ansible-role-keycloak/defaults/main.yml

48 lines
2.1 KiB
YAML

---
keycloak_major_version: '10'
keycloak_minor_version: '0'
keycloak_point_version: '2'
keycloak_wildfly_mode: 'standalone'
keycloak_install_dir: '/opt/keycloak'
keycloak_properties_directory: '/opt/keycloak/properties'
keycloak_distribution_data_directory: '{{ keycloak_install_dir }}/{{ keycloak_distribution }}/{{ keycloak_wildfly_mode }}'
keycloak_data_directory: '/opt/keycloak_data'
keycloak_log_directory: '/var/log/keycloak'
keycloak_startup_properties:
- { name: 'jboss.server.data.dir', value: '{{ keycloak_data_directory }}' }
- { name: 'jboss.server.log.dir', value: '{{ keycloak_log_directory }}' }
# domain clustered mode is not supported at this time
keycloak_wildfly_clustered: False
keycloak_wildfly_cluster_node_name: '{{ ansible_hostname }}'
keycloak_wildfly_cluster_private_bind_address: '{{ ansible_default_ipv4.address }}'
keycloak_wildfly_mping_multicast_address: '230.0.0.4'
keycloak_wildfly_jgroups_udp_multicast_address: '230.0.0.4'
keycloak_wildfly_modcluster_multicast_address: '224.0.1.105'
keycloak_listen: '127.0.0.1'
keycloak_java_min_heap: '2048m'
keycloak_java_max_heap: '{{ keycloak_java_min_heap }}'
keycloak_node_identifier: 1
keycloak_use_external_db: True
# postgresql is the only supported choice for the time being
keycloak_db: 'postgresql'
keycloak_db_module_name: 'org.{{ keycloak_db }}'
keycloak_db_module_path: 'org/{{ keycloak_db }}'
keycloak_db_class_name: '{{ keycloak_db_module_name }}.xa.PGXADataSource'
keycloak_jdbc_driver_version: '42.2.14'
keycloak_jdbc_driver: 'postgresql-{{ keycloak_jdbc_driver_version }}.jar'
keycloak_jdbc_driver_url: 'https://jdbc.postgresql.org/download/{{ keycloak_jdbc_driver }}'
keycloak_database_name: keycloak
keycloak_database_user: keycloak_u
#keycloak_database_password: 'define it into a vault file'
keycloak_database_host: 'localhost'
keycloak_database_max_pool_size: '50'
keycloak_database_jboss_connection_checker: True
keycloak_database_idle_timeouts_min: 1
keycloak_admin_user: kadmin
#keycloak_admin_password: 'define it into a vault file'
keycloak_behind_reverse_proxy: True
keycloak_jcliff_version: '2.12.7'