alemaire/buildx
1
0
Fork 0
mirror of https://gitlab.com/alemaire/buildx.git synced 2025-01-17 13:58:19 +00:00
Code Issues Projects Releases Wiki Activity

initial commit

Browse Source
This commit is contained in:
Adrien le Maire
2020-07-29 16:01:00 +02:00
commit 21c2ec0f00
59 changed files with 1683 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
keycloak/tools/cli/databases/mariadb/change-database.cli Normal file
View File

@ -0,0 +1,9 @@
/subsystem=datasources/data-source=KeycloakDS: remove()
/subsystem=datasources/data-source=KeycloakDS: add(jndi-name=java:jboss/datasources/KeycloakDS,enabled=true,use-java-context=true,use-ccm=true, connection-url=jdbc:mariadb://${env.DB_ADDR:mariadb}:${env.DB_PORT:3306}/${env.DB_DATABASE:keycloak}${env.JDBC_PARAMS:}, driver-name=mariadb)
/subsystem=datasources/data-source=KeycloakDS: write-attribute(name=user-name, value=${env.DB_USER:keycloak})
/subsystem=datasources/data-source=KeycloakDS: write-attribute(name=password, value=${env.DB_PASSWORD:password})
/subsystem=datasources/data-source=KeycloakDS: write-attribute(name=check-valid-connection-sql, value="SELECT 1")
/subsystem=datasources/data-source=KeycloakDS: write-attribute(name=background-validation, value=true)
/subsystem=datasources/data-source=KeycloakDS: write-attribute(name=background-validation-millis, value=60000)
/subsystem=datasources/data-source=KeycloakDS: write-attribute(name=flush-strategy, value=IdleConnections)
/subsystem=datasources/jdbc-driver=mariadb:add(driver-name=mariadb, driver-module-name=org.mariadb.jdbc, driver-xa-datasource-class-name=org.mariadb.jdbc.MySQLDataSource)

3
keycloak/tools/cli/databases/mariadb/standalone-configuration.cli Normal file
View File

@ -0,0 +1,3 @@
embed-server --server-config=standalone.xml --std-out=echo
run-batch --file=/opt/jboss/tools/cli/databases/mariadb/change-database.cli
stop-embedded-server

3
keycloak/tools/cli/databases/mariadb/standalone-ha-configuration.cli Normal file
View File

@ -0,0 +1,3 @@
embed-server --server-config=standalone-ha.xml --std-out=echo
run-batch --file=/opt/jboss/tools/cli/databases/mariadb/change-database.cli
stop-embedded-server

11
keycloak/tools/cli/databases/mssql/change-database.cli Normal file
View File

@ -0,0 +1,11 @@
/subsystem=datasources/data-source=KeycloakDS: remove()
/subsystem=datasources/data-source=KeycloakDS: add(jndi-name=java:jboss/datasources/KeycloakDS,enabled=true,use-java-context=true,use-ccm=true, connection-url="jdbc:sqlserver://${env.DB_ADDR:mssql}:${env.DB_PORT:1433};databaseName=${env.DB_DATABASE:keycloak};sendStringParametersAsUnicode=false;integratedSecurity=false;user=${env.DB_USER:keycloak};password=${env.DB_PASSWORD:password};${env.JDBC_PARAMS:}", driver-name=sqlserver)
/subsystem=datasources/data-source=KeycloakDS: write-attribute(name=user-name, value=${env.DB_USER:keycloak})
/subsystem=datasources/data-source=KeycloakDS: write-attribute(name=password, value=${env.DB_PASSWORD:password})
/subsystem=datasources/data-source=KeycloakDS: write-attribute(name=check-valid-connection-sql, value="SELECT 1")
/subsystem=datasources/data-source=KeycloakDS: write-attribute(name=background-validation, value=true)
/subsystem=datasources/data-source=KeycloakDS: write-attribute(name=background-validation-millis, value=60000)
/subsystem=datasources/data-source=KeycloakDS: write-attribute(name=flush-strategy, value=IdleConnections)
/subsystem=datasources/jdbc-driver=sqlserver:add(driver-name=sqlserver,driver-module-name=com.microsoft.sqlserver.jdbc,driver-xa-datasource-class-name=com.microsoft.sqlserver.jdbc.SQLServerXADataSource)
/subsystem=keycloak-server/spi=connectionsJpa/provider=default:write-attribute(name=properties.schema,value=${env.DB_SCHEMA:dbo})

3
keycloak/tools/cli/databases/mssql/standalone-configuration.cli Normal file
View File

@ -0,0 +1,3 @@
embed-server --server-config=standalone.xml --std-out=echo
run-batch --file=/opt/jboss/tools/cli/databases/mssql/change-database.cli
stop-embedded-server

3
keycloak/tools/cli/databases/mssql/standalone-ha-configuration.cli Normal file
View File

@ -0,0 +1,3 @@
embed-server --server-config=standalone-ha.xml --std-out=echo
run-batch --file=/opt/jboss/tools/cli/databases/mssql/change-database.cli
stop-embedded-server

9
keycloak/tools/cli/databases/mysql/change-database.cli Normal file
View File

@ -0,0 +1,9 @@
/subsystem=datasources/data-source=KeycloakDS: remove()
/subsystem=datasources/data-source=KeycloakDS: add(jndi-name=java:jboss/datasources/KeycloakDS,enabled=true,use-java-context=true,use-ccm=true, connection-url=jdbc:mysql://${env.DB_ADDR:mysql}:${env.DB_PORT:3306}/${env.DB_DATABASE:keycloak}${env.JDBC_PARAMS:}, driver-name=mysql)
/subsystem=datasources/data-source=KeycloakDS: write-attribute(name=user-name, value=${env.DB_USER:keycloak})
/subsystem=datasources/data-source=KeycloakDS: write-attribute(name=password, value=${env.DB_PASSWORD:password})
/subsystem=datasources/data-source=KeycloakDS: write-attribute(name=check-valid-connection-sql, value="SELECT 1")
/subsystem=datasources/data-source=KeycloakDS: write-attribute(name=background-validation, value=true)
/subsystem=datasources/data-source=KeycloakDS: write-attribute(name=background-validation-millis, value=60000)
/subsystem=datasources/data-source=KeycloakDS: write-attribute(name=flush-strategy, value=IdleConnections)
/subsystem=datasources/jdbc-driver=mysql:add(driver-name=mysql, driver-module-name=com.mysql.jdbc, driver-xa-datasource-class-name=com.mysql.cj.jdbc.MysqlXADataSource)

3
keycloak/tools/cli/databases/mysql/standalone-configuration.cli Normal file
View File

@ -0,0 +1,3 @@
embed-server --server-config=standalone.xml --std-out=echo
run-batch --file=/opt/jboss/tools/cli/databases/mysql/change-database.cli
stop-embedded-server

3
keycloak/tools/cli/databases/mysql/standalone-ha-configuration.cli Normal file
View File

@ -0,0 +1,3 @@
embed-server --server-config=standalone-ha.xml --std-out=echo
run-batch --file=/opt/jboss/tools/cli/databases/mysql/change-database.cli
stop-embedded-server

9
keycloak/tools/cli/databases/oracle/change-database.cli Normal file
View File

@ -0,0 +1,9 @@
/subsystem=datasources/data-source=KeycloakDS: remove()
/subsystem=datasources/data-source=KeycloakDS: add(jndi-name=java:jboss/datasources/KeycloakDS,enabled=true,use-java-context=true,use-ccm=true, connection-url=jdbc:oracle:thin:@${env.DB_ADDR:oracle}:${env.DB_PORT:1521}:${env.DB_DATABASE:XE}${env.JDBC_PARAMS:}, driver-name=oracle)
/subsystem=datasources/data-source=KeycloakDS: write-attribute(name=user-name, value=${env.DB_USER:SYSTEM})
/subsystem=datasources/data-source=KeycloakDS: write-attribute(name=password, value=${env.DB_PASSWORD:oracle})
/subsystem=datasources/data-source=KeycloakDS: write-attribute(name=check-valid-connection-sql, value="SELECT 1 FROM dual")
/subsystem=datasources/data-source=KeycloakDS: write-attribute(name=background-validation, value=true)
/subsystem=datasources/data-source=KeycloakDS: write-attribute(name=background-validation-millis, value=60000)
/subsystem=datasources/data-source=KeycloakDS: write-attribute(name=flush-strategy, value=IdleConnections)
/subsystem=datasources/jdbc-driver=oracle:add(driver-name=oracle, driver-module-name=com.oracle.jdbc, driver-xa-datasource-class-name=oracle.jdbc.xa.client.OracleXADataSource)

3
keycloak/tools/cli/databases/oracle/standalone-configuration.cli Normal file
View File

@ -0,0 +1,3 @@
embed-server --server-config=standalone.xml --std-out=echo
run-batch --file=/opt/jboss/tools/cli/databases/oracle/change-database.cli
stop-embedded-server

3
keycloak/tools/cli/databases/oracle/standalone-ha-configuration.cli Normal file
View File

@ -0,0 +1,3 @@
embed-server --server-config=standalone-ha.xml --std-out=echo
run-batch --file=/opt/jboss/tools/cli/databases/oracle/change-database.cli
stop-embedded-server

11
keycloak/tools/cli/databases/postgres/change-database.cli Normal file
View File

@ -0,0 +1,11 @@
/subsystem=datasources/data-source=KeycloakDS: remove()
/subsystem=datasources/data-source=KeycloakDS: add(jndi-name=java:jboss/datasources/KeycloakDS,enabled=true,use-java-context=true,use-ccm=true, connection-url=jdbc:postgresql://${env.DB_ADDR:postgres}/${env.DB_DATABASE:keycloak}${env.JDBC_PARAMS:}, driver-name=postgresql)
/subsystem=datasources/data-source=KeycloakDS: write-attribute(name=user-name, value=${env.DB_USER:keycloak})
/subsystem=datasources/data-source=KeycloakDS: write-attribute(name=password, value=${env.DB_PASSWORD:password})
/subsystem=datasources/data-source=KeycloakDS: write-attribute(name=check-valid-connection-sql, value="SELECT 1")
/subsystem=datasources/data-source=KeycloakDS: write-attribute(name=background-validation, value=true)
/subsystem=datasources/data-source=KeycloakDS: write-attribute(name=background-validation-millis, value=60000)
/subsystem=datasources/data-source=KeycloakDS: write-attribute(name=flush-strategy, value=IdleConnections)
/subsystem=datasources/jdbc-driver=postgresql:add(driver-name=postgresql, driver-module-name=org.postgresql.jdbc, driver-xa-datasource-class-name=org.postgresql.xa.PGXADataSource)
/subsystem=keycloak-server/spi=connectionsJpa/provider=default:write-attribute(name=properties.schema,value=${env.DB_SCHEMA:public})

3
keycloak/tools/cli/databases/postgres/standalone-configuration.cli Normal file
View File

@ -0,0 +1,3 @@
embed-server --server-config=standalone.xml --std-out=echo
run-batch --file=/opt/jboss/tools/cli/databases/postgres/change-database.cli
stop-embedded-server

3
keycloak/tools/cli/databases/postgres/standalone-ha-configuration.cli Normal file
View File

@ -0,0 +1,3 @@
embed-server --server-config=standalone-ha.xml --std-out=echo
run-batch --file=/opt/jboss/tools/cli/databases/postgres/change-database.cli
stop-embedded-server

6
keycloak/tools/cli/files-plaintext-vault.cli Normal file
View File

@ -0,0 +1,6 @@
embed-server --server-config=$configuration_file --std-out=discard
echo ** Adding vault spi **
/subsystem=keycloak-server/spi=vault/:add
/subsystem=keycloak-server/spi=vault/provider=files-plaintext/:add(enabled=true,properties={dir => $plaintext_vault_provider_dir})
stop-embedded-server

2
keycloak/tools/cli/hostname.cli Normal file
View File

@ -0,0 +1,2 @@
/subsystem=keycloak-server/spi=hostname:write-attribute(name=default-provider, value="${keycloak.hostname.provider:default}")
/subsystem=keycloak-server/spi=hostname/provider=fixed/:add(properties={hostname => "${keycloak.hostname.fixed.hostname:localhost}",httpPort => "${keycloak.hostname.fixed.httpPort:-1}",httpsPort => "${keycloak.hostname.fixed.httpsPort:-1}",alwaysHttps => "${keycloak.hostname.fixed.alwaysHttps:false}"},enabled=true)

11
keycloak/tools/cli/infinispan/cache-owners.cli Normal file
View File

@ -0,0 +1,11 @@
embed-server --server-config=standalone-ha.xml --std-out=echo
batch
/subsystem=infinispan/cache-container=keycloak/distributed-cache=sessions: write-attribute(name=owners, value=${env.CACHE_OWNERS_COUNT:1})
/subsystem=infinispan/cache-container=keycloak/distributed-cache=offlineSessions: write-attribute(name=owners, value=${env.CACHE_OWNERS_COUNT:1})
/subsystem=infinispan/cache-container=keycloak/distributed-cache=loginFailures: write-attribute(name=owners, value=${env.CACHE_OWNERS_COUNT:1})
/subsystem=infinispan/cache-container=keycloak/distributed-cache=clientSessions: write-attribute(name=owners, value=${env.CACHE_OWNERS_COUNT:1})
/subsystem=infinispan/cache-container=keycloak/distributed-cache=offlineClientSessions: write-attribute(name=owners, value=${env.CACHE_OWNERS_COUNT:1})
/subsystem=infinispan/cache-container=keycloak/distributed-cache=actionTokens: write-attribute(name=owners, value=${env.CACHE_OWNERS_COUNT:1})
/subsystem=infinispan/cache-container=keycloak/distributed-cache=authenticationSessions: write-attribute(name=owners, value=${env.CACHE_OWNERS_AUTH_SESSIONS_COUNT:1})
run-batch
stop-embedded-server

11
keycloak/tools/cli/jgroups/discovery/default.cli Normal file
View File

@ -0,0 +1,11 @@
embed-server --server-config=standalone-ha.xml --std-out=echo
batch
/subsystem=jgroups/stack=udp/protocol=PING:remove()
/subsystem=jgroups/stack=udp/protocol=$keycloak_jgroups_discovery_protocol:add(add-index=0, properties=$keycloak_jgroups_discovery_protocol_properties)
/subsystem=jgroups/stack=tcp/protocol=MPING:remove()
/subsystem=jgroups/stack=tcp/protocol=$keycloak_jgroups_discovery_protocol:add(add-index=0, properties=$keycloak_jgroups_discovery_protocol_properties)
/subsystem=jgroups/channel=ee:write-attribute(name="stack", value=$keycloak_jgroups_transport_stack)
run-batch
stop-embedded-server

9
keycloak/tools/cli/loglevel.cli Normal file
View File

@ -0,0 +1,9 @@
/subsystem=logging/logger=org.keycloak:add
/subsystem=logging/logger=org.keycloak:write-attribute(name=level,value=${env.KEYCLOAK_LOGLEVEL:INFO})
/subsystem=logging/root-logger=ROOT:change-root-log-level(level=${env.ROOT_LOGLEVEL:INFO})
/subsystem=logging/root-logger=ROOT:remove-handler(name="FILE")
/subsystem=logging/periodic-rotating-file-handler=FILE:remove
/subsystem=logging/console-handler=CONSOLE:undefine-attribute(name=level)

5
keycloak/tools/cli/metrics/db.cli Normal file
View File

@ -0,0 +1,5 @@
embed-server --server-config=standalone-ha.xml --std-out=echo
batch
/subsystem=datasources/data-source=KeycloakDS:write-attribute(name=statistics-enabled, value=true)
run-batch
stop-embedded-server

5
keycloak/tools/cli/metrics/http.cli Normal file
View File

@ -0,0 +1,5 @@
embed-server --server-config=standalone-ha.xml --std-out=echo
batch
/subsystem=undertow:write-attribute(name=statistics-enabled,value=true)
run-batch
stop-embedded-server

5
keycloak/tools/cli/metrics/jgroups.cli Normal file
View File

@ -0,0 +1,5 @@
embed-server --server-config=standalone-ha.xml --std-out=echo
batch
/subsystem=jgroups/channel=ee:write-attribute(name=statistics-enabled, value=true)
run-batch
stop-embedded-server

2
keycloak/tools/cli/proxy.cli Normal file
View File

@ -0,0 +1,2 @@
/subsystem=undertow/server=default-server/http-listener=default: write-attribute(name=proxy-address-forwarding, value=${env.PROXY_ADDRESS_FORWARDING:false})
/subsystem=undertow/server=default-server/https-listener=https: write-attribute(name=proxy-address-forwarding, value=${env.PROXY_ADDRESS_FORWARDING:false})

6
keycloak/tools/cli/standalone-configuration.cli Normal file
View File

@ -0,0 +1,6 @@
embed-server --server-config=standalone.xml --std-out=echo
run-batch --file=/opt/jboss/tools/cli/loglevel.cli
run-batch --file=/opt/jboss/tools/cli/proxy.cli
run-batch --file=/opt/jboss/tools/cli/hostname.cli
run-batch --file=/opt/jboss/tools/cli/theme.cli
stop-embedded-server

6
keycloak/tools/cli/standalone-ha-configuration.cli Normal file
View File

@ -0,0 +1,6 @@
embed-server --server-config=standalone-ha.xml --std-out=echo
run-batch --file=/opt/jboss/tools/cli/loglevel.cli
run-batch --file=/opt/jboss/tools/cli/proxy.cli
run-batch --file=/opt/jboss/tools/cli/hostname.cli
run-batch --file=/opt/jboss/tools/cli/theme.cli
stop-embedded-server

2
keycloak/tools/cli/theme.cli Normal file
View File

@ -0,0 +1,2 @@
/subsystem=keycloak-server/theme=defaults:write-attribute(name=welcomeTheme,value=${env.KEYCLOAK_WELCOME_THEME:keycloak})
/subsystem=keycloak-server/theme=defaults:write-attribute(name=default,value=${env.KEYCLOAK_DEFAULT_THEME:keycloak})

9
keycloak/tools/cli/x509-keystore.cli Normal file
View File

@ -0,0 +1,9 @@
embed-server --server-config=$configuration_file --std-out=discard
/subsystem=elytron/key-store=kcKeyStore:add(path=$keycloak_tls_keystore_file,type=JKS,credential-reference={clear-text=$keycloak_tls_keystore_password})
/subsystem=elytron/key-manager=kcKeyManager:add(key-store=kcKeyStore,credential-reference={clear-text=$keycloak_tls_keystore_password})
/subsystem=elytron/server-ssl-context=kcSSLContext:add(key-manager=kcKeyManager)
batch
/subsystem=undertow/server=default-server/https-listener=https:undefine-attribute(name=security-realm)
/subsystem=undertow/server=default-server/https-listener=https:write-attribute(name=ssl-context,value=kcSSLContext)
run-batch
stop-embedded-server

25
keycloak/tools/cli/x509-truststore.cli Normal file
View File

@ -0,0 +1,25 @@
embed-server --server-config=$configuration_file --std-out=discard
/subsystem=elytron/key-store=kcTrustStore:add(path=$keycloak_tls_truststore_file,type=JKS,credential-reference={clear-text=$keycloak_tls_truststore_password})
/subsystem=elytron/trust-manager=kcTrustManager:add(key-store=kcTrustStore)
if (outcome != success) of /subsystem=elytron/server-ssl-context=kcSSLContext:read-resource
# Since WF requires a Key Manager for creating /subsystem=elytron/server-ssl-context, there's nothing we can do at this point.
# We can not automatically generate a self-signed key (Elytron doesn't support this, see https://docs.wildfly.org/13/WildFly_Elytron_Security.html#configure-ssltls),
# and we don't have anything else at hand.
# However, there is no big harm here - the Trust Store is more needed by Keycloak Truststore SPI.
echo "WARNING! There is no Key Manager (No Key Store specified). Skipping HTTPS Listener configuration..."
else
# The SSL Context has been added by keystore, not much to do - just append trust store and we are done.
/subsystem=elytron/server-ssl-context=kcSSLContext:write-attribute(name=trust-manager, value=kcTrustManager)
/subsystem=elytron/server-ssl-context=kcSSLContext:write-attribute(name=want-client-auth, value=true)
end-if
if (outcome != success) of /subsystem=keycloak-server/spi=truststore:read-resource
/subsystem=keycloak-server/spi=truststore/:add
end-if
/subsystem=keycloak-server/spi=truststore/provider=file/:add(enabled=true,properties={ \
file => $keycloak_tls_truststore_file, \
password => $keycloak_tls_truststore_password, \
hostname-verification-policy => "WILDCARD", \
disabled => "false"})
stop-embedded-server