diff options
author | Maciej Krüger <mkg20001@gmail.com> | 2022-03-25 15:08:44 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-03-25 15:08:44 +0100 |
commit | 511e56d76cf528afcbff2e5c7930a791e5484eee (patch) | |
tree | 36d7554a5c94c6f17743ef707ec3417f135ffa63 /nixos/modules | |
parent | d6e2e39a6e5998e4ad4cbd9d422835b365dfa763 (diff) | |
parent | 6f5636223cf615d2c304c8335ee072726d775191 (diff) | |
download | nixlib-511e56d76cf528afcbff2e5c7930a791e5484eee.tar nixlib-511e56d76cf528afcbff2e5c7930a791e5484eee.tar.gz nixlib-511e56d76cf528afcbff2e5c7930a791e5484eee.tar.bz2 nixlib-511e56d76cf528afcbff2e5c7930a791e5484eee.tar.lz nixlib-511e56d76cf528afcbff2e5c7930a791e5484eee.tar.xz nixlib-511e56d76cf528afcbff2e5c7930a791e5484eee.tar.zst nixlib-511e56d76cf528afcbff2e5c7930a791e5484eee.zip |
Merge pull request #140406 from mkg20001/mvn
Diffstat (limited to 'nixos/modules')
-rw-r--r-- | nixos/modules/services/web-apps/keycloak.nix | 20 |
1 files changed, 19 insertions, 1 deletions
diff --git a/nixos/modules/services/web-apps/keycloak.nix b/nixos/modules/services/web-apps/keycloak.nix index 22c16be76139..c4a2127663a9 100644 --- a/nixos/modules/services/web-apps/keycloak.nix +++ b/nixos/modules/services/web-apps/keycloak.nix @@ -129,6 +129,14 @@ in ''; }; + plugins = lib.mkOption { + type = lib.types.listOf lib.types.path; + default = []; + description = '' + Keycloak plugin jar, ear files or derivations with them + ''; + }; + database = { type = mkOption { type = enum [ "mysql" "postgresql" ]; @@ -787,6 +795,14 @@ in umask u=rwx,g=,o= + install_plugin() { + if [ -d "$1" ]; then + find "$1" -type f \( -iname \*.ear -o -iname \*.jar \) -exec install -m 0500 -o keycloak -g keycloak "{}" "/run/keycloak/deployments/" \; + else + install -m 0500 -o keycloak -g keycloak "$1" "/run/keycloak/deployments/" + fi + } + install -m 0600 ${cfg.package}/standalone/configuration/*.properties /run/keycloak/configuration install -T -m 0600 ${keycloakConfig} /run/keycloak/configuration/standalone.xml @@ -794,7 +810,9 @@ in export JAVA_OPTS=-Djboss.server.config.user.dir=/run/keycloak/configuration add-user-keycloak.sh -u admin -p '${cfg.initialAdminPassword}' - '' + optionalString (cfg.sslCertificate != null && cfg.sslCertificateKey != null) '' + '' + + lib.optionalString (cfg.plugins != []) (lib.concatStringsSep "\n" (map (pl: "install_plugin ${lib.escapeShellArg pl}") cfg.plugins)) + "\n" + + optionalString (cfg.sslCertificate != null && cfg.sslCertificateKey != null) '' pushd /run/keycloak/ssl/ cat "$CREDENTIALS_DIRECTORY/ssl_cert" <(echo) \ "$CREDENTIALS_DIRECTORY/ssl_key" <(echo) \ |