MAGICGrants/campaign-site
1
0
Fork 0
mirror of https://github.com/MAGICGrants/campaign-site.git synced 2026-01-09 12:27:59 -05:00
Code Issues Packages Projects Releases Wiki Activity

chore: add prod workflow file and compose file

Browse Source
This commit is contained in:
Artur
2024-08-28 17:45:50 -03:00
parent d0db567660
commit db1bbe05ea
5 changed files with 909 additions and 93 deletions
Download Patch File Download Diff File Expand all files Collapse all files

56
.github/workflows/deploy.yml vendored Normal file
View File

@@ -0,0 +1,56 @@
name: Deploy app to donate.magicgrants.org
on:
push:
branches:
- v2
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: webfactory/ssh-agent@v0.9.0
with:
ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }}
- name: Deploy
run: |
ssh -o StrictHostKeyChecking=no ${{ secrets.VPS_USER }}@${{ secrets.VPS_IP }} << 'EOF'
cd campaign-site
git checkout v2
echo "Pulling changes..."
git pull
echo "Building and starting..."
CLOUDFLARE_TUNNEL_TOKEN=${{ secrets.CLOUDFLARE_TUNNEL_TOKEN }} \
POSTGRES_PASSWORD=${{ secrets.POSTGRES_PASSWORD }} \
DATABASE_URL=${{ secrets.DATABASE_URL }} \
NEXTAUTH_SECRET=${{ secrets.NEXTAUTH_SECRET }} \
SMTP_USER=${{ secrets.SMTP_USER }} \
SMTP_PASS=${{ secrets.SMTP_PASS }} \
STRIPE_MONERO_SECRET_KEY=${{ secrets.STRIPE_MONERO_SECRET_KEY }} \
STRIPE_MONERO_WEBHOOK_SECRET=${{ secrets.STRIPE_MONERO_WEBHOOK_SECRET }} \
STRIPE_FIRO_SECRET_KEY=${{ secrets.STRIPE_FIRO_SECRET_KEY }} \
STRIPE_FIRO_WEBHOOK_SECRET=${{ secrets.STRIPE_FIRO_WEBHOOK_SECRET }} \
STRIPE_PRIVACY_GUIDES_SECRET_KEY=${{ secrets.STRIPE_PRIVACY_GUIDES_SECRET_KEY }} \
STRIPE_PRIVACY_GUIDES_WEBHOOK_SECRET=${{ secrets.STRIPE_PRIVACY_GUIDES_WEBHOOK_SECRET }} \
STRIPE_GENERAL_SECRET_KEY=${{ secrets.STRIPE_GENERAL_SECRET_KEY }} \
STRIPE_GENERAL_WEBHOOK_SECRET=${{ secrets.STRIPE_GENERAL_WEBHOOK_SECRET }} \
KEYCLOAK_URL=${{ secrets.KEYCLOAK_URL }} \
KEYCLOAK_CLIENT_SECRET=${{ secrets.KEYCLOAK_CLIENT_SECRET }} \
BTCPAY_URL=${{ secrets.BTCPAY_URL }} \
BTCPAY_API_KEY=${{ secrets.BTCPAY_API_KEY }} \
BTCPAY_MONERO_STORE_ID=${{ secrets.BTCPAY_MONERO_STORE_ID }} \
BTCPAY_MONERO_WEBHOOK_SECRET=${{ secrets.BTCPAY_MONERO_WEBHOOK_SECRET }} \
BTCPAY_FIRO_STORE_ID=${{ secrets.BTCPAY_FIRO_STORE_ID }} \
BTCPAY_FIRO_WEBHOOK_SECRET=${{ secrets.BTCPAY_FIRO_WEBHOOK_SECRET }} \
BTCPAY_PRIVACY_GUIDES_STORE_ID=${{ secrets.BTCPAY_PRIVACY_GUIDES_STORE_ID }} \
BTCPAY_PRIVACY_GUIDES_WEBHOOK_SECRET=${{ secrets.BTCPAY_PRIVACY_GUIDES_WEBHOOK_SECRET }} \
BTCPAY_GENERAL_STORE_ID=${{ secrets.BTCPAY_GENERAL_STORE_ID }} \
BTCPAY_GENERAL_WEBHOOK_SECRET=${{ secrets.BTCPAY_GENERAL_WEBHOOK_SECRET }} \
SENDGRID_RECIPIENT=${{ secrets.SENDGRID_RECIPIENT }} \
SENDGRID_VERIFIED_SENDER=${{ secrets.SENDGRID_VERIFIED_SENDER }} \
SENDGRID_API_KEY=${{ secrets.SENDGRID_API_KEY }} \
docker compose up -d --build
EOF

43
docker-compose.dev.yml
View File

@@ -23,16 +23,11 @@ services:
BTCPAY_XMR_DAEMON_URI: http://xmr-node.cakewallet.com:18081
BTCPAY_XMR_WALLET_DAEMON_URI: http://monerod_wallet:18082
BTCPAY_XMR_WALLET_DAEMON_WALLETDIR: /root/xmr_wallet
# HIDDENSERVICE_NAME: BTCPayServer
# HIDDENSERVICE_REVERSEPROXY: nginx
# BTCPAY_TORRCFILE: /usr/local/etc/tor/torrc-2
# BTCPAY_SOCKSENDPOINT: tor:9050
labels:
traefik.enable: 'true'
traefik.http.routers.btcpayserver.rule: Host(`${BTCPAY_HOST}`)
extra_hosts:
- 'host.docker.internal:host-gateway'
links:
- postgres
volumes:
@@ -44,15 +39,6 @@ services:
- 'tor_torrcdir:/usr/local/etc/tor/'
ports:
- '${NOREVERSEPROXY_HTTP_PORT:-80}:49392'
# monerod:
# restart: unless-stopped
# container_name: btcpayserver_monerod
# image: btcpayserver/monero:0.18.3.3
# entrypoint: monerod --rpc-bind-ip=0.0.0.0 --confirm-external-bind --rpc-bind-port=18081 --non-interactive --block-notify="/bin/sh ./scripts/notifier.sh -X GET http://btcpayserver:49392/monerolikedaemoncallback/block?cryptoCode=xmr&hash=%s" --hide-my-port --prune-blockchain --enable-dns-blocklist
# expose:
# - "18081"
# volumes:
# - "xmr_data:/home/monero/.bitmonero"
monerod_wallet:
restart: unless-stopped
container_name: btcpayserver_monero_wallet
@@ -64,35 +50,6 @@ services:
- 18082:18082
volumes:
- 'xmr_wallet:/wallet'
# depends_on:
# - monerod
# tor:
# restart: unless-stopped
# image: btcpayserver/tor:0.4.8.10
# container_name: tor
# environment:
# TOR_PASSWORD: btcpayserver
# TOR_ADDITIONAL_CONFIG: /usr/local/etc/tor/torrc-2
# TOR_EXTRA_ARGS: |
# CookieAuthentication 1
# expose:
# - "9050"
# - "9051"
# volumes:
# - "tor_datadir:/home/tor/.tor"
# - "tor_torrcdir:/usr/local/etc/tor"
# - "tor_servicesdir:/var/lib/tor/hidden_services"
# tor-gen:
# restart: unless-stopped
# image: btcpayserver/docker-gen:0.10.7
# container_name: tor-gen
# volumes:
# - "/var/run/docker.sock:/tmp/docker.sock:ro"
# - "./torrc.tmpl:/etc/docker-gen/templates/torrc.tmpl:ro"
# - "tor_torrcdir:/usr/local/etc/tor"
# entrypoint: /usr/local/bin/docker-gen -notify-sighup tor -watch -wait 5s:30s /etc/docker-gen/templates/torrc.tmpl /usr/local/etc/tor/torrc-2
# links:
# - tor
nbxplorer:
restart: unless-stopped
container_name: generated_nbxplorer_1

91
docker-compose.yml
View File

@@ -1,18 +1,85 @@
version: '3.7'
services:
cloudflared:
image: cloudflare/cloudflared:latest
container_name: cloudflared
restart: unless-stopped
command: tunnel --no-autoupdate run
environment:
TUNNEL_TOKEN: ${CLOUDFLARE_TUNNEL_TOKEN}
REAL_IP_HEADER: Cf-Connecting-Ip
depends_on:
- nginx
sample:
container_name: monerofund-frontend-page
nginx:
image: nginx:1
container_name: nginx
restart: unless-stopped
volumes:
- ./nginx.conf:/etc/nginx/nginx.conf
depends_on:
- app
app:
build:
context: .
dockerfile: Dockerfile
container_name: app
restart: unless-stopped
environment:
- CHOKIDAR_USEPOLLING=true
stdin_open: true
labels:
traefik.enable: true
traefik.http.routers.openpico.rule: Host(`monerofund.org`)
traefik.port: 3000
ports:
- 3000:3000
APP_URL: http://localhost:3000
DATABASE_URL: ${DATABASE_URL}
NEXTAUTH_URL: http://localhost:3000
NEXTAUTH_URL_INTERNAL: http://localhost:3000
NEXTAUTH_SECRET: ${NEXTAUTH_SECRET}
SMTP_HOST: email-smtp.us-east-2.amazonaws.com
SMTP_PORT: 587
SMTP_USER: ${SMTP_USER}
SMTP_PASS: ${SMTP_PASS}
STRIPE_MONERO_SECRET_KEY: ${STRIPE_MONERO_SECRET_KEY}
STRIPE_MONERO_WEBHOOK_SECRET: ${STRIPE_MONERO_WEBHOOK_SECRET}
STRIPE_FIRO_SECRET_KEY: ${STRIPE_FIRO_SECRET_KEY}
STRIPE_FIRO_WEBHOOK_SECRET: ${STRIPE_FIRO_WEBHOOK_SECRET}
STRIPE_PRIVACY_GUIDES_SECRET_KEY: ${STRIPE_PRIVACY_GUIDES_SECRET_KEY}
STRIPE_PRIVACY_GUIDES_WEBHOOK_SECRET: ${STRIPE_PRIVACY_GUIDES_WEBHOOK_SECRET}
STRIPE_GENERAL_SECRET_KEY: ${STRIPE_GENERAL_SECRET_KEY}
STRIPE_GENERAL_WEBHOOK_SECRET: ${STRIPE_GENERAL_WEBHOOK_SECRET}
KEYCLOAK_URL: ${KEYCLOAK_URL}
KEYCLOAK_CLIENT_ID: app
KEYCLOAK_CLIENT_SECRET: ${KEYCLOAK_CLIENT_SECRET}
KEYCLOAK_REALM_NAME: magic
BTCPAY_URL: ${BTCPAY_URL}
BTCPAY_API_KEY: ${BTCPAY_API_KEY}
BTCPAY_MONERO_STORE_ID: ${BTCPAY_MONERO_STORE_ID}
BTCPAY_MONERO_WEBHOOK_SECRET: ${BTCPAY_MONERO_WEBHOOK_SECRET}
BTCPAY_FIRO_STORE_ID: ${BTCPAY_FIRO_STORE_ID}
BTCPAY_FIRO_WEBHOOK_SECRET: ${BTCPAY_FIRO_WEBHOOK_SECRET}
BTCPAY_PRIVACY_GUIDES_STORE_ID: ${BTCPAY_PRIVACY_GUIDES_STORE_ID}
BTCPAY_PRIVACY_GUIDES_WEBHOOK_SECRET: ${BTCPAY_PRIVACY_GUIDES_WEBHOOK_SECRET}
BTCPAY_GENERAL_STORE_ID: ${BTCPAY_GENERAL_STORE_ID}
BTCPAY_GENERAL_WEBHOOK_SECRET: ${BTCPAY_GENERAL_WEBHOOK_SECRET}
SENDGRID_RECIPIENT: a
SENDGRID_VERIFIED_SENDER: a
SENDGRID_API_KEY: a
depends_on:
- postgres
postgres:
image: postgres:16-alpine
container_name: postgres
restart: unless-stopped
environment:
POSTGRES_USER: magic
POSTGRES_DB: magic
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
volumes:
- 'postgres_data:/var/lib/postgresql/data'
volumes:
postgres_data:

20
nginx.conf Normal file
View File

@@ -0,0 +1,20 @@
GNU nano 7.2 keycloak/nginx.conf
events {
worker_connections 1024;
}
http {
server {
listen 80;
server_name donate.magicgrants.org;
location / {
proxy_pass http://app:3000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
}
}
}

792
realm-export.json
View File

@@ -1,6 +1,8 @@
{
"id": "69206f5b-3557-4d79-aa26-e42faeaa6004",
"realm": "magicgrants",
"realm": "magic",
"displayName": "",
"displayNameHtml": "",
"notBefore": 0,
"defaultSignatureAlgorithm": "RS256",
"revokeRefreshToken": false,
@@ -44,6 +46,353 @@
"quickLoginCheckMilliSeconds": 1000,
"maxDeltaTimeSeconds": 43200,
"failureFactor": 30,
"roles": {
"realm": [
{
"id": "ebb9383f-79f5-4f33-89f1-47b6d60e2f16",
"name": "offline_access",
"description": "${role_offline-access}",
"composite": false,
"clientRole": false,
"containerId": "69206f5b-3557-4d79-aa26-e42faeaa6004",
"attributes": {}
},
{
"id": "562fda2f-8985-4046-8c35-2ad574a017dc",
"name": "uma_authorization",
"description": "${role_uma_authorization}",
"composite": false,
"clientRole": false,
"containerId": "69206f5b-3557-4d79-aa26-e42faeaa6004",
"attributes": {}
},
{
"id": "8da73bcf-9240-4091-9c16-10e94eb64504",
"name": "default-roles-magicgrants",
"description": "${role_default-roles}",
"composite": true,
"composites": {
"realm": ["offline_access", "uma_authorization"],
"client": {
"realm-management": ["manage-users"],
"account": ["view-profile", "manage-account"]
}
},
"clientRole": false,
"containerId": "69206f5b-3557-4d79-aa26-e42faeaa6004",
"attributes": {}
}
],
"client": {
"app": [],
"realm-management": [
{
"id": "d48df791-bf68-480a-ad74-2c029bbb17f7",
"name": "view-events",
"description": "${role_view-events}",
"composite": false,
"clientRole": true,
"containerId": "13865fe9-e645-4433-ac4e-873de1eefd4d",
"attributes": {}
},
{
"id": "4306eee2-503a-4a4c-ab0a-569def5564bc",
"name": "query-users",
"description": "${role_query-users}",
"composite": false,
"clientRole": true,
"containerId": "13865fe9-e645-4433-ac4e-873de1eefd4d",
"attributes": {}
},
{
"id": "bd191fa4-2d18-4b20-8675-b4a2aa15072f",
"name": "query-clients",
"description": "${role_query-clients}",
"composite": false,
"clientRole": true,
"containerId": "13865fe9-e645-4433-ac4e-873de1eefd4d",
"attributes": {}
},
{
"id": "18d8dc18-a21f-47d0-81b9-23a00140b9c5",
"name": "view-authorization",
"description": "${role_view-authorization}",
"composite": false,
"clientRole": true,
"containerId": "13865fe9-e645-4433-ac4e-873de1eefd4d",
"attributes": {}
},
{
"id": "dd887d76-e06f-47ee-ae36-96a8a92652da",
"name": "view-users",
"description": "${role_view-users}",
"composite": true,
"composites": {
"client": {
"realm-management": ["query-users", "query-groups"]
}
},
"clientRole": true,
"containerId": "13865fe9-e645-4433-ac4e-873de1eefd4d",
"attributes": {}
},
{
"id": "ec6621e9-9691-4099-8342-e8429dc4d3f1",
"name": "query-realms",
"description": "${role_query-realms}",
"composite": false,
"clientRole": true,
"containerId": "13865fe9-e645-4433-ac4e-873de1eefd4d",
"attributes": {}
},
{
"id": "422decf1-7d2f-4e6f-bc48-65c334ea1f61",
"name": "manage-events",
"description": "${role_manage-events}",
"composite": false,
"clientRole": true,
"containerId": "13865fe9-e645-4433-ac4e-873de1eefd4d",
"attributes": {}
},
{
"id": "db4f4761-68dc-4d9c-a0a5-4e214e617f37",
"name": "manage-clients",
"description": "${role_manage-clients}",
"composite": false,
"clientRole": true,
"containerId": "13865fe9-e645-4433-ac4e-873de1eefd4d",
"attributes": {}
},
{
"id": "3db581ac-e880-461b-84d1-bb69708c77a9",
"name": "create-client",
"description": "${role_create-client}",
"composite": false,
"clientRole": true,
"containerId": "13865fe9-e645-4433-ac4e-873de1eefd4d",
"attributes": {}
},
{
"id": "2ff0b822-72d4-41be-b973-12dbee4be95b",
"name": "view-realm",
"description": "${role_view-realm}",
"composite": false,
"clientRole": true,
"containerId": "13865fe9-e645-4433-ac4e-873de1eefd4d",
"attributes": {}
},
{
"id": "4768c012-bf48-4af9-b56e-f8c86a49dd99",
"name": "view-identity-providers",
"description": "${role_view-identity-providers}",
"composite": false,
"clientRole": true,
"containerId": "13865fe9-e645-4433-ac4e-873de1eefd4d",
"attributes": {}
},
{
"id": "6f2d48f5-4d96-410f-8629-2442685d628d",
"name": "manage-users",
"description": "${role_manage-users}",
"composite": false,
"clientRole": true,
"containerId": "13865fe9-e645-4433-ac4e-873de1eefd4d",
"attributes": {}
},
{
"id": "df369c64-08fc-4e3c-9e6a-3c401bcb6561",
"name": "manage-realm",
"description": "${role_manage-realm}",
"composite": false,
"clientRole": true,
"containerId": "13865fe9-e645-4433-ac4e-873de1eefd4d",
"attributes": {}
},
{
"id": "8104fb7b-b220-497e-b20b-fdcc153e9fd9",
"name": "manage-identity-providers",
"description": "${role_manage-identity-providers}",
"composite": false,
"clientRole": true,
"containerId": "13865fe9-e645-4433-ac4e-873de1eefd4d",
"attributes": {}
},
{
"id": "59d6dd76-acc5-4b49-92bc-518d4e455f80",
"name": "realm-admin",
"description": "${role_realm-admin}",
"composite": true,
"composites": {
"client": {
"realm-management": [
"view-events",
"query-users",
"query-clients",
"view-authorization",
"view-users",
"query-realms",
"manage-events",
"manage-clients",
"view-realm",
"create-client",
"view-identity-providers",
"manage-users",
"manage-realm",
"manage-identity-providers",
"impersonation",
"query-groups",
"view-clients",
"manage-authorization"
]
}
},
"clientRole": true,
"containerId": "13865fe9-e645-4433-ac4e-873de1eefd4d",
"attributes": {}
},
{
"id": "9dc1b958-4be3-462e-9984-e314b27ee75e",
"name": "impersonation",
"description": "${role_impersonation}",
"composite": false,
"clientRole": true,
"containerId": "13865fe9-e645-4433-ac4e-873de1eefd4d",
"attributes": {}
},
{
"id": "aed79e17-8b08-4cf8-9c8d-836582b3c6a4",
"name": "query-groups",
"description": "${role_query-groups}",
"composite": false,
"clientRole": true,
"containerId": "13865fe9-e645-4433-ac4e-873de1eefd4d",
"attributes": {}
},
{
"id": "6f703cae-4d19-4a79-beb6-4a47c5d18c8a",
"name": "view-clients",
"description": "${role_view-clients}",
"composite": true,
"composites": {
"client": {
"realm-management": ["query-clients"]
}
},
"clientRole": true,
"containerId": "13865fe9-e645-4433-ac4e-873de1eefd4d",
"attributes": {}
},
{
"id": "0d532d3d-a8fc-4489-8152-73b938ef154c",
"name": "manage-authorization",
"description": "${role_manage-authorization}",
"composite": false,
"clientRole": true,
"containerId": "13865fe9-e645-4433-ac4e-873de1eefd4d",
"attributes": {}
}
],
"security-admin-console": [],
"admin-cli": [],
"account-console": [],
"broker": [
{
"id": "5516f83a-e024-4988-9b00-56472dacdd53",
"name": "read-token",
"description": "${role_read-token}",
"composite": false,
"clientRole": true,
"containerId": "b44227a1-ce19-41b0-8b61-21ce79039e35",
"attributes": {}
}
],
"account": [
{
"id": "462bfa3c-5fad-4d99-9671-ad2650eb85f6",
"name": "view-groups",
"description": "${role_view-groups}",
"composite": false,
"clientRole": true,
"containerId": "001a8b0d-0c06-4666-9ff8-0f454bc1e97e",
"attributes": {}
},
{
"id": "11bf9031-bac0-4869-906a-b15c5a6862e2",
"name": "manage-consent",
"description": "${role_manage-consent}",
"composite": true,
"composites": {
"client": {
"account": ["view-consent"]
}
},
"clientRole": true,
"containerId": "001a8b0d-0c06-4666-9ff8-0f454bc1e97e",
"attributes": {}
},
{
"id": "eeaaf6bf-9cdd-46b4-acfd-31fbdb6626c0",
"name": "view-consent",
"description": "${role_view-consent}",
"composite": false,
"clientRole": true,
"containerId": "001a8b0d-0c06-4666-9ff8-0f454bc1e97e",
"attributes": {}
},
{
"id": "84491553-aa24-4733-ba1b-09c14364392a",
"name": "view-profile",
"description": "${role_view-profile}",
"composite": false,
"clientRole": true,
"containerId": "001a8b0d-0c06-4666-9ff8-0f454bc1e97e",
"attributes": {}
},
{
"id": "f3bdef52-0d26-476b-b4d8-29f1f5329aa6",
"name": "delete-account",
"description": "${role_delete-account}",
"composite": false,
"clientRole": true,
"containerId": "001a8b0d-0c06-4666-9ff8-0f454bc1e97e",
"attributes": {}
},
{
"id": "92777a70-1c61-40f9-a611-122f162db07c",
"name": "manage-account-links",
"description": "${role_manage-account-links}",
"composite": false,
"clientRole": true,
"containerId": "001a8b0d-0c06-4666-9ff8-0f454bc1e97e",
"attributes": {}
},
{
"id": "0941cf19-052f-4e25-8008-aa2d0a22304d",
"name": "view-applications",
"description": "${role_view-applications}",
"composite": false,
"clientRole": true,
"containerId": "001a8b0d-0c06-4666-9ff8-0f454bc1e97e",
"attributes": {}
},
{
"id": "23e80b3c-ada0-44d8-8bee-ee33df20c5f6",
"name": "manage-account",
"description": "${role_manage-account}",
"composite": true,
"composites": {
"client": {
"account": ["manage-account-links"]
}
},
"clientRole": true,
"containerId": "001a8b0d-0c06-4666-9ff8-0f454bc1e97e",
"attributes": {}
}
]
}
},
"groups": [],
"defaultRole": {
"id": "8da73bcf-9240-4091-9c16-10e94eb64504",
"name": "default-roles-magicgrants",
@@ -88,13 +437,366 @@
"webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister": false,
"webAuthnPolicyPasswordlessAcceptableAaguids": [],
"webAuthnPolicyPasswordlessExtraOrigins": [],
"users": [
{
"id": "5713969f-6dda-4423-a85f-209ca2e2102e",
"username": "service-account-app",
"emailVerified": false,
"createdTimestamp": 1724090232692,
"enabled": true,
"totp": false,
"serviceAccountClientId": "app",
"disableableCredentialTypes": [],
"requiredActions": [],
"realmRoles": ["default-roles-magicgrants"],
"notBefore": 0,
"groups": []
}
],
"scopeMappings": [
{
"clientScope": "offline_access",
"roles": ["offline_access"]
}
],
"clientScopeMappings": {
"account": [
{
"client": "account-console",
"roles": ["manage-account", "view-groups"]
}
]
},
"clients": [
{
"id": "001a8b0d-0c06-4666-9ff8-0f454bc1e97e",
"clientId": "account",
"name": "${client_account}",
"rootUrl": "${authBaseUrl}",
"baseUrl": "/realms/magic/account/",
"surrogateAuthRequired": false,
"enabled": true,
"alwaysDisplayInConsole": false,
"clientAuthenticatorType": "client-secret",
"redirectUris": ["/realms/magic/account/*"],
"webOrigins": [],
"notBefore": 0,
"bearerOnly": false,
"consentRequired": false,
"standardFlowEnabled": true,
"implicitFlowEnabled": false,
"directAccessGrantsEnabled": false,
"serviceAccountsEnabled": false,
"publicClient": true,
"frontchannelLogout": false,
"protocol": "openid-connect",
"attributes": {
"post.logout.redirect.uris": "+"
},
"authenticationFlowBindingOverrides": {},
"fullScopeAllowed": false,
"nodeReRegistrationTimeout": 0,
"defaultClientScopes": ["basic"],
"optionalClientScopes": []
},
{
"id": "5bbdb160-83fc-4c2c-b933-280ee7e4c666",
"clientId": "account-console",
"name": "${client_account-console}",
"rootUrl": "${authBaseUrl}",
"baseUrl": "/realms/magic/account/",
"surrogateAuthRequired": false,
"enabled": true,
"alwaysDisplayInConsole": false,
"clientAuthenticatorType": "client-secret",
"redirectUris": ["/realms/magic/account/*"],
"webOrigins": [],
"notBefore": 0,
"bearerOnly": false,
"consentRequired": false,
"standardFlowEnabled": true,
"implicitFlowEnabled": false,
"directAccessGrantsEnabled": false,
"serviceAccountsEnabled": false,
"publicClient": true,
"frontchannelLogout": false,
"protocol": "openid-connect",
"attributes": {
"post.logout.redirect.uris": "+",
"pkce.code.challenge.method": "S256"
},
"authenticationFlowBindingOverrides": {},
"fullScopeAllowed": false,
"nodeReRegistrationTimeout": 0,
"protocolMappers": [
{
"id": "e067f75f-43ca-4c24-b870-6a9145f8dec3",
"name": "audience resolve",
"protocol": "openid-connect",
"protocolMapper": "oidc-audience-resolve-mapper",
"consentRequired": false,
"config": {}
}
],
"defaultClientScopes": ["basic"],
"optionalClientScopes": []
},
{
"id": "f5325ead-b0bc-45f8-94ae-72e3d93243d5",
"clientId": "admin-cli",
"name": "${client_admin-cli}",
"surrogateAuthRequired": false,
"enabled": true,
"alwaysDisplayInConsole": false,
"clientAuthenticatorType": "client-secret",
"redirectUris": [],
"webOrigins": [],
"notBefore": 0,
"bearerOnly": false,
"consentRequired": false,
"standardFlowEnabled": false,
"implicitFlowEnabled": false,
"directAccessGrantsEnabled": true,
"serviceAccountsEnabled": false,
"publicClient": true,
"frontchannelLogout": false,
"protocol": "openid-connect",
"attributes": {},
"authenticationFlowBindingOverrides": {},
"fullScopeAllowed": false,
"nodeReRegistrationTimeout": 0,
"defaultClientScopes": ["basic"],
"optionalClientScopes": []
},
{
"id": "50099b63-efb0-4788-972e-ad38ab935129",
"clientId": "app",
"name": "",
"description": "",
"rootUrl": "",
"adminUrl": "",
"baseUrl": "",
"surrogateAuthRequired": false,
"enabled": true,
"alwaysDisplayInConsole": false,
"clientAuthenticatorType": "client-secret",
"secret": "**********",
"redirectUris": ["/*"],
"webOrigins": ["/*"],
"notBefore": 0,
"bearerOnly": false,
"consentRequired": false,
"standardFlowEnabled": true,
"implicitFlowEnabled": false,
"directAccessGrantsEnabled": true,
"serviceAccountsEnabled": true,
"publicClient": false,
"frontchannelLogout": true,
"protocol": "openid-connect",
"attributes": {
"oidc.ciba.grant.enabled": "false",
"client.secret.creation.time": "1724090232",
"backchannel.logout.session.required": "true",
"oauth2.device.authorization.grant.enabled": "false",
"backchannel.logout.revoke.offline.tokens": "false"
},
"authenticationFlowBindingOverrides": {},
"fullScopeAllowed": true,
"nodeReRegistrationTimeout": -1,
"protocolMappers": [
{
"id": "bd54d3d3-889b-4d50-abed-0b863ce8a045",
"name": "Client ID",
"protocol": "openid-connect",
"protocolMapper": "oidc-usersessionmodel-note-mapper",
"consentRequired": false,
"config": {
"user.session.note": "client_id",
"id.token.claim": "true",
"introspection.token.claim": "true",
"access.token.claim": "true",
"claim.name": "client_id",
"jsonType.label": "String"
}
},
{
"id": "8062ba38-17c0-41f4-8bab-16dc5857c69f",
"name": "Client Host",
"protocol": "openid-connect",
"protocolMapper": "oidc-usersessionmodel-note-mapper",
"consentRequired": false,
"config": {
"user.session.note": "clientHost",
"id.token.claim": "true",
"introspection.token.claim": "true",
"access.token.claim": "true",
"claim.name": "clientHost",
"jsonType.label": "String"
}
},
{
"id": "2c0529a7-05b0-4396-8893-8602bd9928db",
"name": "Client IP Address",
"protocol": "openid-connect",
"protocolMapper": "oidc-usersessionmodel-note-mapper",
"consentRequired": false,
"config": {
"user.session.note": "clientAddress",
"id.token.claim": "true",
"introspection.token.claim": "true",
"access.token.claim": "true",
"claim.name": "clientAddress",
"jsonType.label": "String"
}
}
],
"defaultClientScopes": ["web-origins", "acr", "roles", "profile", "basic", "email"],
"optionalClientScopes": ["address", "phone", "offline_access", "microprofile-jwt"]
},
{
"id": "b44227a1-ce19-41b0-8b61-21ce79039e35",
"clientId": "broker",
"name": "${client_broker}",
"surrogateAuthRequired": false,
"enabled": true,
"alwaysDisplayInConsole": false,
"clientAuthenticatorType": "client-secret",
"redirectUris": [],
"webOrigins": [],
"notBefore": 0,
"bearerOnly": true,
"consentRequired": false,
"standardFlowEnabled": true,
"implicitFlowEnabled": false,
"directAccessGrantsEnabled": false,
"serviceAccountsEnabled": false,
"publicClient": false,
"frontchannelLogout": false,
"protocol": "openid-connect",
"attributes": {},
"authenticationFlowBindingOverrides": {},
"fullScopeAllowed": false,
"nodeReRegistrationTimeout": 0,
"defaultClientScopes": [],
"optionalClientScopes": []
},
{
"id": "13865fe9-e645-4433-ac4e-873de1eefd4d",
"clientId": "realm-management",
"name": "${client_realm-management}",
"surrogateAuthRequired": false,
"enabled": true,
"alwaysDisplayInConsole": false,
"clientAuthenticatorType": "client-secret",
"redirectUris": [],
"webOrigins": [],
"notBefore": 0,
"bearerOnly": true,
"consentRequired": false,
"standardFlowEnabled": true,
"implicitFlowEnabled": false,
"directAccessGrantsEnabled": false,
"serviceAccountsEnabled": false,
"publicClient": false,
"frontchannelLogout": false,
"protocol": "openid-connect",
"attributes": {},
"authenticationFlowBindingOverrides": {},
"fullScopeAllowed": false,
"nodeReRegistrationTimeout": 0,
"defaultClientScopes": [],
"optionalClientScopes": []
},
{
"id": "26d9f784-7335-49f8-9b61-b293046fe33f",
"clientId": "security-admin-console",
"name": "${client_security-admin-console}",
"rootUrl": "${authAdminUrl}",
"baseUrl": "/admin/magic/console/",
"surrogateAuthRequired": false,
"enabled": true,
"alwaysDisplayInConsole": false,
"clientAuthenticatorType": "client-secret",
"redirectUris": ["/admin/magic/console/*"],
"webOrigins": ["+"],
"notBefore": 0,
"bearerOnly": false,
"consentRequired": false,
"standardFlowEnabled": true,
"implicitFlowEnabled": false,
"directAccessGrantsEnabled": false,
"serviceAccountsEnabled": false,
"publicClient": true,
"frontchannelLogout": false,
"protocol": "openid-connect",
"attributes": {
"post.logout.redirect.uris": "+",
"pkce.code.challenge.method": "S256"
},
"authenticationFlowBindingOverrides": {},
"fullScopeAllowed": false,
"nodeReRegistrationTimeout": 0,
"protocolMappers": [
{
"id": "a1fe9fe0-d57c-4c06-a788-93bf2e475412",
"name": "locale",
"protocol": "openid-connect",
"protocolMapper": "oidc-usermodel-attribute-mapper",
"consentRequired": false,
"config": {
"introspection.token.claim": "true",
"userinfo.token.claim": "true",
"user.attribute": "locale",
"id.token.claim": "true",
"access.token.claim": "true",
"claim.name": "locale",
"jsonType.label": "String"
}
}
],
"defaultClientScopes": ["basic"],
"optionalClientScopes": []
}
],
"clientScopes": [
{
"id": "86ec582f-6c49-413b-ba62-cc75b9b004c5",
"name": "basic",
"description": "OpenID Connect scope for add all basic claims to the token",
"protocol": "openid-connect",
"attributes": {
"include.in.token.scope": "false",
"display.on.consent.screen": "false"
},
"protocolMappers": [
{
"id": "bc37fd43-ec52-4d38-a9cf-babca9dc3c5f",
"name": "auth_time",
"protocol": "openid-connect",
"protocolMapper": "oidc-usersessionmodel-note-mapper",
"consentRequired": false,
"config": {
"user.session.note": "AUTH_TIME",
"id.token.claim": "true",
"introspection.token.claim": "true",
"access.token.claim": "true",
"claim.name": "auth_time",
"jsonType.label": "long"
}
},
{
"id": "de3a6966-ec6f-4e4e-baf7-7cf500548805",
"name": "sub",
"protocol": "openid-connect",
"protocolMapper": "oidc-sub-mapper",
"consentRequired": false,
"config": {
"introspection.token.claim": "true",
"access.token.claim": "true"
}
}
]
},
{
"id": "3aa02e63-f837-43f1-84c0-0547f3181cad",
"name": "role_list",
@@ -136,8 +838,8 @@
"protocol": "openid-connect",
"attributes": {
"include.in.token.scope": "true",
"display.on.consent.screen": "true",
"consent.screen.text": "${addressScopeConsentText}"
"consent.screen.text": "${addressScopeConsentText}",
"display.on.consent.screen": "true"
},
"protocolMappers": [
{
@@ -168,8 +870,8 @@
"protocol": "openid-connect",
"attributes": {
"include.in.token.scope": "true",
"display.on.consent.screen": "true",
"consent.screen.text": "${phoneScopeConsentText}"
"consent.screen.text": "${phoneScopeConsentText}",
"display.on.consent.screen": "true"
},
"protocolMappers": [
{
@@ -225,7 +927,8 @@
"config": {
"id.token.claim": "true",
"introspection.token.claim": "true",
"access.token.claim": "true"
"access.token.claim": "true",
"userinfo.token.claim": "true"
}
}
]
@@ -249,6 +952,7 @@
"config": {
"introspection.token.claim": "true",
"multivalued": "true",
"userinfo.token.claim": "true",
"user.attribute": "foo",
"id.token.claim": "true",
"access.token.claim": "true",
@@ -281,8 +985,8 @@
"protocol": "openid-connect",
"attributes": {
"include.in.token.scope": "false",
"display.on.consent.screen": "true",
"consent.screen.text": "${rolesScopeConsentText}"
"consent.screen.text": "${rolesScopeConsentText}",
"display.on.consent.screen": "true"
},
"protocolMappers": [
{
@@ -303,12 +1007,12 @@
"protocolMapper": "oidc-usermodel-realm-role-mapper",
"consentRequired": false,
"config": {
"introspection.token.claim": "true",
"multivalued": "true",
"user.attribute": "foo",
"introspection.token.claim": "true",
"access.token.claim": "true",
"claim.name": "realm_access.roles",
"jsonType.label": "String"
"jsonType.label": "String",
"multivalued": "true"
}
},
{
@@ -318,12 +1022,12 @@
"protocolMapper": "oidc-usermodel-client-role-mapper",
"consentRequired": false,
"config": {
"introspection.token.claim": "true",
"multivalued": "true",
"user.attribute": "foo",
"introspection.token.claim": "true",
"access.token.claim": "true",
"claim.name": "resource_access.${client_id}.roles",
"jsonType.label": "String"
"jsonType.label": "String",
"multivalued": "true"
}
}
]
@@ -335,8 +1039,8 @@
"protocol": "openid-connect",
"attributes": {
"include.in.token.scope": "true",
"display.on.consent.screen": "true",
"consent.screen.text": "${emailScopeConsentText}"
"consent.screen.text": "${emailScopeConsentText}",
"display.on.consent.screen": "true"
},
"protocolMappers": [
{
@@ -380,8 +1084,8 @@
"protocol": "openid-connect",
"attributes": {
"include.in.token.scope": "true",
"display.on.consent.screen": "true",
"consent.screen.text": "${profileScopeConsentText}"
"consent.screen.text": "${profileScopeConsentText}",
"display.on.consent.screen": "true"
},
"protocolMappers": [
{
@@ -614,8 +1318,8 @@
"protocol": "openid-connect",
"attributes": {
"include.in.token.scope": "false",
"display.on.consent.screen": "false",
"consent.screen.text": ""
"consent.screen.text": "",
"display.on.consent.screen": "false"
},
"protocolMappers": [
{
@@ -632,7 +1336,15 @@
]
}
],
"defaultDefaultClientScopes": ["role_list", "profile", "email", "roles", "web-origins", "acr"],
"defaultDefaultClientScopes": [
"role_list",
"profile",
"email",
"roles",
"web-origins",
"acr",
"basic"
],
"defaultOptionalClientScopes": ["offline_access", "address", "phone", "microprofile-jwt"],
"browserSecurityHeaders": {
"contentSecurityPolicyReportOnly": "",
@@ -680,14 +1392,14 @@
"subComponents": {},
"config": {
"allowed-protocol-mapper-types": [
"saml-user-attribute-mapper",
"oidc-usermodel-property-mapper",
"oidc-address-mapper",
"saml-user-property-mapper",
"saml-user-attribute-mapper",
"oidc-usermodel-attribute-mapper",
"oidc-full-name-mapper",
"saml-role-list-mapper",
"oidc-sha256-pairwise-sub-mapper",
"saml-user-property-mapper"
"oidc-usermodel-property-mapper",
"oidc-sha256-pairwise-sub-mapper"
]
}
},
@@ -728,14 +1440,14 @@
"subComponents": {},
"config": {
"allowed-protocol-mapper-types": [
"saml-user-attribute-mapper",
"oidc-usermodel-attribute-mapper",
"saml-user-property-mapper",
"oidc-address-mapper",
"saml-role-list-mapper",
"oidc-usermodel-property-mapper",
"oidc-sha256-pairwise-sub-mapper",
"saml-user-property-mapper",
"saml-role-list-mapper",
"oidc-full-name-mapper",
"oidc-address-mapper"
"saml-user-attribute-mapper",
"oidc-usermodel-attribute-mapper"
]
}
},
@@ -757,7 +1469,7 @@
"subComponents": {},
"config": {
"kc.user.profile.config": [
"{\"attributes\":[{\"name\":\"username\",\"displayName\":\"${username}\",\"validations\":{\"length\":{\"min\":3,\"max\":255},\"username-prohibited-characters\":{},\"up-username-not-idn-homograph\":{}},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false},{\"name\":\"email\",\"displayName\":\"${email}\",\"validations\":{\"email\":{},\"length\":{\"max\":255}},\"required\":{\"roles\":[\"user\"]},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false},{\"name\":\"name\",\"displayName\":\"\",\"validations\":{},\"annotations\":{},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\"]},\"multivalued\":false},{\"name\":\"passwordResetTokenVersion\",\"displayName\":\"\",\"validations\":{},\"annotations\":{},\"permissions\":{\"view\":[\"admin\"],\"edit\":[\"admin\"]},\"multivalued\":false},{\"name\":\"stripeCustomerId\",\"displayName\":\"\",\"validations\":{},\"annotations\":{},\"permissions\":{\"view\":[\"admin\"],\"edit\":[\"admin\"]},\"multivalued\":false}],\"groups\":[{\"name\":\"user-metadata\",\"displayHeader\":\"User metadata\",\"displayDescription\":\"Attributes, which refer to user metadata\"}]}"
"{\"attributes\":[{\"name\":\"username\",\"displayName\":\"${username}\",\"validations\":{\"length\":{\"min\":3,\"max\":255},\"username-prohibited-characters\":{},\"up-username-not-idn-homograph\":{}},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false},{\"name\":\"email\",\"displayName\":\"${email}\",\"validations\":{\"email\":{},\"length\":{\"max\":255}},\"required\":{\"roles\":[\"user\"]},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false},{\"name\":\"name\",\"displayName\":\"\",\"validations\":{},\"annotations\":{},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\"]},\"multivalued\":false},{\"name\":\"passwordResetTokenVersion\",\"displayName\":\"\",\"validations\":{},\"annotations\":{},\"permissions\":{\"view\":[\"admin\"],\"edit\":[\"admin\"]},\"multivalued\":false},{\"name\":\"stripeMoneroCustomerId\",\"displayName\":\"\",\"validations\":{},\"annotations\":{},\"permissions\":{\"view\":[\"admin\"],\"edit\":[\"admin\"]},\"multivalued\":false},{\"name\":\"stripeFiroCustomerId\",\"displayName\":\"\",\"validations\":{},\"annotations\":{},\"permissions\":{\"view\":[\"admin\"],\"edit\":[\"admin\"]},\"multivalued\":false},{\"name\":\"stripePgCustomerId\",\"displayName\":\"\",\"validations\":{},\"annotations\":{},\"permissions\":{\"view\":[],\"edit\":[\"admin\"]},\"multivalued\":false},{\"name\":\"stripeGeneralCustomerId\",\"displayName\":\"\",\"validations\":{},\"annotations\":{},\"permissions\":{\"view\":[\"admin\"],\"edit\":[\"admin\"]},\"multivalued\":false}],\"groups\":[{\"name\":\"user-metadata\",\"displayHeader\":\"User metadata\",\"displayDescription\":\"Attributes, which refer to user metadata\"}]}"
]
}
}
@@ -1452,20 +2164,24 @@
"firstBrokerLoginFlow": "first broker login",
"attributes": {
"cibaBackchannelTokenDeliveryMode": "poll",
"cibaExpiresIn": "120",
"cibaAuthRequestedUserHint": "login_hint",
"oauth2DeviceCodeLifespan": "600",
"oauth2DevicePollingInterval": "5",
"clientOfflineSessionMaxLifespan": "0",
"oauth2DevicePollingInterval": "5",
"clientSessionIdleTimeout": "0",
"parRequestUriLifespan": "60",
"clientSessionMaxLifespan": "0",
"clientOfflineSessionIdleTimeout": "0",
"cibaInterval": "5",
"realmReusableOtpCode": "false"
"realmReusableOtpCode": "false",
"cibaExpiresIn": "120",
"oauth2DeviceCodeLifespan": "600",
"parRequestUriLifespan": "60",
"clientSessionMaxLifespan": "0",
"frontendUrl": "",
"organizationsEnabled": "false",
"acr.loa.map": "{}"
},
"keycloakVersion": "24.0.5",
"keycloakVersion": "25.0.4",
"userManagedAccessAllowed": false,
"organizationsEnabled": false,
"clientProfiles": {
"profiles": []
},