Commit 3c33184b authored by Marco Descher's avatar Marco Descher

[20760] Mult updates and keycloak config strategy

parent 57496615
Pipeline #15378 failed with stages
in 9 minutes and 4 seconds
......@@ -37,6 +37,7 @@ RDBMS_TYPE=mysql
RDBMS_KEYCLOAK_DATABASE=ee_keycloak
RDBMS_KEYCLOAK_USERNAME=ee_keycloak
RDBMS_KEYCLOAK_PASSWORD=ee_keycloak
RDBMS_KEYCLOAK_JDBC_PARAMETER_STRING="useSSL=false&serverTimezone=Europe/Zurich"
# Elexis Database (if ENABLE_ELEXIS_SERVER in 3)
RDBMS_ELEXIS_DATABASE=ee_elexis
......
......@@ -24,6 +24,7 @@ services:
- DB_DATABASE=$RDBMS_KEYCLOAK_DATABASE
- DB_USER=$RDBMS_KEYCLOAK_USERNAME
- DB_PASSWORD=$RDBMS_KEYCLOAK_PASSWORD
- JDBC_PARAMS=$RDBMS_KEYCLOAK_JDBC_PARAMETER_STRING
- KEYCLOAK_HOSTNAME=$EE_HOSTNAME
- KEYCLOAK_USER=KeycloakAdmin # Fallback local admin
- KEYCLOAK_PASSWORD=$ADMIN_PASSWORD
......
......@@ -3,7 +3,7 @@ version: '3'
services:
rocketchat:
image: rocket.chat:2.4
image: rocket.chat:3.4
command: bash -c 'for i in `seq 1 30`; do node main.js && s=$$? && break || s=$$?; echo "Tried $$i times. Waiting 5 secs..."; sleep 5; done; (exit $$s)'
restart: unless-stopped
volumes:
......
#!/bin/bash
V=10.0.2
KCADM=/$V/kcadm.sh
S="[KEYCLOAK]"
T=$S
function getClientId () {
$KCADM get clients -r ElexisEnvironment --format csv --fields id,clientId --noquotes | grep $1 | cut -d "," -f1
}
# create or update a role for a client
# $1 client id
# $2 role name
# $3 params
function createOrUpdateClientRole () {
CLIENT_ROLE_ID=$($KCADM get-roles -r ElexisEnvironment --cid $1 --format csv --fields id,name --noquotes | grep ,$2$ | cut -d "," -f1)
if [ -z $CLIENT_ROLE_ID ];
then
echo -n "$T create role [$2]"
$KCADM create clients/$1/roles -r ElexisEnvironment -s name=$2 -s "$3"
else
echo "$T update client role [$2]"
$KCADM update clients/$1/roles/$2 -r ElexisEnvironment -s "$3"
fi
}
\ No newline at end of file
FROM jboss/keycloak:8.0.2
FROM jboss/keycloak:10.0.2
USER jboss
RUN sed -i -e 's/<web-context>auth<\/web-context>/<web-context>keycloak\/auth<\/web-context>/' $JBOSS_HOME/standalone/configuration/standalone.xml &&\
sed -i -e 's/<web-context>auth<\/web-context>/<web-context>keycloak\/auth<\/web-context>/' $JBOSS_HOME/standalone/configuration/standalone-ha.xml &&\
......
# Files unique to this site installation
These files are partially generated out of `../.env` and MUST NOTt be deleted. Do not manually alter these files.
These files are partially generated out of `../.env` and MUST NOT be deleted. Do not manually alter these files.
## Expected contents
* `myserver.*` files that can be used to generate an SSL certificate
* `dhparam.pem` Diffie-Hellman parameter for DHE ciphersuites, [self-generated](https://www.howtoforge.com/tutorial/how-to-protect-your-debian-and-ubuntu-server-against-the-logjam-attack/)
* `bootstrap.ldif` LDAP configuration file generated for this site from `bootstrap.ldif.template`
* `certificate.crt` and `certificate.key` HTTPS certificates used by the webserver, see the main documentation on acquiring this
* `backup` directory contains files generated by `ee system backup`
\ No newline at end of file
* `backup/` directory contains files generated by `ee system backup`
* other files depending on the services activated
* `certificate.crt` and `certificate.key` HTTPS certificates used by the webserver, see the main documentation on acquiring this
\ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment