Keycloak: Difference between revisions

← Older edit Newer edit →

VisualWikitext

@@ Line 1: / Line 1: @@
-'''[https://keycloak.org/ Keycloak]''' ([[wikipedia:en:Keycloak|Wikipedia]]) is identity and access management software, and can serve as an authentication server for applications (providing support for OpenID Connect, OAuth 2.0, and SAML.)
+'''[https://keycloak.org/ Keycloak]''' ([[wikipedia:en:Keycloak|Wikipedia]]) is identity and access management software, and can serve as an authentication server for applications (providing support for OpenID Connect, OAuth 2.0, and SAML).
-'''Keycloak''' is...
+For official documentation on Keycloak please consult the [https://nixos.org/manual/nixos/stable/index.html#module-services-keycloak NixOS manual].
-* covered in the [https://nixos.org/manual/nixos/stable/index.html#module-services-keycloak NixOS manual]
+== Setup ==
-* packaged [https://search.nixos.org/packages?type=packages&query=keycloak for Nix]
+Following configuration will enable a minimal and insecure Keycloak instance for '''testing purpose'''.<syntaxhighlight lang="nix">
-* available as a [https://search.nixos.org/options?query=keycloak NixOS service]
+environment.etc."keycloak-database-pass".text = "PWD";
-* written in [[Java]]
+services.keycloak = {
-* maintained by Red Hat
+  enable = true;
+  settings = {
-== Troubleshooting ==
+    hostname = "localhost";
+    http-enabled = true;
-=== Installing on system without X11 ===
+    hostname-strict-https = false;
+  };
-If, when you perform:
+  database.passwordFile = "/etc/keycloak-database-pass";
+};
-<syntaxhighlight lang="bash">
+</syntaxhighlight>After applying the configuration the Keycloak management interface will be available at http://localhost. Login with username <code>admin</code> and password <code>changeme</code>.
-nixos-rebuild switch
-</syntaxhighlight>
-... you encounter errors like:
-<syntaxhighlight lang="bash">
-building Nix...
-...
-checking for CAIRO_BACKEND... no
-configure: error: Package requirements (cairo-xlib >= 1.6) were not met:
-No package 'cairo-xlib' found
-...
-error: build of '/nix/store/vfz...2a0-nixos-system-nixos-21.11pre322478.e4ef597edfd.drv' failed
-</syntaxhighlight>
-... it would be because the package expects X11 to be installed. The [https://nixos.org/manual/nixos/unstable/options.html#opt-environment.noXlibs environment.noXlibs] NixOS option will specify to not require the X11 libraries:
-{{file|/etc/nixos/configuration.nix|nix|<nowiki>
+== Tips and tricks ==
-{ config, pkgs, ... }:
-{
-  environment.noXlibs = false;
-}
-</nowiki>}}
-== Installation in subdirectory ==
+=== Installation in subdirectory ===
 Keycloak may be installed in a subdirectory of a domain. Thus you don't need to configure and expose a subdomain. For example with the following configuration, remember to edit <code>domain.tld</code>, reflecting your used domain.
@@ Line 101: / Line 72: @@
 </nowiki>}}
-== Keycloak themes on NixOS ==
+=== Keycloak themes on NixOS ===
 You need to create a package for your custom theme and configure the keycloak service to use it
@@ Line 118: / Line 88: @@
          - keycloak_custom_theme.nix <- package for your theme
-=== Create a theme ===
+==== Create a theme ====
 {{file|custom.css|css|<nowiki>
@@ Line 134: / Line 103: @@
 </nowiki>}}
-=== Create a package ===
+==== Create a package ====
 {{file|keycloak_custom_theme.nix|nix|<nowiki>
      { stdenv }:
@@ Line 154: / Line 122: @@
 </nowiki>}}
-=== Create a packages set ===
+==== Create a packages set ====
 {{file|default.nix|nix|<nowiki>
@@ Line 169: / Line 136: @@
 </nowiki>}}
+==== Configure your keycloak service ====
-=== Configure your keycloak service ===
 {{file|configuration.nix|nix|<nowiki>
      { config, pkgs, lib, ... }:
@@ Line 197: / Line 162: @@
 </nowiki>}}
-[[Category: Applications]]
+[[Category:Server]]
+[[Category:Security]]
+[[Category:NixOS Manual]]