Platform Unstable #97
9 changed files with 1 additions and 272 deletions
|
@ -38,7 +38,7 @@ super: rec {
|
||||||
|
|
||||||
kanidm = patch super.kanidm "patches/base/kanidm";
|
kanidm = patch super.kanidm "patches/base/kanidm";
|
||||||
|
|
||||||
keycloak = super.callPackage ./security/keycloak {
|
keycloak = super.keycloak.override {
|
||||||
jre = jre17_standard;
|
jre = jre17_standard;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -1,9 +0,0 @@
|
||||||
{ callPackage }:
|
|
||||||
|
|
||||||
{
|
|
||||||
scim-for-keycloak = callPackage ./scim-for-keycloak {};
|
|
||||||
scim-keycloak-user-storage-spi = callPackage ./scim-keycloak-user-storage-spi {};
|
|
||||||
keycloak-discord = callPackage ./keycloak-discord {};
|
|
||||||
keycloak-metrics-spi = callPackage ./keycloak-metrics-spi {};
|
|
||||||
keycloak-restrict-client-auth = callPackage ./keycloak-restrict-client-auth {};
|
|
||||||
}
|
|
|
@ -1,15 +0,0 @@
|
||||||
diff --git a/quarkus/dist/src/main/content/bin/kc.sh b/quarkus/dist/src/main/content/bin/kc.sh
|
|
||||||
index d7be862cde..16f9aa78e0 100644
|
|
||||||
--- a/bin/kc.sh
|
|
||||||
+++ b/bin/kc.sh
|
|
||||||
@@ -32,8 +32,8 @@ abs_path () {
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
|
|
||||||
-SERVER_OPTS="-Dkc.home.dir='$(abs_path '..')'"
|
|
||||||
-SERVER_OPTS="$SERVER_OPTS -Djboss.server.config.dir='$(abs_path '../conf')'"
|
|
||||||
+SERVER_OPTS="-Dkc.home.dir=$KC_HOME_DIR"
|
|
||||||
+SERVER_OPTS="$SERVER_OPTS -Djboss.server.config.dir=$KC_CONF_DIR"
|
|
||||||
SERVER_OPTS="$SERVER_OPTS -Djava.util.logging.manager=org.jboss.logmanager.LogManager"
|
|
||||||
SERVER_OPTS="$SERVER_OPTS -Dquarkus-log-max-startup-records=10000"
|
|
||||||
CLASSPATH_OPTS="'$(abs_path "../lib/quarkus-run.jar"):$(abs_path "../lib/bootstrap/*")'"
|
|
|
@ -1,90 +0,0 @@
|
||||||
{ stdenv
|
|
||||||
, lib
|
|
||||||
, fetchzip
|
|
||||||
, makeWrapper
|
|
||||||
, jre
|
|
||||||
, nixosTests
|
|
||||||
, callPackage
|
|
||||||
, confFile ? null
|
|
||||||
, plugins ? [ ]
|
|
||||||
, extraFeatures ? [ ]
|
|
||||||
, disabledFeatures ? [ ]
|
|
||||||
}:
|
|
||||||
|
|
||||||
let
|
|
||||||
featuresSubcommand = ''
|
|
||||||
${lib.optionalString (extraFeatures != [ ]) "--features=${lib.concatStringsSep "," extraFeatures}"} \
|
|
||||||
${lib.optionalString (disabledFeatures != [ ]) "--features-disabled=${lib.concatStringsSep "," disabledFeatures}"}
|
|
||||||
'';
|
|
||||||
in stdenv.mkDerivation rec {
|
|
||||||
pname = "keycloak";
|
|
||||||
version = "24.0.4";
|
|
||||||
|
|
||||||
src = fetchzip {
|
|
||||||
url = "https://github.com/keycloak/keycloak/releases/download/${version}/keycloak-${version}.zip";
|
|
||||||
hash = "sha256-tqY3rYFRsRpbvms8DVtCp8nXl0hlX1CzuOVFCE+23o4=";
|
|
||||||
};
|
|
||||||
|
|
||||||
nativeBuildInputs = [ makeWrapper jre ];
|
|
||||||
|
|
||||||
patches = [
|
|
||||||
# Make home.dir and config.dir configurable through the
|
|
||||||
# KC_HOME_DIR and KC_CONF_DIR environment variables.
|
|
||||||
./config_vars.patch
|
|
||||||
];
|
|
||||||
|
|
||||||
buildPhase = ''
|
|
||||||
runHook preBuild
|
|
||||||
'' + lib.optionalString (confFile != null) ''
|
|
||||||
install -m 0600 ${confFile} conf/keycloak.conf
|
|
||||||
'' + ''
|
|
||||||
install_plugin() {
|
|
||||||
if [ -d "$1" ]; then
|
|
||||||
find "$1" -type f \( -iname \*.ear -o -iname \*.jar \) -exec install -m 0500 "{}" "providers/" \;
|
|
||||||
else
|
|
||||||
install -m 0500 "$1" "providers/"
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
${lib.concatMapStringsSep "\n" (pl: "install_plugin ${lib.escapeShellArg pl}") plugins}
|
|
||||||
'' + ''
|
|
||||||
patchShebangs bin/kc.sh
|
|
||||||
export KC_HOME_DIR=$(pwd)
|
|
||||||
export KC_CONF_DIR=$(pwd)/conf
|
|
||||||
bin/kc.sh build ${featuresSubcommand}
|
|
||||||
|
|
||||||
runHook postBuild
|
|
||||||
'';
|
|
||||||
|
|
||||||
installPhase = ''
|
|
||||||
runHook preInstall
|
|
||||||
|
|
||||||
mkdir $out
|
|
||||||
cp -r * $out
|
|
||||||
|
|
||||||
rm $out/bin/*.{ps1,bat}
|
|
||||||
|
|
||||||
runHook postInstall
|
|
||||||
'';
|
|
||||||
|
|
||||||
postFixup = ''
|
|
||||||
for script in $(find $out/bin -type f -executable); do
|
|
||||||
wrapProgram "$script" --set JAVA_HOME ${jre} --prefix PATH : ${jre}/bin
|
|
||||||
done
|
|
||||||
'';
|
|
||||||
|
|
||||||
passthru = {
|
|
||||||
tests = nixosTests.keycloak;
|
|
||||||
plugins = callPackage ./all-plugins.nix { };
|
|
||||||
enabledPlugins = plugins;
|
|
||||||
};
|
|
||||||
|
|
||||||
meta = with lib; {
|
|
||||||
homepage = "https://www.keycloak.org/";
|
|
||||||
description = "Identity and access management for modern applications and services";
|
|
||||||
sourceProvenance = with sourceTypes; [ binaryBytecode ];
|
|
||||||
license = licenses.asl20;
|
|
||||||
platforms = jre.meta.platforms;
|
|
||||||
maintainers = with maintainers; [ ngerstle talyz nickcao ];
|
|
||||||
};
|
|
||||||
|
|
||||||
}
|
|
|
@ -1,31 +0,0 @@
|
||||||
{ stdenv
|
|
||||||
, lib
|
|
||||||
, fetchurl
|
|
||||||
}:
|
|
||||||
|
|
||||||
stdenv.mkDerivation rec {
|
|
||||||
pname = "keycloak-discord";
|
|
||||||
version = "0.5.0";
|
|
||||||
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://github.com/wadahiro/keycloak-discord/releases/download/v${version}/keycloak-discord-${version}.jar";
|
|
||||||
hash = "sha256-radvUu2a6t0lbo5f/ADqy7+I/ONXB7/8pk2d1BtYzQA=";
|
|
||||||
};
|
|
||||||
|
|
||||||
dontUnpack = true;
|
|
||||||
dontBuild = true;
|
|
||||||
|
|
||||||
installPhase = ''
|
|
||||||
runHook preInstall
|
|
||||||
install -Dm444 "$src" "$out/keycloak-discord-$version.jar"
|
|
||||||
runHook postInstall
|
|
||||||
'';
|
|
||||||
|
|
||||||
meta = with lib; {
|
|
||||||
homepage = "https://github.com/wadahiro/keycloak-discord";
|
|
||||||
description = "Keycloak Social Login extension for Discord";
|
|
||||||
license = licenses.asl20;
|
|
||||||
maintainers = with maintainers; [ mkg20001 ];
|
|
||||||
sourceProvenance = with sourceTypes; [ binaryBytecode ];
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,33 +0,0 @@
|
||||||
{ maven, stdenv, lib, fetchFromGitHub }:
|
|
||||||
|
|
||||||
maven.buildMavenPackage rec {
|
|
||||||
pname = "keycloak-metrics-spi";
|
|
||||||
version = "5.0.0";
|
|
||||||
|
|
||||||
src = fetchFromGitHub {
|
|
||||||
owner = "aerogear";
|
|
||||||
repo = pname;
|
|
||||||
rev = "refs/tags/${version}";
|
|
||||||
hash = "sha256-iagXbsKsU4vNP9eg05bwXEo67iij3N2FF0BW50MjRGE=";
|
|
||||||
};
|
|
||||||
|
|
||||||
mvnHash = {
|
|
||||||
aarch64-linux = "sha256-zO79pRrY8TqrSK4bB8l4pl6834aFX2pidyk1j9Itz1E=`";
|
|
||||||
x86_64-linux = "sha256-+ySBrQ9yQ5ZxuVUh/mnHNEmugru3n8x5VR/RYEDCLAo=";
|
|
||||||
}.${stdenv.hostPlatform.system} or (throw "Unsupported system ${stdenv.hostPlatform.system} for ${pname}");
|
|
||||||
|
|
||||||
|
|
||||||
installPhase = ''
|
|
||||||
runHook preInstall
|
|
||||||
install -Dm444 -t "$out" target/keycloak-metrics-spi-*.jar
|
|
||||||
runHook postInstall
|
|
||||||
'';
|
|
||||||
|
|
||||||
meta = with lib; {
|
|
||||||
homepage = "https://github.com/aerogear/keycloak-metrics-spi";
|
|
||||||
description = "Keycloak Service Provider that adds a metrics endpoint";
|
|
||||||
license = licenses.asl20;
|
|
||||||
maintainers = with maintainers; [ benley ];
|
|
||||||
platforms = [ "aarch64-linux" "x86_64-linux" ];
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,28 +0,0 @@
|
||||||
{ maven, lib, fetchFromGitHub }:
|
|
||||||
|
|
||||||
maven.buildMavenPackage rec {
|
|
||||||
pname = "keycloak-restrict-client-auth";
|
|
||||||
version = "24.0.0";
|
|
||||||
|
|
||||||
src = fetchFromGitHub {
|
|
||||||
owner = "sventorben";
|
|
||||||
repo = "keycloak-restrict-client-auth";
|
|
||||||
rev = "v${version}";
|
|
||||||
hash = "sha256-Pk0tj8cTHSBwVIzINE7GLA5b/eI97wuOTvO7UoXBStM=";
|
|
||||||
};
|
|
||||||
|
|
||||||
mvnHash = "sha256-Pk2yYuBqGs4k1KwaU06RQe1LpohZu0VI1pHEUBU3EUE=";
|
|
||||||
|
|
||||||
installPhase = ''
|
|
||||||
runHook preInstall
|
|
||||||
install -Dm444 -t "$out" target/keycloak-restrict-client-auth.jar
|
|
||||||
runHook postInstall
|
|
||||||
'';
|
|
||||||
|
|
||||||
meta = with lib; {
|
|
||||||
homepage = "https://github.com/sventorben/keycloak-restrict-client-auth";
|
|
||||||
description = "A Keycloak authenticator to restrict authorization on clients";
|
|
||||||
license = licenses.mit;
|
|
||||||
maintainers = with maintainers; [ leona ];
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,33 +0,0 @@
|
||||||
{ lib
|
|
||||||
, fetchFromGitHub
|
|
||||||
, maven
|
|
||||||
}:
|
|
||||||
|
|
||||||
maven.buildMavenPackage rec {
|
|
||||||
pname = "scim-for-keycloak";
|
|
||||||
version = "kc-20-b1"; # When updating also update mvnHash
|
|
||||||
|
|
||||||
src = fetchFromGitHub {
|
|
||||||
owner = "Captain-P-Goldfish";
|
|
||||||
repo = "scim-for-keycloak";
|
|
||||||
rev = version;
|
|
||||||
hash = "sha256-kHjCVkcD8C0tIaMExDlyQmcWMhypisR1nyG93laB8WU=";
|
|
||||||
};
|
|
||||||
|
|
||||||
mvnHash = "sha256-cOuJSU57OuP+U7lI+pDD7g9HPIfZAoDPYLf+eO+XuF4=";
|
|
||||||
|
|
||||||
installPhase = ''
|
|
||||||
install -D "scim-for-keycloak-server/target/scim-for-keycloak-${version}.jar" "$out/scim-for-keycloak-${version}.jar"
|
|
||||||
'';
|
|
||||||
|
|
||||||
meta = with lib; {
|
|
||||||
homepage = "https://github.com/Captain-P-Goldfish/scim-for-keycloak";
|
|
||||||
description = "A third party module that extends Keycloak with SCIM functionality";
|
|
||||||
sourceProvenance = with sourceTypes; [
|
|
||||||
fromSource
|
|
||||||
binaryBytecode # dependencies
|
|
||||||
];
|
|
||||||
license = licenses.bsd3;
|
|
||||||
maintainers = with maintainers; [ mkg20001 ];
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,32 +0,0 @@
|
||||||
{ lib
|
|
||||||
, fetchFromGitHub
|
|
||||||
, maven
|
|
||||||
}:
|
|
||||||
|
|
||||||
maven.buildMavenPackage {
|
|
||||||
pname = "scim-keycloak-user-storage-spi";
|
|
||||||
version = "unstable-2024-02-14";
|
|
||||||
|
|
||||||
src = fetchFromGitHub {
|
|
||||||
owner = "justin-stephenson";
|
|
||||||
repo = "scim-keycloak-user-storage-spi";
|
|
||||||
rev = "6c59915836d9a559983326bbb87f895324bb75e4";
|
|
||||||
hash = "sha256-BSso9lU542Aroxu0RIX6NARc10lGZ04A/WIWOVtdxHw=";
|
|
||||||
};
|
|
||||||
|
|
||||||
mvnHash = "sha256-xbGlVZl3YtbF372kCDh+UdK5pLe6C6WnGgbEXahlyLw=";
|
|
||||||
|
|
||||||
installPhase = ''
|
|
||||||
install -D "target/scim-user-spi-0.0.1-SNAPSHOT.jar" "$out/scim-user-spi-0.0.1-SNAPSHOT.jar"
|
|
||||||
'';
|
|
||||||
|
|
||||||
meta = with lib; {
|
|
||||||
homepage = "https://github.com/justin-stephenson/scim-keycloak-user-storage-spi";
|
|
||||||
description = "A third party module that extends Keycloak, allow for user storage in an external scimv2 server";
|
|
||||||
sourceProvenance = with sourceTypes; [
|
|
||||||
fromSource
|
|
||||||
];
|
|
||||||
license = licenses.mit;
|
|
||||||
maintainers = with maintainers; [ s1341 ];
|
|
||||||
};
|
|
||||||
}
|
|
Loading…
Reference in a new issue