Optimized more CSP policies and recaptcha

2025-08-29 15:06:26 +02:00 · 2025-05-15 19:36:46 +02:00
parent 2302cbfeb4
commit 9c65c320f9
8 changed files with 48 additions and 19 deletions
--- a/roles/docker-keycloak/vars/configuration.yml
+++ b/roles/docker-keycloak/vars/configuration.yml
@@ -4,12 +4,14 @@ users:
    username:         "{{users.administrator.username}}"  # Administrator Username for Keycloak
 import_realm:         True                                # If True realm will be imported. If false skip.
 credentials:
-#   database_password:                                    # Needs to be defined in inventory file
-#   administrator_password:                               # Needs to be defined in inventory file
 features:
  matomo:             true
  css:                true
-  portfolio_iframe: true
+  portfolio_iframe:   true
  ldap:               true
  central_database:   true
-  recaptcha:          true
+  recaptcha:          true
+csp:
+  flags:
+    script-src:
+      unsafe-inline: true
--- a/roles/docker-keycloak/vars/main.yml
+++ b/roles/docker-keycloak/vars/main.yml
@@ -1,4 +1,4 @@
-application_id:            "keycloak"
+application_id:           "keycloak"
 database_type:            "postgres"
 container_name:           "{{application_id}}_application"
 realm:                    "{{primary_domain}}"                              # This is the name of the default realm which is used by the applications