sheppy/no-secrets-athq-ansible
1
0
Fork 0
mirror of https://github.com/FAUSheppy/no-secrets-athq-ansible synced 2025-12-10 11:28:32 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

feat: usermanagement keycloak

Browse Source
This commit is contained in:
Johnathen Sheppard
2023-01-07 19:05:30 +01:00
parent 39bd14e0d3
commit a68fbd4838
8 changed files with 37 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
roles/usermanagement/tasks/main.yaml
View File

@@ -3,30 +3,28 @@
name: /data/
state: directory
- name: Create opt-dir
- name: Create compose directory keycloak
file:
name: /opt/
name: "/opt/keycloak/"
state: directory
- name: Create compose directories
file:
name: "/opt/{{ item }}"
state: directory
with_items:
- keycloak
- name: Copy compose templates
- name: Copy compose templates keycloak
template:
src: "{{ item }}.yaml"
dest: "/opt/{{ item }}/"
src: "keycloak.yaml"
dest: "/opt/keycloak/"
- name: Copy compose environment files keycloak
template:
src: "{{ item }}"
dest: "/opt/keycloak/"
with_items:
- keycloak
- keycloak.env
- postgres.env
- postgres_password
- name: Deploy compose templates
community.docker.docker_compose:
project_src: "/opt/{{ item }}/"
project_src: "/opt/keycloak/"
pull: true
files:
- "{{ item }}.yaml"
with_items:
- keycloak
- "keycloak.yaml"

9
roles/usermanagement/templates/keycloak.env Normal file
View File

@@ -0,0 +1,9 @@
KEYCLOAK_ADMIN=admin
KEYCLOAK_ADMIN_PASSWORD={{ keycloak_admin_password }}
PROXY_ADDRESS_FORWARDING=true
KC_PROXY=edge
KC_LOG_LEVEL=ALL
KC_DB_URL_HOST=postgres
KC_DB_USERNAME=keycloak
KC_DB_PASSWORD={{ keycloak_postgres_password }}

4
roles/usermanagement/keycloak.yaml → roles/usermanagement/templates/keycloak.yaml
View File

@@ -7,7 +7,7 @@ services:
container_name: keycloak-container
command: start-dev --http-enabled=true
image: quay.io/keycloak/keycloak:18.0.0
env_file: .env.keycloak
env_file: keycloak.env
restart: unless-stopped
ports:
- 5050:8080
@@ -18,7 +18,7 @@ services:
postgres:
container_name: postgres-container
image: postgres:13.2
env_file: .env.postgres
env_file: postgres.env
restart: unless-stopped
secrets:
- postgres_password

3
roles/usermanagement/templates/postgres.env Normal file
View File

@@ -0,0 +1,3 @@
POSTGRES_DB=keycloak
POSTGRES_PASSWORD_FILE=/run/secrets/postgres_password
POSTGRES_USER=keycloak

1
roles/usermanagement/templates/postgres_password Normal file
View File

@@ -0,0 +1 @@
{{ keycloak_postgres_password }}