Update keycloak script to support configuration of latest release (v26) (#6322)

* Update keycloak script to support configuration of latest release (v26) * Add quotes around default credential values * fix update script Signed-off-by: CanbiZ <47820557+MickLesk@users.noreply.github.com> * spelling "restarting" Signed-off-by: CanbiZ <47820557+MickLesk@users.noreply.github.com> * remove temp file and spelling Signed-off-by: CanbiZ <47820557+MickLesk@users.noreply.github.com> --------- Signed-off-by: CanbiZ <47820557+MickLesk@users.noreply.github.com> Co-authored-by: CanbiZ <47820557+MickLesk@users.noreply.github.com>
2025-11-04 10:22:50 +00:00 · 2025-07-29 06:26:55 -04:00
parent 1f101c0bd3
commit 10db421c45
3 changed files with 58 additions and 36 deletions
--- a/ct/keycloak.sh
+++ b/ct/keycloak.sh
@@ -1,7 +1,7 @@
 #!/usr/bin/env bash
 source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/build.func)
 # Copyright (c) 2021-2025 tteck
-# Author: tteck (tteckster)
+# Author: tteck (tteckster) | Co-Author: remz1337
 # License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
 # Source: https://www.keycloak.org/
@@ -23,34 +23,39 @@ function update_script() {
  header_info
  check_container_storage
  check_container_resources
-  if [[ ! -f /etc/systemd/system/keycloak.service ]]; then
+  if [[ ! -d /opt/keycloak ]]; then
    msg_error "No ${APP} Installation Found!"
    exit
  fi
-  msg_info "Updating ${APP} LXC"
+
  msg_info "Stopping Keycloak"
  systemctl stop keycloak
  msg_ok "Stopped Keycloak"
  msg_info "Updating packages"
  $STD apt-get update
  $STD apt-get -y upgrade
  msg_ok "Updated packages"
-  RELEASE=$(curl -fsSL https://api.github.com/repos/keycloak/keycloak/releases/latest | grep "tag_name" | awk '{print substr($2, 2, length($2)-3) }')
+  msg_info "Backup old Keycloak"
  msg_info "Updating Keycloak to v$RELEASE"
  cd /opt
  curl -fsSL "https://github.com/keycloak/keycloak/releases/download/$RELEASE/keycloak-$RELEASE.tar.gz" -o $(basename "https://github.com/keycloak/keycloak/releases/download/$RELEASE/keycloak-$RELEASE.tar.gz")
  mv keycloak keycloak.old
-  tar -xzf keycloak-$RELEASE.tar.gz
+  tar -czf keycloak_conf_backup.tar.gz keycloak.old/conf
-  cp -r keycloak.old/conf keycloak-$RELEASE
+  msg_ok "Backup done"
  cp -r keycloak.old/providers keycloak-$RELEASE
  cp -r keycloak.old/themes keycloak-$RELEASE
  mv keycloak-$RELEASE keycloak
-  msg_info "Delete temporary installation files"
+  fetch_and_deploy_gh_release "keycloak" "keycloak/keycloak" "prebuild" "latest" "/opt/keycloak" "keycloak-*.tar.gz"
-  rm keycloak-$RELEASE.tar.gz
+
  msg_info "Updating ${APP}"
  cd /opt
  mv keycloak_conf_backup.tar.gz keycloak/conf
  cp -r keycloak.old/providers keycloak
  cp -r keycloak.old/themes keycloak
  rm -rf keycloak.old
  msg_ok "Updated ${APP} LXC"
-  msg_info "Restating Keycloak"
+  msg_info "Restarting Keycloak"
  systemctl restart keycloak
-  msg_ok "Updated Successfully"
+  msg_ok "Restarted Keycloak"
  exit
 }
--- a/frontend/public/json/keycloak.json
+++ b/frontend/public/json/keycloak.json
@@ -6,7 +6,7 @@
  ],
  "date_created": "2024-05-02",
  "type": "ct",
-  "updateable": false,
+  "updateable": true,
  "privileged": false,
  "interface_port": 8080,
  "documentation": "https://www.keycloak.org/documentation",
@@ -28,8 +28,8 @@
    }
  ],
  "default_credentials": {
-    "username": null,
+    "username": "tmpadm",
-    "password": null
+    "password": "admin123"
  },
  "notes": [
    {
@@ -39,6 +39,10 @@
    {
      "text": "This script requires some extra steps after the installation, Please checkout the `https://github.com/community-scripts/ProxmoxVE/discussions/193`",
      "type": "info"
    },
    {
      "text": "When updating, if you had modified cache-ispn.xml: Re-apply your changes to the new file, otherwise leave it unchanged.",
      "type": "info"
    }
  ]
 }
--- a/install/keycloak-install.sh
+++ b/install/keycloak-install.sh
@@ -1,7 +1,7 @@
 #!/usr/bin/env bash
 # Copyright (c) 2021-2025 community-scripts ORG
-# Author: tteck (tteckster) | Co-Author: Slaviša Arežina (tremor021)
+# Author: tteck (tteckster) | Co-Author: Slaviša Arežina (tremor021), remz1337
 # License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
 # Source: https://github.com/keycloak/keycloak
@@ -13,32 +13,46 @@ setting_up_container
 network_check
 update_os
-msg_info "Installing OpenJDK"
+JAVA_VERSION=21 setup_java
-curl -fsSL "https://packages.adoptium.net/artifactory/api/gpg/key/public" | gpg --dearmor >/etc/apt/trusted.gpg.d/adoptium.gpg
+PG_VERSION=16 setup_postgresql
 echo 'deb [arch=amd64 signed-by=/etc/apt/trusted.gpg.d/adoptium.gpg] https://packages.adoptium.net/artifactory/deb bookworm main' >/etc/apt/sources.list.d/adoptium.list
 $STD apt-get update
 $STD apt-get install -y temurin-21-jre
 msg_ok "Installed OpenJDK"
-msg_info "Installing Keycloak"
+msg_info "Configuring PostgreSQL"
-temp_file=$(mktemp)
+DB_NAME="keycloak"
-RELEASE=$(curl -fsSL https://api.github.com/repos/keycloak/keycloak/releases/latest | grep "tag_name" | awk '{print substr($2, 2, length($2)-3) }')
+DB_USER="keycloak"
-curl -fsSL "https://github.com/keycloak/keycloak/releases/download/$RELEASE/keycloak-$RELEASE.tar.gz" -o "$temp_file"
+DB_PASS="$(openssl rand -base64 18 | tr -dc 'a-zA-Z0-9' | cut -c1-13)"
-tar xzf $temp_file
+$STD sudo -u postgres psql -c "CREATE USER $DB_USER WITH PASSWORD '$DB_PASS';"
-mv keycloak-$RELEASE /opt/keycloak
+$STD sudo -u postgres psql -c "CREATE DATABASE $DB_NAME WITH OWNER $DB_USER ENCODING 'UTF8';"
-msg_ok "Installed Keycloak"
+$STD sudo -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE $DB_NAME TO $DB_USER;"
 msg_ok "Configured PostgreSQL"
 fetch_and_deploy_gh_release "keycloak" "keycloak/keycloak" "prebuild" "latest" "/opt/keycloak" "keycloak-*.tar.gz"
 msg_info "Creating Service"
 cat <<EOF >/etc/systemd/system/keycloak.service
 [Unit]
 Description=Keycloak Service
-After=network.target
+Requires=network.target
 After=syslog.target network-online.target
 [Service]
 Type=idle
 User=root
 WorkingDirectory=/opt/keycloak
-ExecStart=/opt/keycloak/bin/kc.sh start-dev
+ExecStart=/opt/keycloak/bin/kc.sh start
-
+ExecStop=/opt/keycloak/bin/kc.sh stop
 Restart=always
 RestartSec=3
 Environment="JAVA_HOME=/usr/lib/jvm/temurin-21-jdk-amd64"
 Environment="KC_DB=postgres"
 Environment="KC_DB_USERNAME=$DB_USER"
 Environment="KC_DB_PASSWORD=$DB_PASS"
 Environment="KC_HTTP_ENABLED=true"
 Environment="KC_BOOTSTRAP_ADMIN_USERNAME=tmpadm"
 Environment="KC_BOOTSTRAP_ADMIN_PASSWORD=admin123"
 # Comment following line and uncomment the next 2 if working behind a reverse proxy
 Environment="KC_HOSTNAME_STRICT=false"
 #Environment="KC_HOSTNAME=keycloak.example.com"
 #Environment="KC_PROXY_HEADERS=xforwarded"
 [Install]
 WantedBy=multi-user.target
 EOF
@@ -49,7 +63,6 @@ motd_ssh
 customize
 msg_info "Cleaning up"
 rm -f $temp_file
 $STD apt-get -y autoremove
 $STD apt-get -y autoclean
 msg_ok "Cleaned"