Keycloak is an open-source identity and access management solution that provides centralized authentication and authorization for modern applications and services. It enables organizations to secure their applications and services with a single sign-on (SSO) solution, reducing the need for users to remember multiple login credentials. Keycloak supports various authentication protocols, including SAML, OAuth, and OpenID Connect, and integrates with a wide range of applications and services. With Keycloak, administrators can manage user identities, define security policies, and monitor access to their applications and services. The software is designed to be scalable, flexible, and easy to use, making it a valuable tool for enhancing the security and usability of modern applications and services.
To create a new Proxmox VE Keycloak LXC, run the command below in the Proxmox VE Shell.
bash -c "$(wget -qLO - https://github.com/community-scripts/ProxmoxVE/raw/main/ct/keycloak.sh)"
Default Settings: 2GB RAM - 4GB Storage - 2CPU
Keycloak Interface: IP:8080 (First start can take a few minutes)
Initial Login
The initial admin user can be added manually using the web frontend when accessed from localhost or automatically using environment variables.
To add the initial admin user using environment variables, set KEYCLOAK_ADMIN for the initial admin username and KEYCLOAK_ADMIN_PASSWORD for the initial admin password.
First, stop Keycloak
systemctl stop keycloak.service
then start Keycloak by coping & pasting the command below (only needed once)
cd /opt/keycloak
export KEYCLOAK_ADMIN=admin
export KEYCLOAK_ADMIN_PASSWORD=changeme
bin/kc.sh start-dev