ansible-role-keycloak/templates/keycloak.conf.j2

60 lines
2.1 KiB
Django/Jinja

http-relative-path=/auth
http-enabled={{ keycloak_http_enabled }}
http-host={{ keycloak_listen }}
http-port={{ keycloak_http_port }}
#log-level=DEBUG
# Database
# The database vendor.
db={{ keycloak_db_vendor }}
# The username of the database user.
db-username={{ keycloak_database_user }}
# The password of the database user.
db-password={{ keycloak_database_password }}
# The full database JDBC URL. If not provided, a default URL is set based on the selected database vendor.
db-url=jdbc:postgresql://{{ keycloak_database_host }}/{{ keycloak_database_name }}
# Observability
# If the server should expose metrics and healthcheck endpoints.
health-enabled={{ keycloak_metrics_and_health_checks_enabled }}
metrics-enabled={{ keycloak_metrics_and_health_checks_enabled }}
{% if keycloak_https_enabled %}
# HTTPS
# The file path to a server certificate or certificate chain in PEM format.
https-certificate-file={{ keycloak_conf_directory }}/server.crt.pem
# The file path to a private key in PEM format.
https-certificate-key-file={{ keycloak_conf_directory }}/server.key.pem
https-protocols={{ keycloak_https_protocols }}
https-port={{ keycloak_https_port }}
{% endif %}
{% if keycloak_behind_reverse_proxy %}
# The proxy address forwarding mode if the server is behind a reverse proxy.
proxy={{ keycloak_reverse_proxy_type }}
{% endif %}
{% if keycloak_set_hostname %}
# Hostname for the Keycloak server.
hostname={{ keycloak_hostname }}
{% endif %}
{% if keycloak_external_avatar_dir_enabled %}
spi-avatar-storage-avatar-storage-file-avatar-folder={{ keycloak_external_avatar_dir}}
{% endif %}
{% if keycloak_cluster %}
# Do not attach route to cookies and rely on the session affinity capabilities from reverse proxy
spi-sticky-session-encoder-infinispan-should-attach-route={{ keycloak_reverse_proxy_infinispan_attach_route }}
cache={{ keycloak_cache_type }}
cache-stack={{ keycloak_cache_stack }}
{% endif %}
# Logging
log={{ keycloak_log_handlers }}
log-console-format={{ keycloak_log_console_format }}
log-console-output={{ keycloak_log_console_output }}
log-file={{ keycloak_log_file }}
log-file-format={{ keycloak_log_file_format }}
log-level={{ keycloak_log_level }}