Init docs
parent
d78c5a88f9
commit
a6d3dbb76d
GPG Key ID:
4FA1D3FA524F22C1
|
|
@ -0,0 +1,17 @@
|
|||
# Process for handling a deletion request
|
||||
|
||||
### Keycloak
|
||||
Required:
|
||||
- auth.pub.solar ops user credentials
|
||||
- SSH access to host flora-6
|
||||
```
|
||||
ssh barkeeper@flora-6.pub.solar
|
||||
|
||||
sudo --user keycloak kcadm.sh config credentials --config /tmp/kcadm.config --server http://localhost:8080 --realm pub.solar --user ops
|
||||
|
||||
# Take note of user id in response from following command
|
||||
sudo --user keycloak kcadm.sh get --config /tmp/kcadm.config users --realm pub.solar --query email=<email-address>
|
||||
|
||||
# Use user id from previous command, for example
|
||||
sudo --user keycloak kcadm.sh delete --config /tmp/kcadm.config users/2ec6f173-3c10-4b82-9808-e2f2d393ff11 --realm pub.solar
|
||||
```
|
||||
|
|
@ -0,0 +1,33 @@
|
|||
# Process for resetting keycloak user passwords
|
||||
|
||||
### Keycloak
|
||||
Required:
|
||||
- auth.pub.solar ops user credentials
|
||||
- SSH access to host flora-6
|
||||
```
|
||||
ssh barkeeper@flora-6.pub.solar
|
||||
|
||||
mkdir /tmp/keycloak-credential-reset
|
||||
|
||||
sudo --user keycloak kcadm.sh config credentials --config /tmp/kcadm.config --server http://localhost:8080 --realm pub.solar --user ops
|
||||
|
||||
sudo --user keycloak kcadm.sh get --config /tmp/kcadm.config users --realm pub.solar | jq --raw-output '.[] | .id' > /tmp/keycloak-credential-reset/all-uuids
|
||||
|
||||
for UUID in $(cat /tmp/keycloak-credential-reset/all-uuids); do
|
||||
sudo --user keycloak kcadm.sh get --config /tmp/kcadm.config users/$UUID/credentials --realm pub.solar > /tmp/keycloak-credential-reset/$UUID
|
||||
done
|
||||
|
||||
mkdir /tmp/keycloak-credential-reset/accounts-with-creds
|
||||
|
||||
find /tmp/keycloak-credential-reset -type f -size +3c -exec mv '{}' /tmp/keycloak-credential-reset/accounts-with-creds/ \;
|
||||
|
||||
rm -r /tmp/keycloak-credential-reset/accounts-with-creds/
|
||||
|
||||
find /tmp/keycloak-credential-reset/ -type f -exec basename '{}' \; > /tmp/keycloak-credential-reset/accounts-without-credentials
|
||||
|
||||
vim /tmp/keycloak-credential-reset/accounts-without-credentials
|
||||
|
||||
for UUID in $(cat /tmp/keycloak-credential-reset/accounts-without-credentials); do
|
||||
sudo --user keycloak kcadm.sh update --config /tmp/kcadm.config users/$UUID/reset-password --target-realm pub.solar --set type=password --set value=$(< /dev/urandom tr -dc A-Z-a-z-0-9 | head -c${1:-32};echo;) --set temporary=true --no-merge
|
||||
done
|
||||
```
|
||||
|
|
@ -0,0 +1,19 @@
|
|||
# Process for updating a keycloak realm via CLI
|
||||
|
||||
### Keycloak
|
||||
Required:
|
||||
- auth.pub.solar ops user credentials
|
||||
- SSH access to host flora-6
|
||||
```
|
||||
ssh barkeeper@flora-6.pub.solar
|
||||
|
||||
sudo -u keycloak kcadm.sh config credentials --config /tmp/kcadm.config --server http://localhost:8080 --realm master --user admin
|
||||
|
||||
sudo -u keycloak kcadm.sh get --config /tmp/kcadm.config realms/pub.solar
|
||||
|
||||
sudo -u keycloak kcadm.sh update --config /tmp/kcadm.config realms/pub.solar -s browserFlow='Webauthn Browser'
|
||||
|
||||
sudo -u keycloak kcadm.sh get --config /tmp/kcadm.config realms/pub.solar
|
||||
```
|
||||
|
||||
Source: https://keycloak.ch/keycloak-tutorials/tutorial-webauthn/
|
||||
Loading…
Reference in New Issue