Added auto setting for redirect urls for keycloak clients. Element and Synapse still need to be mapped

2025-08-29 15:06:26 +02:00 · 2025-08-11 00:17:18 +02:00
parent 0746acedfd
commit 6e8ae793e3
17 changed files with 436 additions and 56 deletions
--- a/roles/web-app-keycloak/vars/main.yml
+++ b/roles/web-app-keycloak/vars/main.yml
@@ -6,9 +6,9 @@ database_type:                    "postgres"
 keycloak_container:               "{{ applications | get_app_conf(application_id, 'docker.services.keycloak.name', True) }}"      # Name of the keycloack docker container
 keycloak_docker_import_directory: "/opt/keycloak/data/import/"                                                                    # Directory in which keycloack import files are placed in the running docker container
 keycloak_realm:                   "{{ primary_domain}}"                                                                           # This is the name of the default realm which is used by the applications
-keycloak_administrator:           "{{ applications | get_app_conf(application_id, 'users.administrator', True) }}"                # Master Administrator
-keycloak_administrator_username:  "{{ keycloak_administrator.username }}"                                                         # Master Administrator Username
-keycloak_administrator_password:  "{{ keycloak_administrator.password }}"                                                         # Master Administrator Password
+keycloak_master_api_user:           "{{ applications | get_app_conf(application_id, 'users.administrator', True) }}"                # Master Administrator
+keycloak_master_api_user_name:  "{{ keycloak_master_api_user.username }}"                                                         # Master Administrator Username
+keycloak_master_api_user_password:  "{{ keycloak_master_api_user.password }}"                                                         # Master Administrator Password
 keycloak_kcadm_path:              "docker exec -i {{ keycloak_container }} /opt/keycloak/bin/kcadm.sh"                            # Init script for keycloak
 keycloak_server_internal_url:     "http://127.0.0.1:8080"
 keycloak_server_host:             "127.0.0.1:{{ ports.localhost.http[application_id] }}"
@@ -17,6 +17,8 @@ keycloak_image:                   "{{ applications | get_app_conf(application_id
 keycloak_version:                 "{{ applications | get_app_conf(application_id, 'docker.services.keycloak.version', True) }}"   # Keyloak docker version
 keycloak_import_realm:            "{{ applications | get_app_conf(application_id, 'import_realm', True, True) }}"                 # Activate realm import
 keycloak_debug_enabled:           "{{ enable_debug }}"
+keycloak_redirect_features:       ["features.oauth2","features.oidc"]
+keycloak_client_id:               "{{ oidc.client.id }}"

 # Docker 
 docker_compose_flush_handlers:    true                                                                                            # Remember to copy realm import before flushg when set to true