diff options
author | talyz <kim.lindberger@gmail.com> | 2020-10-26 15:33:57 +0100 |
---|---|---|
committer | talyz <kim.lindberger@gmail.com> | 2020-10-29 12:47:10 +0100 |
commit | 89e83833af35bd0ec3fdc65c435358a676a41d89 (patch) | |
tree | c20f0b9e9d9ffb409d96a55aaeb6dc47c6dca420 /nixos/modules/services/web-apps/keycloak.xml | |
parent | d1d3c86c70cad38944f50f7be544326133fff292 (diff) | |
download | nixpkgs-89e83833af35bd0ec3fdc65c435358a676a41d89.tar nixpkgs-89e83833af35bd0ec3fdc65c435358a676a41d89.tar.gz nixpkgs-89e83833af35bd0ec3fdc65c435358a676a41d89.tar.bz2 nixpkgs-89e83833af35bd0ec3fdc65c435358a676a41d89.tar.lz nixpkgs-89e83833af35bd0ec3fdc65c435358a676a41d89.tar.xz nixpkgs-89e83833af35bd0ec3fdc65c435358a676a41d89.tar.zst nixpkgs-89e83833af35bd0ec3fdc65c435358a676a41d89.zip |
nixos/keycloak: Add support for MySQL and external DBs with SSL
- Add support for using MySQL as an option to PostgreSQL. - Enable connecting to external DBs with SSL - Add a database port config option
Diffstat (limited to 'nixos/modules/services/web-apps/keycloak.xml')
-rw-r--r-- | nixos/modules/services/web-apps/keycloak.xml | 27 |
1 files changed, 21 insertions, 6 deletions
diff --git a/nixos/modules/services/web-apps/keycloak.xml b/nixos/modules/services/web-apps/keycloak.xml index 6b97d48e0bd..ca5e223eee4 100644 --- a/nixos/modules/services/web-apps/keycloak.xml +++ b/nixos/modules/services/web-apps/keycloak.xml @@ -37,16 +37,31 @@ <section xml:id="module-services-keycloak-database"> <title>Database access</title> <para> - <productname>Keycloak</productname> depends on - <productname>PostgreSQL</productname> and will automatically - enable it and create a database and role unless configured not - to, either by changing <xref linkend="opt-services.keycloak.databaseHost" /> - from its default of <literal>localhost</literal> or setting - <xref linkend="opt-services.keycloak.databaseCreateLocally" /> + <productname>Keycloak</productname> can be used with either + <productname>PostgreSQL</productname> or + <productname>MySQL</productname>. Which one is used can be + configured in <xref + linkend="opt-services.keycloak.databaseType" />. The selected + database will automatically be enabled and a database and role + created unless <xref + linkend="opt-services.keycloak.databaseHost" /> is changed from + its default of <literal>localhost</literal> or <xref + linkend="opt-services.keycloak.databaseCreateLocally" /> is set to <literal>false</literal>. </para> <para> + External database access can also be configured by setting + <xref linkend="opt-services.keycloak.databaseHost" />, <xref + linkend="opt-services.keycloak.databaseUsername" />, <xref + linkend="opt-services.keycloak.databaseUseSSL" /> and <xref + linkend="opt-services.keycloak.databaseCaCert" /> as + appropriate. Note that you need to manually create a database + called <literal>keycloak</literal> and allow the configured + database user full access to it. + </para> + + <para> <xref linkend="opt-services.keycloak.databasePasswordFile" /> must be set to the path to a file containing the password used to log in to the database. If <xref linkend="opt-services.keycloak.databaseHost" /> |