-
Notifications
You must be signed in to change notification settings - Fork 20
/
keycloak-freeipa-trigger.sh
executable file
·92 lines (71 loc) · 2.93 KB
/
keycloak-freeipa-trigger.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
#!/bin/bash
echo "keycloak-freeipa-trigger.sh: Executed";
sed -i -e 's/[^!]\/bin\/bash/#\/bin\/bash/' /usr/sbin/ipa-server-configure-first
sed -i -e 's/while true/#while true/' /usr/sbin/ipa-server-configure-first
sed -i -e 's/trap/#trap/' /usr/sbin/ipa-server-configure-first
echo "Registering trap signals";
function stop_running () {
systemctl stop-running
exit
}
trap exit TERM
trap stop_running EXIT
echo "keycloak-freeipa-trigger.sh: Running ipa-server-configure-first";
/usr/sbin/ipa-server-configure-first
echo "keycloak-freeipa-trigger.sh: ipa-server-configure-first finished";
echo $PASSWORD | kinit admin
if ipa user-find hnelson; then
kdestroy
echo "keycloak-freeipa-trigger.sh: Example users hnelson and jduke already exists. Skip adding them";
else
ipa user-add hnelson --first=Horatio --last=Nelson
echo "Temp123
Temp123" | ipa passwd hnelson
echo "Temp123
Secret123
Secret123" | kinit hnelson
kdestroy
echo $PASSWORD | kinit admin
ipa user-add jduke --first=Java --last=Duke
echo "Temp123
Temp123" | ipa passwd jduke
echo "Temp123
Secret123
Secret123" | kinit jduke
kdestroy
echo "keycloak-freeipa-trigger.sh: Example users hnelson and jduke added to freeipa";
fi;
export HOST=$(hostname -f)
export LDAP_BASE_DN=$(hostname -f | sed s/[^\\.]*\\././ | sed s/\\./,dc=/g | sed s/,//)
export KERBEROS_REALM=$(cat /etc/krb5.conf | grep default_realm | awk -F"default_realm.=." '{print $2 }')
echo "keycloak-freeipa-trigger.sh: PASSWORD=$PASSWORD, KERBEROS_REALM=$KERBEROS_REALM, HOST=$HOST, LDAP_BASE_DN=$LDAP_BASE_DN";
cat /keycloak-work/freeipa-realm.json |
sed -i -e "s/\${ldapBaseDn}/$LDAP_BASE_DN/" /keycloak-work/freeipa-realm.json
sed -i -e "s/\${host}/$HOST/" /keycloak-work/freeipa-realm.json
sed -i -e "s/\${kerberosRealm}/$KERBEROS_REALM/" /keycloak-work/freeipa-realm.json
sed -i -e "s/\${password}/$PASSWORD/" /keycloak-work/freeipa-realm.json
echo "keycloak-freeipa-trigger.sh: File formatting finished. Final file: ";
cat /keycloak-work/freeipa-realm.json
# Done here instead of in Dockerfile just due to size of the image
if ls /keycloak-work/keycloak-demo* ; then
echo "keycloak-freeipa-trigger.sh: Keycloak already prepared. Skip preparing";
else
echo "keycloak-freeipa-trigger.sh: Preparing keycloak";
cd /keycloak-work
tar xf /keycloak-work/keycloak-dist/keycloak-demo*.tar.gz
mv /keycloak-work/keycloak-demo*/keycloak kc
fi;
echo "Set Java 8 as default java"
export JAVA_HOME="/keycloak-work/keycloak-dist/openjdk8";
export PATH="$JAVA_HOME/bin:$PATH";
echo "keycloak-freeipa-trigger.sh: Running keycloak";
cd /keycloak-work/kc/bin
./add-user-keycloak.sh -r master -u admin -p admin
./standalone.sh -b 0.0.0.0 -Djboss.http.port=9080 -Dkeycloak.import=/keycloak-work/freeipa-realm.json &
if [ -t 0 ] ; then
echo 'keycloak-freeipa-trigger.sh: Starting interactive shell.'
/bin/bash
else
echo 'keycloak-freeipa-trigger.sh: Go loop.'
while true ; do sleep 1000 & wait $! ; done
fi