Scalingo Keycloak buildpack

This buildpack aims at installing a Keycloak instance on Scalingo and let you configure it at your convenance.

Suitability of releases

Keycloak	Buildpack
< 17 (wildfly)	0.1.0
>= 17 (quarkus)	0.2.0
>= 23 (quarkus)	1.0.0

Usage

Add this buildpack environment variable to your Scalingo application to install the Keycloak server:

BUILDPACK_URL=https://github.com/MTES-MCT/keycloak-buildpack

Default version Keycloak is latest found in github releases, but you can choose another one:

scalingo env-set KEYCLOAK_VERSION=23.0.4

See Keycloak latest docs to use keycloak quarkus image server.

!!! HTTPS is mandatory in production mode 4

Configuration

You must have an add-on database postgresql.

Environment variables are listed in Keycloak quarkus configuration doc, starting with KC_

Add a user admin

In .env set these vars:

KEYCLOAK_ADMIN=your-admin-name
KEYCLOAK_ADMIN_PASSWORD=your-admin-password

then build again.

Export or import data

See Keycloak Admin CLI docs

With Scalingo CLI you can download or upload these files.

Hacking

Environment variables are set in a .env file. You copy the sample one:

cp .env.sample .env

Run an interactive docker scalingo stack 2:

docker run --name keycloak -it -p 8443:8443 -v "$(pwd)"/.env:/env/.env -v "$(pwd)":/buildpack scalingo/scalingo-22:latest bash

And test in it:

bash buildpack/bin/detect
bash buildpack/bin/env.sh /env/.env /env
bash buildpack/bin/compile /build /cache /env
build/java/bin/keytool -genkeypair -storepass password -storetype PKCS12 -keyalg RSA -keysize 2048 -dname "CN=server" -alias server -ext "SAN:c=DNS:localhost,IP:127.0.0.1" -keystore /build/keycloak/conf/server.keystore
bash buildpack/bin/release

Run Keycloak server:

export PATH=$PATH:/build/java/bin
export KEYCLOAK_ADMIN=
export KEYCLOAK_ADMIN_PASSWORD=
export KC_DB=postgres
export KC_HOSTNAME=localhost
export KC_HOSTNAME_PORT=8443
build/keycloak/bin/kc.sh --verbose start

You can also use docker-compose stack 3:

docker-compose up --build -d