mirror of
				https://github.com/ansible-middleware/keycloak.git
				synced 2025-10-25 05:24:07 -07:00 
			
		
		
		
	Merge pull request #87 from world-direct/feature/profiles
Keycloak: add feature enabling/disabling
This commit is contained in:
		
				commit
				
					
						24eaacc1ac
					
				
			
		
					 6 changed files with 26 additions and 2 deletions
				
			
		|  | @ -77,6 +77,7 @@ Role Defaults | ||||||
| |`keycloak_service_startlimitburst`| systemd StartLimitBurst | `5` if `keycloak_service_restart_on_failure` else `` | | |`keycloak_service_startlimitburst`| systemd StartLimitBurst | `5` if `keycloak_service_restart_on_failure` else `` | | ||||||
| |`keycloak_service_restartsec`| systemd RestartSec | `10s` if `keycloak_service_restart_on_failure` else `` | | |`keycloak_service_restartsec`| systemd RestartSec | `10s` if `keycloak_service_restart_on_failure` else `` | | ||||||
| |`keycloak_service_pidfile`| pid file path for service | `/run/keycloak.pid` | | |`keycloak_service_pidfile`| pid file path for service | `/run/keycloak.pid` | | ||||||
|  | |`keycloak_features` | List of `name`/`status` pairs of features (also known as profiles on RH-SSO) to `enable` or `disable`, example: `[ { name: 'docker', status: 'enabled' } ]` | `[]` | ||||||
| |`keycloak_jvm_package`| RHEL java package runtime | `java-1.8.0-openjdk-headless` | | |`keycloak_jvm_package`| RHEL java package runtime | `java-1.8.0-openjdk-headless` | | ||||||
| |`keycloak_java_home`| JAVA_HOME of installed JRE, leave empty for using specified keycloak_jvm_package RPM path | `None` | | |`keycloak_java_home`| JAVA_HOME of installed JRE, leave empty for using specified keycloak_jvm_package RPM path | `None` | | ||||||
| |`keycloak_java_opts`| Additional JVM options | `-Xms1024m -Xmx2048m` | | |`keycloak_java_opts`| Additional JVM options | `-Xms1024m -Xmx2048m` | | ||||||
|  |  | ||||||
|  | @ -16,6 +16,7 @@ keycloak_config_dir: "{{ keycloak_jboss_home }}/standalone/configuration" | ||||||
| keycloak_config_standalone_xml: "keycloak.xml" | keycloak_config_standalone_xml: "keycloak.xml" | ||||||
| keycloak_config_path_to_standalone_xml: "{{ keycloak_jboss_home }}/standalone/configuration/{{ keycloak_config_standalone_xml }}" | keycloak_config_path_to_standalone_xml: "{{ keycloak_jboss_home }}/standalone/configuration/{{ keycloak_config_standalone_xml }}" | ||||||
| keycloak_config_override_template: '' | keycloak_config_override_template: '' | ||||||
|  | keycloak_config_path_to_properties: "{{ keycloak_jboss_home }}/standalone/configuration/profile.properties" | ||||||
| keycloak_service_user: keycloak | keycloak_service_user: keycloak | ||||||
| keycloak_service_group: keycloak | keycloak_service_group: keycloak | ||||||
| keycloak_service_pidfile: "/run/keycloak.pid" | keycloak_service_pidfile: "/run/keycloak.pid" | ||||||
|  | @ -45,6 +46,7 @@ keycloak_management_http_port: 9990 | ||||||
| keycloak_management_https_port: 9993 | keycloak_management_https_port: 9993 | ||||||
| keycloak_java_opts: "-Xms1024m -Xmx2048m" | keycloak_java_opts: "-Xms1024m -Xmx2048m" | ||||||
| keycloak_prefer_ipv4: True | keycloak_prefer_ipv4: True | ||||||
|  | keycloak_features: [] | ||||||
| 
 | 
 | ||||||
| ### Enable configuration for database backend, clustering and remote caches on infinispan | ### Enable configuration for database backend, clustering and remote caches on infinispan | ||||||
| keycloak_ha_enabled: False | keycloak_ha_enabled: False | ||||||
|  |  | ||||||
|  | @ -89,6 +89,11 @@ argument_specs: | ||||||
|                 default: "/run/keycloak.pid" |                 default: "/run/keycloak.pid" | ||||||
|                 description: "PID file path for service" |                 description: "PID file path for service" | ||||||
|                 type: "str" |                 type: "str" | ||||||
|  |             keycloak_features: | ||||||
|  |                 # line 17 of keycloak/defaults/main.yml | ||||||
|  |                 default: "[]" | ||||||
|  |                 description: "List of `name`/`status` pairs of features (also known as profiles on RH-SSO) to `enable` or `disable`, example: `[ { name: 'docker', status: 'enabled' } ]`" | ||||||
|  |                 type: "list" | ||||||
|             keycloak_bind_address: |             keycloak_bind_address: | ||||||
|                 # line 34 of keycloak/defaults/main.yml |                 # line 34 of keycloak/defaults/main.yml | ||||||
|                 default: "0.0.0.0" |                 default: "0.0.0.0" | ||||||
|  | @ -96,7 +101,7 @@ argument_specs: | ||||||
|                 type: "str" |                 type: "str" | ||||||
|             keycloak_management_port_bind_address: |             keycloak_management_port_bind_address: | ||||||
|                 default: "127.0.0.1" |                 default: "127.0.0.1" | ||||||
|                 description: "Address for binding the managemnt ports" |                 description: "Address for binding the management ports" | ||||||
|                 type: "str" |                 type: "str" | ||||||
|             keycloak_host: |             keycloak_host: | ||||||
|                 # line 35 of keycloak/defaults/main.yml |                 # line 35 of keycloak/defaults/main.yml | ||||||
|  |  | ||||||
|  | @ -268,3 +268,15 @@ | ||||||
|     - keycloak_ha_enabled |     - keycloak_ha_enabled | ||||||
|     - keycloak_remote_cache_enabled |     - keycloak_remote_cache_enabled | ||||||
|     - keycloak_config_override_template | length == 0 |     - keycloak_config_override_template | length == 0 | ||||||
|  | 
 | ||||||
|  | - name: "Deploy profile.properties file to {{ keycloak_config_path_to_properties }}" | ||||||
|  |   become: yes | ||||||
|  |   ansible.builtin.template: | ||||||
|  |     src: keycloak-profile.properties.j2 | ||||||
|  |     dest: "{{ keycloak_config_path_to_properties }}" | ||||||
|  |     owner: "{{ keycloak_service_user }}" | ||||||
|  |     group: "{{ keycloak_service_group }}" | ||||||
|  |     mode: 0640 | ||||||
|  |   notify: | ||||||
|  |     - restart keycloak | ||||||
|  |   when: keycloak_features | length > 0 | ||||||
|  |  | ||||||
							
								
								
									
										3
									
								
								roles/keycloak/templates/keycloak-profile.properties.j2
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										3
									
								
								roles/keycloak/templates/keycloak-profile.properties.j2
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,3 @@ | ||||||
|  | {% for feature in keycloak.features %} | ||||||
|  | feature.{{ feature.name }}={{ feature.status | default('enabled') }} | ||||||
|  | {% endfor %} | ||||||
|  | @ -14,6 +14,7 @@ keycloak: | ||||||
|   health_url: "{{ keycloak_management_url }}/health" |   health_url: "{{ keycloak_management_url }}/health" | ||||||
|   cli_path: "{{ keycloak_jboss_home }}/bin/jboss-cli.sh" |   cli_path: "{{ keycloak_jboss_home }}/bin/jboss-cli.sh" | ||||||
|   config_template_source: "{{ keycloak_config_override_template if keycloak_config_override_template | length > 0 else 'standalone-ha.xml.j2' if keycloak_remote_cache_enabled else 'standalone.xml.j2' }}" |   config_template_source: "{{ keycloak_config_override_template if keycloak_config_override_template | length > 0 else 'standalone-ha.xml.j2' if keycloak_remote_cache_enabled else 'standalone.xml.j2' }}" | ||||||
|  |   features: "{{ keycloak_features }}" | ||||||
| 
 | 
 | ||||||
| # database | # database | ||||||
| keycloak_jdbc: | keycloak_jdbc: | ||||||
|  |  | ||||||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue