Keycloak: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
| Line 1: | Line 1: | ||
< | <syntaxhighlight lang="bash"> | ||
apt update; apt list --upgradable; cd /opt/ | apt update; apt list --upgradable; cd /opt/ | ||
wget https://github.com/keycloak/keycloak/releases/download/21.0.1/keycloak-21.0.1.tar.gz | wget https://github.com/keycloak/keycloak/releases/download/21.0.1/keycloak-21.0.1.tar.gz | ||
tar -xvzf keycloak-21.0.1.tar.gz | tar -xvzf keycloak-21.0.1.tar.gz | ||
mv keycloak-21.0.1 keycloak | mv keycloak-21.0.1 keycloak | ||
</ | </syntaxhighlight> | ||
==Permission== | ==Permission== | ||
< | <syntaxhighlight lang="bash"> | ||
groupadd keycloak | groupadd keycloak | ||
useradd -r -g keycloak -d /opt/keycloak -s /sbin/nologin keycloak | useradd -r -g keycloak -d /opt/keycloak -s /sbin/nologin keycloak | ||
| Line 18: | Line 18: | ||
chown keycloak: /opt/keycloak/bin/launch.sh | chown keycloak: /opt/keycloak/bin/launch.sh | ||
nano /opt/keycloak/bin/launch.sh | nano /opt/keycloak/bin/launch.sh | ||
</ | </syntaxhighlight> | ||
==Config== | ==Config== | ||
< | <syntaxhighlight lang="bash" highlight="4,11" line> | ||
#!/bin/bash | #!/bin/bash | ||
| Line 34: | Line 34: | ||
$WILDFLY_HOME/bin/standalone.sh -c $2 -b $3 -bmanagement=0.0.0.0 | $WILDFLY_HOME/bin/standalone.sh -c $2 -b $3 -bmanagement=0.0.0.0 | ||
fi | fi | ||
</ | </syntaxhighlight> | ||
==Service== | ==Service== | ||
< | <syntaxhighlight lang="bash"> | ||
cp /opt/keycloak/docs/contrib/scripts/systemd/wildfly.service /etc/systemd/system/keycloak.service | cp /opt/keycloak/docs/contrib/scripts/systemd/wildfly.service /etc/systemd/system/keycloak.service | ||
nano /etc/systemd/system/keycloak.service | nano /etc/systemd/system/keycloak.service | ||
</ | </syntaxhighlight> | ||
< | <syntaxhighlight lang="ini" highlight="2,8-10,12,13" line> | ||
[Unit] | [Unit] | ||
Description=The Keycloak Application Server | Description=The Keycloak Application Server | ||
| Line 60: | Line 60: | ||
[Install] | [Install] | ||
WantedBy=multi-user.target | WantedBy=multi-user.target | ||
</ | </syntaxhighlight> | ||
< | <syntaxhighlight lang="bash"> | ||
systemctl daemon-reload | systemctl daemon-reload | ||
systemctl enable keycloak | systemctl enable keycloak | ||
| Line 69: | Line 69: | ||
systemctl status keycloak | systemctl status keycloak | ||
tail -f /opt/keycloak/standalone/log/server.log | tail -f /opt/keycloak/standalone/log/server.log | ||
</ | </syntaxhighlight> | ||
ssh [email protected] -L 8080:localhost:8080 -L 9990:localhost:9990 | ssh [email protected] -L 8080:localhost:8080 -L 9990:localhost:9990 | ||
| Line 77: | Line 77: | ||
==Docker Compose== | ==Docker Compose== | ||
<code>docker-compose -f ./docker-compose.yml up -d</code> | <code>docker-compose -f ./docker-compose.yml up -d</code> | ||
< | <syntaxhighlight lang="yaml"> | ||
version: '3' | version: '3' | ||
volumes: | volumes: | ||
| Line 119: | Line 119: | ||
depends_on: | depends_on: | ||
- postgres | - postgres | ||
</ | </syntaxhighlight> | ||
==Knowledge== | ==Knowledge== | ||
| Line 150: | Line 150: | ||
* [[LDAP]] | * [[LDAP]] | ||
* [[JWT]] | * [[JWT]] | ||
| valign="top" | | |||
* [[Linux User Creation]] | |||
|} | |} | ||
Latest revision as of 17:03, 12 December 2024
apt update; apt list --upgradable; cd /opt/
wget https://github.com/keycloak/keycloak/releases/download/21.0.1/keycloak-21.0.1.tar.gz
tar -xvzf keycloak-21.0.1.tar.gz
mv keycloak-21.0.1 keycloak
Permission
groupadd keycloak
useradd -r -g keycloak -d /opt/keycloak -s /sbin/nologin keycloak
chown -R keycloak: /opt/keycloak/
chmod o+x /opt/keycloak/bin/
mkdir /etc/keycloak
cp /opt/keycloak/docs/contrib/scripts/systemd/wildfly.conf /etc/keycloak/keycloak.conf
cp /opt/keycloak/docs/contrib/scripts/systemd/launch.sh /opt/keycloak/bin/
chown keycloak: /opt/keycloak/bin/launch.sh
nano /opt/keycloak/bin/launch.sh
Config
#!/bin/bash
if [ "x$WILDFLY_HOME" = "x" ]; then
WILDFLY_HOME="/opt/keycloak"
fi
if [[ "$1" == "domain" ]]; then
$WILDFLY_HOME/bin/domain.sh -c $2 -b $3
else
#$WILDFLY_HOME/bin/standalone.sh -c $2 -b $3
$WILDFLY_HOME/bin/standalone.sh -c $2 -b $3 -bmanagement=0.0.0.0
fi
Service
cp /opt/keycloak/docs/contrib/scripts/systemd/wildfly.service /etc/systemd/system/keycloak.service
nano /etc/systemd/system/keycloak.service
[Unit]
Description=The Keycloak Application Server
After=syslog.target network.target
Before=httpd.service
[Service]
Environment=LAUNCH_JBOSS_IN_BACKGROUND=1
EnvironmentFile=/etc/keycloak/keycloak.conf
User=keycloak
Group=keycloak
LimitNOFILE=102642
PIDFile=/var/run/keycloak/keycloak.pid
ExecStart=/opt/keycloak/bin/launch.sh $WILDFLY_MODE $WILDFLY_CONFIG $WILDFLY_BIND
StandardOutput=null
[Install]
WantedBy=multi-user.target
systemctl daemon-reload
systemctl enable keycloak
systemctl start keycloak
systemctl status keycloak
tail -f /opt/keycloak/standalone/log/server.log
ssh [email protected] -L 8080:localhost:8080 -L 9990:localhost:9990 http://localhost:8080/ http://localhost:9990/
Docker Compose
docker-compose -f ./docker-compose.yml up -d
version: '3'
volumes:
postgres_data:
driver: local
services:
postgres:
image: postgres
container_name: postgres
extra_hosts:
- "host.docker.internal:host-gateway"
volumes:
- postgres_data:/var/lib/postgresql/data
environment:
POSTGRES_DB: keycloak
POSTGRES_USER: keycloak
POSTGRES_PASSWORD: password
pgadmin:
container_name: pgadmin
image: dpage/pgadmin4
environment:
PGADMIN_DEFAULT_EMAIL: ${PGADMIN_DEFAULT_EMAIL:[email protected]}
PGADMIN_DEFAULT_PASSWORD: ${PGADMIN_DEFAULT_PASSWORD:-admin}
ports:
- "5050:80"
restart: unless-stopped
keycloak:
image: jboss/keycloak:7.0.1
container_name: keycloak
environment:
DB_VENDOR: POSTGRES
DB_ADDR: postgres
DB_DATABASE: keycloak
DB_USER: keycloak
DB_SCHEMA: public
DB_PASSWORD: password
KEYCLOAK_USER: admin
KEYCLOAK_PASSWORD: Pa55w0rd
ports:
- 8090:8080
depends_on:
- postgres
Knowledge
docker run --add-host=host.docker.internal:host-gateway\ --rm alpine ping host.docker.internal