chore: publish 7.2.0+22.0.5 release

Fix compose file version
Make persistent theme volume optional
2023-11-22 15:27:32 +00:00 · 2023-11-22 15:25:43 +00:00 · 2023-11-22 15:23:27 +00:00 · 2023-11-22 16:15:42 +01:00 · 2023-11-09 09:47:55 -08:00 · 2023-10-23 13:56:16 +01:00
5 changed files with 39 additions and 12 deletions
--- a/.env.sample
+++ b/.env.sample
@ -8,6 +8,11 @@ LETS_ENCRYPT_ENV=production
 ADMIN_USERNAME=admin
 WELCOME_THEME=keycloak

+COMPOSE_FILE="compose.yml"
+
 SECRET_DB_ROOT_PASSWORD_VERSION=v1
 SECRET_DB_PASSWORD_VERSION=v1
 SECRET_ADMIN_PASSWORD_VERSION=v1
+
+# Enable persistent theme volume, if you want to apply a custom theme
+#COMPOSE_FILE="$COMPOSE_FILE:compose.theme.yml"
--- a/compose.theme.yml
+++ b/compose.theme.yml
@ -0,0 +1,10 @@
+---
+version: "3.8"
+
+services:
+  app:
+    volumes:
+      - "themes:/opt/keycloak/themes"
+
+volumes:
+  themes:
--- a/compose.yml
+++ b/compose.yml
@ -3,9 +3,9 @@ version: "3.8"

 services:
  app:
-    image: "keycloak/keycloak:20.0.3"
+    image: "keycloak/keycloak:22.0.5"
    entrypoint: >
-      bash -c "KC_DB_PASSWORD=\"$$(cat /run/secrets/db_password)\" /opt/keycloak/bin/kc.sh start"
+      bash -c "KEYCLOAK_ADMIN_PASSWORD=\"$$(cat /run/secrets/admin_password)\" KC_DB_PASSWORD=\"$$(cat /run/secrets/db_password)\" /opt/keycloak/bin/kc.sh start"
    networks:
      - proxy
      - internal
@ -21,14 +21,16 @@ services:
      - KC_SPI_CONNECTIONS_JPA_LEGACY_MIGRATION_STRATEGY=update
      - KEYCLOAK_ADMIN=${ADMIN_USERNAME}
      - KEYCLOAK_WELCOME_THEME=${WELCOME_THEME}
-    healthcheck:
-      test: ["CMD", "curl", "-f", "http://localhost:8080"]
-      interval: 30s
-      timeout: 10s
-      retries: 10
-      start_period: 1m
+    # NOTE(3wc): disabled due to missing curl binary, see
+    #   https://git.coopcloud.tech/coop-cloud/keycloak/issues/15
+    # healthcheck:
+    #   test: ["CMD", "curl", "-f", "http://localhost:8080"]
+    #   interval: 30s
+    #   timeout: 10s
+    #   retries: 10
+    #   start_period: 1m
    volumes:
-      - "themes:/opt/keycloak/themes"
+      - "providers:/opt/keycloak/providers"
    depends_on:
      - mariadb
    deploy:
@ -44,10 +46,10 @@ services:
        - "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect"
        - "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true"
        - "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
-        - "coop-cloud.${STACK_NAME}.version=5.0.2+20.0.3"
+        - "coop-cloud.${STACK_NAME}.version=7.2.0+22.0.5"

  db:
-    image: "mariadb:10.6"
+    image: "mariadb:10.11"
    environment:
      - MYSQL_DATABASE=keycloak
      - MYSQL_USER=keycloak
@ -66,6 +68,9 @@ services:
        backupbot.backup.path: "/tmp/dump.sql.gz"
        backupbot.backup.post-hook: "rm -f /tmp/dump.sql.gz"
        backupbot.backup.pre-hook: "sh -c 'mysqldump -u root -p\"$$(cat /run/secrets/db_root_password)\" keycloak | gzip > /tmp/dump.sql.gz'"
+        backupbot.restore.pre-hook: "sh -c 'cd /tmp && gzip -d dump.sql.gz'" 
+        backupbot.restore: "true"
+        backupbot.restore.post-hook: "sh -c 'mysql -u root -p\"$$(cat /run/secrets/db_root_password)\" keycloak < /tmp/dump.sql && rm -f /tmp/dump.sql'"

 networks:
  internal:
@ -85,4 +90,4 @@ secrets:

 volumes:
  mariadb:
-  themes:
+  providers:
--- a/release/6.0.0+21.0.2
+++ b/release/6.0.0+21.0.2
@ -0,0 +1,2 @@
+Healthchecks are disabled, see
+https://git.coopcloud.tech/coop-cloud/keycloak/issues/15
--- a/release/7.2.0+22.0.5
+++ b/release/7.2.0+22.0.5
@ -0,0 +1,5 @@
+A persistent volume for themes is now optional, and not enabled by default.
+
+If you are using a custom theme, consult the recipe `.env.sample` to see the new
+variables you need to add. You can use `abra app check ...` to verify that
+they've been added correctly.
Author	SHA1	Message	Date
3wc	e7360c2a16	chore: publish 7.2.0+22.0.5 release	2023-11-22 15:27:32 +00:00
3wc	5b83f487ec	Fix compose file version	2023-11-22 15:25:43 +00:00
3wc	3d42a26b9e	Make persistent theme volume optional	2023-11-22 15:23:27 +00:00
knoflook	6aac16ebd6	chore: publish 7.1.0+22.0.5 release	2023-11-22 16:15:42 +01:00
Cassowary	a5aae68446	chore: publish 7.0.2+22.0.5 release	2023-11-09 09:47:55 -08:00
3wc	82f6ad5d52	chore: publish 7.0.1+22.0.4 release	2023-10-23 13:56:16 +01:00
decentral1se	04b584ab4f	chore: publish 7.0.0+22.0.1 release	2023-07-20 17:04:52 +02:00
3wc	d2b9fffc46	chore: publish 6.0.0+21.0.2 release	2023-04-12 17:34:23 -04:00
3wc	b682264613	chore: publish 6.0.0+21.0.2 release	2023-04-12 17:17:24 -04:00
3wc	be3980d66f	chore: publish 5.1.0+20.0.3 release	2023-03-19 19:22:18 -04:00
knoflook	157d3beaab	fix: put the admin password in the container, also add restore capabilities	2023-03-05 12:07:56 +01:00