forked from coop-cloud/keycloak
delete abra-specific files. Rewrite README
This commit is contained in:
parent
04b584ab4f
commit
2bdc8f8d1e
41
.drone.yml
41
.drone.yml
|
@ -1,41 +0,0 @@
|
||||||
---
|
|
||||||
kind: pipeline
|
|
||||||
name: deploy to swarm-test.autonomic.zone
|
|
||||||
steps:
|
|
||||||
- name: deployment
|
|
||||||
image: git.coopcloud.tech/coop-cloud/stack-ssh-deploy:latest
|
|
||||||
settings:
|
|
||||||
host: swarm-test.autonomic.zone
|
|
||||||
stack: keycloak
|
|
||||||
networks:
|
|
||||||
- proxy
|
|
||||||
generate_secrets: true
|
|
||||||
purge: true
|
|
||||||
deploy_key:
|
|
||||||
from_secret: drone_ssh_swarm_test
|
|
||||||
environment:
|
|
||||||
DOMAIN: keycloak.swarm-test.autonomic.zone
|
|
||||||
STACK_NAME: keycloak
|
|
||||||
LETS_ENCRYPT_ENV: production
|
|
||||||
SECRET_ADMIN_PASSWORD_VERSION: v1
|
|
||||||
SECRET_DB_PASSWORD_VERSION: v1
|
|
||||||
SECRET_DB_ROOT_PASSWORD_VERSION: v1
|
|
||||||
trigger:
|
|
||||||
branch:
|
|
||||||
- master
|
|
||||||
---
|
|
||||||
kind: pipeline
|
|
||||||
name: generate recipe catalogue
|
|
||||||
steps:
|
|
||||||
- name: release a new version
|
|
||||||
image: plugins/downstream
|
|
||||||
settings:
|
|
||||||
server: https://build.coopcloud.tech
|
|
||||||
token:
|
|
||||||
from_secret: drone_abra-bot_token
|
|
||||||
fork: true
|
|
||||||
repositories:
|
|
||||||
- coop-cloud/auto-recipes-catalogue-json
|
|
||||||
|
|
||||||
trigger:
|
|
||||||
event: tag
|
|
50
README.md
50
README.md
|
@ -1,46 +1,18 @@
|
||||||
# keycloak
|
# Keycloak
|
||||||
|
|
||||||
[![Build Status](https://drone.autonomic.zone/api/badges/coop-cloud/keycloak/status.svg)](https://drone.autonomic.zone/coop-cloud/keycloak)
|
Wiki Cafe's configuration for a Keycloak deployment. Originally slimmed down from a `abra` [recipe](https://git.coopcloud.tech/coop-cloud/keycloak) by [Co-op Cloud](https://coopcloud.tech/).
|
||||||
|
|
||||||
[Keycloak](https://www.keycloak.org) + Coöp Cloud.
|
|
||||||
|
|
||||||
<!-- metadata -->
|
## Deploying the app with Docker Swarm
|
||||||
* **Category**: Apps
|
|
||||||
* **Status**: 2, beta
|
|
||||||
* **Image**: [`jboss/keycloak`](https://hub.docker.com/r/jboss/keycloak), 4, upstream
|
|
||||||
* **Healthcheck**: Yes
|
|
||||||
* **Backups**: ?
|
|
||||||
* **Email**: 1
|
|
||||||
* **Tests**: 2
|
|
||||||
* **SSO**: N/A
|
|
||||||
<!-- endmetadata -->
|
|
||||||
|
|
||||||
## Basic usage
|
Set the environment variables from the .env file during the shell session.
|
||||||
|
|
||||||
1. Set up Docker Swarm and [`abra`][abra]
|
```
|
||||||
2. Deploy [`coop-cloud/traefik`][cc-traefik]
|
set -a && source .env && set +a^C
|
||||||
3. `abra app new keycloak --secrets` (optionally with `--pass` if you'd like
|
```
|
||||||
to save secrets in `pass`)
|
|
||||||
4. `abra app config YOURAPPDOMAIN` - be sure to change `$DOMAIN` to something that resolves to
|
|
||||||
your Docker swarm box
|
|
||||||
5. `abra app deploy YOURAPPDOMAIN`
|
|
||||||
|
|
||||||
## How do I setup a custom theme?
|
Deploy using the `-c` flag to specify multiple compose files.
|
||||||
|
|
||||||
Check [this approach](https://git.autonomic.zone/ruangrupa/login.lumbung.space).
|
```
|
||||||
|
docker stack deploy traefik -c compose.yaml -c compose.googledomains.yaml
|
||||||
## How do I create another admin user?
|
```
|
||||||
|
|
||||||
- Under the `Master` realm > `Users` > `Add user`
|
|
||||||
- Create the user and set a temporary password
|
|
||||||
- Under the `Role Mappings` tab, move `admin` from `Available Roles` into `Assigned Roles`
|
|
||||||
|
|
||||||
## How do I configure Keycloak login for..
|
|
||||||
|
|
||||||
- [Nextcloud][nextcloud]
|
|
||||||
- [Peertube][peertube]
|
|
||||||
|
|
||||||
[nextcloud]: https://git.coopcloud.tech/coop-cloud/nextcloud
|
|
||||||
[peertube]: https://git.coopcloud.tech/coop-cloud/peertube
|
|
||||||
[abra]: https://git.autonomic.zone/autonomic-cooperative/abra
|
|
||||||
[cc-traefik]: https://git.autonomic.zone/coop-cloud/traefik
|
|
||||||
|
|
|
@ -1,12 +0,0 @@
|
||||||
This major release comes with a blog post about a CVE:
|
|
||||||
|
|
||||||
https://www.keycloak.org/2021/12/cve.html
|
|
||||||
|
|
||||||
Not all versions are affected but they're suggesting that people upgrade soon.
|
|
||||||
|
|
||||||
As per usual, this upgrade didn't go too smoothly and I ended up having to
|
|
||||||
undeploy and deploy the new versions. The healtcheck kept failing on the new
|
|
||||||
instance when trying to deploy alongside the existing old version. Idk, some
|
|
||||||
docker weirdness.
|
|
||||||
|
|
||||||
No app data errors discovered after upgrade.
|
|
|
@ -1,9 +0,0 @@
|
||||||
You'll need to remove `/auth/` from your app SSO URLs, e.g.
|
|
||||||
|
|
||||||
https://foo.example.com/auth/realms/foo/protocol/openid-connect/auth
|
|
||||||
|
|
||||||
Would become:
|
|
||||||
|
|
||||||
https://foo.example.com/realms/foo/protocol/openid-connect/auth
|
|
||||||
|
|
||||||
-- decentral1se @ Autonomic
|
|
|
@ -1,2 +0,0 @@
|
||||||
Healthchecks are disabled, see
|
|
||||||
https://git.coopcloud.tech/coop-cloud/keycloak/issues/15
|
|
|
@ -1,6 +0,0 @@
|
||||||
{
|
|
||||||
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
|
|
||||||
"extends": [
|
|
||||||
"config:base"
|
|
||||||
]
|
|
||||||
}
|
|
Loading…
Reference in New Issue