Optimized keycloak variables

2025-07-19 23:04:25 +02:00 · 2025-07-14 11:20:10 +02:00 · 2025-07-14 11:20:10 +02:00 · bfd1a2ee70
commit bfd1a2ee70
parent 076a2058cc
5 changed files with 29 additions and 25 deletions
--- a/roles/web-app-keycloak/config/main.yml
+++ b/roles/web-app-keycloak/config/main.yml
@ -1,10 +1,8 @@
 images: 
  keycloak:           "quay.io/keycloak/keycloak:latest"
 import_realm:         True                                # If True realm will be imported. If false skip.
 features:
  matomo:             true
  css:                false
-  port-ui-desktop:   true
+  port-ui-desktop:    true
  ldap:               true
  central_database:   true
  recaptcha:          true
@ -26,6 +24,9 @@ scopes:
 rbac_groups:  "/rbac"
 docker:
  services:
    keycloak:
      image:    "quay.io/keycloak/keycloak"
      version:  "latest"
    database:
      enabled: true
--- a/roles/web-app-keycloak/tasks/attributes/ssh_public_key.yml
+++ b/roles/web-app-keycloak/tasks/attributes/ssh_public_key.yml
@ -72,11 +72,11 @@
 - name: Render user-profile JSON for SSH key
  template:
    src:  import/user-profile.json.j2
-    dest: "{{ import_directory_host }}/user-profile.json"
+    dest: "{{ keycloak_host_import_directory }}/user-profile.json"
    mode: '0644'
  notify: docker compose up
 - name: Apply SSH Public Key to user-profile via kcadm
  shell: |
    docker exec -i {{ container_name }} \
-      /opt/keycloak/bin/kcadm.sh update realms/{{ keycloak_realm }} -f {{ import_directory_docker }}user-profile.json
+      /opt/keycloak/bin/kcadm.sh update realms/{{ keycloak_realm }} -f {{ keycloak_docker_import_directory }}user-profile.json
--- a/roles/web-app-keycloak/tasks/main.yml
+++ b/roles/web-app-keycloak/tasks/main.yml
@ -3,16 +3,16 @@
  include_role: 
    name: cmp-db-docker-proxy
- name: "create directory {{import_directory_host}}"
+- name: "create directory {{keycloak_host_import_directory}}"
  file:
-    path: "{{import_directory_host}}"
+    path: "{{keycloak_host_import_directory}}"
    state: directory
    mode: 0755
- name: "Copy import files to {{ import_directory_host }}"
+- name: "Copy import files to {{ keycloak_host_import_directory }}"
  template:
    src: "{{ item }}"
-    dest: "{{ import_directory_host }}/{{ item | basename | regex_replace('\\.j2$', '') }}"
+    dest: "{{ keycloak_host_import_directory }}/{{ item | basename | regex_replace('\\.j2$', '') }}"
    mode: '770'
  loop: "{{ lookup('fileglob', '{{ role_path }}/templates/import/*.j2', wantlist=True) }}"
  notify: docker compose up
--- a/roles/web-app-keycloak/templates/docker-compose.yml.j2
+++ b/roles/web-app-keycloak/templates/docker-compose.yml.j2
@ -1,14 +1,14 @@
 {% include 'roles/docker-compose/templates/base.yml.j2' %}
  application:
-    image: "{{ applications | get_app_conf(application_id, 'images.keycloak', True) }}"
+    image: "{{ keycloak_image }}:{{ keycloak_version }}"
-    container_name: {{container_name}}
+    container_name: {{ keycloak_container }}
-    command: start {% if applications | get_app_conf(application_id, 'import_realm', True) | bool %}--import-realm{% endif %}
+    command: start{% if keycloak_import_realm %} --import-realm{% endif %}{% if keycloak_debug_enabled %} --verbose{% endif %}
    {% include 'roles/docker-container/templates/base.yml.j2' %}
    ports:
      - "{{ keycloak_server_host }}:8080"
    volumes:
-      - "{{import_directory_host}}:{{import_directory_docker}}"
+      - "{{keycloak_host_import_directory}}:{{keycloak_docker_import_directory}}"
 {% include 'roles/docker-container/templates/depends_on/dmbs_excl.yml.j2' %}
 {% include 'roles/docker-container/templates/networks.yml.j2' %}
 {% set container_port = 9000 %}
--- a/roles/web-app-keycloak/vars/main.yml
+++ b/roles/web-app-keycloak/vars/main.yml
@ -1,14 +1,17 @@
-application_id:                   "keycloak"
+application_id:                   "keycloak"                                                                                      # Internal CyMaIS application id 
-database_type:                    "postgres"
+database_type:                    "postgres"                                                                                      # Database which will be used
-container_name:                   "{{application_id}}_application"
+keycloak_container:               "{{ application_id }}_application"                                                              # Name of the keycloack docker container
-import_directory_host:            "{{docker_compose.directories.volumes}}import/"           # Directory in which keycloack import files are placed on the host
+keycloak_host_import_directory:   "{{ docker_compose.directories.volumes }}import/"                                               # Directory in which keycloack import files are placed on the host
-import_directory_docker:          "/opt/keycloak/data/import/"                              # Directory in which keycloack import files are placed in the running docker container
+keycloak_docker_import_directory: "/opt/keycloak/data/import/"                                                                    # Directory in which keycloack import files are placed in the running docker container
-keycloak_realm:                   "{{ primary_domain}}"                                     # This is the name of the default realm which is used by the applications
+keycloak_realm:                   "{{ primary_domain}}"                                                                           # This is the name of the default realm which is used by the applications
-keycloak_administrator:           "{{ applications | get_app_conf(application_id, 'users.administrator', True) }}"  # Master Administrator
+keycloak_administrator:           "{{ applications | get_app_conf(application_id, 'users.administrator', True) }}"                # Master Administrator
-keycloak_administrator_username:  "{{ keycloak_administrator.username}}"                    # Master Administrator Username
+keycloak_administrator_username:  "{{ keycloak_administrator.username }}"                                                         # Master Administrator Username
-keycloak_administrator_password:  "{{ keycloak_administrator.password}}"                    # Master Administrator Password
+keycloak_administrator_password:  "{{ keycloak_administrator.password }}"                                                         # Master Administrator Password
-keycloak_kcadm_path:              "docker exec -i {{ container_name }} /opt/keycloak/bin/kcadm.sh"
+keycloak_kcadm_path:              "docker exec -i {{ keycloak_container }} /opt/keycloak/bin/kcadm.sh"                            # Init script for keycloak
 keycloak_server_internal_url:     "http://127.0.0.1:8080"
-keycloak_server_host:             "127.0.0.1:{{ports.localhost.http[application_id]}}"
+keycloak_server_host:             "127.0.0.1:{{ ports.localhost.http[application_id] }}"
 keycloak_server_host_url:         "http://{{ keycloak_server_host }}"
-  
+keycloak_image:                   "{{ applications | get_app_conf(application_id, 'docker.services.keycloak.image', True) }}"     # Keycloak docker image
 keycloak_version:                 "{{ applications | get_app_conf(application_id, 'docker.services.keycloak.version', True) }}"   # Keyloak docker version
 keycloak_import_realm:            "{{ applications | get_app_conf(application_id, 'import_realm', True, True) }}"                 # Activate realm import
 keycloak_debug_enabled:           "{{ enable_debug }}"