From c71f3bc5190c5e31063eaaf9c0956072e526bdaf Mon Sep 17 00:00:00 2001 From: decentral1se Date: Tue, 8 Mar 2022 09:34:00 +0100 Subject: [PATCH] very hacky multiple keycloaks! See https://git.coopcloud.tech/coop-cloud/matrix-synapse/issues/24. --- abra.sh | 2 +- compose.keycloak2.yml | 17 +++++++++++++++++ homeserver.yaml.tmpl | 13 +++++++++++++ 3 files changed, 31 insertions(+), 1 deletion(-) create mode 100644 compose.keycloak2.yml diff --git a/abra.sh b/abra.sh index 77ba8be..13fd8b8 100644 --- a/abra.sh +++ b/abra.sh @@ -1,3 +1,3 @@ export ENTRYPOINT_CONF_VERSION=v1 -export HOMESERVER_YAML_VERSION=v3 +export HOMESERVER_YAML_VERSION=v4 export LOG_CONFIG_VERSION=v2 diff --git a/compose.keycloak2.yml b/compose.keycloak2.yml new file mode 100644 index 0000000..a956e61 --- /dev/null +++ b/compose.keycloak2.yml @@ -0,0 +1,17 @@ +--- +version: "3.8" + +services: + app: + secrets: + - keycloak2_client_secret + environment: + - KEYCLOAK2_CLIENT_ID + - KEYCLOAK2_ENABLED + - KEYCLOAK2_NAME + - KEYCLOAK2_URL + +secrets: + keycloak2_client_secret: + external: true + name: ${STACK_NAME}_keycloak2_client_secret_${SECRET_KEYCLOAK2_CLIENT_SECRET_VERSION} diff --git a/homeserver.yaml.tmpl b/homeserver.yaml.tmpl index a1c27c9..dd3bdda 100644 --- a/homeserver.yaml.tmpl +++ b/homeserver.yaml.tmpl @@ -1897,6 +1897,19 @@ oidc_providers: display_name_template: "{{ "{{ user.name }}" }}" {{ end }} + {{ if eq (env "KEYCLOAK2_ENABLED") "1" }} + - idp_id: keycloak2 + idp_name: {{ env "KEYCLOAK2_NAME" }} + issuer: "{{ env "KEYCLOAK2_URL" }}" + client_id: "{{ env "KEYCLOAK2_CLIENT_ID" }}" + client_secret: "{{ secret "keycloak2_client_secret" }}" + scopes: ["openid", "profile"] + user_mapping_provider: + config: + localpart_template: "{{ "{{ user.preferred_username }}" }}" + display_name_template: "{{ "{{ user.name }}" }}" + {{ end }} + # Enable Central Authentication Service (CAS) for registration and login. #