diff --git a/ct/keycloak.sh b/ct/keycloak.sh new file mode 100644 index 00000000..8d897845 --- /dev/null +++ b/ct/keycloak.sh @@ -0,0 +1,72 @@ +#!/usr/bin/env bash +source <(curl -fsSL https://raw.githubusercontent.com/remz1337/ProxmoxVED/pr-keycloak/misc/build.func) +# Copyright (c) 2021-2025 tteck +# Author: tteck (tteckster) | Co-Author: remz1337 +# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE +# Source: https://www.keycloak.org/ + +APP="Keycloak" +var_tags="${var_tags:-access-management}" +var_cpu="${var_cpu:-2}" +var_ram="${var_ram:-2048}" +var_disk="${var_disk:-4}" +var_os="${var_os:-debian}" +var_version="${var_version:-12}" +var_unprivileged="${var_unprivileged:-1}" + +header_info "$APP" +variables +color +catch_errors + +function update_script() { + header_info + check_container_storage + check_container_resources + if [[ ! -f /etc/systemd/system/keycloak.service ]]; then + msg_error "No ${APP} Installation Found!" + exit + fi + + msg_info "Stopping ${APP}" + systemctl stop keycloak + msg_ok "Stopped ${APP}" + + msg_info "Updating packages" + apt-get update &>/dev/null + apt-get -y upgrade &>/dev/null + msg_ok "Updated packages" + + msg_info "Backup old Keycloak" + cd /opt + mv keycloak keycloak.old + tar -czf keycloak_conf_backup.tar.gz keycloak.old/conf + msg_ok "Backup done" + + fetch_and_deploy_gh_release "keycloak" "keycloak/keycloak" "prebuild" "latest" "/opt/keycloak" "keycloak-*.tar.gz" + + msg_info "Updating ${APP}" + cd /opt + mv keycloak_conf_backup.tar.gz keycloak/conf + cp -r keycloak.old/providers keycloak + cp -r keycloak.old/themes keycloak + rm -rf keycloak.old + msg_ok "Updated ${APP} LXC" + + msg_info "Restating Keycloak" + systemctl restart keycloak + msg_ok "Restated Keycloak" + exit +} + +start +build_container +description + +msg_ok "Completed Successfully!\n" +echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}" +echo -e "${INFO}${YW} Access it using the following URL:${CL}" +echo -e "${TAB}${GATEWAY}${BGN}http://${IP}:8080/admin${CL}" +echo -e "${TAB}${GN}Temporary admin user:${BL}tmpadm${CL}" +echo -e "${TAB}${GN}Temporary admin password:${BL}admin123${CL}" +echo -e "${INFO}${YW} If you modified ${BL}cache-ispn.xml${YW}: Re-apply your changes to the new file, otherwise leave it unchanged.${CL}" diff --git a/install/keycloak-install.sh b/install/keycloak-install.sh new file mode 100644 index 00000000..6d1deb16 --- /dev/null +++ b/install/keycloak-install.sh @@ -0,0 +1,68 @@ +#!/usr/bin/env bash + +# Copyright (c) 2021-2025 community-scripts ORG +# Author: tteck (tteckster) | Co-Authors: Slaviša Arežina (tremor021), remz1337 +# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE +# Source: https://github.com/keycloak/keycloak + +source /dev/stdin <<<"$FUNCTIONS_FILE_PATH" +color +verb_ip6 +catch_errors +setting_up_container +network_check +update_os + +JAVA_VERSION=21 setup_java +PG_VERSION=16 setup_postgresql + +msg_info "Configuring PostgreSQL user" +DB_NAME="keycloak" +DB_USER="keycloak" +DB_PASS="$(openssl rand -base64 18 | tr -dc 'a-zA-Z0-9' | cut -c1-13)" +$STD sudo -u postgres psql -c "CREATE USER $DB_USER WITH PASSWORD '$DB_PASS';" +$STD sudo -u postgres psql -c "CREATE DATABASE $DB_NAME WITH OWNER $DB_USER ENCODING 'UTF8';" +$STD sudo -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE $DB_NAME TO $DB_USER;" +msg_ok "Configured PostgreSQL user" + +fetch_and_deploy_gh_release "keycloak" "keycloak/keycloak" "prebuild" "latest" "/opt/keycloak" "keycloak-*.tar.gz" + +msg_info "Creating Service" +cat </etc/systemd/system/keycloak.service +[Unit] +Description=Keycloak Service +Requires=network.target +After=syslog.target network-online.target + +[Service] +Type=idle +User=root +WorkingDirectory=/opt/keycloak +ExecStart=/opt/keycloak/bin/kc.sh start +ExecStop=/opt/keycloak/bin/kc.sh stop +Restart=always +RestartSec=3 +Environment="JAVA_HOME=/usr/lib/jvm/temurin-21-jdk-amd64" +Environment="KC_DB=postgres" +Environment="KC_DB_USERNAME=$DB_USER" +Environment="KC_DB_PASSWORD=$DB_PASS" +Environment="KC_HTTP_ENABLED=true" +Environment="KC_BOOTSTRAP_ADMIN_USERNAME=tmpadm" +Environment="KC_BOOTSTRAP_ADMIN_PASSWORD=admin123" +# Comment following line and uncomment the next 2 if working behind a reverse proxy +Environment="KC_HOSTNAME_STRICT=false" +#Environment="KC_HOSTNAME=keycloak.example.com" +#Environment="KC_PROXY_HEADERS=xforwarded" +[Install] +WantedBy=multi-user.target +EOF +systemctl enable -q --now keycloak +msg_ok "Created Service" + +motd_ssh +customize + +msg_info "Cleaning up" +$STD apt-get -y autoremove +$STD apt-get -y autoclean +msg_ok "Cleaned"