chore: keycloak-26
Some checks failed
/ ansible-semaphore (push) Successful in 2m0s
/ daliserver (push) Successful in 1m50s
/ forgejo (push) Successful in 3m37s
/ forgejo-runner (push) Successful in 1m23s
/ http-mqtt-bridge (push) Successful in 3m13s
/ keycloak-25 (push) Successful in 4m7s
/ keycloak-26 (push) Successful in 4m50s
/ linux-diversion-ath-regd-optional (push) Successful in 13m44s
/ lottieconverter (push) Successful in 54s
/ matterbridge (push) Successful in 2m24s
/ matrix-element-web (push) Successful in 2m33s
/ matrix-hydrogen (push) Successful in 1m11s
/ matrix.to (push) Successful in 4m7s
/ maubot (push) Successful in 6m40s
/ maubot-plugin-spaceapi (push) Successful in 1m20s
/ maubot-plugin-ultimaker (push) Successful in 1m34s
/ mautrix-signal (push) Successful in 1m3s
/ mautrix-telegram (push) Successful in 1m4s
/ mediawiki-extension-auth-remoteuser (push) Successful in 39s
/ mediawiki-extension-nativesvghandler (push) Successful in 35s
/ mediawiki-extension-openidconnect (push) Successful in 28s
/ mediawiki-extension-pluggableauth (push) Successful in 1m7s
/ mqtt2prometheus (push) Successful in 3m0s
/ prometheus-ipmi-exporter (push) Successful in 1m43s
/ prometheus-dnsbl-exporter (push) Successful in 1m30s
/ prometheus2influxdb (push) Successful in 52s
/ python3-mautrix (push) Successful in 1m10s
/ python3-telethon (push) Successful in 1m4s
/ repo.s3lph.me-apt-source (push) Successful in 42s
/ republik-feeder (push) Successful in 1m4s
/ ripe-atlas (push) Failing after 2m56s
/ woodpecker-agent (push) Successful in 1m35s
/ woodpecker-cli (push) Successful in 1m22s
Some checks failed
/ ansible-semaphore (push) Successful in 2m0s
/ daliserver (push) Successful in 1m50s
/ forgejo (push) Successful in 3m37s
/ forgejo-runner (push) Successful in 1m23s
/ http-mqtt-bridge (push) Successful in 3m13s
/ keycloak-25 (push) Successful in 4m7s
/ keycloak-26 (push) Successful in 4m50s
/ linux-diversion-ath-regd-optional (push) Successful in 13m44s
/ lottieconverter (push) Successful in 54s
/ matterbridge (push) Successful in 2m24s
/ matrix-element-web (push) Successful in 2m33s
/ matrix-hydrogen (push) Successful in 1m11s
/ matrix.to (push) Successful in 4m7s
/ maubot (push) Successful in 6m40s
/ maubot-plugin-spaceapi (push) Successful in 1m20s
/ maubot-plugin-ultimaker (push) Successful in 1m34s
/ mautrix-signal (push) Successful in 1m3s
/ mautrix-telegram (push) Successful in 1m4s
/ mediawiki-extension-auth-remoteuser (push) Successful in 39s
/ mediawiki-extension-nativesvghandler (push) Successful in 35s
/ mediawiki-extension-openidconnect (push) Successful in 28s
/ mediawiki-extension-pluggableauth (push) Successful in 1m7s
/ mqtt2prometheus (push) Successful in 3m0s
/ prometheus-ipmi-exporter (push) Successful in 1m43s
/ prometheus-dnsbl-exporter (push) Successful in 1m30s
/ prometheus2influxdb (push) Successful in 52s
/ python3-mautrix (push) Successful in 1m10s
/ python3-telethon (push) Successful in 1m4s
/ repo.s3lph.me-apt-source (push) Successful in 42s
/ republik-feeder (push) Successful in 1m4s
/ ripe-atlas (push) Failing after 2m56s
/ woodpecker-agent (push) Successful in 1m35s
/ woodpecker-cli (push) Successful in 1m22s
This commit is contained in:
parent
a0ad064a83
commit
cdf3074fbb
9 changed files with 165 additions and 1 deletions
|
@ -10,7 +10,7 @@ on:
|
|||
jobs:
|
||||
|
||||
# One step per package
|
||||
|
||||
|
||||
ansible-semaphore: &job
|
||||
runs-on: docker
|
||||
container:
|
||||
|
@ -39,6 +39,7 @@ jobs:
|
|||
forgejo-runner: *job
|
||||
http-mqtt-bridge: *job
|
||||
keycloak-25: *job
|
||||
keycloak-26: *job
|
||||
linux-diversion-ath-regd-optional: *job
|
||||
lottieconverter: *job
|
||||
matterbridge: *job
|
||||
|
|
|
@ -15,6 +15,7 @@ information, please see [https://repo.s3lph.me/](https://repo.s3lph.me/).
|
|||
- [forgejo-runner](https://code.forgejo.org/forgejo/runner)
|
||||
- [http-mqtt-bridge](https://github.com/subzerobo/http-mqtt-bridge)
|
||||
- [keycloak-25](https://github.com/keycloak/keycloak)
|
||||
- [keycloak-26](https://github.com/keycloak/keycloak)
|
||||
- [linux-diversion-ath-regd-optional](https://github.com/twisteroidambassador/arch-linux-ath-user-regd/issues/1)
|
||||
- [lottieconverter](https://github.com/sot-tech/LottieConverter)
|
||||
- [matrix-element-web](https://github.com/element-hq/element-web/)
|
||||
|
|
68
keycloak-26/build.sh
Executable file
68
keycloak-26/build.sh
Executable file
|
@ -0,0 +1,68 @@
|
|||
#!/bin/bash
|
||||
|
||||
set -exo pipefail
|
||||
|
||||
. ../.skel/helpers.sh
|
||||
|
||||
MAJOR_VERSION=26
|
||||
export PKGNAME="keycloak-${MAJOR_VERSION}"
|
||||
|
||||
API_URL="https://api.github.com/repos/keycloak/keycloak/releases"
|
||||
JQ_EXPR='.[] | select( .prerelease==false and .draft==false and .target_commitish=="main" ) | "\(.name) \(.published_at) \(.assets[] | select( .name|test("keycloak-'${MAJOR_VERSION}'.*.tar.gz$") ).browser_download_url)"'
|
||||
|
||||
ROOT=$(pwd)
|
||||
|
||||
function fetch() {
|
||||
cd "${SRCDIR}"
|
||||
wget "${URL}" --output-document "keycloak-${VERSION}.tar.gz"
|
||||
tar -xf "keycloak-${VERSION}.tar.gz"
|
||||
}
|
||||
|
||||
function prepare() {
|
||||
mkdir -p \
|
||||
"${PKGDIR}/DEBIAN" \
|
||||
"${PKGDIR}/opt/" \
|
||||
"${PKGDIR}/lib/systemd/system" \
|
||||
"${PKGDIR}/etc/apache2/sites-available" \
|
||||
"${PKGDIR}/usr/share/doc/${PKGNAME}"
|
||||
cp -r "${SRCDIR}/keycloak-${VERSION}" "${PKGDIR}/opt/keycloak/"
|
||||
mv "${PKGDIR}/opt/keycloak/conf" "${PKGDIR}/etc/keycloak/"
|
||||
ln -s /etc/keycloak "${PKGDIR}/opt/keycloak/conf"
|
||||
mkdir -p \
|
||||
"${PKGDIR}/opt/keycloak/data" \
|
||||
"${PKGDIR}/opt/keycloak/ObjectStore"
|
||||
rm "${PKGDIR}/opt/keycloak/bin/kc.bat" \
|
||||
"${PKGDIR}/etc/keycloak/README.md"
|
||||
cp "${ROOT}/debian.control" "${PKGDIR}/DEBIAN/control"
|
||||
cp "${ROOT}/debian.conffiles" "${PKGDIR}/DEBIAN/conffiles"
|
||||
cp "${ROOT}/debian.postinst" "${PKGDIR}/DEBIAN/postinst"
|
||||
cp "${ROOT}/keycloak.service" "${PKGDIR}/lib/systemd/system/"
|
||||
cp "${ROOT}/keycloak.site.conf" "${PKGDIR}/etc/apache2/sites-available/"
|
||||
sed -re "s/__VERSION__/${VERSION}/g" -i "${PKGDIR}/DEBIAN/control"
|
||||
sed -re "s/__MAINTAINER__/${MAINTAINER}/g" -i "${PKGDIR}/DEBIAN/control"
|
||||
cp "${ROOT}/debian.copyright" "${PKGDIR}/usr/share/doc/${PKGNAME}/copyright"
|
||||
github_changelog keycloak/keycloak
|
||||
find "${PKGDIR}" -exec touch -m --reference "${SRCDIR}/keycloak-${VERSION}/version.txt" {} \;
|
||||
}
|
||||
|
||||
function package() {
|
||||
cd "${BUILDDIR}"
|
||||
dpkg-deb --build "${PKGDIR}" "${BUILDDIR}"
|
||||
}
|
||||
|
||||
function build() {
|
||||
read VERSION ISODATE URL <<<$(curl "${API_URL}" | jq -r "${JQ_EXPR}" | head -1)
|
||||
export VERSION
|
||||
export ISODATE
|
||||
export URL
|
||||
export BUILDDIR=${ROOT}/build
|
||||
export SRCDIR=${ROOT}/build/srcdir
|
||||
export PKGDIR=${ROOT}/build/pkgdir
|
||||
mkdir -p ${SRCDIR} ${PKGDIR}
|
||||
fetch
|
||||
prepare
|
||||
package
|
||||
}
|
||||
|
||||
|
||||
build
|
3
keycloak-26/debian.conffiles
Normal file
3
keycloak-26/debian.conffiles
Normal file
|
@ -0,0 +1,3 @@
|
|||
/etc/apache2/sites-available/keycloak.site.conf
|
||||
/etc/keycloak/cache-ispn.xml
|
||||
/etc/keycloak/keycloak.conf
|
16
keycloak-26/debian.control
Normal file
16
keycloak-26/debian.control
Normal file
|
@ -0,0 +1,16 @@
|
|||
Package: keycloak-26
|
||||
Version: __VERSION__
|
||||
Maintainer: __MAINTAINER__
|
||||
Section: web
|
||||
Priority: optional
|
||||
Architecture: all
|
||||
Depends: default-jdk-headless (>=2:1.17), default-jdk-headless (<<2:1.22)
|
||||
Suggests: apache2, postgresql
|
||||
Provides: keycloak
|
||||
Conflicts: keycloak
|
||||
Replaces: keycloak
|
||||
Description: Open Source Identity and Access Management
|
||||
Add authentication to applications and secure services with minimum
|
||||
effort. No need to deal with storing users or authenticating users.
|
||||
Keycloak provides user federation, strong authentication, user
|
||||
management, fine-grained authorization, and more.
|
6
keycloak-26/debian.copyright
Normal file
6
keycloak-26/debian.copyright
Normal file
|
@ -0,0 +1,6 @@
|
|||
Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
|
||||
Source: https://github.com/keycloak/keycloak
|
||||
|
||||
Files: *
|
||||
License: Apache-2.0
|
||||
|
22
keycloak-26/debian.postinst
Executable file
22
keycloak-26/debian.postinst
Executable file
|
@ -0,0 +1,22 @@
|
|||
#!/bin/bash
|
||||
|
||||
set -e
|
||||
|
||||
if [[ "$1" == "configure" ]]; then
|
||||
|
||||
if ! getent group keycloak >/dev/null; then
|
||||
groupadd --system keycloak
|
||||
fi
|
||||
|
||||
if ! getent passwd keycloak >/dev/null; then
|
||||
useradd --system --gid keycloak --home-dir /opt/keycloak --shell /bin/false keycloak
|
||||
fi
|
||||
|
||||
chown root:keycloak /opt/keycloak /etc/keycloak
|
||||
chown keycloak:keycloak -R /opt/keycloak/lib/quarkus /opt/keycloak/data /opt/keycloak/ObjectStore
|
||||
chmod 0750 /etc/keycloak
|
||||
|
||||
deb-systemd-helper enable keycloak.service
|
||||
deb-systemd-invoke restart keycloak.service
|
||||
|
||||
fi
|
16
keycloak-26/keycloak.service
Normal file
16
keycloak-26/keycloak.service
Normal file
|
@ -0,0 +1,16 @@
|
|||
[Unit]
|
||||
Description=Keycloak
|
||||
#Requires=mysql.service
|
||||
#Requires=mariadb.service
|
||||
#Requires=postgresql.service
|
||||
|
||||
[Service]
|
||||
ExecStart=/opt/keycloak/bin/kc.sh start
|
||||
Restart=always
|
||||
User=keycloak
|
||||
Group=keycloak
|
||||
WorkingDirectory=/opt/keycloak
|
||||
CapabilityBoundingSet=
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
31
keycloak-26/keycloak.site.conf
Normal file
31
keycloak-26/keycloak.site.conf
Normal file
|
@ -0,0 +1,31 @@
|
|||
<VirtualHost *:80>
|
||||
|
||||
ServerName keycloak.example.org
|
||||
|
||||
DocumentRoot /var/www/html
|
||||
|
||||
ProxyPass /js/ http://localhost:8080/js/
|
||||
ProxyPassReverse /js/ http://localhost:8080/js/
|
||||
ProxyPass /realms/ http://localhost:8080/realms/
|
||||
ProxyPassReverse /realms/ http://localhost:8080/realms/
|
||||
ProxyPass /resources/ http://localhost:8080/resources/
|
||||
ProxyPassReverse /resources/ http://localhost:8080/resources/
|
||||
|
||||
# Redirect root to user account management
|
||||
RewriteEngine on
|
||||
RewriteRule ^/?$ /realms/EXAMPLE/account [L,R]
|
||||
|
||||
## Test client that dumps the id_token
|
||||
#OIDCProviderMetadataURL https://keycloak.example.org/realms/EXAMPLE/.well-known/openid-configuration
|
||||
#OIDCClientID foo
|
||||
#OIDCClientSecret bar
|
||||
#OIDCRedirectURI https://keycloak.example.org/test-client/redirect
|
||||
#OIDCCryptoPassphrase supersecurepassword
|
||||
#OIDCInfoHook id_token
|
||||
#<Location /test-client>
|
||||
# AuthType openid-connect
|
||||
# Require valid-user
|
||||
# RewriteRule .* /test-client/redirect?info=html
|
||||
#</Location>
|
||||
|
||||
</VirtualHost>
|
Loading…
Reference in a new issue