Update docs for main

Signed-off-by: ansible-middleware-core <ansible-middleware-core@redhat.com>

main/_sources/CHANGELOG.rst.txt

@@ -19,6 +19,7 @@ Breaking Changes / Porting Guide
 --------------------------------
 
 - Bump major and ansible-core versions `#266 <https://github.com/ansible-middleware/keycloak/pull/266>`_
+- Rename parameters to follow upstream `#270 <https://github.com/ansible-middleware/keycloak/pull/270>`_
 - Role support for keycloak v26 `#254 <https://github.com/ansible-middleware/keycloak/pull/254>`_
 
 Bugfixes

main/_sources/roles/keycloak_quarkus.md.txt

@@ -50,10 +50,6 @@ Role Defaults
 |`keycloak_quarkus_host`| Deprecated, use `keycloak_quarkus_hostname` instead. | |
 |`keycloak_quarkus_port`| Deprecated, use `keycloak_quarkus_hostname` instead. | |
 |`keycloak_quarkus_path`| Deprecated, use `keycloak_quarkus_hostname` instead. | |
-|`keycloak_quarkus_http_port`| HTTP listening port | `8080` |
-|`keycloak_quarkus_https_port`| TLS HTTP listening port | `8443` |
-|`keycloak_quarkus_http_management_port`| Port of the management interface. Relevant only when something is exposed on the management interface - see the guide for details. | `9000` |
-|`keycloak_quarkus_ajp_port`| AJP port | `8009` |
 |`keycloak_quarkus_service_user`| Posix account username | `keycloak` |
 |`keycloak_quarkus_service_group`| Posix account group | `keycloak` |
 |`keycloak_quarkus_service_restart_always`| systemd restart always behavior activation | `False` |
@@ -65,30 +61,10 @@ Role Defaults
 |`keycloak_quarkus_java_jvm_opts`| Other JVM settings | same as keycloak |
 |`keycloak_quarkus_java_opts`| JVM arguments; if overridden, it takes precedence over `keycloak_quarkus_java_*` | `{{ keycloak_quarkus_java_heap_opts + ' ' + keycloak_quarkus_java_jvm_opts }}` |
 |`keycloak_quarkus_additional_env_vars` | List of additional env variables of { key: str, value: str} to be put in sysconfig file | `[]` |
-|`keycloak_quarkus_hostname`| Address at which is the server exposed. Can be a full URL, or just a hostname. When only hostname is provided, scheme, port and context path are resolved from the request. | |
 |`keycloak_quarkus_frontend_url`| Deprecated, use `keycloak_quarkus_hostname` instead. | |
-|`keycloak_quarkus_admin`| Set the base URL for accessing the administration console, including scheme, host, port and path | |
+|`keycloak_quarkus_admin_url`| Deprecated, use `keycloak_quarkus_hostname_admin` instead. | |
-|`keycloak_quarkus_admin_url`| Deprecated, use `keycloak_quarkus_admin` instead. | |
-|`keycloak_quarkus_http_relative_path` | Set the path relative to / for serving resources. The path must start with a / | `/` |
-|`keycloak_quarkus_http_management_relative_path` | Set the path relative to / for serving resources from management interface. The path must start with a /. If not given, the value is inherited from HTTP options. Relevant only when something is exposed on the management interface - see the guide for details. | `/` |
-|`keycloak_quarkus_http_enabled`| Enable listener on HTTP port | `True` |
 |`keycloak_quarkus_health_check_url`| Full URL (including scheme, host, path, fragment etc.) used for health check endpoint; keycloak_quarkus_hostname will NOT be prepended; helpful when health checks should happen against http port, but keycloak_quarkus_hostname uses https scheme per default | `` |
 |`keycloak_quarkus_health_check_url_path`| Path to the health check endpoint; keycloak_quarkus_hostname will be prepended automatically; Note that keycloak_quarkus_health_check_url takes precedence over this property | `realms/master/.well-known/openid-configuration` |
-|`keycloak_quarkus_https_key_file_enabled`| Enable listener on HTTPS port | `False` |
-|`keycloak_quarkus_key_file_copy_enabled`| Enable copy of key file to target host | `False` |
-|`keycloak_quarkus_key_content`| Content of the TLS private key. Use `"{{ lookup('file', 'server.key.pem') }}"` to lookup a file. | `""` |
-|`keycloak_quarkus_key_file`| The file path to a private key in PEM format | `/etc/pki/tls/private/server.key.pem` |
-|`keycloak_quarkus_cert_file_copy_enabled`| Enable copy of cert file to target host | `False`|
-|`keycloak_quarkus_cert_file_src`| Set the source file path | `""` |
-|`keycloak_quarkus_cert_file`| The file path to a server certificate or certificate chain in PEM format | `/etc/pki/tls/certs/server.crt.pem` |
-|`keycloak_quarkus_https_key_store_enabled`| Enable configuration of HTTPS via a key store | `False` |
-|`keycloak_quarkus_key_store_file`| Deprecated, use `keycloak_quarkus_https_key_store_file` instead. ||
-|`keycloak_quarkus_key_store_password`| Deprecated, use `keycloak_quarkus_https_key_store_password` instead.||
-|`keycloak_quarkus_https_key_store_file`| The file path to the key store | `{{ keycloak.home }}/conf/key_store.p12` |
-|`keycloak_quarkus_https_key_store_password`| Password for the key store | `""` |
-|`keycloak_quarkus_https_trust_store_enabled`| Enable configuration of the https trust store | `False` |
-|`keycloak_quarkus_https_trust_store_file`| The file path to the trust store | `{{ keycloak.home }}/conf/trust_store.p12` |
-|`keycloak_quarkus_https_trust_store_password`| Password for the trust store | `""` |
 |`keycloak_quarkus_proxy_headers`| Parse reverse proxy headers (`forwarded` or `xforwarded`) | `""` |
 |`keycloak_quarkus_config_key_store_file`| Path to the configuration key store; only used if `keycloak_quarkus_keystore_password` is not empty  | `{{ keycloak.home }}/conf/conf_store.p12` if `keycloak_quarkus_keystore_password != ''`, else `''` |
 |`keycloak_quarkus_config_key_store_password`| Password of the configuration keystore; if non-empty, `keycloak_quarkus_db_pass` will be saved to the keystore at `keycloak_quarkus_config_key_store_file` instead of being written to the configuration file in clear text | `""` |
@@ -120,34 +96,74 @@ Role Defaults
 
 | Variable | Description | Default |
 |:---------|:------------|:--------|
-|`keycloak_quarkus_http_relative_path`| Set the path relative to / for serving resources. The path must start with a / | `/` |
+|`keycloak_quarkus_hostname`| Address at which is the server exposed. Can be a full URL, or just a hostname. When only hostname is provided, scheme, port and context path are resolved from the request. | |
+|`keycloak_quarkus_hostname_admin`| Set the base URL for accessing the administration console, including scheme, host, port and path | |
 |`keycloak_quarkus_hostname_strict`| Disables dynamically resolving the hostname from request headers | `true` |
 |`keycloak_quarkus_hostname_backchannel_dynamic`| Enables dynamic resolving of backchannel URLs, including hostname, scheme, port and context path. Set to true if your application accesses Keycloak via a private network. If set to true, hostname option needs to be specified as a full URL. | `false` |
 |`keycloak_quarkus_hostname_strict_backchannel`| Deprecated, use (the inverted!)`keycloak_quarkus_hostname_backchannel_dynamic` instead. |  |
 
 
+#### HTTP(S) configuration
+| Variable | Description | Default |
+|:---------|:------------|:--------|
+|`keycloak_quarkus_http_relative_path`| Set the path relative to / for serving resources. The path must start with a / | `/` |
+|`keycloak_quarkus_http_port`| HTTP listening port | `8080` |
+|`keycloak_quarkus_https_port`| TLS HTTP listening port | `8443` |
+|`keycloak_quarkus_http_management_port`| Port of the management interface. Relevant only when something is exposed on the management interface - see the guide for details. | `9000` |
+|`keycloak_quarkus_https_key_store_file`| The file path to the key store | `{{ keycloak.home }}/conf/key_store.p12` |
+|`keycloak_quarkus_https_key_store_password`| Password for the key store | `""` |
+|`keycloak_quarkus_https_trust_store_enabled`| Enable configuration of the https trust store | `False` |
+|`keycloak_quarkus_https_trust_store_file`| The file path to the trust store | `{{ keycloak.home }}/conf/trust_store.p12` |
+|`keycloak_quarkus_https_trust_store_password`| Password for the trust store | `""` |
+|`keycloak_quarkus_https_key_file_enabled`| Enable listener on HTTPS port | `False` |
+|`keycloak_quarkus_key_file_copy_enabled`| Enable copy of key file to target host | `False` |
+|`keycloak_quarkus_key_content`| Content of the TLS private key. Use `"{{ lookup('file', 'server.key.pem') }}"` to lookup a file. | `""` |
+|`keycloak_quarkus_key_file`| The file path to a private key in PEM format | `/etc/pki/tls/private/server.key.pem` |
+|`keycloak_quarkus_cert_file_copy_enabled`| Enable copy of cert file to target host | `False`|
+|`keycloak_quarkus_cert_file_src`| Set the source file path | `""` |
+|`keycloak_quarkus_cert_file`| The file path to a server certificate or certificate chain in PEM format | `/etc/pki/tls/certs/server.crt.pem` |
+|`keycloak_quarkus_https_key_store_enabled`| Enable configuration of HTTPS via a key store | `False` |
+|`keycloak_quarkus_key_store_file`| Deprecated, use `keycloak_quarkus_https_key_store_file` instead. ||
+|`keycloak_quarkus_key_store_password`| Deprecated, use `keycloak_quarkus_https_key_store_password` instead.||
+|`keycloak_quarkus_http_relative_path` | Set the path relative to / for serving resources. The path must start with a / | `/` |
+|`keycloak_quarkus_http_management_relative_path` | Set the path relative to / for serving resources from management interface. The path must start with a /. If not given, the value is inherited from HTTP options. Relevant only when something is exposed on the management interface - see the guide for details. | `/` |
+|`keycloak_quarkus_http_enabled`| Enable listener on HTTP port | `True` |
+
+
 #### Database configuration
 
 | Variable | Description | Default |
 |:---------|:------------|:--------|
-|`keycloak_quarkus_jdbc_engine` | Database engine [mariadb,postres,mssql] | `postgres` |
+|`keycloak_quarkus_db_engine` | Database engine [mariadb,postres,mssql] | `postgres` |
 |`keycloak_quarkus_db_user` | User for database connection | `keycloak-user` |
 |`keycloak_quarkus_db_pass` | Password for database connection | `keycloak-pass` |
-|`keycloak_quarkus_jdbc_url` | JDBC URL for connecting to database | `jdbc:postgresql://localhost:5432/keycloak` |
+|`keycloak_quarkus_db_url` | JDBC URL for connecting to database | `jdbc:postgresql://localhost:5432/keycloak` |
-|`keycloak_quarkus_jdbc_driver_version` | Version for JDBC driver | `9.4.1212` |
+|`keycloak_quarkus_db_driver_version` | Version for JDBC engine driver | `9.4.1212` |
 
 
-#### Remote caches configuration
+#### Cache configuration
 
 | Variable | Description | Default |
 |:---------|:------------|:--------|
-|`keycloak_quarkus_ispn_user` | Username for connecting to infinispan | `supervisor` |
+|`keycloak_quarkus_cache_remote_username` | Username for connecting to infinispan | `supervisor` |
-|`keycloak_quarkus_ispn_pass` | Password for connecting to infinispan | `supervisor` |
+|`keycloak_quarkus_cache_remote_password` | Password for connecting to infinispan | `supervisor` |
-|`keycloak_quarkus_ispn_hosts` | host name/port for connecting to infinispan, eg. host1:11222;host2:11222 | `localhost:11222` |
+|`keycloak_quarkus_cache_remote_host` | host name/port for connecting to infinispan, eg. host1:11222;host2:11222 | `localhost:11222` |
-|`keycloak_quarkus_ispn_sasl_mechanism` | Infinispan auth mechanism | `SCRAM-SHA-512` |
+|`keycloak_quarkus_cache_remote_sasl_mechanism` | Infinispan auth mechanism | `SCRAM-SHA-512` |
-|`keycloak_quarkus_ispn_use_ssl` | Whether infinispan uses TLS connection | `false` |
+|`keycloak_quarkus_cache_remote_tls_enabled` | Whether infinispan uses TLS connection | `false` |
-|`keycloak_quarkus_ispn_trust_store_path` | Path to infinispan server trust certificate | `/etc/pki/java/cacerts` |
+
-|`keycloak_quarkus_ispn_trust_store_password` | Password for infinispan certificate keystore | `changeit` |
+
+#### Logging configuration
+
+| Variable | Description | Default |
+|:---------|:------------|:--------|
+|`keycloak_quarkus_log`| Enable one or more log handlers in a comma-separated list | `file` |
+|`keycloak_quarkus_log_level`| The log level of the root category or a comma-separated list of individual categories and their levels | `info` |
+|`keycloak_quarkus_log_file`| Set the log file path and filename relative to keycloak home | `data/log/keycloak.log` |
+|`keycloak_quarkus_log_format`| Set a format specific to file log entries | `%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p [%c] (%t) %s%e%n` |
+|`keycloak_quarkus_log_target`| Set the destination of the keycloak log folder link | `/var/log/keycloak` |
+|`keycloak_quarkus_log_max_file_size`| Set the maximum log file size before a log rotation happens; A size configuration option recognises string in this format (shown as a regular expression): `[0-9]+[KkMmGgTtPpEeZzYy]?`. If no suffix is given, assume bytes. | `10M` |
+|`keycloak_quarkus_log_max_backup_index`| Set the maximum number of archived log files to keep" | `10` |
+|`keycloak_quarkus_log_file_suffix`| Set the log file handler rotation file suffix. When used, the file will be rotated based on its suffix; Note: If the suffix ends with `.zip` or `.gz`, the rotation file will also be compressed. | `.yyyy-MM-dd.zip` |
 
 
 #### Miscellaneous configuration
@@ -163,14 +179,6 @@ Role Defaults
 |`keycloak_quarkus_master_realm` | Name for rest authentication realm | `master` |
 |`keycloak_auth_client` | Authentication client for configuration REST calls | `admin-cli` |
 |`keycloak_force_install` | Remove pre-existing versions of service | `False` |
-|`keycloak_quarkus_log`| Enable one or more log handlers in a comma-separated list | `file` |
-|`keycloak_quarkus_log_level`| The log level of the root category or a comma-separated list of individual categories and their levels | `info` |
-|`keycloak_quarkus_log_file`| Set the log file path and filename relative to keycloak home | `data/log/keycloak.log` |
-|`keycloak_quarkus_log_format`| Set a format specific to file log entries | `%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p [%c] (%t) %s%e%n` |
-|`keycloak_quarkus_log_target`| Set the destination of the keycloak log folder link | `/var/log/keycloak` |
-|`keycloak_quarkus_log_max_file_size`| Set the maximum log file size before a log rotation happens; A size configuration option recognises string in this format (shown as a regular expression): `[0-9]+[KkMmGgTtPpEeZzYy]?`. If no suffix is given, assume bytes. | `10M` |
-|`keycloak_quarkus_log_max_backup_index`| Set the maximum number of archived log files to keep" | `10` |
-|`keycloak_quarkus_log_file_suffix`| Set the log file handler rotation file suffix. When used, the file will be rotated based on its suffix; Note: If the suffix ends with `.zip` or `.gz`, the rotation file will also be compressed. | `.yyyy-MM-dd.zip` |
 |`keycloak_quarkus_proxy_mode`| The proxy address forwarding mode if the server is behind a reverse proxy | `edge` |
 |`keycloak_quarkus_start_dev`| Whether to start the service in development mode (start-dev) | `False` |
 |`keycloak_quarkus_transaction_xa_enabled`| Whether to use XA transactions | `True` |
@@ -178,7 +186,7 @@ Role Defaults
 |`keycloak_quarkus_show_deprecation_warnings`| Whether deprecation warnings should be shown | `True` |
 
 
-#### Vault SPI
+#### Vault configuration
 
 | Variable | Description | Default |
 |:---------|:------------|:--------|
@@ -251,8 +259,6 @@ Role Variables
 |:---------|:------------|----------|
 |`keycloak_quarkus_bootstrap_admin_password`| Password of console admin account | `yes` |
 |`keycloak_quarkus_admin_pass`| Deprecated, use `keycloak_quarkus_bootstrap_admin_password` instead. | |
-|`keycloak_quarkus_frontend_url`| Base URL for frontend URLs, including scheme, host, port and path | `no` |
-|`keycloak_quarkus_admin_url`| Base URL for accessing the administration console, including scheme, host, port and path | `no` |
 |`keycloak_quarkus_ks_vault_pass`| The password for accessing the keystore vault SPI | `no` |
 |`keycloak_quarkus_alternate_download_url`| Alternate location with optional authentication for downloading RHBK | `no` |
 |`keycloak_quarkus_download_user`| Optional username for http authentication  | `no*` |

main/roles/index.html

@@ -123,10 +123,12 @@
 <li class="toctree-l3"><a class="reference internal" href="keycloak_quarkus.html#service-configuration">Service configuration</a></li>
 <li class="toctree-l3"><a class="reference internal" href="keycloak_quarkus.html#high-availability">High-availability</a></li>
 <li class="toctree-l3"><a class="reference internal" href="keycloak_quarkus.html#hostname-configuration">Hostname configuration</a></li>
+<li class="toctree-l3"><a class="reference internal" href="keycloak_quarkus.html#http-s-configuration">HTTP(S) configuration</a></li>
 <li class="toctree-l3"><a class="reference internal" href="keycloak_quarkus.html#database-configuration">Database configuration</a></li>
-<li class="toctree-l3"><a class="reference internal" href="keycloak_quarkus.html#remote-caches-configuration">Remote caches configuration</a></li>
+<li class="toctree-l3"><a class="reference internal" href="keycloak_quarkus.html#cache-configuration">Cache configuration</a></li>
+<li class="toctree-l3"><a class="reference internal" href="keycloak_quarkus.html#logging-configuration">Logging configuration</a></li>
 <li class="toctree-l3"><a class="reference internal" href="keycloak_quarkus.html#miscellaneous-configuration">Miscellaneous configuration</a></li>
-<li class="toctree-l3"><a class="reference internal" href="keycloak_quarkus.html#vault-spi">Vault SPI</a></li>
+<li class="toctree-l3"><a class="reference internal" href="keycloak_quarkus.html#vault-configuration">Vault configuration</a></li>
 <li class="toctree-l3"><a class="reference internal" href="keycloak_quarkus.html#configuring-providers">Configuring providers</a></li>
 <li class="toctree-l3"><a class="reference internal" href="keycloak_quarkus.html#configuring-policies">Configuring policies</a></li>
 </ul>

main/roles/keycloak_quarkus.html

@@ -58,10 +58,12 @@
 <li class="toctree-l4"><a class="reference internal" href="#service-configuration">Service configuration</a></li>
 <li class="toctree-l4"><a class="reference internal" href="#high-availability">High-availability</a></li>
 <li class="toctree-l4"><a class="reference internal" href="#hostname-configuration">Hostname configuration</a></li>
+<li class="toctree-l4"><a class="reference internal" href="#http-s-configuration">HTTP(S) configuration</a></li>
 <li class="toctree-l4"><a class="reference internal" href="#database-configuration">Database configuration</a></li>
-<li class="toctree-l4"><a class="reference internal" href="#remote-caches-configuration">Remote caches configuration</a></li>
+<li class="toctree-l4"><a class="reference internal" href="#cache-configuration">Cache configuration</a></li>
+<li class="toctree-l4"><a class="reference internal" href="#logging-configuration">Logging configuration</a></li>
 <li class="toctree-l4"><a class="reference internal" href="#miscellaneous-configuration">Miscellaneous configuration</a></li>
-<li class="toctree-l4"><a class="reference internal" href="#vault-spi">Vault SPI</a></li>
+<li class="toctree-l4"><a class="reference internal" href="#vault-configuration">Vault configuration</a></li>
 <li class="toctree-l4"><a class="reference internal" href="#configuring-providers">Configuring providers</a></li>
 <li class="toctree-l4"><a class="reference internal" href="#configuring-policies">Configuring policies</a></li>
 </ul>
@@ -216,22 +218,6 @@
 <td class="text-left"><p>Deprecated, use <code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_hostname</span></code> instead.</p></td>
 <td class="text-left"><p></p></td>
 </tr>
-<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_http_port</span></code></p></td>
-<td class="text-left"><p>HTTP listening port</p></td>
-<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">8080</span></code></p></td>
-</tr>
-<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_https_port</span></code></p></td>
-<td class="text-left"><p>TLS HTTP listening port</p></td>
-<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">8443</span></code></p></td>
-</tr>
-<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_http_management_port</span></code></p></td>
-<td class="text-left"><p>Port of the management interface. Relevant only when something is exposed on the management interface - see the guide for details.</p></td>
-<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">9000</span></code></p></td>
-</tr>
-<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_ajp_port</span></code></p></td>
-<td class="text-left"><p>AJP port</p></td>
-<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">8009</span></code></p></td>
-</tr>
 <tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_service_user</span></code></p></td>
 <td class="text-left"><p>Posix account username</p></td>
 <td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak</span></code></p></td>
@@ -276,102 +262,22 @@
 <td class="text-left"><p>List of additional env variables of { key: str, value: str} to be put in sysconfig file</p></td>
 <td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">[]</span></code></p></td>
 </tr>
-<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_hostname</span></code></p></td>
+<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_frontend_url</span></code></p></td>
-<td class="text-left"><p>Address at which is the server exposed. Can be a full URL, or just a hostname. When only hostname is provided, scheme, port and context path are resolved from the request.</p></td>
-<td class="text-left"><p></p></td>
-</tr>
-<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_frontend_url</span></code></p></td>
 <td class="text-left"><p>Deprecated, use <code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_hostname</span></code> instead.</p></td>
 <td class="text-left"><p></p></td>
 </tr>
-<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_admin</span></code></p></td>
-<td class="text-left"><p>Set the base URL for accessing the administration console, including scheme, host, port and path</p></td>
-<td class="text-left"><p></p></td>
-</tr>
 <tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_admin_url</span></code></p></td>
-<td class="text-left"><p>Deprecated, use <code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_admin</span></code> instead.</p></td>
+<td class="text-left"><p>Deprecated, use <code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_hostname_admin</span></code> instead.</p></td>
 <td class="text-left"><p></p></td>
 </tr>
-<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_http_relative_path</span></code></p></td>
+<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_health_check_url</span></code></p></td>
-<td class="text-left"><p>Set the path relative to / for serving resources. The path must start with a /</p></td>
-<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">/</span></code></p></td>
-</tr>
-<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_http_management_relative_path</span></code></p></td>
-<td class="text-left"><p>Set the path relative to / for serving resources from management interface. The path must start with a /. If not given, the value is inherited from HTTP options. Relevant only when something is exposed on the management interface - see the guide for details.</p></td>
-<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">/</span></code></p></td>
-</tr>
-<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_http_enabled</span></code></p></td>
-<td class="text-left"><p>Enable listener on HTTP port</p></td>
-<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">True</span></code></p></td>
-</tr>
-<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_health_check_url</span></code></p></td>
 <td class="text-left"><p>Full URL (including scheme, host, path, fragment etc.) used for health check endpoint; keycloak_quarkus_hostname will NOT be prepended; helpful when health checks should happen against http port, but keycloak_quarkus_hostname uses https scheme per default</p></td>
 <td class="text-left"><p>``</p></td>
 </tr>
-<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_health_check_url_path</span></code></p></td>
+<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_health_check_url_path</span></code></p></td>
 <td class="text-left"><p>Path to the health check endpoint; keycloak_quarkus_hostname will be prepended automatically; Note that keycloak_quarkus_health_check_url takes precedence over this property</p></td>
 <td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">realms/master/.well-known/openid-configuration</span></code></p></td>
 </tr>
-<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_https_key_file_enabled</span></code></p></td>
-<td class="text-left"><p>Enable listener on HTTPS port</p></td>
-<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">False</span></code></p></td>
-</tr>
-<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_key_file_copy_enabled</span></code></p></td>
-<td class="text-left"><p>Enable copy of key file to target host</p></td>
-<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">False</span></code></p></td>
-</tr>
-<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_key_content</span></code></p></td>
-<td class="text-left"><p>Content of the TLS private key. Use <code class="docutils literal notranslate"><span class="pre">&quot;{{</span> <span class="pre">lookup('file',</span> <span class="pre">'server.key.pem')</span> <span class="pre">}}&quot;</span></code> to lookup a file.</p></td>
-<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">&quot;&quot;</span></code></p></td>
-</tr>
-<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_key_file</span></code></p></td>
-<td class="text-left"><p>The file path to a private key in PEM format</p></td>
-<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">/etc/pki/tls/private/server.key.pem</span></code></p></td>
-</tr>
-<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_cert_file_copy_enabled</span></code></p></td>
-<td class="text-left"><p>Enable copy of cert file to target host</p></td>
-<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">False</span></code></p></td>
-</tr>
-<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_cert_file_src</span></code></p></td>
-<td class="text-left"><p>Set the source file path</p></td>
-<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">&quot;&quot;</span></code></p></td>
-</tr>
-<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_cert_file</span></code></p></td>
-<td class="text-left"><p>The file path to a server certificate or certificate chain in PEM format</p></td>
-<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">/etc/pki/tls/certs/server.crt.pem</span></code></p></td>
-</tr>
-<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_https_key_store_enabled</span></code></p></td>
-<td class="text-left"><p>Enable configuration of HTTPS via a key store</p></td>
-<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">False</span></code></p></td>
-</tr>
-<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_key_store_file</span></code></p></td>
-<td class="text-left"><p>Deprecated, use <code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_https_key_store_file</span></code> instead.</p></td>
-<td class="text-left"><p></p></td>
-</tr>
-<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_key_store_password</span></code></p></td>
-<td class="text-left"><p>Deprecated, use <code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_https_key_store_password</span></code> instead.</p></td>
-<td class="text-left"><p></p></td>
-</tr>
-<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_https_key_store_file</span></code></p></td>
-<td class="text-left"><p>The file path to the key store</p></td>
-<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">{{</span> <span class="pre">keycloak.home</span> <span class="pre">}}/conf/key_store.p12</span></code></p></td>
-</tr>
-<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_https_key_store_password</span></code></p></td>
-<td class="text-left"><p>Password for the key store</p></td>
-<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">&quot;&quot;</span></code></p></td>
-</tr>
-<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_https_trust_store_enabled</span></code></p></td>
-<td class="text-left"><p>Enable configuration of the https trust store</p></td>
-<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">False</span></code></p></td>
-</tr>
-<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_https_trust_store_file</span></code></p></td>
-<td class="text-left"><p>The file path to the trust store</p></td>
-<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">{{</span> <span class="pre">keycloak.home</span> <span class="pre">}}/conf/trust_store.p12</span></code></p></td>
-</tr>
-<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_https_trust_store_password</span></code></p></td>
-<td class="text-left"><p>Password for the trust store</p></td>
-<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">&quot;&quot;</span></code></p></td>
-</tr>
 <tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_proxy_headers</span></code></p></td>
 <td class="text-left"><p>Parse reverse proxy headers (<code class="docutils literal notranslate"><span class="pre">forwarded</span></code> or <code class="docutils literal notranslate"><span class="pre">xforwarded</span></code>)</p></td>
 <td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">&quot;&quot;</span></code></p></td>
@@ -474,22 +380,127 @@
 </tr>
 </thead>
 <tbody>
+<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_hostname</span></code></p></td>
+<td class="text-left"><p>Address at which is the server exposed. Can be a full URL, or just a hostname. When only hostname is provided, scheme, port and context path are resolved from the request.</p></td>
+<td class="text-left"><p></p></td>
+</tr>
+<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_hostname_admin</span></code></p></td>
+<td class="text-left"><p>Set the base URL for accessing the administration console, including scheme, host, port and path</p></td>
+<td class="text-left"><p></p></td>
+</tr>
+<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_hostname_strict</span></code></p></td>
+<td class="text-left"><p>Disables dynamically resolving the hostname from request headers</p></td>
+<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">true</span></code></p></td>
+</tr>
+<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_hostname_backchannel_dynamic</span></code></p></td>
+<td class="text-left"><p>Enables dynamic resolving of backchannel URLs, including hostname, scheme, port and context path. Set to true if your application accesses Keycloak via a private network. If set to true, hostname option needs to be specified as a full URL.</p></td>
+<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">false</span></code></p></td>
+</tr>
+<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_hostname_strict_backchannel</span></code></p></td>
+<td class="text-left"><p>Deprecated, use (the inverted!)<code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_hostname_backchannel_dynamic</span></code> instead.</p></td>
+<td class="text-left"><p></p></td>
+</tr>
+</tbody>
+</table>
+</section>
+<section id="http-s-configuration">
+<h3>HTTP(S) configuration<a class="headerlink" href="#http-s-configuration" title="Link to this heading"></a></h3>
+<table class="docutils align-default">
+<thead>
+<tr class="row-odd"><th class="head text-left"><p>Variable</p></th>
+<th class="head text-left"><p>Description</p></th>
+<th class="head text-left"><p>Default</p></th>
+</tr>
+</thead>
+<tbody>
 <tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_http_relative_path</span></code></p></td>
 <td class="text-left"><p>Set the path relative to / for serving resources. The path must start with a /</p></td>
 <td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">/</span></code></p></td>
 </tr>
-<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_hostname_strict</span></code></p></td>
+<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_http_port</span></code></p></td>
-<td class="text-left"><p>Disables dynamically resolving the hostname from request headers</p></td>
+<td class="text-left"><p>HTTP listening port</p></td>
-<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">true</span></code></p></td>
+<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">8080</span></code></p></td>
 </tr>
-<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_hostname_backchannel_dynamic</span></code></p></td>
+<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_https_port</span></code></p></td>
-<td class="text-left"><p>Enables dynamic resolving of backchannel URLs, including hostname, scheme, port and context path. Set to true if your application accesses Keycloak via a private network. If set to true, hostname option needs to be specified as a full URL.</p></td>
+<td class="text-left"><p>TLS HTTP listening port</p></td>
-<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">false</span></code></p></td>
+<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">8443</span></code></p></td>
 </tr>
-<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_hostname_strict_backchannel</span></code></p></td>
+<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_http_management_port</span></code></p></td>
-<td class="text-left"><p>Deprecated, use (the inverted!)<code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_hostname_backchannel_dynamic</span></code> instead.</p></td>
+<td class="text-left"><p>Port of the management interface. Relevant only when something is exposed on the management interface - see the guide for details.</p></td>
+<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">9000</span></code></p></td>
+</tr>
+<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_https_key_store_file</span></code></p></td>
+<td class="text-left"><p>The file path to the key store</p></td>
+<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">{{</span> <span class="pre">keycloak.home</span> <span class="pre">}}/conf/key_store.p12</span></code></p></td>
+</tr>
+<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_https_key_store_password</span></code></p></td>
+<td class="text-left"><p>Password for the key store</p></td>
+<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">&quot;&quot;</span></code></p></td>
+</tr>
+<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_https_trust_store_enabled</span></code></p></td>
+<td class="text-left"><p>Enable configuration of the https trust store</p></td>
+<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">False</span></code></p></td>
+</tr>
+<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_https_trust_store_file</span></code></p></td>
+<td class="text-left"><p>The file path to the trust store</p></td>
+<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">{{</span> <span class="pre">keycloak.home</span> <span class="pre">}}/conf/trust_store.p12</span></code></p></td>
+</tr>
+<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_https_trust_store_password</span></code></p></td>
+<td class="text-left"><p>Password for the trust store</p></td>
+<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">&quot;&quot;</span></code></p></td>
+</tr>
+<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_https_key_file_enabled</span></code></p></td>
+<td class="text-left"><p>Enable listener on HTTPS port</p></td>
+<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">False</span></code></p></td>
+</tr>
+<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_key_file_copy_enabled</span></code></p></td>
+<td class="text-left"><p>Enable copy of key file to target host</p></td>
+<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">False</span></code></p></td>
+</tr>
+<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_key_content</span></code></p></td>
+<td class="text-left"><p>Content of the TLS private key. Use <code class="docutils literal notranslate"><span class="pre">&quot;{{</span> <span class="pre">lookup('file',</span> <span class="pre">'server.key.pem')</span> <span class="pre">}}&quot;</span></code> to lookup a file.</p></td>
+<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">&quot;&quot;</span></code></p></td>
+</tr>
+<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_key_file</span></code></p></td>
+<td class="text-left"><p>The file path to a private key in PEM format</p></td>
+<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">/etc/pki/tls/private/server.key.pem</span></code></p></td>
+</tr>
+<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_cert_file_copy_enabled</span></code></p></td>
+<td class="text-left"><p>Enable copy of cert file to target host</p></td>
+<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">False</span></code></p></td>
+</tr>
+<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_cert_file_src</span></code></p></td>
+<td class="text-left"><p>Set the source file path</p></td>
+<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">&quot;&quot;</span></code></p></td>
+</tr>
+<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_cert_file</span></code></p></td>
+<td class="text-left"><p>The file path to a server certificate or certificate chain in PEM format</p></td>
+<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">/etc/pki/tls/certs/server.crt.pem</span></code></p></td>
+</tr>
+<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_https_key_store_enabled</span></code></p></td>
+<td class="text-left"><p>Enable configuration of HTTPS via a key store</p></td>
+<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">False</span></code></p></td>
+</tr>
+<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_key_store_file</span></code></p></td>
+<td class="text-left"><p>Deprecated, use <code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_https_key_store_file</span></code> instead.</p></td>
 <td class="text-left"><p></p></td>
 </tr>
+<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_key_store_password</span></code></p></td>
+<td class="text-left"><p>Deprecated, use <code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_https_key_store_password</span></code> instead.</p></td>
+<td class="text-left"><p></p></td>
+</tr>
+<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_http_relative_path</span></code></p></td>
+<td class="text-left"><p>Set the path relative to / for serving resources. The path must start with a /</p></td>
+<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">/</span></code></p></td>
+</tr>
+<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_http_management_relative_path</span></code></p></td>
+<td class="text-left"><p>Set the path relative to / for serving resources from management interface. The path must start with a /. If not given, the value is inherited from HTTP options. Relevant only when something is exposed on the management interface - see the guide for details.</p></td>
+<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">/</span></code></p></td>
+</tr>
+<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_http_enabled</span></code></p></td>
+<td class="text-left"><p>Enable listener on HTTP port</p></td>
+<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">True</span></code></p></td>
+</tr>
 </tbody>
 </table>
 </section>
@@ -503,7 +514,7 @@
 </tr>
 </thead>
 <tbody>
-<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_jdbc_engine</span></code></p></td>
+<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_db_engine</span></code></p></td>
 <td class="text-left"><p>Database engine [mariadb,postres,mssql]</p></td>
 <td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">postgres</span></code></p></td>
 </tr>
@@ -515,19 +526,19 @@
 <td class="text-left"><p>Password for database connection</p></td>
 <td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak-pass</span></code></p></td>
 </tr>
-<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_jdbc_url</span></code></p></td>
+<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_db_url</span></code></p></td>
 <td class="text-left"><p>JDBC URL for connecting to database</p></td>
 <td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">jdbc:postgresql://localhost:5432/keycloak</span></code></p></td>
 </tr>
-<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_jdbc_driver_version</span></code></p></td>
+<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_db_driver_version</span></code></p></td>
-<td class="text-left"><p>Version for JDBC driver</p></td>
+<td class="text-left"><p>Version for JDBC engine driver</p></td>
 <td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">9.4.1212</span></code></p></td>
 </tr>
 </tbody>
 </table>
 </section>
-<section id="remote-caches-configuration">
+<section id="cache-configuration">
-<h3>Remote caches configuration<a class="headerlink" href="#remote-caches-configuration" title="Link to this heading"></a></h3>
+<h3>Cache configuration<a class="headerlink" href="#cache-configuration" title="Link to this heading"></a></h3>
 <table class="docutils align-default">
 <thead>
 <tr class="row-odd"><th class="head text-left"><p>Variable</p></th>
@@ -536,33 +547,70 @@
 </tr>
 </thead>
 <tbody>
-<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_ispn_user</span></code></p></td>
+<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_cache_remote_username</span></code></p></td>
 <td class="text-left"><p>Username for connecting to infinispan</p></td>
 <td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">supervisor</span></code></p></td>
 </tr>
-<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_ispn_pass</span></code></p></td>
+<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_cache_remote_password</span></code></p></td>
 <td class="text-left"><p>Password for connecting to infinispan</p></td>
 <td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">supervisor</span></code></p></td>
 </tr>
-<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_ispn_hosts</span></code></p></td>
+<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_cache_remote_host</span></code></p></td>
 <td class="text-left"><p>host name/port for connecting to infinispan, eg. host1:11222;host2:11222</p></td>
 <td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">localhost:11222</span></code></p></td>
 </tr>
-<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_ispn_sasl_mechanism</span></code></p></td>
+<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_cache_remote_sasl_mechanism</span></code></p></td>
 <td class="text-left"><p>Infinispan auth mechanism</p></td>
 <td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">SCRAM-SHA-512</span></code></p></td>
 </tr>
-<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_ispn_use_ssl</span></code></p></td>
+<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_cache_remote_tls_enabled</span></code></p></td>
 <td class="text-left"><p>Whether infinispan uses TLS connection</p></td>
 <td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">false</span></code></p></td>
 </tr>
-<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_ispn_trust_store_path</span></code></p></td>
+</tbody>
-<td class="text-left"><p>Path to infinispan server trust certificate</p></td>
+</table>
-<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">/etc/pki/java/cacerts</span></code></p></td>
+</section>
+<section id="logging-configuration">
+<h3>Logging configuration<a class="headerlink" href="#logging-configuration" title="Link to this heading"></a></h3>
+<table class="docutils align-default">
+<thead>
+<tr class="row-odd"><th class="head text-left"><p>Variable</p></th>
+<th class="head text-left"><p>Description</p></th>
+<th class="head text-left"><p>Default</p></th>
 </tr>
-<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_ispn_trust_store_password</span></code></p></td>
+</thead>
-<td class="text-left"><p>Password for infinispan certificate keystore</p></td>
+<tbody>
-<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">changeit</span></code></p></td>
+<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_log</span></code></p></td>
+<td class="text-left"><p>Enable one or more log handlers in a comma-separated list</p></td>
+<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">file</span></code></p></td>
+</tr>
+<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_log_level</span></code></p></td>
+<td class="text-left"><p>The log level of the root category or a comma-separated list of individual categories and their levels</p></td>
+<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">info</span></code></p></td>
+</tr>
+<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_log_file</span></code></p></td>
+<td class="text-left"><p>Set the log file path and filename relative to keycloak home</p></td>
+<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">data/log/keycloak.log</span></code></p></td>
+</tr>
+<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_log_format</span></code></p></td>
+<td class="text-left"><p>Set a format specific to file log entries</p></td>
+<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">%d{yyyy-MM-dd</span> <span class="pre">HH:mm:ss,SSS}</span> <span class="pre">%-5p</span> <span class="pre">[%c]</span> <span class="pre">(%t)</span> <span class="pre">%s%e%n</span></code></p></td>
+</tr>
+<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_log_target</span></code></p></td>
+<td class="text-left"><p>Set the destination of the keycloak log folder link</p></td>
+<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">/var/log/keycloak</span></code></p></td>
+</tr>
+<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_log_max_file_size</span></code></p></td>
+<td class="text-left"><p>Set the maximum log file size before a log rotation happens; A size configuration option recognises string in this format (shown as a regular expression): <code class="docutils literal notranslate"><span class="pre">[0-9]+[KkMmGgTtPpEeZzYy]?</span></code>. If no suffix is given, assume bytes.</p></td>
+<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">10M</span></code></p></td>
+</tr>
+<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_log_max_backup_index</span></code></p></td>
+<td class="text-left"><p>Set the maximum number of archived log files to keep”</p></td>
+<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">10</span></code></p></td>
+</tr>
+<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_log_file_suffix</span></code></p></td>
+<td class="text-left"><p>Set the log file handler rotation file suffix. When used, the file will be rotated based on its suffix; Note: If the suffix ends with <code class="docutils literal notranslate"><span class="pre">.zip</span></code> or <code class="docutils literal notranslate"><span class="pre">.gz</span></code>, the rotation file will also be compressed.</p></td>
+<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">.yyyy-MM-dd.zip</span></code></p></td>
 </tr>
 </tbody>
 </table>
@@ -613,38 +661,6 @@
 <td class="text-left"><p>Remove pre-existing versions of service</p></td>
 <td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">False</span></code></p></td>
 </tr>
-<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_log</span></code></p></td>
-<td class="text-left"><p>Enable one or more log handlers in a comma-separated list</p></td>
-<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">file</span></code></p></td>
-</tr>
-<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_log_level</span></code></p></td>
-<td class="text-left"><p>The log level of the root category or a comma-separated list of individual categories and their levels</p></td>
-<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">info</span></code></p></td>
-</tr>
-<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_log_file</span></code></p></td>
-<td class="text-left"><p>Set the log file path and filename relative to keycloak home</p></td>
-<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">data/log/keycloak.log</span></code></p></td>
-</tr>
-<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_log_format</span></code></p></td>
-<td class="text-left"><p>Set a format specific to file log entries</p></td>
-<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">%d{yyyy-MM-dd</span> <span class="pre">HH:mm:ss,SSS}</span> <span class="pre">%-5p</span> <span class="pre">[%c]</span> <span class="pre">(%t)</span> <span class="pre">%s%e%n</span></code></p></td>
-</tr>
-<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_log_target</span></code></p></td>
-<td class="text-left"><p>Set the destination of the keycloak log folder link</p></td>
-<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">/var/log/keycloak</span></code></p></td>
-</tr>
-<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_log_max_file_size</span></code></p></td>
-<td class="text-left"><p>Set the maximum log file size before a log rotation happens; A size configuration option recognises string in this format (shown as a regular expression): <code class="docutils literal notranslate"><span class="pre">[0-9]+[KkMmGgTtPpEeZzYy]?</span></code>. If no suffix is given, assume bytes.</p></td>
-<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">10M</span></code></p></td>
-</tr>
-<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_log_max_backup_index</span></code></p></td>
-<td class="text-left"><p>Set the maximum number of archived log files to keep”</p></td>
-<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">10</span></code></p></td>
-</tr>
-<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_log_file_suffix</span></code></p></td>
-<td class="text-left"><p>Set the log file handler rotation file suffix. When used, the file will be rotated based on its suffix; Note: If the suffix ends with <code class="docutils literal notranslate"><span class="pre">.zip</span></code> or <code class="docutils literal notranslate"><span class="pre">.gz</span></code>, the rotation file will also be compressed.</p></td>
-<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">.yyyy-MM-dd.zip</span></code></p></td>
-</tr>
 <tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_proxy_mode</span></code></p></td>
 <td class="text-left"><p>The proxy address forwarding mode if the server is behind a reverse proxy</p></td>
 <td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">edge</span></code></p></td>
@@ -668,8 +684,8 @@
 </tbody>
 </table>
 </section>
-<section id="vault-spi">
+<section id="vault-configuration">
-<h3>Vault SPI<a class="headerlink" href="#vault-spi" title="Link to this heading"></a></h3>
+<h3>Vault configuration<a class="headerlink" href="#vault-configuration" title="Link to this heading"></a></h3>
 <table class="docutils align-default">
 <thead>
 <tr class="row-odd"><th class="head text-left"><p>Variable</p></th>
@@ -783,14 +799,6 @@
 <td class="text-left"><p>Deprecated, use <code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_bootstrap_admin_password</span></code> instead.</p></td>
 <td><p></p></td>
 </tr>
-<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_frontend_url</span></code></p></td>
-<td class="text-left"><p>Base URL for frontend URLs, including scheme, host, port and path</p></td>
-<td><p><code class="docutils literal notranslate"><span class="pre">no</span></code></p></td>
-</tr>
-<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_admin_url</span></code></p></td>
-<td class="text-left"><p>Base URL for accessing the administration console, including scheme, host, port and path</p></td>
-<td><p><code class="docutils literal notranslate"><span class="pre">no</span></code></p></td>
-</tr>
 <tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_ks_vault_pass</span></code></p></td>
 <td class="text-left"><p>The password for accessing the keystore vault SPI</p></td>
 <td><p><code class="docutils literal notranslate"><span class="pre">no</span></code></p></td>