Compare commits
merge into: 0k:master
0k:0k/dev/master
0k:backup
0k:bgallet/mattermost
0k:bgallet/nextcloud
0k:boris/smtp-extern
0k:charm-codimd-new
0k:cups_service_alpha
0k:dev
0k:dev1
0k:dhcp
0k:element
0k:etherpad-upd
0k:framadate
0k:get-version
0k:lokavaluto/dev/master
0k:master
0k:matomo
0k:new-mailhog-charms
0k:new-monujo-options
0k:nj-collabra-office
0k:nj-keycloak-17.0
0k:nj-organice-charm
0k:nj-vaulwarden-migrate
0k:ntfy-install
0k:odoo_fix_webhook_url
0k:postgres
0k:test
0k:upd-docker
0k:update-latest-synapse
0k:wip
pull from: 0k:nj-vaulwarden-migrate
0k:0k/dev/master
0k:backup
0k:bgallet/mattermost
0k:bgallet/nextcloud
0k:boris/smtp-extern
0k:charm-codimd-new
0k:cups_service_alpha
0k:dev
0k:dev1
0k:dhcp
0k:element
0k:etherpad-upd
0k:framadate
0k:get-version
0k:lokavaluto/dev/master
0k:master
0k:matomo
0k:new-mailhog-charms
0k:new-monujo-options
0k:nj-collabra-office
0k:nj-keycloak-17.0
0k:nj-organice-charm
0k:nj-vaulwarden-migrate
0k:ntfy-install
0k:odoo_fix_webhook_url
0k:postgres
0k:test
0k:upd-docker
0k:update-latest-synapse
0k:wip
6 Commits
master
...
nj-vaulwar
Author | SHA1 | Message | Date |
---|---|---|---|
default | 3be388b8ef |
upd: [bitwarden] migrate to vaulwarden docker image
|
3 years ago |
Valentin Lab | 8db201ab0f |
new: [mailhog] new charm
Signed-off-by: Valentin Lab <valentin.lab@kalysto.org> |
3 years ago |
Valentin Lab | 2b5935e361 |
chg: [peertube] upgrade to ``v4.1.0``
Signed-off-by: Valentin Lab <valentin.lab@kalysto.org> |
3 years ago |
Valentin Lab | c405bf7512 |
chg: [keycloak] upgrade to version ``17.0.1``
Signed-off-by: Valentin Lab <valentin.lab@kalysto.org> |
3 years ago |
Valentin Lab | 366c2810b3 |
new: [postgres] allow relation options ``encoding``, ``lc-collate``, ``lc-ctype``, ``template``
These options are only used upon creation of the database. Signed-off-by: Valentin Lab <valentin.lab@kalysto.org> |
3 years ago |
Valentin Lab | c27b9e6f1c |
new: [monujo] support any section in options to transfer in ``config.json``
Signed-off-by: Valentin Lab <valentin.lab@kalysto.org> |
3 years ago |
13 changed files with 158 additions and 78 deletions
-
1bitwarden/metadata.yml
-
32keycloak/README.rst
-
12keycloak/build/Dockerfile
-
37keycloak/hooks/post_deploy
-
9keycloak/hooks/postgres_database-relation-joined
-
7keycloak/hooks/web_proxy-relation-joined
-
4keycloak/metadata.yml
-
31mailhog/metadata.yml
-
74monujo/lib/common
-
7peertube/build/Dockerfile
-
2peertube/build/docker-compose.yml
-
11postgres/hooks/postgres_database-relation-joined
-
3postgres/lib/common
@ -0,0 +1,32 @@ |
|||
Description |
|||
=========== |
|||
|
|||
Using ``keycloak`` version 17.0 |
|||
|
|||
|
|||
Usage |
|||
===== |
|||
|
|||
To start with ``keycloak``, just put this service in your |
|||
``compose.yml``:: |
|||
|
|||
keycloak: |
|||
options: |
|||
admin-password: CHANGEME |
|||
relations: |
|||
web-proxy: |
|||
frontend: |
|||
domain: id.mydomain.fr |
|||
|
|||
Customize theme |
|||
=============== |
|||
|
|||
You can customize theme by putting your theme in |
|||
``/srv/datastore/data/keycloak/opt/keycloak/themes`` |
|||
|
|||
For example copy the material folder from |
|||
https://github.com/MAXIMUS-DeltaWare/material-keycloak-theme and |
|||
restart ``keycloak``. |
|||
|
|||
Then go to your admin console, log in and go to the realm/themes part |
|||
to choose you new theme |
@ -0,0 +1,12 @@ |
|||
FROM docker.0k.io/keycloak:17.0.1 as builder |
|||
|
|||
ENV KC_METRICS_ENABLED=true |
|||
ENV KC_FEATURES=token-exchange |
|||
ENV KC_DB=postgres |
|||
RUN /opt/keycloak/bin/kc.sh build |
|||
|
|||
FROM docker.0k.io/keycloak:17.0.0 |
|||
COPY --from=builder /opt/keycloak/lib/quarkus/ /opt/keycloak/lib/quarkus/ |
|||
WORKDIR /opt/keycloak |
|||
ENV KC_LOG_LEVEL=INFO |
|||
ENTRYPOINT ["/opt/keycloak/bin/kc.sh", "start"] |
@ -1,37 +0,0 @@ |
|||
#!/bin/bash |
|||
|
|||
## Init is run on host |
|||
## For now it is run every time the script is launched, but |
|||
## it should be launched only once after build. |
|||
|
|||
## Accessible variables are: |
|||
## - SERVICE_NAME Name of current service |
|||
## - DOCKER_BASE_IMAGE Base image from which this service might be built if any |
|||
## - SERVICE_DATASTORE Location on host of the DATASTORE of this service |
|||
## - SERVICE_CONFIGSTORE Location on host of the CONFIGSTORE of this service |
|||
|
|||
PASSWORD_SET_CONTROL="$SERVICE_CONFIGSTORE/.password-set-control" |
|||
|
|||
set -e |
|||
|
|||
if [ -e "$PASSWORD_SET_CONTROL" ]; then |
|||
exit 0 |
|||
fi |
|||
|
|||
containers=($(get_running_containers_for_service "$SERVICE_NAME")) |
|||
if [ "${#containers[@]}" == 0 ]; then |
|||
err "no containers found for service ${DARKYELLOW}$SERVICE_NAME${NORMAL}" |
|||
exit 1 |
|||
fi |
|||
|
|||
## It is not possible at first glance to reset password, so we decided |
|||
## to set to admin/admin. This means it is important to change the |
|||
## admin password as soon as possible. |
|||
|
|||
## XXXvlab: taking the first container |
|||
container_id="${containers[0]}" |
|||
docker exec "$container_id" \ |
|||
/opt/jboss/keycloak/bin/add-user-keycloak.sh \ |
|||
-u "admin" -p "admin" |
|||
docker restart "$container_id" |
|||
mkdir -p "${PASSWORD_SET_CONTROL%/*}" && touch "$PASSWORD_SET_CONTROL" |
@ -1,11 +1,16 @@ |
|||
#!/bin/bash |
|||
|
|||
DOMAIN=$(relation-get domain) || exit 1 |
|||
|
|||
set -e |
|||
|
|||
config-add "\ |
|||
services: |
|||
$MASTER_BASE_SERVICE_NAME: |
|||
environment: |
|||
PROXY_ADDRESS_FORWARDING: \"true\" |
|||
KC_HOSTNAME: "$DOMAIN" |
|||
KC_PROXY: edge |
|||
KC_HTTP_ENABLED: \"true\" |
|||
KC_HOSTNAME_STRICT: \"false\" |
|||
" |
|||
|
@ -0,0 +1,31 @@ |
|||
docker-image: docker.0k.io/mailhog:1.0.1 ## from: mailhog/mailhog:v1.0.1 |
|||
data-resources: |
|||
- /home/mailhog |
|||
|
|||
default-options: |
|||
|
|||
uses: |
|||
web-proxy: |
|||
#constraint: required | recommended | optional |
|||
#auto: pair | summon | none ## default: pair |
|||
constraint: recommended |
|||
auto: pair |
|||
solves: |
|||
proxy: "Public access" |
|||
default-options: |
|||
target: !var-expand ${MASTER_BASE_SERVICE_NAME}:8025 |
|||
backup: |
|||
constraint: recommended |
|||
auto: pair |
|||
solves: |
|||
backup: "Automatic regular backup" |
|||
default-options: |
|||
## First pattern matching wins, no pattern matching includes. |
|||
## include-patterns are checked first, then exclude-patterns |
|||
## Patterns rules: |
|||
## - ending / for directory |
|||
## - '*' authorized |
|||
## - must start with a '/', will start from $SERVICE_DATASTORE |
|||
#exclude-patterns: |
|||
# - "/var/lib/odoo/sessions/" |
|||
|
Write
Preview
Loading…
Cancel
Save
Reference in new issue