homelab/roles/keycloak/tasks/main.yml

- name: run container
  docker_container:
    name: "keycloak"
    image: "quay.io/keycloak/keycloak"
    ports:
      - "8080:8080"
    networks:
      - name: external
      - name: postgres
      - name: openldap
    env:
      "KEYCLOAK_USER": "{{ vault_keycloak_user }}"
      "KEYCLOAK_PASSWORD": "{{ vault_keycloak_password }}"
      "DB_VENDOR": POSTGRES
      "DB_ADDR": postgres
      "DB_DATABASE": keycloak
      "DB_USER": keycloak
      "DB_SCHEMA": public
      "DB_PASSWORD": "{{ vault_postgres_keycloak_user_password }}"
      "PROXY_ADDRESS_FORWARDING": "true"
- name: copy nginx conf
  template:
    src: "keycloak.conf.j2"
    dest: "{{ data_folder }}/nginx/conf.d/{{ role_name}}.{{ base_domain }}.conf"
    mode: "755"
  notify: reload nginx