2021-12-14 10:26:42 +00:00
|
|
|
---
|
|
|
|
### Configuration specific to keycloak
|
|
|
|
keycloak_version: 9.0.2
|
|
|
|
keycloak_archive: keycloak-{{ keycloak_version }}.zip
|
|
|
|
keycloak_download_url: https://downloads.jboss.org/keycloak/{{ keycloak_version }}/{{ keycloak_archive }}
|
|
|
|
keycloak_installdir: "{{ keycloak_dest }}/keycloak-{{ keycloak_version }}"
|
|
|
|
|
|
|
|
### Configuration specific to Red Hat Single Sing-On
|
|
|
|
keycloak_rhsso_enable: "{{ True if rhsso_rhn_id is defined else False }}"
|
|
|
|
keycloak_rhsso_version: 7.5
|
|
|
|
keycloak_rhsso_archive: rh-sso-{{ keycloak_rhsso_version }}-server-dist.zip
|
|
|
|
keycloak_rhsso_installdir: "{{ keycloak_dest }}/rh-sso-{{ keycloak_rhsso_version }}"
|
2021-12-15 12:55:41 +00:00
|
|
|
keycloak_rhsso_base_url: 'https://access.redhat.com/jbossnetwork/restricted/softwareDownload.html?softwareId='
|
2021-12-14 10:26:42 +00:00
|
|
|
|
|
|
|
### Install location and service settings
|
|
|
|
keycloak_dest: /opt/keycloak
|
|
|
|
keycloak_jboss_home: "{{ keycloak_rhsso_installdir if rhsso_rhn_id is defined else keycloak_installdir }}"
|
|
|
|
keycloak_config_dir: "{{ keycloak_jboss_home }}/standalone/configuration"
|
|
|
|
keycloak_service_user: keycloak
|
|
|
|
keycloak_service_group: keycloak
|
2021-12-14 15:20:26 +00:00
|
|
|
keycloak_service_pidfile: "/run/keycloak.pid"
|
2021-12-14 10:26:42 +00:00
|
|
|
keycloak_service_logfile: "{{ keycloak_dest }}/keycloak.log"
|
|
|
|
|
|
|
|
### Keycloak configuration settings
|
|
|
|
keycloak_bind_address: 0.0.0.0
|
|
|
|
keycloak_host: localhost
|
|
|
|
keycloak_http_port: 8080
|
|
|
|
keycloak_https_port: 8443
|
|
|
|
keycloak_management_http_port: 9990
|
|
|
|
keycloak_management_https_port: 9993
|
|
|
|
keycloak_java_opts: "-Xms1024m -Xmx20480m -XX:MaxPermSize=768m"
|
2021-12-22 07:49:55 +00:00
|
|
|
|
|
|
|
### Enable configuration for database backend, clustering and remote caches on infinispan
|
2021-12-14 10:26:42 +00:00
|
|
|
keycloak_ha_enabled: False
|
2021-12-22 07:49:55 +00:00
|
|
|
### Enable database configuration, must be enabled when HA is configured
|
2021-12-20 14:55:05 +00:00
|
|
|
keycloak_db_enabled: "{{ True if keycloak_ha_enabled else False }}"
|
2021-12-14 10:26:42 +00:00
|
|
|
|
2021-12-22 07:49:55 +00:00
|
|
|
### Keycloak administration console user
|
2021-12-14 10:26:42 +00:00
|
|
|
keycloak_admin_user: admin
|
|
|
|
keycloak_auth_realm: master
|
|
|
|
keycloak_auth_client: admin-cli
|
|
|
|
|
|
|
|
keycloak_force_install: False
|
|
|
|
|
2021-12-22 07:49:55 +00:00
|
|
|
### mod_cluster reverse proxy
|
|
|
|
keycloak_modcluster_url: localhost
|
2021-12-14 10:26:42 +00:00
|
|
|
|
2021-12-22 07:49:55 +00:00
|
|
|
### infinispan remote caches access
|
|
|
|
infinispan_user: supervisor
|
|
|
|
infinispan_pass: supervisor
|
|
|
|
infinispan_url: localhost
|
2021-12-14 10:26:42 +00:00
|
|
|
|
2021-12-22 07:49:55 +00:00
|
|
|
### database backend engine: values [ 'postgres', 'mariadb' ]
|
2021-12-17 13:56:28 +00:00
|
|
|
keycloak_jdbc_engine: postgres
|
2021-12-22 07:49:55 +00:00
|
|
|
### database backend credentials
|
|
|
|
postgres_jdbc_url: 'jdbc:postgresql://localhost:5432/keycloak'
|
|
|
|
postgres_db_user: keycloak-user
|
|
|
|
postgres_db_pass: keycloak-pass
|
|
|
|
mariadb_jdbc_url: 'jdbc:mariadb://localhost:3306/keycloak'
|
|
|
|
mariadb_db_user: keycloak-user
|
|
|
|
mariadb_db_pass: keycloak-pass
|