/snorlax-auth

Auth Provider and User Management via Keycloak

Primary LanguageMakefile

🔐 snorlax-auth

Snorlax

Rest easy knowing Snorlax is guarding your authentication

License: MIT Docker Keycloak

📖 Overview

snorlax-auth is our centralized authentication and authorization infrastructure using Keycloak. Just as Snorlax blocks the path of unauthorized trainers, this repository manages and secures your application's authentication needs.

🌟 Features

  • 🛡️ Rock-solid authentication barrier
  • 🔑 Centralized user management
  • 🔒 Role-based access control (RBAC)
  • 🔄 OAuth 2.0 and OpenID Connect support

🚀 Quick Start

Prerequisites

  • Docker (20.10.x or higher)
  • Docker Compose (2.x or higher)
  • Make (required for automation scripts)

Installation and Local Development

  1. Clone the repository:

    git clone git@github.com:your-organization/snorlax-auth.git
cd snorlax-auth

  2. Set up environment variables:

    cp .env.example .env

  3. Generate Certificates: Before starting development, you need to generate self-signed certificates for local use. Run the following command:

    make generate-certs

    This will create a certs directory containing cert.pem and key.pem files.

  4. Start the services:

    make up

  5. Access Keycloak:

    • Admin Console: https://localhost:8443/admin
    • Default credentials (change these immediately):
      • Username: admin
      • Password: (from your .env file)

📋 Makefile Commands

Our Makefile provides comprehensive commands for managing the Keycloak infrastructure. View all available commands with:

make help

Core Commands

make up              # Wake up all services
make down            # Put services to rest
make restart         # Quick Rest & wake up
make status          # Check Snorlax's status
make logs            # View Snorlax's dreams (logs)
make backup          # Create a backup of the realm and database
make restore         # Restore from a backup (Usage: make restore BACKUP_FILE=path/to/backup.json)
make generate-certs  # Generate self-signed certificates

Best Practices

  1. Never commit sensitive data (don't disturb a sleeping Snorlax)
  2. Use make check-env before deployment
  3. Regular make security-scan runs
  4. Maintain regular backups using make backup
  5. Test restores periodically

📞 Support

  • Run make help for command assistance
  • Create an issue in this repository

Troubleshooting

"Your connection is not private" screen when accessing localhost over HTTPS

  • In Chrome, put in chrome://flags/#allow-insecure-localhost in the address bar.
  • Enable the option that says "Allow invalid certificates for resources loaded from localhost".
  • Restart Chrome, and it should allow the site.

Rest easy knowing Snorlax is guarding your authentication 🛡️😴