number42
/
SR2I204
2
2
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Keycloak PAM
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
132 Commits
1 Branch
0 Tags
309 KiB
 
 
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
QuentinN42 4c35bbd789
feat: remove the oidc file 		1 year ago
.vscode pam module in right location 1 year ago
ansible feat: remove the oidc file 1 year ago
build/install feat: remove the oidc file 1 year ago
.gitignore feat: commited build file 1 year ago
LICENSE Initial commit 1 year ago
README.md docs: rm old doc 1 year ago

README.md

SR2I204

Keycloak PAM

notes

Architecture

The servers are the following:

  • keycloak : The authentication server
  • mysql : Backend storage for keycloak
  • serv1 : a simple server
  • serv2 : another server

The users are the following:

  • admin : admin user for keycloak
  • user1 : a user that can only access serv1
  • user2 : a user that can only access serv2
  • user3 : a user that can access both serv1 and serv2

Usage

Install Insomnia. Import the Insomnia.json file in your app. Go to the keycloak server and login as admin. Then go to the clients and export the Keycloak OIDC JSON from Installation tab into Insomnia envs.

Setup a server

We will virtualise servers using LXC.

lxc-create -t download -n serv1 -- --no-validate --dist debian --release bullseye --arch amd64

Now you can attach to it and install the dependencies:

lxc-start -n serv1
lxc-attach -n serv1 -- bash -c ' \
    apt update && \
    apt install -y git ansible && \
    git clone https://gitea.rezel.net/number42/SR2I204.git /root/SR2I204 && \
    cd /root/SR2I204/server/ansible && \
    ansible-playbook install.yml'

Then you can try to ssh :

lxc-attach -n serv1 ip a
ssh root@<ip>