nixpkgs/pkgs/servers/keycloak/default.nix

{ stdenv
, lib
, fetchzip
, makeWrapper
, jre
, nixosTests
, callPackage
, confFile ? null
, plugins ? [ ]
, extraFeatures ? [ ]
, disabledFeatures ? [ ]
}:

let
  featuresSubcommand = ''
    ${lib.optionalString (extraFeatures != [ ]) "--features=${lib.concatStringsSep "," extraFeatures}"} \
    ${lib.optionalString (disabledFeatures != [ ]) "--features-disabled=${lib.concatStringsSep "," disabledFeatures}"}
  '';
in stdenv.mkDerivation rec {
  pname = "keycloak";
  version = "22.0.5";

  src = fetchzip {
    url = "https://github.com/keycloak/keycloak/releases/download/${version}/keycloak-${version}.zip";
    hash = "sha256-D08WPJUOIIDD9JTTq4C4+wzj/fTZvFbxVXWbVzx0MKY=";
  };

  nativeBuildInputs = [ makeWrapper jre ];

  patches = [
    # Make home.dir and config.dir configurable through the
    # KC_HOME_DIR and KC_CONF_DIR environment variables.
    ./config_vars.patch
  ];

  buildPhase = ''
    runHook preBuild
  '' + lib.optionalString (confFile != null) ''
    install -m 0600 ${confFile} conf/keycloak.conf
  '' + ''
    install_plugin() {
      if [ -d "$1" ]; then
        find "$1" -type f \( -iname \*.ear -o -iname \*.jar \) -exec install -m 0500 "{}" "providers/" \;
      else
        install -m 0500 "$1" "providers/"
      fi
    }
    ${lib.concatMapStringsSep "\n" (pl: "install_plugin ${lib.escapeShellArg pl}") plugins}
  '' + ''
    patchShebangs bin/kc.sh
    export KC_HOME_DIR=$(pwd)
    export KC_CONF_DIR=$(pwd)/conf
    bin/kc.sh build ${featuresSubcommand}

    runHook postBuild
  '';

  installPhase = ''
    runHook preInstall

    mkdir $out
    cp -r * $out

    rm $out/bin/*.{ps1,bat}

    runHook postInstall
  '';

  postFixup = ''
    for script in $(find $out/bin -type f -executable); do
      wrapProgram "$script" --set JAVA_HOME ${jre} --prefix PATH : ${jre}/bin
    done
  '';

  passthru = {
    tests = nixosTests.keycloak;
    plugins = callPackage ./all-plugins.nix { };
    enabledPlugins = plugins;
  };

  meta = with lib; {
    homepage = "https://www.keycloak.org/";
    description = "Identity and access management for modern applications and services";
    sourceProvenance = with sourceTypes; [ binaryBytecode ];
    license = licenses.asl20;
    platforms = jre.meta.platforms;
    maintainers = with maintainers; [ ngerstle talyz ];
  };

}
keycloak: Switch to the new Quarkus version of Keycloak With version 17 of Keycloak, the Wildfly based distribution was deprecated in favor of the one based on Quarkus. The difference in configuration is massive and to accommodate it, both the package and module had to be rewritten. 2022-04-05 18:59:05 +02:00			`{ stdenv`
			`, lib`
			`, fetchzip`
			`, makeWrapper`
			`, jre`
			`, nixosTests`
keycloak: add keycloak.plugins 2021-10-03 20:08:59 +02:00			`, callPackage`
keycloak: Switch to the new Quarkus version of Keycloak With version 17 of Keycloak, the Wildfly based distribution was deprecated in favor of the one based on Quarkus. The difference in configuration is massive and to accommodate it, both the package and module had to be rewritten. 2022-04-05 18:59:05 +02:00			`, confFile ? null`
			`, plugins ? [ ]`
keycloak: allow enabling and disabling features 2023-06-10 00:27:24 +02:00			`, extraFeatures ? [ ]`
			`, disabledFeatures ? [ ]`
nixos/keycloak: Init 2020-10-05 15:58:44 +02:00			`}:`

keycloak: allow enabling and disabling features 2023-06-10 00:27:24 +02:00			`let`
			`featuresSubcommand = ''`
			`${lib.optionalString (extraFeatures != [ ]) "--features=${lib.concatStringsSep "," extraFeatures}"} \`
			`${lib.optionalString (disabledFeatures != [ ]) "--features-disabled=${lib.concatStringsSep "," disabledFeatures}"}`
			`'';`
			`in stdenv.mkDerivation rec {`
keycloak: Switch to the new Quarkus version of Keycloak With version 17 of Keycloak, the Wildfly based distribution was deprecated in favor of the one based on Quarkus. The difference in configuration is massive and to accommodate it, both the package and module had to be rewritten. 2022-04-05 18:59:05 +02:00			`pname = "keycloak";`
keycloak: 22.0.4 -> 22.0.5 2023-10-24 19:30:44 +02:00			`version = "22.0.5";`
keycloak: init at 9.0.0 PR #80897 2020-02-25 08:00:40 +01:00
			`src = fetchzip {`
keycloak: Switch to the new Quarkus version of Keycloak With version 17 of Keycloak, the Wildfly based distribution was deprecated in favor of the one based on Quarkus. The difference in configuration is massive and to accommodate it, both the package and module had to be rewritten. 2022-04-05 18:59:05 +02:00			`url = "https://github.com/keycloak/keycloak/releases/download/${version}/keycloak-${version}.zip";`
keycloak: 22.0.4 -> 22.0.5 2023-10-24 19:30:44 +02:00			`hash = "sha256-D08WPJUOIIDD9JTTq4C4+wzj/fTZvFbxVXWbVzx0MKY=";`
keycloak: init at 9.0.0 PR #80897 2020-02-25 08:00:40 +01:00			`};`

keycloak: Switch to the new Quarkus version of Keycloak With version 17 of Keycloak, the Wildfly based distribution was deprecated in favor of the one based on Quarkus. The difference in configuration is massive and to accommodate it, both the package and module had to be rewritten. 2022-04-05 18:59:05 +02:00			`nativeBuildInputs = [ makeWrapper jre ];`

keycloak: 19.0.2 -> 20.0.0 2022-11-02 16:08:10 +01:00			`patches = [`
			`# Make home.dir and config.dir configurable through the`
			`# KC_HOME_DIR and KC_CONF_DIR environment variables.`
			`./config_vars.patch`
			`];`

keycloak: Switch to the new Quarkus version of Keycloak With version 17 of Keycloak, the Wildfly based distribution was deprecated in favor of the one based on Quarkus. The difference in configuration is massive and to accommodate it, both the package and module had to be rewritten. 2022-04-05 18:59:05 +02:00			`buildPhase = ''`
			`runHook preBuild`
			`'' + lib.optionalString (confFile != null) ''`
			`install -m 0600 ${confFile} conf/keycloak.conf`
			`'' + ''`
			`install_plugin() {`
keycloak: 18.0.0 -> 19.0.1 2022-08-31 13:18:56 +02:00			`if [ -d "$1" ]; then`
			`find "$1" -type f \( -iname \.ear -o -iname \.jar \) -exec install -m 0500 "{}" "providers/" \;`
			`else`
			`install -m 0500 "$1" "providers/"`
			`fi`
keycloak: Switch to the new Quarkus version of Keycloak With version 17 of Keycloak, the Wildfly based distribution was deprecated in favor of the one based on Quarkus. The difference in configuration is massive and to accommodate it, both the package and module had to be rewritten. 2022-04-05 18:59:05 +02:00			`}`
			`${lib.concatMapStringsSep "\n" (pl: "install_plugin ${lib.escapeShellArg pl}") plugins}`
			`'' + ''`
			`patchShebangs bin/kc.sh`
keycloak: 19.0.2 -> 20.0.0 2022-11-02 16:08:10 +01:00			`export KC_HOME_DIR=$(pwd)`
			`export KC_CONF_DIR=$(pwd)/conf`
keycloak: allow enabling and disabling features 2023-06-10 00:27:24 +02:00			`bin/kc.sh build ${featuresSubcommand}`
keycloak: Switch to the new Quarkus version of Keycloak With version 17 of Keycloak, the Wildfly based distribution was deprecated in favor of the one based on Quarkus. The difference in configuration is massive and to accommodate it, both the package and module had to be rewritten. 2022-04-05 18:59:05 +02:00
			`runHook postBuild`
			`'';`
keycloak: init at 9.0.0 PR #80897 2020-02-25 08:00:40 +01:00
			`installPhase = ''`
keycloak: Switch to the new Quarkus version of Keycloak With version 17 of Keycloak, the Wildfly based distribution was deprecated in favor of the one based on Quarkus. The difference in configuration is massive and to accommodate it, both the package and module had to be rewritten. 2022-04-05 18:59:05 +02:00			`runHook preInstall`

keycloak: init at 9.0.0 PR #80897 2020-02-25 08:00:40 +01:00			`mkdir $out`
			`cp -r * $out`

keycloak: Switch to the new Quarkus version of Keycloak With version 17 of Keycloak, the Wildfly based distribution was deprecated in favor of the one based on Quarkus. The difference in configuration is massive and to accommodate it, both the package and module had to be rewritten. 2022-04-05 18:59:05 +02:00			`rm $out/bin/*.{ps1,bat}`
keycloak: init at 9.0.0 PR #80897 2020-02-25 08:00:40 +01:00
keycloak: Switch to the new Quarkus version of Keycloak With version 17 of Keycloak, the Wildfly based distribution was deprecated in favor of the one based on Quarkus. The difference in configuration is massive and to accommodate it, both the package and module had to be rewritten. 2022-04-05 18:59:05 +02:00			`runHook postInstall`
			`'';`

			`postFixup = ''`
			`for script in $(find $out/bin -type f -executable); do`
			`wrapProgram "$script" --set JAVA_HOME ${jre} --prefix PATH : ${jre}/bin`
keycloak: wrap all the shell scripts Most of these just need JAVA_HOME, but a few assume that java is in PATH 2022-03-22 20:03:47 +01:00			`done`
keycloak: init at 9.0.0 PR #80897 2020-02-25 08:00:40 +01:00			`'';`

keycloak: add keycloak.plugins 2021-10-03 20:08:59 +02:00			`passthru = {`
			`tests = nixosTests.keycloak;`
keycloak: Switch to the new Quarkus version of Keycloak With version 17 of Keycloak, the Wildfly based distribution was deprecated in favor of the one based on Quarkus. The difference in configuration is massive and to accommodate it, both the package and module had to be rewritten. 2022-04-05 18:59:05 +02:00			`plugins = callPackage ./all-plugins.nix { };`
			`enabledPlugins = plugins;`
keycloak: add keycloak.plugins 2021-10-03 20:08:59 +02:00			`};`
nixos/keycloak: Add test 2020-10-13 11:44:02 +02:00
treewide: with stdenv.lib; in meta -> with lib; Part of: https://github.com/NixOS/nixpkgs/issues/108938 meta = with stdenv.lib; is a widely used pattern. We want to slowly remove the `stdenv.lib` indirection and encourage people to use `lib` directly. Thus let’s start with the meta field. This used a rewriting script to mostly automatically replace all occurances of this pattern, and add the `lib` argument to the package header if it doesn’t exist yet. The script in its current form is available at https://cs.tvl.fyi/depot@2f807d7f141068d2d60676a89213eaa5353ca6e0/-/blob/users/Profpatsch/nixpkgs-rewriter/default.nix 2021-01-11 08:54:33 +01:00			`meta = with lib; {`
keycloak: Switch to the new Quarkus version of Keycloak With version 17 of Keycloak, the Wildfly based distribution was deprecated in favor of the one based on Quarkus. The difference in configuration is massive and to accommodate it, both the package and module had to be rewritten. 2022-04-05 18:59:05 +02:00			`homepage = "https://www.keycloak.org/";`
keycloak: init at 9.0.0 PR #80897 2020-02-25 08:00:40 +01:00			`description = "Identity and access management for modern applications and services";`
treewide: set sourceProvenance for packages containing downloaded jars these are the easily identifiable cases and will not be comprehensive 2022-06-02 15:38:41 +02:00			`sourceProvenance = with sourceTypes; [ binaryBytecode ];`
keycloak: Switch to the new Quarkus version of Keycloak With version 17 of Keycloak, the Wildfly based distribution was deprecated in favor of the one based on Quarkus. The difference in configuration is massive and to accommodate it, both the package and module had to be rewritten. 2022-04-05 18:59:05 +02:00			`license = licenses.asl20;`
			`platforms = jre.meta.platforms;`
nixos/keycloak: Init 2020-10-05 15:58:44 +02:00			`maintainers = with maintainers; [ ngerstle talyz ];`
keycloak: init at 9.0.0 PR #80897 2020-02-25 08:00:40 +01:00			`};`

			`}`