Implemented a new docker compose structure which seperates between docker compose files and environment variable file to protect credentials better. Also did recatoring. Changes not fully tested

2025-08-29 15:06:26 +02:00 · 2025-02-04 22:37:07 +01:00
parent 5503326ea6
commit e50fd54f4e
85 changed files with 610 additions and 515 deletions
--- a/roles/docker-keycloak/tasks/main.yml
+++ b/roles/docker-keycloak/tasks/main.yml
@@ -6,6 +6,16 @@
 - name: "include tasks nginx-docker-proxy-domain.yml"
  include_tasks: nginx-docker-proxy-domain.yml

- name: add docker-compose.yml
-  template: src=docker-compose.yml.j2 dest={{docker_compose.directories.instance}}docker-compose.yml
+- name: "create {{docker_compose.files.docker_compose}}"
+  template:
+    src:	"docker-compose.yml.j2"
+    dest:	"{{docker_compose.files.docker_compose}}"
+  notify: docker compose project setup
+
+- name: "create {{docker_compose.files.env}}"
+  template: 
+    src:  "env.j2" 
+    dest: "{{docker_compose.files.env}}"
+    mode: '770'
+    force: yes
  notify: docker compose project setup
--- a/roles/docker-keycloak/templates/docker-compose.yml.j2
+++ b/roles/docker-keycloak/templates/docker-compose.yml.j2
@@ -5,16 +5,7 @@ services:
  application:
    image: quay.io/keycloak/keycloak:{{applications.keycloak.version}}
    command: start
-    environment:
-      KC_HOSTNAME:                    https://{{domain}}
-      KC_HTTP_ENABLED:                true
-      KC_HEALTH_ENABLED:              true
-      KEYCLOAK_ADMIN:                 "{{applications.keycloak.administrator_username}}"
-      KEYCLOAK_ADMIN_PASSWORD:        "{{keycloak_administrator_password}}"
-      KC_DB:                          postgres
-      KC_DB_URL:                      jdbc:postgresql://{{database_host}}/{{database_name}}
-      KC_DB_USERNAME:                 {{database_username}}
-      KC_DB_PASSWORD:                 {{database_password}}
+    {% include 'roles/docker-compose/templates/services/base.yml.j2' %}
    ports:
      - "127.0.0.1:{{http_port}}:8080"
    restart: {{docker_restart_policy}}
--- a/roles/docker-keycloak/templates/env.j2
+++ b/roles/docker-keycloak/templates/env.j2
@@ -0,0 +1,9 @@
+KC_HOSTNAME=                    https://{{domain}}
+KC_HTTP_ENABLED=                true
+KC_HEALTH_ENABLED=              true
+KEYCLOAK_ADMIN=                 "{{applications.keycloak.administrator_username}}"
+KEYCLOAK_ADMIN_PASSWORD=        "{{keycloak_administrator_password}}"
+KC_DB=                          postgres
+KC_DB_URL=                      jdbc:postgresql://{{database_host}}/{{database_name}}
+KC_DB_USERNAME=                 {{database_username}}
+KC_DB_PASSWORD=                 {{database_password}}