Keycloak is the Identity and Access Management system used by the UC Davis Library. It primarily acts as an identity broker for the UC Davis Central Authentication System (CAS).
After making any changes, you can deploy by following these steps:
- Check
config.shto ensure that everything looks good. - Run
./cmds/generate-deployment-files.sh. - Check changes into github and tag the release.
ssh auth.library.ucdavis.educd /optand then into the version you are deploying - currentlyprodorsandbox.- git pull either the tag or branch you need.
docker compose pull- If you made changes to the apache config, move it.
mv apache/keycloak.conf /etc/httpd/conf.d/prod.conf - Verify that your env file is good.
docker compose up -d
| Variable | Description | Required? |
|---|---|---|
| KC_DB_USERNAME | PG user | Y |
| KC_DB_PASSWORD | PG password | Y |
| POSTGRES_PASSWORD | Same as above | Y |
| KEYCLOAK_ADMIN | Creates KC admin user on start | Only use if setting up KC for first time |
| KEYCLOAK_ADMIN_PASSWORD | KC admin user password created on start | Only use if setting up KC for first time |