Customization of Keycloak sign-in

4.3. Customization of Keycloak sign-in#

This section describes how to customize the theme for the sign-in form provided by Keycloak, the identity provider in Nubus for Kubernetes. You need the Helm Chart for Nubus, your customized custom_values.yaml deployment file, and the files for customization described in this section.

4.3.1. Theme#

You can customize the following theme elements of Keycloak in Nubus:

  • The theme of the sign-in form including a branding.

  • Additional links at the bottom of the sign-in form.

  • The cookie consent banner.

The sign-in form of Keycloak shares the theme with the Univention Portal. For information about the customization of the portal, see Customization of portal theme.

4.3.3. Apply configuration changes#

To apply and activate the configuration changes, use the following steps:

  1. To apply the updated configuration in your custom_values.yaml deployment file to Nubus, run the commands shown in Listing 4.8.

    Listing 4.8 Apply customization to Nubus#
    $ export NAMESPACE_FOR_NUBUS="Set to your Kubernetes namespace"
    $ export RELEASE_NAME="The Helm Chart release name"
    $ export VERSION="Your version of Nubus"
    $ helm upgrade \
       "$RELEASE_NAME" \
       --namespace="$NAMESPACE_FOR_NUBUS" \
       oci://artifacts.software-univention.de/nubus/charts/nubus \
       --values custom_values.yaml \
       --version "$VERSION"
    
  2. To ensure that Keycloak applies the settings, you must restart the Kubernetes pod for the UMC Gateway, because it serves the required data to Keycloak. Run the commands shown in Listing 4.9.

    Listing 4.9 Restart pod for UMC Gateway to apply customization#
    $ kubectl get pods --namespace "$NAMESPACE_FOR_NUBUS" | grep "umc-gateway"
    $ export NAME_OF_POD="Name of the pod in the output of the previous command."
    $ kubectl delete pod $NAME_OF_POD