Install from controller node (local source)
Making the keycloak zip archive (or the RHSSO zip archive), available to the playbook repository root directory, and setting keycloak_offline_install True
Install from alternate sources (like corporate Nexus, artifactory, proxy, etc)
For RHSSO:
-keycloak_rhsso_enable : True keycloak_rhsso_download_url : "https://<internal-nexus.private.net>/<path>/<to>/rh-sso-x.y.z-server-dist.zip" sso_download_url : "https://<internal-nexus.private.net>/<path>/<to>/rh-sso-x.y.z-server-dist.zip" For keycloak:
-keycloak_rhsso_enable : False keycloak_download_url : "https://<internal-nexus.private.net>/<path>/<to>/keycloak-x.y.zip" keycloak_download_url : "https://<internal-nexus.private.net>/<path>/<to>/keycloak-x.y.zip"
`_
- keycloak_quarkus: use absolute path for certificate files `#39 `_
Bugfixes
diff --git a/main/_sources/README.md.txt b/main/_sources/README.md.txt
index d341f58..75775d7 100644
--- a/main/_sources/README.md.txt
+++ b/main/_sources/README.md.txt
@@ -59,28 +59,6 @@ Both playbooks include the `keycloak` role, with different settings, as describe
For full service configuration details, refer to the [keycloak role README](https://github.com/ansible-middleware/keycloak/blob/main/roles/keycloak/README.md).
-### Choosing between upstream project (Keycloak) and Red Hat Single Sign-On (RHSSO)
-
-The general flag `keycloak_rhsso_enable` controls what to install between upstream (Keycloak, when `False`) or Red Hat Single Sign-On (when `True`).
-The default value for the flag if `True` when Red Hat Network credentials are defined, `False` otherwise.
-
-
-#### Install upstream (Keycloak) from keycloak releases
-
-This is the default approach when RHN credentials are not defined. Keycloak is downloaded from keycloak builds (hosted on github.com) locally, and distributed to target nodes.
-
-
-#### Install RHSSO from the Red Hat Customer Support Portal
-
-Define the credentials as follows, and the default behaviour is to download a fresh archive of RHSSO on the controller node, then distribute to target nodes.
-
-```yaml
-rhn_username: ''
-rhn_password: ''
-# (keycloak_rhsso_enable defaults to True)
-```
-
-
#### Install from controller node (local source)
Making the keycloak zip archive (or the RHSSO zip archive), available to the playbook repository root directory, and setting `keycloak_offline_install` to `True`, allows to skip
@@ -101,14 +79,12 @@ And depending on `keycloak_rhsso_enable`:
For RHSSO:
```yaml
-keycloak_rhsso_enable: True
-keycloak_rhsso_download_url: "https://///rh-sso-x.y.z-server-dist.zip"
+sso_download_url: "https://///rh-sso-x.y.z-server-dist.zip"
```
For keycloak:
```yaml
-keycloak_rhsso_enable: False
keycloak_download_url: "https://///keycloak-x.y.zip"
```
diff --git a/main/_sources/plugins/index.rst.txt b/main/_sources/plugins/index.rst.txt
new file mode 100644
index 0000000..ec2f800
--- /dev/null
+++ b/main/_sources/plugins/index.rst.txt
@@ -0,0 +1,53 @@
+
+
+
+.. _plugins_in_middleware_automation.keycloak:
+
+Middleware_Automation.Keycloak
+==============================
+
+Collection version 1.0.7
+
+.. contents::
+ :local:
+ :depth: 1
+
+Description
+-----------
+
+Install and configure a keycloak, or Red Hat Single Sign-on, service.
+
+**Authors:**
+
+* Romain Pelisse
+* Guido Grazioli
+* Pavan Kumar Motaparthi
+
+.. raw:: html
+
+
+ Issue Tracker
+ Repository (Sources)
+
+
+
+
+.. toctree::
+ :maxdepth: 1
+
+
+Plugin Index
+------------
+
+There are no plugins in the middleware_automation.keycloak collection with automatically generated documentation.
+
+
+
+.. seealso::
+
+ List of :ref:`collections ` with docs hosted here.
+
+.. toctree::
+ :maxdepth: 1
+ :hidden:
+
diff --git a/main/_sources/roles/keycloak.md.txt b/main/_sources/roles/keycloak.md.txt
index 71787b1..0f3d198 100644
--- a/main/_sources/roles/keycloak.md.txt
+++ b/main/_sources/roles/keycloak.md.txt
@@ -74,16 +74,11 @@ Role Defaults
| Variable | Description | Default |
|:---------|:------------|:---------|
-|`keycloak_rhsso_enable`| Enable Red Hat Single Sign-on installation | `False` |
|`keycloak_offline_install` | perform an offline install | `False`|
|`keycloak_download_url`| Download URL for keycloak | `https://github.com/keycloak/keycloak/releases/download//`|
-|`keycloak_rhsso_download_url`| Download URL for RHSSO | `https://access.redhat.com/jbossnetwork/restricted/softwareDownload.html?softwareId=`|
|`keycloak_version`| keycloak.org package version | `15.0.2` |
-|`keycloak_rhsso_version`| RHSSO version | `7.5.0` |
-|`keycloak_rhsso_apply_patches`| Install RHSSO more recent cumulative patch | `False` |
|`keycloak_dest`| Installation root path | `/opt/keycloak` |
|`keycloak_download_url` | Download URL for keycloak | `https://github.com/keycloak/keycloak/releases/download/{{ keycloak_version }}/{{ keycloak_archive }}` |
-|`keycloak_rhn_url` | Base download URI for customer portal | `https://access.redhat.com/jbossnetwork/restricted/softwareDownload.html?softwareId=` |
|`keycloak_configure_firewalld` | Ensure firewalld is running and configure keycloak ports | `False` |
@@ -94,9 +89,6 @@ Role Defaults
|`keycloak_archive` | keycloak install archive filename | `keycloak-{{ keycloak_version }}.zip` |
|`keycloak_download_url_9x` | Download URL for keycloak (deprecated) | `https://downloads.jboss.org/keycloak/{{ keycloak_version }}/{{ keycloak_archive }}` |
|`keycloak_installdir` | Installation path | `{{ keycloak_dest }}/keycloak-{{ keycloak_version }}` |
-|`keycloak_rhsso_archive` | Red Hat SSO install archive filename | `rh-sso-{{ keycloak_rhsso_version }}-server-dist.zip` |
-|`keycloak_rhsso_installdir`| Installation path for Red Hat SSO | `{{ keycloak_dest }}/rh-sso-{{ keycloak_rhsso_version | regex_replace('^([0-9])\.([0-9]*).*', '\1.\2') }}` |
-|`keycloak_rhsso_download_url`| Full download URI for Red Hat SSO | `{{ keycloak_rhn_url }}{{ rhsso_rhn_id }}` |
|`keycloak_jboss_home` | Installation work directory | `{{ keycloak_rhsso_installdir if keycloak_rhsso_enable else keycloak_installdir }}` |
|`keycloak_config_dir` | Path for configuration | `{{ keycloak_jboss_home }}/standalone/configuration` |
|`keycloak_config_path_to_standalone_xml` | Custom path for configuration | `{{ keycloak_jboss_home }}/standalone/configuration/{{ keycloak_config_standalone_xml }}` |
@@ -106,7 +98,6 @@ Role Defaults
|`keycloak_force_install` | Remove pre-existing versions of service | `False` |
|`keycloak_url` | URL for configuration rest calls | `http://{{ keycloak_host }}:{{ keycloak_http_port }}` |
|`keycloak_management_url` | URL for management console rest calls | `http://{{ keycloak_host }}:{{ keycloak_management_http_port }}` |
-|`rhsso_rhn_id` | Customer Portal product ID for Red Hat SSO | `{{ rhsso_rhn_ids[keycloak_rhsso_version].id }}` |
Role Variables
@@ -126,13 +117,13 @@ The following variables are _required_ only when `keycloak_ha_enabled` is True:
|:---------|:------------|:---------|
|`keycloak_modcluster_url` | URL for the modcluster reverse proxy | `localhost` |
|`keycloak_jdbc_engine` | backend database engine when db is enabled: [ postgres, mariadb ] | `postgres` |
-|`infinispan_url` | URL for the infinispan remote-cache server | `localhost:11122` |
-|`infinispan_user` | username for connecting to infinispan | `supervisor` |
-|`infinispan_pass` | password for connecting to infinispan | `supervisor` |
-|`infinispan_sasl_mechanism`| Authentication type | `SCRAM-SHA-512` |
-|`infinispan_use_ssl`| Enable hotrod TLS communication | `False` |
-|`infinispan_trust_store_path`| Path to truststore with infinispan server certificate | `/etc/pki/java/cacerts` |
-|`infinispan_trust_store_password`| Password for opening truststore | `changeit` |
+|`keycloak_infinispan_url` | URL for the infinispan remote-cache server | `localhost:11122` |
+|`keycloak_infinispan_user` | username for connecting to infinispan | `supervisor` |
+|`keycloak_infinispan_pass` | password for connecting to infinispan | `supervisor` |
+|`keycloak_infinispan_sasl_mechanism`| Authentication type | `SCRAM-SHA-512` |
+|`keycloak_infinispan_use_ssl`| Enable hotrod TLS communication | `False` |
+|`keycloak_infinispan_trust_store_path`| Path to truststore with infinispan server certificate | `/etc/pki/java/cacerts` |
+|`keycloak_infinispan_trust_store_password`| Password for opening truststore | `changeit` |
The following variables are _required_ only when `keycloak_db_enabled` is True:
@@ -145,12 +136,9 @@ The following variables are _required_ only when `keycloak_db_enabled` is True:
|`keycloak_db_pass` | password for connecting to postgres | `keycloak-pass` |
-Example Playbooks
+Example Playbook
-----------------
-_NOTE_: use ansible vaults or other security systems for storing credentials.
-
-
* The following is an example playbook that makes use of the role to install keycloak from remote:
```yaml
@@ -164,27 +152,6 @@ _NOTE_: use ansible vaults or other security systems for storing credentials.
- middleware_automation.keycloak.keycloak
```
-* The following is an example playbook that makes use of the role to install Red Hat Single Sign-On from RHN:
-
-```yaml
----
-- name: Playbook for RHSSO
- hosts: keycloak
- collections:
- - middleware_automation.redhat_csp_download
- roles:
- - redhat_csp_download
- tasks:
- - name: Keycloak Role
- include_role:
- name: keycloak
- vars:
- keycloak_admin_password: "remembertochangeme"
- keycloak_rhsso_enable: True
- rhn_username: ''
- rhn_password: ''
-```
-
* The following example playbook makes use of the role to install keycloak from the controller node:
@@ -203,45 +170,6 @@ _NOTE_: use ansible vaults or other security systems for storing credentials.
# This should be the filename of keycloak archive on Ansible node: keycloak-16.1.0.zip
```
-
-* This playbook installs Red Hat Single Sign-On from an alternate url:
-
-```yaml
----
-- hosts: keycloak
- collections:
- - middleware_automation.keycloak
- tasks:
- - name: Keycloak Role
- include_role:
- name: keycloak
- vars:
- keycloak_admin_password: "remembertochangeme"
- keycloak_rhsso_enable: True
- keycloak_rhsso_download_url: ""
- # This should be the full of remote source rhsso zip file and can contain basic authentication credentials
-```
-
-
-* The following is an example playbook that makes use of the role to install Red Hat Single Sign-On offline from the controller node, and apply latest cumulative patch:
-
-```yaml
----
-- hosts: keycloak
- collections:
- - middleware_automation.keycloak
- tasks:
- - name: Keycloak Role
- include_role:
- name: keycloak
- vars:
- keycloak_admin_password: "remembertochangeme"
- keycloak_rhsso_enable: True
- keycloak_offline_install: True
- keycloak_rhsso_apply_patches: True
- # This should be the filename of rhsso zip file on Ansible node: rh-sso-7.5-server-dist.zip
-```
-
License
-------
diff --git a/main/_sources/roles/keycloak_realm.md.txt b/main/_sources/roles/keycloak_realm.md.txt
index 91e6b8f..1a5709c 100644
--- a/main/_sources/roles/keycloak_realm.md.txt
+++ b/main/_sources/roles/keycloak_realm.md.txt
@@ -15,7 +15,6 @@ Role Defaults
|`keycloak_http_port`| HTTP port | `8080` |
|`keycloak_https_port`| TLS HTTP port | `8443` |
|`keycloak_auth_realm`| Name of the main authentication realm | `master` |
-|`keycloak_rhsso_enable`| Define service is an upstream(Keycloak) or RHSSO | `master` |
|`keycloak_management_http_port`| Management port | `9990` |
|`keycloak_auth_client`| Authentication client for configuration REST calls | `admin-cli` |
|`keycloak_client_public`| Configure a public realm client | `True` |
diff --git a/main/developing.html b/main/developing.html
index fe65ce2..96fb51b 100644
--- a/main/developing.html
+++ b/main/developing.html
@@ -42,6 +42,7 @@
User documentation
Developer documentation
diff --git a/main/genindex.html b/main/genindex.html
index 91b142f..512ed74 100644
--- a/main/genindex.html
+++ b/main/genindex.html
@@ -39,6 +39,7 @@
User documentation
Developer documentation
diff --git a/main/index.html b/main/index.html
index 09c0436..e5dc934 100644
--- a/main/index.html
+++ b/main/index.html
@@ -41,6 +41,7 @@
User documentation
Developer documentation
@@ -92,6 +93,11 @@
License Middleware_Automation.Keycloak
+Role Index
keycloak keycloak_quarkus Middleware_Automation.Keycloak — Keycloak Ansible Collection documentation
+
+
+
+
+
+
+ Keycloak Ansible Collection
+
+
+
+
+
+
+
+
+
+Middleware_Automation.Keycloak
+Collection version 1.0.7
+
+
+
+
+There are no plugins in the middleware_automation.keycloak collection with automatically generated documentation.
+
+
See also
+
List of collections
+
+
+
+
+
+
+
+
+
+
+
+
User documentation
Developer documentation
diff --git a/main/roles/index.html b/main/roles/index.html
index 4d1864b..5f9bccd 100644
--- a/main/roles/index.html
+++ b/main/roles/index.html
@@ -21,7 +21,7 @@
User documentation
diff --git a/main/roles/keycloak.html b/main/roles/keycloak.html
index 5cd952c..6d5ee88 100644
--- a/main/roles/keycloak.html
+++ b/main/roles/keycloak.html
@@ -42,6 +42,7 @@
User documentation