username, email address, first name, last name, and password.

💡 Note that if you provide an email address, the user will be able to log into Outline using not only the username but also the email.

Click the “Create” button.

Install Outline and Keycloak Using Docker Compose

Next, you need to set a password for the new user.

Go to the “Credentials” tab and click the “Set password” button.

Install Outline and Keycloak Using Docker Compose

Enter a strong password and click the “Save” button.

Install Outline and Keycloak Using Docker Compose

Certainly! Below is the translation of the provided text:

Click the “Save password” button to confirm the assignment of a new password for the user.

Install Outline and Keycloak Using Docker Compose

The new password has been successfully set.

Install Outline and Keycloak Using Docker Compose

Now you can launch Outline with accompanying services and log into Outline using the previously created user.

Let’s launch Outline with the following command:

docker compose -f 03-outline-minio-redis-docker-compose.yml -p outline up -d

Install Outline and Keycloak Using Docker Compose

To access the Outline management panel, go to https://outline.heyvaldemar.net from your workstation, where outline.heyvaldemar.net is the domain name of my service. Accordingly, you need to specify your domain name that points to the IP address of your server with the installed Traefik service, which will redirect the request to Outline.

💡 Note that you need to specify the domain name of the service, previously defined in the .env file.

Click the “Continue with Keycloak” button.

Install Outline and Keycloak Using Docker Compose

Enter the username or email address and password previously set in Keycloak.

Install Outline and Keycloak Using Docker Compose

Welcome to the Outline control panel.

Install Outline and Keycloak Using Docker Compose

To access the MinIO control panel, go to https://console.minio.outline.heyvaldemar.net from your workstation, where console.minio.outline.heyvaldemar.net is the domain name of my service. Accordingly, you need to specify your domain name that points to the IP address of your server with the installed Traefik service, which will redirect the request to MinIO.

💡 Note that you need to specify the domain name of the service, previously defined in the .env file.

Enter the username and password previously set in the .env file, and click the “Login” button.

Install Outline and Keycloak Using Docker Compose

To access the Traefik control panel, go to https://traefik.outline.heyvaldemar.net from your workstation, where traefik.outline.heyvaldemar.net is the domain name of my service. Accordingly, you need to specify your domain name that points to the IP address of your server with the installed Traefik.

💡 Note that you need to specify the domain name of the service, previously defined in the .env file.

Enter the username and password previously set in the .env file, and click the “OK” button.

Install Outline and Keycloak Using Docker Compose

Welcome to the Traefik control panel.

Install Outline and Keycloak Using Docker Compose


My Courses

🎓 Dive into my comprehensive IT courses designed for enthusiasts and professionals alike. Whether you’re looking to master Docker, conquer Kubernetes, or advance your DevOps skills, my courses provide a structured pathway to enhancing your technical prowess.

My Services

💼 Take a look at my service catalog and find out how we can make your technological life better. Whether it’s increasing the efficiency of your IT infrastructure, advancing your career, or expanding your technological horizons — I’m here to help you achieve your goals. From DevOps transformations to building gaming computers — let’s make your technology unparalleled!

Refill My Coffee Supplies

💖 PayPal
🏆 Patreon
💎 GitHub
🥤 BuyMeaCoffee
🍪 Ko-fi

Follow Me

🎬 YouTube
🐦 Twitter
🎨 Instagram
🐘 Mastodon
🧵 Threads
🎸 Facebook
🧊 Bluesky
🎥 TikTok
💻 LinkedIn
📣 daily.dev Squad
🧩 LeetCode
🐈 GitHub

Is this content AI-generated?

Nope! Each article is crafted by me, fueled by a deep passion for Docker and decades of IT expertise. While I employ AI to refine the grammar—ensuring the technical details are conveyed clearly—the insights, strategies, and guidance are purely my own. This approach may occasionally activate AI detectors, but you can be certain that the underlying knowledge and experiences are authentically mine.

Vladimir Mikhalev
I’m Vladimir Mikhalev, the Docker Captain, but my friends can call me Valdemar.

DevOps Community

hey 👋 If you have questions about installation or configuration, then ask me and members of our community: