[bitnami/keycloak] use hostname v2

Signed-off-by: Baljit Singh <baljit.singh@verizon.com>
bitnami · Jul 31, 2024 · d39ba42 · d39ba42
1 parent bb31050
commit d39ba42
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 3 deletions.
diff --git a/bitnami/keycloak/25/debian-12/rootfs/opt/bitnami/scripts/keycloak-env.sh b/bitnami/keycloak/25/debian-12/rootfs/opt/bitnami/scripts/keycloak-env.sh
@@ -33,6 +33,8 @@ keycloak_env_vars=(
     KEYCLOAK_HTTPS_PORT
     KEYCLOAK_BIND_ADDRESS
     KEYCLOAK_HOSTNAME
+    KEYCLOAK_HOSTNAME_ADMIN
+    KEYCLOAK_HOSTNAME_STRICT
     KEYCLOAK_INIT_MAX_RETRIES
     KEYCLOAK_CACHE_TYPE
     KEYCLOAK_CACHE_STACK
@@ -70,6 +72,7 @@ keycloak_env_vars=(
     KEYCLOAK_DAEMON_GROUP
     KEYCLOAK_ADMIN_USER
     KC_HOSTNAME
+    KC_HOSTNAME_ADMIN
     KC_HTTPS_TRUST_STORE_FILE
     KC_HTTPS_TRUST_STORE_PASSWORD
     KC_HTTPS_KEY_STORE_FILE
@@ -131,6 +134,9 @@ export KEYCLOAK_HTTPS_PORT="${KEYCLOAK_HTTPS_PORT:-8443}"
 export KEYCLOAK_BIND_ADDRESS="${KEYCLOAK_BIND_ADDRESS:-$(hostname --fqdn)}"
 KEYCLOAK_HOSTNAME="${KEYCLOAK_HOSTNAME:-"${KC_HOSTNAME:-}"}"
 export KEYCLOAK_HOSTNAME="${KEYCLOAK_HOSTNAME:-}"
+KEYCLOAK_HOSTNAME_ADMIN="${KEYCLOAK_HOSTNAME_ADMIN:-"${KC_HOSTNAME_ADMIN:-}"}"
+export KEYCLOAK_HOSTNAME_ADMIN="${KEYCLOAK_HOSTNAME_ADMIN:-}"
+export KEYCLOAK_HOSTNAME_STRICT="${KEYCLOAK_HOSTNAME_STRICT:-false}"
 export KEYCLOAK_INIT_MAX_RETRIES="${KEYCLOAK_INIT_MAX_RETRIES:-10}"
 export KEYCLOAK_CACHE_TYPE="${KEYCLOAK_CACHE_TYPE:-ispn}"
 export KEYCLOAK_CACHE_STACK="${KEYCLOAK_CACHE_STACK:-}"

diff --git a/bitnami/keycloak/25/debian-12/rootfs/opt/bitnami/scripts/libkeycloak.sh b/bitnami/keycloak/25/debian-12/rootfs/opt/bitnami/scripts/libkeycloak.sh
@@ -198,7 +198,8 @@ keycloak_configure_health_endpoints() {
 keycloak_configure_hostname() {
     info "Configuring hostname settings"
     ! is_empty_value "$KEYCLOAK_HOSTNAME" && keycloak_conf_set "hostname" "${KEYCLOAK_HOSTNAME}"
-    keycloak_conf_set "hostname-strict" "false"
+    ! is_empty_value "$KEYCLOAK_HOSTNAME_ADMIN" && keycloak_conf_set "hostname-admin" "${KEYCLOAK_HOSTNAME_ADMIN}"
+    keycloak_conf_set "hostname-strict" "${KEYCLOAK_HOSTNAME_STRICT}"
 }
 
 ########################
@@ -244,7 +245,7 @@ keycloak_configure_loglevel() {
 #########################
 keycloak_configure_proxy() {
     info "Configuring proxy"
-    keycloak_conf_set "proxy-headers" "${KEYCLOAK_PROXY_HEADERS}"
+    ! is_empty_value "$KEYCLOAK_PROXY_HEADERS" && keycloak_conf_set "proxy-headers" "${KEYCLOAK_PROXY_HEADERS}"
 }
 
 ########################
@@ -316,7 +317,7 @@ keycloak_initialize() {
     keycloak_configure_hostname
     keycloak_configure_cache
     keycloak_configure_loglevel
-    ! is_empty_value "$KEYCLOAK_PROXY_HEADERS" && keycloak_configure_proxy
+    keycloak_configure_proxy
     is_boolean_yes "$KEYCLOAK_ENABLE_HTTPS" && keycloak_configure_https
     ! is_empty_value "$KEYCLOAK_SPI_TRUSTSTORE_FILE" && keycloak_configure_spi_tls
     true

diff --git a/bitnami/keycloak/README.md b/bitnami/keycloak/README.md
@@ -81,6 +81,8 @@ docker build -t bitnami/APP:latest .
 | `KEYCLOAK_HTTPS_PORT`                                       | HTTPS port                                                                                            | `8443`                        |
 | `KEYCLOAK_BIND_ADDRESS`                                     | Bind address                                                                                          | `$(hostname --fqdn)`          |
 | `KEYCLOAK_HOSTNAME`                                         | Keycloak hostname                                                                                     | `nil`                         |
+| `KEYCLOAK_HOSTNAME_ADMIN`                                   | Keycloak admin hostname                                                                               | `nil`                         |
+| `KEYCLOAK_HOSTNAME_STRICT`                                  | Disables dynamically resolving the hostname from request headers                                      | `false`                       |
 | `KEYCLOAK_INIT_MAX_RETRIES`                                 | Maximum retries for checking that the database works                                                  | `10`                          |
 | `KEYCLOAK_CACHE_TYPE`                                       | Defines the cache mechanism for high-availability.                                                    | `ispn`                        |
 | `KEYCLOAK_CACHE_STACK`                                      | Apply a specific cache stack                                                                          | `nil`                         |