mirror of
				https://github.com/ansible-middleware/keycloak.git
				synced 2025-10-24 21:14:10 -07:00 
			
		
		
		
	Merge pull request #87 from world-direct/feature/profiles
Keycloak: add feature enabling/disabling
This commit is contained in:
		
				commit
				
					
						24eaacc1ac
					
				
			
		
					 6 changed files with 26 additions and 2 deletions
				
			
		|  | @ -77,6 +77,7 @@ Role Defaults | |||
| |`keycloak_service_startlimitburst`| systemd StartLimitBurst | `5` if `keycloak_service_restart_on_failure` else `` | | ||||
| |`keycloak_service_restartsec`| systemd RestartSec | `10s` if `keycloak_service_restart_on_failure` else `` | | ||||
| |`keycloak_service_pidfile`| pid file path for service | `/run/keycloak.pid` | | ||||
| |`keycloak_features` | List of `name`/`status` pairs of features (also known as profiles on RH-SSO) to `enable` or `disable`, example: `[ { name: 'docker', status: 'enabled' } ]` | `[]` | ||||
| |`keycloak_jvm_package`| RHEL java package runtime | `java-1.8.0-openjdk-headless` | | ||||
| |`keycloak_java_home`| JAVA_HOME of installed JRE, leave empty for using specified keycloak_jvm_package RPM path | `None` | | ||||
| |`keycloak_java_opts`| Additional JVM options | `-Xms1024m -Xmx2048m` | | ||||
|  |  | |||
|  | @ -16,6 +16,7 @@ keycloak_config_dir: "{{ keycloak_jboss_home }}/standalone/configuration" | |||
| keycloak_config_standalone_xml: "keycloak.xml" | ||||
| keycloak_config_path_to_standalone_xml: "{{ keycloak_jboss_home }}/standalone/configuration/{{ keycloak_config_standalone_xml }}" | ||||
| keycloak_config_override_template: '' | ||||
| keycloak_config_path_to_properties: "{{ keycloak_jboss_home }}/standalone/configuration/profile.properties" | ||||
| keycloak_service_user: keycloak | ||||
| keycloak_service_group: keycloak | ||||
| keycloak_service_pidfile: "/run/keycloak.pid" | ||||
|  | @ -45,6 +46,7 @@ keycloak_management_http_port: 9990 | |||
| keycloak_management_https_port: 9993 | ||||
| keycloak_java_opts: "-Xms1024m -Xmx2048m" | ||||
| keycloak_prefer_ipv4: True | ||||
| keycloak_features: [] | ||||
| 
 | ||||
| ### Enable configuration for database backend, clustering and remote caches on infinispan | ||||
| keycloak_ha_enabled: False | ||||
|  |  | |||
|  | @ -89,6 +89,11 @@ argument_specs: | |||
|                 default: "/run/keycloak.pid" | ||||
|                 description: "PID file path for service" | ||||
|                 type: "str" | ||||
|             keycloak_features: | ||||
|                 # line 17 of keycloak/defaults/main.yml | ||||
|                 default: "[]" | ||||
|                 description: "List of `name`/`status` pairs of features (also known as profiles on RH-SSO) to `enable` or `disable`, example: `[ { name: 'docker', status: 'enabled' } ]`" | ||||
|                 type: "list" | ||||
|             keycloak_bind_address: | ||||
|                 # line 34 of keycloak/defaults/main.yml | ||||
|                 default: "0.0.0.0" | ||||
|  | @ -96,7 +101,7 @@ argument_specs: | |||
|                 type: "str" | ||||
|             keycloak_management_port_bind_address: | ||||
|                 default: "127.0.0.1" | ||||
|                 description: "Address for binding the managemnt ports" | ||||
|                 description: "Address for binding the management ports" | ||||
|                 type: "str" | ||||
|             keycloak_host: | ||||
|                 # line 35 of keycloak/defaults/main.yml | ||||
|  |  | |||
|  | @ -268,3 +268,15 @@ | |||
|     - keycloak_ha_enabled | ||||
|     - keycloak_remote_cache_enabled | ||||
|     - keycloak_config_override_template | length == 0 | ||||
| 
 | ||||
| - name: "Deploy profile.properties file to {{ keycloak_config_path_to_properties }}" | ||||
|   become: yes | ||||
|   ansible.builtin.template: | ||||
|     src: keycloak-profile.properties.j2 | ||||
|     dest: "{{ keycloak_config_path_to_properties }}" | ||||
|     owner: "{{ keycloak_service_user }}" | ||||
|     group: "{{ keycloak_service_group }}" | ||||
|     mode: 0640 | ||||
|   notify: | ||||
|     - restart keycloak | ||||
|   when: keycloak_features | length > 0 | ||||
|  |  | |||
							
								
								
									
										3
									
								
								roles/keycloak/templates/keycloak-profile.properties.j2
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										3
									
								
								roles/keycloak/templates/keycloak-profile.properties.j2
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,3 @@ | |||
| {% for feature in keycloak.features %} | ||||
| feature.{{ feature.name }}={{ feature.status | default('enabled') }} | ||||
| {% endfor %} | ||||
|  | @ -14,6 +14,7 @@ keycloak: | |||
|   health_url: "{{ keycloak_management_url }}/health" | ||||
|   cli_path: "{{ keycloak_jboss_home }}/bin/jboss-cli.sh" | ||||
|   config_template_source: "{{ keycloak_config_override_template if keycloak_config_override_template | length > 0 else 'standalone-ha.xml.j2' if keycloak_remote_cache_enabled else 'standalone.xml.j2' }}" | ||||
|   features: "{{ keycloak_features }}" | ||||
| 
 | ||||
| # database | ||||
| keycloak_jdbc: | ||||
|  |  | |||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue