User Tools

Site Tools


hosts:enclave:keycloak

Keycloak

Port(s) 443
Publicly Accessible? Yes (through proxy)
Upstream Keycloak

Provides OpenID (Single Sign-On). User information is federated from LDAP, and password authentication is done through Kerberos.

Because it misbehaves otherwise, this uses SSL with a certificate issued by Step CA.

Data directories

  • /var/lib/postgresql/

Configuration locations

Handled declaratively through Nix.

hosts/enclave/keycloak.txt · Last modified: 2022/09/27 00:27 by tcmal