nc-env/templates/template03-keycloak/provision.sh at 31091764ba237eb769db8f1813707fa6af479762

Fork: 0
pmarini / nc-env
Find file
Newer
Older
nc-env / templates / template03-keycloak / provision.sh
pmarini on 13 Apr 2022 3 KB initial commit
Raw Blame History
#!/bin/bash

timedatectl set-timezone Europe/Madrid

start_time=`date`
  
echo "provisioning started: ${start_time}" 

MACHINE_HOSTNAME=keycloak-test.localenv.com

KEYCLOAK_USER=kck

KEYCLOAK_VERSION=14.0.0

KEYCLOAK_INSTALLER_VERSION=keycloak-${KEYCLOAK_VERSION}

NETWORK_INTERFACE=eth0

hostnamectl set-hostname ${MACHINE_HOSTNAME}

# Print some information about the container OS
hostnamectl

# Print some information about the container timezone
timedatectl

#####################################################################
## Get the IP address into an environment variable. This command outputs 
## an empty variable if the network interface name is not ${NETWORK_INTERFACE}
#####################################################################
ip_address=`ip -4 addr show ${NETWORK_INTERFACE} | grep -oP '(?<=inet\s)\d+(\.\d+){3}'`

adduser --disabled-password --gecos GECOS ${KEYCLOAK_USER}
 
usermod -p "`openssl passwd -1  -salt 5RPVAd ${KEYCLOAK_USER}`" ${KEYCLOAK_USER}
 
adduser ${KEYCLOAK_USER} sudo

apt update
 
apt install  -y  default-jdk 

tar -xzf /vagrant/artifacts/${KEYCLOAK_INSTALLER_VERSION}.tar.gz

mv ${KEYCLOAK_INSTALLER_VERSION} /opt
 
 ln -s /opt/${KEYCLOAK_INSTALLER_VERSION}  /opt/keycloak
 
chown -R kck.kck /opt/${KEYCLOAK_INSTALLER_VERSION}

mkdir /etc/keycloak

cp /opt/keycloak/docs/contrib/scripts/systemd/wildfly.conf /etc/keycloak/keycloak.conf

cp /vagrant/artifacts/launch.sh /opt/keycloak/bin/

chown kck.kck /opt/keycloak/bin/launch.sh 

chmod u+x /opt/keycloak/bin/launch.sh 
   
cp /vagrant/artifacts/keycloak.service /etc/systemd/system/keycloak.service

export CAROOT=/vagrant/artifacts/

/vagrant/artifacts/mkcert -install

/vagrant/artifacts/mkcert  --cert-file /tmp/fullchain.pem --key-file /tmp/privatekey.pem "${MACHINE_HOSTNAME}"

openssl pkcs12 -export -inkey /tmp/privatekey.pem -in  /tmp/fullchain.pem -out /tmp/kc.pkcs12 -passout 'pass:changeit'

keytool -importkeystore -srckeystore  /tmp/kc.pkcs12  -srcstoretype pkcs12 -destkeystore /opt/keycloak/standalone/configuration/kc.jks -deststoretype JKS -storepass changeit -srcstorepass changeit

cp /vagrant/artifacts/standalone.xml /opt/keycloak/standalone/configuration/

chown ${KEYCLOAK_USER}.${KEYCLOAK_USER}  /opt/keycloak/standalone/configuration/standalone.xml  /opt/keycloak/standalone/configuration/kc.jks
 
systemctl daemon-reload
 
systemctl enable keycloak

/opt/keycloak/bin/add-user-keycloak.sh -u admin -p admin

systemctl start keycloak

systemctl status keycloak

end_time=`date`

echo "This container has IP (interface: ${NETWORK_INTERFACE}): ${ip_address}"

echo "If you add this IP to the hostname (${MACHINE_HOSTNAME}) in your hosts file:"

echo "	You can connect with user ${KEYCLOAK_USER} via ssh (password ${KEYCLOAK_USER}): ssh ${KEYCLOAK_USER}@${MACHINE_HOSTNAME}"

echo "	Your Keycloak Server instance is  accessible via the following URL: https://${MACHINE_HOSTNAME}:8443"

echo " 	The admin panel is accessible with user 'admin' and password 'admin'"

echo "provisioning started: ${start_time}" 
 
echo "provisioning ended: ${end_time}"