TARDIS Project

User Tools

Site Tools

Trace:
hosts:virtual_machines:enclave:keycloak

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Last revisionBoth sides next revision
hosts:virtual_machines:enclave:keycloak [2023/02/21 01:32] – removed - external edit (Unknown date) 127.0.0.1hosts:virtual_machines:enclave:keycloak [2023/08/30 17:34] tcmal
Line 1: Line 1:
 +[[meta:autogen:start|​]]
 +===== Keycloak =====
 +^ Name | Keycloak |
 +^ Ports | 8443 (tcp) |
 +^  | [[https://netbox.tardisproject.uk/ipam/services/15/|View in NetBox.]] |
 +[[meta:autogen:end|​]]
 +
 +Provides [[https://www.onelogin.com/learn/how-single-sign-on-works|OpenID (Single Sign-On)]]. User information is federated from [[hosts:virtual_machines:enclave:ldap|LDAP]], and password authentication is done through [[hosts:virtual_machines:enclave:mit_kerberos_kdc|Kerberos]].
 +
 +Because it misbehaves otherwise, this uses SSL with a certificate issued by [[hosts:virtual_machines:enclave:smallstep_ca|Step CA]].
 +
 +===== Data directories =====
 +
 +  * ''/var/lib/postgresql/''
 +
 +===== Configuration locations =====
 +
 +Handled declaratively through [[https://git.tardisproject.uk/tardis/nix/-/blob/main/profiles/services/keycloak.nix|Nix]].
  
hosts/virtual_machines/enclave/keycloak.txt · Last modified: 2023/08/30 17:54 by tcmal