very hacky multiple keycloaks!

See #24.
5 months ago · c71f3bc519
3 changed files with 31 additions and 1 deletions
--- a/abra.sh
+++ b/abra.sh
@ -1,3 +1,3 @@
 export ENTRYPOINT_CONF_VERSION=v1
-export HOMESERVER_YAML_VERSION=v3
+export HOMESERVER_YAML_VERSION=v4
 export LOG_CONFIG_VERSION=v2
--- a/compose.keycloak2.yml
+++ b/compose.keycloak2.yml
@ -0,0 +1,17 @@
+---
+version: "3.8"
+
+services:
+  app:
+    secrets:
+      - keycloak2_client_secret
+    environment:
+      - KEYCLOAK2_CLIENT_ID
+      - KEYCLOAK2_ENABLED
+      - KEYCLOAK2_NAME
+      - KEYCLOAK2_URL
+
+secrets:
+  keycloak2_client_secret:
+    external: true
+    name: ${STACK_NAME}_keycloak2_client_secret_${SECRET_KEYCLOAK2_CLIENT_SECRET_VERSION}
--- a/homeserver.yaml.tmpl
+++ b/homeserver.yaml.tmpl
@ -1897,6 +1897,19 @@ oidc_providers:
        display_name_template: "{{ "{{ user.name }}" }}"
  {{ end }}

+  {{ if eq (env "KEYCLOAK2_ENABLED") "1" }}
+  - idp_id: keycloak2
+    idp_name: {{ env "KEYCLOAK2_NAME" }}
+    issuer: "{{ env "KEYCLOAK2_URL" }}"
+    client_id: "{{ env "KEYCLOAK2_CLIENT_ID" }}"
+    client_secret: "{{ secret "keycloak2_client_secret" }}"
+    scopes: ["openid", "profile"]
+    user_mapping_provider:
+      config:
+        localpart_template: "{{ "{{ user.preferred_username }}" }}"
+        display_name_template: "{{ "{{ user.name }}" }}"
+  {{ end }}
+

 # Enable Central Authentication Service (CAS) for registration and login.
 #