Keycloack does not recognize my themes

alvaro.heras · May 24, 2021, 10:36am

Start my openremote in EC2 with the command or deploy.

It seems that the services started correctly and the manager’s custom ui catches it fine.

but the keycloack is not taking my deployment folder, I try to lower the container and activate it again but it does not work for me.

When I inspect the container I get this:

[
{
    "Id": "3745b4be280f30c8ac89a70e3efc5e65b2462a362b42f9b44ba5c324fbbeff69",
    "Created": "2021-05-24T08:16:12.640834676Z",
    "Path": "/opt/jboss/tools/docker-entrypoint.sh",
    "Args": [
        "-b",
        "0.0.0.0"
    ],
    "State": {
        "Status": "running",
        "Running": true,
        "Paused": false,
        "Restarting": false,
        "OOMKilled": false,
        "Dead": false,
        "Pid": 8791,
        "ExitCode": 0,
        "Error": "",
        "StartedAt": "2021-05-24T10:03:20.771229709Z",
        "FinishedAt": "2021-05-24T09:58:57.503237608Z",
        "Health": {
            "Status": "unhealthy",
            "FailingStreak": 46,
            "Log": [
                {
                    "Start": "2021-05-24T10:08:30.079543499Z",
                    "End": "2021-05-24T10:08:33.0797368Z",
                    "ExitCode": -1,
                    "Output": "Health check exceeded timeout (3s)"
                },
                {
                    "Start": "2021-05-24T10:08:36.084507542Z",
                    "End": "2021-05-24T10:08:39.084793303Z",
                    "ExitCode": -1,
                    "Output": "Health check exceeded timeout (3s)"
                },
                {
                    "Start": "2021-05-24T10:08:42.091558199Z",
                    "End": "2021-05-24T10:08:45.091765279Z",
                    "ExitCode": -1,
                    "Output": "Health check exceeded timeout (3s)"
                },
                {
                    "Start": "2021-05-24T10:08:48.096973999Z",
                    "End": "2021-05-24T10:08:51.097173057Z",
                    "ExitCode": -1,
                    "Output": "Health check exceeded timeout (3s)"
                },
                {
                    "Start": "2021-05-24T10:08:54.10298612Z",
                    "End": "2021-05-24T10:08:57.103198357Z",
                    "ExitCode": -1,
                    "Output": "Health check exceeded timeout (3s)"
                }
            ]
        }
    },
    "Image": "sha256:2dbea055ad352076276238fdf4dc1f1ad3cb251370e0a74c6661aac20f001872",
    "ResolvConfPath": "/var/lib/docker/containers/3745b4be280f30c8ac89a70e3efc5e65b2462a362b42f9b44ba5c324fbbeff69/resolv.conf",
    "HostnamePath": "/var/lib/docker/containers/3745b4be280f30c8ac89a70e3efc5e65b2462a362b42f9b44ba5c324fbbeff69/hostname",
    "HostsPath": "/var/lib/docker/containers/3745b4be280f30c8ac89a70e3efc5e65b2462a362b42f9b44ba5c324fbbeff69/hosts",
    "LogPath": "/var/lib/docker/containers/3745b4be280f30c8ac89a70e3efc5e65b2462a362b42f9b44ba5c324fbbeff69/3745b4be280f30c8ac89a70e3efc5e65b2462a362b42f9b44ba5c324fbbeff69-json.log",
    "Name": "/openremote_keycloak_1",
    "RestartCount": 0,
    "Driver": "overlay2",
    "Platform": "linux",
    "MountLabel": "",
    "ProcessLabel": "",
    "AppArmorProfile": "docker-default",
    "ExecIDs": null,
    "HostConfig": {
        "Binds": [
            "/home/ubuntu/myiot/deployment:/deployment:rw"
        ],
        "ContainerIDFile": "",
        "LogConfig": {
            "Type": "json-file",
            "Config": {}
        },
        "NetworkMode": "openremote_private",
        "PortBindings": {},
        "RestartPolicy": {
            "Name": "",
            "MaximumRetryCount": 0
        },
        "AutoRemove": false,
        "VolumeDriver": "",
        "VolumesFrom": [],
        "CapAdd": null,
        "CapDrop": null,
        "CgroupnsMode": "host",
        "Dns": [],
        "DnsOptions": [],
        "DnsSearch": [],
        "ExtraHosts": null,
        "GroupAdd": null,
        "IpcMode": "shareable",
        "Cgroup": "",
        "Links": null,
        "OomScoreAdj": 0,
        "PidMode": "",
        "Privileged": false,
        "PublishAllPorts": false,
        "ReadonlyRootfs": false,
        "SecurityOpt": null,
        "UTSMode": "",
        "UsernsMode": "",
        "ShmSize": 67108864,
        "Runtime": "runc",
        "ConsoleSize": [
            0,
            0
        ],
        "Isolation": "",
        "CpuShares": 0,
        "Memory": 0,
        "NanoCpus": 0,
        "CgroupParent": "",
        "BlkioWeight": 0,
        "BlkioWeightDevice": null,
        "BlkioDeviceReadBps": null,
        "BlkioDeviceWriteBps": null,
        "BlkioDeviceReadIOps": null,
        "BlkioDeviceWriteIOps": null,
        "CpuPeriod": 0,
        "CpuQuota": 0,
        "CpuRealtimePeriod": 0,
        "CpuRealtimeRuntime": 0,
        "CpusetCpus": "",
        "CpusetMems": "",
        "Devices": null,
        "DeviceCgroupRules": null,
        "DeviceRequests": null,
        "KernelMemory": 0,
        "KernelMemoryTCP": 0,
        "MemoryReservation": 0,
        "MemorySwap": 0,
        "MemorySwappiness": null,
        "OomKillDisable": false,
        "PidsLimit": null,
        "Ulimits": null,
        "CpuCount": 0,
        "CpuPercent": 0,
        "IOMaximumIOps": 0,
        "IOMaximumBandwidth": 0,
        "MaskedPaths": [
            "/proc/asound",
            "/proc/acpi",
            "/proc/kcore",
            "/proc/keys",
            "/proc/latency_stats",
            "/proc/timer_list",
            "/proc/timer_stats",
            "/proc/sched_debug",
            "/proc/scsi",
            "/sys/firmware"
        ],
        "ReadonlyPaths": [
            "/proc/bus",
            "/proc/fs",
            "/proc/irq",
            "/proc/sys",
            "/proc/sysrq-trigger"
        ]
    },
    "GraphDriver": {
        "Data": {
            "LowerDir": "/var/lib/docker/overlay2/a3d31b892dc470023b15cea30db840d9d61abc311d472867e9d5d299d2c7b44d-init/diff:/var/lib/docker/overlay2/6bde08a2ebe21b357657201d9d16887fca171cf85453798be50da56eb28d5025/diff:/var/lib/docker/overlay2/3ee1f23c8ca8a56677b5bf09cae3516be589212252ae26ae05c76ced210c3b3b/diff:/var/lib/docker/overlay2/cced57fe34c476def65d3efa6b1f131935a4ccf40bb8080a55d985dd21bc464a/diff:/var/lib/docker/overlay2/cbc62b142c2eb575c6eb4bb09cf10e01ef88473951c7c147b1cbc12b70f73e69/diff:/var/lib/docker/overlay2/74f8232b8981f5b2762d99d389320d51cae3d2276cb38e37892e83c394e6eabb/diff:/var/lib/docker/overlay2/164d7148fa3d56bc05d686b5ad527ed2cdda8b5186c0038fe0e43723b14744d4/diff:/var/lib/docker/overlay2/c7777717fe7587b2d30420ae795c9ed54336662157bda1c124111287c48db20a/diff:/var/lib/docker/overlay2/b61bc5ff0cec040104eafd19fddedee5dfa2ee9ef32e3b64d5f7d7d7a86b8fdb/diff:/var/lib/docker/overlay2/9bda776ad04f9a563937c5df1d8f0d69b34a5d41d3e8d5d5e7a0d74bc6b1fd51/diff:/var/lib/docker/overlay2/ca2abb9e3cfbe6ea21df4a1983a46b3d9285af12dce687615d96b389d8af4ffa/diff:/var/lib/docker/overlay2/2d8d9ac79af28cfc51268414ae71f71b99ede68517127df60d0929d9dc5f7183/diff",
            "MergedDir": "/var/lib/docker/overlay2/a3d31b892dc470023b15cea30db840d9d61abc311d472867e9d5d299d2c7b44d/merged",
            "UpperDir": "/var/lib/docker/overlay2/a3d31b892dc470023b15cea30db840d9d61abc311d472867e9d5d299d2c7b44d/diff",
            "WorkDir": "/var/lib/docker/overlay2/a3d31b892dc470023b15cea30db840d9d61abc311d472867e9d5d299d2c7b44d/work"
        },
        "Name": "overlay2"
    },
    "Mounts": [
        {
            "Type": "bind",
            "Source": "/home/ubuntu/myiot/deployment",
            "Destination": "/deployment",
            "Mode": "rw",
            "RW": true,
            "Propagation": "rprivate"
        }
    ],
    "Config": {
        "Hostname": "3745b4be280f",
        "Domainname": "",
        "User": "1000",
        "AttachStdin": false,
        "AttachStdout": false,
        "AttachStderr": false,
        "ExposedPorts": {
            "8080/tcp": {}
        },
        "Tty": false,
        "OpenStdin": false,
        "StdinOnce": false,
        "Env": [
            "KEYCLOAK_PASSWORD=secret",
            "KEYCLOAK_FRONTEND_URL=https://myiot.es/auth",
            "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
            "container=oci",
            "KEYCLOAK_VERSION=12.0.1",
            "JDBC_POSTGRES_VERSION=42.2.5",
            "JDBC_MYSQL_VERSION=8.0.22",
            "JDBC_MARIADB_VERSION=2.5.4",
            "JDBC_MSSQL_VERSION=8.2.2.jre11",
            "LAUNCH_JBOSS_IN_BACKGROUND=1",
            "JBOSS_HOME=/opt/jboss/keycloak",
            "LANG=en_US.UTF-8",
            "DB_VENDOR=postgres",
            "DB_ADDR=postgresql",
            "DB_PORT=5432",
            "DB_DATABASE=openremote",
            "DB_USER=postgres",
            "DB_PASSWORD=postgres",
            "DB_SCHEMA=public",
            "KEYCLOAK_USER=admin",
            "PROXY_ADDRESS_FORWARDING=true",
            "TZ=Europe/Amsterdam"
        ],
        "Cmd": [
            "-b",
            "0.0.0.0"
        ],
        "Healthcheck": {
            "Test": [
                "CMD",
                "curl",
                "--fail",
                "--silent",
                "http://myiot.es:8080/auth"
            ],
            "Interval": 3000000000,
            "Timeout": 3000000000,
            "StartPeriod": 60000000000,
            "Retries": 30
        },
        "Image": "openremote/keycloak:12.0.1.1",
        "Volumes": {
            "/deployment": {}
        },
        "WorkingDir": "",
        "Entrypoint": [
            "/opt/jboss/tools/docker-entrypoint.sh"
        ],
        "OnBuild": null,
        "Labels": {
            "architecture": "x86_64",
            "build-date": "2021-04-14T21:02:42.814986",
            "com.docker.compose.config-hash": "c2014653651c905def7267c759abf25a002c8077a2fe0369af2130f0d28d7ec8",
            "com.docker.compose.container-number": "1",
            "com.docker.compose.oneoff": "False",
            "com.docker.compose.project": "openremote",
            "com.docker.compose.project.config_files": "mvp-docker-compose.yml",
            "com.docker.compose.project.working_dir": "/home/ubuntu/myiot",
            "com.docker.compose.service": "keycloak",
            "com.docker.compose.version": "1.25.0",
            "com.redhat.build-host": "cpt-1002.osbs.prod.upshift.rdu2.redhat.com",
            "com.redhat.component": "ubi8-minimal-container",
            "com.redhat.license_terms": "https://www.redhat.com/en/about/red-hat-end-user-license-agreements#UBI",
            "description": "The Universal Base Image Minimal is a stripped down image that uses microdnf as a package manager. This base image is freely redistributable, but Red Hat only supports Red Hat technologies through subscriptions for Red Hat products. This image is maintained by Red Hat and updated regularly.",
            "distribution-scope": "public",
            "git-commit": "04855b12b86a272aab2c09274cef8475518ca2a0",
            "io.k8s.description": "The Universal Base Image Minimal is a stripped down image that uses microdnf as a package manager. This base image is freely redistributable, but Red Hat only supports Red Hat technologies through subscriptions for Red Hat products. This image is maintained by Red Hat and updated regularly.",
            "io.k8s.display-name": "Red Hat Universal Base Image 8 Minimal",
            "io.openshift.expose-services": "",
            "io.openshift.tags": "minimal rhel8",
            "maintainer": "Red Hat, Inc.",
            "name": "ubi8-minimal",
            "release": "298.1618432845",
            "summary": "Provides the latest release of the minimal Red Hat Universal Base Image 8.",
            "url": "https://access.redhat.com/containers/#/registry.access.redhat.com/ubi8-minimal/images/8.3-298.1618432845",
            "vcs-ref": "f53dab37c7541dd0080f410727c5886e85c09ee7",
            "vcs-type": "git",
            "vendor": "Red Hat, Inc.",
            "version": "8.3"
        }
    },
    "NetworkSettings": {
        "Bridge": "",
        "SandboxID": "c44bd6bd3631cd832d15ce46c29253c9091c5c01b840eb27d91c752586139c88",
        "HairpinMode": false,
        "LinkLocalIPv6Address": "",
        "LinkLocalIPv6PrefixLen": 0,
        "Ports": {
            "8080/tcp": null
        },
        "SandboxKey": "/var/run/docker/netns/c44bd6bd3631",
        "SecondaryIPAddresses": null,
        "SecondaryIPv6Addresses": null,
        "EndpointID": "",
        "Gateway": "",
        "GlobalIPv6Address": "",
        "GlobalIPv6PrefixLen": 0,
        "IPAddress": "",
        "IPPrefixLen": 0,
        "IPv6Gateway": "",
        "MacAddress": "",
        "Networks": {
            "openremote_private": {
                "IPAMConfig": {
                    "IPv4Address": "10.0.1.4"
                },
                "Links": null,
                "Aliases": [
                    "keycloak",
                    "3745b4be280f"
                ],
                "NetworkID": "myip8x5s6wmde6qst1y495q4p",
                "EndpointID": "a14a3e671956ecb825c50c2920e400eeb97268a50827765452b616827442ce67",
                "Gateway": "",
                "IPAddress": "10.0.1.4",
                "IPPrefixLen": 24,
                "IPv6Gateway": "",
                "GlobalIPv6Address": "",
                "GlobalIPv6PrefixLen": 0,
                "MacAddress": "02:42:0a:00:01:04",
                "DriverOpts": null
            },
            "openremote_public": {
                "IPAMConfig": {
                    "IPv4Address": "10.0.2.2"
                },
                "Links": null,
                "Aliases": [
                    "keycloak",
                    "3745b4be280f"
                ],
                "NetworkID": "r89j4qoxjzkw25g3liejir9g7",
                "EndpointID": "b8a690d67eb80187746e5abe632e864fa5fb29973cecedf3bb67ac4347fbae95",
                "Gateway": "",
                "IPAddress": "10.0.2.2",
                "IPPrefixLen": 24,
                "IPv6Gateway": "",
                "GlobalIPv6Address": "",
                "GlobalIPv6PrefixLen": 0,
                "MacAddress": "02:42:0a:00:02:02",
                "DriverOpts": null
            }
        }
    }
}

]

Nor can I find the folder on my server where you are getting the themes from. Inside my deployment folder I have my keycloack / themes folder

My mvp-docker-compose.yml file is this:

    # OpenRemote v3
#
# Profile that runs the vanilla stack on https://localhost using a self-signed SSL certificate,
# with username 'admin' and password 'secret'. There is no map data available in the vanilla
# system so the map tile server will not function. Persistent data is stored in a docker
# volume called postgresql-data between restarts, simply delete this volume to reset the
# system to an empty state.
#
# Please see profile/deploy.yml for configuration details for each service.
#
version: "3.7"

networks:
  public:
    driver: overlay
    driver_opts:
      encrypted: "true"
  private:
    driver: overlay
    driver_opts:
      encrypted: "true"
    attachable: false

volumes:
  proxy-data:
  postgresql-data:
  deployment-data:

services:
  proxy:
    image: openremote/proxy:${PROXY_VERSION:-2.1.2.2}
    networks:
      - public
      - private
    depends_on:
      - manager
    healthcheck:
      interval: 3s
      timeout: 3s
      start_period: 2s
      retries: 3
      test: ["CMD", "curl", "--fail", "--silent", "http://myiot.es:80"]
    ports:
      - "80:80"
      - "443:443"
      - "8883:8883"
    volumes:
      - proxy-data:/deployment
    deploy:
      replicas: 1
      restart_policy:
        delay: 10s
        window: 30s
      update_config:
        failure_action: rollback
        order: start-first
        delay: 30m
    environment:
      DOMAINNAME: ${DOMAINNAME:-myiot.es}
      LE_EMAIL: admin@${DOMAINNAME}

  manager:
    image: openremote/manager:${MANAGER_VERSION:-latest}
    networks:
      - private
    depends_on:
      - keycloak
    healthcheck:
      interval: 3s
      timeout: 3s
      start_period: 2s
      retries: 120
      test: ["CMD", "curl", "--fail", "--silent", "http://myiot.es:8080"]
    volumes:
      - ./deployment:/deployment
    deploy:
      replicas: 1
      update_config:
        failure_action: rollback
        order: start-first
        delay: 10s
    environment:
      SETUP_ADMIN_PASSWORD: ${PASSWORD:-secret}
      IDENTITY_NETWORK_HOST: ${IDENTITY_NETWORK_HOST:-myiot.es}
      SETUP_EMAIL_HOST: ${EMAIL_HOST:-email-smtp.eu-west-1.amazonaws.com}
      SETUP_EMAIL_USER: ${EMAIL_USER}
      SETUP_EMAIL_PASSWORD: ${EMAIL_PASSWORD}
      SETUP_EMAIL_PORT: ${SETUP_EMAIL_PORT:-587}
      SETUP_EMAIL_FROM_KEYCLOAK: no-reply@${DOMAINNAME}
      SETUP_EMAIL_FROM_DEFAULT: admin@${DOMAINNAME}

  keycloak:
    image: openremote/keycloak:${KEYCLOAK_VERSION:-12.0.1.1}
    networks:
      - public
      - private
    depends_on:
      - postgresql
    healthcheck:
      test: ["CMD", "curl", "--fail", "--silent", "http://myiot.es:8080/auth"]
      interval: 3s
      timeout: 3s
      start_period: 60s
      retries: 30
    deploy:
      replicas: 1
      update_config:
        failure_action: rollback
        order: start-first
        delay: 10m
    volumes:
      - ./deployment:/deployment
    environment:
      KEYCLOAK_PASSWORD: ${PASSWORD:-secret}
      KEYCLOAK_FRONTEND_URL: "https://${IDENTITY_NETWORK_HOST:-myiot.es}/auth"

  postgresql:
    image: openremote/postgresql:${POSTGRESQL_VERSION:-9.6.21.0}
    networks:
      - private
    healthcheck:
      interval: 3s
      timeout: 3s
      start_period: 2s
      retries: 30
      test: ["CMD", "gosu", "postgres", "pg_isready"]
    deploy:
      replicas: 1
      update_config:
        failure_action: rollback
        order: start-first
        delay: 20m
    volumes:
      - postgresql-data:/var/lib/postgresql/data

I’ve tried clearing the image and container from keycloack and trying again to generate it from my yml but it didn’t work either. Any idea what I may be doing wrong? Thank you

michal · May 24, 2021, 11:05am

I see that the keycloack container is unhealthy. Do you see the same with docker ps? Anyway, the best to check why container is unhealthy is to look at its logs with docker logs ... or even with docker-compose logs.

One thing that comes to mind is, because keycloack is based on RedHat’s image, and RedHat doesn’t use root user due to OpenShift restrictions you might have file assess problem with your local dirs.

alvaro.heras · May 24, 2021, 11:48am

If my keycloack container is Unhealthy, can this be the problem? The same thing happens with my manager container but it identifies the changes in deployment.

Could you run the or deploy command again?

Thanks greetings

alvaro.heras · May 24, 2021, 12:29pm

I think I get unhealthy for not using docker stack deploy, and being using docker-compose for my containers. The truth is I am a bit lost in the use of this. You should still delete what is installed and start a or deploy again.

When I run the wigglers I do them with this command:

docker-compose --compatibility -f mvp-docker-compose.yml -p openremote up -d

michal · May 24, 2021, 1:59pm

Actually no. docker stack deploy is meant for Docker swarm and there you cannot map host folders into docker volumes. Therefore docker-compose is OK in your situation, and the command you are using is OK. However, in case you’ve mixed deployment commands theere is a chance that it got corrupted somehow. There is no need to or deploy again, just do the following commands:

docker-compose -f mvp-docker-compose.yml -p openremote down
docker system prune
docker-compose -f mvp-docker-compose.yml -p openremote up -d

Note that I’ve skipped the --compatibility flag as it is not needed here. Just ignore the warnings. After this all your containers should be healthy.

michal · May 24, 2021, 2:05pm

This can be explained by the fact that manager container’s user is root and keycloak’s is 1000 (ubuntu if you’ve created the EC2 instance with our CloudFormation. In any case, please run:

docker-compose -f mvp-docker-compose.yml -p openremote logs

and see if you can spot some problems there. Especially, look for file reading errors.

Rich · May 24, 2021, 3:18pm

Not followed all of the above but this post might help with custom project setup; I’ll keep an eye on discussions here and can make any sensible updates required to our custom project template etc.

amitabhakolkar · May 25, 2021, 7:05am

At the outset, huge applause for the documentation on custom projects and template repo.

I followed these steps, GitHub - openremote/custom-project: Template repo for creating an OpenRemote custom project

Get this error:

$ echo $DEPLOYMENT_VERSION
71172e7ee

$ echo $MANAGER_VERSION
71172e7ee

$ cd …

$ MANAGER_VERSION=$MANAGER_VERSION DEPLOYMENT_VERSION=$DEPLOYMENT_VERSION EMAIL=admin@noreply.com PASSWORD=secret DEPLOYMENT_HOST=localhost sudo docker-compose -p custom up -d

ERROR: Missing mandatory value for “image” option interpolating openremote/custom-deployment:${DEPLOYMENT_VERSION?DEPLOYMENT_VERSION must be set} in service “deployment”: DEPLOYMENT_VERSION must be set

Could you help me understand, what am i doing wrong ?

Rich · May 25, 2021, 7:58am

That’s strange it doesn’t seem to be picking up the variables you are supplying…the syntax provided is for bash style terminals if you are using command prompt then you need to supply variables using set, all our docs use bash syntax and would recommend using git bash or similar on windows.

I wouldn’t expect your DEPLOYMENT_VERSION and MANAGER_VERSION variables to have the same value, I only recommend using the git commit sha as it provides great traceability in terms of what version of the code your docker images are using but you can use any tag value(s) you wish.

amitabhakolkar · May 25, 2021, 8:17am

Am using Ubuntu Server,

$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 20.04.2 LTS
Release: 20.04
Codename: focal

michal · May 25, 2021, 8:21am

Why is that? They use exactly the same command in the template README.

alvaro.heras · May 25, 2021, 8:21am

It seems to be corrupted as I apply the commands and it is still unhealthy

I’m going to try to start over with the custom project that Rico indicated

Here the log of the keycloack warns

    keycloak_1    | 10:10:01,043 WARN  [org.jboss.as.server.deployment] (MSC service thread 1-3) WFLYSRV0273: Excluded subsystem webservices via jboss-deployment-structure.xml does not exist.
keycloak_1    | 10:10:02,230 INFO  [org.keycloak.services] (ServerService Thread Pool -- 64) KC-SERVICES0001: Loading config from standalone.xml or domain.xml
keycloak_1    | 10:10:02,725 INFO  [org.keycloak.url.DefaultHostnameProviderFactory] (ServerService Thread Pool -- 64) Frontend: https://myiot.es/auth, Admin: <frontend>, Backend: <request>
keycloak_1    | 10:10:02,807 WARN  [org.keycloak.services] (ServerService Thread Pool -- 64) KC-SERVICES0047: openremote-custom-folder (org.openremote.keycloak.theme.CustomThemeProviderFactory) is implementing the internal SPI theme. This SPI is internal and may change without notice
keycloak_1    | 10:10:03,229 WARN  [org.infinispan.encoding.impl.StorageConfigurationManager] (ServerService Thread Pool -- 64) ISPN000599: Configuration for cache 'realmRevisions' does not define the encoding for keys or values. If you use operations that require data conversion or queries, you should configure the cache with a specific MediaType for keys or values.
keycloak_1    | 10:10:03,251 INFO  [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 64) WFLYCLINF0002: Started realmRevisions cache from keycloak container
keycloak_1    | 10:10:03,257 WARN  [org.infinispan.encoding.impl.StorageConfigurationManager] (ServerService Thread Pool -- 64) ISPN000599: Configuration for cache 'userRevisions' does not define the encoding for keys or values. If you use operations that require data conversion or queries, you should configure the cache with a specific MediaType for keys or values.
keycloak_1    | 10:10:03,264 INFO  [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 64) WFLYCLINF0002: Started userRevisions cache from keycloak container
keycloak_1    | 10:10:03,267 WARN  [org.infinispan.encoding.impl.StorageConfigurationManager] (ServerService Thread Pool -- 64) ISPN000599: Configuration for cache 'authorizationRevisions' does not define the encoding for keys or values. If you use operations that require data conversion or queries, you should configure the cache with a specific MediaType for keys or values.

Thanks

michal · May 25, 2021, 8:55am

This is just a short extract from the log file. For a diagnosis what is going on I would need the complete log. You can gzip it and upload here. If you cannot upload the please email it to support@openremote.io. After gzipping he log should be smaller than 200K.

alvaro.heras · May 25, 2021, 9:35am

I sent you the log that is showing me, I keep trying to solve but not successfully. thanks for your help

Rich · May 25, 2021, 9:55am

My bad README is wrong should be:

MANAGER_VERSION=$(cd openremote; git rev-parse --short HEAD; cd ..)

Which gets the short sha of the openremote submodule…will update template README.

amitabhakolkar · May 25, 2021, 10:12am

Thanks. This fixes the sha value.

But the variable values are still not being picked up on Ubuntu command line. I tried with export as well. Get the same error,

$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 20.04.2 LTS
Release: 20.04
Codename: focal

$ bash --version
GNU bash, version 5.0.17(1)-release (x86_64-pc-linux-gnu)

$ echo $MANAGER_VERSION
71172e7ee

$ echo $DEPLOYMENT_VERSION
b901cdc

$ MANAGER_VERSION=$MANAGER_VERSION DEPLOYMENT_VERSION=$DEPLOYMENT_VERSION EMAIL=admin@noreply.com PASSWORD=secret DEPLOYMENT_HOST=localhost sudo docker-compose -p custom up

ERROR: Missing mandatory value for “image” option interpolating openremote/custom-deployment:${DEPLOYMENT_VERSION?DEPLOYMENT_VERSION must be set} in service “deployment”: DEPLOYMENT_VERSION must be set

michal · May 25, 2021, 10:19am

Thank you for the log file. It seems good and I’m puzzled why you are observing unhealthy containers. All seems OK. Anyway, I’ve never tried to customise keycloak’s theme myself and I’m afraid that my knowledge ends here. Perhaps @Don and @Rich can help you further. In all my custom deployments ./deployment/keycloak/themes/ folder is empty, therefore it always uses the default theme. Can you show what you have there? It should contain something like this:

$ ls -l ./deployment/keycloak/themes/master/login/
total 36
-rwxr-xr-x 1 root root  554 May 10 07:35 error.ftl
-rwxr-xr-x 1 root root 3936 May 10 07:35 login.ftl
-rwxr-xr-x 1 root root 1425 May 10 07:35 login-reset-password.ftl
drwxr-xr-x 2 root root 4096 May 10 07:42 messages
-rwxr-xr-x 1 root root 4003 May 10 07:35 register.ftl
drwxr-xr-x 5 root root 4096 May 10 07:42 resources
-rwxr-xr-x 1 root root 5590 May 10 07:35 template.ftl
-rwxr-xr-x 1 root root   36 May 10 07:35 theme.properties

alvaro.heras · May 25, 2021, 10:34am

Thanks @michal for the help.

That folder “master” does not exist for me.

Do you think you are going to look there for the files?

My folders in themes are:

./deployment/keycloak/themes/keycloack
./deployment/keycloak/themes/openremote
./deployment/keycloak/themes/base

Why are you referring to this master folder?

Greetings

michal · May 25, 2021, 10:48am

master is the realm name. As far as I understand every realm can have a different theme. But again, I’m novice here and never done it myself. Your folder structure is definitively different. Maybe I’m referring to the old code, so better I stop here to avoid confusion. Appreciate if @Rich can comment here.

Rich · May 25, 2021, 11:28am

To give some explanation of how Keycloak themes work, the theme used can be set for each realm, by default our system configures each realm to use the openremote theme, this theme is baked into our keycloak docker image.

To change the theme used by a realm using the UI you will need to use the keycloak admin UI /auth as our Manager UI Realms page doesn’t expose this - I will create an issue to change this.

The theme specified is then looked for in the /deployment/keycloak/themes dir of the keycloak container and if it cannot be found then the system falls back to using the openremote theme.