# {{ ansible_managed }}

# Database
# Database vendor [dev-file, dev-mem, mariadb, mssql, mysql, oracle, postgres]
#db=postgres
# The username of the database user.
#db-username=keycloak
# The password of the database user.
#db-password=password
# The full database JDBC URL. If not provided, a default URL is set based on the selected database vendor.
#db-url=jdbc:postgresql://localhost/keycloak

# Observability
# If the server should expose metrics and healthcheck endpoints.
#metrics-enabled=true

# HTTP
http-enabled=true
http-port=8080
https-port=8443
# The file path to a server certificate or certificate chain in PEM format.
#https-certificate-file=${kc.home.dir}conf/server.crt.pem
# The file path to a private key in PEM format.
#https-certificate-key-file=${kc.home.dir}conf/server.key.pem
# The proxy address forwarding mode if the server is behind a reverse proxy.
#proxy=reencrypt
# Do not attach route to cookies and rely on the session affinity capabilities from reverse proxy
#spi-sticky-session-encoder-infinispan-should-attach-route=false

# Hostname for the Keycloak server.
hostname={{ keycloak_quarkus_host }}
hostname-path={{ keycloak_quarkus_http_relative_path }}

# Cluster
#cache=ispn
#Defines the cache mechanism for high-availability. [local, ispn]
#cache-config-file=conf/cache-ispn.xml
#Defines the file from which cache configuration should be loaded from.
#cache-stack=tcp
#Define the default stack to use for cluster communication and node discovery. [tcp, udp, kubernetes, ec2, azure, google]

# Proxy
# The proxy address forwarding mode if the server is behind a reverse proxy. [edge, reencrypt, passthrough]
#proxy=

# Logging
# The format of log entries.
#log-format=%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p [%c] (%t) %s%e%n
# The log level of the root category or a comma-separated list of individual categories and their levels.
#log-level=info