av/pet-project-server
1
0
Fork 0
Code Pull Requests Activity

Добавил Keycloak

Browse Source
This commit is contained in:
Anton Vakhrushev 2024-05-25 20:57:58 +03:00
parent 13b6deae14
commit 76acb0d162
Signed by: av
GPG Key ID: 581F7473F7A21FA2
9 changed files with 116 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Taskfile.yml
View File

@ -71,7 +71,7 @@ tasks:
docker run docker run
--rm --rm
-u {{.USER_ID}}:{{.GROUP_ID}} -u {{.USER_ID}}:{{.GROUP_ID}}
-v $PWD/app:/app -v $PWD:/app
-w /app -w /app
pyfound/black:latest_release pyfound/black:latest_release
black . black .

22
ansible/configuration.yml
View File

@ -10,6 +10,7 @@
nomie_port: "{{ base_port + 6 }}" nomie_port: "{{ base_port + 6 }}"
nomie_db_port: "{{ base_port + 7 }}" nomie_db_port: "{{ base_port + 7 }}"
gitea_port: "{{ base_port + 8 }}" gitea_port: "{{ base_port + 8 }}"
keycloak_port: "{{ base_port + 9 }}"
vars_files: vars_files:
- vars/vars.yml - vars/vars.yml
@ -171,3 +172,24 @@
USER_GID: '{{ uc_result.group }}' USER_GID: '{{ uc_result.group }}'
tags: tags:
- apps - apps
- import_role:
name: docker-app
vars:
username: keycloak
extra_groups:
- docker
ssh_keys:
- '{{ lookup("file", "files/av_id_rsa.pub") }}'
env:
PROJECT_NAME: keycloak
DOCKER_PREFIX: keycloak
IMAGE_PREFIX: keycloak
CONTAINER_PREFIX: keycloak
WEB_SERVER_PORT: '127.0.0.1:{{ keycloak_port }}'
KEYCLOAK_ADMIN: '{{ keycloak.admin_login }}'
KEYCLOAK_ADMIN_PASSWORD: '{{ keycloak.admin_password }}'
USER_UID: '{{ uc_result.uid }}'
USER_GID: '{{ uc_result.group }}'
tags:
- apps

8
ansible/templates/Caddyfile.j2
View File

@ -62,3 +62,11 @@ git.vakhrushev.me {
to 127.0.0.1:{{ gitea_port }} to 127.0.0.1:{{ gitea_port }}
} }
} }
kk.vakhrushev.me {
tls anwinged@ya.ru
reverse_proxy {
to 127.0.0.1:{{ keycloak_port }}
}
}

54
ansible/vars/vars.yml
View File

@ -1,26 +1,30 @@
$ANSIBLE_VAULT;1.1;AES256 $ANSIBLE_VAULT;1.1;AES256
64633761653833666663633233393164376238316564663434623333333738393637313836353831 65666138373239633935333762383264653866666535303063643966366333633365303136306464
6165306432626631303432376563326631616262393964640a333936663761353763386563316337 6433303436326365376437636166303038373338323937640a373130323236646165643930303838
64646531343532393430663066336564353464393465386337656132363361396435363266666462 30626361316164373263353838636134663966323337323262386664663066373935313366643037
3032346163626366300a353139386236386466383931356533366565613231363561653830653735 3435363363663737640a353539323331653461383833323332306539643535653934333335656232
36636661386636633533366332656536366636373366666633396538623030383339363462363531 62306234353264663337616336313432393631623662396634653931363466303466346138376333
35666362303865343231613639343262373832393062366437633036393036613531643266356334 37373564663163666333383837386564613530663266636535626534613135623438633664663035
30336163383130613933383333626131306666623534373866653530366664383138303131376534 62653261396565353763346466623537663562323031383162323566316233336636623231316362
32666336643965323431643465633232656465313230346663653266313962643761303731326338 35363330366662626636626435656464333862373562396231316661653733383132633238353133
32366566666463663165366538386236383039326433346632336263663566613362333639643439 61383566636239393865336264336130633934636361323336333238666436623963386337623261
34363863653132333963643934313633626565333063333965623036646265393532666135346237 30323962623966373636646635306637386537393263356335323464346434386662626436613163
62356239383937383362623135306531616134653036346664346437363335393061636539306233 62343736326362663539653234303432316230613231326231363838623735326666333239333562
66653433333134623130613330643465313837303233303761383031373733353838393532626635 39353061626166353239626330326162343736336463393236646164323163313062656563616532
38623632636237353932663834643962646663306563376333306235363137356131636537373864 66336633363535623536636237313431396134316161356464633533656637336630383130346464
34343936633330383561373437613261623162303632333161316163343239303839323231366230 66373363336238393866633364326564666438346335633464646461643035663164643261353265
62343938666566626538653765333138633865333637653135343361623532636562313035383639 35306632383532653333313033313034326165343062303033333934613566316539323031373039
64316137656364356237303232616431333439353564626233393830393761646131356466353166 34643637303562613766663562626237613231336639376563356533393965333362653266316263
30643634323563303734303765663835303864313237646238363134376565663765376664623066 34656238646638663962666430356263383838653061613135303738386336343630346561653032
66616437393739633166306333313535623637323838363665393735646537666563333766626235 32626633663939323265373430323134306461396335633135663836393934396630373963623733
62306264313238383033303633653061313137613331333737343333386634323661653765653337 34303531626165396662386362663863313537646466353537366532653563393261336661666233
39386132306561663562643836323831363937613631303066313439353734373263393963316631 63636238626661396437336663643432363438376431356337663664303132313931613632353937
65303462653035643465393862636532353330313037633264353863343837363361646634663732 61646338323738386363333837313239363734633536623766343331396232646465303661333761
66313838643564346139363831366232616462633865343638636437323439316132363034663534 62393462373231323737663263343835393464656438343530343539383437666263326134663535
62393664353066313361366430396166653435393539343530303237363562653834653230366337 38383632653364373437303638333037646566376465646537303964386335346463313639613231
31643639343436366664663137623235613963636265623335383734326233323263336437313435 39643766386265643032353033623831643037313631663861663737313635313838663739373466
6434 34343561303465376264383939343766613531376263353061396134383931306635616337383063
33343464613732363038613538626134366266366338313064633165343530623932646639626431
62316535633132313837396461386663616531373161396238333362346265323065393334616539
65326635326662613963313562316634656134366636333631393838333338643564646566326665
3564

5
app/keycloak/.env Normal file
View File

@ -0,0 +1,5 @@
WEB_SERVER_PORT=9595
KEYCLOAK_ADMIN=admin
KEYCLOAK_ADMIN_PASSWORD=password
USER_UID=1000
USER_GID=1000

1
app/keycloak/.gitignore vendored Normal file
View File

@ -0,0 +1 @@
data/

24
app/keycloak/docker-compose.prod.yml Normal file
View File

@ -0,0 +1,24 @@
version: "3"
# Images: https://quay.io/repository/keycloak/keycloak?tab=tags&tag=latest
# Configuration: https://www.keycloak.org/server/all-config
# NB
# - На проде были проблемы с правами к директории data, пришлось выдать 777
# - Переменную KC_HOSTNAME_ADMIN_URL нужно указать вместе с KC_HOSTNAME_URL, иначе будут ошибки 403
services:
keycloak:
image: quay.io/keycloak/keycloak:24.0.4
command: ["start-dev"]
restart: unless-stopped
environment:
KEYCLOAK_ADMIN: "${KEYCLOAK_ADMIN}"
KEYCLOAK_ADMIN_PASSWORD: "${KEYCLOAK_ADMIN_PASSWORD}"
KC_HOSTNAME_URL: "https://kk.vakhrushev.me"
KC_HOSTNAME_ADMIN_URL: "https://kk.vakhrushev.me"
ports:
- "${WEB_SERVER_PORT}:8080"
volumes:
- "./data:/opt/keycloak/data"

18
app/keycloak/docker-compose.yml Normal file
View File

@ -0,0 +1,18 @@
version: "3"
# Images: https://quay.io/repository/keycloak/keycloak?tab=tags&tag=latest
# Configuration: https://www.keycloak.org/server/all-config
services:
keycloak:
image: quay.io/keycloak/keycloak:24.0.4
command: ["start-dev"]
restart: unless-stopped
environment:
KEYCLOAK_ADMIN: "${KEYCLOAK_ADMIN}"
KEYCLOAK_ADMIN_PASSWORD: "${KEYCLOAK_ADMIN_PASSWORD}"
ports:
- "${WEB_SERVER_PORT}:8080"
volumes:
- "./data:/opt/keycloak/data"

11
app/tasks.py → tasks.py
View File

@ -3,7 +3,7 @@ import shlex
import fabric import fabric
from invoke import task from invoke import task
SERVER_HOST_FILE = "../ansible/hosts_prod" SERVER_HOST_FILE = "ansible/hosts_prod"
DOKER_REGISTRY = "cr.yandex/crplfk0168i4o8kd7ade" DOKER_REGISTRY = "cr.yandex/crplfk0168i4o8kd7ade"
@ -17,6 +17,11 @@ def deploy_wiki(context):
deploy("wiki") deploy("wiki")
@task(name="deploy:keycloak")
def deploy_wiki(context):
deploy("keycloak", compose_file="docker-compose.prod.yml", dirs=["data"])
def read_host(): def read_host():
with open(SERVER_HOST_FILE) as f: with open(SERVER_HOST_FILE) as f:
return f.read().strip() return f.read().strip()
@ -26,8 +31,8 @@ def ssh_host(app_name):
return f"{app_name}@{read_host()}" return f"{app_name}@{read_host()}"
def deploy(app_name: str, dirs=None): def deploy(app_name: str, compose_file="docker-compose.yml", dirs=None):
docker_compose = os.path.join(app_name, "docker-compose.yml") docker_compose = os.path.join("app", app_name, compose_file)
assert os.path.exists(docker_compose) assert os.path.exists(docker_compose)
conn_str = ssh_host(app_name) conn_str = ssh_host(app_name)
dirs = dirs or [] dirs = dirs or []