public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

nixos/keycloak: use db username in db init scripts

Browse Source
This commit is contained in:
Leo Maroni 2021-03-20 23:50:21 +01:00
parent 2adc24feb8
commit d9e18f4e7f
No known key found for this signature in database
GPG Key ID: B1ADA545CD2CBACD
1 changed files with 8 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
nixos/modules/services/web-apps/keycloak.nix
View File

@ -168,9 +168,10 @@ in
type = lib.types.str; type = lib.types.str;
default = "keycloak"; default = "keycloak";
description = '' description = ''
Username to use when connecting to an external or manually Username to use when connecting to the database.
provisioned database; has no effect when a local database is This is also used for automatic provisioning of the database.
automatically provisioned. Changing this after the initial installation doesn't delete the
old user and can cause further problems.
''; '';
}; };
@ -587,8 +588,8 @@ in
PSQL=${config.services.postgresql.package}/bin/psql PSQL=${config.services.postgresql.package}/bin/psql
db_password="$(<'${cfg.databasePasswordFile}')" db_password="$(<'${cfg.databasePasswordFile}')"
$PSQL -tAc "SELECT 1 FROM pg_roles WHERE rolname='keycloak'" | grep -q 1 || $PSQL -tAc "CREATE ROLE keycloak WITH LOGIN PASSWORD '$db_password' CREATEDB" $PSQL -tAc "SELECT 1 FROM pg_roles WHERE rolname='${cfg.databaseUsername}'" | grep -q 1 || $PSQL -tAc "CREATE ROLE ${cfg.databaseUsername} WITH LOGIN PASSWORD '$db_password' CREATEDB"
$PSQL -tAc "SELECT 1 FROM pg_database WHERE datname = 'keycloak'" | grep -q 1 || $PSQL -tAc 'CREATE DATABASE "keycloak" OWNER "keycloak"' $PSQL -tAc "SELECT 1 FROM pg_database WHERE datname = 'keycloak'" | grep -q 1 || $PSQL -tAc 'CREATE DATABASE "keycloak" OWNER "${cfg.databaseUsername}"'
''; '';
}; };
@ -606,9 +607,9 @@ in
set -eu set -eu
db_password="$(<'${cfg.databasePasswordFile}')" db_password="$(<'${cfg.databasePasswordFile}')"
( echo "CREATE USER IF NOT EXISTS 'keycloak'@'localhost' IDENTIFIED BY '$db_password';" ( echo "CREATE USER IF NOT EXISTS '${cfg.databaseUsername}'@'localhost' IDENTIFIED BY '$db_password';"
echo "CREATE DATABASE keycloak CHARACTER SET utf8 COLLATE utf8_unicode_ci;" echo "CREATE DATABASE keycloak CHARACTER SET utf8 COLLATE utf8_unicode_ci;"
echo "GRANT ALL PRIVILEGES ON keycloak.* TO 'keycloak'@'localhost';" echo "GRANT ALL PRIVILEGES ON keycloak.* TO '${cfg.databaseUsername}'@'localhost';"
) | ${config.services.mysql.package}/bin/mysql -N ) | ${config.services.mysql.package}/bin/mysql -N
''; '';
}; };