Skip to content

Keycloak custom theme #35

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
kristianharju wants to merge 11 commits into
base: main
Choose a base branch
from
Open

Keycloak custom theme #35

kristianharju wants to merge 11 commits into from

Conversation

@kristianharju
Copy link
Collaborator

@kristianharju kristianharju commented Jan 21, 2026
edited
Loading

Adds a custom Eumetnet gdpr-theme for Keycloak, which is also packaged as a Docker image for Kubernetes init container deployment.

  • The theme includes a custom login page and a custom terms and conditions page
  • Theme files are also packed in a Docker image
  • Adds Action Workflow to build and publish Docker image for the custom theme
  • The custom login theme can be enabled manually:
    • Realm -> meteogate -> Realm settings -> Themes -> Login theme: gdpr-theme -> Save
  • Required action for custom terms page can be enabled from:
    • Realm -> meteogate -> Authentication -> Required actions -> Terms and Conditions
    • To enable required action for existing user:
      • Users -> <username> -> Required user actions -> Terms and Conditions -> Save
  • Other Keycloak pages still use the default theme

Theme will be deployed as init container in Codecentric Keycloak Helm chart, copying files to shared volume mounted by main Keycloak container.

@kristianharju kristianharju marked this pull request as draft January 22, 2026 13:25
@kristianharju kristianharju marked this pull request as ready for review January 23, 2026 08:48
fjugipe
fjugipe reviewed Jan 23, 2026
View reviewed changes
Copy link
Collaborator

@fjugipe fjugipe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks nice and works really great 👍

I was thinking since we need to use the keycloak-theme provider container in the actual deployment. What if we change the docker-compose.yml to do that aswell?

For example:

add depends_on to the auth service:

  auth:
    image: quay.io/keycloak/keycloak:24.0
    depends_on:
      init-custom-keycloak-themes:
        condition: service_completed_successfully

and change auth volumes to:

    volumes:
      - ./keycloak/config/realm_export/local_dev:/opt/keycloak/data/import
      - ./keycloak/providers:/opt/keycloak/providers/
      - ./keycloak/themes:/opt/keycloak/themes/
      - custom-themes:/opt/keycloak/themes/

add make a new init-custom-keycloak-themes service:

  init-custom-keycloak-themes:
    image: ghcr.io/eumetnet/dev-portal/keycloak-theme:latest
    command: sh -c "cp -R /theme/* /custom-themes/"
    build:
      context: keycloak
    volumes:
      - custom-themes:/custom-themes
    restart: "no"

and a custom-themes volume to the the whole stack:

volumes:
 custom-themes:

Since the manage-services.sh is using -v with ./manage-services remove it will work just like a ephemeral volume in k8 and we can test how we will do it in production.

I know that in this context it is unnecessary complexation of the code, but any thoughts on this?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@fjugipe fjugipe fjugipe left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@kristianharju @fjugipe