Merge pull request 'staging to main' (#2) from staging into main
Reviewed-on: #2 Reviewed-by: muppeth <muppeth@no-reply@disroot.org>
This commit is contained in:
commit
356e03ca92
5 changed files with 160 additions and 0 deletions
11
Playbook/keycloak_docker.yml
Normal file
11
Playbook/keycloak_docker.yml
Normal file
|
@ -0,0 +1,11 @@
|
|||
---
|
||||
|
||||
- hosts: keycloak
|
||||
roles:
|
||||
- docker
|
||||
- keycloak_docker
|
||||
|
||||
vars_files:
|
||||
- ../defaults/main.yml
|
||||
vars:
|
||||
ansible_python_interpreter: /usr/bin/python3
|
63
defaults/main.yml
Normal file
63
defaults/main.yml
Normal file
|
@ -0,0 +1,63 @@
|
|||
---
|
||||
keycloak_compose_dir: '/srv/keycloak-compose'
|
||||
keycloak_image: 'quay.io/keycloak/keycloak'
|
||||
keycloak_version: '25.0.2'
|
||||
keycloak_command: '"start-dev"' # set to "start" to run in production mode
|
||||
keycloak_db_name: 'keycloak'
|
||||
keycloak_db_user: 'keycloak'
|
||||
keycloak_db_password: 'password'
|
||||
keycloak_db_host: 'postgres'
|
||||
keycloak_db_port: '5432'
|
||||
keycloak_docker_postgres: 'true'
|
||||
keycloak_env:
|
||||
- key: 'POSTGRES_VERSION'
|
||||
value: '15.7-alpine'
|
||||
- key: 'KC_DB'
|
||||
value: 'postgres'
|
||||
- key: 'KC_DB_USERNAME'
|
||||
value: '{{ keycloak_db_user }}'
|
||||
- key: 'KC_DB_PASSWORD'
|
||||
value: '{{ keycloak_db_password }}'
|
||||
- key: 'KC_DB_URL'
|
||||
value: '"jdbc:postgresql://{{ keycloak_db_host }}:{{ keycloak_db_port }}/{{ keycloak_db_name }}"'
|
||||
- key: 'KC_METRICS_ENABLED'
|
||||
value: 'true'
|
||||
- key: 'KC_LOG_LEVEL'
|
||||
value: 'INFO'
|
||||
- key: 'KEYCLOAK_ADMIN'
|
||||
value: 'admin'
|
||||
- key: 'KEYCLOAK_ADMIN_PASSWORD'
|
||||
value: 'changeme'
|
||||
# Uncomment and modify below to add HTTPS certificates:
|
||||
### - key: 'KC_HTTPS_CERTIFICATE_FILE'
|
||||
### value: '"/etc/letsencrypt/live/localhost/fullchain.pem"'
|
||||
### - key: 'KC_HTTPS_CERTIFICATE_KEY_FILE'
|
||||
### value: '"/etc/letsencrypt/live/localhost/privkey.pem"'
|
||||
- key: 'KC_HOSTNAME'
|
||||
value: 'http://localhost'
|
||||
env_only: 'true'
|
||||
- key: 'KC_PORT'
|
||||
value: '8080'
|
||||
env_only: 'true'
|
||||
# Uncomment and modify below if you use a proxy
|
||||
### - key: 'KC_PROXY_HEADERS'
|
||||
### value: 'xforwarded'
|
||||
|
||||
keycloak_ports:
|
||||
- '${KC_PORT}:8080'
|
||||
# to disable, add empty 'keycloak_volumes' variable to your host_vars
|
||||
# Below array mounts path directory volume to a mountpoint on the container
|
||||
keycloak_volumes:
|
||||
# - mountpath: '/etc/letsencrypt/live/localhost/'
|
||||
# mountpoint: '/etc/letsencrypt/live/localhost'
|
||||
# perm: 'ro'
|
||||
|
||||
# to disable, add empty 'keycloak_extra_hosts' variable to your host_vars.
|
||||
# Below array adds edditional hosts to /etc/hosts on the docker container
|
||||
keycloak_extra_hosts:
|
||||
# - hostname: 'example.lan'
|
||||
# ip: '192.168.1.123'
|
||||
|
||||
keycloak_apt_list:
|
||||
- python3-docker
|
||||
- docker-compose-plugin
|
26
tasks/main.yml
Normal file
26
tasks/main.yml
Normal file
|
@ -0,0 +1,26 @@
|
|||
---
|
||||
|
||||
- name: '[Install] - Install dependencies'
|
||||
apt:
|
||||
name: '{{ keycloak_apt_list }}'
|
||||
update_cache: yes
|
||||
|
||||
- name: '[Configure] - Create docker compose dir'
|
||||
file:
|
||||
path: '{{ keycloak_compose_dir }}'
|
||||
state: directory
|
||||
|
||||
- name: '[Configure] - Create docker compose file'
|
||||
template:
|
||||
src: 'templates/compose.yml.j2'
|
||||
dest: '{{ keycloak_compose_dir }}/docker-compose.yml'
|
||||
|
||||
- name: '[Configure] - Create keycloak env file'
|
||||
template:
|
||||
src: 'templates/env.j2'
|
||||
dest: '{{ keycloak_compose_dir }}/.env'
|
||||
|
||||
- name: '[RUN DOCKER] - Run docker compose'
|
||||
shell: docker compose up -d
|
||||
args:
|
||||
chdir: '{{ keycloak_compose_dir }}'
|
54
templates/compose.yml.j2
Normal file
54
templates/compose.yml.j2
Normal file
|
@ -0,0 +1,54 @@
|
|||
x-logging: &logging
|
||||
driver: "json-file"
|
||||
options:
|
||||
max-size: "10m"
|
||||
max-file: "3"
|
||||
|
||||
services:
|
||||
{% if keycloak_docker_postgres is defined and keycloak_docker_postgres == 'true' %}
|
||||
postgres:
|
||||
image: postgres:${POSTGRES_VERSION}
|
||||
restart: unless-stopped
|
||||
healthcheck:
|
||||
test: ["CMD", "pg_isready", "-U", "{{ keycloak_db_user }}"]
|
||||
environment:
|
||||
POSTGRES_DB: {{ keycloak_db_name }}
|
||||
POSTGRES_USER: {{ keycloak_db_user }}
|
||||
POSTGRES_PASSWORD: {{ keycloak_db_password }}
|
||||
volumes:
|
||||
- type: tmpfs
|
||||
target: /var/lib/postgresql/data
|
||||
tmpfs:
|
||||
size: 100000000
|
||||
logging: *logging
|
||||
{% endif %}
|
||||
keycloak:
|
||||
image: {{ keycloak_image }}:{{ keycloak_version }}
|
||||
command: [{{ keycloak_command }}]
|
||||
restart: unless-stopped
|
||||
environment:
|
||||
{% for item in keycloak_env %}
|
||||
{% if item.env_only is not defined %}
|
||||
{{ item.key }}: {{ item.value }}
|
||||
{% endif %}
|
||||
{% endfor %}
|
||||
{% if keycloak_ports is defined and keycloak_ports is iterable %}
|
||||
ports:
|
||||
{% for item in keycloak_ports %}
|
||||
- {{ item }}
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
{% if keycloak_volumes is defined and keycloak_volumes is iterable %}
|
||||
volumes:
|
||||
{% for item in keycloak_volumes %}
|
||||
- {{ item.mountpath }}:{{ item.mountpoint }}:{{ item.perm }}
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
logging: *logging
|
||||
{% if keycloak_extra_hosts is defined and keycloak_extra_hosts is iterable %}
|
||||
extra_hosts:
|
||||
{% for item in keycloak_extra_hosts %}
|
||||
- {{ item.hostname }}:{{ item.ip }}
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
|
6
templates/env.j2
Normal file
6
templates/env.j2
Normal file
|
@ -0,0 +1,6 @@
|
|||
# releases: https://github.com/keycloak/keycloak/releases
|
||||
KC_VERSION={{ keycloak_version }}
|
||||
|
||||
{% for item in keycloak_env %}
|
||||
{{ item.key }}={{ item.value }}
|
||||
{% endfor %}
|
Loading…
Reference in a new issue