Merge pull request #140406 from mkg20001/mvn

author: Maciej Krüger <mkg20001@gmail.com> 2022-03-25 15:08:44 +0100
committer: GitHub <noreply@github.com> 2022-03-25 15:08:44 +0100
commit: 511e56d76cf528afcbff2e5c7930a791e5484eee (patch)
tree: 36d7554a5c94c6f17743ef707ec3417f135ffa63 /nixos/modules
parent: d6e2e39a6e5998e4ad4cbd9d422835b365dfa763 (diff)
parent: 6f5636223cf615d2c304c8335ee072726d775191 (diff)
download: nixlib-511e56d76cf528afcbff2e5c7930a791e5484eee.tar
nixlib-511e56d76cf528afcbff2e5c7930a791e5484eee.tar.gz
nixlib-511e56d76cf528afcbff2e5c7930a791e5484eee.tar.bz2
nixlib-511e56d76cf528afcbff2e5c7930a791e5484eee.tar.lz
nixlib-511e56d76cf528afcbff2e5c7930a791e5484eee.tar.xz
nixlib-511e56d76cf528afcbff2e5c7930a791e5484eee.tar.zst
nixlib-511e56d76cf528afcbff2e5c7930a791e5484eee.zip
1 files changed, 19 insertions, 1 deletions
diff --git a/nixos/modules/services/web-apps/keycloak.nix b/nixos/modules/services/web-apps/keycloak.nix
index 22c16be76139..c4a2127663a9 100644
--- a/nixos/modules/services/web-apps/keycloak.nix
+++ b/nixos/modules/services/web-apps/keycloak.nix
@@ -129,6 +129,14 @@ in
         '';
       };
 
+      plugins = lib.mkOption {
+        type = lib.types.listOf lib.types.path;
+        default = [];
+        description = ''
+          Keycloak plugin jar, ear files or derivations with them
+        '';
+      };
+
       database = {
         type = mkOption {
           type = enum [ "mysql" "postgresql" ];
@@ -787,6 +795,14 @@ in
 
               umask u=rwx,g=,o=
 
+              install_plugin() {
+                if [ -d "$1" ]; then
+                  find "$1" -type f \( -iname \*.ear -o -iname \*.jar \) -exec install -m 0500 -o keycloak -g keycloak "{}" "/run/keycloak/deployments/" \;
+                else
+                  install -m 0500 -o keycloak -g keycloak "$1" "/run/keycloak/deployments/"
+                fi
+              }
+
               install -m 0600 ${cfg.package}/standalone/configuration/*.properties /run/keycloak/configuration
               install -T -m 0600 ${keycloakConfig} /run/keycloak/configuration/standalone.xml
 
@@ -794,7 +810,9 @@ in
 
               export JAVA_OPTS=-Djboss.server.config.user.dir=/run/keycloak/configuration
               add-user-keycloak.sh -u admin -p '${cfg.initialAdminPassword}'
-            '' + optionalString (cfg.sslCertificate != null && cfg.sslCertificateKey != null) ''
+            ''
+            + lib.optionalString (cfg.plugins != []) (lib.concatStringsSep "\n" (map (pl: "install_plugin ${lib.escapeShellArg pl}") cfg.plugins)) + "\n"
+            + optionalString (cfg.sslCertificate != null && cfg.sslCertificateKey != null) ''
               pushd /run/keycloak/ssl/
               cat "$CREDENTIALS_DIRECTORY/ssl_cert" <(echo) \
                   "$CREDENTIALS_DIRECTORY/ssl_key" <(echo) \
author	Maciej Krüger <mkg20001@gmail.com>	2022-03-25 15:08:44 +0100
committer	GitHub <noreply@github.com>	2022-03-25 15:08:44 +0100
commit	511e56d76cf528afcbff2e5c7930a791e5484eee (patch)
tree	36d7554a5c94c6f17743ef707ec3417f135ffa63 /nixos/modules
parent	d6e2e39a6e5998e4ad4cbd9d422835b365dfa763 (diff)
parent	6f5636223cf615d2c304c8335ee072726d775191 (diff)
download	nixlib-511e56d76cf528afcbff2e5c7930a791e5484eee.tar nixlib-511e56d76cf528afcbff2e5c7930a791e5484eee.tar.gz nixlib-511e56d76cf528afcbff2e5c7930a791e5484eee.tar.bz2 nixlib-511e56d76cf528afcbff2e5c7930a791e5484eee.tar.lz nixlib-511e56d76cf528afcbff2e5c7930a791e5484eee.tar.xz nixlib-511e56d76cf528afcbff2e5c7930a791e5484eee.tar.zst nixlib-511e56d76cf528afcbff2e5c7930a791e5484eee.zip