internet/ansible-middleware.keycloak
3
0
Fork 0
mirror of https://github.com/ansible-middleware/keycloak.git synced 2026-06-13 20:15:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

Copy the TLS private key from memory

Browse Source 
This change should avoid storing plain private keys on disk due to
security risks. It also makes it easier to encrypt the data with SOPS.
This commit is contained in:
Footur
2024-05-05 11:58:19 +00:00
parent 7141e1c9b2
commit 320a5f0d9a
5 changed files with 7 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
roles/keycloak_quarkus/tasks/install.yml
View File

@@ -161,7 +161,7 @@
- name: "Copy private key to target"
ansible.builtin.copy:
src: "{{ keycloak_quarkus_key_file_src }}"
content: "{{ keycloak_quarkus_key_content }}"
dest: "{{ keycloak_quarkus_key_file }}"
owner: "{{ keycloak.service_user }}"
group: "{{ keycloak.service_group }}"
@@ -170,7 +170,7 @@
when:
- keycloak_quarkus_https_key_file_enabled is defined and keycloak_quarkus_https_key_file_enabled
- keycloak_quarkus_key_file_copy_enabled is defined and keycloak_quarkus_key_file_copy_enabled
- keycloak_quarkus_key_file_src | length > 0
- keycloak_quarkus_key_content | length > 0
- name: "Copy certificate to target"
ansible.builtin.copy: