Role Name ========= A role that installs the keycloak IdM Role Variables -------------- The most important variables are listed below: ``` yaml keycloak_major_version: '19' keycloak_minor_version: '0' keycloak_point_version: '2' keycloak_openjdk_runtime_version: 11 keycloak_openjdk_version: - '{{ keycloak_openjdk_runtime_version }}' keycloak_openjdk_bin: '/usr/lib/jvm/java-{{ keycloak_openjdk_runtime_version}}-openjdk-amd64/bin/java' keycloak_install_dir: '/opt/keycloak' keycloak_distribution_data_directory: '{{ keycloak_install_dir }}/{{ keycloak_distribution }}/{{ keycloak_wildfly_mode }}' keycloak_conf_directory: '{{ keycloak_runtime_home }}/conf' keycloak_providers_directory: '{{ keycloak_runtime_home }}/providers' keycloak_data_directory: '{{ keycloak_runtime_home }}/data' keycloak_log_directory: '/var/log/keycloak' keycloak_optimize_build_at_startup: true keycloak_upgrade_db_at_startup: false keycloak_disabled_features: [] keycloak_preview_features: [] keycloak_external_avatar_dir_enabled: false keycloak_external_avatar_dir: '{{ keycloak_data_directory }}/avatar' keycloak_https_enabled: true keycloak_https_protocols: 'TLSv1.3' keycloak_letsencrypt_certs: '{{ keycloak_https_enabled }}' keycloak_http_enabled: "{% if keycloak_https_enabled %}'false'{% else %}'true'{% endif %}" keycloak_listen: '127.0.0.1' keycloak_http_port: 8080 keycloak_https_port: 8443 keycloak_set_hostname: false keycloak_hostname: '{{ ansible_fqdn }}' keycloak_log_handlers: console keycloak_log_console_format: '%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p [%c] (%t) %s%e%n' keycloak_log_console_output: default keycloak_log_file: '{{ keycloak_log_directory }}/keycloak.log' keycloak_log_file_format: '%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p [%c] (%t) %s%e%n' keycloak_log_level: warning # We keep those together because some health checks are available only when the metrics are enabled. keycloak_metrics_and_health_checks_enabled: 'true' keycloak_use_external_db: true # postgresql is the only supported choice for the time being keycloak_db_vendor: 'postgres' keycloak_database_name: keycloak keycloak_database_user: keycloak_u # keycloak_database_password: 'define it into a vault file' keycloak_database_host: 'localhost' keycloak_database_max_pool_size: '50' keycloak_database_jboss_connection_checker: true keycloak_database_idle_timeouts_min: 1 keycloak_admin_user: kadmin # keycloak_admin_password: 'define it into a vault file' keycloak_before_nginx: false keycloak_before_apache_httpd: false keycloak_behind_reverse_proxy: true keycloak_reverse_proxy_type: '{% if keycloak_local_certs %}reencrypt{% else %}edge{% endif %}' keycloak_reverse_proxy_infinispan_attach_route: 'true' keycloak_cluster: false keycloak_cache_type: ispn keycloak_cache_stack: tcp keycloak_cache_container_name: keycloak ``` Dependencies ------------ OpenJDK License ------- EUPL-1.2 Author Information ------------------ Andrea Dell'Amico,