Skip to content

Instantly share code, notes, and snippets.

@chainhead

chainhead/keycloak-setup.md

Created May 2, 2020 02:39
Show Gist options
  • Star 4 You must be signed in to star a gist
  • Fork 3 You must be signed in to fork a gist
  • Save chainhead/923e01e47a518db0f6bf0ce3aa2801ea to your computer and use it in GitHub Desktop.
Save chainhead/923e01e47a518db0f6bf0ce3aa2801ea to your computer and use it in GitHub Desktop.
Download ZIP
Setting up Keycloak server
Raw
keycloak-setup.md

Introduction

Installation

Install Java

sudo apt-get update
sudo apt-get install -y default-jdk

Install Keycloak

echo 'export KEYCLOAK_VERSION=9.0.3' >> $HOME/.profile
mkdir -p /tmp/keycloak
cd /tmp/keycloak
wget -O keycloak-${KEYCLOAK_VERSION}.tar.gz https://downloads.jboss.org/keycloak/9.0.3/keycloak-${KEYCLOAK_VERSION}.tar.gz
sudo tar -C /opt -zxvf keycloak-${KEYCLOAK_VERSION}.tar.gz

Keycloak users

sudo groupadd keycloak
sudo useradd -r -g keycloak -d /opt/keycloak -s /sbin/nologin keycloak

Keycloak permissions

sudo chown -R keycloak:keycloak /opt/keycloak-${KEYCLOAK_VERSION}
sudo chmod -R o+rwx /opt/keycloak-${KEYCLOAK_VERSION}/

systemd service

sudo mkdir -p /etc/keycloak-${KEYCLOAK_VERSION}
sudo cp /opt/keycloak-${KEYCLOAK_VERSION}/docs/contrib/scripts/systemd/wildfly.conf /etc/keycloak-${KEYCLOAK_VERSION}/keycloak-${KEYCLOAK_VERSION}.conf

Copy launch script

sudo cp /opt/keycloak-${KEYCLOAK_VERSION}/docs/contrib/scripts/systemd/launch.sh /opt/keycloak-${KEYCLOAK_VERSION}/bin/
sudo chown keycloak:keycloak /opt/keycloak-${KEYCLOAK_VERSION}/bin/launch.sh

Edit launch.sh

sudo cp /dev/null /opt/keycloak-${KEYCLOAK_VERSION}/bin/launch.sh
sudo nano /opt/keycloak-${KEYCLOAK_VERSION}/bin/launch.sh
#!/bin/bash

if [ "x$WILDFLY_HOME" = "x" ]; then
    WILDFLY_HOME=/opt/keycloak-${KEYCLOAK_VERSION}
fi

if [[ "$1" == "domain" ]]; then
    $WILDFLY_HOME/bin/domain.sh -c $2 -b $3
else
    $WILDFLY_HOME/bin/standalone.sh -c $2 -b $3
fi

Copy service definition

sudo cp /opt/keycloak-${KEYCLOAK_VERSION}/docs/contrib/scripts/systemd/wildfly.service /etc/systemd/system/keycloak-${KEYCLOAK_VERSION}.service

Keycloak service

sudo cp /dev/null /etc/systemd/system/keycloak-${KEYCLOAK_VERSION}.service
sudo nano /etc/systemd/system/keycloak-${KEYCLOAK_VERSION}.service
[Unit]
Description=The Keycloak Server
After=syslog.target network.target
Before=httpd.service

[Service]
Environment=LAUNCH_JBOSS_IN_BACKGROUND=1
Environment=KEYCLOAK_VERSION=${KEYCLOAK_VERSION}
EnvironmentFile=/etc/keycloak-${KEYCLOAK_VERSION}/keycloak-${KEYCLOAK_VERSION}.conf
User=keycloak
Group=keycloak
LimitNOFILE=102642
PIDFile=/var/run/keycloak-${KEYCLOAK_VERSION}/keycloak-${KEYCLOAK_VERSION}.pid
ExecStart=/opt/keycloak-${KEYCLOAK_VERSION}/bin/launch.sh $WILDFLY_MODE $WILDFLY_CONFIG $WILDFLY_BIND
StandardOutput=null

[Install]
WantedBy=multi-user.target

Service

sudo systemctl daemon-reload
sudo systemctl enable keycloak-${KEYCLOAK_VERSION}
sudo systemctl start keycloak-${KEYCLOAK_VERSION}

sudo systemctl restart keycloak-${KEYCLOAK_VERSION}
sudo systemctl status keycloak-${KEYCLOAK_VERSION}
sudo systemctl disable keycloak-${KEYCLOAK_VERSION}

Administration

cd /opt/keycloak-${KEYCLOAK_VERSION}/bin
./add-user-keycloak.sh -r master -u masteradmin -p Mast3r.Adm1n
sudo systemctl restart keycloak-${KEYCLOAK_VERSION}

./kcadm.sh config credentials --server http://localhost:8080/auth --realm master --user <admin-username>  –-password <admin-password>
./kcadm.sh update realms/master -s sslRequired=NONE

Realm administration

Realm management

  • Add a new realm - plant1.
  • Disable SSL for realm.
  • Clearing caches
  • Email settings
  • Themes

User management

  • Add a new group
  • Add a new user
@Eng-Fouad
Copy link

See: https://stackoverflow.com/a/75991067/597657

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment