install/keycloak
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

install-keycloak.sh: complete install script. Compltete README to create new permanent admin user.

Browse Source
This commit is contained in:
Christoph
2025-03-17 19:57:09 +01:00
parent 0e912c8ea8
commit 304b4a3445
3 changed files with 187 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

151
install-keycloak.sh
View File

@ -1856,6 +1856,111 @@ else
echo_skipped
fi
blank_line
echononl "Wait until the Keycloak service has started completely."
declare -i index=0
declare -i _max_secs_waiting=20
keycloak_service_started=false
while true ; do
# Try to establish a connection to localhost:8080
#
if $(curl -s -o /dev/null -I http://localhost:8080) ; then
echo_ok
keycloak_service_started=true
break
fi
if [[ ${index} -gt ${_max_secs_waiting} ]]; then
echo_failed
error "Could not connect to loacalhost on port 8080 after about 20 seconds!"
break
fi
(( index++ ))
sleep 1
done
_admin_user_created=true
echononl "Login as temporary admin user .."
if ${keycloak_service_started} ; then
export KC_CLI_PASSWORD=${ADMIN_PASS}
/opt/keycloak/bin/kcadm.sh config credentials \
--server http://localhost:8080 \
--realm master \
--user temp-admin > "$log_file" 2>&1
if [[ $? -eq 0 ]]; then
echo_ok
else
echo_failed
_admin_user_created=false
error "$(cat $log_file)"
fi
else
echo_skipped
fi
echononl "Create permanent user 'admin'.."
if ${_admin_user_created} ; then
/opt/keycloak/bin/kcadm.sh create users \
-r master \
-s username=admin \
-s enabled=true \
-o --fields id,username > "$log_file" 2>&1
if [[ $? -eq 0 ]]; then
echo_ok
else
echo_failed
_admin_user_created=false
error "$(cat $log_file)"
fi
else
echo_skipped
fi
echononl "Set password for user 'admin'.."
if ${_admin_user_created} ; then
NEW_ADMIN_PASS="$(generate_random_string "16")"
/opt/keycloak/bin/kcadm.sh set-password --username admin --new-password ${NEW_ADMIN_PASS}
if [[ $? -eq 0 ]]; then
echo_ok
else
echo_failed
_admin_user_created=false
error "$(cat $log_file)"
fi
else
echo_skipped
fi
roles="admin create-realm uma_authorization offline_access"
for _role in ${roles} ; do
echononl "Add Role '${_role}' to user 'admin'.."
if ${_admin_user_created} ; then
if ${keycloak_service_started} ; then
/opt/keycloak/bin/kcadm.sh add-roles --uusername admin --rolename ${_role}
if [[ $? -eq 0 ]]; then
echo_ok
else
echo_failed
_admin_user_created=false
error "$(cat $log_file)"
fi
else
echo_skipped
fi
else
echo_skipped
fi
done
blank_line
echononl "Remove previously saved crontab file '$(basename "${crontab_backup_file}")'.."
if ${_cron_reenabled} ; then
rm "${crontab_backup_file}" > $log_file 2>&1
@ -1872,8 +1977,8 @@ fi
blank_line
echononl "Save login credentials into file 'temporary-login-credentials.txt'.."
cat <<EOF > "${working_dir}/temporary-login-credentials.txt" 2> "$log_file"
echononl "Save credentials for 'temp-admin' into file 'temporary-login-credentials.txt'.."
cat <<EOF > "${working_dir}/login-credentials-temp-admin.txt" 2> "$log_file"
Login into new Keycloak Service:
@ -1889,15 +1994,53 @@ else
echo_ok
fi
info "Login into new Keycloak Service:
info "Login into new Keycloak Service as temporary admin user:
URL: https://${FQHN_HOSTNAME}
USER: temp-admin
PASSSWORD: ${ADMIN_PASS}
see also: ${working_dir}/temporary-login-credentials.txt
see also: ${working_dir}/login-credentials-temp-admin.txt
"
if ${_admin_user_created} ; then
echononl "Save credentials for permanent admin into file 'login-credentials-admin.txt'.."
cat <<EOF > "${working_dir}/login-credentials-admin.txt" 2> "$log_file"
Login into new Keycloak Service:
URL: https://${FQHN_HOSTNAME}
USER: admin
PASSSWORD: ${NEW_ADMIN_PASS}
EOF
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
info "Login into new Keycloak Service as permanent admin user:
URL: https://${FQHN_HOSTNAME}
USER: admin
PASSSWORD: ${NEW_ADMIN_PASS}
see also: ${working_dir}/login-credentials-admin.txt
"
fi
else
rm -r "${working_dir}/login-credentials-admin.txt" > /dev/null 2>&1
fi
clean_up 0