From c5a7c768003d5f1bd42716a838588ca8013e5bc2 Mon Sep 17 00:00:00 2001
From: Kevin Veen-Birkenbach <kevin@veen.world>
Date: Mon, 20 Jan 2025 20:32:27 +0100
Subject: [PATCH] Update keycloak

---
 group_vars/all                                     |  7 +++++--
 playbook.servers.yml                               |  9 +++++++++
 roles/docker-keycloak/README.md                    |  3 ++-
 .../templates/docker-compose.yml.j2                |  7 ++-----
 .../docker-yourls/templates/docker-compose.yml.j2  | 14 +++++++-------
 5 files changed, 25 insertions(+), 15 deletions(-)

diff --git a/group_vars/all b/group_vars/all
index 18439b23..c5d082cc 100644
--- a/group_vars/all
+++ b/group_vars/all
@@ -5,8 +5,8 @@ ip4_address:          "127.0.0.1"   # Change thie in inventory to the ip address
 backups_folder_path:  "/Backups/"   # Path to the backups folder
 
 # Administrator
-administrator_username:   "administrator"                             # Username of the administrator
-administrator_email:      "{{administrator_username}}@{{top_domain}}" # Email of the administrator
+administrator_username:    "administrator"                             # Username of the administrator
+administrator_email:       "{{administrator_username}}@{{top_domain}}" # Email of the administrator
 
 # Email Configuration
 system_email_local:     no-reply
@@ -148,6 +148,7 @@ domain_funkwhale:               "music.{{top_domain}}"
 domain_gitea:                   "git.{{top_domain}}"
 domain_gitlab:                  "gitlab.{{top_domain}}"
 domain_portfolio:               "{{top_domain}}"
+domain_keycloak:                "auth.{{top_domain}}"
 domain_listmonk:                "newsletter.{{top_domain}}"
 domain_mailu:                   "{{system_email_host}}"
 domain_mastodon:                "microblog.{{top_domain}}"
@@ -174,6 +175,7 @@ redirect_domain_mappings:
 - { source: "discourse.{{top_domain}}",   target: "{{domain_discourse}}" }
 - { source: "funkwhale.{{top_domain}}",   target: "{{domain_funkwhale}}" }
 - { source: "gitea.{{top_domain}}",       target: "{{domain_gitea}}" }
+- { source: "keycloak.{{top_domain}}",    target: "{{domain_keycloak}}" }
 - { source: "listmonk.{{top_domain}}",    target: "{{domain_listmonk}}" }
 - { source: "moodle.{{top_domain}}",      target: "{{domain_moodle}}" }
 - { source: "nextcloud.{{top_domain}}",   target: "{{domain_nextcloud}}" }
@@ -185,6 +187,7 @@ redirect_domain_mappings:
 - { source: "taiga.{{top_domain}}",       target: "{{domain_taiga}}" }
 - { source: "videos.{{top_domain}}",      target: "{{domain_peertube}}" }
 
+
 ## Docker Applications
 
 ### Enable Central MariaDB
diff --git a/playbook.servers.yml b/playbook.servers.yml
index bfe9610d..62703f22 100644
--- a/playbook.servers.yml
+++ b/playbook.servers.yml
@@ -297,6 +297,15 @@
         http_port_api: 8030
         http_port_web: 8031
 
+- name: setup keycloak
+  hosts: keycloak
+  become: true
+  roles:
+   -  role: docker-keycloak
+      vars:
+        domain: "{{domain_keycloack}}"
+        http_port: 8032
+
 # Native Webserver Roles
 - name: setup nginx-static-repositorys
   hosts: nginx-static-repositorys
diff --git a/roles/docker-keycloak/README.md b/roles/docker-keycloak/README.md
index b26d9b6d..8a09ccc8 100644
--- a/roles/docker-keycloak/README.md
+++ b/roles/docker-keycloak/README.md
@@ -4,4 +4,5 @@
 - https://www.keycloak.org/
 - https://github.com/keycloak/keycloak
 - https://en.wikipedia.org/wiki/Keycloak
-- https://www.keycloak.org/server/containers
\ No newline at end of file
+- https://www.keycloak.org/server/containers
+- https://www.youtube.com/watch?v=fvxQ8bW0vO8
\ No newline at end of file
diff --git a/roles/docker-keycloak/templates/docker-compose.yml.j2 b/roles/docker-keycloak/templates/docker-compose.yml.j2
index bb21ce71..6a70edae 100644
--- a/roles/docker-keycloak/templates/docker-compose.yml.j2
+++ b/roles/docker-keycloak/templates/docker-compose.yml.j2
@@ -1,8 +1,5 @@
-version: '3.7'
-
 services:
 
-# include database container
 {% include 'templates/docker/services/' + database_type + '.yml.j2' %}
 
   keycloak:
@@ -15,8 +12,8 @@ services:
       KC_HTTP_ENABLED:                false
       KC_HOSTNAME_STRICT_HTTPS:       true
       KC_HEALTH_ENABLED:              true
-      KEYCLOAK_ADMIN:                 ${KEYCLOAK_ADMIN}
-      KEYCLOAK_ADMIN_PASSWORD:        ${KEYCLOAK_ADMIN_PASSWORD}
+      KEYCLOAK_ADMIN:                 "{{keycloak_administrator_username}}"
+      KEYCLOAK_ADMIN_PASSWORD:        "{{keycloak_administrator_password}}"
       KC_DB:                          postgres
       KC_DB_URL:                      jdbc:postgresql://{{database_host}}/{{database_name}}
       KC_DB_USERNAME:                 {{database_username}}
diff --git a/roles/docker-yourls/templates/docker-compose.yml.j2 b/roles/docker-yourls/templates/docker-compose.yml.j2
index 7a5c894c..734538e2 100644
--- a/roles/docker-yourls/templates/docker-compose.yml.j2
+++ b/roles/docker-yourls/templates/docker-compose.yml.j2
@@ -10,13 +10,13 @@ services:
     ports:
       - "127.0.0.1:{{http_port}}:80"
     environment:
-      YOURLS_DB_HOST: "{{database_host}}"
-      YOURLS_DB_USER: "{{database_username}}"
-      YOURLS_DB_PASS: "{{database_password}}"
-      YOURLS_DB_NAME: "{{database_name}}"
-      YOURLS_SITE: "https://{{domain}}"
-      yourls_administrator_username: "{{yourls_administrator_username}}"
-      YOURLS_PASS: "{{yourls_administrator_username_password}}"
+      YOURLS_DB_HOST:                 "{{database_host}}"
+      YOURLS_DB_USER:                 "{{database_username}}"
+      YOURLS_DB_PASS:                 "{{database_password}}"
+      YOURLS_DB_NAME:                 "{{database_name}}"
+      YOURLS_SITE:                    "https://{{domain}}"
+      yourls_administrator_username:  "{{yourls_administrator_username}}"
+      YOURLS_PASS:                    "{{yourls_administrator_username_password}}"
     healthcheck:
       test: ["CMD", "curl", "-f", "http://127.0.0.1/admin/"]
       interval: 1m