Keycloak PAM
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
QuentinN42 4c35bbd789
feat: remove the oidc file
6 months ago
.vscode pam module in right location 6 months ago
ansible feat: remove the oidc file 6 months ago
build/install feat: remove the oidc file 6 months ago
.gitignore feat: commited build file 6 months ago
LICENSE Initial commit 7 months ago
README.md docs: rm old doc 6 months ago

README.md

SR2I204

Keycloak PAM

notes

Architecture

The servers are the following:

  • keycloak : The authentication server
  • mysql : Backend storage for keycloak
  • serv1 : a simple server
  • serv2 : another server

The users are the following:

  • admin : admin user for keycloak
  • user1 : a user that can only access serv1
  • user2 : a user that can only access serv2
  • user3 : a user that can access both serv1 and serv2

Usage

Install Insomnia. Import the Insomnia.json file in your app. Go to the keycloak server and login as admin. Then go to the clients and export the Keycloak OIDC JSON from Installation tab into Insomnia envs.

Setup a server

We will virtualise servers using LXC.

lxc-create -t download -n serv1 -- --no-validate --dist debian --release bullseye --arch amd64

Now you can attach to it and install the dependencies:

lxc-start -n serv1
lxc-attach -n serv1 -- bash -c ' \
    apt update && \
    apt install -y git ansible && \
    git clone https://gitea.rezel.net/number42/SR2I204.git /root/SR2I204 && \
    cd /root/SR2I204/server/ansible && \
    ansible-playbook install.yml'

Then you can try to ssh :

lxc-attach -n serv1 ip a
ssh root@<ip>