Copy the TLS private key from memory

This change should avoid storing plain private keys on disk due to security risks. It also makes it easier to encrypt the data with SOPS.
2026-06-13 20:15:55 +00:00 · 2024-05-05 11:58:19 +00:00
parent 7141e1c9b2
commit 320a5f0d9a
5 changed files with 7 additions and 7 deletions
--- a/roles/keycloak_quarkus/meta/argument_specs.yml
+++ b/roles/keycloak_quarkus/meta/argument_specs.yml
@@ -112,9 +112,9 @@ argument_specs:
                default: false
                description: "Enable copy of key file to target host"
                type: "bool"
-            keycloak_quarkus_key_file_src:
+            keycloak_quarkus_key_content:
                default: ""
-                description: "Set the source file path"
+                description: "Content of the TLS private key"
                type: "str"
            keycloak_quarkus_key_file:
                default: "/etc/pki/tls/private/server.key.pem"