mirror of
https://github.com/ansible-middleware/keycloak.git
synced 2025-04-10 21:00:29 -07:00
d0f19b59dc
RHBK v26 exposes health endpoints and metrics on this port moving forward. Note that the scheme of the MGMT interface is defined by the overall keycloak configuration: if https is enabled and configured, th MGMT interface is exposed via https and NOT via http; this might be breaking some configured load balancer health checks
36 lines
946 B
YAML
36 lines
946 B
YAML
---
|
|
- name: Ensure required package firewalld are installed
|
|
ansible.builtin.include_tasks: fastpackages.yml
|
|
vars:
|
|
packages_list:
|
|
- firewalld
|
|
|
|
- name: Enable and start the firewalld service
|
|
become: true
|
|
ansible.builtin.systemd:
|
|
name: firewalld
|
|
enabled: true
|
|
state: started
|
|
|
|
- name: "Configure firewall for {{ keycloak.service_name }} http port"
|
|
become: true
|
|
ansible.posix.firewalld:
|
|
port: "{{ item }}"
|
|
permanent: true
|
|
state: enabled
|
|
immediate: true
|
|
loop:
|
|
- "{{ keycloak_quarkus_http_port }}/tcp"
|
|
when: keycloak_quarkus_http_enabled | bool
|
|
|
|
- name: "Configure firewall for {{ keycloak.service_name }} ports"
|
|
become: true
|
|
ansible.posix.firewalld:
|
|
port: "{{ item }}"
|
|
permanent: true
|
|
state: enabled
|
|
immediate: true
|
|
loop:
|
|
- "{{ keycloak_quarkus_https_port }}/tcp"
|
|
- "{{ keycloak_quarkus_http_management_port }}/tcp"
|
|
- "{{ keycloak_quarkus_jgroups_port }}/tcp"
|