Lukáš Kucharczyk
c418b61ede
Create a single external network called "external". Create container-specific networks. Only a few containers need access to these. So far: openldap, postgres.
26 lines
762 B
YAML
26 lines
762 B
YAML
- name: run container
|
|
docker_container:
|
|
name: "keycloak"
|
|
image: "quay.io/keycloak/keycloak"
|
|
ports:
|
|
- "8080:8080"
|
|
networks:
|
|
- name: external
|
|
- name: postgres
|
|
- name: openldap
|
|
env:
|
|
"KEYCLOAK_USER": "{{ vault_keycloak_user }}"
|
|
"KEYCLOAK_PASSWORD": "{{ vault_keycloak_password }}"
|
|
"DB_VENDOR": POSTGRES
|
|
"DB_ADDR": postgres
|
|
"DB_DATABASE": keycloak
|
|
"DB_USER": keycloak
|
|
"DB_SCHEMA": public
|
|
"DB_PASSWORD": "{{ vault_postgres_keycloak_user_password }}"
|
|
"PROXY_ADDRESS_FORWARDING": "true"
|
|
- name: copy nginx conf
|
|
template:
|
|
src: "keycloak.conf.j2"
|
|
dest: "{{ data_folder }}/nginx/conf.d/{{ role_name}}.{{ base_domain }}.conf"
|
|
mode: "755"
|
|
notify: reload nginx |