install/keycloak-install.sh

#!/usr/bin/env bash

# Copyright (c) 2021-2025 community-scripts ORG
# Author: tteck (tteckster) | Co-Author: Slaviša Arežina (tremor021), remz1337
# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
# Source: https://github.com/keycloak/keycloak

source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
color
verb_ip6
catch_errors
setting_up_container
network_check
update_os

JAVA_VERSION=21 setup_java
PG_VERSION=16 setup_postgresql

msg_info "Configuring PostgreSQL"
DB_NAME="keycloak"
DB_USER="keycloak"
DB_PASS="$(openssl rand -base64 18 | tr -dc 'a-zA-Z0-9' | cut -c1-13)"
$STD sudo -u postgres psql -c "CREATE USER $DB_USER WITH PASSWORD '$DB_PASS';"
$STD sudo -u postgres psql -c "CREATE DATABASE $DB_NAME WITH OWNER $DB_USER ENCODING 'UTF8';"
$STD sudo -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE $DB_NAME TO $DB_USER;"
msg_ok "Configured PostgreSQL"

fetch_and_deploy_gh_release "keycloak_app" "keycloak/keycloak" "prebuild" "latest" "/opt/keycloak" "keycloak-*.tar.gz"

msg_info "Creating Service"
cat <<EOF >/etc/systemd/system/keycloak.service
[Unit]
Description=Keycloak Service
Requires=network.target
After=syslog.target network-online.target

[Service]
Type=idle
User=root
WorkingDirectory=/opt/keycloak
ExecStart=/opt/keycloak/bin/kc.sh start
ExecStop=/opt/keycloak/bin/kc.sh stop
Restart=always
RestartSec=3
Environment="JAVA_HOME=/usr/lib/jvm/temurin-21-jdk-amd64"
Environment="KC_DB=postgres"
Environment="KC_DB_USERNAME=$DB_USER"
Environment="KC_DB_PASSWORD=$DB_PASS"
Environment="KC_HTTP_ENABLED=true"
Environment="KC_BOOTSTRAP_ADMIN_USERNAME=tmpadm"
Environment="KC_BOOTSTRAP_ADMIN_PASSWORD=admin123"
# Comment following line and uncomment the next 2 if working behind a reverse proxy
Environment="KC_HOSTNAME_STRICT=false"
#Environment="KC_HOSTNAME=keycloak.example.com"
#Environment="KC_PROXY_HEADERS=xforwarded"
[Install]
WantedBy=multi-user.target
EOF
systemctl enable -q --now keycloak
msg_ok "Created Service"

motd_ssh
customize

msg_info "Cleaning up"
$STD apt-get -y autoremove
$STD apt-get -y autoclean
msg_ok "Cleaned"
The latest iteration of the scripts (#1220) 2023-03-22 20:48:20 -04:00			`#!/usr/bin/env bash`

Keycloak: Update installation script (#2714) * Update installation script * fixed tar command * fix tar again * fixes * Update keycloak-install.sh 2025-02-27 16:40:07 +01:00			`# Copyright (c) 2021-2025 community-scripts ORG`
Update keycloak script to support configuration of latest release (v26) (#6322) * Update keycloak script to support configuration of latest release (v26) * Add quotes around default credential values * fix update script Signed-off-by: CanbiZ <47820557+MickLesk@users.noreply.github.com> * spelling "restarting" Signed-off-by: CanbiZ <47820557+MickLesk@users.noreply.github.com> * remove temp file and spelling Signed-off-by: CanbiZ <47820557+MickLesk@users.noreply.github.com> --------- Signed-off-by: CanbiZ <47820557+MickLesk@users.noreply.github.com> Co-authored-by: CanbiZ <47820557+MickLesk@users.noreply.github.com> 2025-07-29 06:26:55 -04:00			`# Author: tteck (tteckster) \| Co-Author: Slaviša Arežina (tremor021), remz1337`
Keycloak: Update installation script (#2714) * Update installation script * fixed tar command * fix tar again * fixes * Update keycloak-install.sh 2025-02-27 16:40:07 +01:00			`# License: MIT \| https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE`
			`# Source: https://github.com/keycloak/keycloak`
The latest iteration of the scripts (#1220) 2023-03-22 20:48:20 -04:00
Keycloak: Update installation script (#2714) * Update installation script * fixed tar command * fix tar again * fixes * Update keycloak-install.sh 2025-02-27 16:40:07 +01:00			`source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"`
The latest iteration of the scripts (#1220) 2023-03-22 20:48:20 -04:00			`color`
			`verb_ip6`
			`catch_errors`
			`setting_up_container`
			`network_check`
			`update_os`

Update keycloak script to support configuration of latest release (v26) (#6322) * Update keycloak script to support configuration of latest release (v26) * Add quotes around default credential values * fix update script Signed-off-by: CanbiZ <47820557+MickLesk@users.noreply.github.com> * spelling "restarting" Signed-off-by: CanbiZ <47820557+MickLesk@users.noreply.github.com> * remove temp file and spelling Signed-off-by: CanbiZ <47820557+MickLesk@users.noreply.github.com> --------- Signed-off-by: CanbiZ <47820557+MickLesk@users.noreply.github.com> Co-authored-by: CanbiZ <47820557+MickLesk@users.noreply.github.com> 2025-07-29 06:26:55 -04:00			`JAVA_VERSION=21 setup_java`
			`PG_VERSION=16 setup_postgresql`

			`msg_info "Configuring PostgreSQL"`
			`DB_NAME="keycloak"`
			`DB_USER="keycloak"`
			`DB_PASS="$(openssl rand -base64 18 \| tr -dc 'a-zA-Z0-9' \| cut -c1-13)"`
			`$STD sudo -u postgres psql -c "CREATE USER $DB_USER WITH PASSWORD '$DB_PASS';"`
			`$STD sudo -u postgres psql -c "CREATE DATABASE $DB_NAME WITH OWNER $DB_USER ENCODING 'UTF8';"`
			`$STD sudo -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE $DB_NAME TO $DB_USER;"`
			`msg_ok "Configured PostgreSQL"`

Keycloak: fix update function (#6943) * Keycloak: fix update function * fix issue with .keycloak file * Update keycloak-install.sh * remove double command --------- Co-authored-by: Tobias <96661824+CrazyWolf13@users.noreply.github.com> 2025-08-18 20:16:14 +02:00			`fetch_and_deploy_gh_release "keycloak_app" "keycloak/keycloak" "prebuild" "latest" "/opt/keycloak" "keycloak-*.tar.gz"`
The latest iteration of the scripts (#1220) 2023-03-22 20:48:20 -04:00
			`msg_info "Creating Service"`
Keycloak: Update installation script (#2714) * Update installation script * fixed tar command * fix tar again * fixes * Update keycloak-install.sh 2025-02-27 16:40:07 +01:00			`cat <<EOF >/etc/systemd/system/keycloak.service`
			`[Unit]`
			`Description=Keycloak Service`
Update keycloak script to support configuration of latest release (v26) (#6322) * Update keycloak script to support configuration of latest release (v26) * Add quotes around default credential values * fix update script Signed-off-by: CanbiZ <47820557+MickLesk@users.noreply.github.com> * spelling "restarting" Signed-off-by: CanbiZ <47820557+MickLesk@users.noreply.github.com> * remove temp file and spelling Signed-off-by: CanbiZ <47820557+MickLesk@users.noreply.github.com> --------- Signed-off-by: CanbiZ <47820557+MickLesk@users.noreply.github.com> Co-authored-by: CanbiZ <47820557+MickLesk@users.noreply.github.com> 2025-07-29 06:26:55 -04:00			`Requires=network.target`
			`After=syslog.target network-online.target`
Keycloak: Update installation script (#2714) * Update installation script * fixed tar command * fix tar again * fixes * Update keycloak-install.sh 2025-02-27 16:40:07 +01:00
The latest iteration of the scripts (#1220) 2023-03-22 20:48:20 -04:00			`[Service]`
Update keycloak script to support configuration of latest release (v26) (#6322) * Update keycloak script to support configuration of latest release (v26) * Add quotes around default credential values * fix update script Signed-off-by: CanbiZ <47820557+MickLesk@users.noreply.github.com> * spelling "restarting" Signed-off-by: CanbiZ <47820557+MickLesk@users.noreply.github.com> * remove temp file and spelling Signed-off-by: CanbiZ <47820557+MickLesk@users.noreply.github.com> --------- Signed-off-by: CanbiZ <47820557+MickLesk@users.noreply.github.com> Co-authored-by: CanbiZ <47820557+MickLesk@users.noreply.github.com> 2025-07-29 06:26:55 -04:00			`Type=idle`
The latest iteration of the scripts (#1220) 2023-03-22 20:48:20 -04:00			`User=root`
			`WorkingDirectory=/opt/keycloak`
Update keycloak script to support configuration of latest release (v26) (#6322) * Update keycloak script to support configuration of latest release (v26) * Add quotes around default credential values * fix update script Signed-off-by: CanbiZ <47820557+MickLesk@users.noreply.github.com> * spelling "restarting" Signed-off-by: CanbiZ <47820557+MickLesk@users.noreply.github.com> * remove temp file and spelling Signed-off-by: CanbiZ <47820557+MickLesk@users.noreply.github.com> --------- Signed-off-by: CanbiZ <47820557+MickLesk@users.noreply.github.com> Co-authored-by: CanbiZ <47820557+MickLesk@users.noreply.github.com> 2025-07-29 06:26:55 -04:00			`ExecStart=/opt/keycloak/bin/kc.sh start`
			`ExecStop=/opt/keycloak/bin/kc.sh stop`
			`Restart=always`
			`RestartSec=3`
			`Environment="JAVA_HOME=/usr/lib/jvm/temurin-21-jdk-amd64"`
			`Environment="KC_DB=postgres"`
			`Environment="KC_DB_USERNAME=$DB_USER"`
			`Environment="KC_DB_PASSWORD=$DB_PASS"`
			`Environment="KC_HTTP_ENABLED=true"`
			`Environment="KC_BOOTSTRAP_ADMIN_USERNAME=tmpadm"`
			`Environment="KC_BOOTSTRAP_ADMIN_PASSWORD=admin123"`
			`# Comment following line and uncomment the next 2 if working behind a reverse proxy`
			`Environment="KC_HOSTNAME_STRICT=false"`
			`#Environment="KC_HOSTNAME=keycloak.example.com"`
			`#Environment="KC_PROXY_HEADERS=xforwarded"`
The latest iteration of the scripts (#1220) 2023-03-22 20:48:20 -04:00			`[Install]`
Keycloak: Update installation script (#2714) * Update installation script * fixed tar command * fix tar again * fixes * Update keycloak-install.sh 2025-02-27 16:40:07 +01:00			`WantedBy=multi-user.target`
			`EOF`
			`systemctl enable -q --now keycloak`
The latest iteration of the scripts (#1220) 2023-03-22 20:48:20 -04:00			`msg_ok "Created Service"`

			`motd_ssh`
Code refactoring 2023-05-15 07:39:30 -04:00			`customize`
The latest iteration of the scripts (#1220) 2023-03-22 20:48:20 -04:00
			`msg_info "Cleaning up"`
Add '-y` flag 2024-05-02 13:26:16 -04:00			`$STD apt-get -y autoremove`
			`$STD apt-get -y autoclean`
The latest iteration of the scripts (#1220) 2023-03-22 20:48:20 -04:00			`msg_ok "Cleaned"`