Compare commits
2 Commits
fc352f2ff3
...
7ae0d39b99
Author | SHA1 | Date | |
---|---|---|---|
|
7ae0d39b99 | ||
|
5512176b00 |
2
.gitignore
vendored
Normal file
2
.gitignore
vendored
Normal file
@ -0,0 +1,2 @@
|
||||
env
|
||||
config.env
|
27
rollback/keycloak/config.env.sample
Normal file
27
rollback/keycloak/config.env.sample
Normal file
@ -0,0 +1,27 @@
|
||||
# where everything lives,
|
||||
# such as ./latest ./themes and so on
|
||||
location=$HOME
|
||||
|
||||
# to make sure we can use systemctl
|
||||
XDG_RUNTIME_DIR=/run/user/$UID
|
||||
|
||||
# theme in $HOME/themes to copy
|
||||
theme=
|
||||
|
||||
# this is used for setting
|
||||
# a random new password for a demo user
|
||||
#
|
||||
# needed to obtain an admin token
|
||||
kcadmin=
|
||||
kcadminpw=
|
||||
# the admin api port
|
||||
kcport=38081
|
||||
# our user to modify:
|
||||
kcuserid=fbe-123-456-ee0oab
|
||||
newpw=
|
||||
kcrealm=
|
||||
|
||||
app=keycloak # service and dumpfile name
|
||||
db=
|
||||
user=$db
|
||||
dump=$HOME/var/db/$app.dump
|
24
rollback/keycloak/rollback.sh
Normal file
24
rollback/keycloak/rollback.sh
Normal file
@ -0,0 +1,24 @@
|
||||
#/bin/bash
|
||||
set -e
|
||||
|
||||
source $HOME/scripts/env
|
||||
|
||||
echo "stopping $app..."
|
||||
systemctl stop --user $app
|
||||
|
||||
echo "restoring database..."
|
||||
# -c drops all objects that are to be restored
|
||||
pg_restore -c -h localhost -U $user -d $db < $dump
|
||||
|
||||
systemctl start --user $app
|
||||
|
||||
echo "started $app..."
|
||||
sleep 2
|
||||
|
||||
systemctl --no-pager status --user $app
|
||||
|
||||
echo "setting new demouser password"
|
||||
echo "waiting a crazy amount of 20s so keycloak has time to open that port..."
|
||||
sleep 20
|
||||
. $HOME/scripts/set-demopw.sh
|
||||
echo "done."
|
12
rollback/keycloak/set-demopw.sh
Normal file
12
rollback/keycloak/set-demopw.sh
Normal file
@ -0,0 +1,12 @@
|
||||
#!/bin/bash
|
||||
set -e
|
||||
|
||||
. $HOME/scripts/env
|
||||
|
||||
echo "obtaining new admin token"
|
||||
$HOME/latest/bin/kcadm.sh config credentials --server http://localhost:$kcport --user $kcadmin --password $kcadminpw --realm master
|
||||
|
||||
echo "setting password for demo account"
|
||||
$HOME/latest/bin/kcadm.sh set-password --server http://localhost:$kcport --userid $kcuserid -r $kcrealm --new-password $newpw # -x (for stacktrace)
|
||||
|
||||
echo "demo user now has the password of $newpw"
|
8
rollback/keycloak/setstate.sh
Normal file
8
rollback/keycloak/setstate.sh
Normal file
@ -0,0 +1,8 @@
|
||||
#!/bin/bash
|
||||
set -e
|
||||
|
||||
. $HOME/scripts/env
|
||||
|
||||
pg_dump -Fc -U $user -d $db > $dump
|
||||
|
||||
echo "state has been made permanent."
|
64
rollback/keycloak/update.sh
Normal file
64
rollback/keycloak/update.sh
Normal file
@ -0,0 +1,64 @@
|
||||
#!/bin/bash
|
||||
# source: https://git.tchncs.de/tchncs/tchncs-scripts/-/blob/main/updates/keycloak.sh
|
||||
|
||||
# Use ./update.sh 1.2.3 to OVERRIDE the release check.
|
||||
|
||||
# Without an argument, THIS SCRIPT WILL AUTODETECT the release
|
||||
# that was tagged as "latest" by the project.
|
||||
set -e
|
||||
|
||||
if [ -z "$1" ]
|
||||
then
|
||||
release=`curl -L https://api.github.com/repos/keycloak/keycloak/releases/latest -s | jq -r '.tag_name'`
|
||||
echo ">>> Detected v$release being tagged as the latest release."
|
||||
else
|
||||
release=$1
|
||||
fi
|
||||
|
||||
current_release=$(cat latest/version.txt)
|
||||
current_release=${current_release#'Keycloak - Version '}
|
||||
|
||||
if [[ $current_release == "$release" ]]
|
||||
then
|
||||
echo ">>> It appears, are on v$current_release. Nothing to do."
|
||||
exit
|
||||
else
|
||||
read -p "Proceed? With Keycloak ${release}?" -n 1 -r
|
||||
if [[ ! $REPLY =~ ^[Yy]$ ]]
|
||||
then
|
||||
[[ "$0" = "$BASH_SOURCE" ]] && exit 1 || return 1
|
||||
fi
|
||||
fi
|
||||
|
||||
systemctl stop --user keycloak
|
||||
|
||||
echo ">>> calling for rollback.sh"
|
||||
. $HOME/scripts/rollback.sh
|
||||
|
||||
cd $location
|
||||
|
||||
wget "https://github.com/keycloak/keycloak/releases/download/$release/keycloak-$release.zip"
|
||||
unzip keycloak-$release.zip
|
||||
rm keycloak-$release.zip
|
||||
|
||||
[ -L latest ] && rm -v latest
|
||||
ln -sv $location/keycloak-$1 $location/latest
|
||||
|
||||
# default config got the same filename!
|
||||
rm -v latest/conf/keycloak.conf
|
||||
|
||||
ln -sv $location/config/* $location/latest/conf/
|
||||
|
||||
bash latest/bin/kc.sh build
|
||||
|
||||
cp -r $HOME/themes/$theme $HOME/latest/themes/
|
||||
|
||||
systemctl restart --user keycloak
|
||||
|
||||
echo ">>> waiting 10s so Keycloak may run migrations..."
|
||||
sleep 10
|
||||
|
||||
echo ">>> calling setstate.sh to make the update permanent"
|
||||
. $HOME/scripts/setstate.sh
|
||||
|
||||
echo "Done."
|
Loading…
Reference in New Issue
Block a user