diff --git a/molecule/quarkus/converge.yml b/molecule/quarkus/converge.yml index 5971a93..9e74aa6 100644 --- a/molecule/quarkus/converge.yml +++ b/molecule/quarkus/converge.yml @@ -10,7 +10,7 @@ keycloak_quarkus_log_level: debug keycloak_quarkus_https_key_file_enabled: true keycloak_quarkus_key_file_copy_enabled: true - keycloak_quarkus_key_file_src: key.pem + keycloak_quarkus_key_content: "{{ lookup('file', 'key.pem') }}" keycloak_quarkus_cert_file_copy_enabled: true keycloak_quarkus_cert_file_src: cert.pem keycloak_quarkus_log_target: /tmp/keycloak diff --git a/roles/keycloak_quarkus/README.md b/roles/keycloak_quarkus/README.md index 17f2bc8..ccb9e75 100644 --- a/roles/keycloak_quarkus/README.md +++ b/roles/keycloak_quarkus/README.md @@ -45,7 +45,7 @@ Role Defaults |`keycloak_quarkus_http_enabled`| Enable listener on HTTP port | `True` | |`keycloak_quarkus_https_key_file_enabled`| Enable listener on HTTPS port | `False` | |`keycloak_quarkus_key_file_copy_enabled`| Enable copy of key file to target host | `False` | -|`keycloak_quarkus_key_file_src`| Set the source file path | `""` | +|`keycloak_quarkus_key_content`| Content of the TLS private key. Use `"{{ lookup('file', 'server.key.pem') }}"` to lookup a file. | `""` | |`keycloak_quarkus_key_file`| The file path to a private key in PEM format | `/etc/pki/tls/private/server.key.pem` | |`keycloak_quarkus_cert_file_copy_enabled`| Enable copy of cert file to target host | `False`| |`keycloak_quarkus_cert_file_src`| Set the source file path | `""` | diff --git a/roles/keycloak_quarkus/defaults/main.yml b/roles/keycloak_quarkus/defaults/main.yml index fcd02a5..a54e6c7 100644 --- a/roles/keycloak_quarkus/defaults/main.yml +++ b/roles/keycloak_quarkus/defaults/main.yml @@ -48,7 +48,7 @@ keycloak_quarkus_java_opts: "{{ keycloak_quarkus_java_heap_opts + ' ' + keycloak ### TLS/HTTPS configuration keycloak_quarkus_https_key_file_enabled: false keycloak_quarkus_key_file_copy_enabled: false -keycloak_quarkus_key_file_src: "" +keycloak_quarkus_key_content: "" keycloak_quarkus_key_file: "/etc/pki/tls/private/server.key.pem" keycloak_quarkus_cert_file_copy_enabled: false keycloak_quarkus_cert_file_src: "" diff --git a/roles/keycloak_quarkus/meta/argument_specs.yml b/roles/keycloak_quarkus/meta/argument_specs.yml index 768b3e9..094a46b 100644 --- a/roles/keycloak_quarkus/meta/argument_specs.yml +++ b/roles/keycloak_quarkus/meta/argument_specs.yml @@ -112,9 +112,9 @@ argument_specs: default: false description: "Enable copy of key file to target host" type: "bool" - keycloak_quarkus_key_file_src: + keycloak_quarkus_key_content: default: "" - description: "Set the source file path" + description: "Content of the TLS private key" type: "str" keycloak_quarkus_key_file: default: "/etc/pki/tls/private/server.key.pem" diff --git a/roles/keycloak_quarkus/tasks/install.yml b/roles/keycloak_quarkus/tasks/install.yml index b4b566a..5a385e2 100644 --- a/roles/keycloak_quarkus/tasks/install.yml +++ b/roles/keycloak_quarkus/tasks/install.yml @@ -161,7 +161,7 @@ - name: "Copy private key to target" ansible.builtin.copy: - src: "{{ keycloak_quarkus_key_file_src }}" + content: "{{ keycloak_quarkus_key_content }}" dest: "{{ keycloak_quarkus_key_file }}" owner: "{{ keycloak.service_user }}" group: "{{ keycloak.service_group }}" @@ -170,7 +170,7 @@ when: - keycloak_quarkus_https_key_file_enabled is defined and keycloak_quarkus_https_key_file_enabled - keycloak_quarkus_key_file_copy_enabled is defined and keycloak_quarkus_key_file_copy_enabled - - keycloak_quarkus_key_file_src | length > 0 + - keycloak_quarkus_key_content | length > 0 - name: "Copy certificate to target" ansible.builtin.copy: