initial commit

This commit is contained in:
muppeth 2024-07-17 12:03:26 +02:00
parent f94d9dac12
commit 4ce8ce15f8
Signed by: muppeth
GPG key ID: 0EBC7B9848D04031
5 changed files with 157 additions and 0 deletions

View file

@ -0,0 +1,11 @@
---
- hosts: keycloak
roles:
- docker
- keycloak_docker
vars_files:
- ../defaults/main.yml
vars:
ansible_python_interpreter: /usr/bin/python3

60
defaults/main.yml Normal file
View file

@ -0,0 +1,60 @@
---
keycloak_compose_dir: '/srv/keycloak-compose'
keycloak_image: 'quay.io/keycloak/keycloak'
keycloak_version: '25.0.1'
keycloak_command: '"start-dev"' # set to "start" to run in production mode
keycloak_db_name: 'keycloak'
keycloak_db_user: 'keycloak'
keycloak_db_password: 'password'
keycloak_db_host: 'postgres'
keycloak_db_port: '5432'
keycloak_docker_postgres: 'true'
keycloak_env:
- key: 'POSTGRES_VERSION'
value: '15.7-alpine'
- key: 'KC_DB'
value: 'postgres'
- key: 'KC_DB_USERNAME'
value: '{{ keycloak_db_user }}'
- key: 'KC_DB_PASSWORD'
value: '{{ keycloak_db_password }}'
- key: 'KC_DB_URL'
value: '"jdbc:postgresql://{{ keycloak_db_host }}:{{ keycloak_db_port }}/{{ keycloak_db_name }}"'
- key: 'KC_METRICS_ENABLED'
value: 'true'
- key: 'KC_LOG_LEVEL'
value: 'INFO'
- key: 'KEYCLOAK_ADMIN'
value: 'admin'
- key: 'KEYCLOAK_ADMIN_PASSWORD'
value: 'admin'
# Uncomment and modify below to add HTTPS certificates:
### - key: 'KC_HTTPS_CERTIFICATE_FILE'
### value: '"/etc/letsencrypt/live/localhost/fullchain.pem"'
### - key: 'KC_HTTPS_CERTIFICATE_KEY_FILE'
### value: '"/etc/letsencrypt/live/localhost/privkey.pem"'
- key: 'KC_HOSTNAME'
value: 'http://localhost'
env_only: 'true'
- key: 'KC_PORT'
value: '8080'
env_only: 'true'
keycloak_ports:
- '${KC_PORT}:8080'
# to disable, add empty 'keycloak_volumes' variable to your host_vars
# Below array mounts path directory volume to a mountpoint on the container
keycloak_volumes:
# - mountpath: '/etc/letsencrypt/live/localhost/'
# mountpoint: '/etc/letsencrypt/live/localhost'
# perm: 'ro'
# to disable, add empty 'keycloak_extra_hosts' variable to your host_vars.
# Below array adds edditional hosts to /etc/hosts on the docker container
keycloak_extra_hosts:
# - hostname: 'example.lan'
# ip: '192.168.1.123'
keycloak_apt_list:
- python3-docker
- docker-compose-plugin

26
tasks/main.yml Normal file
View file

@ -0,0 +1,26 @@
---
- name: '[Install] - Install dependencies'
apt:
name: '{{ keycloak_apt_list }}'
update_cache: yes
- name: 'Configure] - Create docker compose dir'
file:
path: '{{ keycloak_compose_dir }}'
state: directory
- name: '[Configure] - Create docker compose file'
template:
src: 'templates/compose.yml.j2'
dest: '{{ keycloak_compose_dir }}/docker-compose.yml'
- name: '[Configure] - Create kecloak env file'
template:
src: 'templates/env.j2'
dest: '{{ keycloak_compose_dir }}/.env'
- name: '[RUN DOCKER] - Run docker compose'
shell: docker compose up -d
args:
chdir: '{{ keycloak_compose_dir }}'

54
templates/compose.yml.j2 Normal file
View file

@ -0,0 +1,54 @@
x-logging: &logging
driver: "json-file"
options:
max-size: "10m"
max-file: "3"
services:
{% if keycloak_docker_postgres is defined and keycloak_docker_postgres == 'true' %}
postgres:
image: postgres:${POSTGRES_VERSION}
restart: unless-stopped
healthcheck:
test: ["CMD", "pg_isready", "-U", "{{ keycloak_db_user }}"]
environment:
POSTGRES_DB: {{ keycloak_db_name }}
POSTGRES_USER: {{ keycloak_db_user }}
POSTGRES_PASSWORD: {{ keycloak_db_password }}
volumes:
- type: tmpfs
target: /var/lib/postgresql/data
tmpfs:
size: 100000000
logging: *logging
{% endif %}
keycloak:
image: {{ keycloak_image }}:{{ keycloak_version }}
command: [{{ keycloak_command }}]
restart: unless-stopped
environment:
{% for item in keycloak_env %}
{% if item.env_only is not defined %}
{{ item.key }}: {{ item.value }}
{% endif %}
{% endfor %}
{% if keycloak_ports is defined and keycloak_ports is iterable %}
ports:
{% for item in keycloak_ports %}
- {{ item }}
{% endfor %}
{% endif %}
{% if keycloak_volumes is defined and keycloak_volumes is iterable %}
volumes:
{% for item in keycloak_volumes %}
- {{ item.mountpath }}:{{ item.mountpoint }}:{{ item.perm }}
{% endfor %}
{% endif %}
logging: *logging
{% if keycloak_extra_hosts is defined and keycloak_extra_hosts is iterable %}
extra_hosts:
{% for item in keycloak_extra_hosts %}
- {{ item.hostname }}:{{ item.ip }}
{% endfor %}
{% endif %}

6
templates/env.j2 Normal file
View file

@ -0,0 +1,6 @@
# releases: https://github.com/keycloak/keycloak/releases
KC_VERSION={{ keycloak_version }}
{% for item in keycloak_env %}
{{ item.key }}={{ item.value }}
{% endfor %}