420.1 Keycloak and ABP framework applications - chempkovsky/CS82ANGULAR GitHub Wiki
- First, we will describe the steps for installing Keycloak. The steps include:
- Instaling PostgreSql
- Installing Keycloak
- Installing Infinispan
- Integrating Keycloak and Infinispan
- Each node will be installed in the separate virtual machine.
- Ubuntu 24.04 LTS will be used as the operating system for each node.
- We are not going to use clusters for now
- In this article we will describe the steps for installing PostgreSQL.
- Suppose our Intranetwork is 10.183.96.0/19
- Suppose the IP of the virtual machine = 10.183.97.10
- Enable ufw and open the ports for ssh and PostgreSQL
Click to show the code
sudo apt update
sudo apt upgrage
sudo apt install ufw
sudo ufw app list
sudo ufw allow OpenSSH
sudo ufw enable
sudo ufw status
sudo ufw allow from 10.183.96.0/19 to any port 5432
Install PostgreSQL binary and show the version. postgres/postgres-user is added
Click to show the code
sudo apt update
sudo apt install postgresql postgresql-contrib
sudo systemctl start postgresql.service
sudo systemctl status postgresql.service
sudo -i -u postgres
psql
\conninfo
\q
exit
sudo -u postgres psql
select version();
\q
Here is a responce
PostgreSQL 16.9 (Ubuntu 16.9-0ubuntu0.24.04.1) on x86_64-pc-linux-gnu, compiled by gcc (Ubuntu 13.3.0-6ubuntu2~24.04) 13.3.0, 64-bit
Click to show the code
sudo -u postgres psql
\du
\q
responce
List of databases
Name | Owner | Encoding | Locale Provider | Collate | Ctype | ICU Locale | ICU Rules | Access privileges
-----------+----------+----------+-----------------+-------------+-------------+------------+-----------+-----------------------
postgres | postgres | UTF8 | libc | ru_RU.UTF-8 | ru_RU.UTF-8 | | |
template0 | postgres | UTF8 | libc | ru_RU.UTF-8 | ru_RU.UTF-8 | | | =c/postgres +
| | | | | | | | postgres=CTc/postgres
template1 | postgres | UTF8 | libc | ru_RU.UTF-8 | ru_RU.UTF-8 | | | =c/postgres +
| | | | | | | | postgres=CTc/postgres
Click to show the code
yury@psql:~$ sudo -u postgres createuser --interactive
Enter name of role to add: keycloak
Shall the new role be a superuser? (y/n) y
sudo -u postgres psql
ALTER USER keycloak WITH PASSWORD 'keycloak';
\q
- Take a look in the file
sudo nano /etc/ufw/applications.d/apache2-utils.ufw.profile
- So our command is as follows:
Click to show the code
sudo ufw allow "Apache Full"
sudo ufw status
- Open the file with command
sudo nano /etc/apache2/conf-available/phppgadmin.conf
- And replace
Require localwithAllow from all:
# Require local
Allow from all
- Outside the virtual machine goto
http://10.183.97.10/phppgadmin. Try to login aspostgreswith password=postgres- You will obtain:
Login disallowed for security reasons.
- You will obtain:
- modify the file with a command
sudo nano /etc/phppgadmin/config.inc.php
- replace
$conf[‘extra_login_security’] = true;with$conf[‘extra_login_security’] = false;
- Outside the virtual machine goto
http://10.183.97.10/phppgadmin. Try to login aspostgreswith password=postgres- You will obtain:
Login failed.
- You will obtain:
- We must set password for postgres user in the database server:
sudo -u postgres psql
ALTER USER postgres WITH PASSWORD 'postgres';
\q
exit
- now outside the virtual machine we are ready to goto
http://10.183.97.10/phppgadminand to login aspostgreswith password=postgres
- goto PGTune site
- Open the file
sudo nano /etc/postgresql/16/main/postgresql.conf
and modify as follows (in your case some params will be another)
Click to show the code
# DB Version: 16
# OS Type: linux
# DB Type: web
# Total Memory (RAM): 9 GB
# CPUs num: 4
# Connections num: 250
# Data Storage: ssd
max_connections = 250
shared_buffers = 1792MB
effective_cache_size = 5376MB
maintenance_work_mem = 448MB
checkpoint_completion_target = 0.9
wal_buffers = 16MB
default_statistics_target = 100
random_page_cost = 1.1
effective_io_concurrency = 200
work_mem = 7MB
huge_pages = off
min_wal_size = 1GB
max_wal_size = 4GB
max_worker_processes = 6
max_parallel_workers_per_gather = 3
max_parallel_workers = 6
max_parallel_maintenance_workers = 3
listen_addresses = '*'
- restart the server
sudo systemctl restart postgresql.service
sudo -u postgres pg_isready
- here is a responce
/var/run/postgresql:5432 - accepting connections
- modify the file
sudo nano /etc/postgresql/16/main/pg_hba.conf
- and add the line
host all all 10.183.96.0/19 scram-sha-256
- restart the server
sudo systemctl restart postgresql.service
- run the commands
sudo mkdir /data
sudo mkdir /data/keycloakdbs
sudo chown postgres:postgres /data/keycloakdbs
sudo -u postgres psql
CREATE TABLESPACE keycloakts OWNER keycloak LOCATION '/data/keycloakdbs';
\q
sudo -u postgres psql
CREATE DATABASE keycloakdb OWNER keycloak TABLESPACE keycloakts;
\q