Keycloak installation for Oracle Compute with Custom Domain + APEX Configuration

Keycloak installation for Oracle Compute with Custom Domain + APEX Configuration

Keycloak is a robust open-source identity and access management solution for securing web applications and services. It offers a range of authentication and authorization features, making it a valuable tool for safeguarding your resources.

In this blog, I'll guide you through the process of setting it up and then I'll provide a link where you can integrate it seamlessly with Oracle APEX.

Keycloak needs SSL, so you need a custom domain (unconfirmed: or a self-signed certificate). The easiest way to get Keycloak working on Oracle Compute

Steps

  1. Install Nginx Proxy Manager using this guide (including the recommended Docker installation)
    https://mattmulvaney.hashnode.dev/nginx-proxy-manager-on-oracle-cloud-compute-custom-domain-ssl

  2. Create a keycloak-compose.yml file

      nano keycloak-compose.yml
    

    Paste in the following

     version: '3'
     services:
       keycloak:
         image: quay.io/keycloak/keycloak:latest
         ports:
           - "8280:8080"
         environment:
           - KEYCLOAK_ADMIN=admin
           - KEYCLOAK_ADMIN_PASSWORD=admin
           - PROXY_ADDRESS_FORWARDING=true
         command:
           - start-dev
           - --proxy=edge
           - --hostname-strict=false
           - --hostname-strict-https=false
         container_name: keycloak
    
  3. Then start docker-compose

     docker-compose -f keycloak-compose.yml up -d
    
  4. In your Domain Administration page (I'm using Cloudflare) create a proxied A type subdomain as keycloak and point it at the Public IP address of your Compute box

    Note: If you've forgotten your Public IP address. Take a look here

  5. Visit your Nginx Proxy Manager admin page

    Reminder: If you followed the guide in the first step, you might've used a dashboard subdomain

  6. Click Proxy Hosts > Add Proxy Host

  7. Add your domain name e.g. keycloak.snescentral.com and complete the form as per the picture below

  8. Switch to Custom locations and complete the form as per the picture below

    For the configuration, use this

             proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
             proxy_set_header X-Forwarded-Proto $scheme;
             proxy_set_header X-Real-IP $remote_addr;
             proxy_set_header Host $http_host;
             proxy_redirect off;
             proxy_buffer_size          128k;
             proxy_buffers              4 256k;
             proxy_busy_buffers_size    256k;
    
  9. Switch to SSL and select your SSL Certificate

  10. Click Save

  11. Try out your subdomain name in your browser. You should see the below.

  12. Click on Adminstration Console

  13. Sign in with the following details

    username: admin
    password: admin
    
  14. Click Admin > Manage Account > Signing in

  15. Click on Update and change your password

  16. Click Submit

ENJOY!

Next Steps: Configure Keycloak Authentication with APEX
https://mattmulvaney.hashnode.dev/keycloak-authentication-with-apex

Whats the picture: Yorkshire. Visit Yorkshire!