diff --git a/.gitea/workflows/prod.yml b/.gitea/workflows/prod.yml
new file mode 100644
index 0000000..2dcb460
--- /dev/null
+++ b/.gitea/workflows/prod.yml
@@ -0,0 +1,44 @@
+name: deploy
+
+on:
+ push:
+ branches: [ main ]
+
+jobs:
+ release-image:
+ runs-on: act-runner-user
+ env:
+ DOCKER_ORG: gcg
+ DOCKER_LATEST: latest
+ steps:
+ - name: Checkout
+ uses: https://github.com/actions/checkout@v4
+
+ - name: Build
+ run: |
+ mvn package
+
+ - name: Remove old version
+ run: |
+ rm -rf /opt/data/keycloak/providers/spring-security-crypto-*.jar
+ rm -rf /opt/data/keycloak/providers/keycloak-mailcow-*.jar
+
+ - name: Deploy
+ run: |
+ export SPRINGSEC_VERSION=$(xmlstarlet sel -N x="http://maven.apache.org/POM/4.0.0" -t -m 'x:project/x:properties/x:version.springsec' -v . pom.xml)
+ curl -sL --output \
+ https://repo1.maven.org/maven2/org/springframework/security/spring-security-crypto/$SPRINGSEC_VERSION/spring-security-crypto-$SPRINGSEC_VERSION.jar
+ /opt/data/keycloak/providers/spring-security-crypto-$SPRINGSEC_VERSION.jar
+ export SPI_VERSION=$(xmlstarlet sel -N x="http://maven.apache.org/POM/4.0.0" -t -m 'x:project/x:version' -v . pom.xml)
+ cp -r target/keycloak-mailcow-$KEYCLOAK_VERSION.jar /opt/data/keycloak/providers/keycloak-mailcow-$KEYCLOAK_VERSION.jar
+
+ - name: Notification
+ uses: actions/telegram-action@main
+ if: always()
+ with:
+ chat_id: ${{ secrets.TG_CHAT_ID }}
+ token: ${{ secrets.TG_TOKEN }}
+
+ - name: Trigger Stack Webhook
+ run: |
+ curl -X POST https://docker.cantorgymnasium.de/api/stacks/webhooks/7f03c15f-dcf2-47cf-938e-6502b8520923
\ No newline at end of file
diff --git a/README.md b/README.md
index ab81a6f..628cd5d 100644
--- a/README.md
+++ b/README.md
@@ -1,3 +1,13 @@
# keycloak-mailcow
-Keycloak User Storage Provider for mailcow
\ No newline at end of file
+Keycloak User Storage SPI for mailcow
+
+Connects to a mailcow MariaDB database and uses the `username` and `password` columns of the `mailbox` table for authentication.
+
+Currently, only BCrypt-hashed passwords are supported.
+
+## References
+
+- https://www.baeldung.com/java-keycloak-custom-user-providers
+- https://github.com/mailcow/mailcow-dockerized/blob/master/data/web/inc/functions.inc.php
+- https://www.keycloak.org/docs/latest/server_development/index.html#_user-storage-spi
\ No newline at end of file
diff --git a/pom.xml b/pom.xml
index 5204009..2599c6f 100644
--- a/pom.xml
+++ b/pom.xml
@@ -3,16 +3,17 @@
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
Keycloak mailcow
-
+ Connect to mailcow database for authentication
4.0.0
de.cantorgymnasium
keycloak-mailcow
- 0.0.2
+ 1.0.0
jar
23.0.1
+ 6.2.1
@@ -54,7 +55,7 @@
org.springframework.security
spring-security-crypto
- 6.2.1
+ ${version.springsec}