Some minor changes.

uprgade-keycloak.sh: some minor changes..
2025-03-18 16:09:41 +01:00 · 2025-03-18 16:09:18 +01:00 · 2025-03-18 16:08:41 +01:00
5 changed files with 195 additions and 160 deletions
--- a/.gitignore
+++ b/.gitignore
@ -10,3 +10,4 @@ conf/*.conf
 crontab-*

 login-credentials-*
+current-configuration.txt
--- a/README.admin
+++ b/README.admin
@ -1,7 +1,7 @@
 # Login as temporary admin user
 #
-LOGIN_NAME=temp-admin
-LOGIN_PASS='0JP.k-K-/hd-h3g4'
+LOGIN_NAME=admin
+LOGIN_PASS='0x-O-/s7eku9Y./l'

 NEW_ADMIN=admin-nd
 NEW_ADMIN_PASS='u6V2.W.o7e-f+mY6'
--- a/install-keycloak.sh
+++ b/install-keycloak.sh
@ -933,25 +933,34 @@ echo
 echo -e "\033[37m\033[1mSome pre-installation stuff..\033[m"
 echo

-echononl "Backup crontab"
-crontab -u root -l > ${crontab_backup_file} 2> $log_file
-if [[ "$?" = "0" ]]; then
-   echo_ok
+cron_root_is_empty=false
+echononl "Backup crontab.."
+if [[ $(crontab -u root -l 2> /dev/null | wc -c) -gt 0 ]] ; then
+   crontab -u root -l > ${crontab_backup_file} 2> $log_file
+   if [[ "$?" = "0" ]]; then
+      echo_ok
+   else
+      echo_failed
+      error "$(cat $log_file)"
+   fi
 else
-   echo_failed
-   error "$(cat $log_file)"
+   cron_root_is_empty=true
+   echo_skipped
 fi

 echononl "Disable crontab for user root"
-crontab -r -u root > ${log_file}  2>&1
-if [[ "$?" = "0" ]]; then
-   echo_ok
+if ! ${cron_root_is_empty} ; then
+   crontab -r -u root > ${log_file}  2>&1
+   if [[ "$?" = "0" ]]; then
+      echo_ok
+   else
+      echo_failed
+      error "$(cat $log_file)"
+   fi
 else
-   echo_failed
-   error "$(cat $tmp_err_msg)"
+   echo_skipped
 fi

-
 blank_line

 echononl "Stop Keycloak Service.."
@ -1285,11 +1294,7 @@ else

 fi

-
-
-echo
-echo -e "\033[37m\033[1mInstalling Keycloak Server..\033[m"
-echo
+blank_line

 echononl "Create the Keycloak (system) group.."
 if cat /etc/group | grep -e "^${KEYCLOAK_GROUP}:" > /dev/null  2>&1  ; then
@ -1317,6 +1322,7 @@ else
   fi
 fi

+blank_line

 echononl "Download the latest version (${KEYCLOAK_VERSION}) of the Keycloak Server.."
 if [[ ! -f "${working_dir}/${DOWNLOAD_ARCHIVE}" ]]; then
@ -1336,40 +1342,9 @@ echo
 echo -e "\033[37m\033[1mInstalling Keycloak Service..\033[m"
 echo

-
-echononl "Create the Keycloak (system) group.."
-if cat /etc/group | grep -e "^${KEYCLOAK_GROUP}:" > /dev/null  2>&1  ; then
-   echo_skipped
-else
-   groupadd -r ${KEYCLOAK_GROUP} > "$log_file" 2>&1
-   if [[ $? -ne 0 ]]; then
-      echo_failed
-      error "$(cat "$log_file")"
-   else
-      echo_ok
-   fi
-fi
-
-echononl "Create the Keycloak (system) user.."
-KEYCLOAK_HOME="${KEYCLOAK_BASE_INSTALL_PATH}/keycloak"
-if id -u ${KEYCLOAK_USER} > /dev/null 2>&1; then
-   echo_skipped
-else
-   useradd -r -M -d ${KEYCLOAK_HOME} -s /bin/false -g ${KEYCLOAK_GROUP} ${KEYCLOAK_USER} > "$log_file" 2>&1
-   if [[ $? -ne 0 ]]; then
-      echo_failed
-      error "$(cat "$log_file")"
-   else
-      echo_ok
-   fi
-fi
-
-
-blank_line
-
 echononl "Backup Keycloak Installation directory.."
 if [[ -n "${OLD_INSTALL_DIR}" ]]; then
-   cp -a "${OLD_INSTALL_DIR}" "${OLD_INSTALL_DIR}.${backup_date}" > "$log_file" 2>&1
+   mv "${OLD_INSTALL_DIR}" "${OLD_INSTALL_DIR}.${backup_date}" > "$log_file" 2>&1
   if [[ $? -ne 0 ]]; then
      echo_failed
      error "$(cat "$log_file")"
@ -1381,12 +1356,16 @@ else
 fi

 echononl "Remove Symlink '${KEYCLOAK_BASE_INSTALL_PATH}/keycloak' .."
-rm "${KEYCLOAK_BASE_INSTALL_PATH}/keycloak"  > "$log_file" 2>&1
-if [[ $? -ne 0 ]]; then
-   echo_failed
-   error "$(cat "$log_file")"
+if [[ -h "${KEYCLOAK_BASE_INSTALL_PATH}/keycloak" ]] ; then
+   rm "${KEYCLOAK_BASE_INSTALL_PATH}/keycloak"  > "$log_file" 2>&1
+   if [[ $? -ne 0 ]]; then
+      echo_failed
+      error "$(cat "$log_file")"
+   else
+      echo_ok
+   fi
 else
-   echo_ok
+   echo_skipped
 fi


@ -1402,25 +1381,6 @@ else
 fi


-echononl "Set ownbership of installation directory '${KEYCLOAK_INSTALL_DIR}'.."
-chown -R ${KEYCLOAK_USER}:${KEYCLOAK_GROUP} "${KEYCLOAK_INSTALL_DIR}" > "$log_file" 2>&1
-if [[ $? -ne 0 ]]; then
-   echo_failed
-   error "$(cat "$log_file")"
-else
-   echo_ok
-fi
-
-echononl "Give write permissions to the keycloak group.."
-chmod -R g+w "${KEYCLOAK_INSTALL_DIR}" > "$log_file" 2>&1
-if [[ $? -ne 0 ]]; then
-   echo_failed
-   error "$(cat "$log_file")"
-else
-   echo_ok
-fi
-
-
 blank_line

 echononl "Symlink keycloak -> keycloak-${KEYCLOAK_VERSION} .."
@ -1443,79 +1403,6 @@ else
 fi 


-_certs_installed=false
-echononl "Run script 'check_cert_for_keycloak.sh'.."
-if [[ -x "/root/bin/monitoring/check_cert_for_keycloak.sh" ]] ; then
-   /root/bin/monitoring/check_cert_for_keycloak.sh > "$log_file" 2>&1
-   if [[ $? -ne 0 ]]; then
-      echo_failed
-      cat "$log_file"
-   else
-      echo_ok
-      _certs_installed=true
-   fi
-else
-   warn "Certificate/Key for ${FQHN_HOSTNAME} cannot be provided."
-fi
-
-
-echononl "Add a cronjob for checking cert.."
-if [[ -f "$crontab_backup_file" ]]; then
-   if ! grep -iq -E "/root/bin/monitoring/check_cert_for_keycloak.sh" "$crontab_backup_file" > /dev/null 2>&1; then
-      cat <<EOF >> $crontab_backup_file
-
-# Check if cert for Keycloak service is up-to-date
-#
-51 05 * * * /root/bin/monitoring/check_cert_for_keycloak.sh
-EOF
-      if [[ "$?" -ne 0 ]] ; then
-         echo_failed
-      else
-         echo_ok
-      fi
-
-   else
-      echo_skipped
-   fi
-
-elif [[ -f "/var/spool/cron/crontabs/root" ]] ; then
-
-   if ! grep -i -E "/root/bin/monitoring/check_cert_for_keycloak.sh" /var/spool/cron/crontabs/root > /dev/null 2>&1; then
-      installation_failed=false
-      crontab -l > /tmp/tmp_crontab 2> $log_file
-      if [[ "$?" -ne 0 ]] ; then
-         installation_failed=true
-      fi
-
-      cat << EOF >> /tmp/tmp_crontab 2>> $log_file
-
-# Check if cert for Keycloak service is up-to-date
-#
-51 05 * * * /root/bin/monitoring/check_cert_for_keycloak.sh
-EOF
-      if [[ "$?" -ne 0 ]] ; then
-         installation_failed=true
-      fi
-      crontab /tmp/tmp_crontab > /dev/null 2>> $log_file
-      if [[ "$?" -ne 0 ]] ; then
-         installation_failed=true
-      fi
-      rm /tmp/tmp_crontab  > /dev/null 2>> $log_file
-      if [[ "$?" -ne 0 ]] ; then
-         installation_failed=true
-      fi
-      if ! $installation_failed ; then
-         echo_ok
-      else
-         echo_failed
-         error "Adding cronjob for checking cert failed!"
-      fi
-   else
-      echo_skipped
-   fi
-fi
-
-
 echononl "Create new configuration .."
 if [[ "${DB_TYPE}" = "pgsql" ]]; then
   _db_type="postgres"
@ -1577,7 +1464,6 @@ else
 fi 


-
 echo
 echo -e "\033[37m\033[1mSetup Keycloak to use systemd for starting and stopping..\033[m"
 echo
@ -1652,6 +1538,79 @@ else
   echo_ok
 fi

+blank_line
+
+_certs_installed=false
+echononl "Run script 'check_cert_for_keycloak.sh'.."
+if [[ -x "/root/bin/monitoring/check_cert_for_keycloak.sh" ]] ; then
+   /root/bin/monitoring/check_cert_for_keycloak.sh > "$log_file" 2>&1
+   if [[ $? -ne 0 ]]; then
+      echo_failed
+      cat "$log_file"
+   else
+      echo_ok
+      _certs_installed=true
+   fi
+else
+   warn "Certificate/Key for ${FQHN_HOSTNAME} cannot be provided."
+fi
+
+echononl "Add a cronjob for checking cert.."
+if [[ -f "$crontab_backup_file" ]]; then
+   if ! grep -iq -E "/root/bin/monitoring/check_cert_for_keycloak.sh" "$crontab_backup_file" > /dev/null 2>&1; then
+      cat <<EOF >> $crontab_backup_file
+
+# Check if cert for Keycloak service is up-to-date
+#
+51 05 * * * /root/bin/monitoring/check_cert_for_keycloak.sh
+EOF
+      if [[ "$?" -ne 0 ]] ; then
+         echo_failed
+      else
+         echo_ok
+      fi
+
+   else
+      echo_skipped
+   fi
+
+elif [[ -f "/var/spool/cron/crontabs/root" ]] ; then
+
+   if ! grep -i -E "/root/bin/monitoring/check_cert_for_keycloak.sh" /var/spool/cron/crontabs/root > /dev/null 2>&1; then
+      installation_failed=false
+      crontab -l > /tmp/tmp_crontab 2> $log_file
+      if [[ "$?" -ne 0 ]] ; then
+         installation_failed=true
+      fi
+
+      cat << EOF >> /tmp/tmp_crontab 2>> $log_file
+
+# Check if cert for Keycloak service is up-to-date
+#
+51 05 * * * /root/bin/monitoring/check_cert_for_keycloak.sh
+EOF
+      if [[ "$?" -ne 0 ]] ; then
+         installation_failed=true
+      fi
+      crontab /tmp/tmp_crontab > /dev/null 2>> $log_file
+      if [[ "$?" -ne 0 ]] ; then
+         installation_failed=true
+      fi
+      rm /tmp/tmp_crontab  > /dev/null 2>> $log_file
+      if [[ "$?" -ne 0 ]] ; then
+         installation_failed=true
+      fi
+      if ! $installation_failed ; then
+         echo_ok
+      else
+         echo_failed
+         error "Adding cronjob for checking cert failed!"
+      fi
+   else
+      echo_skipped
+   fi
+fi
+

 blank_line

@ -1669,6 +1628,7 @@ else
 fi

 blank_line
+
 echononl "Creates a new and optimized server image.."
 ${KEYCLOAK_BASE_INSTALL_PATH}/keycloak/bin/kc.sh build > "$log_file" 2>&1
 if [[ $? -ne 0 ]]; then
@ -1689,8 +1649,26 @@ fi

 blank_line

+echononl "Set ownbership of installation directory '${KEYCLOAK_INSTALL_DIR}'.."
+chown -R ${KEYCLOAK_USER}:${KEYCLOAK_GROUP} "${KEYCLOAK_INSTALL_DIR}" > "$log_file" 2>&1
+if [[ $? -ne 0 ]]; then
+   echo_failed
+   error "$(cat "$log_file")"
+else
+   echo_ok
+fi
+
+#echononl "Give write permissions to the keycloak group.."
+#chmod -R g+w "${KEYCLOAK_INSTALL_DIR}" > "$log_file" 2>&1
+#if [[ $? -ne 0 ]]; then
+#   echo_failed
+#   error "$(cat "$log_file")"
+#else
+#   echo_ok
+#fi

 blank_line
+
 echononl "Start Keycloak Service"
 systemctl start keycloak.service > "$log_file" 2>&1
 if [[ $? -ne 0 ]]; then
@ -1879,6 +1857,17 @@ while true ; do
   sleep 1
 done

+echononl "Save configuration to file 'current-configuration.txt'."
+${KEYCLOAK_BASE_INSTALL_PATH}/keycloak/bin/kc.sh show-config > "${working_dir}/current-configuration.txt" 2> "$log_file"
+if [[ $? -ne 0 ]]; then
+   echo_failed
+   error "$(cat "$log_file")"
+else
+   echo_ok
+fi
+
+blank_line
+
 _admin_user_created=true
 echononl "Login as temporary admin user .."
 if ${keycloak_service_started} ; then
--- a/rm-keycloak-service.sh
+++ b/rm-keycloak-service.sh
@ -0,0 +1,10 @@
+#!/usr/bin/env bash
+
+systemctl stop keycloak.service
+systemctl disable keycloak.service
+
+rm /etc/systemd/system/keycloak.service
+
+rm -rf /opt/*
+
+exit 0
--- a/uprgade-keycloak.sh
+++ b/uprgade-keycloak.sh
@ -579,7 +579,7 @@ blank_line

 echononl "Backup Keycloak Installation directory.."
 if [[ -n "${CUR_INSTALL_DIR}" ]]; then
-   cp -a "${CUR_INSTALL_DIR}" "${CUR_INSTALL_DIR}.${backup_date}" > "$log_file" 2>&1
+   mv "${CUR_INSTALL_DIR}" "${CUR_INSTALL_DIR}.${backup_date}" > "$log_file" 2>&1
   if [[ $? -ne 0 ]]; then
      echo_failed
      error "$(cat "$log_file")"
@ -615,7 +615,7 @@ fi
 blank_line

 echononl "Copy 'conf/ directory from the previous installation to the new installation."
-cp -a "${CUR_INSTALL_DIR}/conf" "${KEYCLOAK_INSTALL_DIR}/" > "$log_file" 2>&1
+cp -a "${CUR_INSTALL_DIR}.${backup_date}/conf" "${KEYCLOAK_INSTALL_DIR}/" > "$log_file" 2>&1
 if [[ $? -ne 0 ]]; then
   echo_failed
   error "$(cat "$log_file")"
@ -624,7 +624,7 @@ else
 fi 

 echononl "Copy 'providers/ directory from the previous installation to the new installation."
-cp -a "${CUR_INSTALL_DIR}/providers" "${KEYCLOAK_INSTALL_DIR}/" > "$log_file" 2>&1
+cp -a "${CUR_INSTALL_DIR}.${backup_date}/providers" "${KEYCLOAK_INSTALL_DIR}/" > "$log_file" 2>&1
 if [[ $? -ne 0 ]]; then
   echo_failed
   error "$(cat "$log_file")"
@ -633,7 +633,7 @@ else
 fi 

 echononl "Copy 'themes/ directory from the previous installation to the new installation."
-cp -a "${CUR_INSTALL_DIR}/themes" "${KEYCLOAK_INSTALL_DIR}/" > "$log_file" 2>&1
+cp -a "${CUR_INSTALL_DIR}.${backup_date}/themes" "${KEYCLOAK_INSTALL_DIR}/" > "$log_file" 2>&1
 if [[ $? -ne 0 ]]; then
   echo_failed
   error "$(cat "$log_file")"
@ -750,14 +750,29 @@ if [[ $? -ne 0 ]]; then
   echo_failed
   error "$(cat "$log_file")"

-   echononl "\033[1mcontinue anyway\033[m [yes/no]: "
-   read OK
-   while [[ "${OK,,}" != "yes" ]] && [[  "${OK,,}" != "no" ]] ; do
-      echononl "Wrong entry! - repeat [yes/nno]: "
-      read OK
-   done
-   [[ $OK = "yes" ]] || fatal "Abbruch durch User"
+   if $terminal ; then

+      echononl "\033[1mcontinue anyway\033[m [yes/no]: "
+      read OK
+      while [[ "${OK,,}" != "yes" ]] && [[  "${OK,,}" != "no" ]] ; do
+         echononl "Wrong entry! - repeat [yes/nno]: "
+         read OK
+      done
+      [[ $OK = "yes" ]] || fatal "Abbruch durch User"
+
+   fi
+
+else
+   echo_ok
+fi
+
+echononl "Wait 20 seconds for the keycloak service to be fully created."
+echo_wait
+sleep 20
+${KEYCLOAK_BASE_INSTALL_PATH}/keycloak/bin/kc.sh show-config > "${working_dir}/current-configuration.txt" 2> "$log_file"
+if [[ $? -ne 0 ]]; then
+   echo_failed
+   error "$(cat "$log_file")"
 else
   echo_ok
 fi
@ -769,6 +784,26 @@ systemctl start keycloak.service > "$log_file" 2>&1
 if [[ $? -ne 0 ]]; then
   echo_failed
   error "$(cat "$log_file")"
+
+   if $terminal ; then
+
+      echo "   Perhaps it is enough to wait a moment and then start the:"
+      echo ""
+      echo "   The command to start the keycloak service is:"
+      echo ""
+      echo -e "      \033[33msystemctl start keycloak.service\033[m"
+      echo ""
+
+      echononl "\033[1mcontinue anyway\033[m [yes/no]: "
+      read OK
+      while [[ "${OK,,}" != "yes" ]] && [[  "${OK,,}" != "no" ]] ; do
+         echononl "Wrong entry! - repeat [yes/nno]: "
+         read OK
+      done
+      [[ $OK = "yes" ]] || fatal "Abbruch durch User"
+
+   fi
+
 else
   echo_ok
 fi
Author	SHA1	Message	Date
Christoph	be11ad67d9	Some minor changes.	2025-03-18 16:09:41 +01:00
Christoph	0712a8fbad	Some minor changes.	2025-03-18 16:09:18 +01:00
Christoph	1b356ebce1	uprgade-keycloak.sh: some minor changes..	2025-03-18 16:08:41 +01:00