From d39ba42f7555020d5822c539011425b95cae1633 Mon Sep 17 00:00:00 2001 From: Baljit Singh Date: Wed, 31 Jul 2024 13:49:03 -0400 Subject: [PATCH] [bitnami/keycloak] use hostname v2 Signed-off-by: Baljit Singh --- .../debian-12/rootfs/opt/bitnami/scripts/keycloak-env.sh | 6 ++++++ .../25/debian-12/rootfs/opt/bitnami/scripts/libkeycloak.sh | 7 ++++--- bitnami/keycloak/README.md | 2 ++ 3 files changed, 12 insertions(+), 3 deletions(-) diff --git a/bitnami/keycloak/25/debian-12/rootfs/opt/bitnami/scripts/keycloak-env.sh b/bitnami/keycloak/25/debian-12/rootfs/opt/bitnami/scripts/keycloak-env.sh index a72e3f1ba8cb0..0db72688bb946 100644 --- a/bitnami/keycloak/25/debian-12/rootfs/opt/bitnami/scripts/keycloak-env.sh +++ b/bitnami/keycloak/25/debian-12/rootfs/opt/bitnami/scripts/keycloak-env.sh @@ -33,6 +33,8 @@ keycloak_env_vars=( KEYCLOAK_HTTPS_PORT KEYCLOAK_BIND_ADDRESS KEYCLOAK_HOSTNAME + KEYCLOAK_HOSTNAME_ADMIN + KEYCLOAK_HOSTNAME_STRICT KEYCLOAK_INIT_MAX_RETRIES KEYCLOAK_CACHE_TYPE KEYCLOAK_CACHE_STACK @@ -70,6 +72,7 @@ keycloak_env_vars=( KEYCLOAK_DAEMON_GROUP KEYCLOAK_ADMIN_USER KC_HOSTNAME + KC_HOSTNAME_ADMIN KC_HTTPS_TRUST_STORE_FILE KC_HTTPS_TRUST_STORE_PASSWORD KC_HTTPS_KEY_STORE_FILE @@ -131,6 +134,9 @@ export KEYCLOAK_HTTPS_PORT="${KEYCLOAK_HTTPS_PORT:-8443}" export KEYCLOAK_BIND_ADDRESS="${KEYCLOAK_BIND_ADDRESS:-$(hostname --fqdn)}" KEYCLOAK_HOSTNAME="${KEYCLOAK_HOSTNAME:-"${KC_HOSTNAME:-}"}" export KEYCLOAK_HOSTNAME="${KEYCLOAK_HOSTNAME:-}" +KEYCLOAK_HOSTNAME_ADMIN="${KEYCLOAK_HOSTNAME_ADMIN:-"${KC_HOSTNAME_ADMIN:-}"}" +export KEYCLOAK_HOSTNAME_ADMIN="${KEYCLOAK_HOSTNAME_ADMIN:-}" +export KEYCLOAK_HOSTNAME_STRICT="${KEYCLOAK_HOSTNAME_STRICT:-false}" export KEYCLOAK_INIT_MAX_RETRIES="${KEYCLOAK_INIT_MAX_RETRIES:-10}" export KEYCLOAK_CACHE_TYPE="${KEYCLOAK_CACHE_TYPE:-ispn}" export KEYCLOAK_CACHE_STACK="${KEYCLOAK_CACHE_STACK:-}" diff --git a/bitnami/keycloak/25/debian-12/rootfs/opt/bitnami/scripts/libkeycloak.sh b/bitnami/keycloak/25/debian-12/rootfs/opt/bitnami/scripts/libkeycloak.sh index 2c466f0f08d20..66871e85b3ee6 100644 --- a/bitnami/keycloak/25/debian-12/rootfs/opt/bitnami/scripts/libkeycloak.sh +++ b/bitnami/keycloak/25/debian-12/rootfs/opt/bitnami/scripts/libkeycloak.sh @@ -198,7 +198,8 @@ keycloak_configure_health_endpoints() { keycloak_configure_hostname() { info "Configuring hostname settings" ! is_empty_value "$KEYCLOAK_HOSTNAME" && keycloak_conf_set "hostname" "${KEYCLOAK_HOSTNAME}" - keycloak_conf_set "hostname-strict" "false" + ! is_empty_value "$KEYCLOAK_HOSTNAME_ADMIN" && keycloak_conf_set "hostname-admin" "${KEYCLOAK_HOSTNAME_ADMIN}" + keycloak_conf_set "hostname-strict" "${KEYCLOAK_HOSTNAME_STRICT}" } ######################## @@ -244,7 +245,7 @@ keycloak_configure_loglevel() { ######################### keycloak_configure_proxy() { info "Configuring proxy" - keycloak_conf_set "proxy-headers" "${KEYCLOAK_PROXY_HEADERS}" + ! is_empty_value "$KEYCLOAK_PROXY_HEADERS" && keycloak_conf_set "proxy-headers" "${KEYCLOAK_PROXY_HEADERS}" } ######################## @@ -316,7 +317,7 @@ keycloak_initialize() { keycloak_configure_hostname keycloak_configure_cache keycloak_configure_loglevel - ! is_empty_value "$KEYCLOAK_PROXY_HEADERS" && keycloak_configure_proxy + keycloak_configure_proxy is_boolean_yes "$KEYCLOAK_ENABLE_HTTPS" && keycloak_configure_https ! is_empty_value "$KEYCLOAK_SPI_TRUSTSTORE_FILE" && keycloak_configure_spi_tls true diff --git a/bitnami/keycloak/README.md b/bitnami/keycloak/README.md index cb4ab07e0c06d..56030ec18e4aa 100644 --- a/bitnami/keycloak/README.md +++ b/bitnami/keycloak/README.md @@ -81,6 +81,8 @@ docker build -t bitnami/APP:latest . | `KEYCLOAK_HTTPS_PORT` | HTTPS port | `8443` | | `KEYCLOAK_BIND_ADDRESS` | Bind address | `$(hostname --fqdn)` | | `KEYCLOAK_HOSTNAME` | Keycloak hostname | `nil` | +| `KEYCLOAK_HOSTNAME_ADMIN` | Keycloak admin hostname | `nil` | +| `KEYCLOAK_HOSTNAME_STRICT` | Disables dynamically resolving the hostname from request headers | `false` | | `KEYCLOAK_INIT_MAX_RETRIES` | Maximum retries for checking that the database works | `10` | | `KEYCLOAK_CACHE_TYPE` | Defines the cache mechanism for high-availability. | `ispn` | | `KEYCLOAK_CACHE_STACK` | Apply a specific cache stack | `nil` |