Optimized LDAP integration, keycloak realm import and health checks for docker images

roles/docker-keycloak/tasks/main.yml

@@ -8,3 +8,17 @@
 
 - name: "copy docker-compose.yml and env file"
   include_tasks: copy-docker-compose-and-env.yml
+
+- name: "create directory {{import_directory_host}}"
+  file:
+    path: "{{import_directory_host}}"
+    state: directory
+    mode: 0755
+
+- name: "Copy import files to {{ import_directory_host }}"
+  template:
+    src: "{{ item }}"
+    dest: "{{ import_directory_host }}/{{ item | basename | regex_replace('\\.j2$', '') }}"
+    mode: '770'
+  loop: "{{ lookup('fileglob', '{{ role_path }}/templates/import/*.j2', wantlist=True) }}"
+  notify: docker compose project setup

roles/docker-keycloak/templates/docker-compose.yml.j2

@@ -4,11 +4,19 @@ services:
 
   application:
     image: quay.io/keycloak/keycloak:{{applications.keycloak.version}}
-    command: start
+    container_name: {{container_name}}
+    command: start --import-realm # imports realms on startup
     {% include 'roles/docker-compose/templates/services/base.yml.j2' %}
     ports:
       - "127.0.0.1:{{http_port}}:8080"
+    volumes:
+      - "{{import_directory_host}}:{{import_directory_docker}}"
 {% include 'templates/docker/container/depends-on-just-database.yml.j2' %}
 {% include 'templates/docker/container/networks.yml.j2' %}
+    healthcheck:
+      test: ["CMD", "sh", "-c", "exec 3<>/dev/tcp/localhost/9000 && echo -e 'GET /health/live HTTP/1.1\\r\\nHost: {{domains.keycloak}}\\r\\nConnection: close\\r\\n\\r\\n' >&3 && cat <&3"]
+      interval: 30s
+      timeout: 10s
+      retries: 3
 
 {% include 'templates/docker/compose/networks.yml.j2' %}

roles/docker-keycloak/templates/env.j2

@@ -1,6 +1,15 @@
+# Environment File for Keycloak 
+# Documentation can be found here: 
+# @see https://www.keycloak.org/server/containers
+
 KC_HOSTNAME=                    https://{{domain}}
 KC_HTTP_ENABLED=                true
+
+# Health Checks
+# @see https://quarkus.io/guides/smallrye-health
 KC_HEALTH_ENABLED=              true
+KC_METRICS_ENABLED=             true
+
 KEYCLOAK_ADMIN=                 "{{applications.keycloak.administrator_username}}"
 KEYCLOAK_ADMIN_PASSWORD=        "{{applications.keycloak.administrator_password}}"
 KC_DB=                          postgres

roles/docker-keycloak/vars/main.yml

@@ -1,5 +1,7 @@
-application_id:  	  "keycloak"
-database_type:      "postgres"
-database_password:  "{{applications.keycloak.database_password}}"
-ldap_enabled:       True
-realm:              "{{primary_domain}}" # This is the name of the default realm which is used by the applications
+application_id:  	        "keycloak"
+database_type:            "postgres"
+database_password:        "{{applications.keycloak.database_password}}"
+container_name:           "{{application_id}}_application"
+realm:                    "{{primary_domain}}"                              # This is the name of the default realm which is used by the applications
+import_directory_host:    "{{docker_compose.directories.volumes}}import/"   # Directory in which keycloack import files are placed on the host
+import_directory_docker:  "/opt/keycloak/data/import/"                      # Directory in which keycloack import files are placed in the running docker container