init keycloak formular

2024-09-08 20:32:27 +02:00 · 2024-09-08 20:32:27 +02:00 · 006c8474bb
commit 006c8474bb
2 changed files with 66 additions and 0 deletions
--- a/keycloak/init.sls
+++ b/keycloak/init.sls
@ -0,0 +1,53 @@
+keycloak data directory exists:
+  file.directory:
+    - name: /opt/keycloak/pg_data
+    - makedirs: True
+
+keycloak_docker_net_present:
+  docker_network.present:
+    - name: keycloak
+
+keycloak_database_running:
+  docker_container.running:
+    - name: keycloak_postgres
+    - image: {{ salt['pillar.get']('postgres:image:path', 'docker.io/library/postgres') }}:{{ salt['pillar.get']('postgres:image:version', '16') }}
+    - container_name: keycloak_postgres
+    - environment:
+      - POSTGRES_DB: keycloak
+      - POSTGRES_USER: keycloak
+      - POSTGRES_PASSWORD: keycloak
+    - restart: always
+    - networks:
+      - keycloak
+    - binds:
+      - /opt/keycloak/pg_data:/var/lib/postgresql/data
+
+keycloak docker container running:
+  docker_container.running:
+    - name: keycloak
+    - image: {{ salt['pillar.get']('keycloak:image:path', 'quay.io/keycloak/keycloak') }}:{{ salt['pillar.get']('keycloak:image:version', '25.0') }}
+    - container_name: keycloak
+    - environment:
+      - KEYCLOAK_ADMIN: {{ salt['pillar.get']('keycloak:config:default:admin_user', 'admin') }}
+      - KEYCLOAK_ADMIN_PASSWORD: {{ salt['pillar.get']('keycloak:config:default:admin_password', 'admin') }}
+      - KC_DB: postgres
+      - KC_DB_URL: {{ salt['pillar.get']('keycloak:config:db:postgres_uri', '') }}
+      - KC_DB_PASSWORD: {{ salt['pillar.get']('keycloak:config:db:postgres_pwd', '') }}
+      - KC_DB_USER: {{ salt['pillar.get']('keycloak:config:db:postgres_user', 'keycloak') }}
+      - KC_HOSTNAME_STRICT: "{{ salt['pillar.get']('keycloak:config:default:hostname_strict', 'true') }}"
+      - KC_HOSTNAME: {{ salt['pillar.get']('keycloak:config:default:site', 'localhost') }}
+      - KC_HOSTNAME_PORT: {{ salt['pillar.get']('keycloak:config:default:port', '443') }}
+      - KC_PROXY: {{ salt['pillar.get']('keycloak:config:default:proxy', 'edge') }}
+      - KC_FEATURES: {{ salt['pillar.get']('keycloak:config:default:features', 'persistent-user-sessions') }}
+    - restart: always
+    - networks:
+      - keycloak
+      - bridge
+    - command:
+      - start
+    - binds:
+      - /etc/timezone:/etc/timezone:ro
+      - /etc/localtime:/etc/localtime:ro
+    - port_bindings:
+      - "{{ salt['pillar.get']('keycloak:container_web_port', "127.0.0.1:8080") }}:8080"
+
--- a/pillar.example
+++ b/pillar.example
@ -0,0 +1,13 @@
+keycloak:
+  container_web_port: "127.0.0.1:1234"
+  image:
+    path: quay.io/keycloak/keycloak
+    version: 25.0
+  config:
+    default:
+      hostname_strict: False
+      site: login.example.com
+    db:
+      postgres_uri: jdbc:postgresql://postgres:5432/keycloak
+      postgres_user: keycloak
+      postgres_pwd: keycloak