hosting/selfhostblocks
1
0
Fork 0
Code Issues Activity

use keys attrs for dependencies in keycloak service

Browse source
This commit is contained in:
ibizaman 2022-12-03 22:35:20 -08:00
parent 453899c46a
commit 2b332886c4
4 changed files with 16 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
keycloak-cli-config/mkunit.nix
View file

@ -9,6 +9,7 @@
, keycloakAvailabilityTimeout ? "120s" , keycloakAvailabilityTimeout ? "120s"
, keycloakUrl , keycloakUrl
, keycloakUser , keycloakUser
, keys
, dependsOn ? {} , dependsOn ? {}
}: }:
@ -21,7 +22,8 @@
inherit keycloakServiceName; inherit keycloakServiceName;
inherit keycloakSecretsDir inherit keycloakSecretsDir
keycloakAvailabilityTimeout keycloakAvailabilityTimeout
keycloakUrl keycloakUser; keycloakUrl keycloakUser
keys;
}; };
inherit dependsOn; inherit dependsOn;

10
keycloak-cli-config/unit.nix
View file

@ -11,6 +11,7 @@
, keycloakAvailabilityTimeout ? "120s" , keycloakAvailabilityTimeout ? "120s"
, keycloakUrl , keycloakUrl
, keycloakUser , keycloakUser
, keys
, debug ? false , debug ? false
}: }:
{...}: {...}:
@ -40,10 +41,6 @@ let
"LOGGING_LEVEL_KEYCLOAKCONFIGCLI=debug" "LOGGING_LEVEL_KEYCLOAKCONFIGCLI=debug"
])); ]));
envfiles = lib.concatMapStrings (x: "\nEnvironmentFile=" + x) ([
"/run/keys/keycloakusers"
]);
keycloak-cli-config = pkgs.stdenv.mkDerivation rec { keycloak-cli-config = pkgs.stdenv.mkDerivation rec {
pname = "keycloak-cli-config"; pname = "keycloak-cli-config";
version = "5.3.1"; version = "5.3.1";
@ -74,12 +71,15 @@ utils.systemd.mkService rec {
Description=Keycloak Realm Config Description=Keycloak Realm Config
After=${keycloakServiceName} After=${keycloakServiceName}
Wants=${keycloakServiceName} Wants=${keycloakServiceName}
After=${utils.keyServiceDependencies keys}
Wants=${utils.keyServiceDependencies keys}
[Service] [Service]
User=keycloakcli User=keycloakcli
Group=keycloakcli Group=keycloakcli
Type=oneshot${envs}${envfiles} ${utils.keyEnvironmentFile keys.userpasswords}
Type=oneshot${envs}
ExecStart=${pkgs.jre}/bin/java -jar ${keycloak-cli-config}/bin/keycloak-cli-config.jar ExecStart=${pkgs.jre}/bin/java -jar ${keycloak-cli-config}/bin/keycloak-cli-config.jar
RuntimeDirectory=keycloak-cli-config RuntimeDirectory=keycloak-cli-config

5
keycloak/mkunit.nix
View file

@ -5,10 +5,9 @@
, configFile , configFile
, user , user
, group , group
, dbPasswordFile
, postgresServiceName , postgresServiceName
, initialAdminUsername ? "admin" , initialAdminUsername ? "admin"
, initialAdminFile ? null , keys
, dependsOn ? {} , dependsOn ? {}
}: }:
@ -20,7 +19,7 @@
pkg = KeycloakService { pkg = KeycloakService {
inherit configDir configFile; inherit configDir configFile;
inherit user group; inherit user group;
inherit dbPasswordFile initialAdminUsername initialAdminFile; inherit keys initialAdminUsername;
inherit postgresServiceName; inherit postgresServiceName;
}; };

10
keycloak/unit.nix
View file

@ -8,10 +8,9 @@
, user ? "keycloak" , user ? "keycloak"
, group ? "keycloak" , group ? "keycloak"
, dbType ? "postgres" , dbType ? "postgres"
, dbPasswordFile
, postgresServiceName , postgresServiceName
, initialAdminUsername ? null , initialAdminUsername ? null
, initialAdminFile ? null , keys
}: }:
{ ... }: { ... }:
@ -26,6 +25,7 @@ let
}; };
in in
with lib.attrsets;
utils.systemd.mkService rec { utils.systemd.mkService rec {
name = "keycloak"; name = "keycloak";
@ -34,14 +34,16 @@ utils.systemd.mkService rec {
Description=Keycloak server Description=Keycloak server
After=network-online.target After=network-online.target
Wants=network-online.target systemd-networkd-wait-online.service ${postgresServiceName} Wants=network-online.target systemd-networkd-wait-online.service ${postgresServiceName}
After=${utils.keyServiceDependencies keys}
Wants=${utils.keyServiceDependencies keys}
[Service] [Service]
User=${user} User=${user}
Group=${group} Group=${group}
EnvironmentFile=${dbPasswordFile} ${utils.keyEnvironmentFile keys.dbPassword}
${if initialAdminUsername != null then "Environment=KEYCLOAK_ADMIN="+initialAdminUsername else ""} ${if initialAdminUsername != null then "Environment=KEYCLOAK_ADMIN="+initialAdminUsername else ""}
${if initialAdminFile != null then "EnvironmentFile="+initialAdminFile else ""} ${if hasAttr "initialAdminPassword" keys then utils.keyEnvironmentFile keys.initialAdminPassword else ""}
Environment=PATH=${pkgs.coreutils}/bin Environment=PATH=${pkgs.coreutils}/bin
Environment=KC_HOME_DIR="/run/keycloak" Environment=KC_HOME_DIR="/run/keycloak"