-
Notifications
You must be signed in to change notification settings - Fork 11
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'fc-23.11-dev' into fc-23.11-staging
- Loading branch information
Showing
13 changed files
with
313 additions
and
24 deletions.
There are no files selected for viewing
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
The files in this directory are based on [MIT-licensed](https://github.com/NixOS/nixpkgs/blob/7a338b0febc1994ed42ee1aed8c752674abf0632/COPYING) work done by other Nixpkgs/NixOS contributors, taken from revision 7a338b0febc1994ed42ee1aed8c752674abf0632 in the [nixpkgs](https://github.com/NixOS/nixpkgs/) repository under the path [pkgs/servers/keycloak](https://github.com/NixOS/nixpkgs/blob/7a338b0febc1994ed42ee1aed8c752674abf0632/pkgs/servers/keycloak). |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
{ callPackage, fetchMavenArtifact }: | ||
|
||
{ | ||
scim-for-keycloak = callPackage ./scim-for-keycloak {}; | ||
scim-keycloak-user-storage-spi = callPackage ./scim-keycloak-user-storage-spi {}; | ||
keycloak-discord = callPackage ./keycloak-discord {}; | ||
keycloak-metrics-spi = callPackage ./keycloak-metrics-spi {}; | ||
keycloak-restrict-client-auth = callPackage ./keycloak-restrict-client-auth {}; | ||
|
||
# These could theoretically be used by something other than Keycloak, but | ||
# there are no other quarkus apps in nixpkgs (as of 2023-08-21) | ||
quarkus-systemd-notify = (fetchMavenArtifact { | ||
groupId = "io.quarkiverse.systemd.notify"; | ||
artifactId = "quarkus-systemd-notify"; | ||
version = "1.0.1"; | ||
hash = "sha256-3I4j22jyIpokU4kdobkt6cDsALtxYFclA+DV+BqtmLY="; | ||
}).passthru.jar; | ||
|
||
quarkus-systemd-notify-deployment = (fetchMavenArtifact { | ||
groupId = "io.quarkiverse.systemd.notify"; | ||
artifactId = "quarkus-systemd-notify-deployment"; | ||
version = "1.0.1"; | ||
hash = "sha256-xHxzBxriSd/OU8gEcDG00VRkJYPYJDfAfPh/FkQe+zg="; | ||
}).passthru.jar; | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
diff --git a/quarkus/dist/src/main/content/bin/kc.sh b/quarkus/dist/src/main/content/bin/kc.sh | ||
index d7be862cde..16f9aa78e0 100644 | ||
--- a/bin/kc.sh | ||
+++ b/bin/kc.sh | ||
@@ -32,8 +32,8 @@ abs_path () { | ||
fi | ||
} | ||
|
||
-SERVER_OPTS="-Dkc.home.dir='$(abs_path '..')'" | ||
-SERVER_OPTS="$SERVER_OPTS -Djboss.server.config.dir='$(abs_path '../conf')'" | ||
+SERVER_OPTS="-Dkc.home.dir=$KC_HOME_DIR" | ||
+SERVER_OPTS="$SERVER_OPTS -Djboss.server.config.dir=$KC_CONF_DIR" | ||
SERVER_OPTS="$SERVER_OPTS -Djava.util.logging.manager=org.jboss.logmanager.LogManager" | ||
SERVER_OPTS="$SERVER_OPTS -Dquarkus-log-max-startup-records=10000" | ||
CLASSPATH_OPTS="'$(abs_path "../lib/quarkus-run.jar"):$(abs_path "../lib/bootstrap/*")'" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,90 @@ | ||
{ stdenv | ||
, lib | ||
, fetchzip | ||
, makeWrapper | ||
, jre | ||
, nixosTests | ||
, callPackage | ||
, confFile ? null | ||
, plugins ? [ ] | ||
, extraFeatures ? [ ] | ||
, disabledFeatures ? [ ] | ||
}: | ||
|
||
let | ||
featuresSubcommand = '' | ||
${lib.optionalString (extraFeatures != [ ]) "--features=${lib.concatStringsSep "," extraFeatures}"} \ | ||
${lib.optionalString (disabledFeatures != [ ]) "--features-disabled=${lib.concatStringsSep "," disabledFeatures}"} | ||
''; | ||
in stdenv.mkDerivation rec { | ||
pname = "keycloak"; | ||
version = "24.0.4"; | ||
|
||
src = fetchzip { | ||
url = "https://github.com/keycloak/keycloak/releases/download/${version}/keycloak-${version}.zip"; | ||
hash = "sha256-tqY3rYFRsRpbvms8DVtCp8nXl0hlX1CzuOVFCE+23o4="; | ||
}; | ||
|
||
nativeBuildInputs = [ makeWrapper jre ]; | ||
|
||
patches = [ | ||
# Make home.dir and config.dir configurable through the | ||
# KC_HOME_DIR and KC_CONF_DIR environment variables. | ||
./config_vars.patch | ||
]; | ||
|
||
buildPhase = '' | ||
runHook preBuild | ||
'' + lib.optionalString (confFile != null) '' | ||
install -m 0600 ${confFile} conf/keycloak.conf | ||
'' + '' | ||
install_plugin() { | ||
if [ -d "$1" ]; then | ||
find "$1" -type f \( -iname \*.ear -o -iname \*.jar \) -exec install -m 0500 "{}" "providers/" \; | ||
else | ||
install -m 0500 "$1" "providers/" | ||
fi | ||
} | ||
${lib.concatMapStringsSep "\n" (pl: "install_plugin ${lib.escapeShellArg pl}") plugins} | ||
'' + '' | ||
patchShebangs bin/kc.sh | ||
export KC_HOME_DIR=$(pwd) | ||
export KC_CONF_DIR=$(pwd)/conf | ||
bin/kc.sh build ${featuresSubcommand} | ||
runHook postBuild | ||
''; | ||
|
||
installPhase = '' | ||
runHook preInstall | ||
mkdir $out | ||
cp -r * $out | ||
rm $out/bin/*.{ps1,bat} | ||
runHook postInstall | ||
''; | ||
|
||
postFixup = '' | ||
for script in $(find $out/bin -type f -executable); do | ||
wrapProgram "$script" --set JAVA_HOME ${jre} --prefix PATH : ${jre}/bin | ||
done | ||
''; | ||
|
||
passthru = { | ||
tests = nixosTests.keycloak; | ||
plugins = callPackage ./all-plugins.nix { }; | ||
enabledPlugins = plugins; | ||
}; | ||
|
||
meta = with lib; { | ||
homepage = "https://www.keycloak.org/"; | ||
description = "Identity and access management for modern applications and services"; | ||
sourceProvenance = with sourceTypes; [ binaryBytecode ]; | ||
license = licenses.asl20; | ||
platforms = jre.meta.platforms; | ||
maintainers = with maintainers; [ ngerstle talyz nickcao ]; | ||
}; | ||
|
||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
{ stdenv | ||
, lib | ||
, fetchurl | ||
}: | ||
|
||
stdenv.mkDerivation rec { | ||
pname = "keycloak-discord"; | ||
version = "0.5.0"; | ||
|
||
src = fetchurl { | ||
url = "https://github.com/wadahiro/keycloak-discord/releases/download/v${version}/keycloak-discord-${version}.jar"; | ||
hash = "sha256-radvUu2a6t0lbo5f/ADqy7+I/ONXB7/8pk2d1BtYzQA="; | ||
}; | ||
|
||
dontUnpack = true; | ||
dontBuild = true; | ||
|
||
installPhase = '' | ||
runHook preInstall | ||
install -Dm444 "$src" "$out/keycloak-discord-$version.jar" | ||
runHook postInstall | ||
''; | ||
|
||
meta = with lib; { | ||
homepage = "https://github.com/wadahiro/keycloak-discord"; | ||
description = "Keycloak Social Login extension for Discord"; | ||
license = licenses.asl20; | ||
maintainers = with maintainers; [ mkg20001 ]; | ||
sourceProvenance = with sourceTypes; [ binaryBytecode ]; | ||
}; | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,33 @@ | ||
{ maven, stdenv, lib, fetchFromGitHub }: | ||
|
||
maven.buildMavenPackage rec { | ||
pname = "keycloak-metrics-spi"; | ||
version = "5.0.0"; | ||
|
||
src = fetchFromGitHub { | ||
owner = "aerogear"; | ||
repo = pname; | ||
rev = "refs/tags/${version}"; | ||
hash = "sha256-iagXbsKsU4vNP9eg05bwXEo67iij3N2FF0BW50MjRGE="; | ||
}; | ||
|
||
mvnHash = { | ||
aarch64-linux = "sha256-zO79pRrY8TqrSK4bB8l4pl6834aFX2pidyk1j9Itz1E=`"; | ||
x86_64-linux = "sha256-+ySBrQ9yQ5ZxuVUh/mnHNEmugru3n8x5VR/RYEDCLAo="; | ||
}.${stdenv.hostPlatform.system} or (throw "Unsupported system ${stdenv.hostPlatform.system} for ${pname}"); | ||
|
||
|
||
installPhase = '' | ||
runHook preInstall | ||
install -Dm444 -t "$out" target/keycloak-metrics-spi-*.jar | ||
runHook postInstall | ||
''; | ||
|
||
meta = with lib; { | ||
homepage = "https://github.com/aerogear/keycloak-metrics-spi"; | ||
description = "Keycloak Service Provider that adds a metrics endpoint"; | ||
license = licenses.asl20; | ||
maintainers = with maintainers; [ benley ]; | ||
platforms = [ "aarch64-linux" "x86_64-linux" ]; | ||
}; | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,28 @@ | ||
{ maven, lib, fetchFromGitHub }: | ||
|
||
maven.buildMavenPackage rec { | ||
pname = "keycloak-restrict-client-auth"; | ||
version = "24.0.0"; | ||
|
||
src = fetchFromGitHub { | ||
owner = "sventorben"; | ||
repo = "keycloak-restrict-client-auth"; | ||
rev = "v${version}"; | ||
hash = "sha256-Pk0tj8cTHSBwVIzINE7GLA5b/eI97wuOTvO7UoXBStM="; | ||
}; | ||
|
||
mvnHash = "sha256-Pk2yYuBqGs4k1KwaU06RQe1LpohZu0VI1pHEUBU3EUE="; | ||
|
||
installPhase = '' | ||
runHook preInstall | ||
install -Dm444 -t "$out" target/keycloak-restrict-client-auth.jar | ||
runHook postInstall | ||
''; | ||
|
||
meta = with lib; { | ||
homepage = "https://github.com/sventorben/keycloak-restrict-client-auth"; | ||
description = "A Keycloak authenticator to restrict authorization on clients"; | ||
license = licenses.mit; | ||
maintainers = with maintainers; [ leona ]; | ||
}; | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,33 @@ | ||
{ lib | ||
, fetchFromGitHub | ||
, maven | ||
}: | ||
|
||
maven.buildMavenPackage rec { | ||
pname = "scim-for-keycloak"; | ||
version = "kc-20-b1"; # When updating also update mvnHash | ||
|
||
src = fetchFromGitHub { | ||
owner = "Captain-P-Goldfish"; | ||
repo = "scim-for-keycloak"; | ||
rev = version; | ||
hash = "sha256-kHjCVkcD8C0tIaMExDlyQmcWMhypisR1nyG93laB8WU="; | ||
}; | ||
|
||
mvnHash = "sha256-cOuJSU57OuP+U7lI+pDD7g9HPIfZAoDPYLf+eO+XuF4="; | ||
|
||
installPhase = '' | ||
install -D "scim-for-keycloak-server/target/scim-for-keycloak-${version}.jar" "$out/scim-for-keycloak-${version}.jar" | ||
''; | ||
|
||
meta = with lib; { | ||
homepage = "https://github.com/Captain-P-Goldfish/scim-for-keycloak"; | ||
description = "A third party module that extends Keycloak with SCIM functionality"; | ||
sourceProvenance = with sourceTypes; [ | ||
fromSource | ||
binaryBytecode # dependencies | ||
]; | ||
license = licenses.bsd3; | ||
maintainers = with maintainers; [ mkg20001 ]; | ||
}; | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
{ lib | ||
, fetchFromGitHub | ||
, maven | ||
}: | ||
|
||
maven.buildMavenPackage { | ||
pname = "scim-keycloak-user-storage-spi"; | ||
version = "unstable-2024-02-14"; | ||
|
||
src = fetchFromGitHub { | ||
owner = "justin-stephenson"; | ||
repo = "scim-keycloak-user-storage-spi"; | ||
rev = "6c59915836d9a559983326bbb87f895324bb75e4"; | ||
hash = "sha256-BSso9lU542Aroxu0RIX6NARc10lGZ04A/WIWOVtdxHw="; | ||
}; | ||
|
||
mvnHash = "sha256-xbGlVZl3YtbF372kCDh+UdK5pLe6C6WnGgbEXahlyLw="; | ||
|
||
installPhase = '' | ||
install -D "target/scim-user-spi-0.0.1-SNAPSHOT.jar" "$out/scim-user-spi-0.0.1-SNAPSHOT.jar" | ||
''; | ||
|
||
meta = with lib; { | ||
homepage = "https://github.com/justin-stephenson/scim-keycloak-user-storage-spi"; | ||
description = "A third party module that extends Keycloak, allow for user storage in an external scimv2 server"; | ||
sourceProvenance = with sourceTypes; [ | ||
fromSource | ||
]; | ||
license = licenses.mit; | ||
maintainers = with maintainers; [ s1341 ]; | ||
}; | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.