hosting/selfhostblocks
1
0
Fork 0
Code Issues Activity

merge config with unit for keycloak-cli-config

Browse source
This commit is contained in:
ibizaman 2023-01-14 20:53:59 -08:00
parent 61bad67112
commit f7a9e97a13
5 changed files with 51 additions and 129 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
all-packages.nix
View file

@ -19,10 +19,7 @@ let
CaddySiteConfig = callPackage ./caddy/siteconfig.nix {inherit utils;}; CaddySiteConfig = callPackage ./caddy/siteconfig.nix {inherit utils;};
mkCaddySiteConfig = callPackage ./caddy/mksiteconfig.nix {inherit CaddySiteConfig;}; mkCaddySiteConfig = callPackage ./caddy/mksiteconfig.nix {inherit CaddySiteConfig;};
NginxService = callPackage ./nginx/unit.nix {inherit utils;}; mkNginxService = callPackage ./nginx/unit.nix {inherit utils;};
mkNginxService = callPackage ./nginx/mkunit.nix {inherit NginxService;};
NginxSiteConfig = callPackage ./nginx/siteconfig.nix {inherit utils;};
mkNginxSiteConfig = callPackage ./nginx/mksiteconfig.nix {inherit NginxSiteConfig;};
PHPConfig = callPackage ./php/config.nix {inherit utils;}; PHPConfig = callPackage ./php/config.nix {inherit utils;};
mkPHPSiteConfig = callPackage ./php/siteconfig.nix {inherit PHPConfig;}; mkPHPSiteConfig = callPackage ./php/siteconfig.nix {inherit PHPConfig;};
@ -38,10 +35,7 @@ let
mkKeycloakHaproxyService = callPackage ./keycloak-haproxy/unit.nix {inherit utils;}; mkKeycloakHaproxyService = callPackage ./keycloak-haproxy/unit.nix {inherit utils;};
KeycloakCliConfig = callPackage ./keycloak-cli-config/config.nix {inherit utils;}; mkKeycloakCliService = callPackage ./keycloak-cli-config/unit.nix {inherit utils;};
mkKeycloakCliConfig = callPackage ./keycloak-cli-config/mkconfig.nix {inherit KeycloakCliConfig;};
KeycloakCliService = callPackage ./keycloak-cli-config/unit.nix {inherit utils;};
mkKeycloakCliService = callPackage ./keycloak-cli-config/mkunit.nix {inherit KeycloakCliService;};
TtrssEnvironment = callPackage ./ttrss/environment.nix {}; TtrssEnvironment = callPackage ./ttrss/environment.nix {};
TtrssConfig = callPackage ./ttrss/config.nix {}; TtrssConfig = callPackage ./ttrss/config.nix {};

25
keycloak-cli-config/config.nix
View file

@ -1,25 +0,0 @@
{ stdenv
, pkgs
, lib
, utils
}:
{ configDir ? "/etc/keycloak-cli-config"
, configFile ? "config.json"
, realm
, domain
, roles ? {}
, clients ? {}
, users ? {}
}:
let
configcreator = pkgs.callPackage ./configcreator.nix {};
in
utils.mkConfigFile {
name = configFile;
dir = configDir;
content = builtins.toJSON (configcreator {
inherit realm domain roles clients users;
});
}

24
keycloak-cli-config/mkconfig.nix
View file

@ -1,24 +0,0 @@
{ KeycloakCliConfig
}:
{ name
, configDir ? "/etc/keycloak-cli-config"
, configFile ? "config.json"
, realm
, domain
, roles ? {}
, clients ? {}
, users ? {}
}:
{
inherit name configDir configFile;
pkg = KeycloakCliConfig {
inherit configDir configFile;
inherit realm domain roles clients users;
};
type = "fileset";
}

31
keycloak-cli-config/mkunit.nix
View file

@ -1,31 +0,0 @@
{ KeycloakCliService
}:
{ name
, configDir
, configFile
, keycloakServiceName
, keycloakSecretsDir
, keycloakAvailabilityTimeout ? "120s"
, keycloakUrl
, keycloakUser
, keys
, dependsOn ? {}
}:
{
inherit name configDir configFile;
pkg = KeycloakCliService {
inherit configDir configFile;
inherit keycloakServiceName;
inherit keycloakSecretsDir
keycloakAvailabilityTimeout
keycloakUrl keycloakUser
keys;
};
inherit dependsOn;
type = "systemd-unit";
}

24
keycloak-cli-config/unit.nix
View file

@ -3,8 +3,9 @@
, lib , lib
, utils , utils
}: }:
{ configDir ? "/etc/keycloak-cli-config" { name
, configFile ? null
, config
, keycloakServiceName , keycloakServiceName
, keycloakSecretsDir , keycloakSecretsDir
@ -13,8 +14,8 @@
, keycloakUser , keycloakUser
, keys , keys
, debug ? false , debug ? false
}:
{ ... , dependsOn ? {}
}: }:
# https://github.com/adorsys/keycloak-config-cli # https://github.com/adorsys/keycloak-config-cli
@ -22,9 +23,9 @@
# Password must be given through a file name "keycloak.password" under keycloakSecretsDir. # Password must be given through a file name "keycloak.password" under keycloakSecretsDir.
let let
configcreator = pkgs.callPackage ./configcreator.nix {};
configFileLocation = configfile = pkgs.writeText "keycloakcliconfig.json" (builtins.toJSON (configcreator config));
configDir + (if configFile != null then "/" + configFile else "");
envs = lib.concatMapStrings (x: "\nEnvironment=" + x) ([ envs = lib.concatMapStrings (x: "\nEnvironment=" + x) ([
"SPRING_CONFIG_IMPORT=configtree:${keycloakSecretsDir}/" "SPRING_CONFIG_IMPORT=configtree:${keycloakSecretsDir}/"
@ -33,7 +34,7 @@ let
"KEYCLOAK_AVAILABILITYCHECK_ENABLED=true" "KEYCLOAK_AVAILABILITYCHECK_ENABLED=true"
"KEYCLOAK_AVAILABILITYCHECK_TIMEOUT=${keycloakAvailabilityTimeout}" "KEYCLOAK_AVAILABILITYCHECK_TIMEOUT=${keycloakAvailabilityTimeout}"
"IMPORT_VARSUBSTITUTION_ENABLED=true" "IMPORT_VARSUBSTITUTION_ENABLED=true"
"IMPORT_FILES_LOCATIONS=${configFileLocation}" "IMPORT_FILES_LOCATIONS=${configfile}"
] ++ (if !debug then [] else [ ] ++ (if !debug then [] else [
"DEBUG=true" "DEBUG=true"
"LOGGING_LEVEL_ROOT=debug" "LOGGING_LEVEL_ROOT=debug"
@ -64,7 +65,10 @@ let
in in
utils.systemd.mkService rec { {
inherit name;
pkg = {...}: utils.systemd.mkService rec {
name = "keycloak-cli-config"; name = "keycloak-cli-config";
content = '' content = ''
@ -103,4 +107,8 @@ utils.systemd.mkService rec {
RestrictRealtime=true RestrictRealtime=true
RestrictSUIDSGID=true RestrictSUIDSGID=true
''; '';
};
inherit dependsOn;
type = "systemd-unit";
} }