Skip to content

keycloak: add unix socket support#440968

Open
vog wants to merge 2 commits intoNixOS:masterfrom
vog:keycloak-add-unix-socket-support
Open

keycloak: add unix socket support#440968
vog wants to merge 2 commits intoNixOS:masterfrom
vog:keycloak-add-unix-socket-support

Conversation

@vog
Copy link
Copy Markdown
Contributor

@vog vog commented Sep 7, 2025

This commit adds unix socket support to keycloak via junixsocket-common and junixsoket-native-common.

This way, keycloak can be configured to connect to PostgreSQL via unix sockets instead of TCP/IP, using the JDBC URI syntax as described in the junixsocket manual: https://kohlschutter.github.io/junixsocket/dependency.html#postgresql

For the related discussion, see:

Things done

  • Built on platform:
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • Tested, as applicable:
  • Ran nixpkgs-review on this PR. See nixpkgs-review usage.
  • Tested basic functionality of all binary files, usually in ./result/bin/.
  • Nixpkgs Release Notes
    • Package update: when the change is major or breaking.
  • NixOS Release Notes
    • Module addition: when adding a new NixOS module.
    • Module update: when the change is significant.
  • Fits CONTRIBUTING.md, pkgs/README.md, maintainers/README.md and other READMEs.

Add a 👍 reaction to pull requests you find important.

@vog
keycloak: add unix socket support via junixsocket-common and junixsoc…
56ee44c 
…ket-native-common

This way, keycloak can be configured to connect to PostgreSQL via unix
sockets instead of TCP/IP, using the JDBC URI syntax as described in
the junixsocket manual:

https://kohlschutter.github.io/junixsocket/dependency.html#postgresql
@vog vog mentioned this pull request Sep 7, 2025
Merged
13 tasks
@nixpkgs-ci nixpkgs-ci bot added 10.rebuild-linux: 1-10 This PR causes between 1 and 10 packages to rebuild on Linux. 10.rebuild-darwin: 1-10 This PR causes between 1 and 10 packages to rebuild on Darwin. 10.rebuild-darwin: 1 This PR causes 1 package to rebuild on Darwin. 10.rebuild-linux: 1 This PR causes 1 package to rebuild on Linux. labels Sep 7, 2025
@nix-owners nix-owners bot requested review from leona-ya, ngerstle and talyz September 7, 2025 15:15
SuperSandro2000
SuperSandro2000 approved these changes Sep 7, 2025
View reviewed changes
Copy link
Copy Markdown
Member

@SuperSandro2000 SuperSandro2000 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@nixpkgs-ci nixpkgs-ci bot added the 12.approvals: 1 This PR was reviewed and approved by one person. label Sep 7, 2025
@vog @SuperSandro2000
keycloak: remove unneeded string concatenation
db6b050 
Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
@nekowinston
Copy link
Copy Markdown
Member

nekowinston commented Sep 8, 2025

Seems like a good change. Would it make sense to also adjust the NixOS module?

nixpkgs/nixos/modules/services/web-apps/keycloak.nix

Lines 431 to 432 in 5856831

databaseActuallyCreateLocally = cfg.database.createLocally && cfg.database.host == "localhost";
createLocalPostgreSQL = databaseActuallyCreateLocally && cfg.database.type == "postgresql";

createLocally is a default that results in db-url-host=localhost & db-url-port=5432 without any further user config.

@vog
Copy link
Copy Markdown
Contributor Author

vog commented Sep 16, 2025

Seems like a good change. Would it make sense to also adjust the NixOS module?

nixpkgs/nixos/modules/services/web-apps/keycloak.nix

Lines 431 to 432 in 5856831

databaseActuallyCreateLocally = cfg.database.createLocally && cfg.database.host == "localhost";
createLocalPostgreSQL = databaseActuallyCreateLocally && cfg.database.type == "postgresql";

createLocally is a default that results in db-url-host=localhost & db-url-port=5432 without any further user config.

That makes absolutely sense! However, I can't do that currently, as I have no NixOS instance running - I'm using Nixpkgs to create my own s6-based services on top of it.

vog added a commit to m-click/nixpkgs that referenced this pull request Nov 13, 2025
@vog
PR NixOS#440968: keycloak: add unix socket support
80cb504
@vog
Copy link
Copy Markdown
Contributor Author

vog commented Nov 13, 2025

@SuperSandro2000 @nekowinston Since no volunteer stepped up to adjust nixpkgs/nixos/modules/services/web-apps/keycloak.nix, would you be fine with merging this PR as-is, as a pure nixpkgs improvement, and to leave the then-possible improvements to the NixOS module to a separate issue resp. PR?

@mdaniels5757 mdaniels5757 added backport release-25.11 Backport PR automatically and removed backport release-25.05 labels Jan 2, 2026
vog added a commit to m-click/nixpkgs that referenced this pull request Jan 9, 2026
@vog
PR NixOS#440968: keycloak: add unix socket support
65a083d
SuperSandro2000
SuperSandro2000 approved these changes Jan 30, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@SuperSandro2000 SuperSandro2000 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fine for me

@nixpkgs-ci nixpkgs-ci bot added the 2.status: merge-bot eligible This PR can be merged by commenting "@NixOS/nixpkgs-merge-bot merge". label Jan 30, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@SuperSandro2000 SuperSandro2000 SuperSandro2000 approved these changes

@nekowinston nekowinston Awaiting requested review from nekowinston

@NickCao NickCao Awaiting requested review from NickCao

@Infinidoge Infinidoge Awaiting requested review from Infinidoge

@msgilligan msgilligan Awaiting requested review from msgilligan

@talyz talyz Awaiting requested review from talyz

@leona-ya leona-ya Awaiting requested review from leona-ya

@ngerstle ngerstle Awaiting requested review from ngerstle

Assignees

No one assigned

Labels

2.status: merge-bot eligible This PR can be merged by commenting "@NixOS/nixpkgs-merge-bot merge". 10.rebuild-darwin: 1-10 This PR causes between 1 and 10 packages to rebuild on Darwin. 10.rebuild-darwin: 1 This PR causes 1 package to rebuild on Darwin. 10.rebuild-linux: 1-10 This PR causes between 1 and 10 packages to rebuild on Linux. 10.rebuild-linux: 1 This PR causes 1 package to rebuild on Linux. 12.approvals: 1 This PR was reviewed and approved by one person. backport release-25.11 Backport PR automatically

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@vog @nekowinston @SuperSandro2000 @mdaniels5757