Copy the TLS private key from memory

This change should avoid storing plain private keys on disk due to security risks. It also makes it easier to encrypt the data with SOPS.
2025-07-30 16:41:30 -07:00 · 2024-05-05 11:58:19 +00:00 · 2024-05-05 11:58:19 +00:00 · 320a5f0d9a
commit 320a5f0d9a
parent 7141e1c9b2
5 changed files with 7 additions and 7 deletions
--- a/roles/keycloak_quarkus/meta/argument_specs.yml
+++ b/roles/keycloak_quarkus/meta/argument_specs.yml
@ -112,9 +112,9 @@ argument_specs:
                default: false
                description: "Enable copy of key file to target host"
                type: "bool"
-            keycloak_quarkus_key_file_src:
+            keycloak_quarkus_key_content:
                default: ""
-                description: "Set the source file path"
+                description: "Content of the TLS private key"
                type: "str"
            keycloak_quarkus_key_file:
                default: "/etc/pki/tls/private/server.key.pem"