Note:
- It's not recommended that using the developing plugin in the production environment.
First, you should create a new Docker container to start a Keycloak server instance.
# Change the owner of the mapped volume
$ sudo docker run --rm \
-u root \
-v "$(pwd)/develop/data/keycloak":/mnt \
--entrypoint /bin/chown \
-it jboss/keycloak:4.5.0.Final \
-R jboss /mnt
$ sudo docker run -d --name keycloak-dev \
-e KEYCLOAK_LOGLEVEL=DEBUG \
-e KEYCLOAK_USER=admin \
-e KEYCLOAK_PASSWORD=admin123 \
-v "$(pwd)/develop/data/keycloak":/opt/jboss/keycloak/standalone/data \
-p 172.17.0.1:8086:8080 \
jboss/keycloak:4.5.0.Final
Or just run the script:
$ sudo bash ./develop/run-keycloak.sh
Then, access http://172.17.0.1:8086
and login with username admin
and password admin123
to Configure Keycloak realm client
and Create keycloak.json.
Bind port to
172.17.0.1
to make sure that Nexus3 and Keycloak can access each other.
At last, put the keycloak.json
into the directory develop
, or overwrite the existing one.
Note: If you want to test multiple Keycloak realms, just export the keycloak.json
and rename it as keycloak.{index}.json
,
the {index}
can be 0
, 1
or 2
.
Execute the image building script:
$ sudo bash ./develop/build-nexus3.sh
After that, a Docker image which is named as nexus3-keycloak-dev:3.6.0-02
will be shown in the list of sudo docker images
.
Note: The image is based on cavemandaveman/nexus which is running Nexus v3.6.0-02.
$ mvn clean install -Dmaven.test.skip=true
$ sudo bash ./develop/run-nexus3.sh
Note:
- This script will create a container which is named as
nexus3-keycloak-dev
and will map the Nexus3 web port to the local port8903
. - The Nexus3 data will be saved into
./develop/data/nexus3
to prevent to lose the configurations after re-creating the container.
Everything is ready, just enjoy your development journey! :)
Access http://172.17.0.1:8903
in your browser, and login with username admin
and password admin123
to configure your Nexus3.
If you want to check the logs of the Nexus3 server, just running the following command:
# Print the latest 500 lines
$ sudo docker logs --tail 500 nexus3-keycloak-dev
# Print the log to file
$ sudo docker logs nexus3-keycloak-dev >& nexus3.log
And if you updated this plugin, just rebuild it, then you just only need to restart the Nexus3 container like this:
$ sudo docker restart nexus3-keycloak-dev
If you want to use or test the SSO feature, you should build the Nginx gateway first:
$ sudo bash ./develop/run-nginx.sh
Then you can access http://172.17.0.1
in your browser, it will redirect to the Keycloak login page like
http://172.17.0.1:8086/auth/realms/master/protocol/openid-connect/auth?scope=xxx&client_id=xxx&state=xxx&nonce=xxx&redirect_uri=http%3A%2F%2F172.17.0.1%2Fredirect_uri&response_type=code
.
When you login successfully, it will go back to http://172.17.0.1
, and you already login Nexus3 too.
With the Nginx gateway configuration, you can be authenticated with HTTP basic authentication also, check it through:
# Administration priviledges checking
$ auth_basic=$(echo -n "nexus3:nexus321" | base64); \
curl -H "Authorization: BASIC $auth_basic" \
-H "Content-Type: application/json" \
-d '{"action":"coreui_User","method":"readSources","data":null,"type":"rpc","tid":9}' \
-v -4 \
"http://172.17.0.1/service/extdirect"
# User state checking
$ auth_basic=$(echo -n "nexus3:nexus321" | base64); \
curl -H "Authorization: BASIC $auth_basic" \
-H "Content-Type: application/json" \
-v -4 \
"http://172.17.0.1/service/extdirect/poll/rapture_State_get"
Note:
- Then Nginx gateway Docker image is built on flytreeleft/docker-nginx-gateway.