94 lines
3.9 KiB
Markdown

# docker-keycloak
## Description 🌟
This role automates the setup and configuration of Keycloak in a Docker environment.
Keycloak is an open-source identity and access management solution.
The role integrates Keycloak with PostgreSQL as a database and supports operation behind a reverse proxy like NGINX.
## Features ✨
- Set up Keycloak as a Docker container.
- Use PostgreSQL as the database.
- Customizable configuration of Keycloak environment variables.
- Support for running behind a reverse proxy (e.g., NGINX).
- Automatic creation and management of Docker Compose files.
## Requirements 📋
- Docker and Docker Compose must be installed on the target system.
- A working NGINX proxy for forwarding requests to Keycloak (optional).
## Variables ⚙️
### Main Variables
Defined in `vars/main.yml`:
| Variable | Description |
|---------------------------------|------------------------------------------------------------------|
| `docker_compose_project_name` | Name of the Docker Compose project. Default: `keycloak`. |
| `database_type` | Type of the database. Default: `postgres`. |
| `database_password` | Password for the PostgreSQL database user. |
### Additional Variables (Templates)
| Variable | Description |
|---------------------------------|------------------------------------------------------------------|
| `keycloak_version` | Version of the Keycloak image. |
| `domain` | Domain where Keycloak will be accessible. |
| `keycloak_administrator_username` | Admin username for Keycloak. |
| `keycloak_administrator_password` | Admin password for Keycloak. |
| `database_host` | Host of the PostgreSQL database. |
| `database_name` | Name of the PostgreSQL database. |
| `database_username` | Username for the PostgreSQL database. |
| `http_port` | Port where Keycloak will be accessible (default: `8080`). |
| `docker_restart_policy` | Docker restart policy (e.g., `always`, `unless-stopped`). |
## Tasks 🛠️
The role performs the following main tasks:
1. **Include database and proxy configuration files:**
- Integration of a PostgreSQL database.
- Setup of a reverse proxy for the domain.
2. **Generate `docker-compose.yml`:**
- Automatically generate the Docker Compose file based on templates and variables.
3. **Start Docker containers:**
- The role launches the Keycloak project using Docker Compose.
## Example: Usage 🚀
Here is an example of how to use this role in a playbook:
```yaml
- name: Setup Keycloak with Docker
hosts: all
vars:
domain: "auth.example.com"
keycloak_version: "21.1.0"
keycloak_administrator_username: "admin"
keycloak_administrator_password: "securepassword"
database_host: "db.example.com"
database_name: "keycloak_db"
database_username: "keycloak_user"
database_password: "securedbpassword"
http_port: 8080
docker_restart_policy: "unless-stopped"
roles:
- docker-keycloak
```
## More Information 📚
For more details about Keycloak, check out:
- [Official Keycloak Documentation](https://www.keycloak.org/)
- [GitHub Repository](https://github.com/keycloak/keycloak)
- [Setting up Keycloak behind a Reverse Proxy](https://www.keycloak.org/server/reverseproxy)
- [Wikipedia](https://en.wikipedia.org/wiki/Keycloak)
- [Youtube Tutorial](https://www.youtube.com/watch?v=fvxQ8bW0vO8)
---
### Author ✍️
**Kevin Veen-Birkenbach**
[veen.world](https://www.veen.world/)