From bd800d16b2f4c69d57d34cc16ecb0145c86e5f3e Mon Sep 17 00:00:00 2001 From: Ubuntu Date: Tue, 15 Nov 2022 15:31:35 +0000 Subject: [PATCH] keycloak: scripts to create a new user --- keycloak.yaml | 2 ++ keycloak/create-user | 32 ++++++++++++++++++++++++++++++++ keycloak/keycloak-login.sh | 12 ++++++++++++ 3 files changed, 46 insertions(+) create mode 100755 keycloak/create-user create mode 100755 keycloak/keycloak-login.sh diff --git a/keycloak.yaml b/keycloak.yaml index 29af26b..d084373 100644 --- a/keycloak.yaml +++ b/keycloak.yaml @@ -38,6 +38,8 @@ services: - ./data/keycloak/certs:/etc/x509/https - ./data/keycloak/keycloak:/opt/keycloak/data - ./keycloak/client-create:/bin/client-create:ro + - ./keycloak/create-user:/bin/create-user:ro + - ./keycloak/keycloak-login.sh:/bin/keycloak-login.sh:ro - ./keycloak/entrypoint-setup.sh:/setup.sh:ro - ./keycloak/mail-setup.sh:/keycloak-setup/mail-setup.sh:ro - ./data/keycloak/secrets:/run/secrets/keycloak-secrets:ro diff --git a/keycloak/create-user b/keycloak/create-user new file mode 100755 index 0000000..aa4b5e0 --- /dev/null +++ b/keycloak/create-user @@ -0,0 +1,32 @@ +#!/bin/bash + +die() { echo >&2 "$@" ; exit 1 ; } +PATH=$PATH:/opt/local/keycloak/bin + +USERNAME="$1" +EMAIL="$2" + +if [ -z "$USERNAME" ] || [ -z "$EMAIL" ]; then + die "usage: $0 username email" +fi + +ID=$(kcadm.sh create users \ + -r $REALM \ + -s enabled=true \ + -s "username=$USERNAME" \ + -s "email=$EMAIL" \ +) +if [ -z "$ID" ]; then + die "$USERNAME: unable to create" +fi + +echo "$USERNAME: $ID" + +echo -n '["UPDATE_PASSWORD"]' | \ +kcadm.sh update \ + "users/$ID/execute-actions-email" \ + -r $REALM \ + -q client_id=hedgedoc \ + -q redirect_uri="https://${HEDGEDOC_HOSTNAME}.${DOMAIN_NAME}/s/Getting_started" \ + -f - + diff --git a/keycloak/keycloak-login.sh b/keycloak/keycloak-login.sh new file mode 100755 index 0000000..48aa5b1 --- /dev/null +++ b/keycloak/keycloak-login.sh @@ -0,0 +1,12 @@ +#!/bin/bash -x +# perform an authentication as admin so that all other scripts can +# use the cached credentials + +export PATH=$PATH:/opt/keycloak/bin +kcadm.sh \ + config credentials \ + --server http://keycloak:8080/ \ + --user admin \ + --password "$KEYCLOAK_ADMIN_PASSWORD" \ + --realm master \ +|| exit 1