quarkus: add README, update parameters doc

main
Guido Grazioli 2022-04-11 13:48:59 +02:00
parent 33c8f74122
commit dc33cbc358
No known key found for this signature in database
GPG Key ID: 22C8C31EF2BC093B
3 changed files with 142 additions and 40 deletions

View File

@ -43,6 +43,7 @@ A requirement file is provided to install:
* [`keycloak`](https://github.com/ansible-middleware/keycloak/blob/main/roles/keycloak/README.md): role for installing the service. * [`keycloak`](https://github.com/ansible-middleware/keycloak/blob/main/roles/keycloak/README.md): role for installing the service.
* [`keycloak_realm`](https://github.com/ansible-middleware/keycloak/blob/main/roles/keycloak_realm/README.md): role for configuring a realm, user federation(s), clients and users, in an installed service. * [`keycloak_realm`](https://github.com/ansible-middleware/keycloak/blob/main/roles/keycloak_realm/README.md): role for configuring a realm, user federation(s), clients and users, in an installed service.
* [`keycloak_quarkus`](https://github.com/ansible-middleware/keycloak/blob/main/roles/keycloak_quarkus/README.md): role for installing the quarkus variant of keycloak (>= 17.0.0).
## Usage ## Usage

View File

@ -0,0 +1,101 @@
keycloak_quarkus
================
Install [keycloak](https://keycloak.org/) >= 17.0.0 (quarkus) server configurations.
Role Defaults
-------------
* Service configuration
| Variable | Description | Default |
|:---------|:------------|:--------|
|`keycloak_quarkus_ha_enabled`| Enable auto configuration for database backend, clustering and remote caches on infinispan | `False` |
|`keycloak_quarkus_db_enabled`| Enable auto configuration for database backend | `True` if `keycloak_quarkus_ha_enabled` is True, else `False` |
|`keycloak_quarkus_admin_user`| Administration console user account | `admin` |
|`keycloak_quarkus_bind_address`| Address for binding service ports | `0.0.0.0` |
|`keycloak_quarkus_host`| hostname | `localhost` |
|`keycloak_quarkus_http_port`| HTTP port | `8080` |
|`keycloak_quarkus_https_port`| TLS HTTP port | `8443` |
|`keycloak_quarkus_ajp_port`| AJP port | `8009` |
|`keycloak_quarkus_jgroups_port`| jgroups cluster tcp port | `7600` |
|`keycloak_quarkus_java_opts`| Additional JVM options | `-Xms1024m -Xmx2048m` |
|`keycloak_quarkus_service_user`| Posix account username | `keycloak` |
|`keycloak_quarkus_service_group`| Posix account group | `keycloak` |
|`keycloak_quarkus_service_pidfile`| Pid file path for service | `/run/keycloak.pid` |
|`keycloak_quarkus_jvm_package`| RHEL java package runtime | `java-11-openjdk-headless` |
|`keycloak_quarkus_frontend_url`| Service public URL | `http://localhost:8080/auth` |
|`keycloak_quarkus_http_relative_path` | Service context path | `auth` |
* Database configuration
| Variable | Description | Default |
|:---------|:------------|:--------|
|`keycloak_quarkus_jdbc_engine` | Database engine [mariadb,postres] | `postgres` |
|`keycloak_quarkus_db_user` | User for database connection | `keycloak-user` |
|`keycloak_quarkus_db_pass` | Password for database connection | `keycloak-pass` |
|`keycloak_quarkus_jdbc_url` | JDBC URL for connecting to database | `jdbc:postgresql://localhost:5432/keycloak` |
|`keycloak_quarkus_jdbc_driver_version` | Version for JDBC driver | `9.4.1212` |
* Remote caches configuration
| Variable | Description | Default |
|:---------|:------------|:--------|
|`keycloak_quarkus_ispn_user` | Username for connecting to infinispan | `supervisor` |
|`keycloak_quarkus_ispn_pass` | Password for connecting to infinispan | `supervisor` |
|`keycloak_quarkus_ispn_url` | URL for connecting to infinispan | `localhost` |
|`keycloak_quarkus_ispn_sasl_mechanism` | Infinispan auth mechanism | `SCRAM-SHA-512` |
|`keycloak_quarkus_ispn_use_ssl` | Whether infinispan uses TLS connection | `false` |
|`keycloak_quarkus_ispn_trust_store_path` | Path to infinispan server trust certificate | `/etc/pki/java/cacerts` |
|`keycloak_quarkus_ispn_trust_store_password` | Password for infinispan certificate keystore | `changeit` |
* Install options
| Variable | Description | Default |
|:---------|:------------|:---------|
|`keycloak_quarkus_offline_install` | Perform an offline install | `False`|
|`keycloak_quarkus_download_url`| Download URL for keycloak | `https://github.com/keycloak/keycloak/releases/download/<version>/<archive>`|
|`keycloak_quarkus_version`| keycloak.org package version | `17.0.1` |
|`keycloak_quarkus_dest`| Installation root path | `/opt/keycloak` |
|`keycloak_quarkus_download_url` | Download URL for keycloak | `https://github.com/keycloak/keycloak/releases/download/{{ keycloak_quarkus_version }}/{{ keycloak_quarkus_archive }}` |
|`keycloak_quarkus_configure_firewalld` | Ensure firewalld is running and configure keycloak ports | `False` |
* Miscellaneous configuration
| Variable | Description | Default |
|:---------|:------------|:--------|
|`keycloak_quarkus_metrics_enabled`| Whether to enable metrics | `False` |
|`keycloak_quarkus_archive` | keycloak install archive filename | `keycloak-{{ keycloak_quarkus_version }}.zip` |
|`keycloak_quarkus_installdir` | Installation path | `{{ keycloak_quarkus_dest }}/keycloak-{{ keycloak_quarkus_version }}` |
|`keycloak_quarkus_home` | Installation work directory | `{{ keycloak_quarkus_installdir }}` |
|`keycloak_quarkus_config_dir` | Path for configuration | `{{ keycloak_quarkus_home }}/conf` |
|`keycloak_quarkus_master_realm` | Name for rest authentication realm | `master` |
|`keycloak_auth_client` | Authentication client for configuration REST calls | `admin-cli` |
|`keycloak_force_install` | Remove pre-existing versions of service | `False` |
|`keycloak_url` | URL for configuration rest calls | `http://{{ keycloak_quarkus_host }}:{{ keycloak_http_port }}` |
|`keycloak_management_url` | URL for management console rest calls | `http://{{ keycloak_quarkus_host }}:{{ keycloak_management_http_port }}` |
Role Variables
--------------
| Variable | Description |
|:---------|:------------|
|`keycloak_quarkus_admin_pass`| Password of console admin account |
License
-------
Apache License 2.0
Author Information
------------------
* [Guido Grazioli](https://github.com/guidograzioli)

View File

@ -4,200 +4,200 @@ argument_specs:
keycloak_quarkus_version: keycloak_quarkus_version:
# line 3 of defaults/main.yml # line 3 of defaults/main.yml
default: "17.0.1" default: "17.0.1"
description: "TODO document argument" description: "keycloak.org package version"
type: "str" type: "str"
keycloak_quarkus_archive: keycloak_quarkus_archive:
# line 4 of defaults/main.yml # line 4 of defaults/main.yml
default: "keycloak-{{ keycloak_quarkus_version }}.zip" default: "keycloak-{{ keycloak_quarkus_version }}.zip"
description: "TODO document argument" description: "keycloak install archive filename"
type: "str" type: "str"
keycloak_quarkus_download_url: keycloak_quarkus_download_url:
# line 5 of defaults/main.yml # line 5 of defaults/main.yml
default: "https://github.com/keycloak/keycloak/releases/download/{{ keycloak_quarkus_version }}/{{ keycloak_quarkus_archive }}" default: "https://github.com/keycloak/keycloak/releases/download/{{ keycloak_quarkus_version }}/{{ keycloak_quarkus_archive }}"
description: "TODO document argument" description: "Download URL for keycloak"
type: "str" type: "str"
keycloak_quarkus_installdir: keycloak_quarkus_installdir:
# line 6 of defaults/main.yml # line 6 of defaults/main.yml
default: "{{ keycloak_quarkus_dest }}/keycloak-{{ keycloak_quarkus_version }}" default: "{{ keycloak_quarkus_dest }}/keycloak-{{ keycloak_quarkus_version }}"
description: "TODO document argument" description: "Installation path"
type: "str" type: "str"
keycloak_quarkus_offline_install: keycloak_quarkus_offline_install:
# line 9 of defaults/main.yml # line 9 of defaults/main.yml
default: false default: false
description: "TODO document argument" description: "Perform an offline install"
type: "bool" type: "bool"
keycloak_quarkus_jvm_package: keycloak_quarkus_jvm_package:
# line 12 of defaults/main.yml # line 12 of defaults/main.yml
default: "java-11-openjdk-headless" default: "java-11-openjdk-headless"
description: "TODO document argument" description: "RHEL java package runtime"
type: "str" type: "str"
keycloak_quarkus_dest: keycloak_quarkus_dest:
# line 13 of defaults/main.yml # line 13 of defaults/main.yml
default: "/opt/keycloak" default: "/opt/keycloak"
description: "TODO document argument" description: "Installation root path"
type: "str" type: "str"
keycloak_quarkus_home: keycloak_quarkus_home:
# line 14 of defaults/main.yml # line 14 of defaults/main.yml
default: "{{ keycloak_quarkus_installdir }}" default: "{{ keycloak_quarkus_installdir }}"
description: "TODO document argument" description: "Installation work directory"
type: "str" type: "str"
keycloak_quarkus_config_dir: keycloak_quarkus_config_dir:
# line 15 of defaults/main.yml # line 15 of defaults/main.yml
default: "{{ keycloak_quarkus_home }}/conf" default: "{{ keycloak_quarkus_home }}/conf"
description: "TODO document argument" description: "Path for configuration"
type: "str" type: "str"
keycloak_quarkus_service_user: keycloak_quarkus_service_user:
# line 16 of defaults/main.yml # line 16 of defaults/main.yml
default: "keycloak" default: "keycloak"
description: "TODO document argument" description: "Posix account username"
type: "str" type: "str"
keycloak_quarkus_service_group: keycloak_quarkus_service_group:
# line 17 of defaults/main.yml # line 17 of defaults/main.yml
default: "keycloak" default: "keycloak"
description: "TODO document argument" description: "Posix account group"
type: "str" type: "str"
keycloak_quarkus_service_pidfile: keycloak_quarkus_service_pidfile:
# line 18 of defaults/main.yml # line 18 of defaults/main.yml
default: "/run/keycloak.pid" default: "/run/keycloak.pid"
description: "TODO document argument" description: "Pid file path for service"
type: "str" type: "str"
keycloak_quarkus_configure_firewalld: keycloak_quarkus_configure_firewalld:
# line 19 of defaults/main.yml # line 19 of defaults/main.yml
default: false default: false
description: "TODO document argument" description: "Ensure firewalld is running and configure keycloak ports"
type: "bool" type: "bool"
keycloak_quarkus_admin_user: keycloak_quarkus_admin_user:
# line 22 of defaults/main.yml # line 22 of defaults/main.yml
default: "admin" default: "admin"
description: "TODO document argument" description: "Administration console user account"
type: "str" type: "str"
keycloak_quarkus_admin_pass: keycloak_quarkus_admin_pass:
# line 23 of defaults/main.yml # line 23 of defaults/main.yml
default: "" default: ""
description: "TODO document argument" description: "Password of console admin account"
type: "str" type: "str"
keycloak_quarkus_master_realm: keycloak_quarkus_master_realm:
# line 24 of defaults/main.yml # line 24 of defaults/main.yml
default: "master" default: "master"
description: "TODO document argument" description: "Name for rest authentication realm"
type: "str" type: "str"
keycloak_quarkus_bind_address: keycloak_quarkus_bind_address:
# line 27 of defaults/main.yml # line 27 of defaults/main.yml
default: "0.0.0.0" default: "0.0.0.0"
description: "TODO document argument" description: "Address for binding service ports"
type: "str" type: "str"
keycloak_quarkus_host: keycloak_quarkus_host:
# line 28 of defaults/main.yml # line 28 of defaults/main.yml
default: "localhost" default: "localhost"
description: "TODO document argument" description: "hostname"
type: "str" type: "str"
keycloak_quarkus_http_port: keycloak_quarkus_http_port:
# line 29 of defaults/main.yml # line 29 of defaults/main.yml
default: 8080 default: 8080
description: "TODO document argument" description: "HTTP port"
type: "int" type: "int"
keycloak_quarkus_https_port: keycloak_quarkus_https_port:
# line 30 of defaults/main.yml # line 30 of defaults/main.yml
default: 8443 default: 8443
description: "TODO document argument" description: "HTTPS port"
type: "int" type: "int"
keycloak_quarkus_ajp_port: keycloak_quarkus_ajp_port:
# line 31 of defaults/main.yml # line 31 of defaults/main.yml
default: 8009 default: 8009
description: "TODO document argument" description: "AJP port"
type: "int" type: "int"
keycloak_quarkus_jgroups_port: keycloak_quarkus_jgroups_port:
# line 32 of defaults/main.yml # line 32 of defaults/main.yml
default: 7600 default: 7600
description: "TODO document argument" description: "jgroups cluster tcp port"
type: "int" type: "int"
keycloak_quarkus_java_opts: keycloak_quarkus_java_opts:
# line 33 of defaults/main.yml # line 33 of defaults/main.yml
default: "-Xms1024m -Xmx2048m" default: "-Xms1024m -Xmx2048m"
description: "TODO document argument" description: "Additional JVM options"
type: "str" type: "str"
keycloak_quarkus_ha_enabled: keycloak_quarkus_ha_enabled:
# line 36 of defaults/main.yml # line 36 of defaults/main.yml
default: false default: false
description: "TODO document argument" description: "Enable auto configuration for database backend, clustering and remote caches on infinispan"
type: "bool" type: "bool"
keycloak_quarkus_db_enabled: keycloak_quarkus_db_enabled:
# line 38 of defaults/main.yml # line 38 of defaults/main.yml
default: "{{ True if keycloak_quarkus_ha_enabled else False }}" default: "{{ True if keycloak_quarkus_ha_enabled else False }}"
description: "TODO document argument" description: "Enable auto configuration for database backend"
type: "str" type: "str"
keycloak_quarkus_http_relative_path: keycloak_quarkus_http_relative_path:
# line 41 of defaults/main.yml # line 41 of defaults/main.yml
default: "auth" default: "auth"
description: "TODO document argument" description: "Service context path"
type: "str" type: "str"
keycloak_quarkus_frontend_url: keycloak_quarkus_frontend_url:
# line 41 of defaults/main.yml # line 41 of defaults/main.yml
default: "http://localhost:8080/auth" default: "http://localhost:8080/auth"
description: "TODO document argument" description: "Service public URL"
type: "str" type: "str"
keycloak_quarkus_metrics_enabled: keycloak_quarkus_metrics_enabled:
# line 43 of defaults/main.yml # line 43 of defaults/main.yml
default: false default: false
description: "TODO document argument" description: "Whether to enable metrics"
type: "bool" type: "bool"
keycloak_quarkus_ispn_user: keycloak_quarkus_ispn_user:
# line 46 of defaults/main.yml # line 46 of defaults/main.yml
default: "supervisor" default: "supervisor"
description: "TODO document argument" description: "Username for connecting to infinispan"
type: "str" type: "str"
keycloak_quarkus_ispn_pass: keycloak_quarkus_ispn_pass:
# line 47 of defaults/main.yml # line 47 of defaults/main.yml
default: "supervisor" default: "supervisor"
description: "TODO document argument" description: "Password for connecting to infinispan"
type: "str" type: "str"
keycloak_quarkus_ispn_url: keycloak_quarkus_ispn_url:
# line 48 of defaults/main.yml # line 48 of defaults/main.yml
default: "localhost" default: "localhost"
description: "TODO document argument" description: "URL for connecting to infinispan"
type: "str" type: "str"
keycloak_quarkus_ispn_sasl_mechanism: keycloak_quarkus_ispn_sasl_mechanism:
# line 49 of defaults/main.yml # line 49 of defaults/main.yml
default: "SCRAM-SHA-512" default: "SCRAM-SHA-512"
description: "TODO document argument" description: "Infinispan auth mechanism"
type: "str" type: "str"
keycloak_quarkus_ispn_use_ssl: keycloak_quarkus_ispn_use_ssl:
# line 50 of defaults/main.yml # line 50 of defaults/main.yml
default: false default: false
description: "TODO document argument" description: "Whether infinispan uses TLS connection"
type: "bool" type: "bool"
keycloak_quarkus_ispn_trust_store_path: keycloak_quarkus_ispn_trust_store_path:
# line 52 of defaults/main.yml # line 52 of defaults/main.yml
default: "/etc/pki/java/cacerts" default: "/etc/pki/java/cacerts"
description: "TODO document argument" description: "Path to infinispan server trust certificate"
type: "str" type: "str"
keycloak_quarkus_ispn_trust_store_password: keycloak_quarkus_ispn_trust_store_password:
# line 53 of defaults/main.yml # line 53 of defaults/main.yml
default: "changeit" default: "changeit"
description: "TODO document argument" description: "Password for infinispan certificate keystore"
type: "str" type: "str"
keycloak_quarkus_jdbc_engine: keycloak_quarkus_jdbc_engine:
# line 56 of defaults/main.yml # line 56 of defaults/main.yml
default: "postgres" default: "postgres"
description: "TODO document argument" description: "Database engine [mariadb,postres]"
type: "str" type: "str"
keycloak_quarkus_db_user: keycloak_quarkus_db_user:
# line 58 of defaults/main.yml # line 58 of defaults/main.yml
default: "keycloak-user" default: "keycloak-user"
description: "TODO document argument" description: "User for database connection"
type: "str" type: "str"
keycloak_quarkus_db_pass: keycloak_quarkus_db_pass:
# line 59 of defaults/main.yml # line 59 of defaults/main.yml
default: "keycloak-pass" default: "keycloak-pass"
description: "TODO document argument" description: "Password for database connection"
type: "str" type: "str"
keycloak_quarkus_jdbc_url: keycloak_quarkus_jdbc_url:
# line 60 of defaults/main.yml # line 60 of defaults/main.yml
default: "{{ keycloak_quarkus_default_jdbc[keycloak_quarkus_jdbc_engine].url }}" default: "{{ keycloak_quarkus_default_jdbc[keycloak_quarkus_jdbc_engine].url }}"
description: "TODO document argument" description: "JDBC URL for connecting to database"
type: "str" type: "str"
keycloak_quarkus_jdbc_driver_version: keycloak_quarkus_jdbc_driver_version:
# line 61 of defaults/main.yml # line 61 of defaults/main.yml
default: "{{ keycloak_quarkus_default_jdbc[keycloak_quarkus_jdbc_engine].version }}" default: "{{ keycloak_quarkus_default_jdbc[keycloak_quarkus_jdbc_engine].version }}"
description: "TODO document argument" description: "Version for JDBC driver"
type: "str" type: "str"