From 2b332886c452353844957ab0bb5fce8ce37e6903 Mon Sep 17 00:00:00 2001 From: ibizaman Date: Sat, 3 Dec 2022 22:35:20 -0800 Subject: [PATCH] use keys attrs for dependencies in keycloak service --- keycloak-cli-config/mkunit.nix | 4 +++- keycloak-cli-config/unit.nix | 10 +++++----- keycloak/mkunit.nix | 5 ++--- keycloak/unit.nix | 10 ++++++---- 4 files changed, 16 insertions(+), 13 deletions(-) diff --git a/keycloak-cli-config/mkunit.nix b/keycloak-cli-config/mkunit.nix index 2c86ff6..4aec033 100644 --- a/keycloak-cli-config/mkunit.nix +++ b/keycloak-cli-config/mkunit.nix @@ -9,6 +9,7 @@ , keycloakAvailabilityTimeout ? "120s" , keycloakUrl , keycloakUser +, keys , dependsOn ? {} }: @@ -21,7 +22,8 @@ inherit keycloakServiceName; inherit keycloakSecretsDir keycloakAvailabilityTimeout - keycloakUrl keycloakUser; + keycloakUrl keycloakUser + keys; }; inherit dependsOn; diff --git a/keycloak-cli-config/unit.nix b/keycloak-cli-config/unit.nix index 4eb1ecd..a65d8e2 100644 --- a/keycloak-cli-config/unit.nix +++ b/keycloak-cli-config/unit.nix @@ -11,6 +11,7 @@ , keycloakAvailabilityTimeout ? "120s" , keycloakUrl , keycloakUser +, keys , debug ? false }: {...}: @@ -40,10 +41,6 @@ let "LOGGING_LEVEL_KEYCLOAKCONFIGCLI=debug" ])); - envfiles = lib.concatMapStrings (x: "\nEnvironmentFile=" + x) ([ - "/run/keys/keycloakusers" - ]); - keycloak-cli-config = pkgs.stdenv.mkDerivation rec { pname = "keycloak-cli-config"; version = "5.3.1"; @@ -74,12 +71,15 @@ utils.systemd.mkService rec { Description=Keycloak Realm Config After=${keycloakServiceName} Wants=${keycloakServiceName} + After=${utils.keyServiceDependencies keys} + Wants=${utils.keyServiceDependencies keys} [Service] User=keycloakcli Group=keycloakcli - Type=oneshot${envs}${envfiles} + ${utils.keyEnvironmentFile keys.userpasswords} + Type=oneshot${envs} ExecStart=${pkgs.jre}/bin/java -jar ${keycloak-cli-config}/bin/keycloak-cli-config.jar RuntimeDirectory=keycloak-cli-config diff --git a/keycloak/mkunit.nix b/keycloak/mkunit.nix index 150b681..489f11b 100644 --- a/keycloak/mkunit.nix +++ b/keycloak/mkunit.nix @@ -5,10 +5,9 @@ , configFile , user , group -, dbPasswordFile , postgresServiceName , initialAdminUsername ? "admin" -, initialAdminFile ? null +, keys , dependsOn ? {} }: @@ -20,7 +19,7 @@ pkg = KeycloakService { inherit configDir configFile; inherit user group; - inherit dbPasswordFile initialAdminUsername initialAdminFile; + inherit keys initialAdminUsername; inherit postgresServiceName; }; diff --git a/keycloak/unit.nix b/keycloak/unit.nix index 3bcaaa6..e91c192 100644 --- a/keycloak/unit.nix +++ b/keycloak/unit.nix @@ -8,10 +8,9 @@ , user ? "keycloak" , group ? "keycloak" , dbType ? "postgres" -, dbPasswordFile , postgresServiceName , initialAdminUsername ? null -, initialAdminFile ? null +, keys }: { ... }: @@ -26,6 +25,7 @@ let }; in +with lib.attrsets; utils.systemd.mkService rec { name = "keycloak"; @@ -34,14 +34,16 @@ utils.systemd.mkService rec { Description=Keycloak server After=network-online.target Wants=network-online.target systemd-networkd-wait-online.service ${postgresServiceName} + After=${utils.keyServiceDependencies keys} + Wants=${utils.keyServiceDependencies keys} [Service] User=${user} Group=${group} - EnvironmentFile=${dbPasswordFile} + ${utils.keyEnvironmentFile keys.dbPassword} ${if initialAdminUsername != null then "Environment=KEYCLOAK_ADMIN="+initialAdminUsername else ""} - ${if initialAdminFile != null then "EnvironmentFile="+initialAdminFile else ""} + ${if hasAttr "initialAdminPassword" keys then utils.keyEnvironmentFile keys.initialAdminPassword else ""} Environment=PATH=${pkgs.coreutils}/bin Environment=KC_HOME_DIR="/run/keycloak"