keycloak
keycloak
Ansible role to install and configure Keycloak identity service.
Sponsor
Building and improving this Ansible role have been sponsored by my current and previous employers like Cloudpunks GmbH and Proact Deutschland GmbH.
Table of content
- Requirements
- Default Variables
- keycloak_cache_owners_auth_sessions_count
- keycloak_cache_owners_count
- keycloak_command
- keycloak_container_extensions_path
- keycloak_container_scripts_path
- keycloak_container_themes_path
- keycloak_cpu_shares
- keycloak_database_addresses
- keycloak_database_connection
- keycloak_database_name
- keycloak_database_password
- keycloak_database_schema
- keycloak_database_type
- keycloak_database_username
- keycloak_default_extensions
- keycloak_default_folders
- keycloak_default_labels
- keycloak_default_publish
- keycloak_default_startups
- keycloak_default_themes
- keycloak_default_volumes
- keycloak_extensions_path
- keycloak_extra_environment
- keycloak_extra_extensions
- keycloak_extra_folders
- keycloak_extra_labels
- keycloak_extra_publish
- keycloak_extra_startups
- keycloak_extra_themes
- keycloak_extra_volumes
- keycloak_general_environment
- keycloak_group
- keycloak_hostname
- keycloak_http_relative_path
- keycloak_image
- keycloak_jgroups_discovery_enabled
- keycloak_jgroups_discovery_external_ip
- keycloak_jgroups_discovery_properties
- keycloak_jgroups_discovery_protocol
- keycloak_legacy_startups
- keycloak_loglevel
- keycloak_memory_limit
- keycloak_memory_soft_limit
- keycloak_memory_swap
- keycloak_metrics_extension_version
- keycloak_network
- keycloak_number_of_cpus
- keycloak_password
- keycloak_proxy_address_forwarding
- keycloak_pull_image
- keycloak_shell
- keycloak_startups_path
- keycloak_themes_path
- keycloak_url
- keycloak_user
- keycloak_username
- keycloak_version
- Discovered Tags
- Dependencies
- License
- Author
Requirements
- Minimum Ansible version:
2.10
Default Variables
keycloak_cache_owners_auth_sessions_count
Cache owners auth sessions count
Default value
keycloak_cache_owners_auth_sessions_count: 1
keycloak_cache_owners_count
Cache owners count
Default value
keycloak_cache_owners_count: 1
keycloak_command
Command to pass to Keycloak container
Default value
keycloak_command: "{{ 'start-dev' if keycloak_version is version('20.0.0', '>=') else
'' }}"
keycloak_container_extensions_path
Path for providers within the container
Default value
keycloak_container_extensions_path: "{{ '/opt/keycloak/providers' if keycloak_version
is version('20.0.0', '>=') else '/opt/jboss/keycloak/providers' }}"
keycloak_container_scripts_path
Path for startup scripts within the container
Default value
keycloak_container_scripts_path: /opt/jboss/startup-scripts
keycloak_container_themes_path
Path for themes within the container
Default value
keycloak_container_themes_path: "{{ '/opt/keycloak/themes' if keycloak_version is
version('20.0.0', '>=') else '/opt/jboss/keycloak/themes' }}"
keycloak_cpu_shares
CPU shares with Docker deployment
Default value
keycloak_cpu_shares:
Example usage
keycloak_cpu_shares: '512'
keycloak_database_addresses
List of database server addresses
Default value
keycloak_database_addresses: []
Example usage
keycloak_database_addresses:
- host1
- host2
- host3
keycloak_database_connection
Database connectiony type for clustered databases
Default value
keycloak_database_connection:
keycloak_database_name
Database name
Default value
keycloak_database_name: keycloak
keycloak_database_password
Password for database connection
Default value
keycloak_database_password:
keycloak_database_schema
Database schema used for PostgreSQL
Default value
keycloak_database_schema:
keycloak_database_type
Database driver
Default value
keycloak_database_type: mariadb
keycloak_database_username
Username for database connection
Default value
keycloak_database_username:
keycloak_default_extensions
List of default extensions
Default value
keycloak_default_extensions:
- name: keycloak-metrics-spi.jar
state: absent
- name: keycloak-metrics-spi-{{ keycloak_metrics_extension_version }}.jar
url: https://github.com/aerogear/keycloak-metrics-spi/releases/download/{{ keycloak_metrics_extension_version
}}/keycloak-metrics-spi-{{ keycloak_metrics_extension_version }}.jar
Example usage
keycloak_default_extensions:
- name: example-from-url
url: http://example.com/example.jar
- name: example-to-remove
state: absent
keycloak_default_folders
List of default folders to create
Default value
keycloak_default_folders: []
keycloak_default_labels
List of default labels to assign to docker command
Default value
keycloak_default_labels: []
keycloak_default_publish
List of default port publishing
Default value
keycloak_default_publish: []
Example usage
keycloak_default_publish:
- 127.0.0.1:9090:9090
keycloak_default_startups
List of default startup scripts
Default value
keycloak_default_startups: "{{ [] if keycloak_version is version('20.0.0', '>=') else
keycloak_legacy_startups }}"
Example usage
keycloak_default_startups:
- name: example
content: |
embed-server --server-config=standalone-ha.xml --std-out=echo
batch
run-batch
stop-embedded-server
- name: example-from-url
url: http://example.com/example.yml
- name: example-from-file
src: path/to/file.j2
- name: example-from-template
ansible.builtin.template: path/to/template.j2
- name: example-to-remove
state: absent
keycloak_default_themes
List of default themes
Default value
keycloak_default_themes: []
Example usage
keycloak_default_themes:
- name: example-from-url
url: http://example.com/example.tar.gz
- name: example-to-remove
state: absent
keycloak_default_volumes
List of default volumes to mount
Default value
keycloak_default_volumes: []
keycloak_extensions_path
Path to store extensions
Default value
keycloak_extensions_path: /usr/share/keycloak/extensions
keycloak_extra_environment
List of extra environment variables
Default value
keycloak_extra_environment: []
Example usage
keycloak_extra_environment:
- name: EXAMPLE1
value: dummy1
- name: EXAMPLE2
value: dummy2
- name: EXAMPLE3
value: dummy3
keycloak_extra_extensions
List of extra extensions
Default value
keycloak_extra_extensions: []
Example usage
keycloak_extra_extensions:
- name: example-from-url
url: http://example.com/example.jar
- name: example-to-remove
state: absent
keycloak_extra_folders
List of extra folders to create
Default value
keycloak_extra_folders: []
Example usage
keycloak_extra_folders:
- /path/to/host/folder1
- /path/to/host/folder2
- /path/to/host/folder3
keycloak_extra_labels
List of extra labels to assign to docker command
Default value
keycloak_extra_labels: []
keycloak_extra_publish
List of extra port publishing
Default value
keycloak_extra_publish: []
Example usage
keycloak_extra_publish:
- 8090:8090
- 127.0.0.1:9000:9000
keycloak_extra_startups
List of extra startup scripts
Default value
keycloak_extra_startups: []
keycloak_extra_themes
List of extra themes
Default value
keycloak_extra_themes: []
Example usage
keycloak_extra_themes:
- name: example-from-url
url: http://example.com/example.tar.gz
- name: example-to-remove
state: absent
keycloak_extra_volumes
List of extra volumes to mount
Default value
keycloak_extra_volumes: []
Example usage
keycloak_extra_volumes:
- /path/to/host/folder1:/path/within/container1
- /path/to/host/folder2:/path/within/container2
- /path/to/host/folder3:/path/within/container3
keycloak_general_environment
List of general environment variables
Default value
keycloak_general_environment: []
Example usage
keycloak_general_environment:
- key: EXAMPLE1
value: dummy1
- key: EXAMPLE2
value: dummy2
- key: EXAMPLE3
value: dummy3
keycloak_group
Group to create for container usage
Default value
keycloak_group: keycloak
keycloak_hostname
Hostname for Keycloak
Default value
keycloak_hostname:
keycloak_http_relative_path
Relative path to Keycloak
Default value
keycloak_http_relative_path:
keycloak_image
Docker image to use for deployment
Default value
keycloak_image: quay.io/keycloak/keycloak:{{ keycloak_version }}
keycloak_jgroups_discovery_enabled
Enable jgroups discovery
Default value
keycloak_jgroups_discovery_enabled: false
keycloak_jgroups_discovery_external_ip
External IP used for jgroups discovery
Default value
keycloak_jgroups_discovery_external_ip:
keycloak_jgroups_discovery_properties
Additional properties for jgroups discovery
Default value
keycloak_jgroups_discovery_properties:
keycloak_jgroups_discovery_protocol
Protocol used for jgroups discovery
Default value
keycloak_jgroups_discovery_protocol:
keycloak_legacy_startups
List of startup scripts befor 20.0.0
Default value
keycloak_legacy_startups:
- name: keycloak
ansible.builtin.template: keycloak.j2
keycloak_loglevel
Logging level for the instance
Default value
keycloak_loglevel: INFO
keycloak_memory_limit
Memory limit with Docker deployment
Default value
keycloak_memory_limit:
Example usage
keycloak_memory_limit: 1024m
keycloak_memory_soft_limit
Soft memory limit with Docker deployment
Default value
keycloak_memory_soft_limit:
Example usage
keycloak_memory_soft_limit: 512m
keycloak_memory_swap
Swap usage with Docker deployment
Default value
keycloak_memory_swap:
Example usage
keycloak_memory_swap: 2048m
keycloak_metrics_extension_version
Version of the metrics extension to install
Default value
keycloak_metrics_extension_version: 5.0.0
keycloak_network
Optionally assign this Docker network to container
Default value
keycloak_network:
keycloak_number_of_cpus
Number of CPUs with Docker deployment
Default value
keycloak_number_of_cpus:
Example usage
keycloak_number_of_cpus: '1.0'
keycloak_password
Password for master realm access
Default value
keycloak_password:
keycloak_proxy_address_forwarding
Enable proxy address forwarding
Default value
keycloak_proxy_address_forwarding: true
keycloak_pull_image
Pull image as part of the tasks
Default value
keycloak_pull_image: true
keycloak_shell
Shell of the Keycloak user
Default value
keycloak_shell: /usr/sbin/nologin
keycloak_startups_path
Path to store startup scripts
Default value
keycloak_startups_path: /usr/share/keycloak/startups
Example usage
keycloak_startups_path:
- name: example
content: |
embed-server --server-config=standalone-ha.xml --std-out=echo
batch
run-batch
stop-embedded-server
- name: example-from-url
url: http://example.com/example.yml
- name: example-from-file
src: path/to/file.j2
- name: example-from-template
ansible.builtin.template: path/to/template.j2
- name: example-to-remove
state: absent
keycloak_themes_path
Path to store themes
Default value
keycloak_themes_path: /usr/share/keycloak/themes
keycloak_url
URL for external access
Default value
keycloak_url:
Example usage
keycloak_url: datasource_jndi_name=java:jboss/datasources/KeycloakDS
keycloak_user
User to create for container usage
Default value
keycloak_user: keycloak
keycloak_username
Username for master realm access
Default value
keycloak_username:
keycloak_version
Version of keycloak to use
Default value
keycloak_version: 25.0.2
Discovered Tags
keycloak
Dependencies
License
Apache-2.0
Author
ansible-galaxy install rolehippie/keycloak