Keycloak Deployment Script (standalone for test)

Makefile.keycloak

all: cert keycloak

cert:
	mkdir certs
	openssl req -x509 -newkey rsa:2048 -keyout certs/ca-key.pem \
	  -out certs/ca.pem -days 3650 -nodes -subj "/CN=auth.alicek106.com"
	openssl req -newkey rsa:2048 -days 3600 -nodes -keyout certs/server-key.pem -out certs/server-req.pem \
	  -subj "/CN=mysql"
	openssl x509 -req -in certs/server-req.pem -days 3600  -CA certs/ca.pem -CAkey certs/ca-key.pem \
	  -set_serial 01 -out certs/server-cert.pem
	chown 999:docker certs/*


keycloak:
	docker network create keycloak;
	docker run -d \
	  -v `pwd`/docker.cnf:/etc/mysql/conf.d/docker.cnf \
	  -v `pwd`/certs:/etc/certs \
	  --name mysql \
	  --restart=always \
	  --network keycloak \
	  --hostname mysql \
	  -e MYSQL_ROOT_PASSWORD=1q2w3e4r \
	  -e MYSQL_DATABASE=keycloak \
	  mysql:5.7;

	docker run \
	  -d \
	  --restart=always \
	  --name keycloak \
	  --hostname keycloak \
	  -p "8080:8080" \
	  -p "7600:7600" \
	  -e TZ=Asia/Seoul  \
	  -e DB_VENDOR=mysql \
	  -e DB_ADDR=mysql \
	  -e DB_PORT=3306 \
	  -e DB_DATABASE=keycloak \
	  -e DB_USER=root \
	  -e DB_PASSWORD=1q2w3e4r \
	  -e PROXY_ADDRESS_FORWARDING=true \
	  --network keycloak \
	  "jboss/keycloak:7.0.0" \
	  -Dkeycloak.profile.feature.token_exchange=enabled \
	  -Dkeycloak.profile.feature.admin_fine_grained_authz=enabled

create-user:
	docker exec keycloak keycloak/bin/add-user-keycloak.sh -r master -u admin -p 12qw34er
	docker restart keycloak

clean:
	docker rm -f mysql keycloak | true;
	docker network rm keycloak | true;
	rm -rf certs

.PHONY: keycloak clean

To changes :

• cert : CN
• all passwords (db, admin)