kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-09-08 11:17:17 +02:00
Code Issues Packages Projects Releases Wiki Activity

keycloak: update realm mail settings to use smtp_server.json.j2 (SPOT); merge via kc_merge_path; fix display name and SSL handling

Browse Source 
See: https://chatgpt.com/share/68bb0b25-96bc-800f-8ff7-9ca8d7c7af11
This commit is contained in:
Kevin Veen-Birkenbach
2025-09-05 18:09:33 +02:00
parent d25da76117
commit 90843726de
3 changed files with 20 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
roles/web-app-keycloak/tasks/main.yml
View File

@@ -77,23 +77,16 @@
}} }}
include_tasks: _update.yml include_tasks: _update.yml
- name: "Update REALM mail settings" - name: "Update REALM mail settings from realm dictionary (SPOT)"
include_tasks: _update.yml include_tasks: _update.yml
vars: vars:
kc_object_kind: "realm" kc_object_kind: "realm"
kc_lookup_field: "id" kc_lookup_field: "id"
kc_lookup_value: "{{ KEYCLOAK_REALM }}" kc_lookup_value: "{{ KEYCLOAK_REALM }}"
kc_desired: kc_desired:
smtpServer: smtpServer: "{{ KEYCLOAK_DICTIONARY_REALM.smtpServer | default({}, true) }}"
from: "no-reply@{{ DEFAULT_SYSTEM_EMAIL.DOMAIN }}" kc_merge_path: "smtpServer"
fromDisplayName: "{{ SOFTWARE_NAME | default('Infinito.Nexus') }}" no_log: "{{ MASK_CREDENTIALS_IN_LOGS | bool }}"
host: "{{ DEFAULT_SYSTEM_EMAIL.HOST }}"
port: "{{ DEFAULT_SYSTEM_EMAIL.PORT }}"
# Keycloak expects strings "true"/"false"
ssl: "{{ 'true' if not DEFAULT_SYSTEM_EMAIL.START_TLS and DEFAULT_SYSTEM_EMAIL.TLS else 'false' }}"
starttls: "{{ 'true' if DEFAULT_SYSTEM_EMAIL.START_TLS else 'false' }}"
user: "{{ DEFAULT_SYSTEM_EMAIL.USER | default('') }}"
password: "{{ DEFAULT_SYSTEM_EMAIL.PASSWORD | default('') }}"
- include_tasks: 05_rbac_client_scope.yml - include_tasks: 05_rbac_client_scope.yml

15
roles/web-app-keycloak/templates/import/realm.json.j2
View File

@@ -1443,20 +1443,7 @@
"xXSSProtection": "1; mode=block", "xXSSProtection": "1; mode=block",
"strictTransportSecurity": "max-age=31536000; includeSubDomains" "strictTransportSecurity": "max-age=31536000; includeSubDomains"
}, },
"smtpServer": { {%- include "smtp_server.json.j2" -%},
"password": "{{ users['no-reply'].mailu_token }}",
"replyToDisplayName": "",
"starttls": "{{ SYSTEM_EMAIL.START_TLS | lower }}",
"auth": "true",
"port": "{{ SYSTEM_EMAIL.PORT }}",
"replyTo": "",
"host": "{{ SYSTEM_EMAIL.HOST }}",
"from": "{{ users['no-reply'].email }}",
"fromDisplayName": "Keycloak Authentification System - {{ KEYCLOAK_DOMAIN | upper }}",
"envelopeFrom": "",
"ssl": "true",
"user": "{{ users['no-reply'].email }}"
},
"eventsEnabled": false, "eventsEnabled": false,
"eventsListeners": [ "eventsListeners": [
"jboss-logging" "jboss-logging"

14
roles/web-app-keycloak/templates/import/smtp_server.json.j2 Normal file
View File

@@ -0,0 +1,14 @@
"smtpServer": {
"password": "{{ users['no-reply'].mailu_token }}",
"replyToDisplayName": "",
"starttls": "{{ SYSTEM_EMAIL.START_TLS | lower }}",
"auth": "true",
"port": "{{ SYSTEM_EMAIL.PORT }}",
"replyTo": "",
"host": "{{ SYSTEM_EMAIL.HOST }}",
"from": "{{ users['no-reply'].email }}",
"fromDisplayName": "Keycloak Authentication System - {{ KEYCLOAK_DOMAIN | upper }}",
"envelopeFrom": "",
"ssl": "{{ (SYSTEM_EMAIL.TLS and not SYSTEM_EMAIL.START_TLS) | ternary('true','false') }}",
"user": "{{ users['no-reply'].email }}"
}