chore: keycloak-25
Some checks failed
/ ansible-semaphore (push) Failing after 15s
/ atlasswprobe (push) Successful in 4m10s
/ daliserver (push) Successful in 2m19s
/ forgejo (push) Has been cancelled
/ forgejo-runner (push) Successful in 1m39s
/ http-mqtt-bridge (push) Successful in 5m6s
/ keycloak-24 (push) Has been cancelled
/ keycloak-25 (push) Has been cancelled
/ linux-diversion-ath-regd-optional (push) Has been cancelled
/ lottieconverter (push) Successful in 1m6s
/ matterbridge (push) Successful in 4m3s
/ matrix-element-web (push) Failing after 51s
/ matrix-hydrogen (push) Successful in 1m24s
/ matrix.to (push) Has been cancelled
/ maubot (push) Has been cancelled
/ maubot-plugin-spaceapi (push) Successful in 2m16s
/ maubot-plugin-ultimaker (push) Successful in 2m16s
/ mautrix-signal (push) Successful in 51s
/ mautrix-telegram (push) Has been cancelled
/ mediawiki-extension-auth-remoteuser (push) Has been cancelled
/ mediawiki-extension-nativesvghandler (push) Has been cancelled
/ mediawiki-extension-openidconnect (push) Has been cancelled
/ mediawiki-extension-pluggableauth (push) Has been cancelled
/ mqtt2prometheus (push) Has been cancelled
/ prometheus-ipmi-exporter (push) Has been cancelled
/ prometheus-dnsbl-exporter (push) Has been cancelled
/ prometheus2influxdb (push) Has been cancelled
/ python3-mautrix (push) Has been cancelled
/ python3-telethon (push) Has been cancelled
/ repo.s3lph.me-apt-source (push) Has been cancelled
/ republik-feeder (push) Has been cancelled
/ woodpecker-agent (push) Has been cancelled
/ woodpecker-cli (push) Has been cancelled

This commit is contained in:
s3lph 2024-06-10 22:53:37 +02:00
parent 85156fa87b
commit b558446308
Signed by: s3lph
GPG key ID: 0AA29A52FB33CFB5
9 changed files with 164 additions and 0 deletions

View file

@ -40,6 +40,7 @@ jobs:
forgejo-runner: *job forgejo-runner: *job
http-mqtt-bridge: *job http-mqtt-bridge: *job
keycloak-24: *job keycloak-24: *job
keycloak-25: *job
linux-diversion-ath-regd-optional: *job linux-diversion-ath-regd-optional: *job
lottieconverter: *job lottieconverter: *job
matterbridge: *job matterbridge: *job

View file

@ -16,6 +16,7 @@ information, please see [https://repo.s3lph.me/](https://repo.s3lph.me/).
- [forgejo-runner](https://code.forgejo.org/forgejo/runner) - [forgejo-runner](https://code.forgejo.org/forgejo/runner)
- [http-mqtt-bridge](https://github.com/subzerobo/http-mqtt-bridge) - [http-mqtt-bridge](https://github.com/subzerobo/http-mqtt-bridge)
- [keycloak-24](https://github.com/keycloak/keycloak) - [keycloak-24](https://github.com/keycloak/keycloak)
- [keycloak-25](https://github.com/keycloak/keycloak)
- [linux-diversion-ath-regd-optional](https://github.com/twisteroidambassador/arch-linux-ath-user-regd/issues/1) - [linux-diversion-ath-regd-optional](https://github.com/twisteroidambassador/arch-linux-ath-user-regd/issues/1)
- [lottieconverter](https://github.com/sot-tech/LottieConverter) - [lottieconverter](https://github.com/sot-tech/LottieConverter)
- [matrix-element-web](https://github.com/element-hq/element-web/) - [matrix-element-web](https://github.com/element-hq/element-web/)

68
keycloak-25/build.sh Executable file
View file

@ -0,0 +1,68 @@
#!/bin/bash
set -exo pipefail
. ../.skel/helpers.sh
MAJOR_VERSION=25
export PKGNAME="keycloak-${MAJOR_VERSION}"
API_URL="https://api.github.com/repos/keycloak/keycloak/releases"
JQ_EXPR='.[] | select( .prerelease==false and .draft==false and .target_commitish=="main" ) | "\(.name) \(.published_at) \(.assets[] | select( .name|test("keycloak-'${MAJOR_VERSION}'.*.tar.gz$") ).browser_download_url)"'
ROOT=$(pwd)
function fetch() {
cd "${SRCDIR}"
wget "${URL}" --output-document "keycloak-${VERSION}.tar.gz"
tar -xf "keycloak-${VERSION}.tar.gz"
}
function prepare() {
mkdir -p \
"${PKGDIR}/DEBIAN" \
"${PKGDIR}/opt/" \
"${PKGDIR}/lib/systemd/system" \
"${PKGDIR}/etc/apache2/sites-available" \
"${PKGDIR}/usr/share/doc/${PKGNAME}"
cp -r "${SRCDIR}/keycloak-${VERSION}" "${PKGDIR}/opt/keycloak/"
mv "${PKGDIR}/opt/keycloak/conf" "${PKGDIR}/etc/keycloak/"
ln -s /etc/keycloak "${PKGDIR}/opt/keycloak/conf"
mkdir -p \
"${PKGDIR}/opt/keycloak/data" \
"${PKGDIR}/opt/keycloak/ObjectStore"
rm "${PKGDIR}/opt/keycloak/bin/kc.bat" \
"${PKGDIR}/etc/keycloak/README.md"
cp "${ROOT}/debian.control" "${PKGDIR}/DEBIAN/control"
cp "${ROOT}/debian.conffiles" "${PKGDIR}/DEBIAN/conffiles"
cp "${ROOT}/debian.postinst" "${PKGDIR}/DEBIAN/postinst"
cp "${ROOT}/keycloak.service" "${PKGDIR}/lib/systemd/system/"
cp "${ROOT}/keycloak.site.conf" "${PKGDIR}/etc/apache2/sites-available/"
sed -re "s/__VERSION__/${VERSION}/g" -i "${PKGDIR}/DEBIAN/control"
sed -re "s/__MAINTAINER__/${MAINTAINER}/g" -i "${PKGDIR}/DEBIAN/control"
cp "${ROOT}/debian.copyright" "${PKGDIR}/usr/share/doc/${PKGNAME}/copyright"
github_changelog keycloak/keycloak
find "${PKGDIR}" -exec touch -m --reference "${SRCDIR}/keycloak-${VERSION}/version.txt" {} \;
}
function package() {
cd "${BUILDDIR}"
dpkg-deb --build "${PKGDIR}" "${BUILDDIR}"
}
function build() {
read VERSION ISODATE URL <<<$(curl "${API_URL}" | jq -r "${JQ_EXPR}" | head -1)
export VERSION
export ISODATE
export URL
export BUILDDIR=${ROOT}/build
export SRCDIR=${ROOT}/build/srcdir
export PKGDIR=${ROOT}/build/pkgdir
mkdir -p ${SRCDIR} ${PKGDIR}
fetch
prepare
package
}
build

View file

@ -0,0 +1,3 @@
/etc/apache2/sites-available/keycloak.site.conf
/etc/keycloak/cache-ispn.xml
/etc/keycloak/keycloak.conf

View file

@ -0,0 +1,16 @@
Package: keycloak-25
Version: __VERSION__
Maintainer: __MAINTAINER__
Section: web
Priority: optional
Architecture: all
Depends: default-jdk-headless (>=2:1.17), default-jdk-headless (<<2:1.22)
Suggests: apache2, postgresql
Provides: keycloak
Conflicts: keycloak
Replaces: keycloak
Description: Open Source Identity and Access Management
Add authentication to applications and secure services with minimum
effort. No need to deal with storing users or authenticating users.
Keycloak provides user federation, strong authentication, user
management, fine-grained authorization, and more.

View file

@ -0,0 +1,6 @@
Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
Source: https://github.com/keycloak/keycloak
Files: *
License: Apache-2.0

22
keycloak-25/debian.postinst Executable file
View file

@ -0,0 +1,22 @@
#!/bin/bash
set -e
if [[ "$1" == "configure" ]]; then
if ! getent group keycloak >/dev/null; then
groupadd --system keycloak
fi
if ! getent passwd keycloak >/dev/null; then
useradd --system --gid keycloak --home-dir /opt/keycloak --shell /bin/false keycloak
fi
chown root:keycloak /opt/keycloak /etc/keycloak
chown keycloak:keycloak -R /opt/keycloak/lib/quarkus /opt/keycloak/data /opt/keycloak/ObjectStore
chmod 0750 /etc/keycloak
deb-systemd-helper enable keycloak.service
deb-systemd-invoke restart keycloak.service
fi

View file

@ -0,0 +1,16 @@
[Unit]
Description=Keycloak
#Requires=mysql.service
#Requires=mariadb.service
#Requires=postgresql.service
[Service]
ExecStart=/opt/keycloak/bin/kc.sh start
Restart=always
User=keycloak
Group=keycloak
WorkingDirectory=/opt/keycloak
CapabilityBoundingSet=
[Install]
WantedBy=multi-user.target

View file

@ -0,0 +1,31 @@
<VirtualHost *:80>
ServerName keycloak.example.org
DocumentRoot /var/www/html
ProxyPass /js/ http://localhost:8080/js/
ProxyPassReverse /js/ http://localhost:8080/js/
ProxyPass /realms/ http://localhost:8080/realms/
ProxyPassReverse /realms/ http://localhost:8080/realms/
ProxyPass /resources/ http://localhost:8080/resources/
ProxyPassReverse /resources/ http://localhost:8080/resources/
# Redirect root to user account management
RewriteEngine on
RewriteRule ^/?$ /realms/EXAMPLE/account [L,R]
## Test client that dumps the id_token
#OIDCProviderMetadataURL https://keycloak.example.org/realms/EXAMPLE/.well-known/openid-configuration
#OIDCClientID foo
#OIDCClientSecret bar
#OIDCRedirectURI https://keycloak.example.org/test-client/redirect
#OIDCCryptoPassphrase supersecurepassword
#OIDCInfoHook id_token
#<Location /test-client>
# AuthType openid-connect
# Require valid-user
# RewriteRule .* /test-client/redirect?info=html
#</Location>
</VirtualHost>