diff --git a/deployment/.env b/deployment/.env index 83003feae..4a53f9913 100644 --- a/deployment/.env +++ b/deployment/.env @@ -11,7 +11,7 @@ DOCX_APP_TAG=0.0.8 JSON_APP_TAG=0.0.6 ZENODO_APP_TAG=2.0.4 POSTGRES_TAG=16-alpine -ELK_VERSION=8.13.0 +ELK_TAG=8.13.0 KEYCLOAK_TAG=24.0.2 RABBITMQ_TAG=3.13-management GOTENBERG_TAG=8.4.0 diff --git a/deployment/docker-compose.override.yml b/deployment/docker-compose.override.yml index 1662d7aa9..e4450fe73 100644 --- a/deployment/docker-compose.override.yml +++ b/deployment/docker-compose.override.yml @@ -1,7 +1,6 @@ services: ############################## PROXY ######################################## opendmp.proxy: - user: ${DEPLOY_USER}:${DEPLOY_GROUP} restart: unless-stopped cpus: 1 mem_limit: 256m @@ -11,18 +10,14 @@ services: env_file: - ./proxy/proxy.env volumes: - # - ./proxy/template-variables:/etc/nginx/templates/10-variables.conf.template:ro - ./proxy/nginx.conf:/etc/nginx/nginx.conf - ./proxy/ProxyNginx.conf:/etc/nginx/conf.d/default.conf - - ./proxy/nginx-selfsigned.crt:/certifcates/cert.crt - - ./proxy/nginx-selfsigned.key:/certifcates/key.key - ./logs/proxy:/tmp/logs networks: - opendmp-proxy-network ############################## OPENDMP APP ################################# # opendmp.backend: -# user: ${DEPLOY_USER}:${DEPLOY_GROUP} # restart: unless-stopped # cpus: 1 # mem_limit: 2048m @@ -62,7 +57,6 @@ services: # - opendmp-proxy-network # opendmp.notification: -# user: ${DEPLOY_USER}:${DEPLOY_GROUP} # cpus: 1 # mem_limit: 1024m # restart: unless-stopped @@ -84,7 +78,6 @@ services: # - opendmp-postgres-shared-network # opendmp.annotation: -# user: ${DEPLOY_USER}:${DEPLOY_GROUP} # cpus: 1 # mem_limit: 1024m # restart: unless-stopped @@ -107,7 +100,6 @@ services: # ############################## FILE-TRANSFORMER ################################# # opendmp.file.transformer.docx: -# user: ${DEPLOY_USER}:${DEPLOY_GROUP} # restart: unless-stopped # cpus: 1 # mem_limit: 1024m @@ -126,7 +118,6 @@ services: # - opendmp-gotenberg-shared-network # opendmp.file.transformer.rdajson: -# user: ${DEPLOY_USER}:${DEPLOY_GROUP} # restart: unless-stopped # cpus: 1 # mem_limit: 1024m @@ -146,7 +137,6 @@ services: ############################## ZENODO ####################################### # opendmp.zenodo: - # user: ${DEPLOY_USER}:${DEPLOY_GROUP} # restart: unless-stopped # cpus: 1 # mem_limit: 1024m @@ -165,7 +155,6 @@ services: ############################## POSTGRES 16 ################################# opendmp.postgres: - user: ${DEPLOY_USER}:${DEPLOY_GROUP} restart: unless-stopped mem_limit: 2048M ports: @@ -175,6 +164,8 @@ services: - ./postgres/postgres.env volumes: - ./storage/postgres/data:/var/lib/postgresql/data + - ./postgres/opendmp_init.sql:/docker-entrypoint-initdb.d/opendmp_init.sql + - ./postgres/user_init.sql:/docker-entrypoint-initdb.d/user_init.sql networks: - opendmp-postgres-shared-network healthcheck: @@ -185,24 +176,49 @@ services: ################################# ELK ################################################# + # elk.setup: + # profiles: + # - setup + # build: + # context: ./elk/setup/ + # args: + # ELASTIC_VERSION: ${ELASTIC_VERSION} + # init: true + # env_file: + # - elk/elk.env + # volumes: + # - ./setup/entrypoint.sh:/entrypoint.sh:ro,Z + # - ./setup/lib.sh:/lib.sh:ro,Z + # - ./setup/roles:/roles:ro,Z + # environment: + # ELASTIC_PASSWORD: ${ELASTIC_PASSWORD:-} + # LOGSTASH_INTERNAL_PASSWORD: ${LOGSTASH_INTERNAL_PASSWORD:-} + # KIBANA_SYSTEM_PASSWORD: ${KIBANA_SYSTEM_PASSWORD:-} + # METRICBEAT_INTERNAL_PASSWORD: ${METRICBEAT_INTERNAL_PASSWORD:-} + # FILEBEAT_INTERNAL_PASSWORD: ${FILEBEAT_INTERNAL_PASSWORD:-} + # HEARTBEAT_INTERNAL_PASSWORD: ${HEARTBEAT_INTERNAL_PASSWORD:-} + # MONITORING_INTERNAL_PASSWORD: ${MONITORING_INTERNAL_PASSWORD:-} + # BEATS_SYSTEM_PASSWORD: ${BEATS_SYSTEM_PASSWORD:-} + # networks: + # - opendmp-elastic-network + # opendmp.elasticsearch: - # user: ${DEPLOY_USER}:${DEPLOY_GROUP} - # group_add: - # - 0 # restart: unless-stopped # cpus: 2 # mem_limit: 1024m + # init: true # env_file: - # - elk/config-elk/elasticsearch/elastic.env + # - elk/elk.env # environment: - # - ES_JAVA_OPTS=-Xmx512m -Xms512m + # ES_JAVA_OPTS: -Xmx512m -Xms512m + # node.name: elasticsearch + # ELASTIC_PASSWORD: ${ELASTIC_PASSWORD:-} # ulimits: # nproc: 65535 # memlock: # soft: -1 # hard: -1 # volumes: - # - ./elk/config-elk/elasticsearch/certificates:/usr/share/elasticsearch/config/certificates # - ./elk/config-elk/elasticsearch/config/log4j2.properties:/usr/share/elasticsearch/config/log4j2.properties:ro # - ./elk/config-elk/elasticsearch/config/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml:ro # - ./elk/data-elk/elasticsearch-data:/usr/share/elasticsearch/data @@ -219,39 +235,82 @@ services: # timeout: 10s # retries: 5 -# # opendmp.logstash: -# # volumes: -# # - /elk/data-elk/logstash-log:/usr/share/logstash/logs - # opendmp.kibana: - # user: ${DEPLOY_USER}:${DEPLOY_GROUP} # restart: unless-stopped # cpus: 2 # mem_limit: 1024m + # ulimits: + # memlock: + # soft: -1 + # hard: -1 # environment: # - xpack.license.self_generated.type=basic # - xpack.security.enabled=true # volumes: - # - ./elk/config-elk/kibana/certificates:/usr/share/kibana/certificates - # - ./elk/config-elk/kibana/certificates/ca:/usr/share/kibana/certificate_authorities # - ./elk/config-elk/kibana/config:/usr/share/kibana/config:ro # expose: # - "5601" # networks: # - opendmp-elastic-network -# # opendmp.filebeat: + # logstash: + # build: + # context: logstash/ + # args: + # ELASTIC_VERSION: ${ELASTIC_VERSION} + # volumes: + # - ./logstash/config/logstash.yml:/usr/share/logstash/config/logstash.yml:ro,Z + # - ./logstash/pipeline:/usr/share/logstash/pipeline:ro,Z + # ports: + # - 5044:5044 + # - 50000:50000/tcp + # - 50000:50000/udp + # - 9600:9600 + # environment: + # LS_JAVA_OPTS: -Xms256m -Xmx256m + # LOGSTASH_INTERNAL_PASSWORD: ${LOGSTASH_INTERNAL_PASSWORD:-} + # networks: + # - elk + # depends_on: + # - elasticsearch + # restart: unless-stopped + # # - /elk/data-elk/logstash-log:/usr/share/logstash/logs + + # opendmp.filebeat: + # restart: unless-stopped + # cpus: 1 + # mem_limit: 1024m + # ulimits: + # memlock: + # soft: -1 + # hard: -1 + # volumes: + # - /var/run/docker.sock:/host_docker/docker.sock + # - /var/lib/docker:/host_docker/var/lib/docker + # - ./filebeat.yml:/usr/share/filebeat/filebeat.yml + # command: ["--strict.perms=false"] + # ulimits: + # memlock: + # soft: -1 + # hard: -1 + # stdin_open: true + # tty: true + # network_mode: bridge + # deploy: + # mode: global + # logging: + # driver: "json-file" + # options: + # max-size: "10m" + # max-file: "50" ############################## KEYCLOAK ############################################### opendmp.keycloak: restart: unless-stopped - command: ["start", "--log=console,file", "--log-file=/tmp/logs/keycloak.log", "--import-realm"] - # command: ["start", "--log=console,file", "--log-file=/tmp/logs/keycloak.log"] + command: ["start-dev", "--log=console,file", "--log-file=/tmp/logs/keycloak.log", "--import-realm"] cpus: 1 mem_limit: 1024M - security_opt: - - seccomp:unconfined env_file: - keycloak/keycloak.env environment: @@ -259,16 +318,14 @@ services: volumes: - ./logs/keycloak:/tmp/logs - ./keycloak/imports/opendmp-realm.json:/opt/keycloak/data/import/opendmp-realm.json - - ./keycloak/certs/keycloak-selfsigned.crt:/tmp/keycloak-selfsigned.crt:ro - - ./keycloak/certs/keycloak-selfsigned.key:/tmp/keycloak-selfsigned.key:ro expose: - - "8443" + - "8080" networks: - opendmp-proxy-network - opendmp-postgres-shared-network - opendmp-keycloak-shared-network -# ############################## RABBITMQ ############################################### +############################## RABBITMQ ############################################### opendmp.rabbitmq: labels: NAME: "rabbitmq" @@ -286,7 +343,7 @@ services: - opendmp-proxy-network - opendmp-rabbitmq-shared-network -# ############################## GOTENBERG ############################################## +############################## GOTENBERG ############################################## opendmp.gotenberg: mem_limit: 2048m restart: unless-stopped diff --git a/deployment/docker-compose.yml b/deployment/docker-compose.yml index 85cb30908..bf8a8e402 100644 --- a/deployment/docker-compose.yml +++ b/deployment/docker-compose.yml @@ -60,53 +60,35 @@ services: opendmp.postgres: container_name: opendmp.postgres image: postgres:${POSTGRES_TAG} - build: - context: ./postgres/ - args: - POSTGRES_TAG: $POSTGRES_TAG ################################# ELK ################################################# - # opendmp.elasticsearch: - # container_name: opendmp.elasticsearch - # image: elasticsearch - # build: - # context: ./elk/elasticsearch/ - # args: - # ELK_VERSION: $ELK_VERSION - # DEPLOY_USER : $DEPLOY_USER - # DEPLOY_GROUP : $DEPLOY_GROUP - -# # opendmp.logstash: -# # container_name: opendmp.logstash -# # image: logstash -# # build: -# # context: /elk/logstash/ -# # args: -# # ELK_VERSION: $ELK_VERSION -# # depends_on: -# # - opendmp.elasticsearch - - # opendmp.kibana: - # container_name: opendmp.kibana - # image: kibana - # build: - # context: ./elk/kibana/ - # args: - # ELK_VERSION: $ELK_VERSION - # DEPLOY_USER : $DEPLOY_USER - # DEPLOY_GROUP : $DEPLOY_GROUP + # elk.setup: + # container_name: elk.setup # depends_on: # - opendmp.elasticsearch -# # opendmp.filebeat: -# # container_name: opendmp.filebeat -# # image: filebeat -# # build: -# # context: /elk/filebeat/ -# # args: -# # ELK_VERSION: $ELK_VERSION -# # depends_on: -# # - opendmp.logstash + # opendmp.elasticsearch: + # container_name: opendmp.elasticsearch + # image: docker.elastic.co/elasticsearch/elasticsearch:${ELK_TAG} + + # opendmp.kibana: + # container_name: opendmp.kibana + # image: docker.elastic.co/kibana/kibana:${ELK_TAG} + # depends_on: + # - opendmp.elasticsearch + + # opendmp.logstash: + # container_name: opendmp.logstash + # image: docker.elastic.co/beats/filebeat:${ELK_TAG} + # depends_on: + # - opendmp.elasticsearch + + # opendmp.filebeat: + # container_name: opendmp.filebeat + # image: docker.elastic.co/logstash/logstash:${ELK_TAG} + # depends_on: + # - opendmp.elasticsearch + # - opendmp.logstash ############################## KEYCLOAK ############################################### opendmp.keycloak: @@ -116,12 +98,12 @@ services: opendmp.postgres: condition: service_healthy -# ############################## RABBITMQ ############################################### +############################## RABBITMQ ############################################### opendmp.rabbitmq: container_name: opendmp.rabbitmq image: rabbitmq:${RABBITMQ_TAG} -# ############################## GOTENBERG ############################################## +############################## GOTENBERG ############################################## opendmp.gotenberg: image: gotenberg/gotenberg:${GOTENBERG_TAG} container_name: opendmp.gotenberg diff --git a/deployment/elk/config-elk/elasticsearch/certificates/ca/ca-key.pem b/deployment/elk/config-elk/elasticsearch/certificates/ca/ca-key.pem deleted file mode 100644 index fa1b4b8b1..000000000 --- a/deployment/elk/config-elk/elasticsearch/certificates/ca/ca-key.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQC3Ijv7bT86kta/ -1wx0nMbtZvXF5Hfmt1n3087NcOi/JdjnSmF7JfTCXjzKQtOKrv2tLGkaXfrzerL+ -yPBKuffTMk80vHSixmrH71IX0DriKNxnW6RNg1j3R3igVVsGTNdUbI26dc3RZpKR -gb7u/HqR1GTLD6EfrcL655aitCmywvyzLQ/x1BWZ3WjaMONT1DdU7I1GXhqv96be -Sbi2dQUdogNFGhiK9WwFrKJpeSERlOl6jPBqoYRZjBlgJ/DlmWhvlKwj91ilYeOd -ifsB9e7F9lwUbADsSGTOKKqBIX29ZcFkXwJshtm6CIQXWnvz+jl46mu5ScEU+iwr -mvILVUIJAgMBAAECggEAEgO3WEp9FYczwj/GfSMd62T9KLgKdmLTYg5PEcT5VDJG -JaxarflEHCmWe8P6mLIRiKstdJdJlBFeEbOU9ZjZEMiqY3LlW0y+3MeFMQv9+tjP -o4gvf6N7ySlZ65Wx5EsDRI4AHBcyBZb8NH2JmWszKGy29IWnUR0v6KwG1J752hhq -vTO9aMaz3MTstKTal0cDJRaTjPctzXVSyJSTeClNpl8mFDYbCUR/PPklZbAx9CyY -K6orDCUBGOH2wK85+l9uFaUWOcupKBhg99MKZTpX/6tIgqbCuBfN8FBk0LztJ/Uo -SZAHf5QIt6eTmcBtarlbsTV0TeJj5llVUGynHTBvQQKBgQC+ZTbTkbfHIgbVqDeU -YkBiKul4M8xzIOsogNtZVevL7R2KSco1TUmcY7SDq8flshtZJb6utXUXCUprNsZl -OOM7QpXxfnYKTjv39NTM4eCCzvMcDpBRmBQmQkka+2NbAxMTy91T709EAiqgia+m -tszU93IGIle9abv9Fo1giw/lqQKBgQD2PHhwtmVT3B/H/ywtadCmyfHm+kHi8IWR -y//EvLjDgI+SzwIgM2ABLAkKqg1VXkgZ741AxaQkkcP+NgJ2saY0cJCKBr/SPyRe -jTfbWWfH89Mf3EVl2fxkG3YL1EJu+boup3l9L1rGpK9japAIMNOXh8S4A5WCOZLr -Hk6FuTF1YQKBgEr8K9qpcjrQMObm6HTdOUQwaGD57ZSOK295SGpnx4U6Lr8vDp9t -gAdC0W5mMkVJnzG+BtpiBup6sz+EhCCLhhrpv4or5ytp4n5mg4TplPWPsfmj1rz7 -6zuiMY6Z4WiPzmymhtWu04YSYF13vKEpL4TUq6i0z99+jBZCUo3qVul5AoGAcYNG -8o7i/1nGvOgBcZ4KNhl6jsRngzrmGGQ2sHdfpaCqjz8m97k3VNL8CBKEuwoPqwUn -1OhH1yPrelFjqVwUBrCtsTOTUlURaxUm3tPEaAUbGuDsjRuEopGWRbXAOnCdR8yk -0PT3oANjZy1E4MHBiWVpZnsgfTwVYpZCFJtfFYECgYBkyF06DC0DhZZ0AEZpJHxf -xbP/1gq7KlBzR6WSSRzPxX/3VOdBuGs7qYP1orDEF9wG/0Jk35Ek+PcT97j6s0gE -a4Zd8iYpSdgd36L+5uBxgRsavr/Xf4lQECRTQYfKUVhKhhCT1xjOUAAr52Vl+8V/ -5sIcUBUzbXDpZvyR/67pxQ== ------END PRIVATE KEY----- diff --git a/deployment/elk/config-elk/elasticsearch/certificates/ca/ca.crt b/deployment/elk/config-elk/elasticsearch/certificates/ca/ca.crt deleted file mode 100644 index 9266570ad..000000000 --- a/deployment/elk/config-elk/elasticsearch/certificates/ca/ca.crt +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDcTCCAlmgAwIBAgIUE5s/YTgomqob7mc88HmQUn/sHkswDQYJKoZIhvcNAQEL -BQAwRzELMAkGA1UEBhMCR1IxDTALBgNVBAgMBENJVEUxDDAKBgNVBAcMA0FUSDEN -MAsGA1UECgwEQ0lURTEMMAoGA1UEAwwDZWxrMCAXDTIyMDkwODA3Mzg0NFoYDzIx -MjIwODE1MDczODQ0WjBHMQswCQYDVQQGEwJHUjENMAsGA1UECAwEQ0lURTEMMAoG -A1UEBwwDQVRIMQ0wCwYDVQQKDARDSVRFMQwwCgYDVQQDDANlbGswggEiMA0GCSqG -SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3Ijv7bT86kta/1wx0nMbtZvXF5Hfmt1n3 -087NcOi/JdjnSmF7JfTCXjzKQtOKrv2tLGkaXfrzerL+yPBKuffTMk80vHSixmrH -71IX0DriKNxnW6RNg1j3R3igVVsGTNdUbI26dc3RZpKRgb7u/HqR1GTLD6EfrcL6 -55aitCmywvyzLQ/x1BWZ3WjaMONT1DdU7I1GXhqv96beSbi2dQUdogNFGhiK9WwF -rKJpeSERlOl6jPBqoYRZjBlgJ/DlmWhvlKwj91ilYeOdifsB9e7F9lwUbADsSGTO -KKqBIX29ZcFkXwJshtm6CIQXWnvz+jl46mu5ScEU+iwrmvILVUIJAgMBAAGjUzBR -MB0GA1UdDgQWBBQSAI1g3+gAsT5BHVfaWPlNFy9IgjAfBgNVHSMEGDAWgBQSAI1g -3+gAsT5BHVfaWPlNFy9IgjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUA -A4IBAQCmR4cz47QtGX1xn2Rrl1NdLX2wiS2y7P4xRGzKeAYZIHLZWW/GaJDb+yw9 -Cz9qjhuBhGqfIeh8QryRgPotd64Oef0MscC+oFfprWxQA0svP83sITr9BazGb4A4 -LcIToVHZtIMnak119k1RsNYpzADDBxnaaODs3xCe21dfCVI/ea+wSPiUY3vvZZDn -KejJclhRnQFV3yQ7hMdR9tq0BndWtqHrappa3oX2JU1yi/x3Ndi6dOMk+x7+kc4Q -OAtzcXa29kowAyLUMHhGYwcsJp8ysa6Xlltqt/kkI+3CgbTl/egUU9igysMKDyMM -0LQcef+IQwmeHfD1RAW2ksW2OOx5 ------END CERTIFICATE----- diff --git a/deployment/elk/config-elk/elasticsearch/certificates/elasticsearch/elasticsearch.crt b/deployment/elk/config-elk/elasticsearch/certificates/elasticsearch/elasticsearch.crt deleted file mode 100644 index ebce955cd..000000000 --- a/deployment/elk/config-elk/elasticsearch/certificates/elasticsearch/elasticsearch.crt +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDXDCCAkSgAwIBAgIUK8FEbNAIdyPoRF/pTyqNuL3kP54wDQYJKoZIhvcNAQEL -BQAwRzELMAkGA1UEBhMCR1IxDTALBgNVBAgMBENJVEUxDDAKBgNVBAcMA0FUSDEN -MAsGA1UECgwEQ0lURTEMMAoGA1UEAwwDZWxrMCAXDTIyMDkwODA4MjgxM1oYDzIx -MjIwODE1MDgyODEzWjAYMRYwFAYDVQQDDA1lbGFzdGljc2VhcmNoMIIBIjANBgkq -hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoC6DoPC1kesTH0cKs1blVW8ddsQ3VmFO -ROJiUorhDIHB3sXJhCSw0hxZFNZtqgG35CTa5w3XiQMT1fr6Ar/ztOQmARg9CMQa -mOf8gR+tMTSwP7zr7WBR/1Q+GseeOnthFOfvfq7LLpRs8VNb/mhcSIjJsT9kMNXN -5iHIyEuGhQSwPZDUYx+6Ag4belQLvic+QYDhwvujtPFWj8qLSG7kTpbBK5ahH/5E -mvT5mpOYTR10f3LG4DKw7t6qG9tzh4WkwR0JYmlgxpAA/HBSa/QjS7CGxLrA4Sop -gQF8KQPEP/0w98EbYpBUPS5jqbkBr6093M7Epksi86oRjtbcXAT0qwIDAQABo20w -azApBgNVHREEIjAggg1lbGFzdGljc2VhcmNogglsb2NhbGhvc3SHBH8AAAEwHQYD -VR0OBBYEFC/cKMOAVbx8bwyoKdg2Oiej9xoSMB8GA1UdIwQYMBaAFBIAjWDf6ACx -PkEdV9pY+U0XL0iCMA0GCSqGSIb3DQEBCwUAA4IBAQBo42FOuxIMeIiMaKa347gc -WsHpkazYOA6iHK5xXPsVUU1xSCLKp5HLCC04FU5P9njCDyZo1e/SR6rirQJJHEtT -SAn7iabREE+vy0oN3JnyV+eJPmKWxlqeFr9Cs9uIXQbgjwyyj9rxT06eLr3M1MA1 -IsARV2eyxcgS5sCC8JBCEpKR4jLRrpAs0tGJOeIh1cmf/1id+NQaDa14sLFKHBH1 -3+6TfBPrhJoGqFz92jV2airr7dppyCXgmWymVc66iD00Nak6Bvchg6ARTkqJnfoZ -2/Tz7asHV2V052ZLiow7Si34nS/9Hp8F8vUaj+FYXowvGwQUXLQIg/53KXh7piuW ------END CERTIFICATE----- diff --git a/deployment/elk/config-elk/elasticsearch/certificates/elasticsearch/elasticsearch.key b/deployment/elk/config-elk/elasticsearch/certificates/elasticsearch/elasticsearch.key deleted file mode 100644 index 2dfbc1141..000000000 --- a/deployment/elk/config-elk/elasticsearch/certificates/elasticsearch/elasticsearch.key +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCgLoOg8LWR6xMf -RwqzVuVVbx12xDdWYU5E4mJSiuEMgcHexcmEJLDSHFkU1m2qAbfkJNrnDdeJAxPV -+voCv/O05CYBGD0IxBqY5/yBH60xNLA/vOvtYFH/VD4ax546e2EU5+9+rssulGzx -U1v+aFxIiMmxP2Qw1c3mIcjIS4aFBLA9kNRjH7oCDht6VAu+Jz5BgOHC+6O08VaP -yotIbuROlsErlqEf/kSa9Pmak5hNHXR/csbgMrDu3qob23OHhaTBHQliaWDGkAD8 -cFJr9CNLsIbEusDhKimBAXwpA8Q//TD3wRtikFQ9LmOpuQGvrT3czsSmSyLzqhGO -1txcBPSrAgMBAAECggEAJdOmMPj3H9zgGKhJrh1Mrha94gCnQsZa2eiOKIj0aWQx -GL8jfgm+Gfgoz0NuBVI/j2hmq1648fmgkw0gQkr7LdIc6XBEZZAN6eMK3aFR4Idd -QcgG/PkclAvcWK2gP5ZIUEwPYh68C6VwbrLtTBBwDo8C9lEOg3vSElETHb28KCgZ -sC0wLres01crLF0Azh+m3cx+p/6TBLfpBIrM0HQn1Lmn/dP6BKcRDoncE+GcKjE1 -JZcgypdC4Juq2WctMNbBvgt+7AjVB1n9ejrUN5rlK+JP3Xa7D4zvc79CDX+BP2C2 -X57ZT4Pff5mPF70zrlqGQNnBep09UxZTRnHDRMWzZQKBgQDfMT+G+x49TZYuaiQC -gKguQ0k8F6nnrmz0rz2MNJiZ9oTYAtz5wRQ25KkbqTc7beKecSykp5izoluzgSJu -dTFh11SO1i63kMzpFFyBui3rSoUjAq+sMzRY5ERyUsG90tsaAl2a9PT3M9b5a0XC -8f1cDhKt+JQtaYRiZZJsC4Ru1wKBgQC3uirv92/dq1RcuWBf/yt2n6/JY9+9k1NI -vDzQtVI0Q3OZfRX9Rn9/+h3fSXTG3w7p5FqfNguHYPbLNzO+6WxxeuDveAL3Nx4/ -HSURjbiK+ppYDwyeY4IgKgeq2mRrIZC4rSqEsrJMLnNiDRYaVTWZczqGLT5oZ5cT -lBLDD6+STQKBgDhi68bBOIGKUW/GdvR+5n5Rl3XsEIusoHAsuaLrQsZa5nLgPk2G -vwGjQSnw1ThZaZBXzUyH3uc7FGnELRu01dX/Hai8aa8MkQgtkbVggOtZt0sCCbm6 -cfYnLTeourOnSp1GjblxO1YcranztPssQbL5BzUWgPD8IGrveE99lWafAoGAG6q4 -PoynVt0vBguQXMRjOijP4ubcUYL2/rQCAHfdmisyJEH25r4QAyiaCP7Zy/zZFRWj -I+iSkd9jKrT0YOJrxyb26njLEYlGT8DGzT7nNF6KkYoqn0ti1A8gOnVKu+tBDN5e -0b7LJLe1/mT0GCEOwj3c6Um05Sn8USFyNdeN290CgYBSdmwqJYUGJXVGTCn2Ff4Z -jdFtN/Q9kFDhCCYVV1XAJ5mdX4k77HIw5EAlDXM0EZnhQAec+RSKIO7Oc+9krmFq -R1lCT/s7UDsitQBDmkQs+12PEILuk+Qbdan+CwTLwCik06vj+VzZhHylFoOMJLdm -lf4Bnd2TNNykAsd2jy5cAg== ------END PRIVATE KEY----- diff --git a/deployment/elk/config-elk/elasticsearch/certificates/elasticsearch/v3.ext b/deployment/elk/config-elk/elasticsearch/certificates/elasticsearch/v3.ext deleted file mode 100644 index e1300cc32..000000000 --- a/deployment/elk/config-elk/elasticsearch/certificates/elasticsearch/v3.ext +++ /dev/null @@ -1,12 +0,0 @@ -[ req ] -default_bits = 2048 -distinguished_name = req_distinguished_name -req_extensions = req_ext -[ req_distinguished_name ] -commonName = elasticsearch -[ req_ext ] -subjectAltName = @alt_names -[alt_names] -DNS.1 = elasticsearch -DNS.2 = localhost -IP.1 = 127.0.0.1 \ No newline at end of file diff --git a/deployment/elk/config-elk/elasticsearch/config/elasticsearch.yml b/deployment/elk/config-elk/elasticsearch/config/elasticsearch.yml deleted file mode 100644 index 1de846498..000000000 --- a/deployment/elk/config-elk/elasticsearch/config/elasticsearch.yml +++ /dev/null @@ -1,19 +0,0 @@ ---- -## Default Elasticsearch configuration from elasticsearch-docker. -## from https://github.com/elastic/elasticsearch-docker/blob/master/build/elasticsearch/elasticsearch.yml -# -network.host: 0.0.0.0 - -# minimum_master_nodes need to be explicitly set when bound on a public IP -# set to 1 to allow single node clusters -# Details: https://github.com/elastic/elasticsearch/pull/17288 -# discovery.zen.minimum_master_nodes: 1 - -## Use single node discovery in order to disable production mode and avoid bootstrap checks -## see https://www.elastic.co/guide/en/elasticsearch/reference/current/bootstrap-checks.html -# -discovery.type: single-node -## Search Guard -# - - diff --git a/deployment/elk/config-elk/elasticsearch/elastic.env b/deployment/elk/config-elk/elasticsearch/elastic.env deleted file mode 100644 index cff43da64..000000000 --- a/deployment/elk/config-elk/elasticsearch/elastic.env +++ /dev/null @@ -1,16 +0,0 @@ -cluster.name=opendmp-cluster -bootstrap.memory_lock=true -xpack.license.self_generated.type=basic -xpack.monitoring.collection.enabled=true -xpack.ml.enabled=false -xpack.security.enabled=true -xpack.security.http.ssl.enabled=true -xpack.security.http.ssl.verification_mode=certificate -xpack.security.http.ssl.key=/usr/share/elasticsearch/config/certificates/elasticsearch/elasticsearch.key -xpack.security.http.ssl.certificate_authorities=/usr/share/elasticsearch/config/certificates/ca/ca.crt -xpack.security.http.ssl.certificate=/usr/share/elasticsearch/config/certificates/elasticsearch/elasticsearch.crt -xpack.security.transport.ssl.enabled=true -xpack.security.transport.ssl.verification_mode=certificate -xpack.security.transport.ssl.certificate_authorities=/usr/share/elasticsearch/config/certificates/ca/ca.crt -xpack.security.transport.ssl.certificate=/usr/share/elasticsearch/config/certificates/elasticsearch/elasticsearch.crt -xpack.security.transport.ssl.key=/usr/share/elasticsearch/config/certificates/elasticsearch/elasticsearch.key \ No newline at end of file diff --git a/deployment/elk/config-elk/kibana/certificates/ca/ca.crt b/deployment/elk/config-elk/kibana/certificates/ca/ca.crt deleted file mode 100644 index 0acb12315..000000000 --- a/deployment/elk/config-elk/kibana/certificates/ca/ca.crt +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDSTCCAjGgAwIBAgIUXMpiJCPQnPeOHA1FjYo12FaHO1UwDQYJKoZIhvcNAQEL -BQAwNDEyMDAGA1UEAxMpRWxhc3RpYyBDZXJ0aWZpY2F0ZSBUb29sIEF1dG9nZW5l -cmF0ZWQgQ0EwHhcNMTkwOTAzMTUyMDM1WhcNMjIwOTAyMTUyMDM1WjA0MTIwMAYD -VQQDEylFbGFzdGljIENlcnRpZmljYXRlIFRvb2wgQXV0b2dlbmVyYXRlZCBDQTCC -ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAI1ci/DoagopzxemkP21UmnP -wv2Yoo267y6CR/okrT3a0lARDjPl28YaNsEQ2skAnPu3gNqqDWW9j1aWEtWwNuEA -PudVCdc6irgFEbPlwU6Dh05LVB99FCw70UKM5G4CSH7gMQvzPcvjJT4ROKoDCh3W -I+pWYqhqU9xEiMzwsPdC2uy2Om2I0bZ2A03WmMr8Ts58qmBqVOMBLIY008jFetj7 -ZH67WDT92pqfG9/xRKH9ELdZNlNw/2fSTb4KBek06MZIzPkHk0iMhw7bMLwEYyDy -J14Rym4Up9akgr8J6XwyACek5oht1lQlJjYhUuf2ZSzVJ54LhYoTGg1ybYT9qx8C -AwEAAaNTMFEwHQYDVR0OBBYEFAxdsx3VcEsMaPWe7GvbyHOEnftTMB8GA1UdIwQY -MBaAFAxdsx3VcEsMaPWe7GvbyHOEnftTMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZI -hvcNAQELBQADggEBADltg11WpSg0tYVXrAowySy68CkcK9t/XYioeRYRAvfSD5mB -ONMFegqwJVqUzu6HbxkhpVBf/JykGqSkf0Cu5BRUYT7A+egpDNAPAIa1/SbSchjP -mbFMbpLRXFfP60xqgVem0C5wKcMEFFg+0YRDkSf/232aCwb0sS63V52ssmnEDN6v -k4Cn2k/MZjAi/seWNnphaTyU71Eu3ObftIpOGc4ZJ875KiUZQtCXrP36QICUdFAM -ay+z2gEVQQE2zKbtaEeE0Sxyas9eRnGHXzbx/yoz706lME9QmzPmcvfVlHQH8N/o -2nU+I07j6TDoHn/WRIgbWR0jrWv0hlTqzxOyCDM= ------END CERTIFICATE----- diff --git a/deployment/elk/config-elk/kibana/certificates/kibana.crt b/deployment/elk/config-elk/kibana/certificates/kibana.crt deleted file mode 100644 index ae8d7a7c5..000000000 --- a/deployment/elk/config-elk/kibana/certificates/kibana.crt +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDUjCCAjqgAwIBAgIUKTnOSL0Rtnm8ZQkfSUvpQiBNGnMwDQYJKoZIhvcNAQEL -BQAwNDEyMDAGA1UEAxMpRWxhc3RpYyBDZXJ0aWZpY2F0ZSBUb29sIEF1dG9nZW5l -cmF0ZWQgQ0EwHhcNMTkwOTAzMTUyMDM1WhcNMjIwOTAyMTUyMDM1WjAYMRYwFAYD -VQQDEw1lbGFzdGljc2VhcmNoMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC -AQEAkB1OMRBRUDUxQ6fIv5gv0myKDZgVJFnEEjIjU6YjMpf/htTsvu8zdpBoWhg6 -7IsflSkUPynDG4geFjQ/WtxVeqxjnmtIB2fMDAHppX882as3tYjBlHj1sU0/OwwI -Ga5/OtxOubGswrzCEEjIgZwTtSX2Yzx3tE2UzwjWsYwGCBM/ssN8Wc1vlqq20+Qr -Lsggk+dXapN2wL9FABrxrJfV2SxXb2qKLKVd3EIfs+HVqIt9dVrpcFRV3Lwexg+Z -wlJv58EPsynphczssBhMOhlmVqpRY8z88fqsbqDVdqHIF8hqn7czWFqeCRldnb7W -LWaYaOG0Jd6SM7OpHnfNgBST4wIDAQABo3gwdjAdBgNVHQ4EFgQUCkDAcWSJ6H2G -UFFh9dhk+mG0L08wHwYDVR0jBBgwFoAUDF2zHdVwSwxo9Z7sa9vIc4Sd+1MwKQYD -VR0RBCIwIIIJbG9jYWxob3N0hwR/AAABgg1lbGFzdGljc2VhcmNoMAkGA1UdEwQC -MAAwDQYJKoZIhvcNAQELBQADggEBAAQpkdkGl2H0ylgbmmNiIlrQX+U2i4ag4sJ6 -xsVR5OWxuyB/aMWhuOHkgueMh2wElufn60jK0Mh25b2U7oO/0Nq+28rhhP9HURLz -7/TwCbLcglTAgHQPWItwn5r5WKDFNCPNpZXFU/oG5H6hUJqTvuaTN6G/PQ6V9Yp3 -J00NbPuFq8tjNAc/kQnhC7zdC/7YQ/fanHBPkvQnkGbac5+VAF/se/JYbxRpSz23 -5a+v6BDb/kjs82QgV8dzsyFmntO+Neesu9tTJurBbQD5T3xMgoGSWLgnTCq3/drl -PMBLgUQHik629dU+7o8ePCdyULruGMR6CIBqO7ZKQASulhkxdUo= ------END CERTIFICATE----- diff --git a/deployment/elk/config-elk/kibana/certificates/kibana.key b/deployment/elk/config-elk/kibana/certificates/kibana.key deleted file mode 100644 index 93418fad0..000000000 --- a/deployment/elk/config-elk/kibana/certificates/kibana.key +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEpQIBAAKCAQEAkB1OMRBRUDUxQ6fIv5gv0myKDZgVJFnEEjIjU6YjMpf/htTs -vu8zdpBoWhg67IsflSkUPynDG4geFjQ/WtxVeqxjnmtIB2fMDAHppX882as3tYjB -lHj1sU0/OwwIGa5/OtxOubGswrzCEEjIgZwTtSX2Yzx3tE2UzwjWsYwGCBM/ssN8 -Wc1vlqq20+QrLsggk+dXapN2wL9FABrxrJfV2SxXb2qKLKVd3EIfs+HVqIt9dVrp -cFRV3Lwexg+ZwlJv58EPsynphczssBhMOhlmVqpRY8z88fqsbqDVdqHIF8hqn7cz -WFqeCRldnb7WLWaYaOG0Jd6SM7OpHnfNgBST4wIDAQABAoIBACRGPBg9czotKWlO -IkmXlPHyQA2L6kZsEd5CoIG9n75sY/UcQzsMGngNgTasQqinnBt/a4k6idG0QV51 -aD0GmL14BtspRcgXaFTdZmIx1K81WaBn+9HTYIRwXSoPrTpJody+91HmVwXtXSuc -Jlv5XTyLgakY30iS/pHeN6wZAqulS7p6DkCH+W3c15BvNYnsjDX5vYZLgmktNl62 -LoHymTt54rLhxheZiwFeiHePsl9IanvnDEjCl2jBFnFB402NeapTex84ZnOgPYEV -5w81MUYMeLy1aaziWEICPP1TU62T2oYKUFC1kQKUgCYp3t1UUkLsF6KfybJ+baMs -+Nm5IQECgYEAzy4kQ9wo2x+3teQgMR+QLIN2cgfDCgI1BXUzhIr607kpo6F12Jf0 -zT5sC+9OzSPh3dPkyvnWtg2K3ld3L+ATqGvpWC42OgSI0HK6rnfL8Q3cYld8KLwn -C8lbSQuDFo+hMJoGU7V+QTXM8j1e+2KoxgwGfceeiwql5GpqqcHFSJkCgYEAshLP -QYOBaimhOlY1m1B9YgXrgNKoj66njhHJLTD9rD4BvMsntGo8UaBrZxpcQKaDO778 -UtuRPM8Pfrg2Q2fR6SHAydoQpiGQ0XrkUXNmh3v9YOBlFzdg1PhKSCRZRv75KjnC -Z4jyL8GVYMhB+vWl/bQJO5o5YYHR7OdJCs8p4dsCgYEAnTQl0Ff9qEco3pt60cth -WmVmOqApHi8OjFWiAbBzIrQdJEwfX3nuBs6WrXeoE4BmoitmL53jjcA43vz/MxST -1fgL1x05iExog8KKZFgCJ6ac0wIO89nQxuDCo2pYzYWuiXJV2q6cXl60ZBqtN5Jk -/eGiC06svlQWDHuy85xUVgECgYEAm8jk1FWtxCiDSjvdTfEOn9C6BMtGd9y97QYW -T5jKdAMTFg1MwQMnnemPzHU9O7nwmTYuHHbGCsLCtYOGxVVwSFolBPHnGs/Gl9zB -HZitm92W/0eQaM0jw20r3w0dpYSuiohZUKZ36dubST4oqtp4ywjUAvabOHiQJIb6 -WaB+7X0CgYEAptNxensUEn+hSKfMVCxS36U1QL2njRfGiCfqVHVOKeu6+oLB4N/N -0mZngesMGV1HxzYivwkXW07U0drgfqv+iHBIF5HYRM6PkFNpop6PJAlVpFaATx0s -tDvtrcmgz3hunhHURvr/VlXcGuYo4mpySPhHDTeF6Ad/9Ml16vO7uW0= ------END RSA PRIVATE KEY----- diff --git a/deployment/elk/config-elk/kibana/config/kibana.yml b/deployment/elk/config-elk/kibana/config/kibana.yml deleted file mode 100644 index be65ad19c..000000000 --- a/deployment/elk/config-elk/kibana/config/kibana.yml +++ /dev/null @@ -1,15 +0,0 @@ ---- -## Default Kibana configuration from kibana-docker. -## from https://github.com/elastic/kibana-docker/blob/master/build/kibana/config/kibana.yml -# -server.name: opendmp.kibana -server.host: "0.0.0.0" -## Custom configuration -elasticsearch.hosts: [ "https://opendmp.elasticsearch:9200" ] -elasticsearch.ssl.certificateAuthorities: [ "/usr/share/kibana/certificate_authorities/ca.crt" ] - -elasticsearch.username: "kibana" -elasticsearch.password: "2VzNck1n3uCed9d27wHn" -server.ssl.enabled: false -server.ssl.key: "/usr/share/kibana/certificates/kibana.key" -server.ssl.certificate: "/usr/share/kibana/certificates/kibana.crt" diff --git a/deployment/elk/elasticsearch/Dockerfile b/deployment/elk/elasticsearch/Dockerfile deleted file mode 100644 index 73bfa249d..000000000 --- a/deployment/elk/elasticsearch/Dockerfile +++ /dev/null @@ -1,23 +0,0 @@ -ARG ELK_VERSION -ARG DEPLOY_USER -ARG DEPLOY_GROUP -# https://github.com/elastic/elasticsearch-docker -FROM docker.elastic.co/elasticsearch/elasticsearch:${ELK_VERSION} - -ARG DEPLOY_USER -ARG DEPLOY_GROUP -ENV DEPLOY_USER $DEPLOY_USER -ENV DEPLOY_GROUP $DEPLOY_GROUP - -RUN /usr/share/elasticsearch/bin/elasticsearch-plugin install analysis-icu && \ - /usr/share/elasticsearch/bin/elasticsearch-plugin install analysis-phonetic -USER root -RUN groupmod -g ${DEPLOY_GROUP} elasticsearch -RUN usermod -u ${DEPLOY_USER} -g ${DEPLOY_GROUP} elasticsearch -RUN chown -R elasticsearch /usr/share/elasticsearch -RUN sed -i -e 's/--userspec=1000/--userspec=1000/g' \ - -e 's/UID 1000/UID 1000/' \ - -e 's/chown -R 1000/chown -R 1000/' /usr/local/bin/docker-entrypoint.sh -RUN chown elasticsearch /usr/local/bin/docker-entrypoint.sh - -ENV JAVA_HOME /usr/share/elasticsearch/jdk \ No newline at end of file diff --git a/deployment/elk/elasticsearch/elasticsearch.yml b/deployment/elk/elasticsearch/elasticsearch.yml new file mode 100644 index 000000000..431fa2040 --- /dev/null +++ b/deployment/elk/elasticsearch/elasticsearch.yml @@ -0,0 +1,5 @@ +--- +cluster.name: opendmp-cluster +network.host: 0.0.0.0 + +discovery.type: single-node \ No newline at end of file diff --git a/deployment/elk/config-elk/elasticsearch/config/log4j2.properties b/deployment/elk/elasticsearch/log4j2.properties similarity index 100% rename from deployment/elk/config-elk/elasticsearch/config/log4j2.properties rename to deployment/elk/elasticsearch/log4j2.properties diff --git a/deployment/elk/elk.env b/deployment/elk/elk.env new file mode 100644 index 000000000..9876167f0 --- /dev/null +++ b/deployment/elk/elk.env @@ -0,0 +1,8 @@ +ELASTIC_PASSWORD= elastic +KIBANA_SYSTEM_PASSWORD= kibana +LOGSTASH_INTERNAL_PASSWORD= logstash +FILEBEAT_INTERNAL_PASSWORD= filebeat +METRICBEAT_INTERNAL_PASSWORD='' +HEARTBEAT_INTERNAL_PASSWORD='' +MONITORING_INTERNAL_PASSWORD='' +BEATS_SYSTEM_PASSWORD='' \ No newline at end of file diff --git a/deployment/elk/filebeat/Dockerfile b/deployment/elk/filebeat/Dockerfile deleted file mode 100644 index 7c3d5e6f5..000000000 --- a/deployment/elk/filebeat/Dockerfile +++ /dev/null @@ -1,14 +0,0 @@ -ARG ELK_VERSION - -FROM docker.elastic.co/beats/filebeat:${ELK_VERSION} - -USER root -RUN groupmod -g 1008 filebeat -RUN usermod -u 1008 -g 1008 filebeat -RUN chown -R filebeat /usr/share/filebeat -RUN sed -i -e 's/--userspec=1000/--userspec=1008/g' \ - -e 's/UID 1000/UID 1008/' \ - -e 's/chown -R 1000/chown -R 1008/' /usr/local/bin/docker-entrypoint -RUN chown filebeat /usr/local/bin/docker-entrypoint - -USER 1008:1008 \ No newline at end of file diff --git a/deployment/elk/kibana/Dockerfile b/deployment/elk/kibana/Dockerfile deleted file mode 100644 index 38a0b95dd..000000000 --- a/deployment/elk/kibana/Dockerfile +++ /dev/null @@ -1,21 +0,0 @@ -ARG ELK_VERSION -ARG DEPLOY_USER -ARG DEPLOY_GROUP - -# https://github.com/elastic/kibana-docker -FROM docker.elastic.co/kibana/kibana:${ELK_VERSION} - -ARG DEPLOY_USER -ARG DEPLOY_GROUP -ENV DEPLOY_USER $DEPLOY_USER -ENV DEPLOY_GROUP $DEPLOY_GROUP - -USER root -RUN groupmod -g ${DEPLOY_GROUP} kibana -RUN usermod -u ${DEPLOY_USER} -g ${DEPLOY_GROUP} kibana -RUN chown -R kibana /usr/share/kibana - -USER ${DEPLOY_USER}:${DEPLOY_GROUP} - -# Add your kibana plugins setup here -# Example: RUN kibana-plugin install diff --git a/deployment/elk/kibana/kibana.yml b/deployment/elk/kibana/kibana.yml new file mode 100644 index 000000000..c1291d838 --- /dev/null +++ b/deployment/elk/kibana/kibana.yml @@ -0,0 +1,8 @@ +--- +server.name: opendmp.kibana +server.host: 0.0.0.0 + +elasticsearch.hosts: [ "http://opendmp.elasticsearch:9200" ] + +elasticsearch.username: kibana +elasticsearch.password: ${KIBANA_SYSTEM_PASSWORD} \ No newline at end of file diff --git a/deployment/elk/logstash/Dockerfile b/deployment/elk/logstash/Dockerfile deleted file mode 100644 index ff9179adc..000000000 --- a/deployment/elk/logstash/Dockerfile +++ /dev/null @@ -1,19 +0,0 @@ -ARG ELK_VERSION - -# https://github.com/elastic/logstash-docker -FROM docker.elastic.co/logstash/logstash:${ELK_VERSION} - -USER root -RUN groupmod -g 1008 logstash -RUN usermod -u 1008 -g 1008 logstash -RUN chown -R logstash /usr/share/logstash -RUN sed -i -e 's/--userspec=1000/--userspec=1008/g' \ - -e 's/UID 1000/UID 1008/' \ - -e 's/chown -R 1000/chown -R 1008/' /usr/local/bin/docker-entrypoint -RUN chown logstash /usr/local/bin/docker-entrypoint - -USER 1008:1008 - -# Add your logstash plugins setup here -# Example: RUN logstash-plugin install logstash-filter-json -RUN logstash-plugin update logstash-input-beats \ No newline at end of file diff --git a/deployment/elk/logstash/logstash.yml b/deployment/elk/logstash/logstash.yml new file mode 100644 index 000000000..553825e77 --- /dev/null +++ b/deployment/elk/logstash/logstash.yml @@ -0,0 +1,4 @@ +--- +http.host: 0.0.0.0 + +node.name: logstash \ No newline at end of file diff --git a/deployment/elk/setup/entrypoint.sh b/deployment/elk/setup/entrypoint.sh new file mode 100644 index 000000000..e560676f2 --- /dev/null +++ b/deployment/elk/setup/entrypoint.sh @@ -0,0 +1,119 @@ +#!/usr/bin/env bash + +set -eu +set -o pipefail + +source "${BASH_SOURCE[0]%/*}"/lib.sh + + +# -------------------------------------------------------- +# Users declarations + +declare -A users_passwords +users_passwords=( + [logstash_internal]="${LOGSTASH_INTERNAL_PASSWORD:-}" + [kibana_system]="${KIBANA_SYSTEM_PASSWORD:-}" + [metricbeat_internal]="${METRICBEAT_INTERNAL_PASSWORD:-}" + [filebeat_internal]="${FILEBEAT_INTERNAL_PASSWORD:-}" + [heartbeat_internal]="${HEARTBEAT_INTERNAL_PASSWORD:-}" + [monitoring_internal]="${MONITORING_INTERNAL_PASSWORD:-}" + [beats_system]="${BEATS_SYSTEM_PASSWORD=:-}" +) + +declare -A users_roles +users_roles=( + [logstash_internal]='logstash_writer' + [metricbeat_internal]='metricbeat_writer' + [filebeat_internal]='filebeat_writer' + [heartbeat_internal]='heartbeat_writer' + [monitoring_internal]='remote_monitoring_collector' +) + +# -------------------------------------------------------- +# Roles declarations + +declare -A roles_files +roles_files=( + [logstash_writer]='logstash_writer.json' + [metricbeat_writer]='metricbeat_writer.json' + [filebeat_writer]='filebeat_writer.json' + [heartbeat_writer]='heartbeat_writer.json' +) + +# -------------------------------------------------------- + + +log 'Waiting for availability of Elasticsearch. This can take several minutes.' + +declare -i exit_code=0 +wait_for_elasticsearch || exit_code=$? + +if ((exit_code)); then + case $exit_code in + 6) + suberr 'Could not resolve host. Is Elasticsearch running?' + ;; + 7) + suberr 'Failed to connect to host. Is Elasticsearch healthy?' + ;; + 28) + suberr 'Timeout connecting to host. Is Elasticsearch healthy?' + ;; + *) + suberr "Connection to Elasticsearch failed. Exit code: ${exit_code}" + ;; + esac + + exit $exit_code +fi + +sublog 'Elasticsearch is running' + +log 'Waiting for initialization of built-in users' + +wait_for_builtin_users || exit_code=$? + +if ((exit_code)); then + suberr 'Timed out waiting for condition' + exit $exit_code +fi + +sublog 'Built-in users were initialized' + +for role in "${!roles_files[@]}"; do + log "Role '$role'" + + declare body_file + body_file="${BASH_SOURCE[0]%/*}/roles/${roles_files[$role]:-}" + if [[ ! -f "${body_file:-}" ]]; then + sublog "No role body found at '${body_file}', skipping" + continue + fi + + sublog 'Creating/updating' + ensure_role "$role" "$(<"${body_file}")" +done + +for user in "${!users_passwords[@]}"; do + log "User '$user'" + if [[ -z "${users_passwords[$user]:-}" ]]; then + sublog 'No password defined, skipping' + continue + fi + + declare -i user_exists=0 + user_exists="$(check_user_exists "$user")" + + if ((user_exists)); then + sublog 'User exists, setting password' + set_user_password "$user" "${users_passwords[$user]}" + else + if [[ -z "${users_roles[$user]:-}" ]]; then + suberr ' No role defined, skipping creation' + continue + fi + + sublog 'User does not exist, creating' + create_user "$user" "${users_passwords[$user]}" "${users_roles[$user]}" + fi +done \ No newline at end of file diff --git a/deployment/elk/setup/lib.sh b/deployment/elk/setup/lib.sh new file mode 100644 index 000000000..f13a8b300 --- /dev/null +++ b/deployment/elk/setup/lib.sh @@ -0,0 +1,240 @@ +#!/usr/bin/env bash + +# Log a message. +function log { + echo "[+] $1" +} + +# Log a message at a sub-level. +function sublog { + echo " ⠿ $1" +} + +# Log an error. +function err { + echo "[x] $1" >&2 +} + +# Log an error at a sub-level. +function suberr { + echo " ⠍ $1" >&2 +} + +# Poll the 'elasticsearch' service until it responds with HTTP code 200. +function wait_for_elasticsearch { + local elasticsearch_host="${ELASTICSEARCH_HOST:-elasticsearch}" + + local -a args=( '-s' '-D-' '-m15' '-w' '%{http_code}' "http://${elasticsearch_host}:9200/" ) + + if [[ -n "${ELASTIC_PASSWORD:-}" ]]; then + args+=( '-u' "elastic:${ELASTIC_PASSWORD}" ) + fi + + local -i result=1 + local output + + # retry for max 300s (60*5s) + for _ in $(seq 1 60); do + local -i exit_code=0 + output="$(curl "${args[@]}")" || exit_code=$? + + if ((exit_code)); then + result=$exit_code + fi + + if [[ "${output: -3}" -eq 200 ]]; then + result=0 + break + fi + + sleep 5 + done + + if ((result)) && [[ "${output: -3}" -ne 000 ]]; then + echo -e "\n${output::-3}" + fi + + return $result +} + +# Poll the Elasticsearch users API until it returns users. +function wait_for_builtin_users { + local elasticsearch_host="${ELASTICSEARCH_HOST:-elasticsearch}" + + local -a args=( '-s' '-D-' '-m15' "http://${elasticsearch_host}:9200/_security/user?pretty" ) + + if [[ -n "${ELASTIC_PASSWORD:-}" ]]; then + args+=( '-u' "elastic:${ELASTIC_PASSWORD}" ) + fi + + local -i result=1 + + local line + local -i exit_code + local -i num_users + + # retry for max 30s (30*1s) + for _ in $(seq 1 30); do + num_users=0 + + # read exits with a non-zero code if the last read input doesn't end + # with a newline character. The printf without newline that follows the + # curl command ensures that the final input not only contains curl's + # exit code, but causes read to fail so we can capture the return value. + # Ref. https://unix.stackexchange.com/a/176703/152409 + while IFS= read -r line || ! exit_code="$line"; do + if [[ "$line" =~ _reserved.+true ]]; then + (( num_users++ )) + fi + done < <(curl "${args[@]}"; printf '%s' "$?") + + if ((exit_code)); then + result=$exit_code + fi + + # we expect more than just the 'elastic' user in the result + if (( num_users > 1 )); then + result=0 + break + fi + + sleep 1 + done + + return $result +} + +# Verify that the given Elasticsearch user exists. +function check_user_exists { + local username=$1 + + local elasticsearch_host="${ELASTICSEARCH_HOST:-elasticsearch}" + + local -a args=( '-s' '-D-' '-m15' '-w' '%{http_code}' + "http://${elasticsearch_host}:9200/_security/user/${username}" + ) + + if [[ -n "${ELASTIC_PASSWORD:-}" ]]; then + args+=( '-u' "elastic:${ELASTIC_PASSWORD}" ) + fi + + local -i result=1 + local -i exists=0 + local output + + output="$(curl "${args[@]}")" + if [[ "${output: -3}" -eq 200 || "${output: -3}" -eq 404 ]]; then + result=0 + fi + if [[ "${output: -3}" -eq 200 ]]; then + exists=1 + fi + + if ((result)); then + echo -e "\n${output::-3}" + else + echo "$exists" + fi + + return $result +} + +# Set password of a given Elasticsearch user. +function set_user_password { + local username=$1 + local password=$2 + + local elasticsearch_host="${ELASTICSEARCH_HOST:-elasticsearch}" + + local -a args=( '-s' '-D-' '-m15' '-w' '%{http_code}' + "http://${elasticsearch_host}:9200/_security/user/${username}/_password" + '-X' 'POST' + '-H' 'Content-Type: application/json' + '-d' "{\"password\" : \"${password}\"}" + ) + + if [[ -n "${ELASTIC_PASSWORD:-}" ]]; then + args+=( '-u' "elastic:${ELASTIC_PASSWORD}" ) + fi + + local -i result=1 + local output + + output="$(curl "${args[@]}")" + if [[ "${output: -3}" -eq 200 ]]; then + result=0 + fi + + if ((result)); then + echo -e "\n${output::-3}\n" + fi + + return $result +} + +# Create the given Elasticsearch user. +function create_user { + local username=$1 + local password=$2 + local role=$3 + + local elasticsearch_host="${ELASTICSEARCH_HOST:-elasticsearch}" + + local -a args=( '-s' '-D-' '-m15' '-w' '%{http_code}' + "http://${elasticsearch_host}:9200/_security/user/${username}" + '-X' 'POST' + '-H' 'Content-Type: application/json' + '-d' "{\"password\":\"${password}\",\"roles\":[\"${role}\"]}" + ) + + if [[ -n "${ELASTIC_PASSWORD:-}" ]]; then + args+=( '-u' "elastic:${ELASTIC_PASSWORD}" ) + fi + + local -i result=1 + local output + + output="$(curl "${args[@]}")" + if [[ "${output: -3}" -eq 200 ]]; then + result=0 + fi + + if ((result)); then + echo -e "\n${output::-3}\n" + fi + + return $result +} + +# Ensure that the given Elasticsearch role is up-to-date, create it if required. +function ensure_role { + local name=$1 + local body=$2 + + local elasticsearch_host="${ELASTICSEARCH_HOST:-elasticsearch}" + + local -a args=( '-s' '-D-' '-m15' '-w' '%{http_code}' + "http://${elasticsearch_host}:9200/_security/role/${name}" + '-X' 'POST' + '-H' 'Content-Type: application/json' + '-d' "$body" + ) + + if [[ -n "${ELASTIC_PASSWORD:-}" ]]; then + args+=( '-u' "elastic:${ELASTIC_PASSWORD}" ) + fi + + local -i result=1 + local output + + output="$(curl "${args[@]}")" + if [[ "${output: -3}" -eq 200 ]]; then + result=0 + fi + + if ((result)); then + echo -e "\n${output::-3}\n" + fi + + return $result +} \ No newline at end of file diff --git a/deployment/elk/setup/roles/filebeat_writer.json b/deployment/elk/setup/roles/filebeat_writer.json new file mode 100644 index 000000000..0f06a39fd --- /dev/null +++ b/deployment/elk/setup/roles/filebeat_writer.json @@ -0,0 +1,20 @@ +{ + "cluster": [ + "manage_ilm", + "manage_index_templates", + "manage_ingest_pipelines", + "monitor", + "read_pipeline" + ], + "indices": [ + { + "names": [ + "filebeat-*" + ], + "privileges": [ + "create_doc", + "manage" + ] + } + ] + } \ No newline at end of file diff --git a/deployment/elk/setup/roles/heartbeat_writer.json b/deployment/elk/setup/roles/heartbeat_writer.json new file mode 100644 index 000000000..b21a2f9dc --- /dev/null +++ b/deployment/elk/setup/roles/heartbeat_writer.json @@ -0,0 +1,18 @@ +{ + "cluster": [ + "manage_ilm", + "manage_index_templates", + "monitor" + ], + "indices": [ + { + "names": [ + "heartbeat-*" + ], + "privileges": [ + "create_doc", + "manage" + ] + } + ] + } \ No newline at end of file diff --git a/deployment/elk/setup/roles/logstash_writer.json b/deployment/elk/setup/roles/logstash_writer.json new file mode 100644 index 000000000..dcb47bbb0 --- /dev/null +++ b/deployment/elk/setup/roles/logstash_writer.json @@ -0,0 +1,33 @@ +{ + "cluster": [ + "manage_index_templates", + "monitor", + "manage_ilm" + ], + "indices": [ + { + "names": [ + "logs-generic-default", + "logstash-*", + "ecs-logstash-*" + ], + "privileges": [ + "write", + "create", + "create_index", + "manage", + "manage_ilm" + ] + }, + { + "names": [ + "logstash", + "ecs-logstash" + ], + "privileges": [ + "write", + "manage" + ] + } + ] + } \ No newline at end of file diff --git a/deployment/elk/setup/roles/metricbeat_writer.json b/deployment/elk/setup/roles/metricbeat_writer.json new file mode 100644 index 000000000..072cbae09 --- /dev/null +++ b/deployment/elk/setup/roles/metricbeat_writer.json @@ -0,0 +1,19 @@ +{ + "cluster": [ + "manage_ilm", + "manage_index_templates", + "monitor" + ], + "indices": [ + { + "names": [ + ".monitoring-*-mb", + "metricbeat-*" + ], + "privileges": [ + "create_doc", + "manage" + ] + } + ] + } \ No newline at end of file diff --git a/deployment/keycloak/imports/opendmp-realm.json b/deployment/keycloak/imports/opendmp-realm.json index aff096da3..dc82c9044 100644 --- a/deployment/keycloak/imports/opendmp-realm.json +++ b/deployment/keycloak/imports/opendmp-realm.json @@ -1414,18 +1414,18 @@ "clientId": "dmp_webapp", "name": "dmp_webapp", "description": "", - "rootUrl": "https://test.opendmp.eu/home", + "rootUrl": "http://localhost:8081/home", "adminUrl": "", - "baseUrl": "https://test.opendmp.eu/home", + "baseUrl": "http://localhost:8081/home", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "redirectUris": [ - "https://test.opendmp.eu/*" + "http://localhost:8081/*" ], "webOrigins": [ - "https://test.opendmp.eu" + "http://localhost:8081" ], "notBefore": 0, "bearerOnly": false, diff --git a/deployment/keycloak/imports/opendmp-realm.jsonZone.Identifier b/deployment/keycloak/imports/opendmp-realm.jsonZone.Identifier new file mode 100644 index 000000000..a25c5e6cc --- /dev/null +++ b/deployment/keycloak/imports/opendmp-realm.jsonZone.Identifier @@ -0,0 +1,3 @@ +[ZoneTransfer] +ZoneId=3 +HostUrl=http://localhost:8081/ diff --git a/deployment/keycloak/keycloak.env b/deployment/keycloak/keycloak.env index b63bdb2e0..59a51e325 100644 --- a/deployment/keycloak/keycloak.env +++ b/deployment/keycloak/keycloak.env @@ -11,14 +11,12 @@ KC_DB_PASSWORD=keycloak-admin #Keycloak related configuration KEYCLOAK_ADMIN=keycloak-admin KEYCLOAK_ADMIN_PASSWORD=admin -KC_HOSTNAME_URL=https://localhost:8082/keycloak -KC_HOSTNAME_ADMIN_URL=https://localhost:8082/keycloak +KC_HOSTNAME_URL=http://localhost:8082/keycloak +KC_HOSTNAME_ADMIN_URL=http://localhost:8082/keycloak KC_HTTP_RELATIVE_PATH=/keycloak KC_PROXY_HEADERS=xforwarded -KC_HOSTNAME_STRICT_HTTPS=true +KC_HOSTNAME_STRICT_HTTPS=false KC_HOSTNAME_STRICT_BACKCHANNEL=true KC_TRANSACTION_XA_ENABLED=false KC_HEALTH_ENABLED=true -KC_METRICS_ENABLED=true -KC_HTTPS_CERTIFICATE_FILE=/tmp/keycloak-selfsigned.crt -KC_HTTPS_CERTIFICATE_KEY_FILE=/tmp/keycloak-selfsigned.key \ No newline at end of file +KC_METRICS_ENABLED=true \ No newline at end of file diff --git a/deployment/postgres/Dockerfile b/deployment/postgres/Dockerfile deleted file mode 100644 index 2ca78b7f4..000000000 --- a/deployment/postgres/Dockerfile +++ /dev/null @@ -1,9 +0,0 @@ -ARG POSTGRES_TAG -ARG DEPLOY_USER -ARG DEPLOY_GROUP -FROM postgres:${POSTGRES_TAG} -COPY ./opendmp_init.sql /docker-entrypoint-initdb.d/ -COPY ./user_init.sql /docker-entrypoint-initdb.d/ -ENTRYPOINT ["docker-entrypoint.sh"] -EXPOSE 5432 -CMD ["postgres"] \ No newline at end of file diff --git a/deployment/postgres/keycloak_init.sql b/deployment/postgres/keycloak_init.sql deleted file mode 100644 index f07c5e55f..000000000 --- a/deployment/postgres/keycloak_init.sql +++ /dev/null @@ -1,3707 +0,0 @@ --- --- PostgreSQL database dump --- - --- Dumped from database version 16.2 --- Dumped by pg_dump version 16.2 - --- Started on 2024-04-25 13:54:03 - -SET statement_timeout = 0; -SET lock_timeout = 0; -SET idle_in_transaction_session_timeout = 0; -SET client_encoding = 'UTF8'; -SET standard_conforming_strings = on; -SELECT pg_catalog.set_config('search_path', '', false); -SET check_function_bodies = false; -SET xmloption = content; -SET client_min_messages = warning; -SET row_security = off; - --- --- TOC entry 4203 (class 1262 OID 16390) --- Name: keycloak; Type: DATABASE; Schema: -; Owner: - --- - -CREATE DATABASE keycloak WITH TEMPLATE = template0 ENCODING = 'UTF8' LOCALE_PROVIDER = libc LOCALE = 'en_US.utf8'; - - -\connect keycloak - -SET statement_timeout = 0; -SET lock_timeout = 0; -SET idle_in_transaction_session_timeout = 0; -SET client_encoding = 'UTF8'; -SET standard_conforming_strings = on; -SELECT pg_catalog.set_config('search_path', '', false); -SET check_function_bodies = false; -SET xmloption = content; -SET client_min_messages = warning; -SET row_security = off; - -SET default_table_access_method = heap; - --- --- TOC entry 256 (class 1259 OID 17024) --- Name: admin_event_entity; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.admin_event_entity ( - id character varying(36) NOT NULL, - admin_event_time bigint, - realm_id character varying(255), - operation_type character varying(255), - auth_realm_id character varying(255), - auth_client_id character varying(255), - auth_user_id character varying(255), - ip_address character varying(255), - resource_path character varying(2550), - representation text, - error character varying(255), - resource_type character varying(64) -); - - --- --- TOC entry 285 (class 1259 OID 17467) --- Name: associated_policy; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.associated_policy ( - policy_id character varying(36) NOT NULL, - associated_policy_id character varying(36) NOT NULL -); - - --- --- TOC entry 259 (class 1259 OID 17039) --- Name: authentication_execution; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.authentication_execution ( - id character varying(36) NOT NULL, - alias character varying(255), - authenticator character varying(36), - realm_id character varying(36), - flow_id character varying(36), - requirement integer, - priority integer, - authenticator_flow boolean DEFAULT false NOT NULL, - auth_flow_id character varying(36), - auth_config character varying(36) -); - - --- --- TOC entry 258 (class 1259 OID 17034) --- Name: authentication_flow; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.authentication_flow ( - id character varying(36) NOT NULL, - alias character varying(255), - description character varying(255), - realm_id character varying(36), - provider_id character varying(36) DEFAULT 'basic-flow'::character varying NOT NULL, - top_level boolean DEFAULT false NOT NULL, - built_in boolean DEFAULT false NOT NULL -); - - --- --- TOC entry 257 (class 1259 OID 17029) --- Name: authenticator_config; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.authenticator_config ( - id character varying(36) NOT NULL, - alias character varying(255), - realm_id character varying(36) -); - - --- --- TOC entry 260 (class 1259 OID 17044) --- Name: authenticator_config_entry; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.authenticator_config_entry ( - authenticator_id character varying(36) NOT NULL, - value text, - name character varying(255) NOT NULL -); - - --- --- TOC entry 286 (class 1259 OID 17482) --- Name: broker_link; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.broker_link ( - identity_provider character varying(255) NOT NULL, - storage_provider_id character varying(255), - realm_id character varying(36) NOT NULL, - broker_user_id character varying(255), - broker_username character varying(255), - token text, - user_id character varying(255) NOT NULL -); - - --- --- TOC entry 217 (class 1259 OID 16405) --- Name: client; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.client ( - id character varying(36) NOT NULL, - enabled boolean DEFAULT false NOT NULL, - full_scope_allowed boolean DEFAULT false NOT NULL, - client_id character varying(255), - not_before integer, - public_client boolean DEFAULT false NOT NULL, - secret character varying(255), - base_url character varying(255), - bearer_only boolean DEFAULT false NOT NULL, - management_url character varying(255), - surrogate_auth_required boolean DEFAULT false NOT NULL, - realm_id character varying(36), - protocol character varying(255), - node_rereg_timeout integer DEFAULT 0, - frontchannel_logout boolean DEFAULT false NOT NULL, - consent_required boolean DEFAULT false NOT NULL, - name character varying(255), - service_accounts_enabled boolean DEFAULT false NOT NULL, - client_authenticator_type character varying(255), - root_url character varying(255), - description character varying(255), - registration_token character varying(255), - standard_flow_enabled boolean DEFAULT true NOT NULL, - implicit_flow_enabled boolean DEFAULT false NOT NULL, - direct_access_grants_enabled boolean DEFAULT false NOT NULL, - always_display_in_console boolean DEFAULT false NOT NULL -); - - --- --- TOC entry 240 (class 1259 OID 16763) --- Name: client_attributes; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.client_attributes ( - client_id character varying(36) NOT NULL, - name character varying(255) NOT NULL, - value text -); - - --- --- TOC entry 297 (class 1259 OID 17731) --- Name: client_auth_flow_bindings; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.client_auth_flow_bindings ( - client_id character varying(36) NOT NULL, - flow_id character varying(36), - binding_name character varying(255) NOT NULL -); - - --- --- TOC entry 296 (class 1259 OID 17606) --- Name: client_initial_access; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.client_initial_access ( - id character varying(36) NOT NULL, - realm_id character varying(36) NOT NULL, - "timestamp" integer, - expiration integer, - count integer, - remaining_count integer -); - - --- --- TOC entry 242 (class 1259 OID 16773) --- Name: client_node_registrations; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.client_node_registrations ( - client_id character varying(36) NOT NULL, - value integer, - name character varying(255) NOT NULL -); - - --- --- TOC entry 274 (class 1259 OID 17272) --- Name: client_scope; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.client_scope ( - id character varying(36) NOT NULL, - name character varying(255), - realm_id character varying(36), - description character varying(255), - protocol character varying(255) -); - - --- --- TOC entry 275 (class 1259 OID 17286) --- Name: client_scope_attributes; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.client_scope_attributes ( - scope_id character varying(36) NOT NULL, - value character varying(2048), - name character varying(255) NOT NULL -); - - --- --- TOC entry 298 (class 1259 OID 17772) --- Name: client_scope_client; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.client_scope_client ( - client_id character varying(255) NOT NULL, - scope_id character varying(255) NOT NULL, - default_scope boolean DEFAULT false NOT NULL -); - - --- --- TOC entry 276 (class 1259 OID 17291) --- Name: client_scope_role_mapping; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.client_scope_role_mapping ( - scope_id character varying(36) NOT NULL, - role_id character varying(36) NOT NULL -); - - --- --- TOC entry 218 (class 1259 OID 16416) --- Name: client_session; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.client_session ( - id character varying(36) NOT NULL, - client_id character varying(36), - redirect_uri character varying(255), - state character varying(255), - "timestamp" integer, - session_id character varying(36), - auth_method character varying(255), - realm_id character varying(255), - auth_user_id character varying(36), - current_action character varying(36) -); - - --- --- TOC entry 263 (class 1259 OID 17062) --- Name: client_session_auth_status; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.client_session_auth_status ( - authenticator character varying(36) NOT NULL, - status integer, - client_session character varying(36) NOT NULL -); - - --- --- TOC entry 241 (class 1259 OID 16768) --- Name: client_session_note; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.client_session_note ( - name character varying(255) NOT NULL, - value character varying(255), - client_session character varying(36) NOT NULL -); - - --- --- TOC entry 255 (class 1259 OID 16946) --- Name: client_session_prot_mapper; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.client_session_prot_mapper ( - protocol_mapper_id character varying(36) NOT NULL, - client_session character varying(36) NOT NULL -); - - --- --- TOC entry 219 (class 1259 OID 16421) --- Name: client_session_role; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.client_session_role ( - role_id character varying(255) NOT NULL, - client_session character varying(36) NOT NULL -); - - --- --- TOC entry 264 (class 1259 OID 17143) --- Name: client_user_session_note; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.client_user_session_note ( - name character varying(255) NOT NULL, - value character varying(2048), - client_session character varying(36) NOT NULL -); - - --- --- TOC entry 294 (class 1259 OID 17527) --- Name: component; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.component ( - id character varying(36) NOT NULL, - name character varying(255), - parent_id character varying(36), - provider_id character varying(36), - provider_type character varying(255), - realm_id character varying(36), - sub_type character varying(255) -); - - --- --- TOC entry 293 (class 1259 OID 17522) --- Name: component_config; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.component_config ( - id character varying(36) NOT NULL, - component_id character varying(36) NOT NULL, - name character varying(255) NOT NULL, - value text -); - - --- --- TOC entry 220 (class 1259 OID 16424) --- Name: composite_role; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.composite_role ( - composite character varying(36) NOT NULL, - child_role character varying(36) NOT NULL -); - - --- --- TOC entry 221 (class 1259 OID 16427) --- Name: credential; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.credential ( - id character varying(36) NOT NULL, - salt bytea, - type character varying(255), - user_id character varying(36), - created_date bigint, - user_label character varying(255), - secret_data text, - credential_data text, - priority integer -); - - --- --- TOC entry 216 (class 1259 OID 16397) --- Name: databasechangelog; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.databasechangelog ( - id character varying(255) NOT NULL, - author character varying(255) NOT NULL, - filename character varying(255) NOT NULL, - dateexecuted timestamp without time zone NOT NULL, - orderexecuted integer NOT NULL, - exectype character varying(10) NOT NULL, - md5sum character varying(35), - description character varying(255), - comments character varying(255), - tag character varying(255), - liquibase character varying(20), - contexts character varying(255), - labels character varying(255), - deployment_id character varying(10) -); - - --- --- TOC entry 215 (class 1259 OID 16392) --- Name: databasechangeloglock; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.databasechangeloglock ( - id integer NOT NULL, - locked boolean NOT NULL, - lockgranted timestamp without time zone, - lockedby character varying(255) -); - - --- --- TOC entry 299 (class 1259 OID 17788) --- Name: default_client_scope; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.default_client_scope ( - realm_id character varying(36) NOT NULL, - scope_id character varying(36) NOT NULL, - default_scope boolean DEFAULT false NOT NULL -); - - --- --- TOC entry 222 (class 1259 OID 16432) --- Name: event_entity; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.event_entity ( - id character varying(36) NOT NULL, - client_id character varying(255), - details_json character varying(2550), - error character varying(255), - ip_address character varying(255), - realm_id character varying(255), - session_id character varying(255), - event_time bigint, - type character varying(255), - user_id character varying(255), - details_json_long_value text -); - - --- --- TOC entry 287 (class 1259 OID 17487) --- Name: fed_user_attribute; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.fed_user_attribute ( - id character varying(36) NOT NULL, - name character varying(255) NOT NULL, - user_id character varying(255) NOT NULL, - realm_id character varying(36) NOT NULL, - storage_provider_id character varying(36), - value character varying(2024), - long_value_hash bytea, - long_value_hash_lower_case bytea, - long_value text -); - - --- --- TOC entry 288 (class 1259 OID 17492) --- Name: fed_user_consent; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.fed_user_consent ( - id character varying(36) NOT NULL, - client_id character varying(255), - user_id character varying(255) NOT NULL, - realm_id character varying(36) NOT NULL, - storage_provider_id character varying(36), - created_date bigint, - last_updated_date bigint, - client_storage_provider character varying(36), - external_client_id character varying(255) -); - - --- --- TOC entry 301 (class 1259 OID 17814) --- Name: fed_user_consent_cl_scope; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.fed_user_consent_cl_scope ( - user_consent_id character varying(36) NOT NULL, - scope_id character varying(36) NOT NULL -); - - --- --- TOC entry 289 (class 1259 OID 17501) --- Name: fed_user_credential; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.fed_user_credential ( - id character varying(36) NOT NULL, - salt bytea, - type character varying(255), - created_date bigint, - user_id character varying(255) NOT NULL, - realm_id character varying(36) NOT NULL, - storage_provider_id character varying(36), - user_label character varying(255), - secret_data text, - credential_data text, - priority integer -); - - --- --- TOC entry 290 (class 1259 OID 17510) --- Name: fed_user_group_membership; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.fed_user_group_membership ( - group_id character varying(36) NOT NULL, - user_id character varying(255) NOT NULL, - realm_id character varying(36) NOT NULL, - storage_provider_id character varying(36) -); - - --- --- TOC entry 291 (class 1259 OID 17513) --- Name: fed_user_required_action; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.fed_user_required_action ( - required_action character varying(255) DEFAULT ' '::character varying NOT NULL, - user_id character varying(255) NOT NULL, - realm_id character varying(36) NOT NULL, - storage_provider_id character varying(36) -); - - --- --- TOC entry 292 (class 1259 OID 17519) --- Name: fed_user_role_mapping; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.fed_user_role_mapping ( - role_id character varying(36) NOT NULL, - user_id character varying(255) NOT NULL, - realm_id character varying(36) NOT NULL, - storage_provider_id character varying(36) -); - - --- --- TOC entry 245 (class 1259 OID 16809) --- Name: federated_identity; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.federated_identity ( - identity_provider character varying(255) NOT NULL, - realm_id character varying(36), - federated_user_id character varying(255), - federated_username character varying(255), - token text, - user_id character varying(36) NOT NULL -); - - --- --- TOC entry 295 (class 1259 OID 17584) --- Name: federated_user; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.federated_user ( - id character varying(255) NOT NULL, - storage_provider_id character varying(255), - realm_id character varying(36) NOT NULL -); - - --- --- TOC entry 271 (class 1259 OID 17211) --- Name: group_attribute; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.group_attribute ( - id character varying(36) DEFAULT 'sybase-needs-something-here'::character varying NOT NULL, - name character varying(255) NOT NULL, - value character varying(255), - group_id character varying(36) NOT NULL -); - - --- --- TOC entry 270 (class 1259 OID 17208) --- Name: group_role_mapping; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.group_role_mapping ( - role_id character varying(36) NOT NULL, - group_id character varying(36) NOT NULL -); - - --- --- TOC entry 246 (class 1259 OID 16814) --- Name: identity_provider; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.identity_provider ( - internal_id character varying(36) NOT NULL, - enabled boolean DEFAULT false NOT NULL, - provider_alias character varying(255), - provider_id character varying(255), - store_token boolean DEFAULT false NOT NULL, - authenticate_by_default boolean DEFAULT false NOT NULL, - realm_id character varying(36), - add_token_role boolean DEFAULT true NOT NULL, - trust_email boolean DEFAULT false NOT NULL, - first_broker_login_flow_id character varying(36), - post_broker_login_flow_id character varying(36), - provider_display_name character varying(255), - link_only boolean DEFAULT false NOT NULL -); - - --- --- TOC entry 247 (class 1259 OID 16823) --- Name: identity_provider_config; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.identity_provider_config ( - identity_provider_id character varying(36) NOT NULL, - value text, - name character varying(255) NOT NULL -); - - --- --- TOC entry 252 (class 1259 OID 16927) --- Name: identity_provider_mapper; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.identity_provider_mapper ( - id character varying(36) NOT NULL, - name character varying(255) NOT NULL, - idp_alias character varying(255) NOT NULL, - idp_mapper_name character varying(255) NOT NULL, - realm_id character varying(36) NOT NULL -); - - --- --- TOC entry 253 (class 1259 OID 16932) --- Name: idp_mapper_config; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.idp_mapper_config ( - idp_mapper_id character varying(36) NOT NULL, - value text, - name character varying(255) NOT NULL -); - - --- --- TOC entry 269 (class 1259 OID 17205) --- Name: keycloak_group; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.keycloak_group ( - id character varying(36) NOT NULL, - name character varying(255), - parent_group character varying(36) NOT NULL, - realm_id character varying(36) -); - - --- --- TOC entry 223 (class 1259 OID 16440) --- Name: keycloak_role; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.keycloak_role ( - id character varying(36) NOT NULL, - client_realm_constraint character varying(255), - client_role boolean DEFAULT false NOT NULL, - description character varying(255), - name character varying(255), - realm_id character varying(255), - client character varying(36), - realm character varying(36) -); - - --- --- TOC entry 251 (class 1259 OID 16924) --- Name: migration_model; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.migration_model ( - id character varying(36) NOT NULL, - version character varying(36), - update_time bigint DEFAULT 0 NOT NULL -); - - --- --- TOC entry 268 (class 1259 OID 17196) --- Name: offline_client_session; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.offline_client_session ( - user_session_id character varying(36) NOT NULL, - client_id character varying(255) NOT NULL, - offline_flag character varying(4) NOT NULL, - "timestamp" integer, - data text, - client_storage_provider character varying(36) DEFAULT 'local'::character varying NOT NULL, - external_client_id character varying(255) DEFAULT 'local'::character varying NOT NULL -); - - --- --- TOC entry 267 (class 1259 OID 17191) --- Name: offline_user_session; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.offline_user_session ( - user_session_id character varying(36) NOT NULL, - user_id character varying(255) NOT NULL, - realm_id character varying(36) NOT NULL, - created_on integer NOT NULL, - offline_flag character varying(4) NOT NULL, - data text, - last_session_refresh integer DEFAULT 0 NOT NULL -); - - --- --- TOC entry 281 (class 1259 OID 17410) --- Name: policy_config; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.policy_config ( - policy_id character varying(36) NOT NULL, - name character varying(255) NOT NULL, - value text -); - - --- --- TOC entry 243 (class 1259 OID 16798) --- Name: protocol_mapper; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.protocol_mapper ( - id character varying(36) NOT NULL, - name character varying(255) NOT NULL, - protocol character varying(255) NOT NULL, - protocol_mapper_name character varying(255) NOT NULL, - client_id character varying(36), - client_scope_id character varying(36) -); - - --- --- TOC entry 244 (class 1259 OID 16804) --- Name: protocol_mapper_config; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.protocol_mapper_config ( - protocol_mapper_id character varying(36) NOT NULL, - value text, - name character varying(255) NOT NULL -); - - --- --- TOC entry 224 (class 1259 OID 16446) --- Name: realm; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.realm ( - id character varying(36) NOT NULL, - access_code_lifespan integer, - user_action_lifespan integer, - access_token_lifespan integer, - account_theme character varying(255), - admin_theme character varying(255), - email_theme character varying(255), - enabled boolean DEFAULT false NOT NULL, - events_enabled boolean DEFAULT false NOT NULL, - events_expiration bigint, - login_theme character varying(255), - name character varying(255), - not_before integer, - password_policy character varying(2550), - registration_allowed boolean DEFAULT false NOT NULL, - remember_me boolean DEFAULT false NOT NULL, - reset_password_allowed boolean DEFAULT false NOT NULL, - social boolean DEFAULT false NOT NULL, - ssl_required character varying(255), - sso_idle_timeout integer, - sso_max_lifespan integer, - update_profile_on_soc_login boolean DEFAULT false NOT NULL, - verify_email boolean DEFAULT false NOT NULL, - master_admin_client character varying(36), - login_lifespan integer, - internationalization_enabled boolean DEFAULT false NOT NULL, - default_locale character varying(255), - reg_email_as_username boolean DEFAULT false NOT NULL, - admin_events_enabled boolean DEFAULT false NOT NULL, - admin_events_details_enabled boolean DEFAULT false NOT NULL, - edit_username_allowed boolean DEFAULT false NOT NULL, - otp_policy_counter integer DEFAULT 0, - otp_policy_window integer DEFAULT 1, - otp_policy_period integer DEFAULT 30, - otp_policy_digits integer DEFAULT 6, - otp_policy_alg character varying(36) DEFAULT 'HmacSHA1'::character varying, - otp_policy_type character varying(36) DEFAULT 'totp'::character varying, - browser_flow character varying(36), - registration_flow character varying(36), - direct_grant_flow character varying(36), - reset_credentials_flow character varying(36), - client_auth_flow character varying(36), - offline_session_idle_timeout integer DEFAULT 0, - revoke_refresh_token boolean DEFAULT false NOT NULL, - access_token_life_implicit integer DEFAULT 0, - login_with_email_allowed boolean DEFAULT true NOT NULL, - duplicate_emails_allowed boolean DEFAULT false NOT NULL, - docker_auth_flow character varying(36), - refresh_token_max_reuse integer DEFAULT 0, - allow_user_managed_access boolean DEFAULT false NOT NULL, - sso_max_lifespan_remember_me integer DEFAULT 0 NOT NULL, - sso_idle_timeout_remember_me integer DEFAULT 0 NOT NULL, - default_role character varying(255) -); - - --- --- TOC entry 225 (class 1259 OID 16463) --- Name: realm_attribute; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.realm_attribute ( - name character varying(255) NOT NULL, - realm_id character varying(36) NOT NULL, - value text -); - - --- --- TOC entry 273 (class 1259 OID 17220) --- Name: realm_default_groups; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.realm_default_groups ( - realm_id character varying(36) NOT NULL, - group_id character varying(36) NOT NULL -); - - --- --- TOC entry 250 (class 1259 OID 16916) --- Name: realm_enabled_event_types; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.realm_enabled_event_types ( - realm_id character varying(36) NOT NULL, - value character varying(255) NOT NULL -); - - --- --- TOC entry 226 (class 1259 OID 16471) --- Name: realm_events_listeners; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.realm_events_listeners ( - realm_id character varying(36) NOT NULL, - value character varying(255) NOT NULL -); - - --- --- TOC entry 306 (class 1259 OID 17922) --- Name: realm_localizations; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.realm_localizations ( - realm_id character varying(255) NOT NULL, - locale character varying(255) NOT NULL, - texts text NOT NULL -); - - --- --- TOC entry 227 (class 1259 OID 16474) --- Name: realm_required_credential; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.realm_required_credential ( - type character varying(255) NOT NULL, - form_label character varying(255), - input boolean DEFAULT false NOT NULL, - secret boolean DEFAULT false NOT NULL, - realm_id character varying(36) NOT NULL -); - - --- --- TOC entry 228 (class 1259 OID 16481) --- Name: realm_smtp_config; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.realm_smtp_config ( - realm_id character varying(36) NOT NULL, - value character varying(255), - name character varying(255) NOT NULL -); - - --- --- TOC entry 248 (class 1259 OID 16832) --- Name: realm_supported_locales; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.realm_supported_locales ( - realm_id character varying(36) NOT NULL, - value character varying(255) NOT NULL -); - - --- --- TOC entry 229 (class 1259 OID 16491) --- Name: redirect_uris; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.redirect_uris ( - client_id character varying(36) NOT NULL, - value character varying(255) NOT NULL -); - - --- --- TOC entry 266 (class 1259 OID 17155) --- Name: required_action_config; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.required_action_config ( - required_action_id character varying(36) NOT NULL, - value text, - name character varying(255) NOT NULL -); - - --- --- TOC entry 265 (class 1259 OID 17148) --- Name: required_action_provider; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.required_action_provider ( - id character varying(36) NOT NULL, - alias character varying(255), - name character varying(255), - realm_id character varying(36), - enabled boolean DEFAULT false NOT NULL, - default_action boolean DEFAULT false NOT NULL, - provider_id character varying(255), - priority integer -); - - --- --- TOC entry 303 (class 1259 OID 17853) --- Name: resource_attribute; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.resource_attribute ( - id character varying(36) DEFAULT 'sybase-needs-something-here'::character varying NOT NULL, - name character varying(255) NOT NULL, - value character varying(255), - resource_id character varying(36) NOT NULL -); - - --- --- TOC entry 283 (class 1259 OID 17437) --- Name: resource_policy; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.resource_policy ( - resource_id character varying(36) NOT NULL, - policy_id character varying(36) NOT NULL -); - - --- --- TOC entry 282 (class 1259 OID 17422) --- Name: resource_scope; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.resource_scope ( - resource_id character varying(36) NOT NULL, - scope_id character varying(36) NOT NULL -); - - --- --- TOC entry 277 (class 1259 OID 17360) --- Name: resource_server; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.resource_server ( - id character varying(36) NOT NULL, - allow_rs_remote_mgmt boolean DEFAULT false NOT NULL, - policy_enforce_mode smallint NOT NULL, - decision_strategy smallint DEFAULT 1 NOT NULL -); - - --- --- TOC entry 302 (class 1259 OID 17829) --- Name: resource_server_perm_ticket; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.resource_server_perm_ticket ( - id character varying(36) NOT NULL, - owner character varying(255) NOT NULL, - requester character varying(255) NOT NULL, - created_timestamp bigint NOT NULL, - granted_timestamp bigint, - resource_id character varying(36) NOT NULL, - scope_id character varying(36), - resource_server_id character varying(36) NOT NULL, - policy_id character varying(36) -); - - --- --- TOC entry 280 (class 1259 OID 17396) --- Name: resource_server_policy; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.resource_server_policy ( - id character varying(36) NOT NULL, - name character varying(255) NOT NULL, - description character varying(255), - type character varying(255) NOT NULL, - decision_strategy smallint, - logic smallint, - resource_server_id character varying(36) NOT NULL, - owner character varying(255) -); - - --- --- TOC entry 278 (class 1259 OID 17368) --- Name: resource_server_resource; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.resource_server_resource ( - id character varying(36) NOT NULL, - name character varying(255) NOT NULL, - type character varying(255), - icon_uri character varying(255), - owner character varying(255) NOT NULL, - resource_server_id character varying(36) NOT NULL, - owner_managed_access boolean DEFAULT false NOT NULL, - display_name character varying(255) -); - - --- --- TOC entry 279 (class 1259 OID 17382) --- Name: resource_server_scope; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.resource_server_scope ( - id character varying(36) NOT NULL, - name character varying(255) NOT NULL, - icon_uri character varying(255), - resource_server_id character varying(36) NOT NULL, - display_name character varying(255) -); - - --- --- TOC entry 304 (class 1259 OID 17871) --- Name: resource_uris; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.resource_uris ( - resource_id character varying(36) NOT NULL, - value character varying(255) NOT NULL -); - - --- --- TOC entry 305 (class 1259 OID 17881) --- Name: role_attribute; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.role_attribute ( - id character varying(36) NOT NULL, - role_id character varying(36) NOT NULL, - name character varying(255) NOT NULL, - value character varying(255) -); - - --- --- TOC entry 230 (class 1259 OID 16494) --- Name: scope_mapping; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.scope_mapping ( - client_id character varying(36) NOT NULL, - role_id character varying(36) NOT NULL -); - - --- --- TOC entry 284 (class 1259 OID 17452) --- Name: scope_policy; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.scope_policy ( - scope_id character varying(36) NOT NULL, - policy_id character varying(36) NOT NULL -); - - --- --- TOC entry 232 (class 1259 OID 16500) --- Name: user_attribute; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.user_attribute ( - name character varying(255) NOT NULL, - value character varying(255), - user_id character varying(36) NOT NULL, - id character varying(36) DEFAULT 'sybase-needs-something-here'::character varying NOT NULL, - long_value_hash bytea, - long_value_hash_lower_case bytea, - long_value text -); - - --- --- TOC entry 254 (class 1259 OID 16937) --- Name: user_consent; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.user_consent ( - id character varying(36) NOT NULL, - client_id character varying(255), - user_id character varying(36) NOT NULL, - created_date bigint, - last_updated_date bigint, - client_storage_provider character varying(36), - external_client_id character varying(255) -); - - --- --- TOC entry 300 (class 1259 OID 17804) --- Name: user_consent_client_scope; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.user_consent_client_scope ( - user_consent_id character varying(36) NOT NULL, - scope_id character varying(36) NOT NULL -); - - --- --- TOC entry 233 (class 1259 OID 16505) --- Name: user_entity; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.user_entity ( - id character varying(36) NOT NULL, - email character varying(255), - email_constraint character varying(255), - email_verified boolean DEFAULT false NOT NULL, - enabled boolean DEFAULT false NOT NULL, - federation_link character varying(255), - first_name character varying(255), - last_name character varying(255), - realm_id character varying(255), - username character varying(255), - created_timestamp bigint, - service_account_client_link character varying(255), - not_before integer DEFAULT 0 NOT NULL -); - - --- --- TOC entry 234 (class 1259 OID 16513) --- Name: user_federation_config; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.user_federation_config ( - user_federation_provider_id character varying(36) NOT NULL, - value character varying(255), - name character varying(255) NOT NULL -); - - --- --- TOC entry 261 (class 1259 OID 17049) --- Name: user_federation_mapper; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.user_federation_mapper ( - id character varying(36) NOT NULL, - name character varying(255) NOT NULL, - federation_provider_id character varying(36) NOT NULL, - federation_mapper_type character varying(255) NOT NULL, - realm_id character varying(36) NOT NULL -); - - --- --- TOC entry 262 (class 1259 OID 17054) --- Name: user_federation_mapper_config; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.user_federation_mapper_config ( - user_federation_mapper_id character varying(36) NOT NULL, - value character varying(255), - name character varying(255) NOT NULL -); - - --- --- TOC entry 235 (class 1259 OID 16518) --- Name: user_federation_provider; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.user_federation_provider ( - id character varying(36) NOT NULL, - changed_sync_period integer, - display_name character varying(255), - full_sync_period integer, - last_sync integer, - priority integer, - provider_name character varying(255), - realm_id character varying(36) -); - - --- --- TOC entry 272 (class 1259 OID 17217) --- Name: user_group_membership; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.user_group_membership ( - group_id character varying(36) NOT NULL, - user_id character varying(36) NOT NULL -); - - --- --- TOC entry 236 (class 1259 OID 16523) --- Name: user_required_action; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.user_required_action ( - user_id character varying(36) NOT NULL, - required_action character varying(255) DEFAULT ' '::character varying NOT NULL -); - - --- --- TOC entry 237 (class 1259 OID 16526) --- Name: user_role_mapping; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.user_role_mapping ( - role_id character varying(255) NOT NULL, - user_id character varying(36) NOT NULL -); - - --- --- TOC entry 238 (class 1259 OID 16529) --- Name: user_session; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.user_session ( - id character varying(36) NOT NULL, - auth_method character varying(255), - ip_address character varying(255), - last_session_refresh integer, - login_username character varying(255), - realm_id character varying(255), - remember_me boolean DEFAULT false NOT NULL, - started integer, - user_id character varying(255), - user_session_state integer, - broker_session_id character varying(255), - broker_user_id character varying(255) -); - - --- --- TOC entry 249 (class 1259 OID 16835) --- Name: user_session_note; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.user_session_note ( - user_session character varying(36) NOT NULL, - name character varying(255) NOT NULL, - value character varying(2048) -); - - --- --- TOC entry 231 (class 1259 OID 16497) --- Name: username_login_failure; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.username_login_failure ( - realm_id character varying(36) NOT NULL, - username character varying(255) NOT NULL, - failed_login_not_before integer, - last_failure bigint, - last_ip_failure character varying(255), - num_failures integer -); - - --- --- TOC entry 239 (class 1259 OID 16540) --- Name: web_origins; Type: TABLE; Schema: public; Owner: - --- - -CREATE TABLE public.web_origins ( - client_id character varying(36) NOT NULL, - value character varying(255) NOT NULL -); - - --- --- TOC entry 3733 (class 2606 OID 17596) --- Name: username_login_failure CONSTRAINT_17-2; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.username_login_failure - ADD CONSTRAINT "CONSTRAINT_17-2" PRIMARY KEY (realm_id, username); - - --- --- TOC entry 3706 (class 2606 OID 17905) --- Name: keycloak_role UK_J3RWUVD56ONTGSUHOGM184WW2-2; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.keycloak_role - ADD CONSTRAINT "UK_J3RWUVD56ONTGSUHOGM184WW2-2" UNIQUE (name, client_realm_constraint); - - --- --- TOC entry 3954 (class 2606 OID 17735) --- Name: client_auth_flow_bindings c_cli_flow_bind; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.client_auth_flow_bindings - ADD CONSTRAINT c_cli_flow_bind PRIMARY KEY (client_id, binding_name); - - --- --- TOC entry 3956 (class 2606 OID 17934) --- Name: client_scope_client c_cli_scope_bind; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.client_scope_client - ADD CONSTRAINT c_cli_scope_bind PRIMARY KEY (client_id, scope_id); - - --- --- TOC entry 3951 (class 2606 OID 17610) --- Name: client_initial_access cnstr_client_init_acc_pk; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.client_initial_access - ADD CONSTRAINT cnstr_client_init_acc_pk PRIMARY KEY (id); - - --- --- TOC entry 3866 (class 2606 OID 17258) --- Name: realm_default_groups con_group_id_def_groups; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.realm_default_groups - ADD CONSTRAINT con_group_id_def_groups UNIQUE (group_id); - - --- --- TOC entry 3914 (class 2606 OID 17533) --- Name: broker_link constr_broker_link_pk; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.broker_link - ADD CONSTRAINT constr_broker_link_pk PRIMARY KEY (identity_provider, user_id); - - --- --- TOC entry 3835 (class 2606 OID 17167) --- Name: client_user_session_note constr_cl_usr_ses_note; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.client_user_session_note - ADD CONSTRAINT constr_cl_usr_ses_note PRIMARY KEY (client_session, name); - - --- --- TOC entry 3942 (class 2606 OID 17553) --- Name: component_config constr_component_config_pk; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.component_config - ADD CONSTRAINT constr_component_config_pk PRIMARY KEY (id); - - --- --- TOC entry 3945 (class 2606 OID 17551) --- Name: component constr_component_pk; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.component - ADD CONSTRAINT constr_component_pk PRIMARY KEY (id); - - --- --- TOC entry 3934 (class 2606 OID 17549) --- Name: fed_user_required_action constr_fed_required_action; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.fed_user_required_action - ADD CONSTRAINT constr_fed_required_action PRIMARY KEY (required_action, user_id); - - --- --- TOC entry 3916 (class 2606 OID 17535) --- Name: fed_user_attribute constr_fed_user_attr_pk; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.fed_user_attribute - ADD CONSTRAINT constr_fed_user_attr_pk PRIMARY KEY (id); - - --- --- TOC entry 3921 (class 2606 OID 17537) --- Name: fed_user_consent constr_fed_user_consent_pk; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.fed_user_consent - ADD CONSTRAINT constr_fed_user_consent_pk PRIMARY KEY (id); - - --- --- TOC entry 3926 (class 2606 OID 17543) --- Name: fed_user_credential constr_fed_user_cred_pk; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.fed_user_credential - ADD CONSTRAINT constr_fed_user_cred_pk PRIMARY KEY (id); - - --- --- TOC entry 3930 (class 2606 OID 17545) --- Name: fed_user_group_membership constr_fed_user_group; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.fed_user_group_membership - ADD CONSTRAINT constr_fed_user_group PRIMARY KEY (group_id, user_id); - - --- --- TOC entry 3938 (class 2606 OID 17547) --- Name: fed_user_role_mapping constr_fed_user_role; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.fed_user_role_mapping - ADD CONSTRAINT constr_fed_user_role PRIMARY KEY (role_id, user_id); - - --- --- TOC entry 3949 (class 2606 OID 17590) --- Name: federated_user constr_federated_user; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.federated_user - ADD CONSTRAINT constr_federated_user PRIMARY KEY (id); - - --- --- TOC entry 3868 (class 2606 OID 17694) --- Name: realm_default_groups constr_realm_default_groups; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.realm_default_groups - ADD CONSTRAINT constr_realm_default_groups PRIMARY KEY (realm_id, group_id); - - --- --- TOC entry 3794 (class 2606 OID 17711) --- Name: realm_enabled_event_types constr_realm_enabl_event_types; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.realm_enabled_event_types - ADD CONSTRAINT constr_realm_enabl_event_types PRIMARY KEY (realm_id, value); - - --- --- TOC entry 3720 (class 2606 OID 17713) --- Name: realm_events_listeners constr_realm_events_listeners; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.realm_events_listeners - ADD CONSTRAINT constr_realm_events_listeners PRIMARY KEY (realm_id, value); - - --- --- TOC entry 3789 (class 2606 OID 17715) --- Name: realm_supported_locales constr_realm_supported_locales; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.realm_supported_locales - ADD CONSTRAINT constr_realm_supported_locales PRIMARY KEY (realm_id, value); - - --- --- TOC entry 3782 (class 2606 OID 16844) --- Name: identity_provider constraint_2b; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.identity_provider - ADD CONSTRAINT constraint_2b PRIMARY KEY (internal_id); - - --- --- TOC entry 3765 (class 2606 OID 16778) --- Name: client_attributes constraint_3c; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.client_attributes - ADD CONSTRAINT constraint_3c PRIMARY KEY (client_id, name); - - --- --- TOC entry 3703 (class 2606 OID 16552) --- Name: event_entity constraint_4; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.event_entity - ADD CONSTRAINT constraint_4 PRIMARY KEY (id); - - --- --- TOC entry 3778 (class 2606 OID 16846) --- Name: federated_identity constraint_40; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.federated_identity - ADD CONSTRAINT constraint_40 PRIMARY KEY (identity_provider, user_id); - - --- --- TOC entry 3712 (class 2606 OID 16554) --- Name: realm constraint_4a; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.realm - ADD CONSTRAINT constraint_4a PRIMARY KEY (id); - - --- --- TOC entry 3694 (class 2606 OID 16556) --- Name: client_session_role constraint_5; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.client_session_role - ADD CONSTRAINT constraint_5 PRIMARY KEY (client_session, role_id); - - --- --- TOC entry 3760 (class 2606 OID 16558) --- Name: user_session constraint_57; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.user_session - ADD CONSTRAINT constraint_57 PRIMARY KEY (id); - - --- --- TOC entry 3751 (class 2606 OID 16560) --- Name: user_federation_provider constraint_5c; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.user_federation_provider - ADD CONSTRAINT constraint_5c PRIMARY KEY (id); - - --- --- TOC entry 3768 (class 2606 OID 16780) --- Name: client_session_note constraint_5e; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.client_session_note - ADD CONSTRAINT constraint_5e PRIMARY KEY (client_session, name); - - --- --- TOC entry 3686 (class 2606 OID 16564) --- Name: client constraint_7; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.client - ADD CONSTRAINT constraint_7 PRIMARY KEY (id); - - --- --- TOC entry 3691 (class 2606 OID 16566) --- Name: client_session constraint_8; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.client_session - ADD CONSTRAINT constraint_8 PRIMARY KEY (id); - - --- --- TOC entry 3730 (class 2606 OID 16568) --- Name: scope_mapping constraint_81; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.scope_mapping - ADD CONSTRAINT constraint_81 PRIMARY KEY (client_id, role_id); - - --- --- TOC entry 3770 (class 2606 OID 16782) --- Name: client_node_registrations constraint_84; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.client_node_registrations - ADD CONSTRAINT constraint_84 PRIMARY KEY (client_id, name); - - --- --- TOC entry 3717 (class 2606 OID 16570) --- Name: realm_attribute constraint_9; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.realm_attribute - ADD CONSTRAINT constraint_9 PRIMARY KEY (name, realm_id); - - --- --- TOC entry 3723 (class 2606 OID 16572) --- Name: realm_required_credential constraint_92; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.realm_required_credential - ADD CONSTRAINT constraint_92 PRIMARY KEY (realm_id, type); - - --- --- TOC entry 3708 (class 2606 OID 16574) --- Name: keycloak_role constraint_a; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.keycloak_role - ADD CONSTRAINT constraint_a PRIMARY KEY (id); - - --- --- TOC entry 3812 (class 2606 OID 17698) --- Name: admin_event_entity constraint_admin_event_entity; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.admin_event_entity - ADD CONSTRAINT constraint_admin_event_entity PRIMARY KEY (id); - - --- --- TOC entry 3825 (class 2606 OID 17075) --- Name: authenticator_config_entry constraint_auth_cfg_pk; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.authenticator_config_entry - ADD CONSTRAINT constraint_auth_cfg_pk PRIMARY KEY (authenticator_id, name); - - --- --- TOC entry 3821 (class 2606 OID 17073) --- Name: authentication_execution constraint_auth_exec_pk; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.authentication_execution - ADD CONSTRAINT constraint_auth_exec_pk PRIMARY KEY (id); - - --- --- TOC entry 3818 (class 2606 OID 17071) --- Name: authentication_flow constraint_auth_flow_pk; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.authentication_flow - ADD CONSTRAINT constraint_auth_flow_pk PRIMARY KEY (id); - - --- --- TOC entry 3815 (class 2606 OID 17069) --- Name: authenticator_config constraint_auth_pk; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.authenticator_config - ADD CONSTRAINT constraint_auth_pk PRIMARY KEY (id); - - --- --- TOC entry 3833 (class 2606 OID 17079) --- Name: client_session_auth_status constraint_auth_status_pk; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.client_session_auth_status - ADD CONSTRAINT constraint_auth_status_pk PRIMARY KEY (client_session, authenticator); - - --- --- TOC entry 3757 (class 2606 OID 16576) --- Name: user_role_mapping constraint_c; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.user_role_mapping - ADD CONSTRAINT constraint_c PRIMARY KEY (role_id, user_id); - - --- --- TOC entry 3696 (class 2606 OID 17692) --- Name: composite_role constraint_composite_role; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.composite_role - ADD CONSTRAINT constraint_composite_role PRIMARY KEY (composite, child_role); - - --- --- TOC entry 3810 (class 2606 OID 16962) --- Name: client_session_prot_mapper constraint_cs_pmp_pk; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.client_session_prot_mapper - ADD CONSTRAINT constraint_cs_pmp_pk PRIMARY KEY (client_session, protocol_mapper_id); - - --- --- TOC entry 3787 (class 2606 OID 16848) --- Name: identity_provider_config constraint_d; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.identity_provider_config - ADD CONSTRAINT constraint_d PRIMARY KEY (identity_provider_id, name); - - --- --- TOC entry 3900 (class 2606 OID 17416) --- Name: policy_config constraint_dpc; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.policy_config - ADD CONSTRAINT constraint_dpc PRIMARY KEY (policy_id, name); - - --- --- TOC entry 3725 (class 2606 OID 16578) --- Name: realm_smtp_config constraint_e; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.realm_smtp_config - ADD CONSTRAINT constraint_e PRIMARY KEY (realm_id, name); - - --- --- TOC entry 3700 (class 2606 OID 16580) --- Name: credential constraint_f; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.credential - ADD CONSTRAINT constraint_f PRIMARY KEY (id); - - --- --- TOC entry 3749 (class 2606 OID 16582) --- Name: user_federation_config constraint_f9; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.user_federation_config - ADD CONSTRAINT constraint_f9 PRIMARY KEY (user_federation_provider_id, name); - - --- --- TOC entry 3969 (class 2606 OID 17833) --- Name: resource_server_perm_ticket constraint_fapmt; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.resource_server_perm_ticket - ADD CONSTRAINT constraint_fapmt PRIMARY KEY (id); - - --- --- TOC entry 3885 (class 2606 OID 17374) --- Name: resource_server_resource constraint_farsr; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.resource_server_resource - ADD CONSTRAINT constraint_farsr PRIMARY KEY (id); - - --- --- TOC entry 3895 (class 2606 OID 17402) --- Name: resource_server_policy constraint_farsrp; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.resource_server_policy - ADD CONSTRAINT constraint_farsrp PRIMARY KEY (id); - - --- --- TOC entry 3911 (class 2606 OID 17471) --- Name: associated_policy constraint_farsrpap; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.associated_policy - ADD CONSTRAINT constraint_farsrpap PRIMARY KEY (policy_id, associated_policy_id); - - --- --- TOC entry 3905 (class 2606 OID 17441) --- Name: resource_policy constraint_farsrpp; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.resource_policy - ADD CONSTRAINT constraint_farsrpp PRIMARY KEY (resource_id, policy_id); - - --- --- TOC entry 3890 (class 2606 OID 17388) --- Name: resource_server_scope constraint_farsrs; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.resource_server_scope - ADD CONSTRAINT constraint_farsrs PRIMARY KEY (id); - - --- --- TOC entry 3902 (class 2606 OID 17426) --- Name: resource_scope constraint_farsrsp; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.resource_scope - ADD CONSTRAINT constraint_farsrsp PRIMARY KEY (resource_id, scope_id); - - --- --- TOC entry 3908 (class 2606 OID 17456) --- Name: scope_policy constraint_farsrsps; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.scope_policy - ADD CONSTRAINT constraint_farsrsps PRIMARY KEY (scope_id, policy_id); - - --- --- TOC entry 3741 (class 2606 OID 16584) --- Name: user_entity constraint_fb; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.user_entity - ADD CONSTRAINT constraint_fb PRIMARY KEY (id); - - --- --- TOC entry 3831 (class 2606 OID 17083) --- Name: user_federation_mapper_config constraint_fedmapper_cfg_pm; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.user_federation_mapper_config - ADD CONSTRAINT constraint_fedmapper_cfg_pm PRIMARY KEY (user_federation_mapper_id, name); - - --- --- TOC entry 3827 (class 2606 OID 17081) --- Name: user_federation_mapper constraint_fedmapperpm; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.user_federation_mapper - ADD CONSTRAINT constraint_fedmapperpm PRIMARY KEY (id); - - --- --- TOC entry 3967 (class 2606 OID 17818) --- Name: fed_user_consent_cl_scope constraint_fgrntcsnt_clsc_pm; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.fed_user_consent_cl_scope - ADD CONSTRAINT constraint_fgrntcsnt_clsc_pm PRIMARY KEY (user_consent_id, scope_id); - - --- --- TOC entry 3964 (class 2606 OID 17808) --- Name: user_consent_client_scope constraint_grntcsnt_clsc_pm; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.user_consent_client_scope - ADD CONSTRAINT constraint_grntcsnt_clsc_pm PRIMARY KEY (user_consent_id, scope_id); - - --- --- TOC entry 3805 (class 2606 OID 16956) --- Name: user_consent constraint_grntcsnt_pm; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.user_consent - ADD CONSTRAINT constraint_grntcsnt_pm PRIMARY KEY (id); - - --- --- TOC entry 3852 (class 2606 OID 17225) --- Name: keycloak_group constraint_group; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.keycloak_group - ADD CONSTRAINT constraint_group PRIMARY KEY (id); - - --- --- TOC entry 3859 (class 2606 OID 17232) --- Name: group_attribute constraint_group_attribute_pk; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.group_attribute - ADD CONSTRAINT constraint_group_attribute_pk PRIMARY KEY (id); - - --- --- TOC entry 3856 (class 2606 OID 17246) --- Name: group_role_mapping constraint_group_role; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.group_role_mapping - ADD CONSTRAINT constraint_group_role PRIMARY KEY (role_id, group_id); - - --- --- TOC entry 3800 (class 2606 OID 16952) --- Name: identity_provider_mapper constraint_idpm; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.identity_provider_mapper - ADD CONSTRAINT constraint_idpm PRIMARY KEY (id); - - --- --- TOC entry 3803 (class 2606 OID 17132) --- Name: idp_mapper_config constraint_idpmconfig; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.idp_mapper_config - ADD CONSTRAINT constraint_idpmconfig PRIMARY KEY (idp_mapper_id, name); - - --- --- TOC entry 3797 (class 2606 OID 16950) --- Name: migration_model constraint_migmod; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.migration_model - ADD CONSTRAINT constraint_migmod PRIMARY KEY (id); - - --- --- TOC entry 3848 (class 2606 OID 17911) --- Name: offline_client_session constraint_offl_cl_ses_pk3; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.offline_client_session - ADD CONSTRAINT constraint_offl_cl_ses_pk3 PRIMARY KEY (user_session_id, client_id, client_storage_provider, external_client_id, offline_flag); - - --- --- TOC entry 3842 (class 2606 OID 17202) --- Name: offline_user_session constraint_offl_us_ses_pk2; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.offline_user_session - ADD CONSTRAINT constraint_offl_us_ses_pk2 PRIMARY KEY (user_session_id, offline_flag); - - --- --- TOC entry 3772 (class 2606 OID 16842) --- Name: protocol_mapper constraint_pcm; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.protocol_mapper - ADD CONSTRAINT constraint_pcm PRIMARY KEY (id); - - --- --- TOC entry 3776 (class 2606 OID 17125) --- Name: protocol_mapper_config constraint_pmconfig; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.protocol_mapper_config - ADD CONSTRAINT constraint_pmconfig PRIMARY KEY (protocol_mapper_id, name); - - --- --- TOC entry 3727 (class 2606 OID 17717) --- Name: redirect_uris constraint_redirect_uris; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.redirect_uris - ADD CONSTRAINT constraint_redirect_uris PRIMARY KEY (client_id, value); - - --- --- TOC entry 3840 (class 2606 OID 17165) --- Name: required_action_config constraint_req_act_cfg_pk; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.required_action_config - ADD CONSTRAINT constraint_req_act_cfg_pk PRIMARY KEY (required_action_id, name); - - --- --- TOC entry 3837 (class 2606 OID 17163) --- Name: required_action_provider constraint_req_act_prv_pk; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.required_action_provider - ADD CONSTRAINT constraint_req_act_prv_pk PRIMARY KEY (id); - - --- --- TOC entry 3754 (class 2606 OID 17077) --- Name: user_required_action constraint_required_action; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.user_required_action - ADD CONSTRAINT constraint_required_action PRIMARY KEY (required_action, user_id); - - --- --- TOC entry 3975 (class 2606 OID 17880) --- Name: resource_uris constraint_resour_uris_pk; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.resource_uris - ADD CONSTRAINT constraint_resour_uris_pk PRIMARY KEY (resource_id, value); - - --- --- TOC entry 3977 (class 2606 OID 17887) --- Name: role_attribute constraint_role_attribute_pk; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.role_attribute - ADD CONSTRAINT constraint_role_attribute_pk PRIMARY KEY (id); - - --- --- TOC entry 3735 (class 2606 OID 17161) --- Name: user_attribute constraint_user_attribute_pk; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.user_attribute - ADD CONSTRAINT constraint_user_attribute_pk PRIMARY KEY (id); - - --- --- TOC entry 3863 (class 2606 OID 17239) --- Name: user_group_membership constraint_user_group; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.user_group_membership - ADD CONSTRAINT constraint_user_group PRIMARY KEY (group_id, user_id); - - --- --- TOC entry 3792 (class 2606 OID 16852) --- Name: user_session_note constraint_usn_pk; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.user_session_note - ADD CONSTRAINT constraint_usn_pk PRIMARY KEY (user_session, name); - - --- --- TOC entry 3762 (class 2606 OID 17719) --- Name: web_origins constraint_web_origins; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.web_origins - ADD CONSTRAINT constraint_web_origins PRIMARY KEY (client_id, value); - - --- --- TOC entry 3684 (class 2606 OID 16396) --- Name: databasechangeloglock databasechangeloglock_pkey; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.databasechangeloglock - ADD CONSTRAINT databasechangeloglock_pkey PRIMARY KEY (id); - - --- --- TOC entry 3877 (class 2606 OID 17342) --- Name: client_scope_attributes pk_cl_tmpl_attr; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.client_scope_attributes - ADD CONSTRAINT pk_cl_tmpl_attr PRIMARY KEY (scope_id, name); - - --- --- TOC entry 3872 (class 2606 OID 17301) --- Name: client_scope pk_cli_template; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.client_scope - ADD CONSTRAINT pk_cli_template PRIMARY KEY (id); - - --- --- TOC entry 3883 (class 2606 OID 17672) --- Name: resource_server pk_resource_server; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.resource_server - ADD CONSTRAINT pk_resource_server PRIMARY KEY (id); - - --- --- TOC entry 3881 (class 2606 OID 17330) --- Name: client_scope_role_mapping pk_template_scope; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.client_scope_role_mapping - ADD CONSTRAINT pk_template_scope PRIMARY KEY (scope_id, role_id); - - --- --- TOC entry 3962 (class 2606 OID 17793) --- Name: default_client_scope r_def_cli_scope_bind; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.default_client_scope - ADD CONSTRAINT r_def_cli_scope_bind PRIMARY KEY (realm_id, scope_id); - - --- --- TOC entry 3980 (class 2606 OID 17928) --- Name: realm_localizations realm_localizations_pkey; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.realm_localizations - ADD CONSTRAINT realm_localizations_pkey PRIMARY KEY (realm_id, locale); - - --- --- TOC entry 3973 (class 2606 OID 17860) --- Name: resource_attribute res_attr_pk; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.resource_attribute - ADD CONSTRAINT res_attr_pk PRIMARY KEY (id); - - --- --- TOC entry 3854 (class 2606 OID 17602) --- Name: keycloak_group sibling_names; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.keycloak_group - ADD CONSTRAINT sibling_names UNIQUE (realm_id, parent_group, name); - - --- --- TOC entry 3785 (class 2606 OID 16899) --- Name: identity_provider uk_2daelwnibji49avxsrtuf6xj33; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.identity_provider - ADD CONSTRAINT uk_2daelwnibji49avxsrtuf6xj33 UNIQUE (provider_alias, realm_id); - - --- --- TOC entry 3689 (class 2606 OID 16588) --- Name: client uk_b71cjlbenv945rb6gcon438at; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.client - ADD CONSTRAINT uk_b71cjlbenv945rb6gcon438at UNIQUE (realm_id, client_id); - - --- --- TOC entry 3874 (class 2606 OID 17746) --- Name: client_scope uk_cli_scope; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.client_scope - ADD CONSTRAINT uk_cli_scope UNIQUE (realm_id, name); - - --- --- TOC entry 3745 (class 2606 OID 16592) --- Name: user_entity uk_dykn684sl8up1crfei6eckhd7; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.user_entity - ADD CONSTRAINT uk_dykn684sl8up1crfei6eckhd7 UNIQUE (realm_id, email_constraint); - - --- --- TOC entry 3888 (class 2606 OID 17919) --- Name: resource_server_resource uk_frsr6t700s9v50bu18ws5ha6; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.resource_server_resource - ADD CONSTRAINT uk_frsr6t700s9v50bu18ws5ha6 UNIQUE (name, owner, resource_server_id); - - --- --- TOC entry 3971 (class 2606 OID 17915) --- Name: resource_server_perm_ticket uk_frsr6t700s9v50bu18ws5pmt; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.resource_server_perm_ticket - ADD CONSTRAINT uk_frsr6t700s9v50bu18ws5pmt UNIQUE (owner, requester, resource_server_id, resource_id, scope_id); - - --- --- TOC entry 3898 (class 2606 OID 17663) --- Name: resource_server_policy uk_frsrpt700s9v50bu18ws5ha6; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.resource_server_policy - ADD CONSTRAINT uk_frsrpt700s9v50bu18ws5ha6 UNIQUE (name, resource_server_id); - - --- --- TOC entry 3893 (class 2606 OID 17667) --- Name: resource_server_scope uk_frsrst700s9v50bu18ws5ha6; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.resource_server_scope - ADD CONSTRAINT uk_frsrst700s9v50bu18ws5ha6 UNIQUE (name, resource_server_id); - - --- --- TOC entry 3808 (class 2606 OID 17907) --- Name: user_consent uk_jkuwuvd56ontgsuhogm8uewrt; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.user_consent - ADD CONSTRAINT uk_jkuwuvd56ontgsuhogm8uewrt UNIQUE (client_id, client_storage_provider, external_client_id, user_id); - - --- --- TOC entry 3715 (class 2606 OID 16600) --- Name: realm uk_orvsdmla56612eaefiq6wl5oi; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.realm - ADD CONSTRAINT uk_orvsdmla56612eaefiq6wl5oi UNIQUE (name); - - --- --- TOC entry 3747 (class 2606 OID 17592) --- Name: user_entity uk_ru8tt6t700s9v50bu18ws5ha6; Type: CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.user_entity - ADD CONSTRAINT uk_ru8tt6t700s9v50bu18ws5ha6 UNIQUE (realm_id, username); - - --- --- TOC entry 3917 (class 1259 OID 17967) --- Name: fed_user_attr_long_values; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX fed_user_attr_long_values ON public.fed_user_attribute USING btree (long_value_hash, name); - - --- --- TOC entry 3918 (class 1259 OID 17969) --- Name: fed_user_attr_long_values_lower_case; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX fed_user_attr_long_values_lower_case ON public.fed_user_attribute USING btree (long_value_hash_lower_case, name); - - --- --- TOC entry 3813 (class 1259 OID 17944) --- Name: idx_admin_event_time; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_admin_event_time ON public.admin_event_entity USING btree (realm_id, admin_event_time); - - --- --- TOC entry 3912 (class 1259 OID 17616) --- Name: idx_assoc_pol_assoc_pol_id; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_assoc_pol_assoc_pol_id ON public.associated_policy USING btree (associated_policy_id); - - --- --- TOC entry 3816 (class 1259 OID 17620) --- Name: idx_auth_config_realm; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_auth_config_realm ON public.authenticator_config USING btree (realm_id); - - --- --- TOC entry 3822 (class 1259 OID 17618) --- Name: idx_auth_exec_flow; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_auth_exec_flow ON public.authentication_execution USING btree (flow_id); - - --- --- TOC entry 3823 (class 1259 OID 17617) --- Name: idx_auth_exec_realm_flow; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_auth_exec_realm_flow ON public.authentication_execution USING btree (realm_id, flow_id); - - --- --- TOC entry 3819 (class 1259 OID 17619) --- Name: idx_auth_flow_realm; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_auth_flow_realm ON public.authentication_flow USING btree (realm_id); - - --- --- TOC entry 3957 (class 1259 OID 17935) --- Name: idx_cl_clscope; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_cl_clscope ON public.client_scope_client USING btree (scope_id); - - --- --- TOC entry 3766 (class 1259 OID 17970) --- Name: idx_client_att_by_name_value; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_client_att_by_name_value ON public.client_attributes USING btree (name, substr(value, 1, 255)); - - --- --- TOC entry 3687 (class 1259 OID 17920) --- Name: idx_client_id; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_client_id ON public.client USING btree (client_id); - - --- --- TOC entry 3952 (class 1259 OID 17660) --- Name: idx_client_init_acc_realm; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_client_init_acc_realm ON public.client_initial_access USING btree (realm_id); - - --- --- TOC entry 3692 (class 1259 OID 17624) --- Name: idx_client_session_session; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_client_session_session ON public.client_session USING btree (session_id); - - --- --- TOC entry 3875 (class 1259 OID 17823) --- Name: idx_clscope_attrs; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_clscope_attrs ON public.client_scope_attributes USING btree (scope_id); - - --- --- TOC entry 3958 (class 1259 OID 17932) --- Name: idx_clscope_cl; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_clscope_cl ON public.client_scope_client USING btree (client_id); - - --- --- TOC entry 3773 (class 1259 OID 17820) --- Name: idx_clscope_protmap; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_clscope_protmap ON public.protocol_mapper USING btree (client_scope_id); - - --- --- TOC entry 3878 (class 1259 OID 17821) --- Name: idx_clscope_role; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_clscope_role ON public.client_scope_role_mapping USING btree (scope_id); - - --- --- TOC entry 3943 (class 1259 OID 17626) --- Name: idx_compo_config_compo; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_compo_config_compo ON public.component_config USING btree (component_id); - - --- --- TOC entry 3946 (class 1259 OID 17894) --- Name: idx_component_provider_type; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_component_provider_type ON public.component USING btree (provider_type); - - --- --- TOC entry 3947 (class 1259 OID 17625) --- Name: idx_component_realm; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_component_realm ON public.component USING btree (realm_id); - - --- --- TOC entry 3697 (class 1259 OID 17627) --- Name: idx_composite; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_composite ON public.composite_role USING btree (composite); - - --- --- TOC entry 3698 (class 1259 OID 17628) --- Name: idx_composite_child; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_composite_child ON public.composite_role USING btree (child_role); - - --- --- TOC entry 3959 (class 1259 OID 17826) --- Name: idx_defcls_realm; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_defcls_realm ON public.default_client_scope USING btree (realm_id); - - --- --- TOC entry 3960 (class 1259 OID 17827) --- Name: idx_defcls_scope; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_defcls_scope ON public.default_client_scope USING btree (scope_id); - - --- --- TOC entry 3704 (class 1259 OID 17921) --- Name: idx_event_time; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_event_time ON public.event_entity USING btree (realm_id, event_time); - - --- --- TOC entry 3779 (class 1259 OID 17359) --- Name: idx_fedidentity_feduser; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_fedidentity_feduser ON public.federated_identity USING btree (federated_user_id); - - --- --- TOC entry 3780 (class 1259 OID 17358) --- Name: idx_fedidentity_user; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_fedidentity_user ON public.federated_identity USING btree (user_id); - - --- --- TOC entry 3919 (class 1259 OID 17720) --- Name: idx_fu_attribute; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_fu_attribute ON public.fed_user_attribute USING btree (user_id, realm_id, name); - - --- --- TOC entry 3922 (class 1259 OID 17740) --- Name: idx_fu_cnsnt_ext; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_fu_cnsnt_ext ON public.fed_user_consent USING btree (user_id, client_storage_provider, external_client_id); - - --- --- TOC entry 3923 (class 1259 OID 17903) --- Name: idx_fu_consent; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_fu_consent ON public.fed_user_consent USING btree (user_id, client_id); - - --- --- TOC entry 3924 (class 1259 OID 17722) --- Name: idx_fu_consent_ru; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_fu_consent_ru ON public.fed_user_consent USING btree (realm_id, user_id); - - --- --- TOC entry 3927 (class 1259 OID 17723) --- Name: idx_fu_credential; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_fu_credential ON public.fed_user_credential USING btree (user_id, type); - - --- --- TOC entry 3928 (class 1259 OID 17724) --- Name: idx_fu_credential_ru; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_fu_credential_ru ON public.fed_user_credential USING btree (realm_id, user_id); - - --- --- TOC entry 3931 (class 1259 OID 17725) --- Name: idx_fu_group_membership; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_fu_group_membership ON public.fed_user_group_membership USING btree (user_id, group_id); - - --- --- TOC entry 3932 (class 1259 OID 17726) --- Name: idx_fu_group_membership_ru; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_fu_group_membership_ru ON public.fed_user_group_membership USING btree (realm_id, user_id); - - --- --- TOC entry 3935 (class 1259 OID 17727) --- Name: idx_fu_required_action; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_fu_required_action ON public.fed_user_required_action USING btree (user_id, required_action); - - --- --- TOC entry 3936 (class 1259 OID 17728) --- Name: idx_fu_required_action_ru; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_fu_required_action_ru ON public.fed_user_required_action USING btree (realm_id, user_id); - - --- --- TOC entry 3939 (class 1259 OID 17729) --- Name: idx_fu_role_mapping; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_fu_role_mapping ON public.fed_user_role_mapping USING btree (user_id, role_id); - - --- --- TOC entry 3940 (class 1259 OID 17730) --- Name: idx_fu_role_mapping_ru; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_fu_role_mapping_ru ON public.fed_user_role_mapping USING btree (realm_id, user_id); - - --- --- TOC entry 3860 (class 1259 OID 17945) --- Name: idx_group_att_by_name_value; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_group_att_by_name_value ON public.group_attribute USING btree (name, ((value)::character varying(250))); - - --- --- TOC entry 3861 (class 1259 OID 17631) --- Name: idx_group_attr_group; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_group_attr_group ON public.group_attribute USING btree (group_id); - - --- --- TOC entry 3857 (class 1259 OID 17632) --- Name: idx_group_role_mapp_group; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_group_role_mapp_group ON public.group_role_mapping USING btree (group_id); - - --- --- TOC entry 3801 (class 1259 OID 17634) --- Name: idx_id_prov_mapp_realm; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_id_prov_mapp_realm ON public.identity_provider_mapper USING btree (realm_id); - - --- --- TOC entry 3783 (class 1259 OID 17633) --- Name: idx_ident_prov_realm; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_ident_prov_realm ON public.identity_provider USING btree (realm_id); - - --- --- TOC entry 3709 (class 1259 OID 17635) --- Name: idx_keycloak_role_client; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_keycloak_role_client ON public.keycloak_role USING btree (client); - - --- --- TOC entry 3710 (class 1259 OID 17636) --- Name: idx_keycloak_role_realm; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_keycloak_role_realm ON public.keycloak_role USING btree (realm); - - --- --- TOC entry 3849 (class 1259 OID 17938) --- Name: idx_offline_css_preload; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_offline_css_preload ON public.offline_client_session USING btree (client_id, offline_flag); - - --- --- TOC entry 3843 (class 1259 OID 17939) --- Name: idx_offline_uss_by_user; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_offline_uss_by_user ON public.offline_user_session USING btree (user_id, realm_id, offline_flag); - - --- --- TOC entry 3844 (class 1259 OID 17940) --- Name: idx_offline_uss_by_usersess; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_offline_uss_by_usersess ON public.offline_user_session USING btree (realm_id, offline_flag, user_session_id); - - --- --- TOC entry 3845 (class 1259 OID 17898) --- Name: idx_offline_uss_createdon; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_offline_uss_createdon ON public.offline_user_session USING btree (created_on); - - --- --- TOC entry 3846 (class 1259 OID 17929) --- Name: idx_offline_uss_preload; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_offline_uss_preload ON public.offline_user_session USING btree (offline_flag, created_on, user_session_id); - - --- --- TOC entry 3774 (class 1259 OID 17637) --- Name: idx_protocol_mapper_client; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_protocol_mapper_client ON public.protocol_mapper USING btree (client_id); - - --- --- TOC entry 3718 (class 1259 OID 17640) --- Name: idx_realm_attr_realm; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_realm_attr_realm ON public.realm_attribute USING btree (realm_id); - - --- --- TOC entry 3870 (class 1259 OID 17819) --- Name: idx_realm_clscope; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_realm_clscope ON public.client_scope USING btree (realm_id); - - --- --- TOC entry 3869 (class 1259 OID 17641) --- Name: idx_realm_def_grp_realm; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_realm_def_grp_realm ON public.realm_default_groups USING btree (realm_id); - - --- --- TOC entry 3721 (class 1259 OID 17644) --- Name: idx_realm_evt_list_realm; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_realm_evt_list_realm ON public.realm_events_listeners USING btree (realm_id); - - --- --- TOC entry 3795 (class 1259 OID 17643) --- Name: idx_realm_evt_types_realm; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_realm_evt_types_realm ON public.realm_enabled_event_types USING btree (realm_id); - - --- --- TOC entry 3713 (class 1259 OID 17639) --- Name: idx_realm_master_adm_cli; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_realm_master_adm_cli ON public.realm USING btree (master_admin_client); - - --- --- TOC entry 3790 (class 1259 OID 17645) --- Name: idx_realm_supp_local_realm; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_realm_supp_local_realm ON public.realm_supported_locales USING btree (realm_id); - - --- --- TOC entry 3728 (class 1259 OID 17646) --- Name: idx_redir_uri_client; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_redir_uri_client ON public.redirect_uris USING btree (client_id); - - --- --- TOC entry 3838 (class 1259 OID 17647) --- Name: idx_req_act_prov_realm; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_req_act_prov_realm ON public.required_action_provider USING btree (realm_id); - - --- --- TOC entry 3906 (class 1259 OID 17648) --- Name: idx_res_policy_policy; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_res_policy_policy ON public.resource_policy USING btree (policy_id); - - --- --- TOC entry 3903 (class 1259 OID 17649) --- Name: idx_res_scope_scope; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_res_scope_scope ON public.resource_scope USING btree (scope_id); - - --- --- TOC entry 3896 (class 1259 OID 17668) --- Name: idx_res_serv_pol_res_serv; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_res_serv_pol_res_serv ON public.resource_server_policy USING btree (resource_server_id); - - --- --- TOC entry 3886 (class 1259 OID 17669) --- Name: idx_res_srv_res_res_srv; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_res_srv_res_res_srv ON public.resource_server_resource USING btree (resource_server_id); - - --- --- TOC entry 3891 (class 1259 OID 17670) --- Name: idx_res_srv_scope_res_srv; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_res_srv_scope_res_srv ON public.resource_server_scope USING btree (resource_server_id); - - --- --- TOC entry 3978 (class 1259 OID 17893) --- Name: idx_role_attribute; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_role_attribute ON public.role_attribute USING btree (role_id); - - --- --- TOC entry 3879 (class 1259 OID 17822) --- Name: idx_role_clscope; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_role_clscope ON public.client_scope_role_mapping USING btree (role_id); - - --- --- TOC entry 3731 (class 1259 OID 17653) --- Name: idx_scope_mapping_role; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_scope_mapping_role ON public.scope_mapping USING btree (role_id); - - --- --- TOC entry 3909 (class 1259 OID 17654) --- Name: idx_scope_policy_policy; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_scope_policy_policy ON public.scope_policy USING btree (policy_id); - - --- --- TOC entry 3798 (class 1259 OID 17901) --- Name: idx_update_time; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_update_time ON public.migration_model USING btree (update_time); - - --- --- TOC entry 3850 (class 1259 OID 17348) --- Name: idx_us_sess_id_on_cl_sess; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_us_sess_id_on_cl_sess ON public.offline_client_session USING btree (user_session_id); - - --- --- TOC entry 3965 (class 1259 OID 17828) --- Name: idx_usconsent_clscope; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_usconsent_clscope ON public.user_consent_client_scope USING btree (user_consent_id); - - --- --- TOC entry 3736 (class 1259 OID 17355) --- Name: idx_user_attribute; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_user_attribute ON public.user_attribute USING btree (user_id); - - --- --- TOC entry 3737 (class 1259 OID 17942) --- Name: idx_user_attribute_name; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_user_attribute_name ON public.user_attribute USING btree (name, value); - - --- --- TOC entry 3806 (class 1259 OID 17352) --- Name: idx_user_consent; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_user_consent ON public.user_consent USING btree (user_id); - - --- --- TOC entry 3701 (class 1259 OID 17356) --- Name: idx_user_credential; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_user_credential ON public.credential USING btree (user_id); - - --- --- TOC entry 3742 (class 1259 OID 17349) --- Name: idx_user_email; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_user_email ON public.user_entity USING btree (email); - - --- --- TOC entry 3864 (class 1259 OID 17351) --- Name: idx_user_group_mapping; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_user_group_mapping ON public.user_group_membership USING btree (user_id); - - --- --- TOC entry 3755 (class 1259 OID 17357) --- Name: idx_user_reqactions; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_user_reqactions ON public.user_required_action USING btree (user_id); - - --- --- TOC entry 3758 (class 1259 OID 17350) --- Name: idx_user_role_mapping; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_user_role_mapping ON public.user_role_mapping USING btree (user_id); - - --- --- TOC entry 3743 (class 1259 OID 17943) --- Name: idx_user_service_account; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_user_service_account ON public.user_entity USING btree (realm_id, service_account_client_link); - - --- --- TOC entry 3828 (class 1259 OID 17656) --- Name: idx_usr_fed_map_fed_prv; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_usr_fed_map_fed_prv ON public.user_federation_mapper USING btree (federation_provider_id); - - --- --- TOC entry 3829 (class 1259 OID 17657) --- Name: idx_usr_fed_map_realm; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_usr_fed_map_realm ON public.user_federation_mapper USING btree (realm_id); - - --- --- TOC entry 3752 (class 1259 OID 17658) --- Name: idx_usr_fed_prv_realm; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_usr_fed_prv_realm ON public.user_federation_provider USING btree (realm_id); - - --- --- TOC entry 3763 (class 1259 OID 17659) --- Name: idx_web_orig_client; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX idx_web_orig_client ON public.web_origins USING btree (client_id); - - --- --- TOC entry 3738 (class 1259 OID 17966) --- Name: user_attr_long_values; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX user_attr_long_values ON public.user_attribute USING btree (long_value_hash, name); - - --- --- TOC entry 3739 (class 1259 OID 17968) --- Name: user_attr_long_values_lower_case; Type: INDEX; Schema: public; Owner: - --- - -CREATE INDEX user_attr_long_values_lower_case ON public.user_attribute USING btree (long_value_hash_lower_case, name); - - --- --- TOC entry 4022 (class 2606 OID 17084) --- Name: client_session_auth_status auth_status_constraint; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.client_session_auth_status - ADD CONSTRAINT auth_status_constraint FOREIGN KEY (client_session) REFERENCES public.client_session(id); - - --- --- TOC entry 4006 (class 2606 OID 16853) --- Name: identity_provider fk2b4ebc52ae5c3b34; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.identity_provider - ADD CONSTRAINT fk2b4ebc52ae5c3b34 FOREIGN KEY (realm_id) REFERENCES public.realm(id); - - --- --- TOC entry 3999 (class 2606 OID 16783) --- Name: client_attributes fk3c47c64beacca966; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.client_attributes - ADD CONSTRAINT fk3c47c64beacca966 FOREIGN KEY (client_id) REFERENCES public.client(id); - - --- --- TOC entry 4005 (class 2606 OID 16863) --- Name: federated_identity fk404288b92ef007a6; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.federated_identity - ADD CONSTRAINT fk404288b92ef007a6 FOREIGN KEY (user_id) REFERENCES public.user_entity(id); - - --- --- TOC entry 4001 (class 2606 OID 17010) --- Name: client_node_registrations fk4129723ba992f594; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.client_node_registrations - ADD CONSTRAINT fk4129723ba992f594 FOREIGN KEY (client_id) REFERENCES public.client(id); - - --- --- TOC entry 4000 (class 2606 OID 16788) --- Name: client_session_note fk5edfb00ff51c2736; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.client_session_note - ADD CONSTRAINT fk5edfb00ff51c2736 FOREIGN KEY (client_session) REFERENCES public.client_session(id); - - --- --- TOC entry 4009 (class 2606 OID 16893) --- Name: user_session_note fk5edfb00ff51d3472; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.user_session_note - ADD CONSTRAINT fk5edfb00ff51d3472 FOREIGN KEY (user_session) REFERENCES public.user_session(id); - - --- --- TOC entry 3982 (class 2606 OID 16603) --- Name: client_session_role fk_11b7sgqw18i532811v7o2dv76; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.client_session_role - ADD CONSTRAINT fk_11b7sgqw18i532811v7o2dv76 FOREIGN KEY (client_session) REFERENCES public.client_session(id); - - --- --- TOC entry 3991 (class 2606 OID 16608) --- Name: redirect_uris fk_1burs8pb4ouj97h5wuppahv9f; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.redirect_uris - ADD CONSTRAINT fk_1burs8pb4ouj97h5wuppahv9f FOREIGN KEY (client_id) REFERENCES public.client(id); - - --- --- TOC entry 3995 (class 2606 OID 16613) --- Name: user_federation_provider fk_1fj32f6ptolw2qy60cd8n01e8; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.user_federation_provider - ADD CONSTRAINT fk_1fj32f6ptolw2qy60cd8n01e8 FOREIGN KEY (realm_id) REFERENCES public.realm(id); - - --- --- TOC entry 4014 (class 2606 OID 16988) --- Name: client_session_prot_mapper fk_33a8sgqw18i532811v7o2dk89; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.client_session_prot_mapper - ADD CONSTRAINT fk_33a8sgqw18i532811v7o2dk89 FOREIGN KEY (client_session) REFERENCES public.client_session(id); - - --- --- TOC entry 3989 (class 2606 OID 16623) --- Name: realm_required_credential fk_5hg65lybevavkqfki3kponh9v; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.realm_required_credential - ADD CONSTRAINT fk_5hg65lybevavkqfki3kponh9v FOREIGN KEY (realm_id) REFERENCES public.realm(id); - - --- --- TOC entry 4052 (class 2606 OID 17861) --- Name: resource_attribute fk_5hrm2vlf9ql5fu022kqepovbr; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.resource_attribute - ADD CONSTRAINT fk_5hrm2vlf9ql5fu022kqepovbr FOREIGN KEY (resource_id) REFERENCES public.resource_server_resource(id); - - --- --- TOC entry 3993 (class 2606 OID 16628) --- Name: user_attribute fk_5hrm2vlf9ql5fu043kqepovbr; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.user_attribute - ADD CONSTRAINT fk_5hrm2vlf9ql5fu043kqepovbr FOREIGN KEY (user_id) REFERENCES public.user_entity(id); - - --- --- TOC entry 3996 (class 2606 OID 16638) --- Name: user_required_action fk_6qj3w1jw9cvafhe19bwsiuvmd; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.user_required_action - ADD CONSTRAINT fk_6qj3w1jw9cvafhe19bwsiuvmd FOREIGN KEY (user_id) REFERENCES public.user_entity(id); - - --- --- TOC entry 3986 (class 2606 OID 16643) --- Name: keycloak_role fk_6vyqfe4cn4wlq8r6kt5vdsj5c; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.keycloak_role - ADD CONSTRAINT fk_6vyqfe4cn4wlq8r6kt5vdsj5c FOREIGN KEY (realm) REFERENCES public.realm(id); - - --- --- TOC entry 3990 (class 2606 OID 16648) --- Name: realm_smtp_config fk_70ej8xdxgxd0b9hh6180irr0o; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.realm_smtp_config - ADD CONSTRAINT fk_70ej8xdxgxd0b9hh6180irr0o FOREIGN KEY (realm_id) REFERENCES public.realm(id); - - --- --- TOC entry 3987 (class 2606 OID 16663) --- Name: realm_attribute fk_8shxd6l3e9atqukacxgpffptw; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.realm_attribute - ADD CONSTRAINT fk_8shxd6l3e9atqukacxgpffptw FOREIGN KEY (realm_id) REFERENCES public.realm(id); - - --- --- TOC entry 3983 (class 2606 OID 16668) --- Name: composite_role fk_a63wvekftu8jo1pnj81e7mce2; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.composite_role - ADD CONSTRAINT fk_a63wvekftu8jo1pnj81e7mce2 FOREIGN KEY (composite) REFERENCES public.keycloak_role(id); - - --- --- TOC entry 4017 (class 2606 OID 17104) --- Name: authentication_execution fk_auth_exec_flow; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.authentication_execution - ADD CONSTRAINT fk_auth_exec_flow FOREIGN KEY (flow_id) REFERENCES public.authentication_flow(id); - - --- --- TOC entry 4018 (class 2606 OID 17099) --- Name: authentication_execution fk_auth_exec_realm; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.authentication_execution - ADD CONSTRAINT fk_auth_exec_realm FOREIGN KEY (realm_id) REFERENCES public.realm(id); - - --- --- TOC entry 4016 (class 2606 OID 17094) --- Name: authentication_flow fk_auth_flow_realm; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.authentication_flow - ADD CONSTRAINT fk_auth_flow_realm FOREIGN KEY (realm_id) REFERENCES public.realm(id); - - --- --- TOC entry 4015 (class 2606 OID 17089) --- Name: authenticator_config fk_auth_realm; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.authenticator_config - ADD CONSTRAINT fk_auth_realm FOREIGN KEY (realm_id) REFERENCES public.realm(id); - - --- --- TOC entry 3981 (class 2606 OID 16673) --- Name: client_session fk_b4ao2vcvat6ukau74wbwtfqo1; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.client_session - ADD CONSTRAINT fk_b4ao2vcvat6ukau74wbwtfqo1 FOREIGN KEY (session_id) REFERENCES public.user_session(id); - - --- --- TOC entry 3997 (class 2606 OID 16678) --- Name: user_role_mapping fk_c4fqv34p1mbylloxang7b1q3l; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.user_role_mapping - ADD CONSTRAINT fk_c4fqv34p1mbylloxang7b1q3l FOREIGN KEY (user_id) REFERENCES public.user_entity(id); - - --- --- TOC entry 4029 (class 2606 OID 17767) --- Name: client_scope_attributes fk_cl_scope_attr_scope; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.client_scope_attributes - ADD CONSTRAINT fk_cl_scope_attr_scope FOREIGN KEY (scope_id) REFERENCES public.client_scope(id); - - --- --- TOC entry 4030 (class 2606 OID 17757) --- Name: client_scope_role_mapping fk_cl_scope_rm_scope; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.client_scope_role_mapping - ADD CONSTRAINT fk_cl_scope_rm_scope FOREIGN KEY (scope_id) REFERENCES public.client_scope(id); - - --- --- TOC entry 4023 (class 2606 OID 17173) --- Name: client_user_session_note fk_cl_usr_ses_note; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.client_user_session_note - ADD CONSTRAINT fk_cl_usr_ses_note FOREIGN KEY (client_session) REFERENCES public.client_session(id); - - --- --- TOC entry 4002 (class 2606 OID 17752) --- Name: protocol_mapper fk_cli_scope_mapper; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.protocol_mapper - ADD CONSTRAINT fk_cli_scope_mapper FOREIGN KEY (client_scope_id) REFERENCES public.client_scope(id); - - --- --- TOC entry 4045 (class 2606 OID 17611) --- Name: client_initial_access fk_client_init_acc_realm; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.client_initial_access - ADD CONSTRAINT fk_client_init_acc_realm FOREIGN KEY (realm_id) REFERENCES public.realm(id); - - --- --- TOC entry 4043 (class 2606 OID 17559) --- Name: component_config fk_component_config; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.component_config - ADD CONSTRAINT fk_component_config FOREIGN KEY (component_id) REFERENCES public.component(id); - - --- --- TOC entry 4044 (class 2606 OID 17554) --- Name: component fk_component_realm; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.component - ADD CONSTRAINT fk_component_realm FOREIGN KEY (realm_id) REFERENCES public.realm(id); - - --- --- TOC entry 4028 (class 2606 OID 17259) --- Name: realm_default_groups fk_def_groups_realm; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.realm_default_groups - ADD CONSTRAINT fk_def_groups_realm FOREIGN KEY (realm_id) REFERENCES public.realm(id); - - --- --- TOC entry 4021 (class 2606 OID 17119) --- Name: user_federation_mapper_config fk_fedmapper_cfg; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.user_federation_mapper_config - ADD CONSTRAINT fk_fedmapper_cfg FOREIGN KEY (user_federation_mapper_id) REFERENCES public.user_federation_mapper(id); - - --- --- TOC entry 4019 (class 2606 OID 17114) --- Name: user_federation_mapper fk_fedmapperpm_fedprv; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.user_federation_mapper - ADD CONSTRAINT fk_fedmapperpm_fedprv FOREIGN KEY (federation_provider_id) REFERENCES public.user_federation_provider(id); - - --- --- TOC entry 4020 (class 2606 OID 17109) --- Name: user_federation_mapper fk_fedmapperpm_realm; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.user_federation_mapper - ADD CONSTRAINT fk_fedmapperpm_realm FOREIGN KEY (realm_id) REFERENCES public.realm(id); - - --- --- TOC entry 4041 (class 2606 OID 17477) --- Name: associated_policy fk_frsr5s213xcx4wnkog82ssrfy; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.associated_policy - ADD CONSTRAINT fk_frsr5s213xcx4wnkog82ssrfy FOREIGN KEY (associated_policy_id) REFERENCES public.resource_server_policy(id); - - --- --- TOC entry 4039 (class 2606 OID 17462) --- Name: scope_policy fk_frsrasp13xcx4wnkog82ssrfy; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.scope_policy - ADD CONSTRAINT fk_frsrasp13xcx4wnkog82ssrfy FOREIGN KEY (policy_id) REFERENCES public.resource_server_policy(id); - - --- --- TOC entry 4048 (class 2606 OID 17834) --- Name: resource_server_perm_ticket fk_frsrho213xcx4wnkog82sspmt; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.resource_server_perm_ticket - ADD CONSTRAINT fk_frsrho213xcx4wnkog82sspmt FOREIGN KEY (resource_server_id) REFERENCES public.resource_server(id); - - --- --- TOC entry 4031 (class 2606 OID 17678) --- Name: resource_server_resource fk_frsrho213xcx4wnkog82ssrfy; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.resource_server_resource - ADD CONSTRAINT fk_frsrho213xcx4wnkog82ssrfy FOREIGN KEY (resource_server_id) REFERENCES public.resource_server(id); - - --- --- TOC entry 4049 (class 2606 OID 17839) --- Name: resource_server_perm_ticket fk_frsrho213xcx4wnkog83sspmt; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.resource_server_perm_ticket - ADD CONSTRAINT fk_frsrho213xcx4wnkog83sspmt FOREIGN KEY (resource_id) REFERENCES public.resource_server_resource(id); - - --- --- TOC entry 4050 (class 2606 OID 17844) --- Name: resource_server_perm_ticket fk_frsrho213xcx4wnkog84sspmt; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.resource_server_perm_ticket - ADD CONSTRAINT fk_frsrho213xcx4wnkog84sspmt FOREIGN KEY (scope_id) REFERENCES public.resource_server_scope(id); - - --- --- TOC entry 4042 (class 2606 OID 17472) --- Name: associated_policy fk_frsrpas14xcx4wnkog82ssrfy; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.associated_policy - ADD CONSTRAINT fk_frsrpas14xcx4wnkog82ssrfy FOREIGN KEY (policy_id) REFERENCES public.resource_server_policy(id); - - --- --- TOC entry 4040 (class 2606 OID 17457) --- Name: scope_policy fk_frsrpass3xcx4wnkog82ssrfy; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.scope_policy - ADD CONSTRAINT fk_frsrpass3xcx4wnkog82ssrfy FOREIGN KEY (scope_id) REFERENCES public.resource_server_scope(id); - - --- --- TOC entry 4051 (class 2606 OID 17866) --- Name: resource_server_perm_ticket fk_frsrpo2128cx4wnkog82ssrfy; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.resource_server_perm_ticket - ADD CONSTRAINT fk_frsrpo2128cx4wnkog82ssrfy FOREIGN KEY (policy_id) REFERENCES public.resource_server_policy(id); - - --- --- TOC entry 4033 (class 2606 OID 17673) --- Name: resource_server_policy fk_frsrpo213xcx4wnkog82ssrfy; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.resource_server_policy - ADD CONSTRAINT fk_frsrpo213xcx4wnkog82ssrfy FOREIGN KEY (resource_server_id) REFERENCES public.resource_server(id); - - --- --- TOC entry 4035 (class 2606 OID 17427) --- Name: resource_scope fk_frsrpos13xcx4wnkog82ssrfy; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.resource_scope - ADD CONSTRAINT fk_frsrpos13xcx4wnkog82ssrfy FOREIGN KEY (resource_id) REFERENCES public.resource_server_resource(id); - - --- --- TOC entry 4037 (class 2606 OID 17442) --- Name: resource_policy fk_frsrpos53xcx4wnkog82ssrfy; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.resource_policy - ADD CONSTRAINT fk_frsrpos53xcx4wnkog82ssrfy FOREIGN KEY (resource_id) REFERENCES public.resource_server_resource(id); - - --- --- TOC entry 4038 (class 2606 OID 17447) --- Name: resource_policy fk_frsrpp213xcx4wnkog82ssrfy; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.resource_policy - ADD CONSTRAINT fk_frsrpp213xcx4wnkog82ssrfy FOREIGN KEY (policy_id) REFERENCES public.resource_server_policy(id); - - --- --- TOC entry 4036 (class 2606 OID 17432) --- Name: resource_scope fk_frsrps213xcx4wnkog82ssrfy; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.resource_scope - ADD CONSTRAINT fk_frsrps213xcx4wnkog82ssrfy FOREIGN KEY (scope_id) REFERENCES public.resource_server_scope(id); - - --- --- TOC entry 4032 (class 2606 OID 17683) --- Name: resource_server_scope fk_frsrso213xcx4wnkog82ssrfy; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.resource_server_scope - ADD CONSTRAINT fk_frsrso213xcx4wnkog82ssrfy FOREIGN KEY (resource_server_id) REFERENCES public.resource_server(id); - - --- --- TOC entry 3984 (class 2606 OID 16693) --- Name: composite_role fk_gr7thllb9lu8q4vqa4524jjy8; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.composite_role - ADD CONSTRAINT fk_gr7thllb9lu8q4vqa4524jjy8 FOREIGN KEY (child_role) REFERENCES public.keycloak_role(id); - - --- --- TOC entry 4047 (class 2606 OID 17809) --- Name: user_consent_client_scope fk_grntcsnt_clsc_usc; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.user_consent_client_scope - ADD CONSTRAINT fk_grntcsnt_clsc_usc FOREIGN KEY (user_consent_id) REFERENCES public.user_consent(id); - - --- --- TOC entry 4013 (class 2606 OID 16973) --- Name: user_consent fk_grntcsnt_user; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.user_consent - ADD CONSTRAINT fk_grntcsnt_user FOREIGN KEY (user_id) REFERENCES public.user_entity(id); - - --- --- TOC entry 4026 (class 2606 OID 17233) --- Name: group_attribute fk_group_attribute_group; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.group_attribute - ADD CONSTRAINT fk_group_attribute_group FOREIGN KEY (group_id) REFERENCES public.keycloak_group(id); - - --- --- TOC entry 4025 (class 2606 OID 17247) --- Name: group_role_mapping fk_group_role_group; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.group_role_mapping - ADD CONSTRAINT fk_group_role_group FOREIGN KEY (group_id) REFERENCES public.keycloak_group(id); - - --- --- TOC entry 4010 (class 2606 OID 16919) --- Name: realm_enabled_event_types fk_h846o4h0w8epx5nwedrf5y69j; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.realm_enabled_event_types - ADD CONSTRAINT fk_h846o4h0w8epx5nwedrf5y69j FOREIGN KEY (realm_id) REFERENCES public.realm(id); - - --- --- TOC entry 3988 (class 2606 OID 16703) --- Name: realm_events_listeners fk_h846o4h0w8epx5nxev9f5y69j; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.realm_events_listeners - ADD CONSTRAINT fk_h846o4h0w8epx5nxev9f5y69j FOREIGN KEY (realm_id) REFERENCES public.realm(id); - - --- --- TOC entry 4011 (class 2606 OID 16963) --- Name: identity_provider_mapper fk_idpm_realm; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.identity_provider_mapper - ADD CONSTRAINT fk_idpm_realm FOREIGN KEY (realm_id) REFERENCES public.realm(id); - - --- --- TOC entry 4012 (class 2606 OID 17133) --- Name: idp_mapper_config fk_idpmconfig; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.idp_mapper_config - ADD CONSTRAINT fk_idpmconfig FOREIGN KEY (idp_mapper_id) REFERENCES public.identity_provider_mapper(id); - - --- --- TOC entry 3998 (class 2606 OID 16713) --- Name: web_origins fk_lojpho213xcx4wnkog82ssrfy; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.web_origins - ADD CONSTRAINT fk_lojpho213xcx4wnkog82ssrfy FOREIGN KEY (client_id) REFERENCES public.client(id); - - --- --- TOC entry 3992 (class 2606 OID 16723) --- Name: scope_mapping fk_ouse064plmlr732lxjcn1q5f1; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.scope_mapping - ADD CONSTRAINT fk_ouse064plmlr732lxjcn1q5f1 FOREIGN KEY (client_id) REFERENCES public.client(id); - - --- --- TOC entry 4003 (class 2606 OID 16858) --- Name: protocol_mapper fk_pcm_realm; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.protocol_mapper - ADD CONSTRAINT fk_pcm_realm FOREIGN KEY (client_id) REFERENCES public.client(id); - - --- --- TOC entry 3985 (class 2606 OID 16738) --- Name: credential fk_pfyr0glasqyl0dei3kl69r6v0; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.credential - ADD CONSTRAINT fk_pfyr0glasqyl0dei3kl69r6v0 FOREIGN KEY (user_id) REFERENCES public.user_entity(id); - - --- --- TOC entry 4004 (class 2606 OID 17126) --- Name: protocol_mapper_config fk_pmconfig; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.protocol_mapper_config - ADD CONSTRAINT fk_pmconfig FOREIGN KEY (protocol_mapper_id) REFERENCES public.protocol_mapper(id); - - --- --- TOC entry 4046 (class 2606 OID 17794) --- Name: default_client_scope fk_r_def_cli_scope_realm; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.default_client_scope - ADD CONSTRAINT fk_r_def_cli_scope_realm FOREIGN KEY (realm_id) REFERENCES public.realm(id); - - --- --- TOC entry 4024 (class 2606 OID 17168) --- Name: required_action_provider fk_req_act_realm; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.required_action_provider - ADD CONSTRAINT fk_req_act_realm FOREIGN KEY (realm_id) REFERENCES public.realm(id); - - --- --- TOC entry 4053 (class 2606 OID 17874) --- Name: resource_uris fk_resource_server_uris; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.resource_uris - ADD CONSTRAINT fk_resource_server_uris FOREIGN KEY (resource_id) REFERENCES public.resource_server_resource(id); - - --- --- TOC entry 4054 (class 2606 OID 17888) --- Name: role_attribute fk_role_attribute_id; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.role_attribute - ADD CONSTRAINT fk_role_attribute_id FOREIGN KEY (role_id) REFERENCES public.keycloak_role(id); - - --- --- TOC entry 4008 (class 2606 OID 16888) --- Name: realm_supported_locales fk_supported_locales_realm; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.realm_supported_locales - ADD CONSTRAINT fk_supported_locales_realm FOREIGN KEY (realm_id) REFERENCES public.realm(id); - - --- --- TOC entry 3994 (class 2606 OID 16758) --- Name: user_federation_config fk_t13hpu1j94r2ebpekr39x5eu5; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.user_federation_config - ADD CONSTRAINT fk_t13hpu1j94r2ebpekr39x5eu5 FOREIGN KEY (user_federation_provider_id) REFERENCES public.user_federation_provider(id); - - --- --- TOC entry 4027 (class 2606 OID 17240) --- Name: user_group_membership fk_user_group_user; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.user_group_membership - ADD CONSTRAINT fk_user_group_user FOREIGN KEY (user_id) REFERENCES public.user_entity(id); - - --- --- TOC entry 4034 (class 2606 OID 17417) --- Name: policy_config fkdc34197cf864c4e43; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.policy_config - ADD CONSTRAINT fkdc34197cf864c4e43 FOREIGN KEY (policy_id) REFERENCES public.resource_server_policy(id); - - --- --- TOC entry 4007 (class 2606 OID 16868) --- Name: identity_provider_config fkdc4897cf864c4e43; Type: FK CONSTRAINT; Schema: public; Owner: - --- - -ALTER TABLE ONLY public.identity_provider_config - ADD CONSTRAINT fkdc4897cf864c4e43 FOREIGN KEY (identity_provider_id) REFERENCES public.identity_provider(internal_id); - - --- Completed on 2024-04-25 13:54:04 - --- --- PostgreSQL database dump complete --- - diff --git a/deployment/proxy/ProxyNginx.conf b/deployment/proxy/ProxyNginx.conf index d95f428be..501bab53d 100644 --- a/deployment/proxy/ProxyNginx.conf +++ b/deployment/proxy/ProxyNginx.conf @@ -18,9 +18,7 @@ server { # server { # set $app_host $APP_HOST; # set $app_port $APP_PORT; -# listen 8081 ssl; -# ssl_certificate /certifcates/cert.crt; -# ssl_certificate_key /certifcates/key.key; +# listen 8081; # server_name ${APP_HOST}${APP_PORT}; # proxy_pass_header Server; @@ -97,18 +95,16 @@ server { server { set $ms_host $MS_HOST; set $ms_port $MS_PORT; - listen 8082 ssl; - ssl_certificate /certifcates/cert.crt; - ssl_certificate_key /certifcates/key.key; + listen 8082; server_name ${MS_HOST}; proxy_pass_header Server; - add_header X-XSS-Protection "1; mode=block" always; - add_header X-Content-Type-Options nosniff; - add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"; - add_header Referrer-Policy 'strict-origin' always; - add_header Feature-Policy "usb 'none'; xr-spatial-tracking 'none'" always; - add_header Permissions-Policy "geolocation=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=()" always; + # add_header X-XSS-Protection "1; mode=block" always; + # add_header X-Content-Type-Options nosniff; + # add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"; + # add_header Referrer-Policy 'strict-origin' always; + # add_header Feature-Policy "usb 'none'; xr-spatial-tracking 'none'" always; + # add_header Permissions-Policy "geolocation=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=()" always; location /keycloak/ { @@ -121,26 +117,26 @@ server { proxy_set_header X-Forwarded-Server $host; # Fix the “It appears that your reverse proxy set up is broken" error. - proxy_pass https://opendmp.keycloak:8443; + proxy_pass http://opendmp.keycloak:8080; proxy_read_timeout 90; - proxy_redirect http://opendmp.keycloak:8443 https://${MS_HOST}${MS_PORT}/keycloak; + proxy_redirect http://opendmp.keycloak:8080 http://${MS_HOST}${MS_PORT}/keycloak; } - location /elastic/ { + # location /elastic/ { - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_set_header X-Forwarded-Port $server_port; - proxy_set_header X-Forwarded-Host $host; - proxy_set_header X-Forwarded-Server $host; + # proxy_set_header Host $host; + # proxy_set_header X-Real-IP $remote_addr; + # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + # proxy_set_header X-Forwarded-Proto $scheme; + # proxy_set_header X-Forwarded-Port $server_port; + # proxy_set_header X-Forwarded-Host $host; + # proxy_set_header X-Forwarded-Server $host; - # Fix the “It appears that your reverse proxy set up is broken" error. - proxy_pass https://opendmp.kibana:5601; - proxy_read_timeout 90; + # # Fix the “It appears that your reverse proxy set up is broken" error. + # proxy_pass http://opendmp.kibana:5601; + # proxy_read_timeout 90; - proxy_redirect http://opendmp.kibana:5601 https://${MS_HOST}${MS_PORT}/elastic; - } + # proxy_redirect http://opendmp.kibana:5601 http://${MS_HOST}${MS_PORT}/elastic; + # } } diff --git a/deployment/proxy/nginx-selfsigned.crt b/deployment/proxy/nginx-selfsigned.crt deleted file mode 100644 index f9dd482b1..000000000 --- a/deployment/proxy/nginx-selfsigned.crt +++ /dev/null @@ -1,23 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDvzCCAqegAwIBAgIUL9YHiVgQxrFPSGq4nMe6KbMznaowDQYJKoZIhvcNAQEL -BQAwbzELMAkGA1UEBhMCR1IxDzANBgNVBAgMBkF0dGljYTEPMA0GA1UEBwwGQXRo -ZW5zMQwwCgYDVQQKDANOTEcxDjAMBgNVBAsMBU9TRFlFMSAwHgYDVQQDDBdubGct -b3NkeWUubG9jYWwuY2l0ZS5ncjAeFw0yMDExMjcxODMzNTJaFw0yMTExMjcxODMz -NTJaMG8xCzAJBgNVBAYTAkdSMQ8wDQYDVQQIDAZBdHRpY2ExDzANBgNVBAcMBkF0 -aGVuczEMMAoGA1UECgwDTkxHMQ4wDAYDVQQLDAVPU0RZRTEgMB4GA1UEAwwXbmxn -LW9zZHllLmxvY2FsLmNpdGUuZ3IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK -AoIBAQCYsoKFVSg67/NckladOuqFDeJWMYOYa1MhMTCpLL5UksoYM+BiKbWvXmRH -AGZAjIO2sGf6vTFO7SN6LdjCRRqJfS9zQVKHZKUdvfxkGnPaAIqWAwQkM4fFUlZF -e5jsGd7owCoEEFAirJpz53z27Xa0En5CLSI5eLGBqLNz31zi1Rdh5BPLAtgLGEoS -kOhlDXwgGtTmBAS82sXRr51J6DQr5stKsN68+DCwJiY6GU3Kun2Kyl+bepkEtHLM -SOxe5Du3F93kC4TwFckG+JSLrq8neXNbyoBOLYNxPzAGLg9vmD7nX02hFfONdX5p -zeGMD+0oyujL0HtH8nKkv9OtvYP1AgMBAAGjUzBRMB0GA1UdDgQWBBTrvPpWYBX6 -spVt2gpkpDW6yzrBZzAfBgNVHSMEGDAWgBTrvPpWYBX6spVt2gpkpDW6yzrBZzAP -BgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAqfOJiorxiszfKKeD2 -eVda5pBU+qDnUOewRKizAktPm7V+cjM7bTEkmEHQ/oKlsT0FX5nsa8YfZCYgdotd -cDWC9KqYy9itXPESoJIZ/gMJ57v1BaVDly8tHedXEltob9ywrUyf7OF55eP0fWwb -AK90PfnRsxaurVYU5nfI9U/2jpi/LdsEYlJ7zUj7KM/Z2MwPA+be4EqjNcYLT/NB -bavhjLgZNoTkI7wYOJug+ouPn6xJJcj06RS1Q4FxtfrsnAuT+L33HemUludEUE00 -TJwYWJN9hOgbyzTf5EsHxxME1gIhcYLYPMeBr9VIyJxdAEuuDJbn87oOB094sCA+ -nvpp ------END CERTIFICATE----- \ No newline at end of file diff --git a/deployment/proxy/nginx-selfsigned.key b/deployment/proxy/nginx-selfsigned.key deleted file mode 100644 index e86e8f4f8..000000000 --- a/deployment/proxy/nginx-selfsigned.key +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCYsoKFVSg67/Nc -kladOuqFDeJWMYOYa1MhMTCpLL5UksoYM+BiKbWvXmRHAGZAjIO2sGf6vTFO7SN6 -LdjCRRqJfS9zQVKHZKUdvfxkGnPaAIqWAwQkM4fFUlZFe5jsGd7owCoEEFAirJpz -53z27Xa0En5CLSI5eLGBqLNz31zi1Rdh5BPLAtgLGEoSkOhlDXwgGtTmBAS82sXR -r51J6DQr5stKsN68+DCwJiY6GU3Kun2Kyl+bepkEtHLMSOxe5Du3F93kC4TwFckG -+JSLrq8neXNbyoBOLYNxPzAGLg9vmD7nX02hFfONdX5pzeGMD+0oyujL0HtH8nKk -v9OtvYP1AgMBAAECggEAajxoCpPAtaCT1GgL0sBWwdNzETzJrZWd9I3gqRL0KKsn -58bP6fvS5/voEG36thYM3WHGNfDDCYJ7GFolYKPrXpS2Gp3r6T7gkdzIaGzvBVEz -GkNm8jjX0TUDyLvBHSKyr4RitwkSd81WeCUqEDIOUCI9rZTxJsMN3IOetpNEcJt1 -xR2kVuTkQiIs5evQCQ2arqTf/VQFb7FuVTtmrOggsTn33FnrUDujTAAsbEoglgvw -w1A2AYtMdGcrFIsUMJFdECkQGPVeqzKHddi1k1hv3DmOx5Rf4xJCdTL9ZYzbU1lw -ydSAM88UA7MTZWNYCGb4HjqEeDRnMUN/Qbi4f80PgQKBgQDKWLxsCBBgFRoH6nlh -TmBwYOmdQkBE09txpcpAFVZVv3eq/syZnT5+pcyj7EUexhu/p78UHPPkXDfnIKKe -C+7VOEmSM9cPMZU6cqB1x4+YZkyiU1rPD2SG46ZxBBTKsPWauJNvtuhW3K6kwMCT -ECiwG1f9EAmf9q7YKqdXGgUL3QKBgQDBL5WDIRtqHBdIPgHMue/teM+fP8I0/GKV -D3oJjBLE+I7JNp0lpeVhDvqfAL0AgZ5023hjlPobUNtpWyuLufzY6S2Pv1scyM3A -xW/LVXtC7QzdPmhrPxZkHEmRFA1zXdYo0xH4O+KDXVmYuzpIPfgrQkzt1EvP5jxv -tbjY935C+QKBgHZhr+rsVNhBwDb9YQIi3p0gtcyBZCRgZjR5MHiJgzcri5GI/J6q -tlNWIQGOS2oTsUxRkaLsxWvG4BXirAEXLiWkhrZ4icuj0JCfW21M0Z/xycf2SFx3 -vvKD4W6hWqCzIx3f+rITKp8XAT32XzQq8gMGHFY7ucXShryFR93XpTgpAoGALaAF -WaDaDqdvwDoUxrsrNRSRRHUUctsglT/AfLy+OhLR9ieV2axijhexjRfpi1MRj1u+ -BRbMMuNXznwfvrJASyJXBloVNKkgHuUCUC1yHQ5LOX1hv+J4cVBU95Sa0KJaz+15 -kvzhtFC5tl6Rlzo7gEv6SzkWZpVjtKZgb62T/lECgYBr6PyDcGVGc8rbjxugnUnm -rShh7nMRUiTMLpWrucf7Mfr4cwFgejCoEMXPgxJF5Q1acppL0dKQzfmLVqazNX58 -0XM0+fNDIeGyYKAbqtnqfmyI7O/Lb1jXPFuCNujzDxfeJX0yxoo38US4ZCD2iUrW -ZK/FFkm5ncXTenBhpHOANQ== ------END PRIVATE KEY----- \ No newline at end of file