ansible-keycloak/roles/keycloak/defaults/main.yml

86 lines
3.1 KiB
YAML
Raw Permalink Normal View History

---
### Configuration specific to keycloak
2022-01-14 09:06:43 +00:00
keycloak_version: 15.0.2
2022-01-14 09:29:48 +00:00
keycloak_archive: "keycloak-{{ keycloak_version }}.zip"
keycloak_download_url: "https://github.com/keycloak/keycloak/releases/download/{{ keycloak_version }}/{{ keycloak_archive }}"
keycloak_download_url_9x: "https://downloads.jboss.org/keycloak/{{ keycloak_version }}/{{ keycloak_archive }}"
keycloak_installdir: "{{ keycloak_dest }}/keycloak-{{ keycloak_version }}"
2022-09-19 14:02:55 +00:00
keycloak_offline_install: False
### Install location and service settings
keycloak_jvm_package: openjdk-17-jdk-headless
keycloak_java_home:
keycloak_dest: /opt/keycloak
2022-09-19 14:02:55 +00:00
keycloak_jboss_home: "{{ keycloak_installdir }}"
keycloak_config_dir: "{{ keycloak_jboss_home }}/standalone/configuration"
keycloak_config_standalone_xml: "keycloak.xml"
keycloak_config_path_to_standalone_xml: "{{ keycloak_jboss_home }}/standalone/configuration/{{ keycloak_config_standalone_xml }}"
keycloak_config_override_template: ''
keycloak_service_user: keycloak
keycloak_service_group: keycloak
keycloak_service_pidfile: "/run/keycloak.pid"
2022-09-19 14:02:55 +00:00
keycloak_service_name: keycloak
keycloak_service_desc: Keycloak
keycloak_configure_firewalld: False
### administrator console password
keycloak_admin_password: ''
### Common configuration settings
keycloak_bind_address: 0.0.0.0
keycloak_host: localhost
keycloak_http_port: 8080
keycloak_https_port: 8443
2022-01-27 13:21:18 +00:00
keycloak_ajp_port: 8009
keycloak_jgroups_port: 7600
keycloak_management_port_bind_address: 127.0.0.1
keycloak_management_http_port: 9990
keycloak_management_https_port: 9993
keycloak_java_opts: "-Xms1024m -Xmx2048m"
keycloak_prefer_ipv4: True
2021-12-22 07:49:55 +00:00
### Enable configuration for database backend, clustering and remote caches on infinispan
keycloak_ha_enabled: False
2021-12-22 07:49:55 +00:00
### Enable database configuration, must be enabled when HA is configured
keycloak_db_enabled: "{{ True if keycloak_ha_enabled else False }}"
2021-12-22 07:49:55 +00:00
### Keycloak administration console user
keycloak_admin_user: admin
keycloak_auth_realm: master
keycloak_auth_client: admin-cli
keycloak_force_install: False
2021-12-22 07:49:55 +00:00
### mod_cluster reverse proxy
keycloak_modcluster_url: localhost
### keycloak frontend url
keycloak_frontend_url: http://localhost:8080/auth
2022-01-04 13:30:28 +00:00
### infinispan remote caches access (hotrod)
keycloak_infinispan_user: supervisor
keycloak_infinispan_pass: supervisor
keycloak_infinispan_url: localhost
keycloak_infinispan_sasl_mechanism: SCRAM-SHA-512
keycloak_infinispan_use_ssl: False
2022-01-04 13:30:28 +00:00
# if ssl is enabled, import ispn server certificate here
keycloak_infinispan_trust_store_path: /etc/pki/java/cacerts
keycloak_infinispan_trust_store_password: changeit
2021-12-22 07:49:55 +00:00
### database backend engine: values [ 'postgres', 'mariadb' ]
keycloak_jdbc_engine: postgres
2021-12-22 07:49:55 +00:00
### database backend credentials
2022-01-05 12:53:29 +00:00
keycloak_db_user: keycloak-user
keycloak_db_pass: keycloak-pass
keycloak_jdbc_url: "{{ keycloak_default_jdbc[keycloak_jdbc_engine].url }}"
keycloak_jdbc_driver_version: "{{ keycloak_default_jdbc[keycloak_jdbc_engine].version }}"
# override the variables above, following defaults show minimum supported versions
keycloak_default_jdbc:
postgres:
url: 'jdbc:postgresql://localhost:5432/keycloak'
version: 9.4.1212
mariadb:
url: 'jdbc:mariadb://localhost:3306/keycloak'
version: 2.7.4