Loading repository data…
Loading repository data…
Marcompiler / repository
Example of full-stack architecture with Spring Boot, Vue 3, PostgreSQL, and Keycloak (SSO, OAuth2, JWT) deployed via Podman - ideal as a tutorial or project base.
This repository is an architecture for developing a complete website with all the necessary elements: a backend, a frontend, a database, and single sign-on.
All using only open source elements/tools (as much as possible).
This project is for anyone who:
The primary goal is to publicly share what I usually do on my own to allow others to be inspired or even motivated to create their own designs.
This repository can serve as a basis for any website project. I hope that its composition corresponds to what you need for your particular case. If you have no specific requirements, I dare say that you have everything you need here to develop your own solution.
I therefore invite you to fork this project or do whatever you like with it as long as it can help/inspire/teach you something.
The architecture is therefore structured as follows:
This diagram assumes that all users have a pre-existing account within the SSO and that the user is attempting to access a "protected" resource (requiring authentication).
When a user attempts to access the website, a series of steps will be triggered to give them the expected result (color code taken from the diagram, not visible on GitHub):
Here I explain how to start the entire architecture so that you can test it directly. If you want to explore it first to understand it and/or get familiar with it, I suggest you first check the roadmap below.
Needless to mention that everything here is for development purposes. For production, you should assign values and deploy elements according to your own infrastructure.
Before you begin, make sure you have installed:
.yml files into run commands.If you haven't already done so, I recommend that you restart your machine once the installation(s) are complete.
The database and single sign-on (SSO) depend on an environment variables file to start. So make sure you create a copy of the .env.*.template file and rename it by removing .template.
This gives:
| Item | Template file | Name of the copy |
|---|---|---|
| Database | .env.database.template | .env.database |
| SSO | .env.sso.template | .env.sso |
Please note that if you modify the values, you must reflect these changes in the configurations that use them:
.env.database are used by the backend in its application.properties and its Podman execution scripts (Linux/Windows)..env.sso are to be used when logging into the SSO web interface as an administrator (default address: http://localhost:8080).Once the copies have been created and renamed, you can then start all the elements of the architecture using the commands below.
Make sure to follow the order of execution.
First of all, some elements of the architecture require Podman/Docker, so make sure that the corresponding machine exists and is started:
podman machine init
podman machine start
In a new terminal, run the following command to start a Postgres container:
cd ./database/podman/
podman compose -f "podman-compose.yml" up -d
In a new terminal, run the following command to start a Keycloak container (for development):
cd ./sso/podman/dev/
podman compose -f "podman-compose.yml" up -d
In a new terminal, go to the backend application directory:
cd backend/app
Start the application using the following commands:
./mvnw clean install
./mvnw spring-boot:run
In a new terminal, go to the frontend application directory:
cd frontend/app
Start the application using the following commands:
npm install
npm run dev
All elements are now started and you can begin testing your website by going to http://localhost:5173. But before that, our SSO is gonna say hello to us, so you must first to create your own users.
Once everything is started, you have to add two users into your Keycloak instance. For that, open your browser and go to its address. By default, it's http://localhost:8080.
When the page is shown, enter the credentials you have set into your own .env.sso (be sure to have created it first !).
Then, go to "Manage Realms" and click on "demo-realm". If it is shown as "Current realm", go to "Users" and create two users by setting those values :
| Parameter Name | Value User 1 | Value User 2 |
|---|---|---|
| Required user actions | None | None |
| Email verified | On | On |
| Username | demo-user | demo-admin |
| demo-user@example.com | demo-admin@example.com | |
| First name | Demo | Demo |
| Last name | User | Admin |
| Groups | demo-users | demo-admins |
Once they are created, go to their "Credentials" and click on "Set password".
For both, set "demo" as their password and set "Temporary" Off.
Only then you can login into the SSO from the frontend's redirection (should be something starting with "http://localhost:8080/realms/demo-realm/protocol/openid-connect/auth[...]").
If you're hesitating to get started, I was in the same situation as you for a long time and I understand. Therefore, I invite you to read the development journey I wrote about this project.
If it can help you feel less alone or even motivate you, I would be delighted.
To get started on this project, I recommend that you first acquire the necessary knowledge to fully understand the concepts discussed here.
I would say that the main concepts you need to know are: