Update Keycloak

9f332375 · nono · 9512b2c6 · 9f332375 · 9f332375
Commit 9f332375 authored Dec 16, 2021 by nono 💻
--- a/group_vars/keycloak/keycloak.yml
+++ b/group_vars/keycloak/keycloak.yml
@@ -4,7 +4,7 @@

 ## Keycloak config

-keycloak_version: "15.0.2"
+keycloak_version: "15.1.0"
 keycloak_create_admin: false
 keycloak_force_install: true

@@ -28,37 +28,37 @@ certbot_auto_renew: true
 ## Nginx config

 nginx_vhosts:
-  - listen: "443 ssl http2"
-    server_name: "stats.sso.lqdn.fr"
-    access_log: "/var/log/nginx/stats_keycloak_access.log"
-    error_log: "/var/log/nginx/stats_keycloak_error.log"
-    state: "present"
-    template: "{{ nginx_vhost_template }}"
-    filename: "stats.sso.lqdn.fr.https.conf"
-    extra_parameters: |
-      location / {
-        proxy_buffering off;
-        proxy_set_header Referer $http_referer;
-        proxy_set_header X-Real-IP $remote_addr;
-        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-        proxy_set_header X-Forwarded-Host $host;
-        proxy_set_header X-Forwarded-Server $host;
-        proxy_set_header X-Forwarded-Proto $scheme;
-        proxy_set_header X-Forwarded-Port $server_port;
-        proxy_set_header Host $http_host;
-        proxy_set_header Upgrade $http_upgrade;
-        proxy_set_header Connection 'upgrade';
-
-        proxy_pass http://127.0.0.1:9001;
-        proxy_redirect off;
-      }
-      location /.well-known/acme-challenge {
-        alias /var/www/letsencrypt/.well-known/acme-challenge;
-      }
-      ssl_certificate /etc/letsencrypt/live/stats.sso.lqdn.fr/fullchain.pem;
-      ssl_certificate_key /etc/letsencrypt/live/stats.sso.lqdn.fr/privkey.pem;
-      ssl_protocols       TLSv1.1 TLSv1.2;
-      ssl_ciphers         HIGH:!aNULL:!MD5;
+  # - listen: "443 ssl http2"
+  #   server_name: "stats.sso.lqdn.fr"
+  #   access_log: "/var/log/nginx/stats_keycloak_access.log"
+  #   error_log: "/var/log/nginx/stats_keycloak_error.log"
+  #   state: "present"
+  #   template: "{{ nginx_vhost_template }}"
+  #   filename: "stats.sso.lqdn.fr.https.conf"
+  #   extra_parameters: |
+  #     location / {
+  #       proxy_buffering off;
+  #       proxy_set_header Referer $http_referer;
+  #       proxy_set_header X-Real-IP $remote_addr;
+  #       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+  #       proxy_set_header X-Forwarded-Host $host;
+  #       proxy_set_header X-Forwarded-Server $host;
+  #       proxy_set_header X-Forwarded-Proto $scheme;
+  #       proxy_set_header X-Forwarded-Port $server_port;
+  #       proxy_set_header Host $http_host;
+  #       proxy_set_header Upgrade $http_upgrade;
+  #       proxy_set_header Connection 'upgrade';
+  #
+  #       proxy_pass http://127.0.0.1:9001;
+  #       proxy_redirect off;
+  #     }
+  #     location /.well-known/acme-challenge {
+  #       alias /var/www/letsencrypt/.well-known/acme-challenge;
+  #     }
+  #     ssl_certificate /etc/letsencrypt/live/stats.sso.lqdn.fr/fullchain.pem;
+  #     ssl_certificate_key /etc/letsencrypt/live/stats.sso.lqdn.fr/privkey.pem;
+  #     ssl_protocols       TLSv1.1 TLSv1.2;
+  #     ssl_ciphers         HIGH:!aNULL:!MD5;
  - listen: "443 ssl http2"
    server_name: "sso.lqdn.fr"
    access_log: "/var/log/nginx/keycloak_access.log"

--- a/production.yml
+++ b/production.yml
@@ -43,7 +43,6 @@
    - packages-lqdn
    - updates-lqdn
    - ansible-role-nginx
-    - ansible-node-exporter
    - ansible-role-certbot
    - sso-lqdn
  tags: