mirror of
				https://github.com/ansible-middleware/keycloak.git
				synced 2025-10-25 05:24:07 -07:00 
			
		
		
		
	Update docs for main
Signed-off-by: ansible-middleware-core <ansible-middleware-core@redhat.com>
This commit is contained in:
		
					parent
					
						
							
								1b230b3031
							
						
					
				
			
			
				commit
				
					
						0e2fa72b4f
					
				
			
		
					 6 changed files with 40 additions and 40 deletions
				
			
		|  | @ -184,9 +184,9 @@ | |||
| <p>For full service configuration details, refer to the <a class="reference external" href="https://github.com/ansible-middleware/keycloak/blob/main/roles/keycloak/README.md">keycloak role README</a>.</p> | ||||
| <section id="install-from-controller-node-offline"> | ||||
| <h4>Install from controller node (offline)<a class="headerlink" href="#install-from-controller-node-offline" title="Link to this heading"></a></h4> | ||||
| <p>Making the keycloak zip archive available to the playbook working directory, and setting <code class="docutils literal notranslate"><span class="pre">keycloak_offline_install</span></code> to <code class="docutils literal notranslate"><span class="pre">True</span></code>, allows to skip | ||||
| <p>Making the keycloak zip archive available to the playbook working directory, and setting <code class="docutils literal notranslate"><span class="pre">keycloak_offline_install</span></code> to <code class="docutils literal notranslate"><span class="pre">true</span></code>, allows to skip | ||||
| the download tasks. The local path for the archive does match the downloaded archive path, so that it is also used as a cache when multiple hosts are provisioned in a cluster.</p> | ||||
| <div class="highlight-yaml notranslate"><div class="highlight"><pre><span></span><span class="nt">keycloak_offline_install</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">True</span> | ||||
| <div class="highlight-yaml notranslate"><div class="highlight"><pre><span></span><span class="nt">keycloak_offline_install</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">true</span> | ||||
| </pre></div> | ||||
| </div> | ||||
| <!--start rhn_credentials --> | ||||
|  |  | |||
|  | @ -10,7 +10,7 @@ | |||
|           - TestClient1Admin | ||||
|           - TestClient1User | ||||
|         realm: TestRealm | ||||
|         public_client: True | ||||
|         public_client: true | ||||
|         web_origins: | ||||
|           - http://testclient1origin/application | ||||
|           - http://testclient1origin/other | ||||
|  |  | |||
|  | @ -66,11 +66,11 @@ For full service configuration details, refer to the [keycloak role README](http | |||
| 
 | ||||
| #### Install from controller node (offline) | ||||
| 
 | ||||
| Making the keycloak zip archive available to the playbook working directory, and setting `keycloak_offline_install` to `True`, allows to skip | ||||
| Making the keycloak zip archive available to the playbook working directory, and setting `keycloak_offline_install` to `true`, allows to skip | ||||
| the download tasks. The local path for the archive does match the downloaded archive path, so that it is also used as a cache when multiple hosts are provisioned in a cluster. | ||||
| 
 | ||||
| ```yaml | ||||
| keycloak_offline_install: True | ||||
| keycloak_offline_install: true | ||||
| ``` | ||||
| 
 | ||||
| 
 | ||||
|  |  | |||
|  | @ -39,7 +39,7 @@ Versions | |||
| Patching | ||||
| -------- | ||||
| 
 | ||||
| When variable `keycloak_rhsso_apply_patches` is `True` (default: `False`), the role will automatically apply the latest cumulative patch for the selected base version. | ||||
| When variable `keycloak_rhsso_apply_patches` is `true` (default: `false`), the role will automatically apply the latest cumulative patch for the selected base version. | ||||
| 
 | ||||
| | RH-SSO VERSION | Release Date      | RH-SSO LATEST CP | Notes           | | ||||
| |:---------------|:------------------|:-----------------|:----------------| | ||||
|  | @ -55,7 +55,7 @@ Role Defaults | |||
| | Variable | Description | Default | | ||||
| |:---------|:------------|:---------| | ||||
| |`keycloak_ha_enabled`| Enable auto configuration for database backend, clustering and remote caches on infinispan | `False` | | ||||
| |`keycloak_ha_discovery`| Discovery protocol for HA cluster members | `JDBC_PING` if keycloak_db_enabled else `TCPPING` | | ||||
| |`keycloak_ha_discovery`| Discovery protocol for HA cluster members | `JDBC_PING` if `keycloak_db_enabled` else `TCPPING` | | ||||
| |`keycloak_db_enabled`| Enable auto configuration for database backend | `True` if `keycloak_ha_enabled` is True, else `False` | | ||||
| |`keycloak_remote_cache_enabled`| Enable remote cache store when in clustered ha configurations | `True` if `keycloak_ha_enabled` else `False` | | ||||
| |`keycloak_admin_user`| Administration console user account | `admin` | | ||||
|  | @ -68,19 +68,19 @@ Role Defaults | |||
| |`keycloak_jgroups_port`| jgroups cluster tcp port | `7600` | | ||||
| |`keycloak_management_http_port`| Management port | `9990` | | ||||
| |`keycloak_management_https_port`| TLS management port | `9993` | | ||||
| |`keycloak_prefer_ipv4`| Prefer IPv4 stack and addresses for port binding | `True` | | ||||
| |`keycloak_prefer_ipv4`| Prefer IPv4 stack and addresses for port binding | `true` | | ||||
| |`keycloak_config_standalone_xml`| filename for configuration | `keycloak.xml` | | ||||
| |`keycloak_service_user`| posix account username | `keycloak` | | ||||
| |`keycloak_service_group`| posix account group | `keycloak` | | ||||
| |`keycloak_service_restart_always`| systemd restart always behavior activation | `False` | ||||
| |`keycloak_service_restart_on_failure`| systemd restart on-failure behavior activation | `False` | ||||
| |`keycloak_service_restart_always`| systemd restart always behavior activation | `False` | | ||||
| |`keycloak_service_restart_on_failure`| systemd restart on-failure behavior activation | `False` | | ||||
| |`keycloak_service_startlimitintervalsec`| systemd StartLimitIntervalSec | `300` | | ||||
| |`keycloak_service_startlimitburst`| systemd StartLimitBurst | `5` | | ||||
| |`keycloak_service_restartsec`| systemd RestartSec | `10s` | | ||||
| |`keycloak_service_pidfile`| pid file path for service | `/run/keycloak/keycloak.pid` | | ||||
| |`keycloak_features` | List of `name`/`status` pairs of features (also known as profiles on RH-SSO) to `enable` or `disable`, example: `[ { name: 'docker', status: 'enabled' } ]` | `[]` | ||||
| |`keycloak_jvm_package`| RHEL java package runtime | `java-1.8.0-openjdk-headless` | | ||||
| |`keycloak_java_home`| JAVA_HOME of installed JRE, leave empty for using specified keycloak_jvm_package RPM path | `None` | | ||||
| |`keycloak_java_home`| `JAVA_HOME` of installed JRE, leave empty for using RPM path at `keycloak_jvm_package` | `None` | | ||||
| |`keycloak_java_opts`| Additional JVM options | `-Xms1024m -Xmx2048m` | | ||||
| 
 | ||||
| 
 | ||||
|  | @ -88,12 +88,12 @@ Role Defaults | |||
| 
 | ||||
| | Variable | Description | Default | | ||||
| |:---------|:------------|:---------| | ||||
| |`keycloak_offline_install` | perform an offline install | `False`| | ||||
| |`keycloak_offline_install` | perform an offline install | `false`| | ||||
| |`keycloak_download_url`| Download URL for keycloak | `https://github.com/keycloak/keycloak/releases/download/<version>/<archive>`| | ||||
| |`keycloak_version`| keycloak.org package version | `18.0.2` | | ||||
| |`keycloak_dest`| Installation root path | `/opt/keycloak` | | ||||
| |`keycloak_download_url` | Download URL for keycloak | `https://github.com/keycloak/keycloak/releases/download/{{ keycloak_version }}/{{ keycloak_archive }}` | | ||||
| |`keycloak_configure_firewalld` | Ensure firewalld is running and configure keycloak ports | `False` | | ||||
| |`keycloak_configure_firewalld` | Ensure firewalld is running and configure keycloak ports | `false` | | ||||
| 
 | ||||
| 
 | ||||
| * Miscellaneous configuration | ||||
|  | @ -110,13 +110,13 @@ Role Defaults | |||
| |`keycloak_config_override_template` | Path to custom template for standalone.xml configuration | `''` | | ||||
| |`keycloak_auth_realm` | Name for rest authentication realm | `master` | | ||||
| |`keycloak_auth_client` | Authentication client for configuration REST calls | `admin-cli` | | ||||
| |`keycloak_force_install` | Remove pre-existing versions of service | `False` | | ||||
| |`keycloak_force_install` | Remove pre-existing versions of service | `false` | | ||||
| |`keycloak_url` | URL for configuration rest calls | `http://{{ keycloak_host }}:{{ keycloak_http_port + keycloak_jboss_port_offset }}` | | ||||
| |`keycloak_management_url` | URL for management console rest calls | `http://{{ keycloak_host }}:{{ keycloak_management_http_port + keycloak_jboss_port_offset }}` | | ||||
| |`keycloak_frontend_url_force` | Force backend requests to use the frontend URL | `False` | | ||||
| |`keycloak_db_background_validation` | Enable background validation of database connection | `False` | | ||||
| |`keycloak_frontend_url_force` | Force backend requests to use the frontend URL | `false` | | ||||
| |`keycloak_db_background_validation` | Enable background validation of database connection | `false` | | ||||
| |`keycloak_db_background_validation_millis`| How frequenly the connection pool is validated in the background | `10000` if background validation enabled | | ||||
| |`keycloak_db_background_validate_on_match` | Enable validate on match for database connections | `False` | | ||||
| |`keycloak_db_background_validate_on_match` | Enable validate on match for database connections | `false` | | ||||
| |`keycloak_frontend_url` | frontend URL for keycloak endpoint | `http://localhost:8080/auth/` | | ||||
| |`keycloak_log_target`| Set the destination of the keycloak log folder link | `/var/log/keycloak` | | ||||
| 
 | ||||
|  | @ -132,7 +132,7 @@ The following are a set of _required_ variables for the role: | |||
| |`keycloak_frontend_url` | frontend URL for keycloak endpoint | `http://localhost:8080/auth/` | | ||||
| 
 | ||||
| 
 | ||||
| The following parameters are _required_ only when `keycloak_ha_enabled` is True: | ||||
| The following parameters are _required_ only when `keycloak_ha_enabled` is true: | ||||
| 
 | ||||
| | Variable | Description | Default | | ||||
| |:---------|:------------|:--------| | ||||
|  | @ -150,7 +150,7 @@ The following parameters are _required_ only when `keycloak_ha_enabled` is True: | |||
| |`keycloak_infinispan_trust_store_password`| Password for opening truststore | `changeit` | | ||||
| 
 | ||||
| 
 | ||||
| The following parameters are _required_ only when `keycloak_db_enabled` is True: | ||||
| The following parameters are _required_ only when `keycloak_db_enabled` is true: | ||||
| 
 | ||||
| | Variable | Description | Default | | ||||
| |:---------|:------------|:---------| | ||||
|  | @ -196,7 +196,7 @@ Example Playbook | |||
|             name: keycloak | ||||
|           vars: | ||||
|             keycloak_admin_password: "remembertochangeme" | ||||
|             keycloak_offline_install: True | ||||
|             keycloak_offline_install: true | ||||
|             # This should be the filename of keycloak archive on Ansible node: keycloak-16.1.0.zip | ||||
| ``` | ||||
| 
 | ||||
|  |  | |||
|  | @ -168,7 +168,7 @@ | |||
| </section> | ||||
| <section id="patching"> | ||||
| <h2>Patching<a class="headerlink" href="#patching" title="Link to this heading"></a></h2> | ||||
| <p>When variable <code class="docutils literal notranslate"><span class="pre">keycloak_rhsso_apply_patches</span></code> is <code class="docutils literal notranslate"><span class="pre">True</span></code> (default: <code class="docutils literal notranslate"><span class="pre">False</span></code>), the role will automatically apply the latest cumulative patch for the selected base version.</p> | ||||
| <p>When variable <code class="docutils literal notranslate"><span class="pre">keycloak_rhsso_apply_patches</span></code> is <code class="docutils literal notranslate"><span class="pre">true</span></code> (default: <code class="docutils literal notranslate"><span class="pre">false</span></code>), the role will automatically apply the latest cumulative patch for the selected base version.</p> | ||||
| <table class="docutils align-default"> | ||||
| <thead> | ||||
| <tr class="row-odd"><th class="head text-left"><p>RH-SSO VERSION</p></th> | ||||
|  | @ -210,7 +210,7 @@ | |||
| </tr> | ||||
| <tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_ha_discovery</span></code></p></td> | ||||
| <td class="text-left"><p>Discovery protocol for HA cluster members</p></td> | ||||
| <td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">JDBC_PING</span></code> if keycloak_db_enabled else <code class="docutils literal notranslate"><span class="pre">TCPPING</span></code></p></td> | ||||
| <td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">JDBC_PING</span></code> if <code class="docutils literal notranslate"><span class="pre">keycloak_db_enabled</span></code> else <code class="docutils literal notranslate"><span class="pre">TCPPING</span></code></p></td> | ||||
| </tr> | ||||
| <tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_db_enabled</span></code></p></td> | ||||
| <td class="text-left"><p>Enable auto configuration for database backend</p></td> | ||||
|  | @ -262,7 +262,7 @@ | |||
| </tr> | ||||
| <tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_prefer_ipv4</span></code></p></td> | ||||
| <td class="text-left"><p>Prefer IPv4 stack and addresses for port binding</p></td> | ||||
| <td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">True</span></code></p></td> | ||||
| <td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">true</span></code></p></td> | ||||
| </tr> | ||||
| <tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_config_standalone_xml</span></code></p></td> | ||||
| <td class="text-left"><p>filename for configuration</p></td> | ||||
|  | @ -309,7 +309,7 @@ | |||
| <td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">java-1.8.0-openjdk-headless</span></code></p></td> | ||||
| </tr> | ||||
| <tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_java_home</span></code></p></td> | ||||
| <td class="text-left"><p>JAVA_HOME of installed JRE, leave empty for using specified keycloak_jvm_package RPM path</p></td> | ||||
| <td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">JAVA_HOME</span></code> of installed JRE, leave empty for using RPM path at <code class="docutils literal notranslate"><span class="pre">keycloak_jvm_package</span></code></p></td> | ||||
| <td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">None</span></code></p></td> | ||||
| </tr> | ||||
| <tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_java_opts</span></code></p></td> | ||||
|  | @ -331,7 +331,7 @@ | |||
| <tbody> | ||||
| <tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_offline_install</span></code></p></td> | ||||
| <td class="text-left"><p>perform an offline install</p></td> | ||||
| <td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">False</span></code></p></td> | ||||
| <td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">false</span></code></p></td> | ||||
| </tr> | ||||
| <tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_download_url</span></code></p></td> | ||||
| <td class="text-left"><p>Download URL for keycloak</p></td> | ||||
|  | @ -351,7 +351,7 @@ | |||
| </tr> | ||||
| <tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_configure_firewalld</span></code></p></td> | ||||
| <td class="text-left"><p>Ensure firewalld is running and configure keycloak ports</p></td> | ||||
| <td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">False</span></code></p></td> | ||||
| <td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">false</span></code></p></td> | ||||
| </tr> | ||||
| </tbody> | ||||
| </table> | ||||
|  | @ -408,7 +408,7 @@ | |||
| </tr> | ||||
| <tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_force_install</span></code></p></td> | ||||
| <td class="text-left"><p>Remove pre-existing versions of service</p></td> | ||||
| <td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">False</span></code></p></td> | ||||
| <td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">false</span></code></p></td> | ||||
| </tr> | ||||
| <tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_url</span></code></p></td> | ||||
| <td class="text-left"><p>URL for configuration rest calls</p></td> | ||||
|  | @ -420,11 +420,11 @@ | |||
| </tr> | ||||
| <tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_frontend_url_force</span></code></p></td> | ||||
| <td class="text-left"><p>Force backend requests to use the frontend URL</p></td> | ||||
| <td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">False</span></code></p></td> | ||||
| <td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">false</span></code></p></td> | ||||
| </tr> | ||||
| <tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_db_background_validation</span></code></p></td> | ||||
| <td class="text-left"><p>Enable background validation of database connection</p></td> | ||||
| <td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">False</span></code></p></td> | ||||
| <td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">false</span></code></p></td> | ||||
| </tr> | ||||
| <tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_db_background_validation_millis</span></code></p></td> | ||||
| <td class="text-left"><p>How frequenly the connection pool is validated in the background</p></td> | ||||
|  | @ -432,7 +432,7 @@ | |||
| </tr> | ||||
| <tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_db_background_validate_on_match</span></code></p></td> | ||||
| <td class="text-left"><p>Enable validate on match for database connections</p></td> | ||||
| <td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">False</span></code></p></td> | ||||
| <td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">false</span></code></p></td> | ||||
| </tr> | ||||
| <tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_frontend_url</span></code></p></td> | ||||
| <td class="text-left"><p>frontend URL for keycloak endpoint</p></td> | ||||
|  | @ -463,7 +463,7 @@ | |||
| </tr> | ||||
| </tbody> | ||||
| </table> | ||||
| <p>The following parameters are <em>required</em> only when <code class="docutils literal notranslate"><span class="pre">keycloak_ha_enabled</span></code> is True:</p> | ||||
| <p>The following parameters are <em>required</em> only when <code class="docutils literal notranslate"><span class="pre">keycloak_ha_enabled</span></code> is true:</p> | ||||
| <table class="docutils align-default"> | ||||
| <thead> | ||||
| <tr class="row-odd"><th class="head text-left"><p>Variable</p></th> | ||||
|  | @ -522,7 +522,7 @@ | |||
| </tr> | ||||
| </tbody> | ||||
| </table> | ||||
| <p>The following parameters are <em>required</em> only when <code class="docutils literal notranslate"><span class="pre">keycloak_db_enabled</span></code> is True:</p> | ||||
| <p>The following parameters are <em>required</em> only when <code class="docutils literal notranslate"><span class="pre">keycloak_db_enabled</span></code> is true:</p> | ||||
| <table class="docutils align-default"> | ||||
| <thead> | ||||
| <tr class="row-odd"><th class="head text-left"><p>Variable</p></th> | ||||
|  | @ -595,7 +595,7 @@ | |||
| <span class="w">            </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">keycloak</span> | ||||
| <span class="w">          </span><span class="nt">vars</span><span class="p">:</span> | ||||
| <span class="w">            </span><span class="nt">keycloak_admin_password</span><span class="p">:</span><span class="w"> </span><span class="s">"remembertochangeme"</span> | ||||
| <span class="w">            </span><span class="nt">keycloak_offline_install</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">True</span> | ||||
| <span class="w">            </span><span class="nt">keycloak_offline_install</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">true</span> | ||||
| <span class="w">            </span><span class="c1"># This should be the filename of keycloak archive on Ansible node: keycloak-16.1.0.zip</span> | ||||
| </pre></div> | ||||
| </div> | ||||
|  |  | |||
										
											
												File diff suppressed because one or more lines are too long
											
										
									
								
							
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue