keycloak-standalone
Example:
# Install Keycloak standalone, incl. PostgreSQL server, Nginx and Let's Encrypt https certificate. - keycloak-standalone: hostname: auth.example.com admin_email: [email protected] keycloak_admin_password: password123 keycloak_db_password: db_password_123
Description
Install a Keycloak standalone service.
This follows more or less the Keycloak documentation on how to install Keycloak in standalone mode.
It also installs Postgresql and the Nginx webserver, including https certificate (if so specified).
In case no 'keycloak_db_password' is specified, freckles will generate a random one.
Variables
| Name | Type | Default | Description |
|---|---|---|---|
|
n/a | -- | The email for letsencrypt. Required |
|
string | -- | The (external) domain name, to be used by the reverse proxy. Required |
|
string | -- | The initial admin user password. Required |
|
string | -- | The postgres database password. Required |
|
string | 127.0.0.1 | The ip address keycloak listens on. |
|
string | -- | The ip address the keycloak management interface listens on. |
|
string | keycloak | The database name. |
|
string | keycloak | The database user. |
|
boolean | False | Whether to use the letsencrypt staging server (for development). |
|
string | 6.0.1 | The version of keycloak. |
Examples
Example 1
Install Keycloak standalone, incl. PostgreSQL server, Nginx and Let's Encrypt https certificate.
Code
- keycloak-standalone: hostname: auth.example.com admin_email: [email protected] keycloak_admin_password: password123 keycloak_db_password: db_password_123
Code
doc: short_help: Install a Keycloak standalone service. help: | Install a Keycloak standalone service. This follows more or less the [Keycloak documentation](https://www.keycloak.org/docs/latest/getting_started/) on how to install Keycloak in standalone mode. It also installs Postgresql and the Nginx webserver, including https certificate (if so specified). In case no 'keycloak_db_password' is specified, freckles will generate a random one. examples: - title: Install Keycloak standalone, incl. PostgreSQL server, Nginx and Let's Encrypt https certificate. vars: hostname: auth.example.com admin_email: [email protected] keycloak_admin_password: password123 keycloak_db_password: db_password_123 args: version: doc: short_help: The version of keycloak. type: string required: false default: 6.0.1 keycloak_bind_ip: doc: short_help: The ip address keycloak listens on. type: string required: false default: 127.0.0.1 cli: metavar: IP keycloak_bind_ip_management: doc: short_help: The ip address the keycloak management interface listens on. type: string required: false cli: metavar: IP keycloak_admin_password: doc: short_help: The initial admin user password. type: string empty: false required: true secret: true keycloak_db_name: doc: short_help: The database name. type: string required: false default: keycloak keycloak_db_user: doc: short_help: The database user. type: string required: false default: keycloak keycloak_db_password: doc: short_help: The postgres database password. type: string required: true secret: true hostname: doc: short_help: The (external) domain name, to be used by the reverse proxy. type: string required: true admin_email: doc: short_help: The email for letsencrypt. letsencrypt_staging: doc: short_help: Whether to use the letsencrypt staging server (for development). default: false required: false type: boolean cli: is_flag: true param_decls: - --letsencrypt-staging meta: tags: - keycloak - authentication - standalone frecklets: - user-exists: name: keycloak group: keycloak - java-lang-installed - postgresql-service: postgresql_listen_addresses: - localhost postgresql_pg_hba: - method: md5 - postgresql-database-exists: db_name: '{{:: keycloak_db_name ::}}' db_user: '{{:: keycloak_db_user ::}}' db_user_password: '{{:: keycloak_db_password ::}}' - archive-extracted: src: 'https://downloads.jboss.org/keycloak/{{:: version ::}}/keycloak-{{:: version ::}}.tar.gz' remote_src: true dest: /opt owner: keycloak group: keycloak creates: '/opt/keycloak-{{:: version ::}}' - path-has-mode: mode: '0700' path: '/opt/keycloak-{{:: version ::}}/standalone' - link-exists: src: '/opt/keycloak-{{:: version ::}}' dest: /opt/keycloak owner: keycloak group: keycloak become: true - keycloak-postgresql-jdbc-driver-installed: keycloak_db_name: '{{:: keycloak_db_name ::}}' keycloak_db_user: '{{:: keycloak_db_user ::}}' keycloak_db_password: '{{:: keycloak_db_password ::}}' - keycloak-standalone-config-file: path: /opt/keycloak/standalone/configuration/standalone.xml keycloak_bind_ip: '{{:: keycloak_bind_ip ::}}' keycloak_bind_ip_management: '{{:: keycloak_bind_ip_management | default(keycloak_bind_ip) ::}}' proxy_address_forwarding: true owner: keycloak - keycloak-service-launcher-file: path: /usr/local/bin/keycloak-launch.sh mode: '0755' owner: root - systemd-service-unit: name: keycloak unit_description: keycloak authentication service service_environment: KEYCLOAK_CONFIG: standalone.xml KEYCLOAK_MODE: standalone KEYCLOAK_BIND: '{{:: keycloak_bind_ip ::}}' LAUNCH_JBOSS_IN_BACKGROUND: 1 service_type: idle service_user: keycloak service_group: keycloak service_exec_start: /usr/local/bin/keycloak-launch.sh ${KEYCLOAK_MODE} ${KEYCLOAK_CONFIG} unit_before: - httpd.service unit_after: - network.target service_timeout_start_sec: 600 service_timeout_stop_sec: 600 install_wanted_by: - multi-user.target enabled: true started: true - keycloak-add-user: username: admin password: '{{:: keycloak_admin_password ::}}' - nginx-reverse-proxy-vhost-config: path: /etc/nginx/sites-enabled/keycloak.conf proxy_url: 'http://{{:: keycloak_bind_ip ::}}:8080/' server_names: - '{{:: hostname ::}}' use_https: true proxy_options: - proxy_set_header Host $host - proxy_set_header X-Real-IP $remote_addr - proxy_set_header X-Forwarded-Proto $scheme - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for - webserver-service: webserver: nginx use_https: true letsencrypt_staging: '{{:: letsencrypt_staging ::}}' letsencrypt_email: '{{:: admin_email ::}}' letsencrypt_webroot: /var/www/html letsencrypt_domains: - '{{:: hostname ::}}'
frecklecute --community keycloak-standalone --help Usage: frecklecute keycloak-standalone [OPTIONS] Install a Keycloak standalone service. This follows more or less the [Keycloak documentation](https://www.keycloak.org/docs/latest/getting_started/) on how to install Keycloak in standalone mode. It also installs Postgresql and the Nginx webserver, including https certificate (if so specified). In case no 'keycloak_db_password' is specified, freckles will generate a random one. Options: --admin-email ADMIN_EMAIL The email for letsencrypt. [required] --hostname HOSTNAME The (external) domain name, to be used by the reverse proxy. [required] --keycloak-admin-password KEYCLOAK_ADMIN_PASSWORD The initial admin user password. [required] --keycloak-db-password KEYCLOAK_DB_PASSWORD The postgres database password. [required] --keycloak-bind-ip IP The ip address keycloak listens on. --keycloak-bind-ip-management IP The ip address the keycloak management interface listens on. --keycloak-db-name KEYCLOAK_DB_NAME The database name. --keycloak-db-user KEYCLOAK_DB_USER The database user. --letsencrypt-staging Whether to use the letsencrypt staging server (for development). --version VERSION The version of keycloak. --help Show this message and exit.
# -*- coding: utf-8 -*- # # module path: pycklets.keycloak_standalone.KeycloakStandalone # from dataclasses import dataclass from pyckles import AutoPycklet from typing import * # noqa @dataclass class KeycloakStandalone(AutoPycklet): """Install a Keycloak standalone service. This follows more or less the [Keycloak documentation](https://www.keycloak.org/docs/latest/getting_started/) on how to install Keycloak in standalone mode. It also installs Postgresql and the Nginx webserver, including https certificate (if so specified). In case no 'keycloak_db_password' is specified, freckles will generate a random one. Args: admin_email: The email for letsencrypt. hostname: The (external) domain name, to be used by the reverse proxy. keycloak_admin_password: The initial admin user password. keycloak_bind_ip: The ip address keycloak listens on. keycloak_bind_ip_management: The ip address the keycloak management interface listens on. keycloak_db_name: The database name. keycloak_db_password: The postgres database password. keycloak_db_user: The database user. letsencrypt_staging: Whether to use the letsencrypt staging server (for development). version: The version of keycloak. """ FRECKLET_ID = "keycloak-standalone" admin_email: str = None hostname: str = None keycloak_admin_password: str = None keycloak_bind_ip: str = None keycloak_bind_ip_management: str = None keycloak_db_name: str = None keycloak_db_password: str = None keycloak_db_user: str = None letsencrypt_staging: bool = None version: str = None def __post_init__(self): super(KeycloakStandalone, self).__init__(var_names=["admin_email", "hostname", "keycloak_admin_password", "keycloak_bind_ip", "keycloak_bind_ip_management", "keycloak_db_name", "keycloak_db_password", "keycloak_db_user", "letsencrypt_staging", "version"]) frecklet_class = KeycloakStandalone
# -*- coding: utf-8 -*- # # module path: pycklets.keycloak_standalone.KeycloakStandalone # from pyckles import AutoPycklet class KeycloakStandalone(AutoPycklet): """Install a Keycloak standalone service. This follows more or less the [Keycloak documentation](https://www.keycloak.org/docs/latest/getting_started/) on how to install Keycloak in standalone mode. It also installs Postgresql and the Nginx webserver, including https certificate (if so specified). In case no 'keycloak_db_password' is specified, freckles will generate a random one. Args: admin_email: The email for letsencrypt. hostname: The (external) domain name, to be used by the reverse proxy. keycloak_admin_password: The initial admin user password. keycloak_bind_ip: The ip address keycloak listens on. keycloak_bind_ip_management: The ip address the keycloak management interface listens on. keycloak_db_name: The database name. keycloak_db_password: The postgres database password. keycloak_db_user: The database user. letsencrypt_staging: Whether to use the letsencrypt staging server (for development). version: The version of keycloak. """ FRECKLET_ID = "keycloak-standalone" def __init__(self, admin_email=None, hostname=None, keycloak_admin_password=None, keycloak_bind_ip="127.0.0.1", keycloak_bind_ip_management=None, keycloak_db_name="keycloak", keycloak_db_password=None, keycloak_db_user="keycloak", letsencrypt_staging=None, version="6.0.1"): super(KeycloakStandalone, self).__init__(var_names=["admin_email", "hostname", "keycloak_admin_password", "keycloak_bind_ip", "keycloak_bind_ip_management", "keycloak_db_name", "keycloak_db_password", "keycloak_db_user", "letsencrypt_staging", "version"]) self._admin_email = admin_email self._hostname = hostname self._keycloak_admin_password = keycloak_admin_password self._keycloak_bind_ip = keycloak_bind_ip self._keycloak_bind_ip_management = keycloak_bind_ip_management self._keycloak_db_name = keycloak_db_name self._keycloak_db_password = keycloak_db_password self._keycloak_db_user = keycloak_db_user self._letsencrypt_staging = letsencrypt_staging self._version = version @property def admin_email(self): return self._admin_email @admin_email.setter def admin_email(self, admin_email): self._admin_email = admin_email @property def hostname(self): return self._hostname @hostname.setter def hostname(self, hostname): self._hostname = hostname @property def keycloak_admin_password(self): return self._keycloak_admin_password @keycloak_admin_password.setter def keycloak_admin_password(self, keycloak_admin_password): self._keycloak_admin_password = keycloak_admin_password @property def keycloak_bind_ip(self): return self._keycloak_bind_ip @keycloak_bind_ip.setter def keycloak_bind_ip(self, keycloak_bind_ip): self._keycloak_bind_ip = keycloak_bind_ip @property def keycloak_bind_ip_management(self): return self._keycloak_bind_ip_management @keycloak_bind_ip_management.setter def keycloak_bind_ip_management(self, keycloak_bind_ip_management): self._keycloak_bind_ip_management = keycloak_bind_ip_management @property def keycloak_db_name(self): return self._keycloak_db_name @keycloak_db_name.setter def keycloak_db_name(self, keycloak_db_name): self._keycloak_db_name = keycloak_db_name @property def keycloak_db_password(self): return self._keycloak_db_password @keycloak_db_password.setter def keycloak_db_password(self, keycloak_db_password): self._keycloak_db_password = keycloak_db_password @property def keycloak_db_user(self): return self._keycloak_db_user @keycloak_db_user.setter def keycloak_db_user(self, keycloak_db_user): self._keycloak_db_user = keycloak_db_user @property def letsencrypt_staging(self): return self._letsencrypt_staging @letsencrypt_staging.setter def letsencrypt_staging(self, letsencrypt_staging): self._letsencrypt_staging = letsencrypt_staging @property def version(self): return self._version @version.setter def version(self, version): self._version = version frecklet_class = KeycloakStandalone