ansible-collections/middleware_automation.keycloak
1
0
Fork 0
mirror of https://github.com/ansible-middleware/keycloak.git synced 2025-04-07 03:10:31 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Update docs for main

Browse source 
Signed-off-by: ansible-middleware-core <ansible-middleware-core@redhat.com>
This commit is contained in:
ansible-middleware-core 2023-12-01 11:43:16 +00:00
parent 1b230b3031
commit 0e2fa72b4f
6 changed files with 40 additions and 40 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
main/README.html
View file

@ -184,9 +184,9 @@
<p>For full service configuration details, refer to the <a class="reference external" href="https://github.com/ansible-middleware/keycloak/blob/main/roles/keycloak/README.md">keycloak role README</a>.</p>
<section id="install-from-controller-node-offline">
<h4>Install from controller node (offline)<a class="headerlink" href="#install-from-controller-node-offline" title="Link to this heading"></a></h4>
<p>Making the keycloak zip archive available to the playbook working directory, and setting <code class="docutils literal notranslate"><span class="pre">keycloak_offline_install</span></code> to <code class="docutils literal notranslate"><span class="pre">True</span></code>, allows to skip
<p>Making the keycloak zip archive available to the playbook working directory, and setting <code class="docutils literal notranslate"><span class="pre">keycloak_offline_install</span></code> to <code class="docutils literal notranslate"><span class="pre">true</span></code>, allows to skip
the download tasks. The local path for the archive does match the downloaded archive path, so that it is also used as a cache when multiple hosts are provisioned in a cluster.</p>
<div class="highlight-yaml notranslate"><div class="highlight"><pre><span></span><span class="nt">keycloak_offline_install</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">True</span>
<div class="highlight-yaml notranslate"><div class="highlight"><pre><span></span><span class="nt">keycloak_offline_install</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">true</span>
</pre></div>
</div>
<!--start rhn_credentials -->

14
main/_downloads/a0468922d38230cfdad1d445a6b10b9e/keycloak_realm.yml
View file

@ -10,17 +10,17 @@
- TestClient1Admin
- TestClient1User
realm: TestRealm
public_client: True
public_client: true
web_origins:
- http://testclient1origin/application
- http://testclient1origin/other
users:
- username: TestUser
password: password
client_roles:
- client: TestClient1
role: TestClient1User
realm: TestRealm
- username: TestUser
password: password
client_roles:
- client: TestClient1
role: TestClient1User
realm: TestRealm
roles:
- role: middleware_automation.keycloak.keycloak_realm
keycloak_realm: TestRealm

4
main/_sources/README.md.txt
View file

@ -66,11 +66,11 @@ For full service configuration details, refer to the [keycloak role README](http
#### Install from controller node (offline)
Making the keycloak zip archive available to the playbook working directory, and setting `keycloak_offline_install` to `True`, allows to skip
Making the keycloak zip archive available to the playbook working directory, and setting `keycloak_offline_install` to `true`, allows to skip
the download tasks. The local path for the archive does match the downloaded archive path, so that it is also used as a cache when multiple hosts are provisioned in a cluster.
```yaml
keycloak_offline_install: True
keycloak_offline_install: true
```

30
main/_sources/roles/keycloak.md.txt
View file

@ -39,7 +39,7 @@ Versions
Patching
--------
When variable `keycloak_rhsso_apply_patches` is `True` (default: `False`), the role will automatically apply the latest cumulative patch for the selected base version.
When variable `keycloak_rhsso_apply_patches` is `true` (default: `false`), the role will automatically apply the latest cumulative patch for the selected base version.
| RH-SSO VERSION | Release Date | RH-SSO LATEST CP | Notes |
|:---------------|:------------------|:-----------------|:----------------|
@ -55,7 +55,7 @@ Role Defaults
| Variable | Description | Default |
|:---------|:------------|:---------|
|`keycloak_ha_enabled`| Enable auto configuration for database backend, clustering and remote caches on infinispan | `False` |
|`keycloak_ha_discovery`| Discovery protocol for HA cluster members | `JDBC_PING` if keycloak_db_enabled else `TCPPING` |
|`keycloak_ha_discovery`| Discovery protocol for HA cluster members | `JDBC_PING` if `keycloak_db_enabled` else `TCPPING` |
|`keycloak_db_enabled`| Enable auto configuration for database backend | `True` if `keycloak_ha_enabled` is True, else `False` |
|`keycloak_remote_cache_enabled`| Enable remote cache store when in clustered ha configurations | `True` if `keycloak_ha_enabled` else `False` |
|`keycloak_admin_user`| Administration console user account | `admin` |
@ -68,19 +68,19 @@ Role Defaults
|`keycloak_jgroups_port`| jgroups cluster tcp port | `7600` |
|`keycloak_management_http_port`| Management port | `9990` |
|`keycloak_management_https_port`| TLS management port | `9993` |
|`keycloak_prefer_ipv4`| Prefer IPv4 stack and addresses for port binding | `True` |
|`keycloak_prefer_ipv4`| Prefer IPv4 stack and addresses for port binding | `true` |
|`keycloak_config_standalone_xml`| filename for configuration | `keycloak.xml` |
|`keycloak_service_user`| posix account username | `keycloak` |
|`keycloak_service_group`| posix account group | `keycloak` |
|`keycloak_service_restart_always`| systemd restart always behavior activation | `False`
|`keycloak_service_restart_on_failure`| systemd restart on-failure behavior activation | `False`
|`keycloak_service_restart_always`| systemd restart always behavior activation | `False` |
|`keycloak_service_restart_on_failure`| systemd restart on-failure behavior activation | `False` |
|`keycloak_service_startlimitintervalsec`| systemd StartLimitIntervalSec | `300` |
|`keycloak_service_startlimitburst`| systemd StartLimitBurst | `5` |
|`keycloak_service_restartsec`| systemd RestartSec | `10s` |
|`keycloak_service_pidfile`| pid file path for service | `/run/keycloak/keycloak.pid` |
|`keycloak_features` | List of `name`/`status` pairs of features (also known as profiles on RH-SSO) to `enable` or `disable`, example: `[ { name: 'docker', status: 'enabled' } ]` | `[]`
|`keycloak_jvm_package`| RHEL java package runtime | `java-1.8.0-openjdk-headless` |
|`keycloak_java_home`| JAVA_HOME of installed JRE, leave empty for using specified keycloak_jvm_package RPM path | `None` |
|`keycloak_java_home`| `JAVA_HOME` of installed JRE, leave empty for using RPM path at `keycloak_jvm_package` | `None` |
|`keycloak_java_opts`| Additional JVM options | `-Xms1024m -Xmx2048m` |
@ -88,12 +88,12 @@ Role Defaults
| Variable | Description | Default |
|:---------|:------------|:---------|
|`keycloak_offline_install` | perform an offline install | `False`|
|`keycloak_offline_install` | perform an offline install | `false`|
|`keycloak_download_url`| Download URL for keycloak | `https://github.com/keycloak/keycloak/releases/download/<version>/<archive>`|
|`keycloak_version`| keycloak.org package version | `18.0.2` |
|`keycloak_dest`| Installation root path | `/opt/keycloak` |
|`keycloak_download_url` | Download URL for keycloak | `https://github.com/keycloak/keycloak/releases/download/{{ keycloak_version }}/{{ keycloak_archive }}` |
|`keycloak_configure_firewalld` | Ensure firewalld is running and configure keycloak ports | `False` |
|`keycloak_configure_firewalld` | Ensure firewalld is running and configure keycloak ports | `false` |
* Miscellaneous configuration
@ -110,13 +110,13 @@ Role Defaults
|`keycloak_config_override_template` | Path to custom template for standalone.xml configuration | `''` |
|`keycloak_auth_realm` | Name for rest authentication realm | `master` |
|`keycloak_auth_client` | Authentication client for configuration REST calls | `admin-cli` |
|`keycloak_force_install` | Remove pre-existing versions of service | `False` |
|`keycloak_force_install` | Remove pre-existing versions of service | `false` |
|`keycloak_url` | URL for configuration rest calls | `http://{{ keycloak_host }}:{{ keycloak_http_port + keycloak_jboss_port_offset }}` |
|`keycloak_management_url` | URL for management console rest calls | `http://{{ keycloak_host }}:{{ keycloak_management_http_port + keycloak_jboss_port_offset }}` |
|`keycloak_frontend_url_force` | Force backend requests to use the frontend URL | `False` |
|`keycloak_db_background_validation` | Enable background validation of database connection | `False` |
|`keycloak_frontend_url_force` | Force backend requests to use the frontend URL | `false` |
|`keycloak_db_background_validation` | Enable background validation of database connection | `false` |
|`keycloak_db_background_validation_millis`| How frequenly the connection pool is validated in the background | `10000` if background validation enabled |
|`keycloak_db_background_validate_on_match` | Enable validate on match for database connections | `False` |
|`keycloak_db_background_validate_on_match` | Enable validate on match for database connections | `false` |
|`keycloak_frontend_url` | frontend URL for keycloak endpoint | `http://localhost:8080/auth/` |
|`keycloak_log_target`| Set the destination of the keycloak log folder link | `/var/log/keycloak` |
@ -132,7 +132,7 @@ The following are a set of _required_ variables for the role:
|`keycloak_frontend_url` | frontend URL for keycloak endpoint | `http://localhost:8080/auth/` |
The following parameters are _required_ only when `keycloak_ha_enabled` is True:
The following parameters are _required_ only when `keycloak_ha_enabled` is true:
| Variable | Description | Default |
|:---------|:------------|:--------|
@ -150,7 +150,7 @@ The following parameters are _required_ only when `keycloak_ha_enabled` is True:
|`keycloak_infinispan_trust_store_password`| Password for opening truststore | `changeit` |
The following parameters are _required_ only when `keycloak_db_enabled` is True:
The following parameters are _required_ only when `keycloak_db_enabled` is true:
| Variable | Description | Default |
|:---------|:------------|:---------|
@ -196,7 +196,7 @@ Example Playbook
name: keycloak
vars:
keycloak_admin_password: "remembertochangeme"
keycloak_offline_install: True
keycloak_offline_install: true
# This should be the filename of keycloak archive on Ansible node: keycloak-16.1.0.zip
```

26
main/roles/keycloak.html
View file

@ -168,7 +168,7 @@
</section>
<section id="patching">
<h2>Patching<a class="headerlink" href="#patching" title="Link to this heading"></a></h2>
<p>When variable <code class="docutils literal notranslate"><span class="pre">keycloak_rhsso_apply_patches</span></code> is <code class="docutils literal notranslate"><span class="pre">True</span></code> (default: <code class="docutils literal notranslate"><span class="pre">False</span></code>), the role will automatically apply the latest cumulative patch for the selected base version.</p>
<p>When variable <code class="docutils literal notranslate"><span class="pre">keycloak_rhsso_apply_patches</span></code> is <code class="docutils literal notranslate"><span class="pre">true</span></code> (default: <code class="docutils literal notranslate"><span class="pre">false</span></code>), the role will automatically apply the latest cumulative patch for the selected base version.</p>
<table class="docutils align-default">
<thead>
<tr class="row-odd"><th class="head text-left"><p>RH-SSO VERSION</p></th>
@ -210,7 +210,7 @@
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_ha_discovery</span></code></p></td>
<td class="text-left"><p>Discovery protocol for HA cluster members</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">JDBC_PING</span></code> if keycloak_db_enabled else <code class="docutils literal notranslate"><span class="pre">TCPPING</span></code></p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">JDBC_PING</span></code> if <code class="docutils literal notranslate"><span class="pre">keycloak_db_enabled</span></code> else <code class="docutils literal notranslate"><span class="pre">TCPPING</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_db_enabled</span></code></p></td>
<td class="text-left"><p>Enable auto configuration for database backend</p></td>
@ -262,7 +262,7 @@
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_prefer_ipv4</span></code></p></td>
<td class="text-left"><p>Prefer IPv4 stack and addresses for port binding</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">True</span></code></p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">true</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_config_standalone_xml</span></code></p></td>
<td class="text-left"><p>filename for configuration</p></td>
@ -309,7 +309,7 @@
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">java-1.8.0-openjdk-headless</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_java_home</span></code></p></td>
<td class="text-left"><p>JAVA_HOME of installed JRE, leave empty for using specified keycloak_jvm_package RPM path</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">JAVA_HOME</span></code> of installed JRE, leave empty for using RPM path at <code class="docutils literal notranslate"><span class="pre">keycloak_jvm_package</span></code></p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">None</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_java_opts</span></code></p></td>
@ -331,7 +331,7 @@
<tbody>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_offline_install</span></code></p></td>
<td class="text-left"><p>perform an offline install</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">False</span></code></p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">false</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_download_url</span></code></p></td>
<td class="text-left"><p>Download URL for keycloak</p></td>
@ -351,7 +351,7 @@
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_configure_firewalld</span></code></p></td>
<td class="text-left"><p>Ensure firewalld is running and configure keycloak ports</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">False</span></code></p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">false</span></code></p></td>
</tr>
</tbody>
</table>
@ -408,7 +408,7 @@
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_force_install</span></code></p></td>
<td class="text-left"><p>Remove pre-existing versions of service</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">False</span></code></p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">false</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_url</span></code></p></td>
<td class="text-left"><p>URL for configuration rest calls</p></td>
@ -420,11 +420,11 @@
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_frontend_url_force</span></code></p></td>
<td class="text-left"><p>Force backend requests to use the frontend URL</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">False</span></code></p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">false</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_db_background_validation</span></code></p></td>
<td class="text-left"><p>Enable background validation of database connection</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">False</span></code></p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">false</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_db_background_validation_millis</span></code></p></td>
<td class="text-left"><p>How frequenly the connection pool is validated in the background</p></td>
@ -432,7 +432,7 @@
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_db_background_validate_on_match</span></code></p></td>
<td class="text-left"><p>Enable validate on match for database connections</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">False</span></code></p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">false</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_frontend_url</span></code></p></td>
<td class="text-left"><p>frontend URL for keycloak endpoint</p></td>
@ -463,7 +463,7 @@
</tr>
</tbody>
</table>
<p>The following parameters are <em>required</em> only when <code class="docutils literal notranslate"><span class="pre">keycloak_ha_enabled</span></code> is True:</p>
<p>The following parameters are <em>required</em> only when <code class="docutils literal notranslate"><span class="pre">keycloak_ha_enabled</span></code> is true:</p>
<table class="docutils align-default">
<thead>
<tr class="row-odd"><th class="head text-left"><p>Variable</p></th>
@ -522,7 +522,7 @@
</tr>
</tbody>
</table>
<p>The following parameters are <em>required</em> only when <code class="docutils literal notranslate"><span class="pre">keycloak_db_enabled</span></code> is True:</p>
<p>The following parameters are <em>required</em> only when <code class="docutils literal notranslate"><span class="pre">keycloak_db_enabled</span></code> is true:</p>
<table class="docutils align-default">
<thead>
<tr class="row-odd"><th class="head text-left"><p>Variable</p></th>
@ -595,7 +595,7 @@
<span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">keycloak</span>
<span class="w"> </span><span class="nt">vars</span><span class="p">:</span>
<span class="w"> </span><span class="nt">keycloak_admin_password</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;remembertochangeme&quot;</span>
<span class="w"> </span><span class="nt">keycloak_offline_install</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">True</span>
<span class="w"> </span><span class="nt">keycloak_offline_install</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">true</span>
<span class="w"> </span><span class="c1"># This should be the filename of keycloak archive on Ansible node: keycloak-16.1.0.zip</span>
</pre></div>
</div>

2
main/searchindex.js
View file

File diff suppressed because one or more lines are too long