diff options
author | Nikolay Amiantov <ab@fmap.me> | 2022-01-09 20:58:25 +0300 |
---|---|---|
committer | Nikolay Amiantov <ab@fmap.me> | 2022-01-16 11:41:50 +0300 |
commit | 84f70eefd1c4f90e892164afa39931a9fc5ba8db (patch) | |
tree | 4b07e9eed32ce25a6b5d7aafd7600dceb39ec2f8 | |
parent | a42abe27c0b58749f1c563fc77305d145c739746 (diff) | |
download | nixpkgs-84f70eefd1c4f90e892164afa39931a9fc5ba8db.tar nixpkgs-84f70eefd1c4f90e892164afa39931a9fc5ba8db.tar.gz nixpkgs-84f70eefd1c4f90e892164afa39931a9fc5ba8db.tar.bz2 nixpkgs-84f70eefd1c4f90e892164afa39931a9fc5ba8db.tar.lz nixpkgs-84f70eefd1c4f90e892164afa39931a9fc5ba8db.tar.xz nixpkgs-84f70eefd1c4f90e892164afa39931a9fc5ba8db.tar.zst nixpkgs-84f70eefd1c4f90e892164afa39931a9fc5ba8db.zip |
keycloak service: add themes support
Custom themes can be packaged and then added using `themes` config attribute.
-rw-r--r-- | nixos/modules/services/web-apps/keycloak.nix | 47 | ||||
-rw-r--r-- | nixos/modules/services/web-apps/keycloak.xml | 11 |
2 files changed, 56 insertions, 2 deletions
diff --git a/nixos/modules/services/web-apps/keycloak.nix b/nixos/modules/services/web-apps/keycloak.nix index d4177c77bce..39e5ab970b9 100644 --- a/nixos/modules/services/web-apps/keycloak.nix +++ b/nixos/modules/services/web-apps/keycloak.nix @@ -229,6 +229,20 @@ in ''; }; + themes = lib.mkOption { + type = lib.types.attrsOf lib.types.package; + default = {}; + description = '' + Additional theme packages for Keycloak. Each theme is linked into + subdirectory with a corresponding attribute name. + + Theme packages consist of several subdirectories which provide + different theme types: for example, <literal>account</literal>, + <literal>login</literal> etc. After adding a theme to this option you + can select it by its name in Keycloak administration console. + ''; + }; + extraConfig = lib.mkOption { type = lib.types.attrsOf lib.types.anything; default = { }; @@ -289,16 +303,45 @@ in ${pkgs.jre}/bin/keytool -importcert -trustcacerts -alias MySQLCACert -file ${cfg.database.caCert} -keystore $out -storepass notsosecretpassword -noprompt ''; + # Both theme and theme type directories need to be actual directories in one hierarchy to pass Keycloak checks. + themesBundle = pkgs.runCommand "keycloak-themes" {} '' + linkTheme() { + theme="$1" + name="$2" + + mkdir "$out/$name" + for typeDir in "$theme"/*; do + if [ -d "$typeDir" ]; then + type="$(basename "$typeDir")" + mkdir "$out/$name/$type" + for file in "$typeDir"/*; do + ln -sn "$file" "$out/$name/$type/$(basename "$file")" + done + fi + done + } + + mkdir -p "$out" + for theme in ${cfg.package}/themes/*; do + if [ -d "$theme" ]; then + linkTheme "$theme" "$(basename "$theme")" + fi + done + + ${lib.concatStringsSep "\n" (lib.mapAttrsToList (name: theme: "linkTheme ${theme} ${lib.escapeShellArg name}") cfg.themes)} + ''; + keycloakConfig' = builtins.foldl' lib.recursiveUpdate { "interface=public".inet-address = cfg.bindAddress; "socket-binding-group=standard-sockets"."socket-binding=http".port = cfg.httpPort; - "subsystem=keycloak-server"."spi=hostname" = { - "provider=default" = { + "subsystem=keycloak-server" = { + "spi=hostname"."provider=default" = { enabled = true; properties = { inherit (cfg) frontendUrl forceBackendUrlToFrontendUrl; }; }; + "theme=defaults".dir = toString themesBundle; }; "subsystem=datasources"."data-source=KeycloakDS" = { max-pool-size = "20"; diff --git a/nixos/modules/services/web-apps/keycloak.xml b/nixos/modules/services/web-apps/keycloak.xml index 7ba656c20f1..8c3e35a051b 100644 --- a/nixos/modules/services/web-apps/keycloak.xml +++ b/nixos/modules/services/web-apps/keycloak.xml @@ -131,6 +131,17 @@ </warning> </section> + <section xml:id="module-services-keycloak-themes"> + <title>Themes</title> + <para> + You can package custom themes and make them visible to Keycloak via + <xref linkend="opt-services.keycloak.themes" /> + option. See the <link xlink:href="https://www.keycloak.org/docs/latest/server_development/#_themes"> + Themes section of the Keycloak Server Development Guide</link> + and respective NixOS option description for more information. + </para> + </section> + <section xml:id="module-services-keycloak-extra-config"> <title>Additional configuration</title> <para> |