Skip to content
Extraits de code Groupes Projets
Vue normale Lien permanent
main.yml 2,02 ko
Newer Older
nono's avatar
Added the base files
nono a validé
1 2 
---
# defaults file for sso-lqdn
nono's avatar
Move default variables to respect ansible variable precedence  
nono a validé
3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 

# General user setup

keycloak_service_group: "keycloak"
keycloak_service_user: "keycloak"
keycloak_service_name: "keycloak"
keycloak_base_path: "/opt/keycloak"
keycloak_dest: "{{ keycloak_base_path }}"

## General settings
keycloak_version: ""
# keycloak_previous_version: "13.0.0"
keycloak_url: "https://github.com/keycloak/keycloak/releases/download/{{ keycloak_version }}/keycloak-{{ keycloak_version }}.zip"
keycloak_archive: "keycloak-{{ keycloak_version }}.zip"
keycloak_archive_on_target: True # To download the archive directly to the server

# Database settings
keycloak_mysql_root_password: "{{ vault_keycloak_mysql_root_password}}"
keycloak_db_name: "keycloak"
keycloak_db_admin: "keycloak"
keycloak_db_pwd: "{{ vault_keycloak_db_pwd }}"
keycloak_mysql_unix_socket: "/run/mysqld/mysqld.sock"
# More General settings ( Optional )
keycloak_jboss_home: "{{ keycloak_base_path }}/keycloak-{{ keycloak_version }}"
keycloak_config_dir: "{{ keycloak_jboss_home }}/conf"

# If you want to create the admin user
keycloak_create_admin: false
keycloak_admin_user: "admin"
keycloak_admin_password: "{{ vault_keycloak_admin_password }}"

## Networking
keycloak_behind_reverseproxy: true
keycloak_bind_address: "127.0.0.1"
keycloak_http_port: "8080"
keycloak_https_port: "8443"
keycloak_management_http_port: "9990"
keycloak_management_https_port: "9993"

# Run settings
keycloak_startup_timeout: "300"
keycloak_java_opts: "-Xms256m -Xmx1024m"

# In case you want to force the re installation
keycloak_force_install: false

## Customization
keycloak_profile_preview: false
keycloak_welcome_theme: "keycloak"
nono's avatar
Add disabled features as variable of the role  
nono a validé
52 53 54 
keycloack_features_not_enabled:
  - docker
nono's avatar
Update template to configure features for keycloak  
nono a validé
55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 
keycloak_features_enabled:
  - "authorization"
  - "account2"
  - "account-api"
  - "admin-fine-grained-authz"
  - "admin2"
  - "impersonation"
  - "scripts"
  - "token-exchange"
  - "web-authn"
  - "client-policies"
  - "ciba"
  - "par"
  - "declarative-user-profile"
  - "dynamic-scopes"
  - "preview"
  - "recovery_codes"
nono's avatar
Move default variables to respect ansible variable precedence  
nono a validé
72 73 74 

mysql_credential_file:
  debian: '/etc/mysql/debian.cnf'