Skip to content
This repository has been archived by the owner on Feb 22, 2024. It is now read-only.

Latest commit

 

History

History
154 lines (111 loc) · 3.88 KB

README.md

File metadata and controls

154 lines (111 loc) · 3.88 KB
Raw

DukeCon / Javaland KeyCloak Docker

Introduction

TBD

Add Theme(s)

If you would like to see a new theme, e.g., for a new conference, just go to the src/main/docker/themes folder and follow the appropriate instructions from the KeyCloak documentation.

Testing

If you want to test the provided DukeCon/Javaland (or you new) themes, perform the following steps:

Build Docker test image

mvn clean package -Plocaltest

Run Docker test image

docker run -ti --rm \
  --name keycloak-test \
  -e KEYCLOAK_USER=admin \
  -e KEYCLOAK_PASSWORD=admin123 \
  -e DB_VENDOR=H2 \
  -p 18080:8080 dukecon/dukecon-keycloak:1.4-SNAPSHOT

Wait a second for the Docker container to come up!

Attention: This runs the image in a temporary container (--rm flag). As soon as you press ctrl-c the container (and your changes) are gone. Drop the rm flag if you want to keep it for other tests. Then you need to perform a manual clean up (eg., docker rm keycloak-test).

Connect to Admin interface

Configure KeyCloak

  • Select the master realm (this is by default the only realm)
  • Switch to Login tab ** Set all options to off ** Save the settings! Configure Login
  • Switch to Themes tab ** Select javaland (or any other theme) as Login Theme Configure Themes Select Theme ** Save the settings!

Test new settings

  • Sign out Logout
  • You should see your new Login page KeyCloak Login JavaLand Theme

KeyCloak Admin Cheat Sheet

Docker Exec

If you want to perform some operations with the kcadm.sh script, e.g., bulk deletes of users, you could connect to the running docker container and start a shell.

docker exec -ti keycloak /bin/bash

In the shell session you may switch to the JBoss bin directory (all subsequent commands are executed from there).

cd /opt/jboss/keycloak/bin

Delete all users

I recommend to set an environment variable to refer to the realm you are working on

export REALM="javaland"

First you have to list all users

./kcadm.sh get users --format csv --noquotes -l 10000 -r ${REALM} > /tmp/${REALM}-users

Then I would recommend to create a batch file with all user endpoints

awk -F, '{print "users/"$1}' /tmp/${REALM}-users > /tmp/${REALM}-users-ids

Finally you could delete all of them in a loop

for i in `cat /tmp/${REALM}-users-ids`; do ./kcadm.sh delete $i -r ${REALM}; echo $i; done

Test with productive data

Execute Postgres

docker run -d \
    -e POSTGRES_DATABASE=keycloak \
    -e POSTGRES_USER=keycloak \
    -e POSTGRES_PASSWORD=test1234 \
    -e POSTGRES_ROOT_PASSWORD=test1234 \
    -p 127.0.0.1:5432:5432 \
    --name postgres-keycloak \
    postgres:9.6

Copy Data dump from your productive (or testing) system:

scp -p root@dukecon...:/data/backup/keycloak.sql .

Load data into local DB:

PGPASSWORD=test1234 psql -h 127.0.0.1 -U keycloak  keycloak < keycloak.sql

Start KeyCloak (in foreground, remove after stop/abort):

# Override imported DB_PORT (which is like 'tcp://172...')
docker run -ti --rm \
  --name keycloak-test \
  -e KEYCLOAK_USER=admin \
  -e KEYCLOAK_PASSWORD=admin123 \
  -e DB_VENDOR=postgres \
  -e DB_SCHEMA=public \
  -e DB_ADDR=db \
  -e DB_PORT=5432 \
  -e DB_USER=keycloak \
  -e DB_PASSWORD=test1234 \
  --link postgres-keycloak:db \
  -p 18080:8080 dukecon/dukecon-keycloak:1.4-SNAPSHOT