Add regular-expression filter under /etc/fail2ban/filter.d/keycloak.conf:
[INCLUDES]
before = common.conf
[Definition]
_threadName = [a-z][-_0-9a-z]*(\s[a-z][-_0-9a-z]*)*
_userId = (null|[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})
| pm uninstall -k --user 0 com.google.android.apps.tachyon && | |
| pm uninstall -k --user 0 com.google.android.music && | |
| pm uninstall -k --user 0 com.google.android.apps.docs.editors.sheets && | |
| pm uninstall -k --user 0 com.google.android.apps.docs.editors.slides && | |
| pm uninstall -k --user 0 com.google.android.apps.docs.editors.docs && | |
| pm uninstall -k --user 0 com.google.android.videos && | |
| pm uninstall -k --user 0 com.android.gallery3d && | |
| pm uninstall -k --user 0 com.android.calendar && | |
| pm uninstall -k --user 0 com.evernote && | |
| pm uninstall -k --user 0 com.evernote.promohelper && |
| # Adapted from https://developers.yubico.com/ykneo-openpgp/ResetApplet.html | |
| gpg-connect-agent <<EOF | |
| /hex | |
| scd serialno | |
| scd apdu 00 20 00 81 08 40 40 40 40 40 40 40 40 | |
| scd apdu 00 20 00 81 08 40 40 40 40 40 40 40 40 | |
| scd apdu 00 20 00 81 08 40 40 40 40 40 40 40 40 | |
| scd apdu 00 20 00 81 08 40 40 40 40 40 40 40 40 | |
| scd apdu 00 20 00 83 08 40 40 40 40 40 40 40 40 | |
| scd apdu 00 20 00 83 08 40 40 40 40 40 40 40 40 |
| #!/bin/bash | |
| export TKN=$(curl -X POST 'http://localhost:8080/auth/realms/master/protocol/openid-connect/token' \ | |
| -H "Content-Type: application/x-www-form-urlencoded" \ | |
| -d "username=admin" \ | |
| -d 'password=admin' \ | |
| -d 'grant_type=password' \ | |
| -d 'client_id=admin-cli' | jq -r '.access_token') | |
| curl -X GET 'http://localhost:8080/auth/admin/realms' \ |
| { | |
| "description": "MyGroup allowed access to MyProject only", | |
| "context": { | |
| "application": "rundeck" | |
| }, | |
| "for": { | |
| "project": [ | |
| { | |
| "match": { | |
| "name": "MyProject" |
