Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

nixos/keycloak: add realmFiles option #273833

Merged
merged 1 commit into from
Mar 24, 2025
Merged

nixos/keycloak: add realmFiles option #273833

merged 1 commit into from
Mar 24, 2025
+41 −1

Conversation

rorosen
Copy link
Contributor

@rorosen rorosen commented Dec 12, 2023

Description of changes

Enable realm imports during startup as described in the corresponding Keycloak guide.

Things done

  • Built on platform(s)
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • For non-Linux: Is sandboxing enabled in nix.conf? (See Nix manual)
    • sandbox = relaxed
    • sandbox = true
  • Tested, as applicable:
  • Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
  • Tested basic functionality of all binary files (usually in ./result/bin/)
  • 24.05 Release Notes (or backporting 23.05 and 23.11 Release notes)
    • (Package updates) Added a release notes entry if the change is major or breaking
    • (Module updates) Added a release notes entry if the change is significant
    • (Module addition) Added a release notes entry if adding a new NixOS module
  • Fits CONTRIBUTING.md.

Add a 👍 reaction to pull requests you find important.

@github-actions github-actions bot added 6.topic: nixos Issues or PRs affecting NixOS modules, or package usability issues specific to NixOS 8.has: module (update) This PR changes an existing module in `nixos/` labels Dec 12, 2023
@rorosen rorosen force-pushed the keycloak-realm-import branch from 8698eec to 13e3082 Compare December 12, 2023 21:25
@ofborg ofborg bot added 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin 10.rebuild-linux: 1-10 labels Dec 12, 2023
@wegank wegank added the 2.status: merge conflict This PR has merge conflicts with the target branch label May 22, 2024
@wegank wegank added the 2.status: stale https://github.com/NixOS/nixpkgs/blob/master/.github/STALE-BOT.md label Jul 4, 2024
@onny
Copy link
Contributor

onny commented Jul 20, 2024

This is a nice feature, could you rebase the PR to resolve the merge conflict?

@stale stale bot removed the 2.status: stale https://github.com/NixOS/nixpkgs/blob/master/.github/STALE-BOT.md label Jul 20, 2024
@rorosen rorosen force-pushed the keycloak-realm-import branch 2 times, most recently from 09b0b67 to 162639e Compare July 20, 2024 16:32
@rorosen
Copy link
Contributor Author

rorosen commented Jul 20, 2024

Sorry, I lost track of it. The merge conflict is resolved now.

@ofborg ofborg bot removed the 2.status: merge conflict This PR has merge conflicts with the target branch label Jul 20, 2024
@onny onny self-requested a review July 20, 2024 18:03
onny
onny approved these changes Jul 20, 2024
View reviewed changes
Copy link
Contributor

@onny onny left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

tested and works for me 👍 really usefull

onny
onny reviewed Jul 20, 2024
View reviewed changes
Copy link
Contributor

@onny onny left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@onny
Copy link
Contributor

onny commented Jul 21, 2024

We could also add a note to the 24.11 release notes about this new feature :)

@rorosen rorosen force-pushed the keycloak-realm-import branch 2 times, most recently from 5e6c4f2 to 7986289 Compare July 21, 2024 11:52
@github-actions github-actions bot added 8.has: documentation This PR adds or changes documentation 8.has: changelog labels Jul 21, 2024
@onny
Copy link
Contributor

onny commented Jul 21, 2024

Just thought about managing the realm files in /run/keycloak/... via systemd.tmpfiles? so if we remove one from the realmFiles option, it gets removed from the /run-directory too

@onny
Copy link
Contributor

onny commented Jul 22, 2024

For example

systemd.tmpfiles.rules = [
  "L+ /run/keycloak/data/import/myrealm.json - - - - "${pkgs.writeText "myrealm.json" builtins.toJSON realmJSON}"
];

@rorosen
Copy link
Contributor Author

rorosen commented Jul 22, 2024

I tested this but the links also don't get removed during rebuild when using systemd.tmpfiles. I don't see how systemd would clean up links, except we set an age. However, I'm very fine with using systemd.tmpfiles anyway instead of installing the realm files.

@wegank wegank added the 2.status: merge conflict This PR has merge conflicts with the target branch label Sep 10, 2024
@rorosen rorosen force-pushed the keycloak-realm-import branch from 7986289 to 181e5d5 Compare January 11, 2025 12:59
@github-actions github-actions bot removed 8.has: documentation This PR adds or changes documentation 8.has: changelog labels Jan 11, 2025
@rorosen rorosen requested a review from NickCao January 11, 2025 13:04
@rorosen
Copy link
Contributor Author

rorosen commented Jan 11, 2025

I rebased to resolve conflicts and it uses tmpfiles to link the realm files now.

@rorosen rorosen removed the 2.status: merge conflict This PR has merge conflicts with the target branch label Jan 11, 2025
@onny
Copy link
Contributor

onny commented Jan 13, 2025

Looks nice, I'll give it a try! Would you mind adding a note to the 25.05 release notes?

@rorosen rorosen force-pushed the keycloak-realm-import branch from 181e5d5 to 7f168f0 Compare January 13, 2025 16:48
@github-actions github-actions bot added 8.has: documentation This PR adds or changes documentation 8.has: changelog labels Jan 13, 2025
@rorosen
Copy link
Contributor Author

rorosen commented Jan 13, 2025

Would you mind adding a note to the 25.05 release notes?

Done

@rorosen rorosen force-pushed the keycloak-realm-import branch from 7f168f0 to 9479e34 Compare January 13, 2025 16:50
@wegank wegank added the 2.status: merge conflict This PR has merge conflicts with the target branch label Mar 16, 2025
@rorosen
nixos/keycloak: add realmFiles option
cd10f9a 
Add an option to import Keycloak realms during
startup from exported realm files.
@rorosen rorosen force-pushed the keycloak-realm-import branch from 9479e34 to cd10f9a Compare March 20, 2025 11:07
@ofborg ofborg bot removed the 2.status: merge conflict This PR has merge conflicts with the target branch label Mar 20, 2025
frederictobiasc
frederictobiasc approved these changes Mar 20, 2025
View reviewed changes
Copy link
Contributor

@frederictobiasc frederictobiasc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. Would be nice if we could get this merged.

@wegank wegank added the 12.approvals: 1 This PR was reviewed and approved by one reputable person label Mar 21, 2025
@onny onny merged commit 82a382e into NixOS:master Mar 24, 2025
29 checks passed
@onny
Copy link
Contributor

onny commented Mar 24, 2025

Thank you!

@rorosen rorosen deleted the keycloak-realm-import branch March 24, 2025 12:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@onny onny

@frederictobiasc frederictobiasc

@NickCao NickCao

Assignees
No one assigned
Labels
6.topic: nixos Issues or PRs affecting NixOS modules, or package usability issues specific to NixOS 8.has: changelog 8.has: documentation This PR adds or changes documentation 8.has: module (update) This PR changes an existing module in `nixos/` 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin 10.rebuild-linux: 1-10 12.approvals: 1 This PR was reviewed and approved by one reputable person
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@rorosen @onny @frederictobiasc @wegank