ansible-collections/middleware_automation.keycloak
1
0
Fork 0
mirror of https://github.com/ansible-middleware/keycloak.git synced 2025-07-29 16:11:34 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Update docs for 2.1.0

Browse source 
Signed-off-by: ansible-middleware-core <ansible-middleware-core@redhat.com>
This commit is contained in:
ansible-middleware-core 2024-04-17 09:28:38 +00:00
commit 50f527bf8d
72 changed files with 17882 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

173
2.1.0/roles/index.html Normal file
View file

@ -0,0 +1,173 @@
<!DOCTYPE html>
<html class="writer-html5" lang="en" data-content_root="../">
<head>
<meta charset="utf-8" /><meta name="viewport" content="width=device-width, initial-scale=1" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>Role Index &mdash; Keycloak Ansible Collection documentation</title>
<link rel="stylesheet" type="text/css" href="../_static/pygments.css?v=5707b69d" />
<link rel="stylesheet" type="text/css" href="../_static/css/theme.css?v=19f00094" />
<link rel="stylesheet" type="text/css" href="../_static/antsibull-minimal.css" />
<link rel="stylesheet" type="text/css" href="../_static/ansible-basic-sphinx-ext.css" />
<!--[if lt IE 9]>
<script src="../_static/js/html5shiv.min.js"></script>
<![endif]-->
<script src="../_static/jquery.js?v=5d32c60e"></script>
<script src="../_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
<script src="../_static/documentation_options.js?v=5929fcd5"></script>
<script src="../_static/doctools.js?v=9a2dae69"></script>
<script src="../_static/sphinx_highlight.js?v=dc90522c"></script>
<script src="../_static/js/theme.js"></script>
<link rel="index" title="Index" href="../genindex.html" />
<link rel="search" title="Search" href="../search.html" />
<link rel="next" title="keycloak" href="keycloak.html" />
<link rel="prev" title="keycloak_user_federation Allows administration of Keycloak user federations via Keycloak API" href="../plugins/keycloak_user_federation.html" />
</head>
<body class="wy-body-for-nav">
<div class="wy-grid-for-nav">
<nav data-toggle="wy-nav-shift" class="wy-nav-side">
<div class="wy-side-scroll">
<div class="wy-side-nav-search" >
<a href="../index.html" class="icon icon-home">
Keycloak Ansible Collection
</a>
<div role="search">
<form id="rtd-search-form" class="wy-form" action="../search.html" method="get">
<input type="text" name="q" placeholder="Search docs" aria-label="Search docs" />
<input type="hidden" name="check_keywords" value="yes" />
<input type="hidden" name="area" value="default" />
</form>
</div>
</div><div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="Navigation menu">
<p class="caption" role="heading"><span class="caption-text">User documentation</span></p>
<ul class="current">
<li class="toctree-l1"><a class="reference internal" href="../README.html">Ansible Collection - middleware_automation.keycloak</a></li>
<li class="toctree-l1"><a class="reference internal" href="../plugins/index.html">Plugin Index</a></li>
<li class="toctree-l1 current"><a class="current reference internal" href="#">Role Index</a><ul>
<li class="toctree-l2"><a class="reference internal" href="keycloak.html">keycloak</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_quarkus.html">keycloak_quarkus</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_realm.html">keycloak_realm</a></li>
</ul>
</li>
</ul>
<p class="caption" role="heading"><span class="caption-text">Developer documentation</span></p>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../testing.html">Testing</a></li>
<li class="toctree-l1"><a class="reference internal" href="../developing.html">Contributors Guidelines</a></li>
<li class="toctree-l1"><a class="reference internal" href="../releasing.html">Collection Versioning Strategy</a></li>
</ul>
<p class="caption" role="heading"><span class="caption-text">General</span></p>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../CHANGELOG.html">Changelog</a></li>
</ul>
<p class="caption" role="heading"><span class="caption-text">Middleware collections</span></p>
<ul>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/infinispan/">Infinispan / Red Hat Data Grid</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/keycloak/">Keycloak / Red Hat Single Sign-On</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/wildfly/">Wildfly / Red Hat JBoss EAP</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/jws/">Tomcat / Red Hat JWS</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/amq/">ActiveMQ / Red Hat AMQ Broker</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/amq_streams/">Kafka / Red Hat AMQ Streams</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/redhat-csp-download/">Red Hat CSP Download</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/ansible_collections_jcliff/">JCliff</a></li>
</ul>
</div>
</div>
</nav>
<section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"><nav class="wy-nav-top" aria-label="Mobile navigation menu" >
<i data-toggle="wy-nav-top" class="fa fa-bars"></i>
<a href="../index.html">Keycloak Ansible Collection</a>
</nav>
<div class="wy-nav-content">
<div class="rst-content">
<div role="navigation" aria-label="Page navigation">
<ul class="wy-breadcrumbs">
<li><a href="../index.html" class="icon icon-home" aria-label="Home"></a></li>
<li class="breadcrumb-item active">Role Index</li>
<li class="wy-breadcrumbs-aside">
<a href="../_sources/roles/index.rst.txt" rel="nofollow"> View page source</a>
</li>
</ul>
<hr/>
</div>
<div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
<div itemprop="articleBody">
<section id="role-index">
<h1>Role Index<a class="headerlink" href="#role-index" title="Link to this heading"></a></h1>
<div class="toctree-wrapper compound">
<ul>
<li class="toctree-l1"><a class="reference internal" href="keycloak.html">keycloak</a><ul>
<li class="toctree-l2"><a class="reference internal" href="keycloak.html#requirements">Requirements</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak.html#dependencies">Dependencies</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak.html#versions">Versions</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak.html#patching">Patching</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak.html#role-defaults">Role Defaults</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak.html#role-variables">Role Variables</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak.html#example-playbook">Example Playbook</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak.html#license">License</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak.html#author-information">Author Information</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="keycloak_quarkus.html">keycloak_quarkus</a><ul>
<li class="toctree-l2"><a class="reference internal" href="keycloak_quarkus.html#role-defaults">Role Defaults</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_quarkus.html#role-variables">Role Variables</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_quarkus.html#license">License</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_quarkus.html#author-information">Author Information</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="keycloak_realm.html">keycloak_realm</a><ul>
<li class="toctree-l2"><a class="reference internal" href="keycloak_realm.html#role-defaults">Role Defaults</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_realm.html#role-variables">Role Variables</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_realm.html#variable-formats">Variable formats</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_realm.html#example-playbook">Example Playbook</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_realm.html#license">License</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_realm.html#author-information">Author Information</a></li>
</ul>
</li>
</ul>
</div>
</section>
</div>
</div>
<footer><div class="rst-footer-buttons" role="navigation" aria-label="Footer">
<a href="../plugins/keycloak_user_federation.html" class="btn btn-neutral float-left" title="keycloak_user_federation Allows administration of Keycloak user federations via Keycloak API" accesskey="p" rel="prev"><span class="fa fa-arrow-circle-left" aria-hidden="true"></span> Previous</a>
<a href="keycloak.html" class="btn btn-neutral float-right" title="keycloak" accesskey="n" rel="next">Next <span class="fa fa-arrow-circle-right" aria-hidden="true"></span></a>
</div>
<hr/>
<div role="contentinfo">
<p>&#169; Copyright 2024, Red Hat, Inc..</p>
</div>
Built with <a href="https://www.sphinx-doc.org/">Sphinx</a> using a
<a href="https://github.com/readthedocs/sphinx_rtd_theme">theme</a>
provided by <a href="https://readthedocs.org">Read the Docs</a>.
</footer>
</div>
</div>
</section>
</div>
<script>
jQuery(function () {
SphinxRtdTheme.Navigation.enable(true);
});
</script>
</body>
</html>

648
2.1.0/roles/keycloak.html Normal file
View file

@ -0,0 +1,648 @@
<!DOCTYPE html>
<html class="writer-html5" lang="en" data-content_root="../">
<head>
<meta charset="utf-8" /><meta name="viewport" content="width=device-width, initial-scale=1" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>keycloak &mdash; Keycloak Ansible Collection documentation</title>
<link rel="stylesheet" type="text/css" href="../_static/pygments.css?v=5707b69d" />
<link rel="stylesheet" type="text/css" href="../_static/css/theme.css?v=19f00094" />
<link rel="stylesheet" type="text/css" href="../_static/antsibull-minimal.css" />
<link rel="stylesheet" type="text/css" href="../_static/ansible-basic-sphinx-ext.css" />
<!--[if lt IE 9]>
<script src="../_static/js/html5shiv.min.js"></script>
<![endif]-->
<script src="../_static/jquery.js?v=5d32c60e"></script>
<script src="../_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
<script src="../_static/documentation_options.js?v=5929fcd5"></script>
<script src="../_static/doctools.js?v=9a2dae69"></script>
<script src="../_static/sphinx_highlight.js?v=dc90522c"></script>
<script src="../_static/js/theme.js"></script>
<link rel="index" title="Index" href="../genindex.html" />
<link rel="search" title="Search" href="../search.html" />
<link rel="next" title="keycloak_quarkus" href="keycloak_quarkus.html" />
<link rel="prev" title="Role Index" href="index.html" />
</head>
<body class="wy-body-for-nav">
<div class="wy-grid-for-nav">
<nav data-toggle="wy-nav-shift" class="wy-nav-side">
<div class="wy-side-scroll">
<div class="wy-side-nav-search" >
<a href="../index.html" class="icon icon-home">
Keycloak Ansible Collection
</a>
<div role="search">
<form id="rtd-search-form" class="wy-form" action="../search.html" method="get">
<input type="text" name="q" placeholder="Search docs" aria-label="Search docs" />
<input type="hidden" name="check_keywords" value="yes" />
<input type="hidden" name="area" value="default" />
</form>
</div>
</div><div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="Navigation menu">
<p class="caption" role="heading"><span class="caption-text">User documentation</span></p>
<ul class="current">
<li class="toctree-l1"><a class="reference internal" href="../README.html">Ansible Collection - middleware_automation.keycloak</a></li>
<li class="toctree-l1"><a class="reference internal" href="../plugins/index.html">Plugin Index</a></li>
<li class="toctree-l1 current"><a class="reference internal" href="index.html">Role Index</a><ul class="current">
<li class="toctree-l2 current"><a class="current reference internal" href="#">keycloak</a><ul>
<li class="toctree-l3"><a class="reference internal" href="#requirements">Requirements</a></li>
<li class="toctree-l3"><a class="reference internal" href="#dependencies">Dependencies</a></li>
<li class="toctree-l3"><a class="reference internal" href="#versions">Versions</a></li>
<li class="toctree-l3"><a class="reference internal" href="#patching">Patching</a></li>
<li class="toctree-l3"><a class="reference internal" href="#role-defaults">Role Defaults</a></li>
<li class="toctree-l3"><a class="reference internal" href="#role-variables">Role Variables</a></li>
<li class="toctree-l3"><a class="reference internal" href="#example-playbook">Example Playbook</a></li>
<li class="toctree-l3"><a class="reference internal" href="#license">License</a></li>
<li class="toctree-l3"><a class="reference internal" href="#author-information">Author Information</a></li>
</ul>
</li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_quarkus.html">keycloak_quarkus</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_realm.html">keycloak_realm</a></li>
</ul>
</li>
</ul>
<p class="caption" role="heading"><span class="caption-text">Developer documentation</span></p>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../testing.html">Testing</a></li>
<li class="toctree-l1"><a class="reference internal" href="../developing.html">Contributors Guidelines</a></li>
<li class="toctree-l1"><a class="reference internal" href="../releasing.html">Collection Versioning Strategy</a></li>
</ul>
<p class="caption" role="heading"><span class="caption-text">General</span></p>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../CHANGELOG.html">Changelog</a></li>
</ul>
<p class="caption" role="heading"><span class="caption-text">Middleware collections</span></p>
<ul>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/infinispan/">Infinispan / Red Hat Data Grid</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/keycloak/">Keycloak / Red Hat Single Sign-On</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/wildfly/">Wildfly / Red Hat JBoss EAP</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/jws/">Tomcat / Red Hat JWS</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/amq/">ActiveMQ / Red Hat AMQ Broker</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/amq_streams/">Kafka / Red Hat AMQ Streams</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/redhat-csp-download/">Red Hat CSP Download</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/ansible_collections_jcliff/">JCliff</a></li>
</ul>
</div>
</div>
</nav>
<section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"><nav class="wy-nav-top" aria-label="Mobile navigation menu" >
<i data-toggle="wy-nav-top" class="fa fa-bars"></i>
<a href="../index.html">Keycloak Ansible Collection</a>
</nav>
<div class="wy-nav-content">
<div class="rst-content">
<div role="navigation" aria-label="Page navigation">
<ul class="wy-breadcrumbs">
<li><a href="../index.html" class="icon icon-home" aria-label="Home"></a></li>
<li class="breadcrumb-item"><a href="index.html">Role Index</a></li>
<li class="breadcrumb-item active">keycloak</li>
<li class="wy-breadcrumbs-aside">
<a href="../_sources/roles/keycloak.md.txt" rel="nofollow"> View page source</a>
</li>
</ul>
<hr/>
</div>
<div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
<div itemprop="articleBody">
<section id="keycloak">
<h1>keycloak<a class="headerlink" href="#keycloak" title="Link to this heading"></a></h1>
<p>Install <a class="reference external" href="https://keycloak.org/">keycloak</a> or <a class="reference external" href="https://access.redhat.com/products/red-hat-single-sign-on">Red Hat Single Sign-On</a> server configurations.</p>
<section id="requirements">
<h2>Requirements<a class="headerlink" href="#requirements" title="Link to this heading"></a></h2>
<p>This role requires the <code class="docutils literal notranslate"><span class="pre">python3-netaddr</span></code> library installed on the controller node.</p>
<ul class="simple">
<li><p>to install via yum/dnf: <code class="docutils literal notranslate"><span class="pre">dnf</span> <span class="pre">install</span> <span class="pre">python3-netaddr</span></code></p></li>
<li><p>or via pip: <code class="docutils literal notranslate"><span class="pre">pip</span> <span class="pre">install</span> <span class="pre">netaddr==0.8.0</span></code></p></li>
<li><p>or via the collection: <code class="docutils literal notranslate"><span class="pre">pip</span> <span class="pre">install</span> <span class="pre">-r</span> <span class="pre">requirements.txt</span></code></p></li>
</ul>
</section>
<section id="dependencies">
<h2>Dependencies<a class="headerlink" href="#dependencies" title="Link to this heading"></a></h2>
<p>The roles depends on:</p>
<ul class="simple">
<li><p><a class="reference external" href="https://github.com/ansible-middleware/common">middleware_automation.common</a></p></li>
<li><p><a class="reference external" href="https://docs.ansible.com/ansible/latest/collections/ansible/posix/index.html">ansible-posix</a></p></li>
</ul>
<p>To install all the dependencies via galaxy:</p>
<div class="highlight-none notranslate"><div class="highlight"><pre><span></span>ansible-galaxy collection install -r requirements.yml
</pre></div>
</div>
</section>
<section id="versions">
<h2>Versions<a class="headerlink" href="#versions" title="Link to this heading"></a></h2>
<table class="docutils align-default">
<thead>
<tr class="row-odd"><th class="head text-left"><p>RH-SSO VERSION</p></th>
<th class="head text-left"><p>Release Date</p></th>
<th class="head text-left"><p>Keycloak Version</p></th>
<th class="head text-left"><p>EAP Version</p></th>
<th class="head text-left"><p>Notes</p></th>
</tr>
</thead>
<tbody>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">7.5.0</span> <span class="pre">GA</span></code></p></td>
<td class="text-left"><p>September 20, 2021</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">15.0.2</span></code></p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">7.4.6</span></code></p></td>
<td class="text-left"><p><a class="reference external" href="https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.5/html/release_notes/index">Release Notes</a></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">7.6.0</span> <span class="pre">GA</span></code></p></td>
<td class="text-left"><p>June 30, 2022</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">18.0.3</span></code></p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">7.4.6</span></code></p></td>
<td class="text-left"><p><a class="reference external" href="https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.6/html-single/release_notes/index">Release Notes</a></p></td>
</tr>
</tbody>
</table>
</section>
<section id="patching">
<h2>Patching<a class="headerlink" href="#patching" title="Link to this heading"></a></h2>
<p>When variable <code class="docutils literal notranslate"><span class="pre">keycloak_rhsso_apply_patches</span></code> is <code class="docutils literal notranslate"><span class="pre">true</span></code> (default: <code class="docutils literal notranslate"><span class="pre">false</span></code>), the role will automatically apply the latest cumulative patch for the selected base version.</p>
<table class="docutils align-default">
<thead>
<tr class="row-odd"><th class="head text-left"><p>RH-SSO VERSION</p></th>
<th class="head text-left"><p>Release Date</p></th>
<th class="head text-left"><p>RH-SSO LATEST CP</p></th>
<th class="head text-left"><p>Notes</p></th>
</tr>
</thead>
<tbody>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">7.5.0</span> <span class="pre">GA</span></code></p></td>
<td class="text-left"><p>January 20, 2022</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">7.5.3</span> <span class="pre">GA</span></code></p></td>
<td class="text-left"><p><a class="reference external" href="https://access.redhat.com/articles/6646321">Release Notes</a></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">7.6.0</span> <span class="pre">GA</span></code></p></td>
<td class="text-left"><p>November 11, 2022</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">7.6.1</span> <span class="pre">GA</span></code></p></td>
<td class="text-left"><p><a class="reference external" href="https://access.redhat.com/articles/6982711">Release Notes</a></p></td>
</tr>
</tbody>
</table>
</section>
<section id="role-defaults">
<h2>Role Defaults<a class="headerlink" href="#role-defaults" title="Link to this heading"></a></h2>
<ul class="simple">
<li><p>Service configuration</p></li>
</ul>
<table class="docutils align-default">
<thead>
<tr class="row-odd"><th class="head text-left"><p>Variable</p></th>
<th class="head text-left"><p>Description</p></th>
<th class="head text-left"><p>Default</p></th>
</tr>
</thead>
<tbody>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_ha_enabled</span></code></p></td>
<td class="text-left"><p>Enable auto configuration for database backend, clustering and remote caches on infinispan</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">False</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_ha_discovery</span></code></p></td>
<td class="text-left"><p>Discovery protocol for HA cluster members</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">JDBC_PING</span></code> if <code class="docutils literal notranslate"><span class="pre">keycloak_db_enabled</span></code> else <code class="docutils literal notranslate"><span class="pre">TCPPING</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_db_enabled</span></code></p></td>
<td class="text-left"><p>Enable auto configuration for database backend</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">True</span></code> if <code class="docutils literal notranslate"><span class="pre">keycloak_ha_enabled</span></code> is True, else <code class="docutils literal notranslate"><span class="pre">False</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_remote_cache_enabled</span></code></p></td>
<td class="text-left"><p>Enable remote cache store when in clustered ha configurations</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">True</span></code> if <code class="docutils literal notranslate"><span class="pre">keycloak_ha_enabled</span></code> else <code class="docutils literal notranslate"><span class="pre">False</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_admin_user</span></code></p></td>
<td class="text-left"><p>Administration console user account</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">admin</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_bind_address</span></code></p></td>
<td class="text-left"><p>Address for binding service ports</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">0.0.0.0</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_management_port_bind_address</span></code></p></td>
<td class="text-left"><p>Address for binding management ports</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">127.0.0.1</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_host</span></code></p></td>
<td class="text-left"><p>hostname</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">localhost</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_http_port</span></code></p></td>
<td class="text-left"><p>HTTP port</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">8080</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_https_port</span></code></p></td>
<td class="text-left"><p>TLS HTTP port</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">8443</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_ajp_port</span></code></p></td>
<td class="text-left"><p>AJP port</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">8009</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_jgroups_port</span></code></p></td>
<td class="text-left"><p>jgroups cluster tcp port</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">7600</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_management_http_port</span></code></p></td>
<td class="text-left"><p>Management port</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">9990</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_management_https_port</span></code></p></td>
<td class="text-left"><p>TLS management port</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">9993</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_prefer_ipv4</span></code></p></td>
<td class="text-left"><p>Prefer IPv4 stack and addresses for port binding</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">true</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_config_standalone_xml</span></code></p></td>
<td class="text-left"><p>filename for configuration</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak.xml</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_service_user</span></code></p></td>
<td class="text-left"><p>posix account username</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_service_group</span></code></p></td>
<td class="text-left"><p>posix account group</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_service_restart_always</span></code></p></td>
<td class="text-left"><p>systemd restart always behavior activation</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">False</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_service_restart_on_failure</span></code></p></td>
<td class="text-left"><p>systemd restart on-failure behavior activation</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">False</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_service_startlimitintervalsec</span></code></p></td>
<td class="text-left"><p>systemd StartLimitIntervalSec</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">300</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_service_startlimitburst</span></code></p></td>
<td class="text-left"><p>systemd StartLimitBurst</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">5</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_service_restartsec</span></code></p></td>
<td class="text-left"><p>systemd RestartSec</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">10s</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_service_pidfile</span></code></p></td>
<td class="text-left"><p>pid file path for service</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">/run/keycloak/keycloak.pid</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_features</span></code></p></td>
<td class="text-left"><p>List of <code class="docutils literal notranslate"><span class="pre">name</span></code>/<code class="docutils literal notranslate"><span class="pre">status</span></code> pairs of features (also known as profiles on RH-SSO) to <code class="docutils literal notranslate"><span class="pre">enable</span></code> or <code class="docutils literal notranslate"><span class="pre">disable</span></code>, example: <code class="docutils literal notranslate"><span class="pre">[</span> <span class="pre">{</span> <span class="pre">name:</span> <span class="pre">'docker',</span> <span class="pre">status:</span> <span class="pre">'enabled'</span> <span class="pre">}</span> <span class="pre">]</span></code></p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">[]</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_jvm_package</span></code></p></td>
<td class="text-left"><p>RHEL java package runtime</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">java-1.8.0-openjdk-headless</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_java_home</span></code></p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">JAVA_HOME</span></code> of installed JRE, leave empty for using RPM path at <code class="docutils literal notranslate"><span class="pre">keycloak_jvm_package</span></code></p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">None</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_java_opts</span></code></p></td>
<td class="text-left"><p>Additional JVM options</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">-Xms1024m</span> <span class="pre">-Xmx2048m</span></code></p></td>
</tr>
</tbody>
</table>
<ul class="simple">
<li><p>Install options</p></li>
</ul>
<table class="docutils align-default">
<thead>
<tr class="row-odd"><th class="head text-left"><p>Variable</p></th>
<th class="head text-left"><p>Description</p></th>
<th class="head text-left"><p>Default</p></th>
</tr>
</thead>
<tbody>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_offline_install</span></code></p></td>
<td class="text-left"><p>perform an offline install</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">false</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_download_url</span></code></p></td>
<td class="text-left"><p>Download URL for keycloak</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">https://github.com/keycloak/keycloak/releases/download/&lt;version&gt;/&lt;archive&gt;</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_version</span></code></p></td>
<td class="text-left"><p>keycloak.org package version</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">18.0.2</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_dest</span></code></p></td>
<td class="text-left"><p>Installation root path</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">/opt/keycloak</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_download_url</span></code></p></td>
<td class="text-left"><p>Download URL for keycloak</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">https://github.com/keycloak/keycloak/releases/download/{{</span> <span class="pre">keycloak_version</span> <span class="pre">}}/{{</span> <span class="pre">keycloak_archive</span> <span class="pre">}}</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_configure_firewalld</span></code></p></td>
<td class="text-left"><p>Ensure firewalld is running and configure keycloak ports</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">false</span></code></p></td>
</tr>
</tbody>
</table>
<ul class="simple">
<li><p>Miscellaneous configuration</p></li>
</ul>
<table class="docutils align-default">
<thead>
<tr class="row-odd"><th class="head text-left"><p>Variable</p></th>
<th class="head text-left"><p>Description</p></th>
<th class="head text-left"><p>Default</p></th>
</tr>
</thead>
<tbody>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_archive</span></code></p></td>
<td class="text-left"><p>keycloak install archive filename</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak-legacy-{{</span> <span class="pre">keycloak_version</span> <span class="pre">}}.zip</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_download_url_9x</span></code></p></td>
<td class="text-left"><p>Download URL for keycloak (deprecated)</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">https://downloads.jboss.org/keycloak/{{</span> <span class="pre">keycloak_version</span> <span class="pre">}}/{{</span> <span class="pre">keycloak_archive</span> <span class="pre">}}</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_installdir</span></code></p></td>
<td class="text-left"><p>Installation path</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">{{</span> <span class="pre">keycloak_dest</span> <span class="pre">}}/keycloak-{{</span> <span class="pre">keycloak_version</span> <span class="pre">}}</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_jboss_home</span></code></p></td>
<td class="text-left"><p>Installation work directory</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">{{</span> <span class="pre">keycloak_rhsso_installdir</span> <span class="pre">}}</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_jboss_port_offset</span></code></p></td>
<td class="text-left"><p>Port offset for the JBoss socket binding</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">0</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_config_dir</span></code></p></td>
<td class="text-left"><p>Path for configuration</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">{{</span> <span class="pre">keycloak_jboss_home</span> <span class="pre">}}/standalone/configuration</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_config_path_to_standalone_xml</span></code></p></td>
<td class="text-left"><p>Custom path for configuration</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">{{</span> <span class="pre">keycloak_jboss_home</span> <span class="pre">}}/standalone/configuration/{{</span> <span class="pre">keycloak_config_standalone_xml</span> <span class="pre">}}</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_config_override_template</span></code></p></td>
<td class="text-left"><p>Path to custom template for standalone.xml configuration</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">''</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_auth_realm</span></code></p></td>
<td class="text-left"><p>Name for rest authentication realm</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">master</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_auth_client</span></code></p></td>
<td class="text-left"><p>Authentication client for configuration REST calls</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">admin-cli</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_force_install</span></code></p></td>
<td class="text-left"><p>Remove pre-existing versions of service</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">false</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_url</span></code></p></td>
<td class="text-left"><p>URL for configuration rest calls</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">http://{{</span> <span class="pre">keycloak_host</span> <span class="pre">}}:{{</span> <span class="pre">keycloak_http_port</span> <span class="pre">+</span> <span class="pre">keycloak_jboss_port_offset</span> <span class="pre">}}</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_management_url</span></code></p></td>
<td class="text-left"><p>URL for management console rest calls</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">http://{{</span> <span class="pre">keycloak_host</span> <span class="pre">}}:{{</span> <span class="pre">keycloak_management_http_port</span> <span class="pre">+</span> <span class="pre">keycloak_jboss_port_offset</span> <span class="pre">}}</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_frontend_url_force</span></code></p></td>
<td class="text-left"><p>Force backend requests to use the frontend URL</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">false</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_db_background_validation</span></code></p></td>
<td class="text-left"><p>Enable background validation of database connection</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">false</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_db_background_validation_millis</span></code></p></td>
<td class="text-left"><p>How frequenly the connection pool is validated in the background</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">10000</span></code> if background validation enabled</p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_db_background_validate_on_match</span></code></p></td>
<td class="text-left"><p>Enable validate on match for database connections</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">false</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_frontend_url</span></code></p></td>
<td class="text-left"><p>frontend URL for keycloak endpoint</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">http://localhost:8080/auth/</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_log_target</span></code></p></td>
<td class="text-left"><p>Set the destination of the keycloak log folder link</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">/var/log/keycloak</span></code></p></td>
</tr>
</tbody>
</table>
</section>
<section id="role-variables">
<h2>Role Variables<a class="headerlink" href="#role-variables" title="Link to this heading"></a></h2>
<p>The following are a set of <em>required</em> variables for the role:</p>
<table class="docutils align-default">
<thead>
<tr class="row-odd"><th class="head text-left"><p>Variable</p></th>
<th class="head text-left"><p>Description</p></th>
</tr>
</thead>
<tbody>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_admin_password</span></code></p></td>
<td class="text-left"><p>Password for the administration console user account (minimum 12 characters)</p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_frontend_url</span></code></p></td>
<td class="text-left"><p>frontend URL for keycloak endpoint</p></td>
</tr>
</tbody>
</table>
<p>The following parameters are <em>required</em> only when <code class="docutils literal notranslate"><span class="pre">keycloak_ha_enabled</span></code> is true:</p>
<table class="docutils align-default">
<thead>
<tr class="row-odd"><th class="head text-left"><p>Variable</p></th>
<th class="head text-left"><p>Description</p></th>
<th class="head text-left"><p>Default</p></th>
</tr>
</thead>
<tbody>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_modcluster_enabled</span></code></p></td>
<td class="text-left"><p>Enable configuration for modcluster subsystem</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">True</span></code> if <code class="docutils literal notranslate"><span class="pre">keycloak_ha_enabled</span></code> is True, else <code class="docutils literal notranslate"><span class="pre">False</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_modcluster_url</span></code></p></td>
<td class="text-left"><p><em>deprecated</em> Host for the modcluster reverse proxy</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">localhost</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_modcluster_port</span></code></p></td>
<td class="text-left"><p><em>deprecated</em> Port for the modcluster reverse proxy</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">6666</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_modcluster_urls</span></code></p></td>
<td class="text-left"><p>List of {host,port} dicts for the modcluster reverse proxies</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">[</span> <span class="pre">{</span> <span class="pre">localhost:6666</span> <span class="pre">}</span> <span class="pre">]</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_jdbc_engine</span></code></p></td>
<td class="text-left"><p>backend database engine when db is enabled: [ postgres, mariadb, sqlserver ]</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">postgres</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_infinispan_url</span></code></p></td>
<td class="text-left"><p>URL for the infinispan remote-cache server</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">localhost:11122</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_infinispan_user</span></code></p></td>
<td class="text-left"><p>username for connecting to infinispan</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">supervisor</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_infinispan_pass</span></code></p></td>
<td class="text-left"><p>password for connecting to infinispan</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">supervisor</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_infinispan_sasl_mechanism</span></code></p></td>
<td class="text-left"><p>Authentication type</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">SCRAM-SHA-512</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_infinispan_use_ssl</span></code></p></td>
<td class="text-left"><p>Enable hotrod TLS communication</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">False</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_infinispan_trust_store_path</span></code></p></td>
<td class="text-left"><p>Path to truststore with infinispan server certificate</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">/etc/pki/java/cacerts</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_infinispan_trust_store_password</span></code></p></td>
<td class="text-left"><p>Password for opening truststore</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">changeit</span></code></p></td>
</tr>
</tbody>
</table>
<p>The following parameters are <em>required</em> only when <code class="docutils literal notranslate"><span class="pre">keycloak_db_enabled</span></code> is true:</p>
<table class="docutils align-default">
<thead>
<tr class="row-odd"><th class="head text-left"><p>Variable</p></th>
<th class="head text-left"><p>Description</p></th>
<th class="head text-left"><p>Default</p></th>
</tr>
</thead>
<tbody>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_jdbc_url</span></code></p></td>
<td class="text-left"><p>URL for the postgres backend database</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">jdbc:postgresql://localhost:5432/keycloak</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_jdbc_driver_version</span></code></p></td>
<td class="text-left"><p>Version for the JDBC driver to download</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">9.4.1212</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_db_user</span></code></p></td>
<td class="text-left"><p>username for connecting to postgres</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak-user</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_db_pass</span></code></p></td>
<td class="text-left"><p>password for connecting to postgres</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak-pass</span></code></p></td>
</tr>
</tbody>
</table>
<p>The following variables are <em>optional</em>:</p>
<table class="docutils align-default">
<thead>
<tr class="row-odd"><th class="head text-left"><p>Variable</p></th>
<th class="head text-left"><p>Description</p></th>
</tr>
</thead>
<tbody>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_db_valid_conn_sql</span></code></p></td>
<td class="text-left"><p>Override the default database connection validation query sql</p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_admin_url</span></code></p></td>
<td class="text-left"><p>Override the default administration endpoint URL</p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_jgroups_subnet</span></code></p></td>
<td class="text-left"><p>Override the subnet match for jgroups cluster formation; if not defined, it will be inferred from local machine route configuration</p></td>
</tr>
</tbody>
</table>
</section>
<section id="example-playbook">
<h2>Example Playbook<a class="headerlink" href="#example-playbook" title="Link to this heading"></a></h2>
<ul class="simple">
<li><p>The following is an example playbook that makes use of the role to install keycloak from remote:</p></li>
</ul>
<div class="highlight-yaml notranslate"><div class="highlight"><pre><span></span><span class="nn">---</span>
<span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">hosts</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">...</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">vars</span><span class="p p-Indicator">:</span>
<span class="w"> </span><span class="nt">keycloak_admin_password</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;remembertochangeme&quot;</span>
<span class="w"> </span><span class="w w-Error"> </span><span class="nt">roles</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">middleware_automation.keycloak.keycloak</span>
</pre></div>
</div>
<ul class="simple">
<li><p>The following example playbook makes use of the role to install keycloak from the controller node:</p></li>
</ul>
<div class="highlight-yaml notranslate"><div class="highlight"><pre><span></span><span class="nn">---</span>
<span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">hosts</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">...</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">collections</span><span class="p p-Indicator">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">middleware_automation.keycloak</span>
<span class="w"> </span><span class="w w-Error"> </span><span class="nt">tasks</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Include keycloak role</span>
<span class="w"> </span><span class="nt">include_role</span><span class="p">:</span>
<span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">keycloak</span>
<span class="w"> </span><span class="nt">vars</span><span class="p">:</span>
<span class="w"> </span><span class="nt">keycloak_admin_password</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;remembertochangeme&quot;</span>
<span class="w"> </span><span class="nt">keycloak_offline_install</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">true</span>
<span class="w"> </span><span class="c1"># This should be the filename of keycloak archive on Ansible node: keycloak-16.1.0.zip</span>
</pre></div>
</div>
</section>
<section id="license">
<h2>License<a class="headerlink" href="#license" title="Link to this heading"></a></h2>
<p>Apache License 2.0</p>
</section>
<section id="author-information">
<h2>Author Information<a class="headerlink" href="#author-information" title="Link to this heading"></a></h2>
<ul class="simple">
<li><p><a class="reference external" href="https://github.com/guidograzioli">Guido Grazioli</a></p></li>
<li><p><a class="reference external" href="https://github.com/rpelisse">Romain Pelisse</a></p></li>
<li><p><a class="reference external" href="https://github.com/motaparthipavankumar">Pavan Kumar Motaparthi</a></p></li>
</ul>
</section>
</section>
</div>
</div>
<footer><div class="rst-footer-buttons" role="navigation" aria-label="Footer">
<a href="index.html" class="btn btn-neutral float-left" title="Role Index" accesskey="p" rel="prev"><span class="fa fa-arrow-circle-left" aria-hidden="true"></span> Previous</a>
<a href="keycloak_quarkus.html" class="btn btn-neutral float-right" title="keycloak_quarkus" accesskey="n" rel="next">Next <span class="fa fa-arrow-circle-right" aria-hidden="true"></span></a>
</div>
<hr/>
<div role="contentinfo">
<p>&#169; Copyright 2024, Red Hat, Inc..</p>
</div>
Built with <a href="https://www.sphinx-doc.org/">Sphinx</a> using a
<a href="https://github.com/readthedocs/sphinx_rtd_theme">theme</a>
provided by <a href="https://readthedocs.org">Read the Docs</a>.
</footer>
</div>
</div>
</section>
</div>
<script>
jQuery(function () {
SphinxRtdTheme.Navigation.enable(true);
});
</script>
</body>
</html>

586
2.1.0/roles/keycloak_quarkus.html Normal file
View file

@ -0,0 +1,586 @@
<!DOCTYPE html>
<html class="writer-html5" lang="en" data-content_root="../">
<head>
<meta charset="utf-8" /><meta name="viewport" content="width=device-width, initial-scale=1" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>keycloak_quarkus &mdash; Keycloak Ansible Collection documentation</title>
<link rel="stylesheet" type="text/css" href="../_static/pygments.css?v=5707b69d" />
<link rel="stylesheet" type="text/css" href="../_static/css/theme.css?v=19f00094" />
<link rel="stylesheet" type="text/css" href="../_static/antsibull-minimal.css" />
<link rel="stylesheet" type="text/css" href="../_static/ansible-basic-sphinx-ext.css" />
<!--[if lt IE 9]>
<script src="../_static/js/html5shiv.min.js"></script>
<![endif]-->
<script src="../_static/jquery.js?v=5d32c60e"></script>
<script src="../_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
<script src="../_static/documentation_options.js?v=5929fcd5"></script>
<script src="../_static/doctools.js?v=9a2dae69"></script>
<script src="../_static/sphinx_highlight.js?v=dc90522c"></script>
<script src="../_static/js/theme.js"></script>
<link rel="index" title="Index" href="../genindex.html" />
<link rel="search" title="Search" href="../search.html" />
<link rel="next" title="keycloak_realm" href="keycloak_realm.html" />
<link rel="prev" title="keycloak" href="keycloak.html" />
</head>
<body class="wy-body-for-nav">
<div class="wy-grid-for-nav">
<nav data-toggle="wy-nav-shift" class="wy-nav-side">
<div class="wy-side-scroll">
<div class="wy-side-nav-search" >
<a href="../index.html" class="icon icon-home">
Keycloak Ansible Collection
</a>
<div role="search">
<form id="rtd-search-form" class="wy-form" action="../search.html" method="get">
<input type="text" name="q" placeholder="Search docs" aria-label="Search docs" />
<input type="hidden" name="check_keywords" value="yes" />
<input type="hidden" name="area" value="default" />
</form>
</div>
</div><div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="Navigation menu">
<p class="caption" role="heading"><span class="caption-text">User documentation</span></p>
<ul class="current">
<li class="toctree-l1"><a class="reference internal" href="../README.html">Ansible Collection - middleware_automation.keycloak</a></li>
<li class="toctree-l1"><a class="reference internal" href="../plugins/index.html">Plugin Index</a></li>
<li class="toctree-l1 current"><a class="reference internal" href="index.html">Role Index</a><ul class="current">
<li class="toctree-l2"><a class="reference internal" href="keycloak.html">keycloak</a></li>
<li class="toctree-l2 current"><a class="current reference internal" href="#">keycloak_quarkus</a><ul>
<li class="toctree-l3"><a class="reference internal" href="#role-defaults">Role Defaults</a></li>
<li class="toctree-l3"><a class="reference internal" href="#role-variables">Role Variables</a></li>
<li class="toctree-l3"><a class="reference internal" href="#license">License</a></li>
<li class="toctree-l3"><a class="reference internal" href="#author-information">Author Information</a></li>
</ul>
</li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_realm.html">keycloak_realm</a></li>
</ul>
</li>
</ul>
<p class="caption" role="heading"><span class="caption-text">Developer documentation</span></p>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../testing.html">Testing</a></li>
<li class="toctree-l1"><a class="reference internal" href="../developing.html">Contributors Guidelines</a></li>
<li class="toctree-l1"><a class="reference internal" href="../releasing.html">Collection Versioning Strategy</a></li>
</ul>
<p class="caption" role="heading"><span class="caption-text">General</span></p>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../CHANGELOG.html">Changelog</a></li>
</ul>
<p class="caption" role="heading"><span class="caption-text">Middleware collections</span></p>
<ul>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/infinispan/">Infinispan / Red Hat Data Grid</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/keycloak/">Keycloak / Red Hat Single Sign-On</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/wildfly/">Wildfly / Red Hat JBoss EAP</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/jws/">Tomcat / Red Hat JWS</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/amq/">ActiveMQ / Red Hat AMQ Broker</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/amq_streams/">Kafka / Red Hat AMQ Streams</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/redhat-csp-download/">Red Hat CSP Download</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/ansible_collections_jcliff/">JCliff</a></li>
</ul>
</div>
</div>
</nav>
<section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"><nav class="wy-nav-top" aria-label="Mobile navigation menu" >
<i data-toggle="wy-nav-top" class="fa fa-bars"></i>
<a href="../index.html">Keycloak Ansible Collection</a>
</nav>
<div class="wy-nav-content">
<div class="rst-content">
<div role="navigation" aria-label="Page navigation">
<ul class="wy-breadcrumbs">
<li><a href="../index.html" class="icon icon-home" aria-label="Home"></a></li>
<li class="breadcrumb-item"><a href="index.html">Role Index</a></li>
<li class="breadcrumb-item active">keycloak_quarkus</li>
<li class="wy-breadcrumbs-aside">
<a href="../_sources/roles/keycloak_quarkus.md.txt" rel="nofollow"> View page source</a>
</li>
</ul>
<hr/>
</div>
<div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
<div itemprop="articleBody">
<section id="keycloak-quarkus">
<h1>keycloak_quarkus<a class="headerlink" href="#keycloak-quarkus" title="Link to this heading"></a></h1>
<p>Install <a class="reference external" href="https://keycloak.org/">keycloak</a> &gt;= 20.0.0 (quarkus) server configurations.</p>
<section id="role-defaults">
<h2>Role Defaults<a class="headerlink" href="#role-defaults" title="Link to this heading"></a></h2>
<ul class="simple">
<li><p>Installation options</p></li>
</ul>
<table class="docutils align-default">
<thead>
<tr class="row-odd"><th class="head text-left"><p>Variable</p></th>
<th class="head text-left"><p>Description</p></th>
<th class="head text-left"><p>Default</p></th>
</tr>
</thead>
<tbody>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_version</span></code></p></td>
<td class="text-left"><p>keycloak.org package version</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">23.0.7</span></code></p></td>
</tr>
</tbody>
</table>
<ul class="simple">
<li><p>Service configuration</p></li>
</ul>
<table class="docutils align-default">
<thead>
<tr class="row-odd"><th class="head text-left"><p>Variable</p></th>
<th class="head text-left"><p>Description</p></th>
<th class="head text-left"><p>Default</p></th>
</tr>
</thead>
<tbody>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_ha_enabled</span></code></p></td>
<td class="text-left"><p>Enable auto configuration for database backend, clustering and remote caches on infinispan</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">False</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_ha_discovery</span></code></p></td>
<td class="text-left"><p>Discovery protocol for HA cluster members</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">TCPPING</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_db_enabled</span></code></p></td>
<td class="text-left"><p>Enable auto configuration for database backend</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">True</span></code> if <code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_ha_enabled</span></code> is True, else <code class="docutils literal notranslate"><span class="pre">False</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_admin_user</span></code></p></td>
<td class="text-left"><p>Administration console user account</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">admin</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_bind_address</span></code></p></td>
<td class="text-left"><p>Address for binding service ports</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">0.0.0.0</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_host</span></code></p></td>
<td class="text-left"><p>Hostname for the Keycloak server</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">localhost</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_port</span></code></p></td>
<td class="text-left"><p>The port used by the proxy when exposing the hostname</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">-1</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_path</span></code></p></td>
<td class="text-left"><p>This should be set if proxy uses a different context-path for Keycloak</p></td>
<td class="text-left"><p></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_http_port</span></code></p></td>
<td class="text-left"><p>HTTP listening port</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">8080</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_https_port</span></code></p></td>
<td class="text-left"><p>TLS HTTP listening port</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">8443</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_ajp_port</span></code></p></td>
<td class="text-left"><p>AJP port</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">8009</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_jgroups_port</span></code></p></td>
<td class="text-left"><p>jgroups cluster tcp port</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">7800</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_service_user</span></code></p></td>
<td class="text-left"><p>Posix account username</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_service_group</span></code></p></td>
<td class="text-left"><p>Posix account group</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_service_restart_always</span></code></p></td>
<td class="text-left"><p>systemd restart always behavior activation</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">False</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_service_restart_on_failure</span></code></p></td>
<td class="text-left"><p>systemd restart on-failure behavior activation</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">False</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_service_restartsec</span></code></p></td>
<td class="text-left"><p>systemd RestartSec</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">10s</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_service_pidfile</span></code></p></td>
<td class="text-left"><p>Pid file path for service</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">/run/keycloak.pid</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_jvm_package</span></code></p></td>
<td class="text-left"><p>RHEL java package runtime</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">java-17-openjdk-headless</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_java_home</span></code></p></td>
<td class="text-left"><p>JAVA_HOME of installed JRE, leave empty for using specified keycloak_quarkus_jvm_package RPM path</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">None</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_java_opts</span></code></p></td>
<td class="text-left"><p>Additional JVM options</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">-Xms1024m</span> <span class="pre">-Xmx2048m</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_frontend_url</span></code></p></td>
<td class="text-left"><p>Set the base URL for frontend URLs, including scheme, host, port and path</p></td>
<td class="text-left"><p></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_admin_url</span></code></p></td>
<td class="text-left"><p>Set the base URL for accessing the administration console, including scheme, host, port and path</p></td>
<td class="text-left"><p></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_http_relative_path</span></code></p></td>
<td class="text-left"><p>Set the path relative to / for serving resources. The path must start with a /</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">/</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_http_enabled</span></code></p></td>
<td class="text-left"><p>Enable listener on HTTP port</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">True</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_https_key_file_enabled</span></code></p></td>
<td class="text-left"><p>Enable listener on HTTPS port</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">False</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_key_file</span></code></p></td>
<td class="text-left"><p>The file path to a private key in PEM format</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">{{</span> <span class="pre">keycloak.home</span> <span class="pre">}}/conf/server.key.pem</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_cert_file</span></code></p></td>
<td class="text-left"><p>The file path to a server certificate or certificate chain in PEM format</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">{{</span> <span class="pre">keycloak.home</span> <span class="pre">}}/conf/server.crt.pem</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_https_key_store_enabled</span></code></p></td>
<td class="text-left"><p>Enable configuration of HTTPS via a key store</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">False</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_key_store_file</span></code></p></td>
<td class="text-left"><p>The file pat to the key store</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">{{</span> <span class="pre">keycloak.home</span> <span class="pre">}}/conf/key_store.p12</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_key_store_password</span></code></p></td>
<td class="text-left"><p>Password for the key store</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">&quot;&quot;</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_https_trust_store_enabled</span></code></p></td>
<td class="text-left"><p>Enalbe confiugration of a trust store</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">False</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_trust_store_file</span></code></p></td>
<td class="text-left"><p>The file pat to the trust store</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">{{</span> <span class="pre">keycloak.home</span> <span class="pre">}}/conf/trust_store.p12</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_trust_store_password</span></code></p></td>
<td class="text-left"><p>Password for the trust store</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">&quot;&quot;</span></code></p></td>
</tr>
</tbody>
</table>
<ul class="simple">
<li><p>Hostname configuration</p></li>
</ul>
<table class="docutils align-default">
<thead>
<tr class="row-odd"><th class="head text-left"><p>Variable</p></th>
<th class="head text-left"><p>Description</p></th>
<th class="head text-left"><p>Default</p></th>
</tr>
</thead>
<tbody>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_http_relative_path</span></code></p></td>
<td class="text-left"><p>Set the path relative to / for serving resources. The path must start with a /</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">/</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_hostname_strict</span></code></p></td>
<td class="text-left"><p>Disables dynamically resolving the hostname from request headers</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">true</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_hostname_strict_backchannel</span></code></p></td>
<td class="text-left"><p>By default backchannel URLs are dynamically resolved from request headers to allow internal and external applications. If all applications use the public URL this option should be enabled.</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">false</span></code></p></td>
</tr>
</tbody>
</table>
<ul class="simple">
<li><p>Database configuration</p></li>
</ul>
<table class="docutils align-default">
<thead>
<tr class="row-odd"><th class="head text-left"><p>Variable</p></th>
<th class="head text-left"><p>Description</p></th>
<th class="head text-left"><p>Default</p></th>
</tr>
</thead>
<tbody>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_jdbc_engine</span></code></p></td>
<td class="text-left"><p>Database engine [mariadb,postres,mssql]</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">postgres</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_db_user</span></code></p></td>
<td class="text-left"><p>User for database connection</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak-user</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_db_pass</span></code></p></td>
<td class="text-left"><p>Password for database connection</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak-pass</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_jdbc_url</span></code></p></td>
<td class="text-left"><p>JDBC URL for connecting to database</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">jdbc:postgresql://localhost:5432/keycloak</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_jdbc_driver_version</span></code></p></td>
<td class="text-left"><p>Version for JDBC driver</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">9.4.1212</span></code></p></td>
</tr>
</tbody>
</table>
<ul class="simple">
<li><p>Remote caches configuration</p></li>
</ul>
<table class="docutils align-default">
<thead>
<tr class="row-odd"><th class="head text-left"><p>Variable</p></th>
<th class="head text-left"><p>Description</p></th>
<th class="head text-left"><p>Default</p></th>
</tr>
</thead>
<tbody>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_ispn_user</span></code></p></td>
<td class="text-left"><p>Username for connecting to infinispan</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">supervisor</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_ispn_pass</span></code></p></td>
<td class="text-left"><p>Password for connecting to infinispan</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">supervisor</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_ispn_hosts</span></code></p></td>
<td class="text-left"><p>host name/port for connecting to infinispan, eg. host1:11222;host2:11222</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">localhost:11222</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_ispn_sasl_mechanism</span></code></p></td>
<td class="text-left"><p>Infinispan auth mechanism</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">SCRAM-SHA-512</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_ispn_use_ssl</span></code></p></td>
<td class="text-left"><p>Whether infinispan uses TLS connection</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">false</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_ispn_trust_store_path</span></code></p></td>
<td class="text-left"><p>Path to infinispan server trust certificate</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">/etc/pki/java/cacerts</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_ispn_trust_store_password</span></code></p></td>
<td class="text-left"><p>Password for infinispan certificate keystore</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">changeit</span></code></p></td>
</tr>
</tbody>
</table>
<ul class="simple">
<li><p>Install options</p></li>
</ul>
<table class="docutils align-default">
<thead>
<tr class="row-odd"><th class="head text-left"><p>Variable</p></th>
<th class="head text-left"><p>Description</p></th>
<th class="head text-left"><p>Default</p></th>
</tr>
</thead>
<tbody>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_offline_install</span></code></p></td>
<td class="text-left"><p>Perform an offline install</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">False</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_version</span></code></p></td>
<td class="text-left"><p>keycloak.org package version</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">23.0.7</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_dest</span></code></p></td>
<td class="text-left"><p>Installation root path</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">/opt/keycloak</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_download_url</span></code></p></td>
<td class="text-left"><p>Download URL for keycloak</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">https://github.com/keycloak/keycloak/releases/download/{{</span> <span class="pre">keycloak_quarkus_version</span> <span class="pre">}}/{{</span> <span class="pre">keycloak_quarkus_archive</span> <span class="pre">}}</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_configure_firewalld</span></code></p></td>
<td class="text-left"><p>Ensure firewalld is running and configure keycloak ports</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">False</span></code></p></td>
</tr>
</tbody>
</table>
<ul class="simple">
<li><p>Miscellaneous configuration</p></li>
</ul>
<table class="docutils align-default">
<thead>
<tr class="row-odd"><th class="head text-left"><p>Variable</p></th>
<th class="head text-left"><p>Description</p></th>
<th class="head text-left"><p>Default</p></th>
</tr>
</thead>
<tbody>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_metrics_enabled</span></code></p></td>
<td class="text-left"><p>Whether to enable metrics</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">False</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_health_enabled</span></code></p></td>
<td class="text-left"><p>If the server should expose health check endpoints</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">True</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_archive</span></code></p></td>
<td class="text-left"><p>keycloak install archive filename</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak-{{</span> <span class="pre">keycloak_quarkus_version</span> <span class="pre">}}.zip</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_installdir</span></code></p></td>
<td class="text-left"><p>Installation path</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">{{</span> <span class="pre">keycloak_quarkus_dest</span> <span class="pre">}}/keycloak-{{</span> <span class="pre">keycloak_quarkus_version</span> <span class="pre">}}</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_home</span></code></p></td>
<td class="text-left"><p>Installation work directory</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">{{</span> <span class="pre">keycloak_quarkus_installdir</span> <span class="pre">}}</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_config_dir</span></code></p></td>
<td class="text-left"><p>Path for configuration</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">{{</span> <span class="pre">keycloak_quarkus_home</span> <span class="pre">}}/conf</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_master_realm</span></code></p></td>
<td class="text-left"><p>Name for rest authentication realm</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">master</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_auth_client</span></code></p></td>
<td class="text-left"><p>Authentication client for configuration REST calls</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">admin-cli</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_force_install</span></code></p></td>
<td class="text-left"><p>Remove pre-existing versions of service</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">False</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_url</span></code></p></td>
<td class="text-left"><p>URL for configuration rest calls</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">http://{{</span> <span class="pre">keycloak_quarkus_host</span> <span class="pre">}}:{{</span> <span class="pre">keycloak_http_port</span> <span class="pre">}}</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_log</span></code></p></td>
<td class="text-left"><p>Enable one or more log handlers in a comma-separated list</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">file</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_log_level</span></code></p></td>
<td class="text-left"><p>The log level of the root category or a comma-separated list of individual categories and their levels</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">info</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_log_file</span></code></p></td>
<td class="text-left"><p>Set the log file path and filename relative to keycloak home</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">data/log/keycloak.log</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_log_format</span></code></p></td>
<td class="text-left"><p>Set a format specific to file log entries</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">%d{yyyy-MM-dd</span> <span class="pre">HH:mm:ss,SSS}</span> <span class="pre">%-5p</span> <span class="pre">[%c]</span> <span class="pre">(%t)</span> <span class="pre">%s%e%n</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_log_target</span></code></p></td>
<td class="text-left"><p>Set the destination of the keycloak log folder link</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">/var/log/keycloak</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_log_max_file_size</span></code></p></td>
<td class="text-left"><p>Set the maximum log file size before a log rotation happens; A size configuration option recognises string in this format (shown as a regular expression): <code class="docutils literal notranslate"><span class="pre">[0-9]+[KkMmGgTtPpEeZzYy]?</span></code>. If no suffix is given, assume bytes.</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">10M</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_log_max_backup_index</span></code></p></td>
<td class="text-left"><p>Set the maximum number of archived log files to keep”</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">10</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_log_file_suffix</span></code></p></td>
<td class="text-left"><p>Set the log file handler rotation file suffix. When used, the file will be rotated based on its suffix; Note: If the suffix ends with <code class="docutils literal notranslate"><span class="pre">.zip</span></code> or <code class="docutils literal notranslate"><span class="pre">.gz</span></code>, the rotation file will also be compressed.</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">.yyyy-MM-dd.zip</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_proxy_mode</span></code></p></td>
<td class="text-left"><p>The proxy address forwarding mode if the server is behind a reverse proxy</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">edge</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_start_dev</span></code></p></td>
<td class="text-left"><p>Whether to start the service in development mode (start-dev)</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">False</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_transaction_xa_enabled</span></code></p></td>
<td class="text-left"><p>Whether to use XA transactions</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">True</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_spi_sticky_session_encoder_infinispan_should_attach_route</span></code></p></td>
<td class="text-left"><p>If the route should be attached to cookies to reflect the node that owns a particular session. If false, route is not attached to cookies and we rely on the session affinity capabilities from reverse proxy</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">True</span></code></p></td>
</tr>
</tbody>
</table>
</section>
<section id="role-variables">
<h2>Role Variables<a class="headerlink" href="#role-variables" title="Link to this heading"></a></h2>
<table class="docutils align-default">
<thead>
<tr class="row-odd"><th class="head text-left"><p>Variable</p></th>
<th class="head text-left"><p>Description</p></th>
<th class="head"><p>Required</p></th>
</tr>
</thead>
<tbody>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_admin_pass</span></code></p></td>
<td class="text-left"><p>Password of console admin account</p></td>
<td><p><code class="docutils literal notranslate"><span class="pre">yes</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_frontend_url</span></code></p></td>
<td class="text-left"><p>Base URL for frontend URLs, including scheme, host, port and path</p></td>
<td><p><code class="docutils literal notranslate"><span class="pre">no</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_quarkus_admin_url</span></code></p></td>
<td class="text-left"><p>Base URL for accessing the administration console, including scheme, host, port and path</p></td>
<td><p><code class="docutils literal notranslate"><span class="pre">no</span></code></p></td>
</tr>
</tbody>
</table>
</section>
<section id="license">
<h2>License<a class="headerlink" href="#license" title="Link to this heading"></a></h2>
<p>Apache License 2.0</p>
</section>
<section id="author-information">
<h2>Author Information<a class="headerlink" href="#author-information" title="Link to this heading"></a></h2>
<ul class="simple">
<li><p><a class="reference external" href="https://github.com/guidograzioli">Guido Grazioli</a></p></li>
</ul>
</section>
</section>
</div>
</div>
<footer><div class="rst-footer-buttons" role="navigation" aria-label="Footer">
<a href="keycloak.html" class="btn btn-neutral float-left" title="keycloak" accesskey="p" rel="prev"><span class="fa fa-arrow-circle-left" aria-hidden="true"></span> Previous</a>
<a href="keycloak_realm.html" class="btn btn-neutral float-right" title="keycloak_realm" accesskey="n" rel="next">Next <span class="fa fa-arrow-circle-right" aria-hidden="true"></span></a>
</div>
<hr/>
<div role="contentinfo">
<p>&#169; Copyright 2024, Red Hat, Inc..</p>
</div>
Built with <a href="https://www.sphinx-doc.org/">Sphinx</a> using a
<a href="https://github.com/readthedocs/sphinx_rtd_theme">theme</a>
provided by <a href="https://readthedocs.org">Read the Docs</a>.
</footer>
</div>
</div>
</section>
</div>
<script>
jQuery(function () {
SphinxRtdTheme.Navigation.enable(true);
});
</script>
</body>
</html>

347
2.1.0/roles/keycloak_realm.html Normal file
View file

@ -0,0 +1,347 @@
<!DOCTYPE html>
<html class="writer-html5" lang="en" data-content_root="../">
<head>
<meta charset="utf-8" /><meta name="viewport" content="width=device-width, initial-scale=1" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>keycloak_realm &mdash; Keycloak Ansible Collection documentation</title>
<link rel="stylesheet" type="text/css" href="../_static/pygments.css?v=5707b69d" />
<link rel="stylesheet" type="text/css" href="../_static/css/theme.css?v=19f00094" />
<link rel="stylesheet" type="text/css" href="../_static/antsibull-minimal.css" />
<link rel="stylesheet" type="text/css" href="../_static/ansible-basic-sphinx-ext.css" />
<!--[if lt IE 9]>
<script src="../_static/js/html5shiv.min.js"></script>
<![endif]-->
<script src="../_static/jquery.js?v=5d32c60e"></script>
<script src="../_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
<script src="../_static/documentation_options.js?v=5929fcd5"></script>
<script src="../_static/doctools.js?v=9a2dae69"></script>
<script src="../_static/sphinx_highlight.js?v=dc90522c"></script>
<script src="../_static/js/theme.js"></script>
<link rel="index" title="Index" href="../genindex.html" />
<link rel="search" title="Search" href="../search.html" />
<link rel="next" title="Testing" href="../testing.html" />
<link rel="prev" title="keycloak_quarkus" href="keycloak_quarkus.html" />
</head>
<body class="wy-body-for-nav">
<div class="wy-grid-for-nav">
<nav data-toggle="wy-nav-shift" class="wy-nav-side">
<div class="wy-side-scroll">
<div class="wy-side-nav-search" >
<a href="../index.html" class="icon icon-home">
Keycloak Ansible Collection
</a>
<div role="search">
<form id="rtd-search-form" class="wy-form" action="../search.html" method="get">
<input type="text" name="q" placeholder="Search docs" aria-label="Search docs" />
<input type="hidden" name="check_keywords" value="yes" />
<input type="hidden" name="area" value="default" />
</form>
</div>
</div><div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="Navigation menu">
<p class="caption" role="heading"><span class="caption-text">User documentation</span></p>
<ul class="current">
<li class="toctree-l1"><a class="reference internal" href="../README.html">Ansible Collection - middleware_automation.keycloak</a></li>
<li class="toctree-l1"><a class="reference internal" href="../plugins/index.html">Plugin Index</a></li>
<li class="toctree-l1 current"><a class="reference internal" href="index.html">Role Index</a><ul class="current">
<li class="toctree-l2"><a class="reference internal" href="keycloak.html">keycloak</a></li>
<li class="toctree-l2"><a class="reference internal" href="keycloak_quarkus.html">keycloak_quarkus</a></li>
<li class="toctree-l2 current"><a class="current reference internal" href="#">keycloak_realm</a><ul>
<li class="toctree-l3"><a class="reference internal" href="#role-defaults">Role Defaults</a></li>
<li class="toctree-l3"><a class="reference internal" href="#role-variables">Role Variables</a></li>
<li class="toctree-l3"><a class="reference internal" href="#variable-formats">Variable formats</a></li>
<li class="toctree-l3"><a class="reference internal" href="#example-playbook">Example Playbook</a></li>
<li class="toctree-l3"><a class="reference internal" href="#license">License</a></li>
<li class="toctree-l3"><a class="reference internal" href="#author-information">Author Information</a></li>
</ul>
</li>
</ul>
</li>
</ul>
<p class="caption" role="heading"><span class="caption-text">Developer documentation</span></p>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../testing.html">Testing</a></li>
<li class="toctree-l1"><a class="reference internal" href="../developing.html">Contributors Guidelines</a></li>
<li class="toctree-l1"><a class="reference internal" href="../releasing.html">Collection Versioning Strategy</a></li>
</ul>
<p class="caption" role="heading"><span class="caption-text">General</span></p>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../CHANGELOG.html">Changelog</a></li>
</ul>
<p class="caption" role="heading"><span class="caption-text">Middleware collections</span></p>
<ul>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/infinispan/">Infinispan / Red Hat Data Grid</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/keycloak/">Keycloak / Red Hat Single Sign-On</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/wildfly/">Wildfly / Red Hat JBoss EAP</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/jws/">Tomcat / Red Hat JWS</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/amq/">ActiveMQ / Red Hat AMQ Broker</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/amq_streams/">Kafka / Red Hat AMQ Streams</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/redhat-csp-download/">Red Hat CSP Download</a></li>
<li class="toctree-l1"><a class="reference external" href="https://ansible-middleware.github.io/ansible_collections_jcliff/">JCliff</a></li>
</ul>
</div>
</div>
</nav>
<section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"><nav class="wy-nav-top" aria-label="Mobile navigation menu" >
<i data-toggle="wy-nav-top" class="fa fa-bars"></i>
<a href="../index.html">Keycloak Ansible Collection</a>
</nav>
<div class="wy-nav-content">
<div class="rst-content">
<div role="navigation" aria-label="Page navigation">
<ul class="wy-breadcrumbs">
<li><a href="../index.html" class="icon icon-home" aria-label="Home"></a></li>
<li class="breadcrumb-item"><a href="index.html">Role Index</a></li>
<li class="breadcrumb-item active">keycloak_realm</li>
<li class="wy-breadcrumbs-aside">
<a href="../_sources/roles/keycloak_realm.md.txt" rel="nofollow"> View page source</a>
</li>
</ul>
<hr/>
</div>
<div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
<div itemprop="articleBody">
<section id="keycloak-realm">
<h1>keycloak_realm<a class="headerlink" href="#keycloak-realm" title="Link to this heading"></a></h1>
<p>Create realms and clients in <a class="reference external" href="https://keycloak.org/">keycloak</a> or <a class="reference external" href="https://access.redhat.com/products/red-hat-single-sign-on">Red Hat Single Sign-On</a> services.</p>
<section id="role-defaults">
<h2>Role Defaults<a class="headerlink" href="#role-defaults" title="Link to this heading"></a></h2>
<table class="docutils align-default">
<thead>
<tr class="row-odd"><th class="head text-left"><p>Variable</p></th>
<th class="head text-left"><p>Description</p></th>
<th class="head text-left"><p>Default</p></th>
</tr>
</thead>
<tbody>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_admin_user</span></code></p></td>
<td class="text-left"><p>Administration console user account</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">admin</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_host</span></code></p></td>
<td class="text-left"><p>hostname</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">localhost</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_context</span></code></p></td>
<td class="text-left"><p>Context path for rest calls</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">/auth</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_http_port</span></code></p></td>
<td class="text-left"><p>HTTP port</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">8080</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_https_port</span></code></p></td>
<td class="text-left"><p>TLS HTTP port</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">8443</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_auth_realm</span></code></p></td>
<td class="text-left"><p>Name of the main authentication realm</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">master</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_management_http_port</span></code></p></td>
<td class="text-left"><p>Management port</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">9990</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_auth_client</span></code></p></td>
<td class="text-left"><p>Authentication client for configuration REST calls</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">admin-cli</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_client_public</span></code></p></td>
<td class="text-left"><p>Configure a public realm client</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">True</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_client_web_origins</span></code></p></td>
<td class="text-left"><p>Web origins for realm client</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">+</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_url</span></code></p></td>
<td class="text-left"><p>URL for configuration rest calls</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">http://{{</span> <span class="pre">keycloak_host</span> <span class="pre">}}:{{</span> <span class="pre">keycloak_http_port</span> <span class="pre">}}</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_management_url</span></code></p></td>
<td class="text-left"><p>URL for management console rest calls</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">http://{{</span> <span class="pre">keycloak_host</span> <span class="pre">}}:{{</span> <span class="pre">keycloak_management_http_port</span> <span class="pre">}}</span></code></p></td>
</tr>
</tbody>
</table>
</section>
<section id="role-variables">
<h2>Role Variables<a class="headerlink" href="#role-variables" title="Link to this heading"></a></h2>
<p>The following are a set of <em>required</em> variables for the role:</p>
<table class="docutils align-default">
<thead>
<tr class="row-odd"><th class="head text-left"><p>Variable</p></th>
<th class="head text-left"><p>Description</p></th>
</tr>
</thead>
<tbody>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_realm</span></code></p></td>
<td class="text-left"><p>Name of the realm to be created</p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_admin_password</span></code></p></td>
<td class="text-left"><p>Password for the administration console user account</p></td>
</tr>
</tbody>
</table>
<p>The following variables are available for creating clients:</p>
<table class="docutils align-default">
<thead>
<tr class="row-odd"><th class="head text-left"><p>Variable</p></th>
<th class="head text-left"><p>Description</p></th>
<th class="head text-left"><p>Default</p></th>
</tr>
</thead>
<tbody>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_clients</span></code></p></td>
<td class="text-left"><p>List of <em>client</em> declarations for the realm</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">[]</span></code></p></td>
</tr>
<tr class="row-odd"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_client_default_roles</span></code></p></td>
<td class="text-left"><p>List of default role name for clients</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">[]</span></code></p></td>
</tr>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_client_users</span></code></p></td>
<td class="text-left"><p>List of user/role mappings for a client</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">[]</span></code></p></td>
</tr>
</tbody>
</table>
<p>The following variable are available for creating user federation:</p>
<table class="docutils align-default">
<thead>
<tr class="row-odd"><th class="head text-left"><p>Variable</p></th>
<th class="head text-left"><p>Description</p></th>
<th class="head text-left"><p>Default</p></th>
</tr>
</thead>
<tbody>
<tr class="row-even"><td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">keycloak_user_federation</span></code></p></td>
<td class="text-left"><p>List of <em>keycloak_user_federation</em> for the realm</p></td>
<td class="text-left"><p><code class="docutils literal notranslate"><span class="pre">[]</span></code></p></td>
</tr>
</tbody>
</table>
</section>
<section id="variable-formats">
<h2>Variable formats<a class="headerlink" href="#variable-formats" title="Link to this heading"></a></h2>
<ul class="simple">
<li><p><code class="docutils literal notranslate"><span class="pre">keycloak_user_federation</span></code>, a list of:</p></li>
</ul>
<div class="highlight-yaml notranslate"><div class="highlight"><pre><span></span><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">realm</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">&lt;name of the realm in which user federation should be configured, required&gt;</span>
<span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">&lt;name of the user federation provider, required&gt;</span>
<span class="w"> </span><span class="nt">provider_id</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">&lt;type of the user federation provider, required&gt;</span>
<span class="w"> </span><span class="nt">provider_type</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">&lt;Provider Type, default is set to org.keycloak.storage.UserStorageProvider&gt;</span>
<span class="w"> </span><span class="nt">config</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">&lt;dictionary of supported configuration values, required&gt;</span>
<span class="w"> </span><span class="nt">mappers</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">&lt;list of supported configuration values, required&gt;</span>
</pre></div>
</div>
<p>Refer to <a class="reference external" href="https://docs.ansible.com/ansible/latest/collections/community/general/keycloak_user_federation_module.html">docs</a> for information on supported variables.</p>
<ul class="simple">
<li><p><code class="docutils literal notranslate"><span class="pre">keycloak_clients</span></code>, a list of:</p></li>
</ul>
<div class="highlight-yaml notranslate"><div class="highlight"><pre><span></span><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">&lt;name of the client&gt;</span>
<span class="w"> </span><span class="nt">id</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">&lt;id of the client&gt;</span>
<span class="w"> </span><span class="nt">client_id</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">&lt;id of the client&gt;</span>
<span class="w"> </span><span class="nt">roles</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">&lt;keycloak_client_default_roles&gt;</span>
<span class="w"> </span><span class="nt">realm</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">&lt;name of the realm that contains the client&gt;</span>
<span class="w"> </span><span class="nt">public_client</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">&lt;true for public, false for confidential&gt;</span>
<span class="w"> </span><span class="nt">web_origins</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">&lt;list of allowed we origins for the client&gt;</span>
<span class="w"> </span><span class="nt">users</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">&lt;keycloak_client_users&gt;</span>
</pre></div>
</div>
<p><code class="docutils literal notranslate"><span class="pre">name</span></code> and either <code class="docutils literal notranslate"><span class="pre">id</span></code> or <code class="docutils literal notranslate"><span class="pre">client_id</span></code> are required.</p>
<ul class="simple">
<li><p><code class="docutils literal notranslate"><span class="pre">keycloak_client_users</span></code>, a list of:</p></li>
</ul>
<div class="highlight-yaml notranslate"><div class="highlight"><pre><span></span><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">username</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">&lt;username, required&gt;</span>
<span class="w"> </span><span class="nt">password</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">&lt;password, required&gt;</span>
<span class="w"> </span><span class="nt">firstName</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">&lt;firstName, optional&gt;</span>
<span class="w"> </span><span class="nt">lastName</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">&lt;lastName, optional&gt;</span>
<span class="w"> </span><span class="nt">email</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">&lt;email, optional&gt;</span>
<span class="w"> </span><span class="nt">client_roles</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">&lt;list of client user/role mappings&gt;</span>
</pre></div>
</div>
<ul class="simple">
<li><p>Client user/role mappings, a list of:</p></li>
</ul>
<div class="highlight-yaml notranslate"><div class="highlight"><pre><span></span><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">client</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">&lt;name of the client&gt;</span>
<span class="w"> </span><span class="nt">role</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">&lt;name of the role&gt;</span>
<span class="w"> </span><span class="nt">realm</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">&lt;name of the realm&gt;</span>
</pre></div>
</div>
<p>For a comprehensive example, refer to the <a class="reference download internal" download="" href="../_downloads/a0468922d38230cfdad1d445a6b10b9e/keycloak_realm.yml"><span class="xref download myst">playbook</span></a>.</p>
</section>
<section id="example-playbook">
<h2>Example Playbook<a class="headerlink" href="#example-playbook" title="Link to this heading"></a></h2>
<p>The following is an example playbook that makes use of the role to create a realm in keycloak.</p>
<div class="highlight-yaml notranslate"><div class="highlight"><pre><span></span><span class="nn">---</span>
<span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">hosts</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">...</span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">collections</span><span class="p p-Indicator">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">middleware_automation.keycloak</span>
<span class="w"> </span><span class="w w-Error"> </span><span class="nt">tasks</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Include keycloak role</span>
<span class="w"> </span><span class="nt">include_role</span><span class="p">:</span>
<span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">keycloak_realm</span>
<span class="w"> </span><span class="nt">vars</span><span class="p">:</span>
<span class="w"> </span><span class="nt">keycloak_admin_password</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;changeme&quot;</span>
<span class="w"> </span><span class="nt">keycloak_realm</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">TestRealm</span>
<span class="w"> </span><span class="nt">keycloak_clients</span><span class="p">:</span><span class="w"> </span><span class="p p-Indicator">[</span><span class="nv">...</span><span class="p p-Indicator">]</span>
</pre></div>
</div>
</section>
<section id="license">
<h2>License<a class="headerlink" href="#license" title="Link to this heading"></a></h2>
<p>Apache License 2.0</p>
</section>
<section id="author-information">
<h2>Author Information<a class="headerlink" href="#author-information" title="Link to this heading"></a></h2>
<ul class="simple">
<li><p><a class="reference external" href="https://github.com/guidograzioli">Guido Grazioli</a></p></li>
<li><p><a class="reference external" href="https://github.com/rpelisse">Romain Pelisse</a></p></li>
</ul>
</section>
</section>
</div>
</div>
<footer><div class="rst-footer-buttons" role="navigation" aria-label="Footer">
<a href="keycloak_quarkus.html" class="btn btn-neutral float-left" title="keycloak_quarkus" accesskey="p" rel="prev"><span class="fa fa-arrow-circle-left" aria-hidden="true"></span> Previous</a>
<a href="../testing.html" class="btn btn-neutral float-right" title="Testing" accesskey="n" rel="next">Next <span class="fa fa-arrow-circle-right" aria-hidden="true"></span></a>
</div>
<hr/>
<div role="contentinfo">
<p>&#169; Copyright 2024, Red Hat, Inc..</p>
</div>
Built with <a href="https://www.sphinx-doc.org/">Sphinx</a> using a
<a href="https://github.com/readthedocs/sphinx_rtd_theme">theme</a>
provided by <a href="https://readthedocs.org">Read the Docs</a>.
</footer>
</div>
</div>
</section>
</div>
<script>
jQuery(function () {
SphinxRtdTheme.Navigation.enable(true);
});
</script>
</body>
</html>