Newer
Older
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
# General user setup
keycloak_service_group: "keycloak"
keycloak_service_user: "keycloak"
keycloak_service_name: "keycloak"
keycloak_base_path: "/opt/keycloak"
keycloak_dest: "{{ keycloak_base_path }}"
## General settings
keycloak_version: ""
# keycloak_previous_version: "13.0.0"
keycloak_url: "https://github.com/keycloak/keycloak/releases/download/{{ keycloak_version }}/keycloak-{{ keycloak_version }}.zip"
keycloak_archive: "keycloak-{{ keycloak_version }}.zip"
keycloak_archive_on_target: True # To download the archive directly to the server
# Database settings
keycloak_mysql_root_password: "{{ vault_keycloak_mysql_root_password}}"
keycloak_db_name: "keycloak"
keycloak_db_admin: "keycloak"
keycloak_db_pwd: "{{ vault_keycloak_db_pwd }}"
keycloak_mysql_unix_socket: "/run/mysqld/mysqld.sock"
# More General settings ( Optional )
keycloak_jboss_home: "{{ keycloak_base_path }}/keycloak-{{ keycloak_version }}"
keycloak_config_dir: "{{ keycloak_jboss_home }}/conf"
# If you want to create the admin user
keycloak_create_admin: false
keycloak_admin_user: "admin"
keycloak_admin_password: "{{ vault_keycloak_admin_password }}"
## Networking
keycloak_behind_reverseproxy: true
keycloak_bind_address: "127.0.0.1"
keycloak_http_port: "8080"
keycloak_https_port: "8443"
keycloak_management_http_port: "9990"
keycloak_management_https_port: "9993"
# Run settings
keycloak_startup_timeout: "300"
keycloak_java_opts: "-Xms256m -Xmx1024m"
# In case you want to force the re installation
keycloak_force_install: false
## Customization
keycloak_profile_preview: false
keycloak_welcome_theme: "keycloak"
keycloack_features_not_enabled:
- docker
keycloak_features_enabled:
- "authorization"
- "account2"
- "account-api"
- "admin-fine-grained-authz"
- "admin2"
- "impersonation"
- "scripts"
- "token-exchange"
- "web-authn"
- "client-policies"
- "ciba"
- "par"
- "declarative-user-profile"
- "dynamic-scopes"
- "preview"
- "recovery_codes"
mysql_credential_file:
debian: '/etc/mysql/debian.cnf'